Konstantin Beznosov

Proceedings of the CHI Conference on Human Factors in Computing Systems, 2024

2022

Users' Expectations, Experiences, and Concerns With COVID Alert, an Exposure-Notification App.

[BibT_eX]

[DOI]

Proc. ACM Hum. Comput. Interact., 2022

Neither Access nor Control: A Longitudinal Investigation of the Efficacy of User Access-Control Solutions on Smartphones.

[BibT_eX]

[DOI]

Julia Rubin

Proceedings of the 31st USENIX Security Symposium, 2022

SoK: The Dual Nature of Technology in Sexual Abuse.

[BibT_eX]

[DOI]

Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

Users' Perceptions of Chrome Compromised Credential Notification.

[BibT_eX]

[DOI]

Proceedings of the Eighteenth Symposium on Usable Privacy and Security, 2022

COVID-19 Information-Tracking Solutions: A Qualitative Investigation of the Factors Influencing People's Adoption Intention.

[BibT_eX]

[DOI]

Proceedings of the CHIIR '22: ACM SIGIR Conference on Human Information Interaction and Retrieval, Regensburg, Germany, March 14, 2022

2021

Challenges and Threats of Mass Telecommuting: A Qualitative Study of Workers.

[BibT_eX]

[DOI]

Proceedings of the Seventeenth Symposium on Usable Privacy and Security, 2021

SoK: Human, Organizational, and Technological Dimensions of Developers' Challenges in Engineering Secure Software.

[BibT_eX]

[DOI]

Azadeh Mokhberi

Proceedings of the EuroUSEC '21: European Symposium on Usable Security 2021, Karlsruhe, Germany, October 11, 2021

Non-Adoption of Crypto-Assets: Exploring the Role of Trust, Self-Efficacy, and Risk.

[BibT_eX]

[DOI]

Svetlana Abramova

Rainer Böhme

Proceedings of the 29th European Conference on Information Systems, 2021

The U in Crypto Stands for Usable: An Empirical Study of User Experience with Mobile Cryptocurrency Wallets.

[BibT_eX]

[DOI]

Oliver Wiese

Volker Roth

Proceedings of the CHI '21: CHI Conference on Human Factors in Computing Systems, 2021

Security Notifications in Static Analysis Tools: Developers' Attitudes, Comprehension, and Ability to Act on Them.

[BibT_eX]

[DOI]

Proceedings of the CHI '21: CHI Conference on Human Factors in Computing Systems, 2021

On Smartphone Users' Difficulty with Understanding Implicit Authentication.

[BibT_eX]

[DOI]

Jun Ho Huh

Proceedings of the CHI '21: CHI Conference on Human Factors in Computing Systems, 2021

Bits Under the Mattress: Understanding Different Risk Perceptions and Security Behaviors of Crypto-Asset Users.

[BibT_eX]

[DOI]

Svetlana Abramova

Rainer Böhme

Proceedings of the CHI '21: CHI Conference on Human Factors in Computing Systems, 2021

2020

On the Security and Usability Implications of Providing Multiple Authentication Choices on Smartphones: The More, the Better?

[BibT_eX]

[DOI]

ACM Trans. Priv. Secur., 2020

Towards Understanding Privacy and Trust in Online Reporting of Sexual Assault.

[BibT_eX]

[DOI]

Lucrezia Spagnolo

Proceedings of the Sixteenth Symposium on Usable Privacy and Security, 2020

Is Implicit Authentication on Smartphones Really Popular? On Android Users' Perception of "Smart Lock for Android".

[BibT_eX]

[DOI]

Jun Ho Huh

Proceedings of the MobileHCI '20: 22nd International Conference on Human-Computer Interaction with Mobile Devices and Services, 2020

Surviving the Cryptojungle: Perception and Management of Risk Among North American Cryptocurrency (Non)Users.

[BibT_eX]

[DOI]

Proceedings of the Financial Cryptography and Data Security, 2020

The Burden of Ending Online Account Sharing.

