000000317 001__ 317
000000317 005__ 20170307110048.0
000000317 037__ $$aLERSSE-RefConfPaper-2017-003
000000317 100__ $$aWali Ahmed Usmani
000000317 245__ $$aCharacterizing Social Insider Attacks on Facebook
000000317 260__ $$c2017-03-07
000000317 300__ $$a11
000000317 520__ $$aFacebook accounts are secured against unauthorized access through passwords and device-level security. Those defenses, however, may not be sufficient to prevent social insider attacks, where attackers know their victims, and gain access to a victim’s account by interacting directly with their device. To characterize these attacks, we ran two MTurk studies. In the first (n = 1,308), using the list experiment method, we estimated that 24% of participants had perpetrated social insider attacks and that 21% had been victims (and knew about it). In the second study (n = 45), participants wrote stories detailing personal experiences with such attacks. Using thematic analysis, we typified attacks around five motivations (fun, curiosity, jealousy, animosity, and utility), and explored dimensions associated with each type. Our combined findings indicate that social insider attacks are common, often have serious emotional consequences, and have no simple mitigation.
000000317 700__ $$aDiogo Marques
000000317 700__ $$aIvan Beschastnikh
000000317 700__ $$aKonstantin Beznosov
000000317 700__ $$aTiago Guerreiro
000000317 700__ $$aLuís Carriço
000000317 8560_ $$flersse-it@ece.ubc.ca
000000317 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/317/files/CHI-17_usmani_paper.pdf
000000317 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/317/files/CHI-17_usmani_paper.pdf?subformat=pdfa$$xpdfa
000000317 909C4 $$pW. A. Usmani, D. Marques, I. Beschastnikh, K. Beznosov, T. Guerreiro, L. Carrico, “Characterizing Social Insider Attacks on Facebook,” to appear in Proc. of the ACM Conference on Human Factors in Computing Systems (CHI), 2017, 11 pages.
000000317 980__ $$aRefConfPaper