Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

10-2012

Abstract

Malware continues to thrive on the Internet. Besides automated mechanisms for detecting malware, we provide users with trust evidence information to enable them to make informed trust decisions. To scope the problem, we study the challenge of assisting users with judging the trustworthiness of software downloaded from the Internet. Through expert elicitation, we deduce indicators for trust evidence, then analyze these indicators with respect to scalability and robustness. We design OTO, a system for communicating these trust evidence indicators to users, and we demonstrate through a user study the effectiveness of OTO, even with respect to IE’s SmartScreen Filter (SSF). The results from the between-subjects experiment with 58 participants confirm that the OTO interface helps people make correct trust decisions compared to the SSF interface regardless of their security knowledge, education level, occupation, age, or gender.

Keywords

User Interfaces for Security, Human Factors, Trust Evidence, Software Download, Trust Validation for Uncertified Software

Discipline

Information Security

Research Areas

Information Security and Trust

Publication

Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS 2012)

First Page

391

Last Page

403

ISBN

9781450316514

Identifier

10.1145/2382196.2382239

Publisher

ACM

City or Country

Raleigh, NC

Copyright Owner and License

LARC

Additional URL

http://dx.doi.org/10.1145/2382196.2382239

Download

Share

COinS