[BibT_eX]

[DOI]

Proceedings of the CHI '20: CHI Conference on Human Factors in Computing Systems, 2020

Amazon vs. My Brother: How Users of Shared Smart Speakers Perceive and Cope with Privacy Risks.

[BibT_eX]

[DOI]

Proceedings of the CHI '20: CHI Conference on Human Factors in Computing Systems, 2020

2019

Forecasting Suspicious Account Activity at Large-Scale Online Service Providers.

[BibT_eX]

[DOI]

Proceedings of the Financial Cryptography and Data Security, 2019

Towards Understanding the Link Between Age and Smartphone Authentication.

[BibT_eX]

[DOI]

Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems, 2019

Vulnerability & Blame: Making Sense of Unauthorized Access to Smartphones.

[BibT_eX]

[DOI]

Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems, 2019

2018

Dynamically Regulating Mobile Application Permissions.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2018

Contextualizing Privacy Decisions for Better Prediction (and Protection).

[BibT_eX]

[DOI]

Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems, 2018

Source Attribution of Cryptographic API Misuse in Android Applications.

[BibT_eX]

[DOI]

Yazan Boshmaf

Tiago João Vieira Guerreiro

Proceedings of the 2018 on Asia Conference on Computer and Communications Security, 2018

2017

The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences.

[BibT_eX]

[DOI]

Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017

Characterizing Social Insider Attacks on Facebook.

[BibT_eX]

[DOI]

Luís Carriço

Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, 2017

I'm too Busy to Reset my LinkedIn Password: On the Effectiveness of Password Reset Emails.

[BibT_eX]

[DOI]

Jun Ho Huh

Hyoungshick Kim

Swathi S. V. P. Rayala

Rakesh B. Bobba

Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, 2017

An Early Warning System for Suspicious Accounts.

[BibT_eX]

[DOI]

Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, 2017

2016

Decoupling data-at-rest encryption and smartphone locking with wearable devices.

[BibT_eX]

[DOI]

Pervasive Mob. Comput., 2016

Android users in the wild: Their authentication and usage behavior.

[BibT_eX]

[DOI]

Ahmed Mahfouz

Nalin Asanka Gamagedara Arachchilage

Pervasive Mob. Comput., 2016

Íntegro: Leveraging victim prediction for robust fake account detection in large scale OSNs.

[BibT_eX]

[DOI]

Comput. Secur., 2016

Phishing threat avoidance behaviour: An empirical investigation.

[BibT_eX]

[DOI]

Steve Love

Comput. Hum. Behav., 2016

Sharing Health Information on Facebook: Practices, Preferences, and Risk Perceptions of North American Users.

[BibT_eX]

[DOI]

Sadegh Torabi

Proceedings of the Twelfth Symposium on Usable Privacy and Security, 2016

Advancing the Understanding of Android Unlocking and Usage.

[BibT_eX]

[DOI]

Lina Qiu

Proceedings of the Who Are You?! Adventures in Authentication, 2016

Snooping on Mobile Phones: Prevalence and Trends.

[BibT_eX]

[DOI]

Proceedings of the Twelfth Symposium on Usable Privacy and Security, 2016

Harvesting the low-hanging fruits: defending against automated large-scale cyber-intrusions by focusing on the vulnerable population.

[BibT_eX]

[DOI]

Proceedings of the 2016 New Security Paradigms Workshop, 2016

2015

Android Permissions Remystified: A Field Study on Contextual Integrity.

[BibT_eX]

[DOI]

Proceedings of the 24th USENIX Security Symposium, 2015

On the Memorability of System-generated PINs: Can Chunking Help?

[BibT_eX]

[DOI]

Proceedings of the Eleventh Symposium On Usable Privacy and Security, 2015

On the Impact of Touch ID on iPhone Passcodes.

[BibT_eX]

[DOI]

Proceedings of the Eleventh Symposium On Usable Privacy and Security, 2015

Integro: Leveraging Victim Prediction for Robust Fake Account Detection in OSNs.

