Improving Mental Models of Security and Privacy through Visualizations

This page has been archived on the Web

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Organization

Carleton University, School of Computer Science

Published

2014

Project Leader(s)

Sonia Chiasson, Assistant Professor

Summary

The objective of this research was to improve users’ mental models of online security and privacy to enable them to better protect themselves online. Individuals regularly use online services as part of their personal, social, work and business interactions, putting themselves at increased risk of identity theft or unauthorized access to their private information and resources. The researcher’s proposition was: If users understood how cyber attacks worked and why the security measures were necessary, they would be more likely to adopt privacy protective behaviours. To test this theory, the project proposed to improve user understanding through infographic and online interactive comics, demonstrate the effectiveness of these types of materials through empirical studies, and disseminate the results of the research.

For this project, the research team designed and developed four infographics and two interactive comics, covering the topics of (i) malware and antivirus software, and (ii) mobile privacy and geo-tagging, and then conducted four user studies on the materials.

The studies demonstrated positive results. Users enjoyed reading the material, found it very useful, and thought it was an effective method of teaching technical material that they would not otherwise be interested in reading. One week after viewing the materials, users continued to exhibit increased knowledge about the specific security threats and mitigation strategies discussed in the infographics and comics. Perhaps more importantly, the research demonstrated that the materials had persuaded users to modify their real-life online behaviour towards more secure actions. For example, users reported that they had subsequently updated their antivirus software; were more cautious during online browsing; had changed their mobile geo-location settings; were more cautious about information they posted online; and had shared the lessons learned with family and friends.

This document is available in the following language(s):

English only

OPC Funded Project

This project received funding support through the Office of the Privacy Commissioner of Canada’s Contributions Program. The opinions expressed in the summary and report(s) are those of the authors and do not necessarily reflect those of the Office of the Privacy Commissioner of Canada. Summaries have been provided by the project authors. Please note that the projects appear in their language of origin.

Contact Information

Carleton University, School of Computer Science
1125 Colonel By Drive
Ottawa, Ontario
K1S 5B6

Website: https://www.scs.carleton.ca/
Tel: 613-520-4333
Fax: 613-520-4334

Date modified: