Stratford School of Interaction Design and Business

Permanent URI for this collectionhttps://uwspace.uwaterloo.ca/handle/10012/17630

Browse

Recent Submissions

Now showing 1 - 20 of 42
  • Item
    Geo-Phisher: The Design and Evaluation of Information Visualizations about Internet Phishing Trends
    (IEEE, 2016-06) Zhang-Kennedy, Leah; Fares, Elias; Chiasson, Sonia; Biddle, Robert
    We designed an information visualization about phishing trends and phishing prevention for the general public to examine the effects of interactivity on information finding, user perceptions and security behaviour intentions, and effectiveness of learning. In an user study (N = 30) with two experimental conditions (HI - high interactivity, and LO - low interactivity control condition), the results show that the HI interactivity condition supported more accurate information finding, resulted in greater perceived interactivity and perceived knowledge than the LO interactivity condition, but did not affect attitudes toward the visualization and security behaviour intentions for proactive awareness. Furthermore, the HI interactivity condition led to greater learning effects and a deeper understanding towards phishing prevention than the control condition.
  • Item
    Password Advice Shouldn't Be Boring: Visualizing Password Guessing Attacks
    (IEEE, 2013-09) Zhang-Kennedy, Leah; Chiasson, Sonia; Biddle, Robert
    Users are susceptible to password guessing attacks when they create weak passwords. Despite an abundance of text-based password advice, it appears insufficient to help home users create strong memorable passwords. We propose that users would be empowered to make better password choices if they understood how password guessing attacks work through visual communication. We created three infographic posters and an online educational comic to help users to learn about the threats. We conducted two studies to assess their effectiveness. All four methods led to superior learning outcomes than the text- alone approach. Our pre-test questionnaires also highlighted that users’ understanding of password guessing attacks is limited to a “target” mental model. One week after viewing our materials, the majority of users created strong sample passwords, and correctly described all three attacks: targeted, dictionary, and brute-force.
  • Item
    Cyberheroes: The Design and Evaluation of an Interactive Ebook to Educate Children about Online Privacy
    (Elsevier, 2017-07) Zhang-Kennedy, Leah; Abdelaziz, Yomna; Chiasson, Sonia
    We designed an educational interactive ebook called Cyberheroes and evaluated it to assess its effectiveness at increasing children’s online privacy knowledge and behaviour, and supporting child-parent privacy-related discussions. We con- ducted a user study with 22 children (aged 7 to 9) and 22 parents that included usability evaluations and privacy knowledge and behaviour assessments with children pre/post-reading and 1-week later. Cyberheroes considerably increased children’s online privacy knowledge and reported privacy behaviour, and led to superior 1-week knowledge retention compared to the text-only control. Fur- thermore, Cyberheroes facilitated longer child-parent privacy discussions during co-reading than the control. Children and parents found Cyberheroes engag- ing, easy to use, and easy to learn. We discuss our interactive ebook’s role in children’s acquisition, retention, and transfer of knowledge, and the role that in- teractivity, previous knowledge, and parental guidance play in children’s online privacy education.
  • Item
    The Role of Instructional Design in Persuasion: A Comics Approach for Improving Cybersecurity
    (Taylor & Francis, 2016-03) Zhang-Kennedy, Leah; Chiasson, Sonia; Biddle, Robert
    Although computer security technologies are the first line of defence to secure users, their success is dependent on individuals’ behaviour. It is therefore necessary to persuade users to practice good computer security. Our interview analysis of users’ conceptualization of security password guessing attacks, antivirus protection, and mobile online privacy shows that poor understanding of security threats influences users’ motivation and ability to practice safe behaviours. We designed and developed an online interactive comic series called Secure Comics based on instructional design principles to address this problem. An eye-tracking experiment suggests that the graphical and interactive components of the comics direct users’ attention and facilitate comprehension of the information. In our evaluations of Secure Comics, results from several user studies show that the comics improve understanding and motivate positive changes in security management behaviour. We discuss the implication of the findings to better understand the role of instructional design and persuasion in education technology
  • Item
    Stop clicking on “update later”: Persuading users they need up-to-date antivirus protection
    (Springer, 2014-05) Zhang-Kennedy, Leah; Chiasson, Sonia; Biddle, Robert
    Online security advice aims to persuade users to behave se- curely, but appears to have limited effects at changing behaviour. We pro- pose security advice targeted at end-users should employ visual rhetoric to form an effective, memorable, and persuasive method of communica- tion. We present the design and evaluation of infographics and an online interactive comic developed to persuade users to update their antivirus software. Results show superior learning and behavioural outcomes com- pared to mainstream text-only security advice.
