Self-identified experts lost on the interwebs

Kelley, Timothy, Camp, L. Jean, Lien, Suzanne, & Stebila, Douglas (2012) Self-identified experts lost on the interwebs. In Bishop, Matt & Shannon, Greg (Eds.) Proceedings of the 2012 Workshop on Learning from Authoritative Security Experiment Results (LASER 2012), ACM, Arlington, Virginia, pp. 47-54.

View at publisher


Security cues found in web browsers are meant to alert users to potential online threats, yet many studies demonstrate that security indicators are largely ineffective in this regard. Those studies have depended upon self-reporting of subjects' use or aggregate experimentation that correlate responses to sites with and without indicators.

We report on a laboratory experiment using eye-tracking to follow the behavior of self-identified computer experts as they share information across popular social media websites. The use of eye-tracking equipment allows us to explore possible behavioral differences in the way experts perceive web browser security cues, as opposed to non-experts.

Unfortunately, due to the use of self-identified experts, technological issues with the setup, and demographic anomalies, our results are inconclusive. We describe our initial experimental design, lessons learned in our experimentation, and provide a set of steps for others to follow in implementing experiments using unfamiliar technologies, eye-tracking specifically, subjects with different experience with the laboratory tasks, as well as individuals with varying security expertise. We also discuss recruitment and how our design will address the inherent uncertainties in recruitment, as opposed to design for an ideal population. Some of these modifications are generalizable, together they will allow us to run a larger 2x2 study, rather than a study of only experts using two different single sign-on systems.

Impact and interest:

1 citations in Scopus
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

132 since deposited on 15 Oct 2012
10 in the past twelve months

Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 54165
Item Type: Conference Paper
Refereed: Yes
Additional URLs:
DOI: 10.1145/2379616.2379623
ISBN: 9781450311953
Subjects: Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > DISTRIBUTED COMPUTING (080500) > Web Technologies (excl. Web Search) (080505)
Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > INFORMATION SYSTEMS (080600) > Computer-Human Interaction (080602)
Divisions: Current > Schools > School of Electrical Engineering & Computer Science
Current > Institutes > Institute for Future Environments
Current > QUT Faculties and Divisions > Science & Engineering Faculty
Copyright Owner: Copyright 2012 ACM
Copyright Statement: This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in LASER '12 Proceedings of the 2012 Workshop on Learning from Authoritative Security Experiment Results, Pages 47-54, DOI: 10.1145/2379616.2379623
Deposited On: 15 Oct 2012 07:38
Last Modified: 17 Oct 2012 04:07

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page