Jens Christian Dalgaard, Niek A. Janssen, Oksana Kulyuk, Carsten Schurmann (IT University of Copenhagen)

Cybersecurity concerns are increasingly growing across different sectors globally, yet security education remains a challenge. As such, many of the current proposals suffer from drawbacks, such as failing to engage users or to provide them with actionable guidelines on how to protect their security assets in practice. In this work, we propose an approach for designing security trainings from an adversarial perspective, where the audience learns about the specific methodology of the specific methods, which attackers can use to break into IT systems. We design a platform based on our proposed approach and evaluate it in an empirical study (N = 34), showing promising results in terms of motivating users to follow security policies.

View More Papers

Explainable AI in Cybersecurity Operations: Lessons Learned from xAI...

Megan Nyre-Yu (Sandia National Laboratories), Elizabeth S. Morris (Sandia National Laboratories), Blake Moss (Sandia National Laboratories), Charles Smutz (Sandia National Laboratories), Michael R. Smith (Sandia National Laboratories)

Read More

Security When it is Welcome: Exploring Device Purchase as...

Simon Parkin (University College London); Elissa M. Redmiles (University of Maryland); Lynne Coventry (Northumbria University); M. Angela Sasse (Ruhr University Bochum and University College London)

Read More

Analyzing the Patterns and Behavior of Users When Detecting...

Nick Ceccio, Naman Gupta, Majed Almansoori, Rahul Chatterjee (University of Wisconsin-Madison)

Read More