  • Item
    Revisiting Password Rules: Facilitating Human Management of Passwords
    (IEEE, 2016-06) Zhang-Kennedy, Leah; Chiasson, Sonia; van Oorschot, Paul
    Password rules were established in the context of past security concerns. Recent work in computer security challenges the conventional wisdom of expert password advice, such as change your passwords often, do not reuse your passwords, or do not write your passwords down. The effectiveness of these rules for protecting user accounts against real world attacks is questioned. We review the latest research examining password rules for general-purpose user authentication on the web, and discuss the arguments behind the continued acceptance or the rejection of the rules based on empirical evidence and solid justifications. Following the review, we recommend an updated set of password rules.
  • Item
    The aftermath of a crypto-ransomware attack at a large academic institution
    (USENIX, 2018-08) Zhang-Kennedy, Leah; Assal, Hala; Rocheleau, Jessica; Mohamed, Reham; Baig, Khadija; Chiasson, Sonia
    In 2016, a large North American university was subject to a significant crypto-ransomware attack and did not pay the ransom. We conducted a survey with 150 respondents and interviews with 30 affected students, staff, and faculty in the immediate aftermath to understand their experiences during the attack and the recovery process. We provide analysis of the technological, productivity, and personal and social impact of ransomware attacks, including previously unaccounted secondary costs. We suggest strategies for comprehensive cyber-response plans that include human factors, and highlight the importance of communication. We conclude with a Ransomware Process for Organizations diagram summarizing the additional contributing factors beyond those relevant to individual infections.
  • Item
    A Systematic Review of Multimedia Tools for Cybersecurity Awareness and Education
    (ACM, 2021-01-02) Zhang-Kennedy, Leah; Chiasson, Sonia
    We conduct a comprehensive review covering academic publications and industry products relating to tools for cybersecurity awareness and education aimed at non-expert end-users developed in the past 20 years. Through our search criteria, we identified 119 tools that we cataloged into five broad media categories. We explore current trends, assess their use of relevant instructional design principles, and review empirical evi dence of the tools’ effectiveness. From our review, we provide an evaluation checklist and suggest that a more systematic approach to the design and evaluation of cybersecurity educational tools would be beneficial.
  • Item
    From Nosy Little Brothers to Stranger-Danger: Children and Parents’ Perception of Mobile Threats
    (ACM, 2016-06-21) Zhang-Kennedy, Leah; Mekhail, Christine; Abdelaziz, Yomna; Chiasson, Sonia
    The rise in mobile media use by children has heightened parents' concerns for their online safety. Through semi-structured interviews of parent-child dyads, we explore the perceived privacy and security threats faced by children aged seven to eleven along with the protection mechanisms employed. We identified four models of privacy held by children. Furthermore, we found that children's concerns fit into four child-adversary threat models: child-peers, child-media, child-strangers, and child-parents. Their concerns differed from the five threat models held by the parents: child-peers, child-media, child-strangers, child-technology, and child-self. Parents used a variety of protection strategies to minimize children's exposure to external threats. In reality, however, our results suggest that security and privacy risks from an internal family member or a friend are far more common than harm from outsiders.
  • Item
    Teaching with an Interactive E-book to Improve Children's Online Privacy Knowledge
    (ACM, 2016-06-21) Zhang-Kennedy, Leah; Chiasson, Sonia
    We designed the Cyberheroes interactive e-book and conducted a preliminary user study to test its effectiveness in educating children aged 7 to 9 about online privacy risks. Children and parents found the book to be fun and engaging. Our study included pre and post interviews and knowledge assessment. It showed that the interactive e-book successfully improved children's understanding of privacy risks while exhibiting excellent retention in knowledge after one week.
  • Item
    Cyberheroes: An Interactive Ebook for Improving Children’s Online Privacy
    (Scienceopen, 2017-07) Zhang-Kennedy, Leah; Chiasson, Sonia
    We designed, illustrated, and developed Cyberheroes, an educational interactive ebook that teaches children about online privacy. The ebook was evaluated with children and parents, and had positive effects on children’s privacy knowledge, and improved their privacy-conscious behaviour.
  • Item
    Secure Comics: An Interactive Comic Series for Improving Cyber Security and Privacy
    (Scienceopen, 2017-07) Zhang-Kennedy, Leah; Biddle, Robert; Chiasson, Sonia
    We designed, illustrated, and developed Secure Comics, an online educational interactive comic series about cyber security and privacy. The three-part comic was evaluated with adults and children, and had positive effects on users understanding of security and privacy information, and improved their secure and privacy- aware behaviour.
  • Item
    Engaging Children About Online Privacy Through Storytelling in an Interactive Comic
    (Scienceopen, 2017-07) Zhang-Kennedy, Leah; Baig, Khadija; Chiasson, Sonia
    Children’s privacy is put at risk through online sharing of location-based information. We study the effectiveness of an educational interactive comic on improving 11- to 13-year-old children’s privacy knowledge and behaviour immediately and one week after reading. Children’s privacy knowledge increased after reading either the comic or the text-only control, but the comic promoted superior knowledge retention a week later and was more successful at influencing children’s reported privacy behaviour than the control. Our 22 child-parent pairs found the comic facilitated learning for children, engaging, and easy to use. We discuss the implication on children’s short and long-term knowledge retention and behaviour, and the educational potential of comics at addressing the challenges of privacy and security education for children.
  • Item
    You’re Making Me Sick: A Systematic Review of How Virtual Reality Research Considers Gender & Cybersickness
    (ACM, 2021-05-06) MacArthur, Cayley; Grinberg, Arielle; Harley, Daniel; Hancock, Mark
    While multiple studies suggest that female-identified participants are more likely to experience cybersickness in virtual reality (VR), our systematic review of 71 eligible VR publications (59 studies and 12 surveys) pertaining to gender and cybersickness reveals a number of confounding factors in study design (e.g., a variety of technical specifications, tasks, content), a lack of demographic data, and a bias in participant recruitment. Our review shows an ongoing need within VR research to more consistently include and report on women’s experiences in VR to better understand the gendered possibility of cybersickness. Based on the gaps identified in our systematic review, we contribute study design recommendations for future work, arguing that gender considerations are necessary at every stage of VR study design, even when the study is not ‘about’ gender.
  • Item
    Tunnel Divisions: Interactive Sound Mapping of Transitory Public Spaces
    (ACM, 2016-11-06) MacArthur, Cayley; Trothen, Stephen; Hancock, Mark
    We present Tunnel Divisions, an interactive musical installation designed for ephemeral interaction in public spaces. Informed by concepts from cultural and media studies along with existing literature on interactive public displays, we designed the installation as an intervention meant for the monotonous parts of everyday life. Our demonstration uses low-cost sensors and musical theory to create a generative sound composition unique to the particular space and the people moving through it. By experiencing the installation, we hope to promote critical thinking about the nature and form of interaction with public spaces.
  • Item
    Makers and Quilters: Investigating Opportunities for Improving Gender-Imbalanced Maker Groups
    (ACM, 2019-11) MacArthur, Cayley; Wong, Caroline; Hancock, Mark
    Recent efforts to diversify participation in STEM (Science, Technology, Engineering & Math) activities through informal learning environments, such as hackathons and makerspaces, confirm a real desire for inclusion among potential female participants. However, understanding factors that may contribute to longer-term, sustainable diversification of such groups remains a challenge. In this paper, we present the results of a mixed-methods study of two microcosms of making: game development, and quilting. Our findings reveal parallel structures within these groups despite being highly skewed towards male or female participation, respectively. Our results shed light on attitudes, behaviours, and experiences indicating that similar desires for wider community support among other factors exist in both groups, but these needs are not satisfied in the STEM context. We conclude by discussing the implications of our findings as opportunities for rethinking how we design the environments that are meant to support design itself, considering the role of technology in these spaces, and prioritizing nurturing the development of the maker community beyond the maker space.
  • Item
    Curioscape: A Curiosity-driven Escape Room Board Game
    (CHI PLAY '20: The Annual Symposium on Computer-Human Interaction in Play, 2020-11-02) Tu, Joseph; Durmanova, Ekaterina
    Are you frustrated when a board game has too many rules? Do you want to jump straight into the game and just play? We created Curioscape, an escape room board game that focuses on the idea of whether eliminating a rule book is possible in a board game context. This means players can start the game without having to learn rules or understand how the game works. This paper describes Curioscape’s conception to release, along with the exploration of replicating escape rooms in a smaller space and investigates if we can use curiosity to create meaningful game design choices.
