LAUSR.org creates dashboard-style pages of related content for over 1.5 million academic articles. Sign Up to like articles & get recommendations!

Technical perspective: The effectiveness of security measures

ception: Potentially risky Web browsing behavior tends to lead to riskier security outcomes. This result is particularly meaningful because it echoes what other studies run with different users, under different… Click to show full abstract

ception: Potentially risky Web browsing behavior tends to lead to riskier security outcomes. This result is particularly meaningful because it echoes what other studies run with different users, under different circumstances, had also observed. Going beyond this paper, Web browsing behavior appears to be an important determinant of the potential risk of security compromise, which in turn justifies the large amount of effort we should continue to put in securing the Web. But, perhaps, the main contribution of this paper lies more in asking questions than providing definitive answers. This research clearly shows that while passive measurements are powerful in helping us establish correlations, they are much more limited when it comes to exhibiting causal relationships. For instance, this paper shows that users of the anonymous Tor network are more likely to get in trouble than others—but is it because users erroneously believe that Tor provides increased protection against many security compromises, or because the malware itself installs Tor to communicate anonymously? Moving forward, to improve security practices and distinguish between folk remedies and advice rooted in empirical evidence, we should focus on understanding causal relationships between user actions, exposure to vulnerabilities, and security compromises. Combining large-scale passive measurements as described by the authors with finer-grained timeline reconstructions and user interviews could help reach these objectives. As this paper clearly demonstrates, it is a highly ambitious, technically challenging, but overall worthy goal.

Keywords: effectiveness security; perspective effectiveness; technical perspective; security; paper; security measures

Journal Title: Communications of the ACM
Year Published: 2022

Link to full text (if available)


Share on Social Media:                               Sign Up to like & get
recommendations!

Related content

More Information              News              Social Media              Video              Recommended



                Click one of the above tabs to view related content.