field studies and ecological validity
play

Field studies and ecological validity Michelle Mazurek 1 Todays - PowerPoint PPT Presentation

Feb 23, 2023 •244 likes •519 views

Field studies and ecological validity Michelle Mazurek 1 Todays class Field studies (pluses and minuses) Ecological validity Ethics Crowdsourced studies (MTurk and friends) Project pitches: Next week 2 FIELD STUDIES 3 Why

  1. Field studies and ecological validity Michelle Mazurek 1

  2. Today’s class • Field studies (pluses and minuses) • Ecological validity – Ethics • Crowdsourced studies (MTurk and friends) • Project pitches: Next week 2

  3. FIELD STUDIES 3

  4. Why (not) a field study? • Better ecological validity – Validate a lab study result • Because you can’t get the data any other way • Logistically difficult • Limited piloting / not easy to adjust – One shot at your participant pool • Expensive (money and time) Plan extremely carefully! 4

  5. PhishGuru in the real world • Anti-phishing training delivered when users follow a phishing link • Training, phishing, legitimate emails delivered to 300 employees in a Portuguese company 5

  6. PhishGuru in the real world • Was a field study necessary here? Why? – How could it have been designed differently? • What logistical problems were encountered? – Design choices the authors later regretted? – How did they threaten the study’s outcome? 6

  7. Case study: Measuring password strength ECOLOGICAL VALIDITY 7

  8. Passwords research is everywhere WWW 2007 CCS 2005 (Narayanan (Florencio and Herley) and Shmatikov) Computers CCS 2010 (Weir et al.) and Security, 1989 CHI 2011 (Komanduri et al.) IEEE S&P 2012 (Bonneau) NDSS 2012 (Castelluccia et al.) Comm ACM, 1979 ACIS 2004 (Campbell and Bryant) 8

  9. … but good data is hard to find • Small data sets • Experimental rather than field data • Self-reported surveys • Leaked data of questionable validity • Minimal-value accounts • No access to plaintext passwords Are the results generalizable? 9

  10. Fahl et al.: Password study validity • Goal: Compare lab study, online study, real passwords • Methods: – Several thousand passwords (plaintext, anonymized) – Invite same pool to online or lab study – Security priming, or not – Manual analysis for similarity • 583 online, 63 lab participants 10

  11. Results: Validity % Online Lab Priming Non Total Highly valid 46 49 47 44 46 Somewhat valid 23 32 24 24 24 Invalid 31 18 29 32 30 • Overall, experimental data can be useful – Self-reporting of realistic behavior can help • No significant difference due to priming • Lab slightly but significantly better than online 11

  12. Critique the study design • What was measured? – Comments about the manual analysis approach? • Priming vs. non-priming – How are the instructions different in the 2 cases? – Would you have given different instructions? – Are there other conditions you would test? 12

  13. Implications of the results • Do these findings apply to other studies in the security/privacy area? How? 13

  14. Passwords for an entire university • 25,000 real, high-value eal, high-value passwords from CMU • Contextual data – logs, demographics, survey • What factors correlate with password strength? – New (to passwords) statistical methods – Find new results, confirm prior results • What to do when you don’t have field data? – Comparison with leaked and study data 14

  15. What are CMU passwords? • 25,459 accounts for faculty, staff, and students – Plus 17,104 deactivated accounts • Single-sign-on for email, financial, grades, registration, health, etc. • Password requirements: – Minimum 8 characters – Upper, lower, digit, symbol – Dictionary check (241,497 words) 15

  16. Strength metric: Guessability • How many guesses to reach each password? – Subject to guessing algorithm and training data • Result: guess number or beyond t beyond the cutof he cutoff – Cutoff = 380 trillion guesses (runs in about 1 day) Example: Password Guess number 12345678 4 1.4 x 10 6 Password178 jn%fKXsl!8@Df Beyond cutoff 16

  17. Comparing password sets • Examining CMU password policy – Use conforming subset conforming subset for all leaked data • Online studies – MTsim: Closest match to real CMU experience – MTcomp8: Similar password requirements • Leaked: plaintext – RockYou, Yahoo!, CSDN • Leaked: hashed and cracked – Gawker, StratFor 17

