PhD Proposal: Characterizing and Improving Mental Models of Secure Communication Tools

Omer Akgul
12.09.2021 12:00 to 14:00

IRB 5237

Investigating the adoption of secure communication tools has been an open research question for the past two decades, starting with research on encrypted email and moving on to a wide range of security & privacy tools. Barriers to adoption include; usability issues, social factors (including network effects), and insufficient mental models.More recently, secure instant messengers have seen widespread adoption, with some products reaching billions of users. Further, VPNs are becoming increasingly popular. Researchers have uncovered an emerging problem in this environment: misalignments between what secure communication tools can offer and what users believe. Even though users might have already adopted state-of-the-art secure communication tools, insufficient mental models lead to users overestimating capabilities, or erroneously thinking other tools are more appropriate for use. Both scenarios are likely to hurt users' security & privacy postures.In this proposal we describe our approach to characterizing and improving mental models, we detail completed work, report on-going work, and propose future research directions. First, we describe our work on an emerging vector of questionable security information, influencer VPN ads on YouTube. We propose methods to investigate the impact of this industry influence on mental models. Next, to complement current methods of understanding mental models of end-user security & privacy tools, we propose methods to automate the extraction of high-level mental models from large datasets. Finally, we summarize our work on trying to improve mental models of secure instant messengers along with a relevant methodological study. A timeline for proposed and ongoing work is included.Examining Committee:

Chair:Department Representative:Members:

Dr. Michelle Mazurek Dr. Hal Daumé IIIDr. Dave Levin Dr. Kurt Thomas