A Web Browser Plugin for Users' Security Awareness
ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security
Article No.: 58, Pages 1 - 7
Abstract
Browsing online continues to pose a risk to the users’ privacy and security. There is a plethora of existing tools and solutions that aim at ensuring safe and private browsing but they are not used by the majority of the users due to the lack of ease of use or because they are too restrictive. In this work, we present a plugin for Google Chrome that aims to increase the users’ security awareness regarding the visited websites. We aim to provide the user with simple and understandable information about the security of the visited website. We evaluated our tool through a usability analysis and compared it with existing well-known solutions. Our study showed that our plugin ranking was high in the ease of use, and in the middle range for clarity, information provided, and overall satisfaction. Overall, our study showed that the users would like to use a tool that has ease of use but that also provides some simple security information about the visited website.
References
[1]
IP Quality Score API. 2023. Malicious URL Scanner. https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner
[2]
Browser Audit. 2023. How secure is your browser?https://browseraudit.com/
[3]
Nicholas Carlini, Adrienne Porter Felt, and David Wagner. 2012. An Evaluation of the Google Chrome Extension Security Architecture. In 21st USENIX Security Symposium (USENIX Security 12). 97–111.
[4]
Serge Egelman, Lorrie Faith Cranor, and Jason Hong. 2008. You’ve Been Warned: An Empirical Study of the Effectiveness of Web Browser Phishing Warnings. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. 1065–1074.
[5]
Laura Falk, Atul Prakash, and Kevin Borders. 2008. Analyzing Websites for User-Visible Security Design Flaws. In Proceedings of the 4th Symposium on Usable Privacy and Security. 117–126.
[6]
José Carlos Coelho Martins da Fonseca and Marco Paulo Amorim Vieira. 2014. A Practical Experience on the Impact of Plugins in Web Security. In 2014 IEEE 33rd International Symposium on Reliable Distributed Systems. 21–30. https://doi.org/10.1109/SRDS.2014.20
[7]
Google. 2023. Google Safe Browsing and Transparency Report. https://transparencyreport.google.com/safe-browsing/search?hl=en_GB
[8]
Teemu Koskinen, Petri Ihantola, and Ville Karavirta. 2012. Quality of WordPress Plug-Ins: An Overview of Security and User Ratings. In 2012 International Conference on Privacy, Security, Risk and Trust and 2012 International Confernece on Social Computing. 834–837. https://doi.org/10.1109/SocialCom-PASSAT.2012.31
[9]
Matthew Malloy, Mark McNamara, Aaron Cahn, and Paul Barford. 2016. Ad Blockers: Global Prevalence and Impact. In Proceedings of the 2016 Internet Measurement Conference. 119–125.
[10]
Max-Emanuel Maurer, Alexander De Luca, and Sylvia Kempe. 2011. Using Data Type Based Security Alert Dialogs to Raise Online Security Awareness. In Proceedings of the Seventh Symposium on Usable Privacy and Security(SOUPS ’11).
[11]
Daniel T. Murphy, Minhaz F. Zibran, and Farjana Z. Eishita. 2021. Plugins to Detect Vulnerable Plugins: An Empirical Assessment of the Security Scanner Plugins for WordPress. In 2021 IEEE/ACIS 19th International Conference on Software Engineering Research, Management and Applications (SERA). 39–44. https://doi.org/10.1109/SERA51205.2021.9509274
[12]
Paulo Jorge Costa Nunes, José Fonseca, and Marco Vieira. 2015. phpSAFE: A Security Analysis Tool for OOP Web Application Plugins. In 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. 299–306. https://doi.org/10.1109/DSN.2015.16
[13]
Ignacio Redondo and Gloria Aznar. 2023. Whitelist or Leave Our Website! Advances in the Understanding of User Response to Anti-Ad-Blockers. Informatics 10, 1 (2023).
[14]
Jahanzeb Shahid, Muhammad Khurram Hameed, Ibrahim Tariq Javed, Kashif Naseer Qureshi, Moazam Ali, and Noel Crespi. 2022. A Comparative Study of Web Application Security Parameters: Current Trends and Future Directions. Applied Sciences 12, 8 (2022).
[15]
Peter Snyder, Cynthia Taylor, and Chris Kanich. 2017. Most Websites Don’t Need to Vibrate: A Cost-Benefit Approach to Improving Browser Security. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security(CCS ’17). 179–194.
[16]
Chrome Web Store. 2023. Avast Online Security Plugin. https://chrome.google.com/webstore/detail/avast-online-security/gomekmidlodglbbmalcneegieacbdmki?hl=en
[17]
Chrome Web Store. 2023. WOT Website Security and Browsing Protection. https://chrome.google.com/webstore/detail/wot-website-security-brow/bhmmomiinigofkjcapegjjndpbikblnp
[18]
Nitirat Tanthavech and Apichaya Nimkoompai. 2019. CAPTCHA: Impact of Website Security on User Experience. In Proceedings of the 2019 4th International Conference on Intelligent Information Technology. 37–41.
[19]
Nguyen Duc Thai and Nguyen Huu Hieu. 2019. A Framework for Website Security Assessment. In Proceedings of the 7th International Conference on Computer and Communications Management(ICCCM ’19). 153–157.
[20]
Pentest Tools. 2023. Website Vulnerability Scanner. https://pentest-tools.com/website-vulnerability-scanning/website-scanner
[21]
SSL Trust. 2023. SSL Trust Website Safety and Security Check Website. https://www.ssltrust.co.uk/ssl-tools/website-security-check
[22]
Min Wu, Robert C. Miller, and Simson L. Garfinkel. 2006. Do Security Toolbars Actually Prevent Phishing Attacks?. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. 601–610.
Index Terms
- A Web Browser Plugin for Users' Security Awareness
Recommendations
E-commerce security threats: awareness, trust and practice
Electronic commerce (e-commerce) has always been accompanied by security concerns. Despite numerous studies in the areas of security and trust, to date there is a dearth of research that addresses the impact of security trust and security awareness on ...
IntelliJML: a JML plugin for IntelliJ IDEA
FTfJP '21: Proceedings of the 23rd ACM International Workshop on Formal Techniques for Java-like ProgramsJava code can be annotated with formal specifications using the Java Modelling Language (JML). Previous work has provided IDE plugins intended to help write JML, but mostly for the Eclipse IDE. We introduce IntelliJML, a JML plugin for IntelliJ IDEA, ...
Persona-driven information security awareness
HCI '16: Proceedings of the 30th International BCS Human Computer Interaction Conference: Companion VolumeBecause human factors are a root cause of security breaches in many organisations, security awareness activities are often used to address problematic behaviours and improve security culture. Previous work has found that personas are useful for ...
Comments
Information & Contributors
Information
Published In
July 2024
2032 pages
ISBN:9798400717185
DOI:10.1145/3664476
Copyright © 2024 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 30 July 2024
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
ARES 2024
ARES 2024: The 19th International Conference on Availability, Reliability and Security
July 30 - August 2, 2024
Vienna, Austria
Acceptance Rates
Overall Acceptance Rate 228 of 451 submissions, 51%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 208Total Downloads
- Downloads (Last 12 months)208
- Downloads (Last 6 weeks)70
Reflects downloads up to 16 Jan 2025
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatLogin options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in