1.
|
What Makes Security-Related Code Examples Different
/ Azadeh Mokhberi ; Tiffany Quon ; Konstantin Beznosov
[LERSSE-RefConfPaper-2021-007]
Developers relying on code examples (CEs) in software engineering can impact code security. [...]
Published in Azadeh Mokhberi, Tiffany Quon, Konstantin Beznosov. What Makes Security-Related Code Examples Different. In The 7th Workshop on Security Information Workers at SOUPS workshops, 2021.:
Fulltext: PDF;
|
2.
|
SoK: Human, Organizational, and Technological Dimensions of Developers’ Challenges in Engineering Secure Software
/ Azadeh Mokhberi ; Konstantin Beznosov
[LERSSE-RefConfPaper-2021-006]
Despite all attempts to improve software security, vulnerabilities are still propagated within software. [...]
Published in Azadeh Mokhberi, Konstantin Beznosov. SoK: Human, Organizational, and Technological Dimensions of Developers’ Challenges in Engineering Secure Software. Proceedings of the ACM European Symposium on Usable Security (ACM EuroUSEC'21), 2021:
Fulltext: PDF;
|
3.
|
Security Notifications in Static Analysis Tools: Developers’ Attitudes, Comprehension, and Ability to Act on Them
/ Mohammad Tahaei ; Kami Vaniea ; Konstantin Beznosov ; Maria K. Wolters
[LERSSE-RefConfPaper-2021-004]
Static analysis tools (SATs) have the potential to assist developers in finding and fixing vulnerabilities in the early stages of software development, requiring them to be able to understand and act on tools’ notifications. [...]
Published in Mohammad Tahaei, Kami Vaniea, Konstantin Beznosov, Maria K. Wolters. Security Notifications in Static Analysis Tools: Developers’ Attitudes, Comprehension, and Ability to Act on Them. Proceedings of the ACM CHI Conference on Human Factors in Computing Systems (ACM CHI'21), 2021:
Fulltext: PDF;
|
4.
|
Towards Understanding Privacy and Trust in Online Reporting of Sexual Assault
/ Borke Obada-Obieh ; Lucrezia Spagnolo ; Konstantin Beznosov
[LERSSE-RefConfPaper-2020-004]
According to the United States Department of Justice, every 73 seconds, an American is sexually assaulted. [...]
Published in Borke Obada-Obieh, Lucrezia Spagnolo, and Konstantin Beznosov. "Towards Understanding Privacy and Trust in Online Reporting of Sexual Assault." In Proceedings of the Sixteenth Symposium on Usable Privacy and Security (SOUPS), 2020.:
Fulltext: PDF;
|
5.
|
Contextual Permission Models for Better Privacy Protection
/ Primal Wijesekera
[LERSSE-THESIS-2018-002]
Despite corporate cyber intrusions attracting all the attention, privacy breaches that we, as ordinary users, should be worried about occur every day without any scrutiny. [...]
Published in Primal Wijesekera, "Contextual Permission Models for Better Privacy Protection", PhD Dissertation, Department of Electrical and Computer Engineering, THE UNIVERSITY OF BRITISH COLUMBIA, June, 2018:
Fulltext: PDF PDF (PDFA);
|
6.
|
Phishing threat avoidance behaviour: An empirical investigation
/ Nalin Asanka Gamagedara Arachchilage ; Steve Love ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2016-001]
Abstract Phishing is an online identity theft that aims to steal sensitive information such as username, password and online banking details from its victims. [...]
Published in Nalin Asanka Gamagedara Arachchilage, Steve Love, Konstantin Beznosov, Phishing threat avoidance behaviour: An empirical investigation, Computers in Human Behavior, Volume 60, July 2016, Pages 185-197, ISSN 0747-5632:
Fulltext: PDF PDF (PDFA);
|
7.
|
Surpass: System-initiated User-replaceable Passwords
/ Jun Ho Huh ; Seongyeol Oh ; Hyoungshick Kim ; Konstantin Beznosov
[LERSSE-RefConfPaper-2015-006]
System-generated random passwords have maximum pass- word security and are highly resistant to guessing attacks. [...]
Published in Jun Ho Huh, Seongyeol Oh, Hyoungshick Kim and Konstantin Beznosov. Surpass: System-initiated User-replaceable Passwords. In Proceedings of ACM Conference on Computer and Communications Security (CCS'15), October 2015.:
Fulltext: PDF PDF (PDFA);
|
8.
|
Android Permissions Remystified: A Field Study on Contextual Integrity
/ Primal Wijesekera ; Arjun Baokar ; Ashkan Hosseini ; Serge Egelman ; et al
[LERSSE-RefConfPaper-2015-004]
We instrumented the Android platform to collect data regarding how often and under what circumstances smartphone applications access protected resources regulated by permissions. [...]
Published in Primal Wijesekera, Arjun Baokar, Ashkan Hosseini, Serge Egelman, David Wagner and Konstantin Beznosov. 2015. Android Permissions Remystified: A Field Study on Contextual Integrity. USENIX Security 2015, Washington DC, USA.:
Fulltext: PDF PDF (PDFA);
|
9.
|
On the Memorability of System-generated PINs: Can Chunking Help?
/ Jun Ho Huh ; Hyoungschick Kim ; Rakesh B. Bobba ; Masooda N. Bashir ; et al
[LERSSE-RefConfPaper-2015-003]
To ensure that users do not choose weak personal identification numbers (PINs), many banks give out system-generated random PINs. [...]
Published in Jun Ho Huh, Hyoungschick Kim, Rakesh B. Bobba, Masooda N. Bashir and Konstantin Beznosov. 2015. On the Memorability of System-generated PINs: Can Chunking Help? SOUPS'15: Symposium On Usable Privacy and Security. Ottawa, Ontario, Canada:
Fulltext: PDF PDF (PDFA);
|
10.
|
On the Impact of Touch ID on iPhone Passcodes
/ Ivan Cherapau ; Ildar Muslukhov ; Nalin Asanka ; Konstantin Beznosov
[LERSSE-RefConfPaper-2015-001]
Smartphones today store large amounts of data that can be confidential, private or sensitive. [...]
Published in LERSSE-RefConfPaper-2015-001:
Fulltext: PDF PDF (PDFA);
|