AsiaUSEC 2020

Ensuring effective security and privacy in real-world technology requires considering not only technical but also human aspects, as well as the complex way in which these combine. technical as well as human aspects. Enabling people to manage privacy and security necessitates giving due consideration to the users and the larger operating context within which technology is embedded.

It is the aim of USEC to contribute to an increase of the scientific quality of research in human factors in security and privacy. To this end, we encourage replication studies to validate previous research findings. Papers in these categories should be clearly marked as such and will not be judged against regular submissions on novelty. Rather, they will be judged based on scientific quality and value to the community. We also encourage reports of faded experiments, since their publication will serve to highlight the lessons learned and prevent others falling into the same traps.

Sponsors

Keynote

Peter Gutmann is a researcher in the Department of Computer Science at the University of Auckland working on design and analysis of cryptographic security architectures and security usability. He helped write the popular PGP encryption package, has authored a number of papers and RFC's on security and encryption, and is the author of the open source cryptlib security toolkit, "Cryptographic Security Architecture: Design and Verification" (Springer, 2003), and an upcoming book on security engineering. In his spare time he pokes holes in whatever security systems and mechanisms catch his attention and grumbles about the lack of consideration of human factors in designing security systems.

   
Availability and Security: Choose any One
Availability/dependability considerations assert that "in case of any issues, keep going at any cost" while security mandates "in case of any issues, raise the alarm and shut things down". In other words once you've found the single bit that's out of place, you've won and there's no need to think about continuing. Needless to say, these two concepts are more than a little incompatible. This talk looks at the thorny issue of availability/ dependability vs. security, complete with hair-raising examples, as instances of wicked problems, a concept taken from the field of social planning. To the annoyance of geeks everywhere, the talk will conclude without presenting any obvious solutions.?

Program

Schedule Details
8:30 Introduction and Publication Plan Q &A
9:00 – 10:30 Email and Browsing
A Tale of Two Browsers: Understanding User’s Web Browser Choices in South Korea - Simon Woo, Hyoungshick Kim, Ji Won Choi, Soyoon Jeon, Jihye Woo and Joon Han.(15 min)
User-Centered Risk Communication for Safer Browsing - Sanchari Das, Jacob Abbott, Shakthidhar Gopavaram, Jim Blythe and L. Jean Camp.(15 min)
Secure Email – A Usability Study - Adrian Reuter, Ahmed Abdelmaksoud, Wadie Lemrazzeq, Karima Boudaoud and Marco Winckler.(15 min)
George Nasser, Ben Morrison, Piers Bayl-Smith, Ronnie Taib, Michael Gayed, and Mark Wiggins. The Effects of Cue Utilization and Cognitive Load in the Detection of Phishing Emails, Proceedings of AsiaUSEC'20, Financial Cryptography and Data Security 2019 (FC). February 14, 2020 Kota Kinabalu, Sabah, Malaysia Springer, 2020. (15min)
Cue Utilization, Phishing Feature and Phishing Email Detection - Piers Bayl-Smith, Daniel Sturman and Mark Wiggins.(15 min)
Panel Q&A 15 minutes
10:30 – 11:00 Break
11:00 – 12:30 Behaviour – Smart Environments & Workplaces
KovilaP.L.Coopamootoo, Dis-Empowerment Online- An Investigation of Privacy & Sharing Perceptions & Method Preferences: Proceedings of AsiaUSEC’20, Financial Cryptography and Data Security 2020 (FC). February 14, 2020 Kota Kinabalu, Sabah, Malaysia Springer, 2020 (15 min)
Oksana Kulyk, Benjamin Maximilian Reinheimer, Lukas Aldag, Peter Mayer, Nina Gerber, Melanie Volkamer. Security and Privacy Awareness in Smart Environments – A Cross-Country Investigation, Proceedings of AsiaUSEC’20, Financial Cryptography and Data Security 2019 (FC). February 14, 2020 Kota Kinabalu, Sabah, Malaysia Springer, 2020. (15 min)
Hilda Hadan, Sameer Patil, Understanding Perceptions of Smart Devices, Proceedings of AsiaUSEC‘20, Financial Cryptography and Data Security 2019 (FC). February 14, 2020 Kota Kinabalu, Sabah, Malaysia Springer, 2020 (15 min)
In Our Employer We Trust: Mental Models of Office Worker’s Privacy Perceptions - Jan Tolsdorf and Florian Dehling.(15 min)
David Oyebisi and Kennedy Njenga, Behaviour of Outsourced Employees as Sources of Information System Security Threats: Proceedings of AsiaUSEC’20, Financial Cryptography and Data Security 2020 (FC). February 14, 2020 Kota Kinabalu, Sabah, Malaysia Springer, 2020.(15 min)
Panel Q&A 15 minutes
12:30 – 14:00 Lunch   
Location: Pavilion
14:00 – 15:30 Passwords & Workplaces
Gene Tsudik, Tyler Kaczmarek, Bruce Berg, Alfred Kobsa, Exploring Effects of Auditory Stimuli on CAPTCHA Performance, Proceedings of AsiaUSEC’20, Financial Cryptography and Data Security 2019 (FC). February 14, 2020 Kota Kinabalu, Sabah, Malaysia Springer, 2020.(15 min)
Xian Chu, Huiping Sun, Zhong Chen, PassPage: Graphical Password Authentication Scheme Based on Web Browsing Records, Proceedings of AsiaUSEC'20, Financial Cryptography and Data Security 2019 (FC). February 14, 2020 Kota Kinabalu, Sabah, Malaysia Springer, 2020.(15 min)
Kovila P.L. Coopamootoo, Empathy as a Response to Frustration in Password Choice: Proceedings of AsiaUSEC’20, Financial Cryptography and Data Security 2020 (FC). February 14, 2020 Kota Kinabalu, Sabah, Malaysia Springer, 2020 (15 min)
Harshal Tupsamudre,Monika Sahu,Kumar Vidhani,Sachin Lodha, Fixing the Fixes: Assessing the Solutions of SAST Tools for Securing Password Storage, Proceedings of AsiaUSEC’20, Financial Cryptography and Data Security 2019 (FC). February 14, 2020 Kota Kinabalu, Sabah, Malaysia Springer, 2020 (15min)
Jacqui Taylor-Jackson, John McAlaney, Jeff Foster, Abubakar Bello, Alana Maurushat, John Dale, Incorporating Psychology into Cyber Security Education: A Pedagogical Approach, Proceedings of AsiaUSEC'20, Financial Cryptography and Data Security (FC). February 14, 2020 Kota Kinabalu, Sabah, Malaysia Springer, 2020. (15 min)
Panel Q&A 15 minutes
15:30 – 16:00 Break
16:00 – 16:45 Keynote Peter Gutmann
16:45 – Closing Questions and Comments

