skip to main content

Explore Research Products in the NSF-PAR

Title: Behavior control-based approach to influencing user's cybersecurity actions using mobile news app
In this paper, we propose that the theory of planned behavior (TPB) with the additional factors of awareness and context-based information can be used to positively influence users' cybersecurity behavior. A research model based on TPB is developed and validated using a user study. As a proof-of-concept, we developed a mobile cybersecurity news app that incorporates context-based information such as location, search history, and usage information of other mobile apps into its article recommendations and warning notifications to address user awareness better. Through a survey of 100 participants, the proposed research model was validated, and it was confirmed that context-based information positively influences users' awareness in cybersecurity.  more » « less
Award ID(s):
1757945
NSF-PAR ID:
10226175
Author(s) / Creator(s):
; ; ; ;
Date Published:
Journal Name:
The 36th Annual ACM Symposium on Applied Computing
Page Range / eLocation ID:
912 to 915
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ( , UMAP ’21, June 21–25, 2021, Utrecht, Netherlands © 2021 Association for Computing Machinery.)
    null (Ed.)
    To account for privacy perceptions and preferences in user models and develop personalized privacy systems, we need to understand how users make privacy decisions in various contexts. Existing studies of privacy perceptions and behavior focus on overall tendencies toward privacy, but few have examined the context-specific factors in privacy decision making. We conducted a survey on Mechanical Turk (N=401) based on the theory of planned behavior (TPB) to measure the way users’ perceptions of privacy factors and intent to disclose information are affected by three situational factors embodied hypothetical scenarios: information type, recipients’ role, and trust source. Results showed a positive relationship between subjective norms and perceived behavioral control, and between each of these and situational privacy attitude; all three constructs are significantly positively associated with intent to disclose. These findings also suggest that, situational factors predict participants’ privacy decisions through their influence on the TPB constructs. 
    more » « less
  2. ; ; ; ( , Journal of Cybersecurity)
    null (Ed.)
    Abstract Smartphone location sharing is a particularly sensitive type of information disclosure that has implications for users’ digital privacy and security as well as their physical safety. To understand and predict location disclosure behavior, we developed an Android app that scraped metadata from users’ phones, asked them to grant the location-sharing permission to the app, and administered a survey. We compared the effectiveness of using self-report measures commonly used in the social sciences, behavioral data collected from users’ mobile phones, and a new type of measure that we developed, representing a hybrid of self-report and behavioral data to contextualize users’ attitudes toward their past location-sharing behaviors. This new type of measure is based on a reflective learning paradigm where individuals reflect on past behavior to inform future behavior. Based on data from 380 Android smartphone users, we found that the best predictors of whether participants granted the location-sharing permission to our app were: behavioral intention to share information with apps, the “FYI” communication style, and one of our new hybrid measures asking users whether they were comfortable sharing location with apps currently installed on their smartphones. Our novel, hybrid construct of self-reflection on past behavior significantly improves predictive power and shows the importance of combining social science and computational science approaches for improving the prediction of users’ privacy behaviors. Further, when assessing the construct validity of the Behavioral Intention construct drawn from previous location-sharing research, our data showed a clear distinction between two different types of Behavioral Intention: self-reported intention to use mobile apps versus the intention to share information with these apps. This finding suggests that users desire the ability to use mobile apps without being required to share sensitive information, such as their location. These results have important implications for cybersecurity research and system design to meet users’ location-sharing privacy needs. 
    more » « less
  3. ; ; ; ; ( , IEEE Workshop on the Internet of Safe Things (SafeThings 2019))
    Personalized IoT adapt their behavior based on contextual information, such as user behavior and location. Unfortunately, the fact that personalized IoT adapt to user context opens a side-channel that leaks private information about the user. To that end, we start by studying the extent to which a malicious eavesdropper can monitor the actions taken by an IoT system and extract user’s private information. In particular, we show two concrete instantiations (in the context of mobile phones and smart homes) of a new category of spyware which we refer to as Context-Aware Adaptation Based Spyware (SpyCon). Experimental evaluations show that the developed SpyCon can predict users’ daily behavior with an accuracy of 90.3%. Being a new spyware with no known prior signature or behavior, traditional spyware detection that is based on code signature or system behavior are not adequate to detect SpyCon. We discuss possible detection and mitigation mechanisms that can hinder the effect of SpyCon. 
    more » « less
  4. ; ( , Proceedings of the 2020 IISE Annual Conference)
    Cromarty, L. ; Shirwaiker, R ; Wang, P. (Ed.)
    When natural disasters occur, unaffiliated volunteers are inspired to help within their community and are known as spontaneous volunteers (SVs). Our research seeks to understand SV convergence as it relates to individual SV motivation, engagement, and decision making. We developed an agent-based model in AnyLogic to simulate the decision-making process of potential SV agents during disasters and how it affects volunteer response. Internal motivation is indicative of an agent’s willingness to volunteer, which was modeled by the Theory of Planned Behavior (TPB). We alter motivational factors to assess how they impact SV participation. We examine SV engagement by exploring targeted versus random messaging from volunteer sites to agents. Agents select volunteer sites based on information sharing policies common within the social network literature. Results show that a site choice decision based on connections (friends) negatively influenced demand completion. Alternatively, having pre-existing confidence in abilities and non-targeted volunteer site to agent messaging positively influences the number of participating SVs and therefore decreases demand most significantly over a 30-day period. 
    more » « less
  5. ; ( , Journal of Mechanical Design)
    null (Ed.)
    Abstract Clean technologies aim to address climatic, environmental, and health concerns associated with their conventional counterparts. However, such technologies achieve these goals only if they are adopted by users and effectively replace conventional practices. Despite the important role that users play to accomplish these goals by making decisions whether to adopt such clean alternatives or not, currently, there is no systematic framework for quantitative integration of the behavioral motivations of users during the design process for these technologies. In this study, the theory of planned behavior (TPB) is integrated with usage-context-based design to provide a holistic approach for predicting the market share of clean versus conventional product alternatives based on users’ personal beliefs, social norms, and perception of behavioral control. Based on the mathematical linkage of the model components, technology design attributes can then be adjusted, resulting in the design of products that are more in line with users’ behavioral intentions, which can lead to higher adoption rates. The developed framework is applied in a case study of adoption of improved cookstoves in a community in Northern Uganda. Results indicate that incorporating TPB attributes into utility functions improves the prediction power of the model and that the attributes that users in the subject community prioritize in a clean cookstove are elicited through the TPB. Households’ decision-making behavior before and after a trial period suggests that design and marketing strategy should systematically integrate user’s behavioral tendencies prior to interventions to improve the outcomes of clean technology implementation projects. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email