Using reinforcement to strengthen users' secure behaviors

Conference on Human Factors in Computing Systems - Proceedings

Volumn 1, Issue , 2010, Pages 363-372

  Villamarín Salomón, Ricardo Mark ^a   Brustoloni, José Carlos ^a  

^a UNIVERSITY OF PITTSBURGH   (United States)

Author keywords

audited dialogs; context sensitive guidance; observational learning; operant conditioning; polymorphic dialogs; security reinforcing application; social learning theory; vicarious learning; vicarious security reinforcement

Indexed keywords

CONTEXT-SENSITIVE; OBSERVATIONAL LEARNING; OPERANT CONDITIONING; SECURITY-REINFORCING APPLICATION; SOCIAL LEARNING THEORY; VICARIOUS LEARNING;

HUMAN ENGINEERING;

REINFORCEMENT;

EID: 77954000731     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1753326.1753382     Document Type: Conference Paper

References (21)

1. A. Adams, and M.A. Sasse, "Users are not the enemy. Why users compromise computer security mechanisms and how to take remedial measures," Communications of the ACM, vol. 42, no. 12, 1999, pp. 40-46.
2. A. Bandura, Social learning theory, Prentice-Hall, 1977.
3. A.P. Goldstein, and M. Sorcher, Changing supervisor behavior, Pergamon Press, 1974.
4. B. Klimt, and Y. Yang, "Introducing the Enron corpus," in Proc. CEAS, 2004.
5. B.F. Skinner, "Operant behavior," American Psychologist, vol. 18, no. 8, 1963, pp. 503-515.
6. B.F. Skinner, Science and human behavior, Macmillan Pub Co, 1953.
7. C.B. Ferster, and B.F. Skinner, Schedules of reinforcement, Appleton-Century-Crofts, 1957.
8. G.P. Latham, and L.M. Saari, "Application of social-learning theory to training supervisors through behavioral modeling," Journal of Applied Psychology, vol. 64, no. 3, 1979, pp. 239-246.
9. H. Xia, and J.C. Brustoloni, "Hardening Web browsers against man-in-the-middle and eavesdropping attacks," in proc. WWW, ACM, 2005, pp. 489-498.
10. J. Cameron, & W.D. Pierce, Rewards and intrinsic motivation: Resolving the controversy, Bergin & Garvey, 2002
11. J. Sunshine, S. Egelman, H. Almuhimedi, N. Atri, & L. Cranor, "Crying Wolf: An Empirical Study of SSL Warning Effectiveness," in Proc. USENIX Security 2009
12. J.C. Brustoloni, and R. Villamarín-Salomón, "Improving security decisions with polymorphic and audited di-alogs," in Proc. SOUPS, 2007, pp. 76-85.
13. M.A. Sasse, and I. Flechais, "Usable Security: Why do we need it? How do we get it," in Security and Usability: Designing Secure Systems That People Can Use, L. Cranor, and S. Garfinkel eds., O'Reilly, 2005, pp. 13-30.
14. N.A. Macmillan, and C.D. Creelman, Detection theory: A user's guide, Cambridge University Press, 1991.
15. P. Kumaraguru, Y. Rhee, S. Sheng, S. Hasan, A. Acquisti, L.F. Cranor, and J. Hong, "Getting users to pay attention to anti-phishing education: evaluation of retention and transfer," in Proc. APWG's annual eCrime researchers summit, 2007, pp. 70-81.
16. P.J. Decker, "The enhancement of behavior modeling training of supervisory skills by the inclusion of retention processes," Personnel psychology, vol. 35, no. 2, 1982
17. P.W. Dowrick, Practical guide to using video in the behavioral sciences, Wiley New York, 1991.
18. R.G. Miltenberger, Behavior modification: Principles and procedures, Cole Publishing Company, 1997.
19. S. Egelman, L.F. Cranor, and J. Hong, "You've Been Warned: An Empirical Study of the Effectiveness of Web Browser Phishing Warnings," in Proc. CHI, 2008.
20. S. Sheng, B. Magnien, P. Kumaraguru, A. Acquisti, L.F. Cranor, J. Hong, and E. Nunge, "Anti-Phishing Phil: the design and evaluation of a game that teaches people not to fall for phish," in Proc. SOUPS 2007, pp. 88-99.
21. VSR intervention; http://vsr.securityconditioning.org