PassViz: A Visualisation System for Analysing Leaked Passwords

Passwords remain the most widely used form of user authentication, despite advancements in other methods. However, their limitations, such as susceptibility to attacks, especially weak passwords defined by human users, are well-documented. The existence of weak human-defined passwords has led to repeated password leaks from websites, many of which are of large scale. While such password leaks are unfortunate security incidents, they provide security researchers and practitioners with good opportunities to learn valuable insights from such leaked passwords, in order to identify ways to improve password policies and other security controls on passwords. Researchers have proposed different data visualisation techniques to help analyse leaked passwords. However, many approaches rely solely on frequency analysis, with limited exploration of distance-based graphs. This paper reports PassViz, a novel method that combines the edit distance with the t-SNE (t-distributed stochastic neighbour embedding) dimensionality reduction algorithm for visualising and analysing leaked passwords in a 2-D space. We implemented PassViz as an easy-to-use command-line tool for visualising large-scale password databases, and also as a graphical user interface (GUI) to support interactive visual analytics of small password databases. Using the "000webhost" leaked database as an example, we show how PassViz can be used to visually analyse different aspects of leaked passwords and to facilitate the discovery of previously unknown password patterns. Overall, our approach empowers researchers and practitioners to gain valuable insights and improve password security through effective data visualisation and analysis

CogTool+: Modeling human performance at large scale

Cognitive modeling tools have been widely used by researchers and practitioners to help design, evaluate and study computer user interfaces (UIs). Despite their usefulness, large-scale modeling tasks can still be very challenging due to the amount of manual work needed. To address this scalability challenge, we propose CogTool+, a new cognitive modeling software framework developed on top of the well-known software tool CogTool. CogTool+ addresses the scalability problem by supporting the following key features: 1) a higher level of parameterization and automation; 2) algorithmic components; 3) interfaces for using external data; 4) a clear separation of tasks, which allows programmers and psychologists to define reusable components (e.g., algorithmic modules and behavioral templates) that can be used by UI/UX researchers and designers without the need to understand the low-level implementation details of such components. CogTool+ also supports mixed cognitive models required for many large-scale modeling tasks and provides an offline analyzer of simulation results. In order to show how CogTool+ can reduce the human effort required for large-scale modeling, we illustrate how it works using a pedagogical example, and demonstrate its s actual performance by applying it to large-scale modeling tasks of two real-world user-authentication systems

The Impact of Privacy and Security Attitudes and Concerns of Travellers on Their Willingness to Use Mobility-as-a-Service Systems

This paper reports results from an online survey on the impact of travellers' privacy and security attitudes and concerns on their willingness to use mobility-as-a-service (MaaS) systems. This study is part of a larger project that aims at investigating barriers to potential MaaS uptake. The online survey was designed to cover data privacy and security attitudes and concerns as well as a variety of socio-psychological and socio-demographic variables associated with travellers' intentions to use MaaS systems. The study involved n = 320 UK participants recruited via the Prolific survey platform. Overall, correlation analysis and a multiple regression model indicated that, neither attitudes nor concerns of participants over the privacy and security of personal data would significantly impact their decisions to use MaaS systems, which was an unexpected result, however, their trust in (commercial and governmental) websites would. Another surprising result is that, having been a victim of improper invasion of privacy did not appear to affect individuals' intentions to use MaaS systems, whereas frequency with which one heard about misuse of personal data did. Implications of the results and future directions are also discussed, e.g., MaaS providers are encouraged to work on improving the trustworthiness of their corporate image

Impact of disparity error on user experience of interacting with stereoscopic 3D video content

The stereoscopic three-dimensional (3D) displays can offer immersive experience to the audience by artificially stimulating binocular stereopsis in the human visual system. The binocular disparity between the left and right view is the key factor in creating the impression of depth, distinguishing the stereo 3D video from other types of video paradigms. Taking into consideration of the imperfections of current disparity estimation algorithms, this paper focus on the impact of disparity error on the user experience of pointing and selecting stereo 3D content. The conducted user study into perception tolerance suggests that users can tolerate disparity errors to a certain degree, where the level of tolerance varies with perceived distance from the screen. In addition, the study demonstrates that for a typical interaction task, reduction of accuracy is proportional to the disparity level of targeted 3D objects

Cyber Security and Online Safety Education for Schools in the UK: Looking through the Lens of Twitter Data

In recent years, digital technologies have grown in many ways. As a result, many school-aged children have been exposed to the digital world a lot. Children are using more digital technologies, so schools need to teach kids more about cyber security and online safety. Because of this, there are now more school programmes and projects that teach students about cyber security and online safety and help them learn and improve their skills. Still, despite many programmes and projects, there is not much proof of how many schools have taken part and helped spread the word about them. This work shows how we can learn about the size and scope of cyber security and online safety education in schools in the UK, a country with a very active and advanced cyber security education profile, using nearly 200k public tweets from over 15k schools. By using simple techniques like descriptive statistics and visualisation as well as advanced natural language processing (NLP) techniques like sentiment analysis and topic modelling, we show some new findings and insights about how UK schools as a sector have been doing on Twitter with their cyber security and online safety education activities. Our work has led to a range of large-scale and real-world evidence that can help inform people and organisations interested in cyber security and teaching online safety in schools

