Master - Lab - Analyzing replications of No One Can Hack My mind
Supervisor: Anna-Marie (ortloff@cs.uni-bonn.de)
This lab is suitable for a group.
The original publication by Ion, Reeder and Consolvo from 2015 compared the self-reported security behavior of experts and non-experts, and examined security advice. A replication by Busse, Schäfer and Smith from 2019 compared the advice given in the first to study to the ones four years later, and specifically focused on a question phrasing in the first study, regarding the measurement of advice quality (good vs. effective vs. realistic). Since then multiple iterations of this study have been conducted with Bachelor’s (since 2021) and Master’s (before 2021) students in the Usable Security and Privacy course at the university of Bonn.
Your task
- Summarize the differences and similarities between each iteration of the study, e.g. regarding sample characteristics, question phrasing, additional research questions addressed in the survey…
- Analyze the data of each of the iterations separately
- Compare the results from each of your analyses
You are free to use whatever statistical package you are most familiar with in your analyses, e.g. Python, SPSS, R… The supervisor can mainly provide assistance regarding R.
Literature to start with:
- Ion, I., Reeder, R., & Consolvo, S. (2015). “… no one can hack my mind”: Comparing Expert and Non-Expert Security Practices. Download from: https://www.usenix.org/sites/default/files/soups15_full_proceedings.pdf#page=349
- Busse, K., Schäfer, J., & Smith, M. (2019, August). Replication: No one can hack my mind revisiting a study on expert and non-expert security practices and advice. Download from: https://www.usenix.org/sites/default/files/soups2019_full_proceedings_interior.pdf#page=125
Requirements
You need to have knowledge of statistical hypothesis testing and analysis, on the level of the lecture “Usable Security and privacy”. English lecture slides and German videos can be provided for self-study on request.