Computer security thesis captures research award

Posted by
On November 3, 2020

Xinhui Zhan, a 2019 Missouri S&T graduate with a master of science degree in information science and technology, received the Best Student Research Award at the International Federation for Information Processing (IFIP) Working Group’s 2020 Dewald Roode Information Security Workshop in October.

Xinhui Zhan
Xinhui Zhan

Zhan’s award recognized her research paper that reports findings from her master’s thesis,titled “Impact of Framing and Base Size of Computer Security Risk Information on User Behavior.” Her advisor is Dr. Fiona Nah, professor of business and information technology.

Through an experiment involving about 200 participants, Zhan’s research tested how a negatively or positively framed presentation of computer security risk information combined with stated risk outcomes for varying user base sizes, affected users’ risk-taking behaviors.

The research found that negatively framed presentation of risk information, such as warnings about potential negative implications of downloading free software, with the security risks stated for larger pools of users, for example that 10,000 out of 100,000 users rather than 100 out of 1,000 would have their security compromised, had the greatest effect on producing risk-adverse user behaviors.

Zhan anticipates that her study can be used to design better warning systems to mitigate security risks for users. She says the research can also be used for organizational guidance in training employees to avoid dangerous software downloads. 

The IFIP is a global non-profit organization recognized by the United Nations. It links international researchers and professionals working in the field of computing to develop standards and promote information sharing. The annual workshop focuses on topics such as computer crime, employee misconduct, cybercrimes, human error, natural events and related policies and strategies.

Zhan’s research was partially funded by NSF EAGER grant No. 1537538, “Factoring User Behavior into Network Security Analysis.”

Share this page

Posted by

On November 3, 2020. Posted in Accomplishments