Workshop on Security and Human Behaviour (SHB 2022)

May 30-31, Cambridge – Working papers

SHB is sponsored by the Cambridge Cybercrime Centre, Google and the NSF. Those coming in person are in bold; the others will be zooming in. The schedule is here.

  • Yasemin Acar, Hannover: Comparing the Usability of Cryptographic APIs; You Get Where You’re Looking For
  • Alessandro Acquisti, CMU: Secrets and Likes: The Drive for Privacy and the Difficulty of Achieving It in the Digital Age; How privacy’s past may shape its future
  • Sadia Afroz, ICSI, UC Berkeley: Quantifying the Collateral Damage of IP Blacklisting
  • Luca Allodi, Eindhoven: A Review of Cognition in Social Engineering Research, On the Market Proliferation of Offensive Cyber Capabilities
  • Ross Anderson, Cambridge and Edinburgh: Silicon Den: Cybercrime is Entrepreneurship; Situational Awareness and Machine Learning – Robots, Manners and Stress
  • Robert Axelrod, Michigan: Vengeance and Cyber Conflict
  • Maria Bada, QMUL: Profiling the Cybercriminal: A Systematic Review of Research, Developing cybersecurity education and awareness programmes for small and medium-sized enterprises
  • Zinaida Benenson, Erlangen: Long-Term Observation on Browser Fingerprinting: Users' Trackability and Perspective, Security Managers Are Not The Enemy Either
  • Nicholas Boucher, Cambridge
  • Maria Brincker, University of Massachussetts: Disoriented and alone in the "experience machine"
  • Jean Camp, Indiana: Measuring human resilience in the face of the global epidemiology of cyber attacks; and Cross-National Study on Phishing Resilience
  • Nicolas Christin: How Do Home Computer Users Browse The Web?
  • Yi Ting Chua, Alabama: ExtremeBB: Enabling Large-Scale Research into Extremism, the Manosphere and Their Correlation by Online Forum Data; and
  • Richard Clayton, Cambridge: Booting the booters: Evaluating the effects of police interventions in the market for Denial-of-Service attacks; Cybercrime is (often) boring: Maintaining the infrastructure of cybercrime economies
  • Ben Collier, Edinburgh: Influence government: Exploring practices, ethics, and power in the use of targeted advertising by the UK state; Privacy Worlds: Exploring Values and Design in the Development of the Tor Anonymity Network
  • Cassandra Cross, Queensland University of Technology: The reporting experiences and support needs of victims of online fraud, Reflections on the reporting of fraud in Australia
  • Ahana Datta, UCL: Governments of the world just ramped up spying on reporters
  • Judith Donath, Harvard: The Ethical Use of Powerful Words and Persuasive Machines
  • Serge Egelman, Berkeley: The Curious Case of Coulus Coelib, A Promise Is A Promise: The Effect Of Commitment Devices On Computer Security Intentions
  • Christian Eichenmüller, Erlangen: Geographies of “digital governmentality”: Platform-based governing through adaptive environments
  • Jeremy Epstein, NSF
  • Shannon French, Case Western: War and Technology: Should Data Decide Who Lives, Who Dies?, Artificial Intelligence in Military Decision-Making
  • Vaibhav Garg, Comcast: Covenants without the sword, Hidden Risk of Unpopularity in Open Source
  • Peter Grabosky, ANU: Learning from Friends, Learning from Enemies: Technology Transfers and Excesses of the State
  • Jens Grossklags, TU Muenchen: The Right to Data Portability: conception, status quo, and future directions
  • Jonas Hielscher, Bochum: “Taking out the Trash”: Why Security Behavior Change requires Intentional Forgetting, Why IT Security Needs Therapy
  • Tom Holt, Michigan State: An analysis of jihadi cyberattacks reported in the extremist cybercrime database (ECCD)
  • Nick Humphrey
  • Alice Hutchings, Cambridge: Booting the Booters: Evaluating the effects of police interventions in the market for denial-of-service attacks, Taking down websites to prevent crime
  • Frank Krueger, GMU: Specialty Grand Challenge Article- Social Neuroergonomics, Toward a Model of Interpersonal Trust Drawn from Neuroscience, Psychology, and Economics
  • Susan Landau, Tufts: Categorizing Uses of Communications Metadata: Systematizing Knowledge and Presenting a Path for Privacy
