1 / 47

Trust

Amber McConahy. Trust . Trust. Multifaceted and multidimensional Marsh & Dibben (2003) definition and layers of trust “Trust concerns a positive expectation regarding the behavior of somebody or something is a situation that entails risk to the trusting party”

lotte
Download Presentation

Trust

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Amber McConahy Trust

  2. Trust • Multifaceted and multidimensional • Marsh & Dibben (2003) definition and layers of trust • “Trust concerns a positive expectation regarding the behavior of somebody or something is a situation that entails risk to the trusting party” • Dispositional Trust – personality trait relating to trust • Learned Trust – tendency to trust based on experience • Situational Trust – trust adjusted based on situational cues • Key Questions • Reliable representation of trust in interactions and interfaces? • Transforming trust to security and vice versa? • Identification and mitigation of trust failings?

  3. Trust in Digital Realm • Vital to security but poorly understood • Perfect information removes need for trust • Trust without risk is meaningless • Online users must develop knowledge to make trust decisions • Developers must provide trustable designs • Must trust both people and technology • Halo Effect • Judgment based on attractiveness • Trust is built slowly and destroyed quickly

  4. Models of Trust • Meyer et al. • Ability to fulfill promises • Integrity relates meeting expectations • Benevolence is acting in best interest of client • Egger’s MoTEC • Superficial trust based on interface • Reasoned trust based on content analysis • Relationship trust based on transactional history

  5. Bhattacherjee’s Model + + +

  6. Additional Trust Models • Lee, Kim, and Moon • Trust and transaction cost are opposing factors • Corritore et al. • Credibility, ease of use, and risk affect trust • McKnight et al. • Trusting beliefs, intentions, and behaviors • Riegelsberger et al. • Focuses on incentives rather than opinions and beliefs

  7. Model Summary • Trust and risk are related • Trust relates to beliefs • Ease of use can affect trust • Trust likely develops in stages • External factors and context can be relevant

  8. Trust Guidelines Do Don’t Make spelling mistakes Mix ads and content Be inconsistent or unpredictable Forget peer evaluations References User feedback Ignore alternatives Links to other sites Poor response or communication • Ensure ease of use • Make design attractive • Convey real world • Include seals of approval • TRUSTe • Explain and justify content • Provide security and privacy statements • Provide background • Define roles • Personalize service

  9. Reciprocity • Norm of Reciprocity (Goulder 1960) • Information likely to be provided in exchange for information of services • Leads to increased trust • Could increase vulnerability • Zhu et al. • Study of user behavior under reciprocity attacks • Use of InfoSource software with “Alice” guide

  10. Results of Reciprocity Study • Experimental group disclosed more • Over 85% of users found “Alice” helpful • Perception of importance related to disclosure • Relevance of requested information matters • Income not provided due to perceived irrelevance • Beliefs and attitudes correlated with willingness to share information • Trust is related to willingness to share information

  11. Users & Trust • Users often don’t comprehend what computer is asking • Presents dilemma rather than decision • Users seek alternative information resources • Trust is aggregation of clues and tradeoffs • Large scopes and less context lead to impede consent • User’s are reluctant to provide personal data

  12. Behaviors & Trust • Claims often do not correspond to actions • Consequences are often not fully evaluated • Users don’t like making global decisions • Developers and users have different views • Users confuse terminology • Hacking vs. virus • Software bug vs. virus

  13. ActiveX (SP 1)

  14. Redesigned ActiveX (SP2)

  15. Key Design Changes • Secure default choses “Don’t Install” • Labels changed from “Yes” and “No” to “Install” and “Don’t Install” • Options provided • Simplified primary text • Evidence via certificates • Auxiliary text separated • “What’s the Risk?” link provided for more information

  16. File Download Dialog (SP1)

  17. File Download Dialog (SP2)

  18. Redesign Features • Purposeful similarity to ActiveX to promote consistency • Secure default option “Cancel” • Label changed from “Open” to “Run” • Primary text simplified to single question • Options provided • Evidence of filename and source provided • Assistance text separated with “What’s the risk?” link

  19. Conclusions • Trust decisions should be made in context • Narrow scope and avoid global setups • Make the most trusted option the default • Replace dilemmas with choices • Always provide trusted response option • Convey consequences to actions • Respect the user’s decision • Submit even when decision is not comprehended by computer Similarities to models of trust?

