Master - Lab - 10 years of No one can hack my mind: Replication/Extension Study
In light of the 10-years-anniversary of the No One Can Hack My Mind Paper [1], we want to replicate the "No one can hack my mind" study ten years later. This replication would include: conducting interviews with experts, possibly at a IT security related venue in Europe or the United States, a survey with end users, additional re-analysis of the data collected in the Usecap-courses.
10 years ago, the original publication by Ion, Reeder and Consolvo (published 2015) [1] compared the self-reported security behavior of experts and non-experts, and examined security advice. A replication by Busse, Schäfer and Smith from 2019 [2] compared the advice given in the first study to the ones four years later, and specifically focused on a question phrasing in the first study, regarding the measurement of advice quality (good vs. effective vs. realistic). Since then multiple iterations of this study have been conducted with Bachelor's (since 2021) and Master's (before 2021) students in the Usable Security and Privacy course at the university of Bonn. A prior lab has presented an overview of the different iterations, and re-analyzed data from 2022 [3].
Notes:
Multiple people can take part in this lab, and each person would focus on one of the aforementioned aspects: expert interviews, end user survey or data analys. The topic could also work as a thesis. Please state in your exposé which aspect you are interested in!
For this work to be submitted to a conference, your own work in this lab (collected data + analysis) needs to be handed in at an early deadline, e.g. mid-January at the latest. The fully written out report can be handed in later at the usual times.
Your task could be:
- prepare, conduct and analyse expert interviews (in English and/or German)
or - prepare, conduct and analyse an end user survey
or - analyse data collected in various iterations of the USECAP course
Literature
- [1] Ion, I., Reeder, R., & Consolvo, S. (2015). “... no one can hack my mind”: Comparing Expert and Non-Expert Security Practices. Download: https://www.usenix.org/sites/default/files/soups15_full_proceedings.pdf#page=349
- [2] Busse, K., Schäfer, J., & Smith, M. (2019, August). Replication: No one can hack my mind revisiting a study on expert and non-expert security practices and advice. Download: https://www.usenix.org/sites/default/files/soups2019_full_proceedings_interior.pdf#page=125
- [3] Julias Grohs (2023): Re-analysis ...no one can hack my mind. Analysis of data from the last years (Lab Report) Download: https://uni-bonn.sciebo.de/s/lp1XKR07eYmt2Ly
Kontakt
Anna-Marie Ortloff