SoK一个统一风险用户研究的框架_SoKAFrameworkforUnifyingAt-RiskUserResea资源-CSDN文库

版权申诉

85 浏览量 2022-01-04 20:52:14 上传评论收藏 356KB PDF 举报

【SoK：统一风险用户研究框架】在当前的数字化时代，网络空间中的安全、隐私和安全威胁日益严重，尤其对于“高风险用户”而言，这些威胁更为突出。高风险用户是指由于他们的活动、身份、地理位置或社交关系而面临较高数字安全、隐私和安全风险的人群。"SoK: A Framework for Unifying At-Risk User Research" 是一篇由多位学者共同完成的研究报告，旨在通过系统性的分析和整合85篇相关文献，构建一个理解和应对高风险用户问题的统一框架。该框架的核心在于识别出10个贯穿不同高风险用户群体的共性风险因素，这些因素包括但不限于： 1. 压迫或歧视：社会环境对某些群体的压迫可能导致他们成为数字安全威胁的目标。 2. 敏感资源的访问：接触或控制敏感信息或资源的用户可能面临额外的风险。 3. 地理位置：在特定地区，如冲突区或政治敏感区域，用户可能更容易遭受威胁。 4. 社会孤立：网络欺凌或排斥可能导致用户更容易受到伤害。 5. 技能差距：缺乏必要的数字素养和安全知识使得用户更难保护自己。同时，研究还揭示了高风险用户采用的各种技术性和非技术性防护措施，包括但不限于使用加密通信、匿名浏览工具、定期更改密码、参加安全培训等，以及依赖社会支持和建立信任网络。然而，尽管有这些防护手段，高风险用户仍面临多种障碍，限制了他们采取有效保护行动的能力或意愿。这些障碍可能源于社会文化压力、经济条件、技术能力不足以及对技术的恐惧或不信任。该框架的价值在于为安全、隐私和人机交互研究领域以及实践者提供了一个指导工具，帮助识别并优先考虑对高风险用户有益的研究投入，同时也指导技术设计以更好地服务于这一群体。通过这个框架，研究人员和从业者可以更深入地理解高风险用户的需求，设计出更加人性化和适应性的解决方案，从而降低他们在数字世界中的风险，并减轻由此产生的危害。 "SoK: A Framework for Unifying At-Risk User Research" 提供了一个综合性的视角，促进了对高风险用户面临问题的理解，有助于推动更有效的研究和实践策略的发展，以确保所有用户都能在网络空间中安全、私密地进行活动。

资源推荐

资源详情

资源评论

arXiv:2112.07047v1 [cs.CY] 13 Dec 2021

SoK: A Framework for Unifying At-Risk User Resear ch

Noel Warford

∗

, Tara Matthews

†

, Kaitlyn Yang

∗

, Ome r Akgul

∗

, Sunny Consolvo

†

Patrick Gage Kelley

†

, Nathan Malkin

∗

, Michelle L. Mazurek

∗

, Manya Sleeper

†

, a nd Kurt Thomas

†

∗

University of Maryland, College Park

nwarford@umd.edu, kyang124@terpmail.umd.edu,

akgul@umd.edu, nmalkin@umiacs.umd.edu,

mmazurek@umd.edu

†

Google

taramatthews@google.com,sconsolvo@google.com,

patrickgage@acm.org,manya@google.com,

kurtthomas@google.com

Abstract—At-risk users are people who experience elevated

digital security, privacy, and safety threats because of what they

do, who they are, where they are, or who they are wi th. In

this systematization work, we present a framework for reasoning

about at-risk u sers based on a wide-ranging meta-analysis of 85

papers. Across the varied popul ation s that we examined (e.g.,

children, activists, women in developing regions), we identiﬁed

10 unifying contextual risk factors—such as oppression or stigma-

tization and access to a sensitive resource—which augment or

amplify digital-safety threats and their resulting harms. We also

identiﬁed technical and non-technical practices that at-risk users

adopt to attempt to protect themselves from digital-safety threats.