  18. Comparing sets – Guessability Gawker Extensive-knowledge Gcomp8 Stratfor 60% SFcomp8 MTsim MT 50% RockYou RYcomp8 CMU CMUactive MTcomp8 40% MT CSDN CSDNcomp8 Yahoo Percent guessed Ycomp8 30% 20% 10% 0% 1 E 4 1 E 7 1 E 10 1 E 13 Guess number Leaked hashed/cracked: Very easy to guess 18

  19. Comparing sets – Guessability Gawker Extensive-knowledge Gcomp8 Stratfor 60% SFcomp8 MTsim MT 50% RockYou RYcomp8 CMU CMUactive MTcomp8 40% MT CSDN CSDNcomp8 Yahoo Percent guessed Ycomp8 30% 20% 10% 0% 1 E 4 1 E 7 1 E 10 1 E 13 Guess number Leaked plaintext: RockYou close to CMU, others much tougher 19

  20. Comparing sets – Guessability Gawker Extensive-knowledge Gcomp8 Stratfor 60% SFcomp8 MTsim MT 50% RockYou RYcomp8 CMU CMUactive MTcomp8 40% MT CSDN CSDNcomp8 Yahoo Percent guessed Ycomp8 30% 20% 10% 0% 1 E 4 1 E 7 1 E 10 1 E 13 Guess number Online studies: Both close, MTcomp8 closer 20

  21. Other metrics for comparison • Composition: length, character classes • Structures • Entropy (Shay et al., SOUPS 2010) • Frequency distribution 21

  22. Comparing sets – Length Digits Length CMUactive CMU sim MTSim comp8 MTcomp8 Ycomp8 RockYou 12.6 Ycomp8 Yahoo CSDNcomp8 CSDN Stratfor SFcomp8 Gawker Gcomp8 8.0 Survey SVcomp8 MTbasic8 MTbasic8 MTdictionary8 MTdictionary8 MTbasic16 MTbasic16 17.9 9.5 10 10.5 11 11.5 number of characters number of digits Overall: Online studies closest across metrics (Full results in the paper) 22

  23. Discussion • Critique the study design – Challenges of field studies • Are there lessons for other HFSP studies? 23

  24. Quick note on ethics • All three studies we discussed today have significant ethical implications • We’ll revisit this in a couple of weeks – Any comments/questions in the meantime? 24

  25. Homework 2 • Suggesting study designs – We’ll talk about more options Tuesday • Deploy and analyze an MTurk survey – Part, but only part, Part, but only part, can be done wit can be done with partners h partners – Ther There ar e are 11 of you … potent e 11 of you … potential ially one triple ly one triple • Read d Read dir irect ections car ions careful efully! ly! 33

  26. Project pitches • 5 min each; slides optional – What is the research question? – Preliminary high-level methodology – Ideally: Quick overview of related work / why it’s novel • We’ll vote to narrow down and then form teams • Final teams by 2/24 • Proposals due 3/3 – Two pages; details posted on course website 34

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Replication: On the Ecological Validity of Online Security Developer Studies: Exploring

Replication: On the Ecological Validity of Online Security Developer Studies: Exploring

Replication: On the Ecological Validity of Online Security Developer Studies: Exploring Deception in a Password-Storage Study with Freelancers Anastasia Danilova , Alena Naiakshina , Johanna Deuter, Matthew Smith University of

167 views • 6 slides
Ecological Risk Assessment of Amphibians: Biological Field Studies

Ecological Risk Assessment of Amphibians: Biological Field Studies

Ecological Risk Assessment of Amphibians: Biological Field Studies as Lines of Evidence Patrick Allard 1 , Penny Ohanjanian 2 , Leigh Anne Isaac 3 , Gary Mann 1 ,

226 views • 21 slides
Lecture 2-HS-200-11-3-14 Ecological Transformation and the environmental field in the

Lecture 2-HS-200-11-3-14 Ecological Transformation and the environmental field in the

Lecture 2-HS-200-11-3-14 Ecological Transformation and the environmental field in the sociological imagination Methodologically, sociologists define the field of environmental studies as the study of interaction between the

498 views • 27 slides
Answering the Call of the Wild?: Thoughts on the Elusive Quest for Ecological Validity in

Answering the Call of the Wild?: Thoughts on the Elusive Quest for Ecological Validity in

