Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
public:research:main [2025-10-06 08:43] – [Usable security] Petr Švendapublic:research:main [2025-10-12 19:13] (current) – [Usable security] Petr Švenda
Line 422: Line 422:
 ===== Side-channel analysis ===== ===== Side-channel analysis =====
  
-{{ :public:research:sca_chat_gpt_v2.png?direct&200|}}+{{ :public:research:sca_chat_gpt_v2.png?direct&180|}}
  
  
Line 461: Line 461:
 ===== Usable security ===== ===== Usable security =====
  
-{{ :public:research:social.png?direct&200|}}+{{ :public:research:social.png?direct&300|}}
  
 Our usable security projects focus on computer security and interactions of systems with end-users (true end-users as well as IT professionals using a particular system for their job). We are currently investigating factors influencing usability of reports from penetration testing, figuring out what those that use these reports can and cannot really find out from pentesting reports - and how to improve that. We also examine usability of AI-assisted pentesting report writing. Our usable security projects focus on computer security and interactions of systems with end-users (true end-users as well as IT professionals using a particular system for their job). We are currently investigating factors influencing usability of reports from penetration testing, figuring out what those that use these reports can and cannot really find out from pentesting reports - and how to improve that. We also examine usability of AI-assisted pentesting report writing.
  
-We started our first significant project in the area of usable security in 2014, in cooperation with three industrial partners, Faculty of social studies, and Faculty of law. The project aimed to identify influences that make users change their risky behavior to more secure one. Four sets of experiments ran in cooperation with commercial companies (ESET, Netsuite and SodatSW). Every experiment targeted a different target group and used a different technique (warning, security dialogue, e-learning, user-friendly password recovery, etc.). This project was unique for the cooperation of three different faculties of MU and three commercial companies, who wanted to understand their users better and increase their products' overall security by improving interfaces and processes used by their end-users. We also finished a project in cooperation with the Faculty of social studies and AHEAD Itec/Monet+ company. It aimed at user testing of selected authentication methods (NFC token, smart card with card reader, fingerprint and PIN code). Results from this project are available here: https://crocs.fi.muni.cz/public/papers/2020-tacr-report+We started our first significant project in the area of usable security in 2014, in cooperation with three industrial partners, Faculty of social studies, and Faculty of law. The project aimed to identify influences that make users change their risky behavior to more secure one. Four sets of experiments ran in cooperation with commercial companies (ESET, Netsuite and SodatSW). Every experiment targeted a different target group and used a different technique (warning, security dialogue, e-learning, user-friendly password recovery, etc.). This project was unique for the cooperation of three different faculties of MU and three commercial companies, who wanted to understand their users better and increase their products' overall security by improving interfaces and processes used by their end-users. We also finished a project in cooperation with the Faculty of social studies and AHEAD Itec/Monet+ company. It aimed at user testing of selected authentication methods (NFC token, smart card with card reader, fingerprint and PIN code) with results available [[https://crocs.fi.muni.cz/public/papers/2020-tacr-report | here]]