Conference Proceeding Article
Malware continues to thrive on the Internet. Besides automated mechanisms for detecting malware, we provide users with trust evidence information to enable them to make informed trust decisions. To scope the problem, we study the challenge of assisting users with judging the trustworthiness of software downloaded from the Internet. Through expert elicitation, we deduce indicators for trust evidence, then analyze these indicators with respect to scalability and robustness. We design OTO, a system for communicating these trust evidence indicators to users, and we demonstrate through a user study the effectiveness of OTO, even with respect to IE’s SmartScreen Filter (SSF). The results from the between-subjects experiment with 58 participants confirm that the OTO interface helps people make correct trust decisions compared to the SSF interface regardless of their security knowledge, education level, occupation, age, or gender.
User Interfaces for Security, Human Factors, Trust Evidence, Software Download, Trust Validation for Uncertified Software
Information Security and Trust
Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS 2012)
City or Country
KIM, Tiffany Hyun-Jin; GUPTA, Payas; HAN, Jun; Owusu, Emmanuel; Hong, Jason; Perrig, Adrian; and GAO, Debin.
OTO: Online Trust Oracle for User-Centric Trust Establishment. (2012). Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS 2012). 391-403. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/1701