We use this framework to discuss barriers that limit at-risk users’

ability or willingness to take protective actions. We believe that

the securi ty, privacy, and human-computer interaction research

and practitioner communities can use our framework to iden t ify

and shape research investments to beneﬁt at-risk users, and to

guide technology design to better support at-risk users.

I. INT RODUCTION

Anyone can experien ce attacks related to their security,

privacy, or safety online (i.e. , digital safety), but at-risk users

face c ircumstances that expose them to outsized risks and

harms. These circumstances may stem from what they do (e.g.,

activists, journalists [52, 59]); wh o they are (e. g., children,

people who are LGBTQ+ [13, 47]); wh e re they are (e.g.,

women in rep ressive regions [77, 96]); or who they are with

(e.g., su rvivors of intimate par tner a buse [29, 56]). At-risk

users may experience extreme attacks, such as spear-phishing

campaigns [52], attacks by nation-state actors [52], or perva-

sive surveillance by intimate partners [51]; and the harms they

experien ce may be more severe, such as ransomware locking

out emergency room staﬀ from critical patient data [88].

A growing body o f research has explored how th e digital-

safety needs of at-risk users are potentially unmet by exist-

ing security, privacy, and safety th reat models that tend to

focus on a mythical “average user.” A common recommen-

dation from researchers in this sp ace is to “consider” (e.g.,

[11, 20, 56, 85, 95, 109]) at-risk users during the technology

design and development proce ss. For technology practitioners

seeking to follow this advice, however, it can be bewildering to

consider dozens of diﬀerent at-risk populations, across vary ing

contexts and circumstances, each with disjoint an d som etimes

contradictory digital-safety needs. Accordingly, we argue that

there is a need for sy nthesis: to organize what is known into a

framework t hat the digital-safety com munity can use to reason

about at-risk users, and to identify gaps in knowledge and key

areas for future work.

We systematically identiﬁed and r eviewed 85 papers focu sed

on t he digital-safety experiences of at-risk populations, and we

developed a f ramework th a t can be used to reason about four

research questions regarding at-risk users:

RQ1: Contextual risk factors. Wha t factors—such as a

person’s relationships, personal circumstances, or

situation in society—contribute to digit al-safety

threats for at-risk users?

RQ2: Interactions. How do these contextual risk factors

interact to elevate the risk or severity o f digital-

safety threats for at-risk users?

RQ3: Protective practices. What protective practices are

common across at-risk users when attempting to

address their digital-safety needs?

RQ4: Barriers. What barriers do at-risk users encounter

in protecting themselves from digit al-safety threats?

Based on an analysis across 31 distinct population categories

(e.g., activists, refugees, children), we identiﬁed 10 contex-

tual risk factors that cross-cut at-risk populations, yielding

a clearly-deﬁned set of circumstances that the digital-safety

community can c onsider in research, design, and developm e nt

to suppor t at-risk users. We also found that at-risk users

currently rely on varied, often ad-hoc protective pr actices,

ranging fro m leaning on social connec tions, to dista ncing

themselves from technology, to relying on a patchwork of

technical strategies to try to minimize risks and harms. Our at-

risk framework is comprised of these contextual r isk factors

and protective practices. We use our framework to discuss

barriers that limit or prevent at- risk users from ena cting digital

protections, and show how competing priorities, a lack of

digital safety awareness, and broken technology assumptions

compound the challenges at-risk users face.

We advocate for the digital-safety community to consider

at-risk u sers’ needs in risk modeling and design. Our frame-

work provides a blueprint for addressing these issues th rough

research,

education support, and technology development, to

While ethical best practices for engaging in at-risk user research are

critical—e.g., in order to avoid further harming research participants—

deﬁning these best practices is beyond the scope of this work.

better ensure that at-risk u sers can engage safely online, and

in the process, to improve digital safety for everyone.

II. WHO ARE AT-RISK USERS?

To provide co ntext, we discuss terminology used in this

work, outline prio r taxonomies of attacks an d harms that

inﬂuenced our framework, and underscore the necessity for

the dig ital-safety community to su pport at-risk users.

A. Deﬁning at-risk users

We use at-risk user as an umbrella term for anyone who ex-

periences heightened digital-safety threats. We r efer to groups

targeted by t hreats t hat aﬀect an entire population—such as

children or teenagers navigating online privacy with peers

and family [107]—as at-risk populations. We did not ﬁnd

consensus across the digital-safety community on how to refer

to such users or populations; we chose these terms with the

goal of drawing focus to external t hreats these users face.

B. Previous taxonomies of attacks, threats, and harms

Previous systematizations developed frameworks to br oadly

categorize attacks, threats, and harms, alt hough none capture

how these elements overlap or diﬀer across distinct at-risk

populations. In particular, Scheuerman et al. [80] and Thomas

et al. [91] develop e d frameworks for un derstanding classes

of h arms that may result from digital-safety attacks, such

as reputational harm, ﬁnancial harm, reduced sexual safety,

reduced physical safety, an d coercion. Scheuerman et al. [80]

also provided a framework for assessing the severity of threats

based on such harms. Thomas et al. [91], Sambasivan et

al. [76], and Levy a nd Schneier [51] detailed how attacks

vary based on the capabilities of attackers, such as having

intimate access to a target, or privileged access to a target’s

devices or data. Our at-risk framework diﬀers in that we

isolate the contextual risk factors that may make at-risk users

particularly vulnerable to such atta cks, threats, or harms. We

also docu ment common protective practices at-risk users adopt

and discuss barriers they face to staying safe.

C. Value of focusing on at-risk users

The challenges experienced by at-risk users can be in-

ordinately complex, reﬂecting broade r, societal “structural

inequalities and soc ia l norms” [ 30, 5 7]. Th ese inequalities,

which vary globally, mean that particular c are is require d

to integrate at-risk users’ experiences and identities into the

design process [43, 57, 98].

We advocate for increased focus on at-risk user s’ nee ds

among the digital-safety c ommunity during threat modeling,

research, and design. Accounting for at-risk users can a lso

elevate the digital safety of all users by making “more pro-

nounc e d the need[s] th at many of us have” [24]. Providing

better digital-safety tools and guarantees can have far-reaching

impact both to at-risk users an d general users. Additionally,

providing choices and controls for at-risk users who know

intimately the digital-safety threats they face can also beneﬁt

general users who may desire similar protections.

III. METHODS

We synthesize 85 research papers from a cross-section

of computer scienc e conferences. Here, we discuss h ow we

identiﬁed and analyzed these papers.

A. Paper selection

Our dataset for this analysis was 85 papers describing

digital- safety-related issues for various at-risk populations. Our

goal was not to obtain an exhaustive survey of relevant papers

but to collect a diverse set that would allow us to extract

theme s relevant to our research questions

We collected papers from ﬁve years (2016–2020) of con-

ferences spanning the security, privacy, and hu man-computer

interaction (HCI) communities: CCS, CHI, CSCW, IEEE S&P,

NDSS, PETS, SOUPS, and USENIX Security. We ﬁrst gath-

ered links to every paper from these conferences on DBLP.

From those links, we collected paper titles, abstracts, and

publication dates, resulting in 6,428 papers.

To reﬁne this list, three researchers independently read titles

and abstracts for each paper and marked them as ‘relevant’ to

our research questions or not. At this stage, we interpreted

relevance broadly, selecting any paper even slightly within

scope. Papers that no researcher marked as relevant were

removed. Papers marked as relevant by only one r e searcher

were reviewed by a fourth researcher and discussed. This

process identiﬁed 115 potentially relevant papers.

Authors with extensive exper ience working with at-risk

populations also added 12 papers from other sources and/or

from outside the target date range, in order to cover a broader

range o f populations, for a total of 127.