  • Item
    Financial Literacy through Gameful Design
    (University of Waterloo, 2021-01-29) Cen, Jian-Lan Andrew
    Canadians have been found to have little to no expendable income and find debt management difficult. Alongside the growing push towards digital service platforms replacing traditional brick and mortar solutions within the financial industry. Utilizing this motivation, and in partnership with Toronto Dominion (TD) Bank as a part of a MitacsAccelerate Internship, I propose a study to investigate methodologies within gamification and visual rhetorical accommodation to create potential digital solutions that alleviate these user experiences when dealing with financial situations. More specifically, how might we utilized personalization and visual rhetoric design within financial tools and services, in this case, credit cards, to assist the user’s knowledge translation of financial status, which I hypothesize will alleviate negative user debt and spending behaviours. In this work, I conducted an online study following a semi-structured interview with 60participants. Participants were recruited via an online user recruitment platform, UserInterviews. Participants were equally distributed across 4 conditions and a control group. The interview process began by probing participants about their current behaviours with their online banking and credit card platform. The interview then proceeded to present each participant with condition affected replica’s or TD’s online banking platform, Easy-Web. They were asked for initial impressions and presented a scenario in which participants cognitively walked through using the potential platform. First impressions and qualitative data about user experiences were then collected for analysis. Through the analysis, we discovered that users demonstrated positive effects in response to goal-setting oriented solutions and simulations of real-world consequences of their actions. In summary, our work opens up a venue for exploration as the field of gamification expands into financial settings, and provides experienced designers with a set of guidelines that could inform designs within financial settings.
  • Item
    Defining gameful experience as a psychological state caused by gameplay: Replacing the term ‘Gamefulness’ with three distinct constructs
    (Elsevier, 2019-07) Landers, Richard; Tondello, Gustavo F.; Kappen, Dennis L.; Collmus, Andrew; Mekler, Elisa D.; Nacke, Lennart
    Background and Aim Gamefulness is commonly cited as the primary goal of gamification, a family of approaches employed in education, business, healthcare, government, and elsewhere. However, gamefulness is defined imprecisely across the literature. To address this, we present a theory of gamefulness that splits gamefulness into more specific constructs and outlines their effects in a process model. Method We integrate extant literature from psychology, human-computer interaction, and other fields to define gameful design, systems, and experiences. Most critically, we argue that gameful experience is the core focal construct of this theory and define it as an interactive state occurring when a person perceives non-trivial achievable goals created externally, is motivated to pursue them under an arbitrary set of behavioral rules, and evaluates that motivation as voluntary. Results We present six resulting propositions: (1) gameful systems lead to gameful experiences, (2) gameful systems impact psychological characteristics, (3) effective gameful design leads to gameful systems, (4) effective gameful systems lead to behavioral change, (5) appropriate behavioral change causes the distal outcomes gamification designers target, and (6) individual differences moderate the effectiveness of gameful systems. Conclusion Gameful experience theory provides researchers with a unified foundation to study gamification from any social scientific lens.
  • Item
    Food Literacy while Shopping: Motivating Informed Food Purchasing Behaviour with a Situated Gameful App
    (ACM, 2020-04-25) Bomfim, Marcela C.C.; Kirkpatrick, Sharon I.; Nacke, Lennart; Wallace, James R.
    Establishing healthy eating patterns early in life is critical and has implications for lifelong health. Situated interventions are a promising approach to improve eating patterns. How- ever, HCI research has emphasized calorie control and weight loss, potentially leading consumers to prioritize caloric in- take over healthy eating patterns. To support healthy eating more holistically, we designed a gameful app called Pirate Bri’s Grocery Adventure (PBGA) that seeks to improve food literacy—meaning the interconnected combination of food- related knowledge, skills, and behaviours that empower an individual to make informed food choices—through a situated approach to grocery shopping. Findings from our three-week field study revealed that PBGA was effective for improving players’ nutrition knowledge and motivation for healthier food choices and reducing their impulse purchases. Our findings highlight that nutrition apps should promote planning and shopping based on balance, variety, and moderation.