Answering the Call of the Wild?: Thoughts on the Elusive Quest for Ecological Validity in Variability Modelling Seiede Reyhane Kamali, Shirin Kasaei, Roberto E. Lopez-Herrejon cole de technologie suprieure, Universit du Qubec, Canada

605 views • 14 slides
Ecological transformation When ecological knowledge and transformation in the social

Ecological transformation When ecological knowledge and transformation in the social

Ecological transformation When ecological knowledge and transformation in the social practices as the goal of environmental studies ------- Ecological transformation is best understood as an ongoing process of wide-ranging

637 views • 48 slides
an interface that has been designed to Ecological Psycology: a small field within pyscology

an interface that has been designed to Ecological Psycology: a small field within pyscology

EID Ecological ? an interface that has been designed to Ecological Psycology: a small field within pyscology (Gibson 1979 / 1986 ) reflect the constraints of the work It advocates: human behavior is often constrained by environment in

279 views • 7 slides
Overview of mean-field and beyond mean-field theoretical studies on giant resonances G. Col

Overview of mean-field and beyond mean-field theoretical studies on giant resonances G. Col

Overview of mean-field and beyond mean-field theoretical studies on giant resonances G. Col Mean-field and/or Energy Density Functionals (EDFs) [ ] E H E H = = = eff Slater determinant

356 views • 24 slides
Topics Why E Field Modeling What is E Field Modeling Case Studies Questions 2 Why

Topics Why E Field Modeling What is E Field Modeling Case Studies Questions 2 Why

E Field Modeling 1 Topics Why E Field Modeling What is E Field Modeling Case Studies Questions 2 Why E Field Modeling 3 E Field Modeling Mechanical design of transmission lines has become very robust thanks to technology

805 views • 45 slides
External Validity March 25 1 / 16 Definition How do we define external validity? Mundane

External Validity March 25 1 / 16 Definition How do we define external validity? Mundane

External Validity March 25 1 / 16 Definition How do we define external validity? Mundane realism (surface similarity) Generalizability of results 2 / 16 Discussion Experiments have strong internal validity. If that is why we do

552 views • 16 slides
Presentation of suitable case studies Graham Ellis IDEA Workshop : Validity of the QRA Methodology

Presentation of suitable case studies Graham Ellis IDEA Workshop : Validity of the QRA Methodology

Presentation of suitable case studies Graham Ellis IDEA Workshop : Validity of the QRA Methodology & Possibilities of Further Refinement May 13-15th, 2014 Presentation of suitable case studies Comparison of QRA 1.0 and QRA 2.0

329 views • 20 slides
Environmental DNA (eDNA) A Revolutionary Sampling Technique for Aquatic Ecological Studies By:

Environmental DNA (eDNA) A Revolutionary Sampling Technique for Aquatic Ecological Studies By:

Environmental DNA (eDNA) A Revolutionary Sampling Technique for Aquatic Ecological Studies By: Jared Hobbs, M.Sc., R.P.Bio., Senior Biologist, Hemmera Date: October 22, 2015 Outline What is eDNA Methodology Considerations

415 views • 28 slides
Cue validity Cue validity - predictiveness of a cue for a given category Central

Cue validity Cue validity - predictiveness of a cue for a given category Central

Cue validity Cue validity - predictiveness of a cue for a given category Central intuition: Some features are more strongly associated with a distinct category than others Paw - shared by many animals Mane - only a few

334 views • 29 slides
Probabilistic Models for Understanding Ecological Data: Case studies in Seeds, Fish and Coral

Probabilistic Models for Understanding Ecological Data: Case studies in Seeds, Fish and Coral

Probabilistic Models for Understanding Ecological Data: Case studies in Seeds, Fish and Coral Allan Tucker Brunel University London The Talk The Data Explosion and Ecology Case Studies: 1. Data Driven Models for prediction: Seeds 2.