B. Codebook development

Our goal was to identify contextual risk factors, protective

practices, and other patterns discussed by the papers in ou r

dataset (Table I). A s a ﬁrst step, we inductively built a cod e-

book by a nalyzing, in detail, a subset of papers well-aligned

with our research questions. Most of the core concepts in our

framework were identiﬁed at this stage, altho ugh inductive

reﬁnement continued throughout our analysis.

To select this initial subset, we extracted from t he dataset

an initial list of populations (e. g., survivors of intimate part-

ner abuse [ 56], refugees [8 4], activists [20], children [109],

etc.). We also synthesized an initial list of risk factors, for

example, attributes of the population or the threats t hey faced

that contributed to their digital-safety-related risks. We then

selected our subset to ensure each population and risk factor on

our list was represented, m a king sur e to include some papers

that combined multiple risk factors (e.g., low-incom e African

American New York City residents [26] and foster teens [10]).

This process yielded 27 papers. Although we endeavored to

cover a broad range of pop ulations and risk factors, it was

not necessary that the subset be exhaustive; all paper s were

eventually analyzed, and we con tinued to reﬁne the codebook

throughout our analysis.

The complete list of 85 papers in t he dataset can be found at

this link.

https://dblp.uni-trier.de/search

A. Contextual Risk Factors

Societal

factors

Legal or political

Oppression or stigmatization

Social expectations and norms

Relationships

Relationship with t he attacker

Reliance on a third party

Access to other at-risk users

Personal

circumstances

Prominence

Resource or time constrained

Underserved accessibility needs

Access to a sensitive resource

B. Protective Practices

Social

strategies

Informal help from trusted family and peers

Formal help from trusted organizations

Vetting identities to avoid potential attackers

Preemptive disclosure for control

Social pleas

Distancing

behaviors

Censoring online sharing

Reducing one’s digital footprint

Technical

solutions

Secure communication and encryption

Strong(er) authentication

Privacy settings and access control

Online identity management

Network security

Tracking and monitoring applications

TABLE I: Our at-risk framework, including ( a) contextual risk factors

and (b) protective practices.

We next analyzed the 27 papers in this subset and induc-

tively built our codebook. We used each speciﬁc population

discussed in each pape r

as a unit of analysis [90]. One of

four researchers read and summarized each paper. T he full

team used th ese summ aries to iteratively build and reﬁne our

codebook [90], which included categor ie s for risk factors, pro-

tective practices, and bar riers to protection. We met throughout

the pro cess to develop, discuss, and reﬁne codes. These

detailed summaries also e nabled us to examine r elationships

between codes a nd memo early id e as on themes [14].

C. Full analysis

Next, we used the codebook to analyze the remaining papers

that were not included in the initial subset. Because our paper

selection steps were deliberately inclusive, we continued to

reﬁne the dataset during this ph a se. Any researcher could ﬂag

a paper for possible exclusion; determinations were made after

discussion. Our ﬁnal analyzed dataset in cluded 85 papers.

We randomly selected 20% of the remaining papers, which

two researchers independently coded, making minor updates

to the cod e book as needed. The researchers assigned co des to

each paper and memoed additional relevant details and con-

text [14]. After completing th is 20% sample, the researchers

calculated agreement using Krippendorﬀ’s 𝛼 before discussing

and resolving all disagreements. The researchers then repeated

this procedure on another random 20%. Once suﬃcient relia-

For example, Simko et al. [84] reported on interviews with refugees and

associated caseworkers; we treated this as two populations.

bility was reached, the researchers split the remaining papers

between them to complete coding.

For the contextual risk factors and protective practices, we

obtained 𝛼 = [0.88, 1.00] after the second round of coding, and

for the barriers, 𝛼 = 0.83 after the third round. As these are

above the stan dard threshold o f 0.8 for reliability [46], we then

proceeded to individua l coding. After coding all pape rs, the

entire research team met to review the results, identify second-

level codes and themes [14], and ﬁnalize our framework.

