Experimental large-scale review of attractors for detection of
potentially unwanted applications

J 2018

Experimental large-scale review of attractors for detection of potentially unwanted applications

ŠŤAVOVÁ, Vlasta; Lenka DĚDKOVÁ; Václav MATYÁŠ; Mike JUST; David ŠMAHEL et al.

Základní údaje

Originální název

Experimental large-scale review of attractors for detection of potentially unwanted applications

Autoři

ŠŤAVOVÁ, Vlasta; Lenka DĚDKOVÁ ; Václav MATYÁŠ ; Mike JUST; David ŠMAHEL a Martin UKROP

Vydání

Computers & Security, Oxford, Elsevier, 2018, 0167-4048

Další údaje

Jazyk

angličtina

Typ výsledku

Článek v odborném periodiku

Obor

10201 Computer sciences, information science, bioinformatics

Stát vydavatele

Velká Británie a Severní Irsko

Utajení

není předmětem státního či obchodního tajemství

Odkazy

URL, URL

Impakt faktor

Impact factor: 3.062

Označené pro přenos do RIV

Ano

Kód RIV

RIV/00216224:14330/18:00102440

Organizační jednotka

Fakulta informatiky

Klíčová slova anglicky

PUA; PUP; usable security; usability

Příznaky

Mezinárodní význam, Recenzováno

Změněno: 29. 4. 2019 17:17, RNDr. Pavel Šmerk, Ph.D.

Anotace

V originále

While malicious software (malware) is designed to disrupt or damage computer systems, potentially unwanted applications (PUAs) combine useful features with less desirable ones, such as adware or spyware. Unlike anti-malware solutions, removing PUAs can be controversial, for both the PUA owners and also the users who might wish to accept the PUA features. Thus, solutions for removing PUAs require users to make their removal decisions. In this paper we investigate the effectiveness of 15 screen variants that use different ``security warning attractors'' designed to encourage users to enable PUA detection when they are installing a security software solution from the online security software company ESET. Our live field study with close to 750,000 software installations by end users in 222 countries shows that a small change of switching the order of the options presented using radio buttons and offering the ``enable detection'' option first was the most effective (and was later set as the option of choice by ESET). The chosen approach led to a significant reduction of non-consenting users from 17.9% to 11.1%. Other features, such as the use of colours and pictorials, which have previously demonstrated their effectiveness with more traditional SSL security warnings, did not yield significant improvements for enabling PUA detection.

Návaznosti

MUNI/E/1281/2016, interní kód MU

Název: Publikace výsledků z nových dat v oblasti ICT bezpečnosti

Investor: Masarykova univerzita, Publikace výsledků z nových dat v oblasti ICT bezpečnosti, Podpora zvýšení kvality vynikajících výsledků

Přiložené soubory

experimental_large_scale_review_of_attractors_for_detection_of_potentially_unwanted_applications.pdf

Požádat o autorskou verzi souboru

Citovat

ŠŤAVOVÁ, Vlasta; Lenka DĚDKOVÁ; Václav MATYÁŠ; Mike JUST; David ŠMAHEL a Martin UKROP. Experimental large-scale review of attractors for detection of potentially unwanted applications. Computers & Security. Oxford: Elsevier, 2018, roč. 76, July, s. 92-100. ISSN 0167-4048. Dostupné z: https://doi.org/10.1016/j.cose.2018.02.017.

@article{1411904,
   author = {Šťavová, Vlasta and Dědková, Lenka and Matyáš, Václav and Just, Mike and Šmahel, David and Ukrop, Martin},
   article_location = {Oxford},
   article_number = {July},
   doi = {https://doi.org/10.1016/j.cose.2018.02.017},
   keywords = {PUA; PUP; usable security; usability},
   language = {eng},
   issn = {0167-4048},
   journal = {Computers & Security},
   title = {Experimental large-scale review of attractors for detection of potentially unwanted applications},
   url = {https://www.scopus.com/record/display.uri?eid=2-s2.0-85044165007&origin=resultslist&sort=plf-f&src=s&st1=Experimental+large-scale+review+of+attractors+for+detection+of+potentially+unwanted+applications&st2=&sid=6f9c4214816b276f974b1b95270dfd25&sot=b&sdt=},
   volume = {76},
   year = {2018}
}

TY  - JOUR
ID  - 1411904
AU  - Šťavová, Vlasta - Dědková, Lenka - Matyáš, Václav - Just, Mike - Šmahel, David - Ukrop, Martin
PY  - 2018
TI  - Experimental large-scale review of attractors for detection of potentially unwanted applications
JF  - Computers & Security
VL  - 76
IS  - July
SP  - 92-100
EP  - 92-100
PB  - Elsevier
SN  - 01674048
KW  - PUA
KW  - PUP
KW  - usable security
KW  - usability
UR  - https://www.scopus.com/record/display.uri?eid=2-s2.0-85044165007&origin=resultslist&sort=plf-f&src=s&st1=Experimental+large-scale+review+of+attractors+for+detection+of+potentially+unwanted+applications&st2=&sid=6f9c4214816b276f974b1b95270dfd25&sot=b&sdt=
L2  - https://www.sciencedirect.com/science/article/pii/S0167404818301640
N2  - While malicious software (malware) is designed to disrupt or damage computer systems, potentially unwanted applications (PUAs) combine useful features with less desirable ones, such as adware or spyware. Unlike anti-malware solutions, removing PUAs can be controversial, for both the PUA owners and also the users who might wish to accept the PUA features. Thus, solutions for removing PUAs require users to make their removal decisions. In this paper we investigate the effectiveness of 15 screen variants that use different ``security warning attractors'' designed to encourage users to enable PUA detection when they are installing a security software solution from the online security software company ESET. Our live field study with close to 750,000 software installations by end users in 222 countries shows that a small change of switching the order of the options presented using radio buttons and offering the ``enable detection'' option first was the most effective (and was later set as the option of choice by ESET). The chosen approach led to a significant reduction of non-consenting users from 17.9% to 11.1%. Other features, such as the use of colours and pictorials, which have previously demonstrated their effectiveness with more traditional SSL security warnings, did not yield significant improvements for enabling PUA detection.
ER  -

ŠŤAVOVÁ, Vlasta; Lenka DĚDKOVÁ; Václav MATYÁŠ; Mike JUST; David ŠMAHEL a Martin UKROP. Experimental large-scale review of attractors for detection of potentially unwanted applications. \textit{Computers \&{} Security}. Oxford: Elsevier, 2018, roč.~76, July, s.~92-100. ISSN~0167-4048. Dostupné z: https://doi.org/10.1016/j.cose.2018.02.017.

Přehled o publikaci