531 views • 38 slides
Case studies, examples and field reports Field-survey Ethnographic approach to economic and

Case studies, examples and field reports Field-survey Ethnographic approach to economic and

Sustainable development planning Case studies, examples and field reports Field-survey Ethnographic approach to economic and environmental issues + Collaborative Foresight Exercise Elaboration of alternative images of future with the local

588 views • 47 slides
From Salt to C; carbon sequestration through ecological restoration of the Dry Creek Salt Field

From Salt to C; carbon sequestration through ecological restoration of the Dry Creek Salt Field

From Salt to C; carbon sequestration through ecological restoration of the Dry Creek Salt Field Presentation Outline Science behind carbon sequestration in the tidal trial (Luke) What is the Blue Carbon sequestration potential of the

340 views • 23 slides
Glaser et al ., 2007 Biochar Meta-AnlysisStudies: 23 studies (2009-2011) (with 7 field studies)

Glaser et al ., 2007 Biochar Meta-AnlysisStudies: 23 studies (2009-2011) (with 7 field studies)

Glaser et al ., 2007 Biochar Meta-AnlysisStudies: 23 studies (2009-2011) (with 7 field studies) Jeffery et al ., 2011 Agriculture, Ecosystems & Environment Biederman et al ., 2013 GCB Bioenergy RR B = relative biochar effect = ln

301 views • 17 slides
Reproducible Research in Ecology with R: distribution of threatened mammals in Equatorial Guinea

Reproducible Research in Ecology with R: distribution of threatened mammals in Equatorial Guinea

Introduction Applying RR Discussion & conclusion Reproducible Research in Ecology with R: distribution of threatened mammals in Equatorial Guinea Mar a V. Jim enez-Franco ( mvjimenez@um.es ), Chele Mart nez-Mart , Jos

600 views • 30 slides
Jan 23 Conceptual models of ecological systems Example of drawing strong generalizations in

Jan 23 Conceptual models of ecological systems Example of drawing strong generalizations in

Jan 23 Conceptual models of ecological systems Example of drawing strong generalizations in ecology: Trophic Cascades Bottom-up Top-down Arrows indicate controlling levels Example of drawing strong generalizations in ecology: Trophic Cascades

387 views • 27 slides
The Business of Higher The Business of Higher Education - Education - Sustainability,

The Business of Higher The Business of Higher Education - Education - Sustainability,

The Business of Higher The Business of Higher Education - Education - Sustainability, Leadership, Assessment and Action FOUR PART WEBINAR SERIES PART FOUR Welcome This four part webinar series covers topics tailored to the complex needs

205 views • 8 slides
Re-structuring Health Care Delivery in Ontario Michael Scarpitti Lead, Health Systems

Re-structuring Health Care Delivery in Ontario Michael Scarpitti Lead, Health Systems

Re-structuring Health Care Delivery in Ontario Michael Scarpitti Lead, Health Systems Transformation CMHA Ontario Current Changes Provincial Government has had a focus on re-structuring the health care system since election in June 2018.

832 views • 23 slides
Mining(photo8sharing(websites(to(( study(ecological(phenomena(

Mining(photo8sharing(websites(to(( study(ecological(phenomena(

Mining(photo8sharing(websites(to(( study(ecological(phenomena( Haipeng(Zhang,(Mohammed(Korayem,(David(Crandall( School&of&Informa-cs&and&Compu-ng& Indiana&University,&Bloomington,&USA& Gretchen(LeBuhn(

532 views • 25 slides
To unde rsta nd the fa ctors tha t le a d to the e m e rg e nce of ne w socia l

To unde rsta nd the fa ctors tha t le a d to the e m e rg e nce of ne w socia l

To unde rsta nd the fa ctors tha t le a d to the e m e rg e nce of ne w socia l a ctors a nd proce sse s, a s we ll a s the unde rlying force s of ine rtia a nd re sista nce , the e m pha sis in socia l

1.06k views • 42 slides
On the Ugliness of Ecological Monitoring Computational Constraints Arising from Ecological Data

On the Ugliness of Ecological Monitoring Computational Constraints Arising from Ecological Data

On the Ugliness of Ecological Monitoring Computational Constraints Arising from Ecological Data and Inference Methods James D. Nichols Patuxent Wildlife Research Center Barroom Messages All data are not created equal. Computational

897 views • 47 slides
2018 Game L A P N E f M o r A a G H Y T L C A I T E Y H Plan for a Healthy

2018 Game L A P N E f M o r A a G H Y T L C A I T E Y H Plan for a Healthy

2018 Game L A P N E f M o r A a G H Y T L C A I T E Y H Plan for a Healthy City Update Public Meetings November 28-30, 2017 SASAKI | ERO | MATRIX | PLACE MATTERS | ETC TODAY A legacy of planning for Denver's future

317 views • 21 slides

More recommend