  • Anita Lavorgna, Southampton: To app or not to app? Understanding public resistance in using COVID-19 digital contact tracing
  • Eliot Lear, Cisco
  • Michael Levi, Cardiff: Fraud and its relationship to pandemics and economic crises: from Spanish flu to COVID-19
  • Jonathan Leader Maynard, KCL: Ideology and Armed Conflict, Ideology and Mass Killing
  • Damon McCoy, NYU: An Audit of Facebook's Political Ad Policy Enforcement; Understanding Engagement with U.S. (Mis)Information Sources on Facebook
  • Maryam Mehrnezhad, Newcastle: How Can and Would People Protect From Online Tracking?; "I feel invaded, annoyed, anxious and I may protect myself"
  • Alan Mislove, Northeastern: Ad delivery algorithms: The Hidden Arbiters of Political Messaging; Discrimination through Optimization:How Facebook’s Ad Delivery Can Lead to Biased Outcomes
  • Steven Murdoch, UCL: Evidence-critical systems, Designing for Dispute Resolution
  • Simon Parkin, Delft: Change that Respects Business Expertise: Stories as Prompts for a Conversation about Organisation Security; The Thing Doesn’t Have a Name”: Learning from Emergent Real-World Interventions in Smart Home Security
  • Sergio Pastrana Portillo, Madrid: A methodology for large-scale identification of related accounts in underground forums; Towards Improving Code-Stylometry Analysis in Underground Forums
  • Awais Rashid, Bristol: So If Mr Blue Head Here Clicks the Link..., "Do this! Do that! And nothing will happen": Do specifications lead to securely stored passwords?
  • Elissa Redmiles, Microsoft Research: The Need for Respectful Technologies: Going Beyond Privacy; Field Evidence of the Effects of Pro-sociality and Transparency on COVID-19 App Attractiveness
  • Bruce Schneier, Harvard Kennedy School: The Coming AI Hackers
  • David Livingstone Smith, UNE: Selection for Oppression: Where Evolutionary Biology Meets Political Philosophy, Unnatural Bodies: Disability as Metaphysical Threat
  • Leonie Tanczer, UCL: 'I Feel Like We're Really Behind the Game': Perspectives of the United Kingdom's Intimate Partner Violence Support Sector on the Rise of Technology-Facilitated Abuse, Using Machine Learning Methods to Study Technology-Facilitated Abuse: Evidence from the Analysis of UK Crimestoppers’ Text Data
  • Daniel Thomas, Strathclyde: Evaluating the effects of police interventions in the market for Denial-of-Service attacks; Ethical issues in research using datasets of illicit origin
  • Sophie van der Zee, Erasmus University Rotterdam: Copycat and a liar: Nonverbal mimicry increases under the cognitive load of lying, A Personal Model of Trumpery: Linguistic Deception Detection in a Real-World High-Stakes Setting
  • Tony Vance, Virginia Tech: Inexpert Supervision: A Study on Boards of Directors' Oversight of Cybersecurity, The Security Team at the Top: The Board of Directors
  • Kami Vaniea, Edinburgh: I Don't Need an Expert! Making URL Phishing Features Human Comprehensible, Understanding Privacy-Related Questions on Stack Overflow
  • Marie Vasek, UCL: An Examination of the Cryptocurrency Pump and Dump Ecosystem
  • Rick Wash, Michigan State: How Experts Detect Phishing Scam Emails, How Non-Experts Try to Detect Phishing Scam Emails, Prioritizing Security Over Usability: Strategies for How People Choose Passwords
  • Lydia Wilson, Cambridge: Rewriting the narrative – territorial loss and the rebirth of ISIS; Prince Hassan's Progress, What I Discovered From Interviewing Imprisoned ISIS Fighters; Understanding the Appeal of ISIS
  • Pam Wisniewski, UCF: Instagram Data Donation: A Case Study on Collecting Ecologically Valid Social Media Data for the Purpose of Adolescent Online Risk Detection, MOSafely: Building an Open Source HCAI Community to Make the Internet a Safer Place for Youth
  • Jeff Yan, Strathclyde: Gender Bias in Password Managers

    Registration: the workshop is invitational and numbers are limited. Invitations are now closed.

    This is the fifteenth SHB. Here are links to the liveblog, papers and audio recordings for the previous workshops: 2021, 2020, 2019, 2018, 2017, 2016, 2015, 2014, 2013, 2012, 2011, 2010, 2009 and 2008.