Human Centered Security Lab
|Credit Points:||6 CP|
In this lab, students will work in groups of up to four with PhD students and Prof. Fahl on research projects from conception to writing in the form of a scientific paper. Students will have the opportunity to participate in a scientific publication as co-authors. The lab is limited to 20 participants. Lab places will be allocated to those who meet the requirements on a first-come-first-serve basis.
The lab will consist of regular meetings during the semester. In addition to that, students will be assigned working packages that they should work on and prepare asynchronously between the lab sessions.
Teaching of methods: Interviews/questionnaires/controlled experiments; Qualitative/quantitative data analysis; Case studies; Scientific writing of results.
Recommended Prior Knowledge
Prior knowledge from the lecture Foundations of IT Security is expected. Knowledge acquired in the courses Introduction Usable Security and Privacy, Usable Security and Privacy Lab, and Introduction to Empirical Methods of Human-Centered Computing is also recommended.
- The lab is not graded.
- All students are expected to work on the projects and make contributions to pass the lab.
- Presence in meetings/sessions is mandatory for this lab.
Will be announced
Below we have compiled for you a list of scholarly papers that use qualitative interview studies. Since this lab will actively focus on teaching and applying such a methodology, we recommend that you at least skim these papers to get an idea of the methodology of this lab:
- “It’s the Company, the Government, You and I”: User Perceptions of Responsibility for Smart Home Privacy and Security
- “It’s stressful having all these phones”: Investigating Sex Workers' Safety Goals, Risks, and Practices Online
- Hackers vs. Testers: A Comparison of Software Vulnerability Discovery Processes
- “I’m Literally Just Hoping This Will Work:” Obstacles Blocking the Online Security and Privacy of Users with Visual Disabilities
- How and Why People Use Virtual Private Networks
- How Ready is Your Ready? Assessing the Usability of Incident Response Playbook Frameworks
- 99% False Positives: A Qualitative Study of SOC Analysts' Perspectives on Security Alarms
- New Me: Understanding Expert and Non-Expert Perceptions and Usage of the Tor Anonymity Network
For an overview of the general field of usable security, we recommend:
- Usable Security: History, Themes, and Challenges (Synthesis Lectures on Information Security, Privacy, and Trust, Band 11), Simson Garfinkel and Heather Richter Lipford
- Security and Usability: Designing Secure Systems that People Can Use, Lorrie Faith Cranor und Simson Garfinkel