University of Chicago: Usable Security and Privacy (CMSC 23210 / CMSC 33210)

Usable Security and Privacy (CMSC 23210 / CMSC 33210)

Spring 2018
Mondays & Wednesdays, 1:30pm - 2:50pm, Eckhart 202

Course Staff

• Blase Ur	blase@uchicago.edu	Ryerson 157	By appointment
• Mainack Mondal	mainack@uchicago.edu	Young 4th Floor	By appointment
• Weijia He (TA)	hewj@uchicago.edu	Young 4th Floor	By appointment
• Ahsan Pervaiz (TA)	ahsanp@uchicago.edu	Young 4th Floor	By appointment

Course Description

Regardless of how secure a system is in theory, failing to consider how humans actually use the system leads to disaster in practice. This course will examine how to design for security and privacy from a user-centered perspective by combining insights from computer systems, human-computer interaction (HCI), and public policy. We will introduce core security and privacy technologies, as well as HCI techniques for conducting robust user studies. Topics will include usable authentication, user-centered web security, anonymity software, privacy notices, security warnings, and data-driven privacy tools in domains ranging from social media to the Internet of Things. Students will complete weekly problem sets, as well as conduct novel research in a group capstone project. No prior experience in security, privacy, or HCI is required.

Logistics

• Syllabus (schedule and assignments)	https://super.cs.uchicago.edu/usable18
• Piazza (announcements and discussion)	https://piazza.com/uchicago/spring2018/cmsc23210cmsc33210/
• Canvas (assignment submission)	https://canvas.uchicago.edu/courses/15112 (23210) or https://canvas.uchicago.edu/courses/15157 (33210)

Readings and Textbooks

There is no required textbook for the course. Instead, all course readings will be (open access) articles linked from the schedule below. If you are interested in learning more about HCI methods, we recommend Research Methods in Human-Computer Interaction by Jonathan Lazar, Jinjuan Heidi Feng, Harry Hochheiser.

Course Requirements and Grading

• Group project	40%
• Problem sets (5)	25%
• Final exam	15%
• Midterm exam	10%
• Quizzes	10%

CMSC 23210 vs. CMSC 33210

CMSC 33210 is a strict superset of CMSC 23210. In addition to meeting all requirements of CMSC 23210, students enrolled in CMSC 33210 will be assigned an average of one additional (more technical) reading each week. In addition, one problem set will require additional exercises. Finally, a student enrolled in CMSC 33210 must contribute non-trivial implementation of a system or software tool for their group project.

Graduate students must enroll in CMSC 33210. Undergraduates may enroll in either. The only prerequisite for either version of the course is experience with computer programming at the level of the UChicago introductory sequence (e.g., 121-122-123, 151-152-154) or equivalent.

If you are an undergraduate, please note that CMSC 23210 counts as an elective within the CS major. It does not count for the programming languages and systems sequence. However, CMSC 33210 may count for the programming languages and systems sequence within the CS major, but you must file a petition for it to count in this way.

If you are a graduate student, CMSC 33210 counts as a systems elective, but not as a systems core course.

Problem Sets

All problem sets are due on UChicago Canvas by 1:00 PM on the due date, unless specified otherwise on the schedule. We do not accept late problem sets.

CMSC 33210 students will be asked to submit a short summary (3-7 sentences) and a "highlight" for particular readings specified in each problem set. The highlight may be something you found particularly interesting or noteworthy, a question you would like to discuss in class, a point you disagree with, etc.

Readings and Quizzes

Students are expected to complete the assigned reading prior to class so that they can participate fully in class discussions. To verify that students have completed the assigned reading, each class will begin with a short quiz. The quizzes will cover major points of the readings, including methodological techniques, findings, high-level takeaways, and major recommendations the authors made. Your two lowest quiz grades will be dropped. Because your two lowest quiz grades will be dropped, you will not be excused from quizzes if you miss class due to travel (including interviews or conferences). If you have exceptional circumstances that will cause you to miss class more than twice, please discuss this with Blase in advance.

As discussed above, CMSC 33210 students will be assigned additional readings in some weeks, though these will not be on the quizzes (and instead will be part of problem sets). Students are encouraged, but not required, to review any of the optional readings that they find interesting.

Exams

We will hold two exams during the course. The first will be a take-home midterm due on April 23rd, while the second will be an in-class final during the university final exam period. Both exams will be centered around designing experiments, interpreting results, and analyzing research claims related to usable privacy and security. In essence, performing well on these exams will require that you apply the skills you learn in this course, rather than remembering trivia. The best way to prepare for these exams is to critically read all of the assigned papers for the course and to be an engaged participant in class discussions and in-class design assignments throughout the quarter.

Project

Students will work on course projects in small groups that include students with a variety of areas of expertise. A choice of projects will be provided, and students will be given an opportunity to indicate their preferences before project groups are assigned by the instructors. Students who have their own ideas for projects should discuss them with the instructors early in the quarter. As part of the project students will:

