Experts often design security and privacy technology with specific use cases and threat models in mind.
In practice however, end users are not aware of these
threats and potential countermeasures. Furthermore, misconceptions about the benefits and limitations of security
and privacy technology inhibit large-scale adoption by end
users. In this paper, we address this challenge and contribute
a qualitative study on end users’ and security experts’ perceptions of threat models and potential countermeasures. We
follow an inductive research approach to explore perceptions
and mental models of both security experts and end users.
We conducted semi-structured interviews with 8 security experts and 13 end users. Our results suggest that in contrast to
security experts, end users neglect acquaintances and friends
as attackers in their threat models. Our findings highlight
that experts value technical countermeasures whereas end
users try to implement trust-based defensive methods.
History
Preferred Citation
Simon Anell, Lea Gröber and Katharina Krombholz. End User and Expert Perceptions of Threats and Potential Countermeasures. In: IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). 2020.
Primary Research Area
Empirical and Behavioral Security
Name of Conference
IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
Legacy Posted Date
2020-11-30
Open Access Type
Unknown
BibTeX
@inproceedings{cispa_all_3299,
title = "End User and Expert Perceptions of Threats and Potential Countermeasures",
author = "Anell, Simon and Gröber, Lea and Krombholz, Katharina",
booktitle="{IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)}",
year="2020",
}