  20. Sauvik Das Semantic Attacks

  21. Schneier’s Security Attacks Physical Attacks Syntactic Attacks

  22. Schneier’sSecurity Attacks Semantic Attacks: “. . . Attacks that target the way we, as humans, assign meaning to content. . . .Semantic attacks directly target the human/computer interface, the most insecure interface on the Internet“

  23. Schneier’sSecurity Attacks Semantic Attacks: “. . . Attacks that target the way we, as humans, assign meaning to content. . . .Semantic attacks directly target the human/computer interface, the most insecure interface on the Internet“ http://lol-gonna-log-ur-keys.com

  24. Semantic Attacks • Semantic Attacks… • violate trust • deceive • are a new form of “hacking”—Cognitive Hacking

  25. Types of Semantic Attacks • “Pump-and-Dump” schemes • Buy penny stocks cheap • Artificially inflate price (spread misinformation) • Sell for profit, leaving others “holding-the-bag” Dump Inflate Pump

  26. Types of Semantic Attacks • WTF Stuxnet? • Had elements of semantic attack: • Tricked technicians into believing centrifuges were operating fine Looks okay to me

  27. Types of Semantic Attacks • And, of course: Phishing

  28. What is Phishing? • Phishing is…: • deceiving users to obtain sensitive information • spoofing “trustworthy” communications • phreaking + fishing • agrowing threat

  29. Why Phish? • It is very lucrative. • $2.4 million to $9.4 million dollars per yer per million online banking customers • ~$2000 on each compromised bank account.

  30. Why Phish? • It’s easy. • There are Do-it-Yourself Phishing Kits • AND, several easy accessible tutorials

  31. Why Phish? • It’s hard to defend against. • “You and I can think about things. Symbols in our brains have meanings. The question is, can a [computer] think about things, or merely process digits that have no Aboutness—no meaning—no semantic content” – Neal Stephenson, Anathem Meaning

  32. Why Phish? • Easy to distribute, and low success rate is okay. • 4700 per 1,000,000 banking credentials lost on average (0.47%) • BUT, bad guys still make plenty of money from that

  33. Why Phish? • With Social Web, phishing is more effective. • Paper by Jagatic et al: • Mined relationships of students using publicly available information • Using this information, conducted a spear phishing attack • Found that using social info, people were 4.5x more likely to fall for phish (16% versus 72%).

  34. Why do people fall for Phish? It all goes back to trust. • People judge legitimacy by design • People do not trust web browser security • Awareness is not a strategy • Severity of the consequences does not seem to inform behavior

  35. Who Falls for Phish? • Study by Sheng et al. • Women more likely than men • Age 18-25 at highest risk • Lower technical knowledge at higher risk • Generally risk averse people are at lower risk • Not orthogonal.

  36. Who Falls for Phish? • Study by Sheng et al. • Women more likely than men • Age 18-25 at highest risk • Lower technical knowledge at higher risk • Generally risk averse people are at lower risk • Not orthogonal.

  37. Who Falls for Phish? • Study by Sheng et al. • Women more likely than men • Age 18-25 at highest risk • Lower technical knowledge at higher risk • Generally risk averse people are at lower risk • Not orthogonal.

  38. Mitigation • How can we mitigate phishing and other semantic attacks? • Raise Awareness? • Education? • Automatic Detection? • Better Visualizations of Danger? • ???

  39. Mitigation • It’s a tough problem • Only a small percentage (0.47%) of users need to be compromised for phishing to continue to be lucrative • Don’t want to make users afraid to go to legitimate websites (majority) in the process. • How do current mitigation strategies help?

  40. Mitigation Strategies • Improve visual cues

  41. Mitigation Strategies • Improving visual cues • Not as effective as it could be. • People don’t trust their web browsers (ahem…IE) • Dhamija et al. study (Firefox): • Many people do not look at browser-based cues • 23% didn’t look at all • Make incorrect choices about phishing 40% of the time

  42. Mitigation Strategies • Education

  43. Mitigation Strategies • Education • Effective…but awareness alone not sufficient • Need to offer course of action • Sheng et al. study: • 40% improvement among participants • Some forms of education inhibit clicking of legitimate links as well (learn avoidance not phishing awareness)

  44. BUT… • Phishing scams are still increasing!

  45. Phishing Growth • We have some effective strategies, but the problem is still open. • The Phishing explosion can be attributed to: • Users are still falling for it • DIY Phishing Kits making it increasingly easier to make phishing scams • We can mitigate the first problem, but what about the second?

  46. Summary • Semantic attacks hack a user’s mind • Phishing is one common semantic attack • Deceive users to obtain their sensitive information • Phishing is tough to mitigate because: • It is lucrative • Easy to do • Education seems to be one great way to reduce the incidence of phishing. • We also need to find ways to make creating phish less appealing or more difficult.

  47. Questions?

More Related