background
Our smart phones carry much private information about us, which makes them an interesting target for cyber-attackers. Smart phones have quite some computing power and can also be used for creating botnets and performing ddos attacks on online infrastructure. While mobile phone manufacturers provide regular updates to their operating systems, which are providing fixes to identified vulnerabilities in the operating system, the user is the one that needs to make sure that they are installed.
An important question is whether the users of smart phones are aware of the privacy and security risks to their smart phones, and act accordingly, by for example installing updates shortly after they become available. The privacy paradox suggests that while people find privacy important, they often do not act in a privacy protective way (Barth & de Jong, 2017; Gerber et al., 2018). The same may be true for privacy protective behaviour around mobile phones. Reasons for not taking protective actions may be a lack of awareness of the risks and a lack of knowledge about appropriate protective actions, or because users are having their primary focus on something else when the phone informs the user of available updates.
In this study, you will investigate users’ protective action around smart phone security and predictors of this. As it is likely that many people procrastinate or forget to update their phone’s operating system, an important additional research question is which intervention (see e.g. Aleisa et al., 2020; Ghiglieri et al., 2017) is effective in nudging people towards updating their operation systems more often, and more quickly after a new update is available.
Besides working with PCRS, you will work together with cyber-security experts of the UTwente IoT lab. We will collect data among a representative sample.
research Questions
Do people take protective action against cyber-attacks on their smart phone, and why (or why not)?
How do people perceive the risks of cyber-attacks on their phones?
Which intervention is effective in nudging people towards regularly and quickly installing updates on their phones?
type of research
Survey research.
keywords
Risk perception, risk behaviour, cyber-security, privacy paradox, smart phones
Information
Please contact Steven Watson (s.j.watson@utwente.nl) when you are interested in this project.
Literature
Aleisa, N., Renaud, K., & Bongiovanni, I. (2020). The privacy paradox applies to IoT devices too: A Saudi Arabian study. Computers and Security. https://doi.org/10.1016/j.cose.2020.101897
Barth, S., & de Jong, M. D. T. (2017). The privacy paradox - Investigating discrepancies between expressed privacy concerns and actual online behavior - A systematic literature review. Telematics Informatics, 34(7), 1038–1058. https://doi.org/10.1016/J.TELE.2017.04.013
Gerber, N., Gerber, P., & Volkamer, M. (2018). Explaining the privacy paradox: A systematic review of literature investigating privacy attitude and behavior. Computers & Security, 77, 226–261. https://doi.org/10.1016/J.COSE.2018.04.002
Ghiglieri, M., Volkamer, M., & Renaud, K. (2017). Exploring consumers’ attitudes of smart TV related privacy risks. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). https://doi.org/10.1007/978-3-319-58460-7_45