European Workshop on Usable Security
July 18 2016 in Darmstadt, Germany
ProgramThe current program can be found here, see the column EuroUSEC 2016. All talks will take place in the room Germanium 3.03. The proceedings can be found here. 08:00-08:30Breakfast & coffe 08:30-08:45 Welcome notes 08:45-09:30Keynote: Insider threats and the grey zone of organisational defences: designing an effective security organisationDenis Fischbacher-Smith 09:30-10:00 Stealing PINs via Mobile Sensors: Actual Risk versus User PerceptionMaryam Mehrnezhad, Ehsan Toreini, Siamak Shahandashti and Feng HaoPresentation 10:00-10:30 Exploring Psychological Need Fulfillment for Security and Privacy Actions on SmartphonesLydia Kraus, Ina Wechsung and Sebastian Möller 10:30-11:00 Coffee break 11:00-11:30 The usability canary in the security coal mine: A cognitive framework for evaluation and design of usable authentication solutionsBrian D. Glass, Graeme Jenkinson, Yuqi Liu, M. Angela Sasse, Frank Stajano and Max SpencerPresentation 11:30-12:00 On User Choice for Android Unlock PatternsMarte Loge, Markus Dürmuth and Lillian RostadPresentation 12:00-12:30 Why Do People Adopt, or Reject, Smartphone Password Managers? Nora Alkaldi and Karen RenaudPresentation 12:30-14:00 Lunch 14:00-14:45 Keynote: Cyber Security and what is really happening out thereStuart Macdonald 14:45-15:15 “It Is a Topic That Confuses Me” – Privacy Perceptions in Usage of Location-Based ApplicationsMaija Poikela and Felix Kaiser 15:15-15:45 Users Protect Their Privacy If They Can: Determinants of Webcam Covering BehaviorDominique Machuletz, Henrik Sendt, Stefan Laube and Rainer Böhme 15:45-15:50 Group picture 15:50-16:00 Coffee break 16:00-16:20 When Signal hits the Fan: On the Usability and Security of State-of-the-Art Secure Mobile MessagingSvenja Schröder, Markus Huber, David Wind and Christoph RottermannerPresentation 16:20-16:40 On the impact of warning interfaces for enabling the detection of Potentially Unwanted ApplicationsVlasta Stavova, Vashek Matyas and Mike Just 16:40-17:00 Influencing Self-Selected Passwords Through Suggestions and the Decoy EffectTobias Seitz, Emanuel von Zezschwitz, Stefanie Meitner and Heinrich HussmannPresentation 17:00-17:30 Discussion 19:00 Social event Subsequent to the Workshop, at 7:00 h (p.m.), the EuroUSEC Community is invited to get together at the Bistro Moller, located at the Welcome Hotel Darmstadt, see how to get there. This social event gives the opportunity to follow-up on the EuroUSEC in a pleasant atmosphere, as an an enjoyable completion to the workshop. The Bistro offers drinks and meals à la carte. Address: Bistro Moller,Welcome Hotel Darmstadt, Karolinenplatz 4, 64289 Darmstadt
Denis Fischbacher-Smith, University of Glasgow Title: Insider threats and the grey zone of organisational defences: designing an effective security organisation Abstract: The challenges associated with the management of hostile actors within organisations have taken on a more urgent perspective in the wake of a spate of mass casualty events in both the USA and the EU. Whilst the availability of weapons is invariably the focus of policy makers, the challenges for the organisation lie in terms of the nature and vulnerability of organisational controls, the processes around recruitment, and the abilities to identify and act upon early warnings. This paper sets out a theoretical framework for considering the nature of those vulnerabilities and does so from the perspective of both internal and external threats. The relationships between such threat actors are often symbiotic as external actors will seek to expose internal vulnerabilities by coercing "trusted" employees to allow defences to be bypassed.
Stuart Macdonald, SERIC SYSTEMS Title: Cyber Security and what is really happening out there Abstract: I will talk about my experiences as a security professional. This will include stories about attacks I have helped people to recover from, how I have helped companies to be more resilient to cyber attack and the kinds of security practices that have made me despair. This is very much a "war story" talk from someone at the sharp end of things.