Author(s): Vlasta Stavova, Vashek Matyas, Mike Just

Download: Paper (PDF)

Date: 12 Aug 2016

Document Type: Presentations

Associated Event: NDSS Symposium 2016


We conducted a large-scale online study with 26,000 software installations during which we asked user (participants) whether they wanted to enable or disable the detection of Potentially Unwanted Applications (PUAs – potentially malicious software, such as adware or spyware). PUAs are notoriously difficult to manage, e.g., legal challenges can preclude default options that could otherwise be set for PUAs detection or removal. Our study was performed with an IT security software provider (ESET) who gave us access to the participants (antivirus product beta users). We used a between-subjects design with 15 conditions (a starting-point control interface, and 14 new “warning” interfaces). Despite the fact that many software companies (e.g., Microsoft, AVAST, AVG, McAfee, Kaspersky Lab) are struggling with PUAs detection, there are few studies focused on this topic. Our results indicate a strong desire for PUAs detection by users. In particular, enabling PUAs detection was chosen by 74.5% of our participants for our initial control interface. Further, a modified interface in which the option to enable PUAs detection was presented first resulted in 89.8% of participants choosing to enable PUAs detection (a statistically significant increase from the control).