[BibT_eX]

[DOI]

Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

Android Rooting: Methods, Detection, and Evasion.

[BibT_eX]

[DOI]

Andrea Cuadros

Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices, 2015

Surpass: System-initiated User-replaceable Passwords.

[BibT_eX]

[DOI]

Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

Thwarting Fake OSN Accounts by Predicting their Victims.

[BibT_eX]

[DOI]

Proceedings of the 8th ACM Workshop on Artificial Intelligence and Security, 2015

2014

Efficient Authentication and Key Management Mechanisms for Smart Grid Communications.

[BibT_eX]

[DOI]

IEEE Syst. J., 2014

Heuristics for Evaluating IT Security Management Tools.

[BibT_eX]

[DOI]

Maria Velez-Rojas

Hum. Comput. Interact., 2014

Finding influential neighbors to maximize information diffusion in twitter.

[BibT_eX]

[DOI]

Hyoungshick Kim

Eiko Yoneki

Proceedings of the 23rd International World Wide Web Conference, 2014

To Befriend Or Not? A Model of Friend Request Acceptance on Facebook.

[BibT_eX]

[DOI]

Proceedings of the Tenth Symposium on Usable Privacy and Security, 2014

To Authorize or Not Authorize: Helping Users Review Access Policies in Organizations.

[BibT_eX]

[DOI]

Hootan Rashtian

Proceedings of the Tenth Symposium on Usable Privacy and Security, 2014

Helping users review and make sense of access policies in organizations.

[BibT_eX]

[DOI]

Hootan Rashtian

Proceedings of the CHI Conference on Human Factors in Computing Systems, 2014

2013

Speculative Authorization.

[BibT_eX]

[DOI]

Pranab Kini

IEEE Trans. Parallel Distributed Syst., 2013

Investigating Users' Perspectives of Web Single Sign-On: Conceptual Gaps and Acceptance Model.

[BibT_eX]

[DOI]

ACM Trans. Internet Techn., 2013

Design and analysis of a social botnet.

[BibT_eX]

[DOI]

Comput. Networks, 2013

Privacy Aspects of Health Related Information Sharing in Online Social Networks.

[BibT_eX]

[DOI]

Sadegh Torabi

Proceedings of the 2013 USENIX Workshop on Health Information Technologies, 2013

Know your enemy: the risk of unauthorized access in smartphones by insiders.

[BibT_eX]

[DOI]

Proceedings of the 15th International Conference on Human-Computer Interaction with Mobile Devices and Services, 2013

Does my password go up to eleven?: the impact of password meters on password selection.

[BibT_eX]

[DOI]

Serge Egelman

Cormac Herley

Proceedings of the 2013 ACM SIGCHI Conference on Human Factors in Computing Systems, 2013

Graph-based Sybil detection in social and information systems.

[BibT_eX]

[DOI]

Yazan Boshmaf

Proceedings of the Advances in Social Networks Analysis and Mining 2013, 2013

2012

Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures.

[BibT_eX]

[DOI]

Comput. Secur., 2012

Key Challenges in Defending Against Malicious Socialbots.

[BibT_eX]

[DOI]

Proceedings of the 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2012

Understanding Users' Requirements for Data Protection in Smartphones.

[BibT_eX]

[DOI]

Proceedings of the Workshops Proceedings of the IEEE 28th International Conference on Data Engineering, 2012

The devil is in the (implementation) details: an empirical analysis of OAuth SSO systems.

[BibT_eX]

[DOI]

Proceedings of the ACM Conference on Computer and Communications Security, 2012

2011

Authorization recycling in hierarchical RBAC systems.

[BibT_eX]

[DOI]

ACM Trans. Inf. Syst. Secur., 2011

Analysis of ANSI RBAC Support in EJB.

[BibT_eX]

[DOI]

Wesam Darwish

Int. J. Secur. Softw. Eng., 2011

Toward understanding distributed cognition in IT security management: the role of cues and norms.