Committees

Program Chairs

Alana Maurushat, Western Sydney University
L Jean Camp, Indiana University

Program Committee

  • Abdulmajeed Alqhatani, UNC Charlotte, US
  • Ada Lerner, Wellesley College, US
  • Alisa Frik, ICSI, University of California at Berkeley, US
  • Andrew Adams, Meiji University, JP
  • Hamza Sellak, ENSAM, Moulay Ismaïl University, MA
  • Heather Crawford, Florida Institute of Technology, US
  • Julian Jang-Jaccard, Massey University, NZ
  • Julian Williams, Durham University, UK
  • Julie Haney, National Institute of Standards and Technology, US
  • Karen Renaud, Rhodes University, SA & University of Glasgow, UK
  • Mahdi Nasrullah, Al-Ameen, Utah State University, US
  • Maija Poikela, Fraunhofer AISEC, DE
  • Marthie Grobler, CSIRO, AU
  • Matt Bishop, University of California of Davis, US
  • Mohan Baruwal Chhetri, CSIRO, AU
  • Nicholas Weaver, ISCI
  • Pamela Briggs, Northumbria University, UK
  • Patrick Traynor, University of Florida, US
  • Paul Watters, La Trobe University AU
  • Peter Gutmann, University of Auckland, AU
  • Sanchari Das, American Express, US
  • Shigeng Zhang, Central South University, CN
  • Shrirang, Mare, University of Washington, US
  • Sid Stamm, Rose-Hulman Institute of Technology, US
  • Sven Dietrich, City University of New York, US
  • Ruth Shillair, Michigan State University, US
  • Tim Kelley, Naval Surface Warfare Center Crane Division, US
  • Vaibhav Garg, Comcast Cable, US
  • Wendy Seltzer, MIT, US
  • Zinaida Benenson, University of Erlangen-Nuremberg, DE

Venue

The conference will be held in conjunctions with FC. 
February 10–14, 2020
Shangri-La Tanjung Aru Resort & Spa
Kota Kinabalu, Sabah, Malaysia

Contact

All questions about submissions should be emailed to chairs@ljean.com