Visualising Personal Data Flows: Insights from a Case Study of Booking.com

Commercial organisations are holding and processing an ever-increasing amount of personal data. Policies and laws are continually changing to require these companies to be more transparent regarding collection, storage, processing and sharing of this data. This paper reports our work of taking Booking.com as a case study to visualise personal data flows extracted from their privacy policy. By showcasing how the company shares its consumers’ personal data, we raise questions and extend discussions on the challenges and limitations of using privacy policies to inform online users about the true scale and the landscape of personal data flows. This case study can inform us about future research on more data flow-oriented privacy policy analysis and on the construction of a more comprehensive ontology on personal data flows in complicated business ecosystems

aedFaCT: Scientific Fact-Checking Made Easier via Semi-Automatic Discovery of Relevant Expert Opinions

In this highly digitised world, fake news is a challenging problem that can cause serious harm to society. Considering how fast fake news can spread, automated methods, tools and services for assisting users to do fact-checking (i.e., fake news detection) become necessary and helpful, for both professionals, such as journalists and researchers, and the general public such as news readers. Experts, especially researchers, play an essential role in informing people about truth and facts, which makes them a good proxy for non-experts to detect fake news by checking relevant expert opinions and comments. Therefore, in this paper, we present aedFaCT, a web browser extension that can help professionals and news readers perform fact-checking via the automatic discovery of expert opinions relevant to the news of concern via shared keywords. Our initial evaluation with three independent testers (who did not participate in the development of the extension) indicated that aedFaCT can provide a faster experience to its users compared with traditional fact-checking practices based on manual online searches, without degrading the quality of retrieved evidence for fact-checking. The source code of aedFaCT is publicly available at https://github.com/altuncu/aedFaCT

User Aspects of Stereoscopic 3D Video Interaction.

The recent development of stereoscopic three dimensional (3D) display technologies has resulted in a proliferation of 3D video production and broadcasting, attracting a lot of research into capture, compression and delivery of stereoscopic content. However, little research has been dedicated to design practices of meaningful user interaction with stereoscopic 3D video content. Having this in mind, this thesis presents a series of studies in Human Computer Interaction (HCI) that analyse user aspects of stereoscopic 3D video interaction, propose technical solutions and give design guidelines for intuitive interaction with stereoscopic 3D video content. Three main user studies have been conducted to look into this research topic. The user requirement analysis in terms of interactive functionalities and interaction modality requirements showed strong demand for the task of object selection in 3D video interaction, that resulted in a follow-up study of user preferences in 3D selection using virtual-pointer and ray-casting metaphors. In addition, the immersive experience of stereoscopic 3D displays to the audience is caused by artificially stimulating binocular stereopsis in the human visual system. The binocular disparity between the left and right view is the key factor in creating the convincing impression of depth, distinguishing the stereoscopic 3D video from other types of video. Taking into consideration the imperfections of current disparity estimation algorithms, this thesis finally presents a study into the impact of disparity errors on users perception of depth and its implications to interaction tasks in 3D stereoscopic systems. A further investigation of pointing modalities in the context of stereoscopic 3D television (TV) was conducted, adopting the ISO 9241-9 standard for multi-directional tapping task and the Fitts law model. This experimental study compared and evaluated three pointing modalities: standard mouse-based interaction, virtual laser pointer implemented using Wiimote, and hand movement modality using Kinect. The results suggest that the virtual laser pointer modality is more advantageous than other modalities in terms of user performance and user comfort

User Aspects of Stereoscopic 3D Video Interaction.

The recent development of stereoscopic three dimensional (3D) display technologies has resulted in a proliferation of 3D video production and broadcasting, attracting a lot of research into capture, compression and delivery of stereoscopic content. However, little research has been dedicated to design practices of meaningful user interaction with stereoscopic 3D video content. Having this in mind, this thesis presents a series of studies in Human Computer Interaction (HCI) that analyse user aspects of stereoscopic 3D video interaction, propose technical solutions and give design guidelines for intuitive interaction with stereoscopic 3D video content. Three main user studies have been conducted to look into this research topic. The user requirement analysis in terms of interactive functionalities and interaction modality requirements showed strong demand for the task of object selection in 3D video interaction, that resulted in a follow-up study of user preferences in 3D selection using virtual-pointer and ray-casting metaphors. In addition, the immersive experience of stereoscopic 3D displays to the audience is caused by artificially stimulating binocular stereopsis in the human visual system. The binocular disparity between the left and right view is the key factor in creating the convincing impression of depth, distinguishing the stereoscopic 3D video from other types of video. Taking into consideration the imperfections of current disparity estimation algorithms, this thesis finally presents a study into the impact of disparity errors on users perception of depth and its implications to interaction tasks in 3D stereoscopic systems. A further investigation of pointing modalities in the context of stereoscopic 3D television (TV) was conducted, adopting the ISO 9241-9 standard for multi-directional tapping task and the Fitts law model. This experimental study compared and evaluated three pointing modalities: standard mouse-based interaction, virtual laser pointer implemented using Wiimote, and hand movement modality using Kinect. The results suggest that the virtual laser pointer modality is more advantageous than other modalities in terms of user performance and user comfort

MATLAB software prototype for detecting vehicle convoys based on ANPR (Automated Number Plate Recognition) data

This is a research prototype system developed using MATLAB to demonstrate the automatic detection of vehicle convoys based on ANPR (Automated Number Plate Recognition) data. It was originally developed at the University of Surrey as part of an Innovate UK funded project POLARBEAR (https://gtr.ukri.org/projects?ref=101949). The IPRs are being transferred to the University of Kent in 2020