Receive a project preference form on Monday, April 2nd.
Return their project preference form by Wednesday, April 4th so that they can be assigned to a project team by Friday, April 6th.
Submit a brief project proposal (2 to 3 pages) by Wednesday, April 11th. The proposal should state your research questions; hypotheses (if any); general type of study (lab, online, interview, survey, etc.); overview of the types of questions and/or tasks, scenarios, etc. that will be included; quantitative metrics and/or qualitative analysis approach; number and type of study participants you plan to recruit and how you will recruit them; study design (between subjects, within subjects); equipment, software, other resources, and/or payments needed and preliminary budget.
Complete an ethics application with all necessary attachments and submit it on canvas no later than Wednesday, April 18th Friday, April 20th at 11:59pm.
Design all questionnaires, scripts, scenarios, interview protocols, etc. necessary to carry out the user study.
Develop any prototypes and software necessary to carry out the user study.
Pilot test the user study protocol on at least two people (can be members of the class from other project groups) and refine it based on these tests.
Give a brief (5 minute) progress status presentation on Wednesday, April 25th. Your status presentation should describe your project's goals, highlight your progress to date, and note any problems you have run into that you would like some advice on.
Submit a written progress report by Monday, May 7th. Your written report should include your research questions and any hypotheses, draft related work section, study methodology, results and lessons learned from your initial pilot study (or any other data collection that you have done already), unresolved issues or challenges, and complete survey or interview questions, scripts, etc.
Conduct a study using the revised protocol with at least 6 subjects (or more if this is not a lab study). Optionally, you can conduct a larger study that would be likely to lead to publishable results. If your study has only 6 subjects, most likely this will be useful mostly as a pilot study and should be positioned as such in your paper.
Give a 10-minute final project presentation in class on Wednesday, May 23rd.
Write a paper including an abstract, introduction (including research questions), related work, methodology, results, discussion (or lessons learned), references, etc. and submit it by 11:59 PM on Wednesday, May 30th in electronic form. Please email a PDF version of your paper to Blase. Your ethics application, survey forms, etc. should be included as appendices.

CMSC 33210 students are expected to play a leadership role in a project group that writes a project paper suitable for publication. Your final paper should be written in a style suitable for publication at a conference or workshop. The conference papers in the readings provide good examples of what a conference paper looks like and the style in which they are written. Papers should follow the SOUPS 2018 technical papers formatting instructions. However, your report for the class need not adhere to the SOUPS page limits and should obviously not be a blind submission.

This course was initially based (with permission) on a course led by Lorrie Cranor (and co-taught by Blase) at Carnegie Mellon University. All teaching materials in this class, including course slides, homeworks, assignments, practice exams and quizzes, are copyrighted. Reproduction, redistribution and other rights solely belong to the instructor. In particular, it is not permissible to upload any or part of these materials to public or private websites without the instructor's explicit consent. Violating this copyright policy will be considered an academic integrity violation, with the consequences discussed above. Reading materials are also copyrighted by their respective publishers and cannot be reposted or distributed without prior authorization from the publisher.

Policies

The University of Chicago has formal policies related to academic honesty and plagiarism. We abide by these standards in this course. Depending on the severity of the offense, you risk being dismissed altogether from the course. All cases will be referred to the Dean of Students office, which may impose further penalties, including suspension and expulsion.

You are permitted to talk to the course staff and to your fellow students about any of the problem sets. Any assistance, though, must be limited to discussion of the problem and sketching general approaches to a solution. Each student must write out his or her own solutions to the problem sets. Consulting another student's solution is prohibited, and submitted solutions may not be copied from any source. These and any other form of collaboration on assignments constitute cheating.

No collaboration is permitted on quizzes or exams. All work submitted for the project must properly cite ideas and work that are not those of the students in the group.

If you have any question about whether some activity would constitute cheating, please feel free to ask. Simply stated, feel free to discuss problems with each other, but do not cheat. It is not worth it, and you will get caught.

In addition, we expect all students to treat everyone else in the course with respect, following the norms of proper behavior by members of the University of Chicago community.

Wellness

If a personal emergency comes up that might impact your work in the class, please let Blase know so that the course staff can make appropriate arrangements.

University environments can sometimes be very overwhelming, and all of us benefit from support during times of struggle. You are not alone. There are many helpful resources available on campus and an important part of the college experience is learning how to ask for help. Asking for support sooner rather than later is often helpful. If you or anyone you know experiences any academic stress, difficult life events, or feelings like anxiety or depression, we strongly encourage you to seek support. The University of Chicago's counseling services are here to support you. Consider also reaching out to a friend, faculty or family member you trust for help getting connected to the support that can help.

If you or someone you know is feeling suicidal or in danger of self-harm, call someone immediately, day or night:
• Student Counseling Urgent Care: (773)702-9800 or in person.
• National Suicide Prevention Lifeline: 1-800-273-8255

Schedule

01. Monday, March 26 [Lecture slides]

Introduction to Usable Security & Privacy; Usability

Due: Nothing

Required readings:

None

02. Wednesday, March 28 [Lecture slides]

Usable Encryption

Due: Nothing

Required readings:

James Mickens. This World of Ours. USENIX ;login:, January 2014.
Alma Whitten and J.D. Tygar. Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0. In Proceedings of USENIX Security 1999.
Ruba Abu-Salma, M. Angela Sasse, Joseph Bonneau, Anastasia Danilova, Alena Naiakshina, Matthew Smith. Obstacles to the Adoption of Secure Communication Tools. In Proceedings of IEEE SP 2017.

Optional readings:

Simson Garfinkel and Heather Richter Lipford. Usable Security: History, Themes, and Challenges. Synthesis Lectures on Information Security, Privacy, and Trust, 2014.
L. Jean Camp. Reconceptualizing the Role of Security User. In Daedalus 140(4), pp. 93-107, Fall 2011.
Lorrie Faith Cranor. A Framework for Reasoning About the Human in the Loop. In Proceedings of UPSEC 2008.
Anne Adams and Martina Angela Sasse. Users Are Not The Enemy. In Communications of the ACM, Volume 42, Issue 12, pp. 40-46, December 1999.

03. Monday, April 2 [Lecture slides]

Introduction to the Underpinnings of Privacy and Security

Due: Problem Set 1

Required readings:

Daniel Solove. 'I've Got Nothing to Hide' and Other Misunderstandings of Privacy. San Diego Law Review 44, 2007.
Allison Woodruff, Vasyl Pihur, Alessandro Acquisti, Sunny Consolvo, Lauren Schmidt, Laura Brandimarte. Would a Privacy Fundamentalist Sell Their DNA for $1000... If Nothing Bad Happened Thereafter? A Study of the Westin Categories, Behavioral Intentions, and Consequences. In Proceedings of SOUPS 2014.

Optional readings:

Omer Tene and Jules Polonetsky. Big Data for All: Privacy and User Control in the Age of Analytics. Northwestern Journal of Technology & Intellectual Property 11(5), 2013.
Alex Braunstein, Laura Granka, Jessica Staddon. Indirect Content Privacy Surveys: Measuring Privacy Without Asking About It. In Proceedings of SOUPS 2011.
Helen Nissenbaum. A Contextual Approach to Privacy Online. Daedalus 140(4), pp. 32-48, 2011.
Ryan Calo. The Boundaries of Privacy Harm. In Indiana Law Journal, Vol. 86, No. 3, 2011.
Janice Tsai, Serge Egelman, Lorrie Faith Cranor, Alessandro Acquisti. The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study. Information Systems Research 22(2), pp. 254-268, 2011.
Sarah Spiekermann and Lorrie Faith Cranor. Engineering Privacy. IEEE Transactions on Software Engineering 35(1), pp. 67-82, 2009.
Cynthia Dwork. Differential Privacy: A Survey of Results. In Proceedings of TAMC 2008.
Giovanni Iachello and Jason Hong. End-User Privacy in Human-Computer Interaction. Foundations and Trends in HCI 1(1), pp. 1-137, 2007.
Scott Lederer, Jason I. Hong, Anind K. Dey, James A. Landay. Personal Privacy through Understanding and Action: Five Pitfalls for Designers. Carnegie Mellon University Technical Report, Human-Computer Interaction Institute, 2004.
L. Jean Camp. Designing for Trust. In Trust, Reputation, and Security: Theories and Practice, ed. Rino Falcone, Springer-Verlang (Berlin) 2003.

04. Wednesday, April 4 [Lecture slides]

Passwords; Authentication

Due: Project preference form

Required readings:

Blase Ur, Felicia Alfieri, Maung Aung, Lujo Bauer, Nicolas Christin, Jessica Colnago, Lorrie Faith Cranor, Henry Dixon, Pardis Emami Naeini, Hana Habib, Noah Johnson, William Melicher. Design and Evaluation of a Data-Driven Password Meter In Proceedings of CHI 2017.
Joseph Bonneau. The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords. In Proceedings of IEEE SP 2012.
(CMSC 33210 only) William Melicher, Blase Ur, Sean M. Segreti, Saranga Komanduri, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor. Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks. In Proceedings of USENIX Security 2016.

Optional readings:

Blase Ur, Jonathan Bees, Sean M. Segreti, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor Do Users' Perceptions of Password Security Match Reality? In Proceedings of CHI 2016.
Elizabeth Stobert and Robert Biddle. The Password Life Cycle: User Behaviour in Managing Passwords. In Proceedings of SOUPS 2014.
Kat Krol, Eleni Philippou, Emiliano De Cristofaro, M. Angela Sasse. "They Brought in the Horrible Key Ring Thing!" Analysing the Usability of Two-Factor Authentication in UK Online Banking. In Proceedings of USEC 2015.
Joseph Bonneau and Stuart Schechter. Towards Reliable Storage of 56-bit Secrets in Human Memory. In Proceedings of USENIX Security 2014.
David Silver, Suman Jana, Dan Boneh, Eric Chen, Collin Jackson. Password Managers: Attacks and Defenses. In Proceedings of USENIX Security 2014.
Michelle L. Mazurek, Saranga Komanduri, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, Patrick Gage Kelley, Richard Shay, Blase Ur. Measuring Password Guessability for an Entire University. In Proceedings of CCS 2013.
Ari Juels and Ronald L. Rivest. Honeywords: Making Password-Cracking Detectable. In Proceedings of CCS 2013.
Joseph Bonneau, Cormac Herley, Paul C Van Oorschot, Frank Stajano. The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes. In Proceedings of IEEE SP 2012.
Robert Biddle, Sonia Chiasson, and P.C. van Oorschot. Graphical Passwords: Learning from the First Twelve Years. ACM Computing Surveys 44(4), 2012.
San-Tsai Sun, Eric Pospisil, Ildar Muslukhov, Nuray Dindar, Kirstie Hawkey, Konstantin Beznosov. What Makes Users Refuse Web Single Sign-On? An Empirical Investigation of OpenID. In Proceedings of SOUPS 2011.
Robert W. Reeder and Stuart Schechter. When the Password Doesn't Work: Secondary Authentication for Websites. IEEE Security and Privacy magazine 9(2), pp. 43-49, 2011.
Sonia Chiasson, Alain Forget, Elizabeth Stobert, P.C. van Oorschot, Robert Biddle. Multiple Password Interference in Text and Click-based Graphical Passwords. In Proceedings of CCS 2009.
Mike Just and David Aspinall. Personal Choice and Challenge Questions: A Security and Usability Assessment. In Proceedings of SOUPS 2009.

05. Monday, April 9 [Lecture slides]

Social Engineering and Phishing; Designing Robust and Ethical Experiments; Field Studies

Due: Problem Set 2

Required readings:

Rick Wash and Molly M. Cooper. Who Provides Phishing Training? Facts, Stories, and People Like Me. In Proceedings of CHI 2018.
Grant Ho, Aashish Sharma, Mobin Javed, Vern Paxson, David Wagner. Detecting Credential Spearphishing in Enterprise Settings. In Proceedings of USENIX Security 2017.
Roy A. Maxion. Making Experiments Dependable. In Dependable and Historic Computing, Lecture Notes in Computer Science Volume 6875, pp. 344-357, 2011.

Optional readings:

Kovila P.L. Coopamootoo and Thomas Groß. Evidence-Based Methods for Privacy and Identity Management. 2016 IFIP Summerschool on Privacy and Identity Management
Alexander De Luca, Marc Langheinrich, Heinrich Hussmann. Towards Understanding ATM Security - A Field Study of Real World ATM Use. In Proceedings of SOUPS 2010.
Tom Jagatic, Nathaniel Johnson, Markus Jakobsson, and Filippo Menczer. Social Phishing. Communications of the ACM 50(10), pp. 94-100, 2007.
Stuart E. Schechter, Rachna Dhamija, Andy Ozment, Ian Fischer. The Emperor's New Security Indicators: An Evaluation of Website Authentication and the Effect of Role Playing on Usability Studies. In Proceedings of IEEE SP 2007.

06. Wednesday, April 11 [Lecture slides]

Privacy on Social Media; Designing Surveys

Due: Group project proposal (one per group)

Required readings:

Maritza Johnson, Serge Egelman, Steven M. Bellovin. Facebook and Privacy: It's Complicated. In Proceedings of SOUPS 2012.
Michael S. Bernstein, Eytan Bakshy, Moira Burke, and Brian Karrer. Quantifying the Invisible Audience in Social Networks. In Proceedings of CHI 2013.
Elissa M. Redmiles, Yasemin Acar, Sascha Fahl, Michelle L. Mazurek. A Summary of Survey Methodology Best Practices for Security and Privacy Researchers. Technical Report.

Optional readings:

Manya Sleeper, Rebecca Balebako, Sauvik Das, Amber McConahy, Jason Wiese, Lorrie Faith Cranor. The Post that Wasn't: Exploring Self-Censorship on Facebook. In Proceedings of CSCW 2013.
Na Wang, Jens Grossklags, Heng Xu. An Online Experiment of Privacy Authorization Dialogues for Social Applications. In Proceedings of CSCW 2013.
Fred Stutzman, Ralph Gross, Alessandro Acquisti. Silent Listeners: The Evolution of Privacy and Disclosure on Facebook. Journal of Privacy and Confidentiality 4(2), pp. 7-41, 2012.
Jason Watson, Andrew Besmer, Heather Richter Lipford. +Your Circles: Sharing Behavior on Google+. In Proceedings of SOUPS 2012.
Huina Mao, Xin Shuai, Apu Kapadia. Loose Tweets: An Analysis of Privacy Leaks on Twitter. In Proceedings of WPES 2011.
Yang Wang, Gregory Norcie, Saranga Komanduri, Pedro Giovanni Leon, Lorrie Faith Cranor, Alessandro Acquisti. "I Regretted the Minute I Pressed Share": A Qualitative Study of Regrets on Facebook. In Proceedings of SOUPS 2011.

07. Monday, April 16 [Lecture slides]

Security Warnings; Designing Quantitative Experiments

Due: Problem Set 3

Required readings:

Devdatta Akhawe and Adrienne Porter Felt. Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness. In Proceedings of USENIX Security 2013.
(CMSC 33210 only) Cristian Bravo-Lillo, Lorrie Faith Cranor, Julie Downs, Saranga Komanduri, Robert W. Reeder, Stuart Schechter, Manya Sleeper. Your Attention Please: Designing Security-Decision UIs to Make Genuine Risks Harder to Ignore. In Proceedings of SOUPS 2013.

Optional readings:

Xinyi Zhang, Shiliang Tang, Yun Zhao, Gang Wang, Haitao Zheng, Ben Y. Zhao. Cold Hard E-Cash: Friends and Vendors in the Venmo Digital Payments System. In Proceedings of IMC 2017.
Bonnie Brinton Anderson, C. Brock Kirwan, Jeffrey L. Jenkins, David Eargle, Seth Howard, Anthony Vance. How Polymorphic Warnings Reduce Habituation in the Brain: Insights from an fMRI Study. In Proceedings of CHI 2015.
Ruogu Kang, Stephanie Brown, Laura Dabbish, Sara Kiesler. Privacy Attitudes of Mechanical Turk Workers and the U.S. Public. In Proceedings of SOUPS 2014.
Yang Wang, Pedro Giovanni Leon, Alessandro Acquisti, Lorrie Faith Cranor, Alain Forget, Norman Sadeh. A Field Trial of Privacy Nudges for Facebook. In Proceedings of CHI 2014.
David Modic and Ross Anderson. Reading This May Harm Your Computer: The Psychology of Malware Warnings. Computers in Human Behavior 41, pp. 71-79, 2014.
Cristian Bravo-Lillo, Lorrie Faith Cranor, Julie Downs, Saranga Komanduri. Bridging the Gap in Computer Security Warnings: A Mental Model Approach. IEEE Security and Privacy magazine 9(2), pp. 18-26, 2011.
Serge Egelman, Lorrie Faith Cranor, Jason Hong. You've Been Warned: An Empirical Study of the Effectiveness of Web Browser Phishing Warnings. In Proceedings of CHI 2008.
Dinei Florêncio and Cormac Herley. A Large-Scale Study of Web Password Habits. In Proceedings of WWW 2007.

08. Wednesday, April 18 [Lecture slides]

The Internet of Things; Qualitative Studies

Due: Project ethics application (one per group) (No longer due on April 18th; Please submit on Canvas by Friday April 20th at 11:59pm)

Required readings:

Blase Ur, Jaeyeon Jung, Stuart Schechter. Intruders versus Intrusiveness: Teens' and Parents' Perspectives on Home-Entryway Surveillance. In Proceedings of UbiComp 2014.
Cara Bloom, Joshua Tan, Javed Ramjohn, Lujo Bauer. Self-driving Cars and Data Collection: Privacy Perceptions of Networked Autonomous Vehicles. In Proceedings of SOUPS 2017.

Optional readings:

Eric Zeng, Shrirang Mare, Franziska Roesner. End User Security and Privacy Concerns with Smart Homes. In Proceedings of SOUPS 2017.
Michelle L. Mazurek, J.P. Arsenault, Joanna Bresee, Nitin Gupta, Iulia Ion, Christina Johns, Daniel Lee, Yuan Liang, Jenny Olsen, Brandon Salmon, Richard Shay, Kami Vaniea, Lujo Bauer, Lorrie Faith Cranor, Gregory R. Ganger, Michael K. Reiter. Access Control for Home Data Sharing: Attitudes, Needs and Practices. In Proceedings of CHI 2010.
Pardis Emami Naeini, Sruti Bhagavatula, Hana Habib, Martin Degeling, Lujo Bauer, Lorrie Cranor, Norman Sadeh. Privacy Expectations and Preferences in an IoT World. In Proceedings of SOUPS 2017.

09. Monday, April 23 [Lecture slides]

Mobile Devices and Permissions Models

Due: Take-home midterm

Required readings:

Lynn Tsai, Primal Wijesekera, Joel Reardon, Irwin Reyes, Serge Egelman, David Wagner, Nathan Good, Jung-Wei Chen. Turtle Guard: Helping Android Users Apply Contextual Privacy Preferences. In Proceedings of SOUPS 2017.

Optional readings:

Marian Harbach, Emanuel von Zezschwitz, Andreas Fichtner, Alexander De Luca, Matthew Smith. It's a Hard Lock Life: A Field Study of Smartphone (Un)Locking Behavior and Risk Perception. In Proceedings of SOUPS 2014.
Yasemin Acar, Michael Backes, Sven Bugiel, Sascha Fahl, Patrick McDaniel, Matthew Smith. SoK: Lessons Learned From Android Security Research For Appified Software Platforms. In Proceedings of IEEE SP 2016.
Jingjing Ren, Ashwin Rao, Martina Lindorfer, Arnaud Legout, David Choffnes. ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic. In Proceedings of MobiSys 2016.
Hazim Almuhimedi, Florian Schaub, Norman Sadeh, Idris Adjerid, Alessandro Acquisti, Joshua Gluck, Lorrie Faith Cranor, Yuvraj Agarwal. Your Location has been Shared 5,398 Times!: A Field Study on Mobile App Privacy Nudging. In Proceedings of CHI 2016.
Ivan Cherapau, Ildar Muslukhov, Nalin Asanka, Konstantin Beznosov. On the Impact of Touch ID on iPhone Passcodes. In Proceedings of SOUPS 2015.
Roberto Hoyle, Robert Templeman, Steven Armes, Denise Anthony, David Crandall, Apu Kapadia. Privacy Behaviors of Lifeloggers using Wearable Cameras. In Proceedings of UbiComp 2014.
Franziska Roesner, David Molnar, Alexander Moshchuk, Tadayoshi Kohno, Helen J. Wang. World-Driven Access Control for Continuous Sensing. In Proceedings of CCS 2014.
Rebecca Balebako, Jaeyeon Jung, Wei Lu, Lorrie Cranor, Carolyn Nguyen. "Little Brothers Watching You:" Raising Awareness of Data Leaks on Smartphones. In Proceedings of SOUPS 2013.
Patrick Gage Kelley, Lorrie Faith Cranor, Norman Sadeh. Privacy as Part of the App Decision-Making Process. In Proceedings of CHI 2013.
Adrienne Porter Felt, Elizabeth Ha, Serge Egelman, Ariel Haney, Erika Chin, David Wagner. Android Permissions: User Attention, Comprehension, and Behavior. In Proceedings of SOUPS 2012.
Franziska Roesner, Tadayoshi Kohno, Alexander Moshchuk, Bryan Parno, Helen J. Wang, Crispin Cowan. User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems. In Proceedings of IEEE SP 2012.
Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, David Wagner. Android Permissions Demystified. In Proceedings of CCS 2011.
Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, Tadayoshi Kohno. Comprehensive Experimental Analyses of Automotive Attack Surfaces. In Proceedings of USENIX Security 2011.
Alfred Kobsa, Rahim Sonawalla, Gene Tsudik, Ersin Uzun, Yang Wang. Serial Hook-Ups: A Comparative Usability Study of Secure Device Pairing Methods. In Proceedings of SOUPS 2009.

10. Wednesday, April 25

Project Status Presentations During Class

Due: Project status presentations (one per group)

Required readings:

Stuart Schechter. Common Pitfalls in Writing about Security and Privacy Human Subjects Experiments, and How to Avoid Them. 2009.

11. Monday, April 30 [Lecture slides]

Privacy Notice and Choice

Due: Problem Set 4

Required readings:

Florian Schaub, Rebecca Balebako, Adam L. Durity, Lorrie Faith Cranor. A Design Space for Effective Privacy Notices. In Proceedings of SOUPS 2015.

Optional readings:

Sebastian Zimmeck, Ziqi Wang, Lieyong Zou, Roger Iyengar, Bin Liu, Florian Schaub, Shomir Wilson, Norman Sadeh, Steven M. Bellovin, Joel Reidenberg. Automated Analysis of Privacy Requirements for Mobile Apps. In Proceedings of NDSS 2017.
Robert Gellman. Fair Information Practices: A Basic History. Version 2.17, December 22, 2016.
Lorrie Faith Cranor, Pedro Giovanni Leon, Blase Ur. A Large-Scale Evaluation of U.S. Financial Institutions' Standardized Privacy Notices. ACM Transactions on the Web (TWEB) 10(3):17, 2016.
Joel R. Reidenberg, Travis Breaux, Lorrie Faith Cranor, Brian French, Amanda Grannis, James T. Graves, Fei Liu, Aleecia M. McDonald, Thomas B. Norton, Rohan Ramanath, N. Cameron Russell, Norman Sadeh, Florian Schaub. Disagreeable Privacy Policies: Mismatches between Meaning and Users' Understanding. Berkeley Technology Law Journal 30(1), pp.39-88, 2015.
Marian Harbach, Markus Hettig, Susanne Weber, Matthew Smith. Using Personal Examples to Improve Risk Communication for Security & Privacy Decisions. In Proceedings of CHI 2014.
Lorrie Faith Cranor. Necessary But Not Sufficient: Standardized Mechanisms for Privacy Notice and Choice. Journal of Telecommunications and High Technology Law 10(2), 2012.
Pedro G. Leon, Justin Cranshaw, Lorrie Faith Cranor, Jim Graves, Manoj Hastak, Blase Ur, Guzi Xu. What Do Online Behavioral Advertising Disclosures Communicate to Users? In Proceedings of WPES 2012.
Kenneth A. Bamberger and Deirdre K. Mulligan. Privacy on the Books and on the Ground. Stanford Law Review 63, 2011.
Patrick Gage Kelley, Lucian Cesca, Joanna Bresee, Lorrie Faith Cranor. Standardizing Privacy Notices: An Online Study of the Nutrition Label Approach. In Proceedings of CHI 2010.
Aleecia McDonald and Lorrie Faith Cranor. The Cost of Reading Privacy Policies. I/S: A Journal of Law and Policy for the Information Society, 2008.
Fred H. Cate. The Failure of Fair Information Practice Principles. In Consumer Protection in the Age of the Information Economy, 2006.

12. Wednesday, May 2 [Lecture slides]

Web Security and Privacy; SSL/TLS/PKI; Online Tracking

Due: Nothing

Required readings:

Adrienne Porter Felt, Robert W. Reeder, Alex Ainslie, Helen Harris, Max Walker, Christopher Thompson, Mustafa Emre Acer, Elisabeth Morant, Sunny Consolvo. Rethinking Connection Security Indicators. In Proceedings of SOUPS 2016.
(CMSC 33210 only) Steven Englehardt and Arvind Narayanan. Online Tracking: A 1-Million-Site Measurement and Analysis. In Proceedings of CCS 2016.

Optional readings:

Güneş Acar, Marc Juárez Miró, Nick Nikiforakis, Claudia Diaz, Seda Gürses, Frank Piessens, Bart Preneel. FPDetective: Dusting the Web for Fingerprinters. In Proceedings of CCS 2013.
Katharina Krombholz, Wilfried Mayer, Martin Schmiedecker, Edgar Weippl. "I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS. In Proceedings of USENIX Security 2017.
Jeremy Clark and Paul C. van Oorschot. SoK: SSL and HTTPS: Revisiting Past Challenges and Evaluating Certificate Trust Model Enhancements. In Proceedings of IEEE SP 2013.
Nick Nikiforakis, Alexandros Kapravelos, Wouter Joosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna. Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting. In Proceedings of the IEEE SP 2013.
Devdatta Akhawe, Bernhard Amann, Matthias Vallentin, Robin Sommer. Here's My Cert, So Trust Me, Maybe? Understanding TLS Errors on the Web. In Proceedings of WWW 2013.
Blase Ur, Pedro G. Leon, Lorrie Faith Cranor, Richard Shay, Yang Wang. Smart, Useful, Scary, Creepy: Perceptions of Behavioral Advertising. In Proceedings of SOUPS 2012.
Jonathan R. Mayer and John C. Mitchell. Third-Party Web Tracking: Policy and Technology. In Proceedings of IEEE SP 2012.
Pedro G. Leon, Blase Ur, Rebecca Balebako, Lorrie Faith Cranor, Richard Shay, Yang Wang. Why Johnny Can't Opt Out: A Usability Evaluation of Tools to Limit Online Behavioral Advertising. In Proceedings of CHI 2012.
Joshua Sunshine, Serge Egelman, Hazim Almuhimedi, Neha Atri, Lorrie Faith Cranor. Crying Wolf: An Empirical Study of SSL Warning Effectiveness. In Proceedings of USENIX Security 2009.

13. Monday, May 7 [Lecture slides]

Anonymity Tools; Designing for Activists & Journalists

Due: Project status report (one per group)

Required readings:

Susan E. McGregor, Elizabeth Anne Watkins, Mahdi Nasrullah Al-Ameen, Kelly Caine, Franziska Roesner. When the Weakest Link is Strong: Secure Collaboration in the Case of the Panama Papers. In Proceedings of USENIX Security 2017.
(CMSC 33210 only) Gang Wang, Bolun Wang, Tianyi Wang, Ana Nika, Haitao Zheng, Ben Y. Zhao. Whispers in the Dark: Analysis of an Anonymous Social Network. In Proceedings of IMC 2014.

Optional readings:

Susan E McGregor, Polina Charters, Tobin Holliday, Franziska Roesner. Investigating the Computer Security Practices and Needs of Journalists. In Proceedings of USENIX Security 2015.
Kevin Gallagher, Sameer Patil, Nasir Memon. New Me: Understanding Expert and Non-Expert Perceptions and Usage of the Tor Anonymity Network. In Proceedings of SOUPS 2017.
Harold Abelson, Ross Anderson, Steven M. Bellovin, Josh Benaloh, Matt Blaze, Whitfield Diffie, John Gilmore, Matthew Green, Susan Landau, Peter G. Neumann, Ronald L. Rivest, Jeffrey I. Schiller, Bruce Schneier, Michael A. Specter, Daniel J. Weitzner. Keys Under Doormats: Mandating Insecurity by Requiring Government Access to All Data and Communications. MIT-CSAIL-TR-2015-026, 2015.
Greg Norcie, Jim Blythe, Kelly Caine, L. Jean Camp. Why Johnny Can't Blow the Whistle: Identifying and Reducing Usability Issues in Anonymity Systems. In Proceedings of USEC 2014.
Shirley Gaw, Edward W. Felten, Patricia Fernandez-Kelly. Secrecy, Flagging, and Paranoia: Adoption Criteria in Encrypted Email. In Proceedings of CHI 2006.
Roger Dingledine, Nick Mathewson, Paul Syverson. Tor: The Second-Generation Onion Router. In Proceedings of USENIX Security 2004.
Michael Reiter and Aviel Rubin. Anonymous Web Transactions with Crowds. Communications of the ACM 42(2), pp. 32-48, February 1999.

14. Wednesday, May 9 [Lecture slides]

Fair and Transparent Machine Learning

Due: Nothing

Required readings:

Nina Grgić-Hlača, Elissa M. Redmiles, Krishna P. Gummadi, Adrian Weller. Human Perceptions of Fairness in Algorithmic Decision Making: A Case Study of Criminal Risk Prediction. In Proceedings of WWW 2018.
(CMSC 33210 only) Florian Tramer, Vaggelis Atlidakis, Roxana Geambasu, Daniel Hsu, Jean-Pierre Hubaux, Mathias Humbert, Ari Juels, Huang Lin. FairTest: Discovering unwarranted associations in data-driven applications. In Proceedings of EuroS&P 2017.

Optional readings:

Nina Grgić-Hlača, Muhammad Bilal Zafar, Krishna P. Gummadi, Adrian Weller. Beyond Distributive Fairness in Algorithmic Decision Making: Feature Selection for Procedurally Fair Learning. In Proceedings of AAAI 2018.
Kexin Pei, Yinzhi Cao, Junfeng Yang, Suman Jana. DeepXplore: Automated Whitebox Testing of Deep Learning Systems. In Proceedings of SOSP 2017.

15. Monday, May 14 [Lecture slides]

Mental Models; User Education

Due: Problem Set 5

Required readings:

Ruogu Kang, Laura Dabbish, Nathaniel Fruchter, Sara Kiesler. "My Data Just Goes Everywhere:" User Mental Models of the Internet and Implications for Privacy and Security. In Proceedings of SOUPS 2015.
(CMSC 33210 only) Najmeh Miramirkhani, Oleksii Starov, Nick Nikiforakis. Dial One for Scam: A Large-Scale Analysis of Technical Support Scams. In Proceedings of NDSS 2017.

Optional readings:

Emilee Rader and Janine Slaker. The Importance of Visibility for Folk Theories of Sensor Data. In Proceedings of SOUPS 2017.
Elissa M. Redmiles, Sean Kross, Michelle L. Mazurek. How I Learned to be Secure: A Census-Representative Survey of Security Advice Sources and Behavior. In Proceedings of CCS 2016.
Arunesh Mathur, Josefine Engel, Sonam Sobti, Victoria Chang, Marshini Chetty. "They Keep Coming Back Like Zombies": Improving Software Updating Interfaces. In Proceedings of SOUPS 2016.
Iulia Ion, Rob Reeder, Sunny Consolvo. "...No One Can Hack My Mind": Comparing Expert and Non-Expert Security Practices. In Proceedings of SOUPS 2015.
Alessandro Acquisti, Laura Brandimarte, George Loewenstein. Privacy and Human Behavior in the Age of Information. Science 30, pp. 509-514, 2015.
Kami Vaniea, Emilee Rader, Rick Wash. Betrayed By Updates: How Negative Experiences Affect Future Security. In Proceedings of CHI 2014.
Cormac Herley. Why Do Nigerian Scammers Say They Are From Nigeria? In Proceedings of WEIS 2012.
Ponnurangam Kumaraguru, Steve Sheng, Alessandro Acquisti, Lorrie Faith Cranor, Jason Hong. Teaching Johnny Not to Fall for Phish. ACM Transactions on Internet Technology 10(2), 2010.
Rick Wash. Folk Models of Home Computer Security. In Proceedings of SOUPS 2010.
Cormac Herley. So Long, and No Thanks for the Externalities: The Rational Rejection of Security Advice by Users. In Proceedings of NSPW 2009.
Rachna Dhamija, J. D. Tygar, Marti Hearst. Why Phishing Works. In Proceedings of CHI 2006.
Alessandro Acquisti and Jens Grossklags. Privacy and Rationality in Individual Decision Making. IEEE Security & Privacy magazine, pp. 24-30, 2005.

