Dates and Location: September 29 & 30, 2022 Karlsruhe, Germany
The European Symposium on Usable Security (EuroUSEC) serves as a European forum for research and discussion in the area of human factors in security and privacy. EuroUSEC solicits previously unpublished work offering novel research contributions or clearly articulated research visions in any aspect of human-centered security and privacy. The aim of EuroUSEC is to bring together an interdisciplinary group of researchers and practitioners in human-computer interaction, security, and privacy. Participants are researchers, practitioners, and students from domains including computer science, engineering, psychology, the social sciences, and economics.
EuroUSEC 2022 will be a hybrid-onsite event to be prepared in case of new Covid variants in autumn. EuroUSEC will be – again – an independent event, not associated to any conference. It will be held in Karlsruhe and the KASTEL Security Research Labs will sponsor the event so that registration costs will be minimised (to cover refreshments and a social event).
On the same note, we have secured funding to pay for the proceedings and we are currently negotiating with ACM to publish it. The funding will allow us to pay for open access options, meaning the proceedings will be open access via the EuroUSEC 2022 website.
For those joining remotely, we want to accommodate as many time zones as possible, but also allow for breaks so as to reduce Zoom-overload and fatigue. The final schedule will depend on the submission numbers. More information will be provided as appropriate.
If travelling is unrestricted, we would ask one of the authors of each accepted paper to present the paper in person at the symposium. If people cannot travel, they are required to present their papers virtually. Under the same restrictions, we will ask the keynote speakers to come in person.
We want EuroUSEC to be a community-driven event and would love to hear any questions, comments, or concerns you might have regarding these changes from last year. Therefore we want to encourage everyone to join the everyone to join the EuroUSEC Slack. You can also send us an email at email@example.com.
EuroUSEC is part of the USEC family of events. You can find more info about all USEC events at: https://www.usablesecurity.net/USEC/index.php
Talk Title: Behavioural Data Science of Machine Learning Operations and Human-Machine Teaming for Cyber Security
Talk Title: Human Factors in Cyber Security - An industry perspective
Please consider submitting a poster to EuroUSEC 2022 based on the paper you submitted previously, or on some other topic. The posters will be reviewed by the two chairs.
28th July 2022
4th 20th August 2022
Prefix the paper title with: POSTER:
If accepted, at least one author has to attend the conference to discuss the poster with interested attendees.
We will include the poster PDF on the conference website if authors consent to this. The posters/abstracts will not be included in the conference proceedings.
Two pages is a maximum, not a target.
Background. 3-D Secure 2.0 (3DS 2.0) is an identity federation protocol authenticating the payment initiator for credit card transactions on the Web.
Aim. We aim to quantify the impact of factors used by 3DS 2.0 in its fraud-detection decision making process.
Method. We ran N=64 credit card transactions with two Web sites systematically manipulating the nominal IVs machine_data, value, region, and website. We measured whether the user was challenged with an authentication, whether the transaction was declined, and whether the card was blocked as nominal DVs. We established three logistic regression models to quantify the impact of the predictors on the likelihood of the transaction outcomes.
Results. A change in machine_data, region or value made it 5-7 times as likely to be challenged with password authentication. However, even in a foreign region with another factor being changed, the overall likelihood of being challenged only reached 60%. When in the card's home region, a transaction will be rarely declined (< 5% in control, 40% with one factor changed). However, in a region foreign to the card the system will more likely decline transactions anyway (about 60%) and any change in machine_data or value will lead to a near-certain declined transaction.
Conclusions. We found that the decisions to challenge the user with a password authentication, to decline a transaction and to block a card are governed by different weightings. 3DS 2.0 is most likely to decline transactions, especially in a foreign region. It is less likely to challenge users with password authentication, even if machine_data or value are changed.
We invite you to submit a paper and join us at EuroUSEC 2022.
We are excited to welcome original work describing research, visions, or experiences in all areas of usable security and privacy. We welcome a variety of research methods, including both qualitative and quantitative approaches.
We will review longer papers on mature/completed work in a research track, as well as shorter papers on work in progress, or work that has yet to begin, in a vision track. We aim to provide a venue for researchers at all stages of their careers and at all stages of their projects.
Topics include, but are not limited to:
For accepted papers, at least one author must attend EuroUSEC (either in person or virtually).
|Paper registration deadline (mandatory):||Monday, 6th June, 2022 (Anywhere on Earth)|
|Paper submission deadline:||Friday, 10th June, 2022(Anywhere on Earth)|
|Notification:||Thursday, 7th July, 2022|
|Revision decision re-submission deadline:||Friday, 22nd July, 2022 (Anywhere on Earth)|
|Revision notification:||Friday, 5th August, 2022|
|Camera ready:||12th August, 2022|
|EuroUSEC:||29th & 30th September, 2022|
Research Track: The research track is intended to report on mature work that has been completed. The goal of the EuroUSEC's research track is to disseminate results of interest to the broader usable security and privacy community. Papers must not be more than 16 pages in length using the one-column submission format, in both cases this excludes the bibliography. Try to scale the length of the paper according to the contributions you describe therein. Authors have the option to attach to their paper‘s supplementary appendices with study materials (e.g., survey instruments, interview guides, etc.) that would not otherwise take up valuable space within the body of the paper. Reviewers are not required to read appendices, so your paper should be self-contained without them. ACM also allows publication of additional supplemental materials and we want to encourage authors to use this option to provide research artifacts (e.g., builds of own software used in the study).
