Sciweavers

NSDI
2008

Predicted and Observed User Behavior in the Weakest-link Security Game

14 years 2 months ago
Predicted and Observed User Behavior in the Weakest-link Security Game
We aim to advance the understanding of individual security decision-making, by combining formal and behavioral analysis. We sketch a game-theoretic model of security decision-making that generalizes the "weakest link" game, and describe a controlled laboratory experiment to reveal differences between predicted and observed user behavior. Results of a pilot study yield possible explanations for behaviors observed in the wild: users show some willingness to experiment with parameters, rarely converge to a fixed behavior, and face difficulties isolating the impact of individual parameters.
Jens Grossklags, Nicolas Christin, John Chuang
Added 02 Oct 2010
Updated 02 Oct 2010
Type Conference
Year 2008
Where NSDI
Authors Jens Grossklags, Nicolas Christin, John Chuang
Comments (0)