D. Limitations

As noted , our 85-paper dataset is not exhaustive of all

relevant papers publishe d in the security, privacy, or HCI com-

munities. However, given our systematic method of compiling

papers, it should reasonably represent these communities’

published understanding of at-risk users, allowing us to build a

robust framework that can be used to help guide research, de-

sign, and development. Likewise, while qualitative coding may

lead to potential errors when determin ing whether a contextual

risk factor or protective pra ctice a pplies to a population, our

inter-rater agreement suggests such errors should be minimal.

At-risk populations are found around the world, with social

and structural circumstances that vary g lobally. The papers

identiﬁed in our review reﬂect the literature, skewing heavily

toward Western, and speciﬁcally U.S., populations, but do

include some studies with participants fr om othe r regions.

We also note th a t as research methods and best practices for

understanding at-risk users are still being developed—often

diﬀering from one community to the next—the papers in our

dataset often did not focus on the same issues, investigate to

the same depth, or use the same terminology. As a result, our

synth e sis of the contextual risk factors, protective practices,

and barriers covered in a paper may not reﬂect all the

challenges the population in question experien c es. Our coding

is, instead, a reﬂection of the curre nt understanding in the

literature on each population. One goal of this framework is

to promote a more consistent approach to research, de sig n, and

development, ultimately helping to close gaps in understanding

at-risk users.

IV. CONTE XTUAL RISK FACTORS

In our meta-analysis, we identiﬁed 10 con textual risk factors

that augment or amplify digital-safety risks. These risk factors,

which form the ﬁrst com ponent of our at-risk framework,

include: three societal factors, inﬂuenced by an at-risk user’s

role in their society and culture; three relationsh ip factors th a t

stem from who an at-risk user knows or interacts with; and

four personal circumstances that depend on who an at-risk

user is or their personal or professional activities. We note

some common attacks for each risk factor, but do not consider

being the target of a digital attack alone a risk factor. Some risk

factors are closely related to certain attackers (e.g., government

attackers are common for legal or political; intimate relations

are commo n for relationship with the attacker), though most

risk factors could involve a variety of potential attackers.

剩余17页未读，继续阅读

评论收藏

内容反馈

版权申诉

易小侠

粉丝: 6611
资源: 9万+

SoK一个统一风险用户研究的框架_SoK A Framework for Unifying At-Risk User Resea

最新资源

SoK一个统一风险用户研究的框架_SoK A Framework for Unifying At-Risk User Resea

信息安全_数据安全_SoK A Consensus Taxonomy in the .pdf

SoK: Security Evaluation of Home-Based IoT Deployments

「漏洞分析」SoK A Consensus Taxonomy in the Blockchain Era - 安全知识.zip

444.hu hozzászólások-crx插件

SOK_交互动效版7.13副本 (1).zip

unix_rendszergazda

EasySok-开源

SP 2013-IEEE Symposium on Security & Privacy 2013年论文集

project-html-001-about-site：HTML脚本项目

FarisGans：Jangan Sok Kerad Ingat Di Atas Langit Masih Ada Satelit

WebTech2:WebesAlkalmazások2，汤帕·塔玛斯（TompaTamás）

VHD_manager_v1.3

yasox：YASOX是YASO的分支

费拉达托克（Feladatok）：俄克拉荷马州Programozásérettségi，埃及费拉达特·梅戈拉达索克（feladatmegoldások）

Awesome-Differential-Privacy:差分私有机器学习

str-ang-exam-001

PressMe:Dr.Code Godot项目

多元交替决策树：多元 ADTrees 是交替决策树 (ADTree) 的多元扩展。-matlab开发

Cobalt Strike下载

北京邮电大学计算机考研复试笔试资料

计算机系统-笔记-HUN2021级

cs1.6老版本供下载

合成孔径雷达的经典成像算法cs(matlab)仿真代码（吐血整理，内容全，注释全）

港大CS（MSC）面试整理

合成孔径雷达RD CS OmegaK算法点目标仿真.rar

计算机科学导论原书第二版答案.zip

Cobalt-Strike-4.5

cobaltstrike4.3.zip

在dataGridView的列中出现日历选择控件的类型

最新资源