|
Human Factors in IT Security - Übung (HumITSecÜ)
- Lecturer
- Lena Reinfelder, M. Sc.
- Details
- Übung
2 cred.h, certificate, ECTS studies, ECTS credits: 2,5, Sprache Deutsch oder Englisch, Übung zur Vorlesung HumITSec
Time and place: Tue 10:15 - 11:45, 02.133-113; comments on time and place: The first exercise takes place in the first semester week (after the first lecture).
- Fields of study
- WPF INF-BA-V-SEC 5-6 (ECTS-Credits: 2,5)
WF INF-MA ab 1 (ECTS-Credits: 2,5)
WPF ME-MA-MG6 1-3 (ECTS-Credits: 2,5)
- Prerequisites / Organisational information
- In order to participate in this exercise, you should apply for the participation in the corresponding lecture "Human Factors in IT Security" using StudOn.
The goal of the exercise is to give the participants hands-on experience in working with non-technical users and understanding how these users think about security. Students will be required to read 1-2 papers for each exercise and discuss them in the class. They will also have to conduct small experiments and surveys as homework. The exercise will be divided in two parts:
(1) After each lecture, the students will receive a homework assignment consisting of practical exercises.
(2) The students will be divided into groups, and each group will prepare a 30-minutes long presentation with the following discussion for the class on a given topic. Materials such as papers and key discussion questions will be provided. Participation in an exercise group is a prerequisite for participation in the exam. Topics and materials for the presentations are the following:
1. Authentication: "It’s Not What You Know, But Who You Know - A social approach to last-resort authentication"
(https://www1.informatik.uni-erlangen.de/filepool/teaching/hufa/Social-authentication.pdf )
2. Usability: "Exploring Usability Effects of Increasing Security in Click-based Graphical Passwords"
(https://www1.informatik.uni-erlangen.de/filepool/teaching/hufa/Graphical-passwords2.pdf )
3. Privacy 1: "Limiting, Leaving, and (re)Lapsing: An Exploration of Facebook Non-Use Practices and Experiences"
(https://www1.informatik.uni-erlangen.de/filepool/teaching/hufa/Facebook-practices.pdf )
4. Privacy 2: "Misplaced Confidences: Privacy and the Control Paradox"
(https://www1.informatik.uni-erlangen.de/filepool/teaching/hufa/Privacy-control-paradox.pdf )
5. (Cyber) Fraud 1: "F for Fake: Four Studies on How We Fall for Phish"
(https://www1.informatik.uni-erlangen.de/filepool/teaching/hufa/F-for-Fake.pdf )
6. (Cyber) Fraud 2: "Two methodologies for physical penetration testing using social engineering"
(https://www1.informatik.uni-erlangen.de/filepool/teaching/hufa/Social-engineering.pdf )
7. Awareness: "Going Spear Phishing: Exploring Embedded Training and Awareness"
(https://www1.informatik.uni-erlangen.de/filepool/teaching/hufa/Spear-phishing.pdf )
8. Warning: "Bridging the Gap in Computer Security Warnings - A Mental Model Approach"
(https://www1.informatik.uni-erlangen.de/filepool/teaching/hufa/bridging-gap-warnings.pdf )
- ECTS information:
- Credits: 2,5
- Additional information
- Expected participants: 24, Maximale Teilnehmerzahl: 24
- Assigned to: Human Factors in IT Security
- Verwendung in folgenden UnivIS-Modulen
- Startsemester SS 2015:
- Human Factors in IT Security (HumITSec)
- Department: Chair of Computer Science 1 (IT Security Infrastructures)
|
|
|