[BibT_eX]

[DOI]

Cogn. Technol. Work., 2011

Improving malicious URL re-evaluation scheduling through an empirical study of malware download centers.

[BibT_eX]

[DOI]

Kyle Zeeuwen

Proceedings of the 2011 Joint WICOW/AIRWeb Workshop on Web Quality, 2011

What makes users refuse web single sign-on?: an empirical investigation of OpenID.

[BibT_eX]

[DOI]

Proceedings of the Symposium On Usable Privacy and Security, 2011

On the challenges in usable security lab studies: lessons learned from replicating a study on SSL warnings.

[BibT_eX]

[DOI]

Proceedings of the Symposium On Usable Privacy and Security, 2011

A brick wall, a locked door, and a bandit: a physical security metaphor for firewall warnings.

[BibT_eX]

[DOI]

Proceedings of the Symposium On Usable Privacy and Security, 2011

OpenID-enabled browser: towards usable and secure web single sign-on.

[BibT_eX]

[DOI]

Proceedings of the International Conference on Human Factors in Computing Systems, 2011

Promoting a physical security mental model for personal firewall warnings.

[BibT_eX]

[DOI]

Proceedings of the International Conference on Human Factors in Computing Systems, 2011

Heuristics for evaluating IT security management tools.

[BibT_eX]

[DOI]

Proceedings of the International Conference on Human Factors in Computing Systems, 2011

The socialbot network: when bots socialize for fame and money.

[BibT_eX]

[DOI]

Proceedings of the Twenty-Seventh Annual Computer Security Applications Conference, 2011

2010

Preparation, detection, and analysis: the diagnostic work of IT security incident response.

[BibT_eX]

[DOI]

Inf. Manag. Comput. Secur., 2010

Retrofitting Existing Web Applications with Effective Dynamic Protection Against SQL Injection Attacks.

[BibT_eX]

[DOI]

Int. J. Secur. Softw. Eng., 2010

Analysis of ANSI RBAC Support in COM+.

[BibT_eX]

[DOI]

Wesam Darwish

Comput. Stand. Interfaces, 2010

Do windows users follow the principle of least privilege?: investigating user account control practices.

[BibT_eX]

[DOI]

Sara Motiee

Proceedings of the Sixth Symposium on Usable Privacy and Security, 2010

It's too complicated, so i turned it off!: expectations, perceptions, and misconceptions of personal firewalls.

[BibT_eX]

[DOI]

Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration, 2010

A billion keys, but few locks: the crisis of web single sign-on.

[BibT_eX]

[DOI]

Proceedings of the 2010 Workshop on New Security Paradigms, 2010

Efficient and Spontaneous Privacy-Preserving Protocol for Secure Vehicular Communication.

[BibT_eX]

[DOI]

Proceedings of IEEE International Conference on Communications, 2010

OpenIDemail enabled browser: towards fixing the broken web single sign-on triangle.

[BibT_eX]

[DOI]

Proceedings of the 6th Workshop on Digital Identity Management, 2010

Investigating an appropriate design for personal firewalls.

[BibT_eX]

[DOI]

Proceedings of the 28th International Conference on Human Factors in Computing Systems, 2010

Investigating user account control practices.

[BibT_eX]

[DOI]

Sara Motiee

Proceedings of the 28th International Conference on Human Factors in Computing Systems, 2010

2009

Cooperative Secondary Authorization Recycling.

[BibT_eX]

[DOI]

Qiang Wei

IEEE Trans. Parallel Distributed Syst., 2009

An integrated view of human, organizational, and technological challenges of IT security management.

[BibT_eX]

[DOI]

Inf. Manag. Comput. Secur., 2009

Security practitioners in context: Their activities and interactions with other stakeholders within organizations.

[BibT_eX]

[DOI]

Int. J. Hum. Comput. Stud., 2009

Identification of sources of failures and their propagation in critical infrastructures from 12 years of public failure reports.

