News

Sean Oesch recently presented on his paper Understanding User Perceptions of Security and Privacy for Group Chat: A Survey of Users in the US and UK at the 2020 Annual Computer Security Applications Conference (ACSAC). This paper examines how users view secure group chat, identifying their key concerns, and exploring how they manage their security. Click on the link to the paper to see the video of the presentation.


Welcoming Dr. Doowon Kim

We are excited to announce that Dr. Doowon Kim has join the USER Lab. Dr. Kim recently joined the Department of Electrical Engineering and Computer Science at the University of Tennessee. His research centers on the code signing-PKI, security measurements, secure software engineering, and usable security. Check out his personal page to learn more about Dr. Kim.


Sean Oesch recently presented on his paper That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers at the 2020 USENIX Security Symposium. You can watch the video here.


We would like to congratulate Yunhe Feng for having his paper SenCAPTCHA: A Mobile-First CAPTCHA Using Orientation Sensors published at UbiComp 2020. SenCAPTCHA is a mobile-first CAPTCHA system that works by displaying an animal picture to the user and having them rotate their phone to move a ball into the center of the animal’s eye. The results of a user study with 200 participants showed that SenCAPTCHA outperforms other existing CAPTCHAs and that it was the favorite CAPTCHA system for over half of participants.


We would like to congratulate Sean Oesch for having his paper That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers published at the 2020 USENIX Security Symposium. This evaluation looks at the security of thirteen popular password managers and covers the entire password manager lifecycle—password generation, storage, and autofill. This works identifies a range of issues in the studied password managers and provides recommendations for building better password managers.