CISPA
Browse
cispa_all_3996.pdf (1.42 MB)

Investigating Security Folklore: A Case Study on the Tor over VPN Phenomenon

Download (1.42 MB)
Users face security folklore in their daily lives in the form of security advice, myths, and word-of-mouth stories. Using a VPN to access the Tor network, i.e., Tor over VPN, is an interesting example of security folklore because of its inconclusive security benefits and its occurrence in pop-culture media. Following the Theory of Reasoned Action, we investigated the phenomenon with three studies: (1) we quantified the behavior on real-world Tor traffic and measured a prevalence of 6.23%; (2) we surveyed users' intentions and beliefs, discovering that they try to protect themselves from the Tor network or increase their general security; and (3) we analyzed online information sources, suggesting that perceived norms and ease-of-use play a significant role while behavioral beliefs about the purpose and effect are less crucial in spreading security folklore. We discuss how to communicate security advice effectively and combat security misinformation and misconceptions.

History

Preferred Citation

Matthias Fassl, Alexander Ponticello, Adrian Dabrowski and Katharina Krombholz. Investigating Security Folklore: A Case Study on the Tor over VPN Phenomenon. In: Proceedings of the ACM on Human-Computer Interaction. 2023.

Name of Conference

Proceedings of the ACM on Human-Computer Interaction

Legacy Posted Date

2023-07-25

Open Access Type

  • Green

BibTeX

@article{cispa_all_3996, title = "Investigating Security Folklore: A Case Study on the Tor over VPN Phenomenon", author = "Fassl, Matthias and Ponticello, Alexander and Dabrowski, Adrian and Krombholz, Katharina", journal="{Proceedings of the ACM on Human-Computer Interaction}", year="2023", }

Usage metrics

    Categories

    No categories selected

    Keywords

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC