Security Awareness Training through Experiencing the Adversarial Mindset

Jens Christian Dalgaard, Niek A. Janssen, Oksana Kulyuk, Carsten Schurmann (IT University of Copenhagen)

Cybersecurity concerns are increasingly growing across different sectors globally, yet security education remains a challenge. As such, many of the current proposals suffer from drawbacks, such as failing to engage users or to provide them with actionable guidelines on how to protect their security assets in practice. In this work, we propose an approach for designing security trainings from an adversarial perspective, where the audience learns about the specific methodology of the specific methods, which attackers can use to break into IT systems. We design a platform based on our proposed approach and evaluate it in an empirical study (N = 34), showing promising results in terms of motivating users to follow security policies.

Paper

Slides

Video

View More Papers

Sometimes, You Aren’t What You Do: Mimicry Attacks against...

Akul Goyal (University of Illinois at Urbana-Champaign), Xueyuan Han (Wake Forest University), Gang Wang (University of Illinois at Urbana-Champaign), Adam Bates (University of Illinois at Urbana-Champaign)

Case Study – Exploring Children’s Password Knowledge and Practices

Yee-Yin Choong, Mary Theofanos (NIST); Karen Renaud, Suzanne Prior (Abertay University)

“I’m 73, you can’t expect me to have multiple...

Ashley Sheil (Munster Technological University), Jacob Camilleri (Munster Technological University), Michelle O Keeffe (Munster Technological University), Melanie Gruben (Munster Technological University), Moya Cronin (Munster Technological University) and Hazel Murray (Munster Technological University)

Real Threshold ECDSA

Harry W. H. Wong (The Chinese University of Hong Kong), Jack P. K. Ma (The Chinese University of Hong Kong), Hoover H. F. Yin (The Chinese University of Hong Kong), Sherman S. M. Chow (The Chinese University of Hong Kong)