16. Wednesday, May 16 [Lecture slides]

Inclusive Security and Privacy

Due: Nothing

Required readings:

Bryan Dosono, Jordan Hayes, Yang Wang. "I'm Stuck!": A Contextual Inquiry of People with Visual Impairments in Authentication. In Proceedings of SOUPS 2015.
Tamy Guberek, Allison McDonald, Sylvia Simioni, Abraham H Mhaidli, Kentaro Toyama, Florian Schaub. Keeping a Low Profile? Technology, Risk and Privacy among Undocumented Immigrants. In Proceedings of CHI 2018.

Optional readings:

Tousif Ahmed, Patrick Shaffer, Kay Connelly, David Crandall, Apu Kapadia. Addressing Physical Safety, Security, and Privacy for People with Visual Impairments. In Proceedings of SOUPS 2016.
Natã M. Barbosa, Jordan Hayes, Yang Wang. UniPass: Design and Evaluation of a Smart Device-Based Password Manager for Visually Impaired Users. In Proceedings of UbiComp 2016.
Jay Chen, Michael Paik, Kelly McCabe. Exploring Internet Security Perceptions and Practices in Urban Ghana. In Proceedings of SOUPS 2014.
Kevin Donovan and Aaron Martin. The Rise of African SIM Registration: The Emerging Dynamics of Regulatory Change. First Monday 19, 1-2, February 2014.
Blase Ur and Yang Wang. A Cross-Cultural Framework for Protecting User Privacy in Online Social Media. In Proceedings of PSOSM 2013.
Ponnurangam Kumaraguru and Niharika Sachdeva. Privacy in India: Attitudes and Awareness V 2.0. Precog-TR-12-001, 2012.
Alexei Czeskis, Ivayla Dermendjieva, Hussein Yapit, Alan Borning, Batya Friedman, Brian Gill, Tadayoshi Kohno. Parenting from the Pocket: Value Tensions and Technical Directions for Secure and Private Parent-Teen Mobile Safety. In Proceedings of SOUPS 2010.

17. Monday, May 21 [Lecture slides]

Retrospective Security and Privacy

Due: Nothing

Required readings:

Mainack Mondal, Johnnatan Messias, Saptarshi Ghosh, Krishna P. Gummadi, Aniket Kate. Forgetting in Social Media: Understanding and Controlling Longitudinal Exposure of Socially Shared Data. In Proceedings of SOUPS 2016.

Optional readings:

Mohammad Taha Khan, Maria Hyun, Chris Kanich, Blase Ur. Forgotten But Not Gone: Identifying the Need for Longitudinal Data Management in Cloud Storage. In Proceedings of CHI 2018.
Kopo Marvin Ramokapane, Awais Rashid, Jose Miguel Such. "I feel stupid I can't delete...": A Study of Users' Cloud Deletion Practices and Coping Strategies. In Proceedings of SOUPS 2017.
Lujo Bauer, Lorrie Faith Cranor, Saranga Komanduri, Michelle L. Mazurek, Michael K. Reiter, Manya Sleeper, Blase Ur. The Post Anachronism: The Temporal Dimension of Facebook Privacy. In Proceedings of WPES 2013.
Oshrat Ayalon and Eran Toch. Retrospective Privacy: Managing Longitudinal Privacy in Online Social Networks. In Proceedings of SOUPS 2013.

18. Wednesday, May 23

Final Project Presentations During Class

Due: Final project presentations (before class)

19. Monday, May 28

No Class (Memorial Day)

20. Wednesday, May 30 [Lecture slides]

Usability for Developers

Due: Nothing

Required readings:

Yasemin Acar, Michael Backes, Sascha Fahl, Doowon Kim, Michelle L. Mazurek, Christian Stransky. You Get Where You’re Looking For: The Impact of Information Sources on Code Security. In Proceedings of IEEE SP 2016.

Optional readings:

Tobias Lauinger, Abdelberi Chaabane, Sajjad Arshad, William Robertson, Christo Wilson, Engin Kirda. Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web. In Proceedings of NDSS 2017.
Sathya Chandran Sundaramurthy, Alexandru G. Bardas, Jacob Case, Xinming Ou, Michael Wesch, John McHugh, Siva Raj Rajagopalan. A Human Capital Model for Mitigating Security Analyst Burnout. In Proceedings of SOUPS 2015.
Michael Kranch and Joseph Bonneau. Upgrading HTTPS in Mid-Air: An Empirical Study of Strict Transport Security and Key Pinning. In Proceedings of NDSS 2015.
Zakir Durumeric, Frank Li, James Kasten, Johanna Amann, Jethro Beekman, Mathias Payer, Nicolas Weaver, David Adrian, Vern Paxson, Michael Bailey, J. Alex Halderman. The Matter of Heartbleed. In Proceedings of IMC 2014.

Wednesday, June 6th, 1:30p - 3:30p in Eckhart 202

Final Exam