Symposium on Usable Security and Privacy (USEC) 2025 Accepted Papers

View the detailed program page to learn when each paper will be presented during the upcoming event.

“Do We Call Them That? Absolutely Not.”: Juxtaposing the Academic and Practical Understanding of Privacy-Enhancing Technologies

Alexandra Klymenko (Technical University of Munich), Stephen Meisenbacher (Technical University of Munich), Luca Favaro (Technical University of Munich), and Florian Matthes (Technical University of Munich)

“I’m 73, you can’t expect me to have multiple passwords”: Password Management Concerns and Solutions of Irish Older Adults

Ashley Sheil (Munster Technological University), Jacob Camilleri (Munster Technological University), Michelle O Keeffe (Munster Technological University), Melanie Gruben (Munster Technological University), Moya Cronin (Munster Technological University) and Hazel Murray (Munster Technological University)

A Field Study to Uncover and a Tool to Support the Alert Investigation Process of Tier-1 Analysts

Leon Kersten (Eindhoven University of Technology), Kim Beelen (Eindhoven University of Technology), Emmanuele Zambon (Eindhoven University of Technology), Chris Snijders (Eindhoven University of Technology), Luca Allodi (Eindhoven University of Technology)

Can a Cybersecurity Question Answering Assistant Help Change User Behavior? An In Situ Study

Lea Duesterwald (Carnegie Mellon University), Ian Yang (Carnegie Mellon University), Norman Sadeh (Carnegie Mellon University)

Evaluating LLMs Towards Automated Assessment of Privacy Policy Understandability

Keika Mori (Deloitte Tohmatsu Cyber LLC, Waseda University), Daiki Ito (Deloitte Tohmatsu Cyber LLC), Takumi Fukunaga (Deloitte Tohmatsu Cyber LLC), Takuya Watanabe (Deloitte Tohmatsu Cyber LLC), Yuta Takata (Deloitte Tohmatsu Cyber LLC), Masaki Kamizono (Deloitte Tohmatsu Cyber LLC), Tatsuya Mori (Waseda University, NICT, RIKEN AIP)

Modeling End-User Affective Discomfort With Mobile App Permissions Across Physical Contexts

Yuxi Wu (Georgia Institute of Technology and Northeastern University), Jacob Logas (Georgia Institute of Technology), Devansh Ponda (Georgia Institute of Technology), Julia Haines (Google), Jiaming Li (Google), Jeffrey Nichols (Apple), W. Keith Edwards (Georgia Institute of Technology), Sauvik Das (Carnegie Mellon University)

On-demand RFID: Improving Privacy, Security, and User Trust in RFID Activation through Physically-Intuitive Design

Youngwook Do (JPMorganChase and Georgia Institute of Technology), Tingyu Cheng (Georgia Institute of Technology and University of Notre Dame), Yuxi Wu (Georgia Institute of Technology and Northeastern University), HyunJoo Oh(Georgia Institute of Technology), Daniel J. Wilson (Northeastern University), Gregory D. Abowd (Northeastern University), Sauvik Das (Carnegie Mellon University)

Security Advice on Content Filtering and Circumvention for Parents and Children as Found on YouTube and TikTok

Ran Elgedawy (The University of Tennessee, Knoxville), John Sadik (The University of Tennessee, Knoxville), Anuj Gautam (The University of Tennessee, Knoxville), Trinity Bissahoyo (The University of Tennessee, Knoxville), Christopher Childress (The University of Tennessee, Knoxville), Jacob Leonard (The University of Tennessee, Knoxville), Clay Shubert (The University of Tennessee, Knoxville), Scott Ruoti (The University of Tennessee, Knoxville)

Throwaway Accounts and Moderation on Reddit

Cheng Guo (Clemson University), Kelly Caine (Clemson University)

Understanding Influences on SMS Phishing Detection: User Behavior, Demographics, and Message Attributes

Daniel Timko (California State University San Marcos), Daniel Hernandez Castillo (California State University San Marcos), Muhammad Lutfor Rahman (California State University San Marcos)

Understanding reCAPTCHAv2 via a Large-Scale Live User Study

Andrew Searles (University of California Irvine), Renascence Tarafder Prapty (University of California Irvine), Gene Tsudik (University of California Irvine)

User Comprehension and Comfort with Eye-Tracking and Hand-Tracking Permissions in Augmented Reality

Kaiming Cheng (University of Washington), Mattea Sim (Indiana University), Tadayoshi Kohno (University of Washington), Franziska Roesner (University of Washington)

Victim-Centred Abuse Investigations and Defenses for Social Media Platforms

Zaid Hakami (Florida International University and Jazan University), Ashfaq Ali Shafin (Florida International University), Peter J. Clarke (Florida International University), Niki Pissinou (Florida International University), and Bogdan Carbunar (Florida International University)

Vision: Comparison of AI-assisted Policy Development Between Professionals and Students

Rishika Thorat (Purdue University), Tatiana Ringenberg (Purdue University)

Vision: Retiring Scenarios — Enabling Ecologically Valid Measurement in Phishing Detection Research with PhishyMailbox

Oliver D. Reithmaier (Leibniz University Hannover), Thorsten Thiel (Atmina Solutions), Anne Vonderheide (Leibniz University Hannover), Markus Dürmuth (Leibniz University Hannover)

Vision: The Price Should Be Right: Exploring User Perspectives on Data Sharing Negotiations

Jacob Hopkins (Texas A&M University – Corpus Christi), Carlos Rubio-Medrano (Texas A&M University – Corpus Christi), Cori Faklaris (University of North Carolina at Charlotte)

Vision: Towards True User-Centric Design for Digital Identity Wallets

Yorick Last (Paderborn University), Patricia Arias Cabarcos (Paderborn University)

What Makes Phishing Simulation Campaigns (Un)Acceptable? A Vignette Experiment

Jasmin Schwab (German Aerospace Center (DLR)), Alexander Nussbaum (University of the Bundeswehr Munich), Anastasia Sergeeva (University of Luxembourg), Florian Alt (University of the Bundeswehr Munich and Ludwig Maximilian University of Munich), and Verena Distler (Aalto University)