[BibT_eX]

[DOI]

Hafiz Abdur Rahman

José R. Martí

Int. J. Crit. Infrastructures, 2009

Revealing hidden context: improving mental models of personal firewall users.

[BibT_eX]

[DOI]

Fahimeh Raja

Proceedings of the 5th Symposium on Usable Privacy and Security, 2009

A multi-method approach for user-centered design of identity management systems.

[BibT_eX]

[DOI]

Proceedings of the 5th Symposium on Usable Privacy and Security, 2009

Usability meets access control: challenges and research opportunities.

[BibT_eX]

[DOI]

Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, 2009

Open Problems in Web 2.0 User Content Sharing.

[BibT_eX]

[DOI]

Proceedings of the iNetSec 2009 - Open Research Problems in Network Security, 2009

Towards Understanding Diagnostic Work During the Detection and Investigation of Security Incidents.

[BibT_eX]

[DOI]

Proceedings of the 3rd International Conference on Human Aspects of Information Security and Assurance, 2009

Application-based TCP hijacking.

[BibT_eX]

[DOI]

Oliver Zheng

Jason Poon

Proceedings of the Second European Workshop on System Security, 2009

Towards Enabling Web 2.0 Content Sharing beyond Walled Gardens.

[BibT_eX]

[DOI]

Proceedings of the 12th IEEE International Conference on Computational Science and Engineering, 2009

A case study of enterprise identity management system adoption in an insurance organization.

[BibT_eX]

[DOI]

Proceedings of the 3rd ACM Symposium on Computer Human Interaction for Management of Information Technology, 2009

Towards improving mental models of personal firewall users.

[BibT_eX]

[DOI]

Fahimeh Raja

Proceedings of the 27th International Conference on Human Factors in Computing Systems, 2009

Secure Web 2.0 Content Sharing Beyond Walled Gardens.

[BibT_eX]

[DOI]

Proceedings of the Twenty-Fifth Annual Computer Security Applications Conference, 2009

2008

Security for the Rest of Us: An Industry Perspective on the Secure-Software Challenge.

[BibT_eX]

[DOI]

Brian Chess

IEEE Softw., 2008

Searching for the Right Fit: Balancing IT Security Management Model Trade-Offs.

[BibT_eX]

[DOI]

Kasia Muldner

IEEE Internet Comput., 2008

The challenges of using an intrusion detection system: is it worth the effort?

[BibT_eX]

[DOI]

Proceedings of the 4th Symposium on Usable Privacy and Security, 2008

Authorization recycling in RBAC systems.

[BibT_eX]

[DOI]

Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, 2008

Authorization Using the Publish-Subscribe Model.

[BibT_eX]

[DOI]

Qiang Wei

Proceedings of the IEEE International Symposium on Parallel and Distributed Processing with Applications, 2008

Human, Organizational and Technological Challenges of Implementing IT Security in Organizations.

[BibT_eX]

[DOI]

Proceedings of the 2nd International Conference on Human Aspects of Information Security and Assurance, 2008

Identifying Differences between Security and other IT Professionals: a Qualitative Analysis.

[BibT_eX]

[DOI]

André Gagné

Kasia Muldner

Proceedings of the 2nd International Conference on Human Aspects of Information Security and Assurance, 2008

Guidelines for designing IT security management tools.

[BibT_eX]

[DOI]

Proceedings of the 2nd ACM Symposium on Computer Human Interaction for Management of Information Technology, 2008

Security practitioners in context: their activities and interactions.

[BibT_eX]

[DOI]

Proceedings of the Extended Abstracts Proceedings of the 2008 Conference on Human Factors in Computing Systems, 2008

Human, organizational, and technological factors of IT security.

[BibT_eX]

[DOI]

Proceedings of the Extended Abstracts Proceedings of the 2008 Conference on Human Factors in Computing Systems, 2008

2007

On the imbalance of the security problem space and its expected consequences.