Vision Track: The vision track is intended to report on work in progress or concrete ideas for work that has yet to begin. The focus in the vision track is to spark discussion with the goal to provide the authors helpful feedback, pointers to potentially related investigations, and new ideas to explore. Suitable submissions to the vision track include traditional work-in-progress pieces such as preliminary results of pre-studies, but also research proposals and position papers outlining future research. Papers must be up to 9 pages in length using the one-column format, including the bibliography and with no appendices.
Upload your submission via this link:
Simultaneous submission of the same paper to another venue with proceedings or a journal is prohibited. Serious infringements of these policies may cause the paper to be rejected from publication and the authors put on a warning list, even if the paper is initially accepted by the program committee. Contact the EuroUSEC chairs if there are questions about this policy.
You are free to publish a pre-print of your paper on arXiv, SSRN or similar, if you wish to.
Contact the EuroUSEC chairs if there are any questions. firstname.lastname@example.org
Because of the Russian invasion in Ukraine, current guidelines of our host Karlsruhe Institute of Technology (KIT) prohibit hosting guests from research institutions in Russia and Belarus at KIT. We therefore encourage researchers from such institutions to be mindful of these regulations and to check whether they will be able to attend EuroUSEC before submitting their work.
The chairs can be contacted at email@example.com
As last year, all times in the program are given in the Central European (Summer) Time Zone (CEST). You can use this link to convert the times to any time zone you wish.
The preliminary program is available below. Specific details for sessions and keynotes will be published as soon as we finished the planning.
EuroUSEC will be held as a Hybrid-Onsite Symposium from September 29 - 30 in Karlsruhe, Germany. Event location is:TRIANGEL Open Space
Accomodation: You are welcome to look at following hotels located in the city center, within walking distance to the venue. By mentioning the booking code KIT within your reservation, some accommodations grant you a reduction in the cost of accommodation.
|****ACHAT Plaza Karlsruhe
Tel.: 0721 3717-0
|6 min walk to TRIANGEL
Tel.: 0721 23890
|11 min walk to TRIANGEL
72,00 Euro incl. Breakfast when you mention booking code KIT.
Tel.: 0721 91700
|6 min walk to TRIANGEL
|Leonardo Hotel Karlsruhe
Ettlinger Straße 23
Tel.: 0721 37270
|18 min walk to TRIANGEL
|Hotel Markgräfler Hof
Tel.: 0721 62768-600
|13 min walk to TRIANGEL
|****Novotel Karlsruhe City
Tel.: 0721 35260 firstname.lastname@example.org
|14 min walk to TRIANGEL|
Arrival: Karlsruhe is a well-connected city, with direct train connections from Frankfurt International Airport and Stuttgart Airport. As part of the Helmholtz Association a special offer for tickets at a fixed price can be used for events at KIT with the event ticket of the Deutsche Bahn (DB) which works similar to the well-known Rail & Fly ticket. Booking is possible via the special corporate booking page for events of the Helmholtz Association at DB: https://www.helmholtz.de/bahnspezial. The condition is that in addition to the train ticket there is also an admission ticket, invitation, etc. for an event of the Helmholtz Association.
There is a variant with train binding for long-term bookings (limited availability as with other savings prices of the DB). At € 53.90 (2nd class) and € 89.90 (1st class), this offer is particularly attractive for longer distances. A BahnCard is not required, but you have to commit to a specific train connection. In the more expensive variant you can travel without a train ticket. Here, the single journey costs € 80.90 (2nd class) or € 125.90 (1st class). The prices are valid until December 2022.
Additional information about getting to Karlsruhe and to the conference venue (which is located next to KIT Campus South) is available here.
To make EuroUSEC as effective as possible for everyone, we ask that all participants commit to our social contract:
Further information will be available soon
Registration is mandatory for participation in EuroUSEC. Please register using the following link: Register Now
At least one author for each accepted paper has to register until August 10th. For the rest of the participants, the registration will be open until September 16th. If you are a student or an employee of KIT, you can register using the form here.
The prices for the registration are as follows (note, the registration system outputs the price in two parts for taxation reasons). At least one registration using the "Author" option (either online or onsite) is required for each paper.
|Author (online)||350 €|
|Author (onsite)||350 €|
|Standard (online)||227,46 €|
|Standard (onsite)||350 €|
|Student (online)||104,93 €|
|Student (onsite)||186,62 €|