Abstract
We present in this paper the results from a field study we conducted over a 4-month period. The experience aimed at evaluating the impact of the technological and human factors on the risk of getting infected by malware.
In this article, we applied the economic concept of risk aversion in order to study the behaviour of users towards the risk of malware infection. Our results show that younger users and men in particular, with a higher level of expertise in computer science are more susceptible to open multiple web accounts and install more software from the Internet. Furthermore, the increase in the level of expertise in computer science, creates in men a negative attitude towards alert messages of antivirus; while in women, the opposite happens.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ovelgönne, M., Dumitras, T., Prakash, B.A., et al.: Understanding the relationship between human behavior and susceptibility to cyber attacks: a data-driven approach. ACM Trans. Intell. Syst. Technol. (TIST) 8(4), 51 (2017)
Ion, I., Reeder, R., Consolvo, S.: No one Can Hack My Mind: comparing expert and non-expert security practices. In: SOUPS, pp. 327–346 (2015)
De Luca, A., Das, S., Ortlieb, M., et al.: Expert and non-expert attitudes towards (secure) instant messaging. In: Symposium on Usable Privacy and Security (SOUPS) 2016
Lalonde Lévesque, F., Nsiempba, J., Fernandez, J.M., et al.: A clinical study of risk factors related to malware infections. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 97–108. ACM (2013)
Lalonde Lévesque, F., Davis, C.R., Fernandez, J.M., Chiasson, S., Somayaji, A.: Methodology for a field study of anti-malware software. In: Blyth, J., Dietrich, S., Camp, L.J. (eds.) FC 2012. LNCS, vol. 7398, pp. 80–85. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34638-5_7
Yen, T., Heorhladi, V., Oprea, A., et al.: An epidemiological study of malware encounters in a large enterprise. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1117–1130. ACM (2014)
Carlinet, Y., Me, L., Debar, H., et al.: Analysis of computer infection risk factors based on customer network usage. In: Second International Conference on Emerging Security Information, Systems and Technologies, 2008, SECURWARE 2008, pp. 317–325. IEEE (2008)
Canali, D., Bilge, L., Balzarotti, D.: On the effectiveness of risk prediction based on users browsing behavior. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pp. 171–182. ACM (2014)
Bossler, A.M., Holt, T.J.: On-line activities, guardianship, and malware infection: an examination of routine activities theory. Int. J. Cyber Criminol. 3(1), 400 (2009)
Ngo, F.T., Paternoster, R.: Cybercrime victimization: an examination of individual and situational level factors. Int. J. Cyber Criminol. 5(1), 773 (2011)
Lévesque, F.L., Fernandez, J.M., Batchelder, D.: Age and gender as independent risk factors for malware victimisation. In: Proceedings of the 31th International British Human Computer Interaction Conference. ACM, Sunderland, UK (2017)
Oliveira, D., Rocha, H., Yang, H., et al.: Dissecting spear phishing emails for older vs young adults: on the interplay of weapons of influence and life domains in predicting susceptibility to phishing. In: Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, pp. 6412–6424. ACM (2017)
Grimes, G.A., Hough, M.G., Signorella, M.L.: Email end users and spam: relations of gender and age group to attitudes and actions. Comput. Hum. Behav. 23(1), 318–332 (2007)
Sheng, S., Holbrook, M., Kumaraguru, P., et al.: Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 373–382. ACM (2010)
Luhmann, N:. Confiance et familiarité. Réseaux (4), 15–35 (2001)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Nsiempba, J.J., Lévesque, F.L., de Marcellis-Warin, N., Fernandez, J.M. (2018). An Empirical Analysis of Risk Aversion in Malware Infections. In: Cuppens, N., Cuppens, F., Lanet, JL., Legay, A., Garcia-Alfaro, J. (eds) Risks and Security of Internet and Systems. CRiSIS 2017. Lecture Notes in Computer Science(), vol 10694. Springer, Cham. https://doi.org/10.1007/978-3-319-76687-4_18
Download citation
DOI: https://doi.org/10.1007/978-3-319-76687-4_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-76686-7
Online ISBN: 978-3-319-76687-4
eBook Packages: Computer ScienceComputer Science (R0)