You are here
Too Much Knowledge? Security Beliefs and Protective Behaviors Among United States Internet Users
Rick Wash and Emilee Rader, Michigan State University
Home computers are frequently the target of malicious attackers because they are usually administered by non-experts. Prior work has found that users who make security decisions about their home computers often possess different mental models of information security threats, and use those mental models to make decisions about security. Using a survey, we asked a large representative sample of United States Internet users about different causal beliefs related to computer security, and about the actions they regularly undertake to protect their computers. We found demographic differences in both beliefs about security and security behaviors that pose challenges for helping users become more informed about security. Many participants reported weakly held beliefs about viruses and hackers, and these were the least likely to say they take protective actions. These results suggest that all security knowledge is not the same, educating users about security is not simply a more-is-better issue, and not all users should receive the same messages.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.