[BibT_eX]

[DOI]

Olga Beznosova

Inf. Manag. Comput. Secur., 2007

Detecting, analyzing and responding to security incidents: a qualitative analysis.

[BibT_eX]

[DOI]

David Botta

Proceedings of the 3rd Symposium on Usable Privacy and Security, 2007

Towards understanding IT security professionals and their tools.

[BibT_eX]

[DOI]

Proceedings of the 3rd Symposium on Usable Privacy and Security, 2007

2006

Multiple-Channel Security Architecture and its Implementation over SSL.

[BibT_eX]

[DOI]

Yong Song

Victor C. M. Leung

EURASIP J. Wirel. Commun. Netw., 2006

The secondary and approximate authorization model and its application to Bell-LaPadula policies.

[BibT_eX]

[DOI]

Jason Crampton

Wing Leung

Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, 2006

Extending XP practices to support security requirements engineering.

[BibT_eX]

[DOI]

Proceedings of the 2006 international workshop on Software engineering for secure systems, 2006

A Security Analysis of the Precise Time Protocol (Short Paper).

[BibT_eX]

[DOI]

Jeanette Tsang

Proceedings of the Information and Communications Security, 8th International Conference, 2006

2005

Introduction to Web services and their security.

[BibT_eX]

[DOI]

Inf. Secur. Tech. Rep., 2005

Future direction of access control models, architectures, and technologies.

[BibT_eX]

[DOI]

Proceedings of the 10th ACM Symposium on Access Control Models and Technologies, 2005

Flooding and recycling authorizations.

[BibT_eX]

[DOI]

Proceedings of the New Security Paradigms Workshop 2005, 2005

Experience Report: Design and Implementation of a Component-Based Protection Architecture for ASP.NET Web Services.

[BibT_eX]

[DOI]

Proceedings of the Component-Based Software Engineering, 8th International Symposium, 2005

2004

Here's Your Lego<sup>TM</sup> Security Kit: How to Give Developers All Protection Mechanisms They Will Ever Need.

[BibT_eX]

[DOI]

Proceedings of the Software Engineering and Middleware, 4th International Workshop, 2004

Applying Aspect-Orientation in Designing Security Systems: A Case Study.

[BibT_eX]

Proceedings of the Sixteenth International Conference on Software Engineering & Knowledge Engineering (SEKE'2004), 2004

Supporting End-to-end Security across Proxies with Multiple-Channel SSL.

[BibT_eX]

[DOI]

Yong Song

Victor C. M. Leung

Proceedings of the Security and Protection in Information Processing Systems, 2004

Towards agile security assurance.

[BibT_eX]

[DOI]

Philippe Kruchten

Proceedings of the New Security Paradigms Workshop 2004, 2004

On the benefits of decomposing policy engines into components.

[BibT_eX]

[DOI]

Proceedings of the 3rd Workshop on Adaptive and Reflective Middleware, 2004

Implementing Multiple Channels over SSL.

[BibT_eX]

Yong Song

Victor C. M. Leung

Proceedings of the ICETE 2004, 2004

2003

An Approach for Modeling and Analysis of Security System Architectures.

[BibT_eX]

[DOI]

IEEE Trans. Knowl. Data Eng., 2003

2002

Object Security Attributes: Enabling Application-Specific Access Control in Middleware.

[BibT_eX]

[DOI]

Proceedings of the On the Move to Meaningful Internet Systems, 2002 - DOA/CoopIS/ODBASE 2002 Confederated International Conferences DOA, CoopIS and ODBASE 2002 Irvine, California, USA, October 30, 2002

1999

A Framework for Implementing Role-Based Access Control Using CORBA Security Service.

[BibT_eX]

[DOI]

Yi Deng

Proceedings of the Fourth ACM Workshop on Role-Based Access Control, 1999

Supporting Relationships in Access Control Using Role Based Access Control.

[BibT_eX]

[DOI]

John F. Barkley