Some research I’m working on; some things I’ve made.
Research | Works in Progress
Some pages and tools related to research I am currently working on.
“Creating Construct Distance Maps with Machine Learning: Stargazing Trust”
With: Kai Larsen, David Gefen, Stacie Petter
A design-science approach to creating a tool to graph the nomological space of all survey items used in information systems literature. Applies methods from the domain of topological data analysis to visually graph the nomological space, based on predicted “distances” between item pairs generated by a machine learning predictive model trained on a sampling of survey item-pair relationships (distances) coded by domain experts. Besides leading to insights into already-used IS constructs, the resulting tool can be used to identify placement of new survey items in context in the nomological space.
- Visualization live demo
- Kepler-mapper TDA python library used in the study (docs, github). I became a core developer for this during the course of the study.
- AMCIS submission ( powerpoint, paper, AISnet link ). Won Best Completed Paper award. See full citation below in the references section.
“When Bots Attack: Threat Modeling and Mitigations of Attacks Against Online Behavioral Experiments”
With: Todd M. Gureckis, Jordan W. Suchow
Psychology and behavioral data is increasingly shifting to being collected online, instead of in brick-and-mortar lab rooms. However, panic has arisen about the degree to which such data is impacted by “bots”, or by malicious actors gaming the system in order to maximize participation payouts. This paper applies models from cybersecurity – specifically, the NIST Cybersecurity Framework’s Five Functions – to systematically evaluate the threat of bots, and to show the process by which controls can be developed to mitigate identified threats. Several cross-industry controls are suggested, including the development of machine learning models to detect anomalous participant behavior, aggregated across participating researchers’ data. The behavioral research community can use these models to defend collected data, and to argue for cross-industry grants to develop novel approaches.
- psiTurk – An open platform for science on Amazon Mechanical Turk. I have been the lead developer for psiTurk since 2016.
“The Fog of Warnings: How Non-essential Notifications Blur with Security Warnings”
With: Anthony Vance, Bonnie Anderson, Brock Kirwan, Jeff Jenkins
Through a series of lab and field experiments, the impact of exposure to system notifications of varying degree of visual similarity to security messages is assessed using objective methods such as reaction times and fMRI response data.
- Symposium on Usable Privacy and Security (SOUPS’19) submission ( abstract, pdf from usenix.org: )
“A Spoonful of Sugar: Blending Online News Source and Content to Counter Ideological-Alignment News Biases and Encourage Political Group Depolarization”
With: Valerie Bartelt, Zlatana Nenova, Dennis Galletta
While the oft-heard moniker “fake news” may be used to claim that an article’s content is factually false, it may also be used to label articles from sources that are inconsistent with or opposed to the reader’s political ideology, regardless of the content factuality. Individuals have been shown to be biased against content unaligned with their ideologies, but what of ideological alignment with a publication source’s reputation? And furthermore, little is known about what occurs when a publication source presents content that conflicts with its established reputation. This study uses a within-subject experimental design with online participants to identify and quantify marginal impacts of reader-source and reader-content ideological alignment. The findings confirm that, holding reader-content alignment constant, individuals’ perceptions of an article are biased based on the publication source presenting the content. Suggestions implementable by publication sources and by bias-aware individuals for countering source-related biases are proposed.
- A live testing page for the experiment protocol. Loads all articles from the mongo db, and permits injecting the article content into one of three publication source templates.
Research | Completed
This list is not exhaustive. The projects listed here are just ones that have neat live links to show off.
“Do Security Fear Appeals Work when they Interrupt Tasks? A Multi-Method Examination of Password Strength”
With: Anthony Vance, Dennis Eggett, Detmar Straub, Kirk Ouimet
Accepted for forthcoming publication at MISQ. Here’s a link to a working draft of the paper.
This paper was a long time coming. It’s a followup to the wildly popular “Enhancing Password Security through Interactive Fear Appeals: A Web-Based Field Experiment”, HICSS 2013 (Google Scholar).
The original data for this paper was collected through a deception protocol on a website Socwall.com, with password tooltip treatments designed and implemented by Kirk Ouimet. Later versions of the paper required collecting additional data, including running a focus group. I re-implemented the password tooltip treatments in several other website shells – first for BYU, then for Temple. We didn’t end up using the BYU one to collect more data, but we did use the Temple one during a focus group run by Tony with students from there. I also re-implemented the Socwall one – all three on Heroku. I initially used the social engineering toolkit to clone the sites, because I’m cool.
I can never remember the links to the tooltip portals. Here they are.
Instructions for using each are included in the repo’s README’s. Be warned though, they’re “research notes,” which means they’re a mess.
Check out my github activity! deargle
I publish as much of my class content as I can online, via Github Pages rendering. Much of that content is in the deargle-classes github organization. I encourage my students to contribute to class-related repos. Sometimes they do.
I am involved more heavily with development of a few open-source repositories, such as the ones below.
An open platform for science on Amazon Mechanical Turk.
I have been a core developer for psiTurk since during my phd in ~2016.
Kepler-mapper is a library implementing the Mapper algorithm in Python. KeplerMapper can be used for visualization of high-dimensional data and 3D point cloud data. KeplerMapper can make use of Scikit-Learn API compatible cluster and scaling algorithms.
KeplerMapper employs approaches based on the MAPPER algorithm (Singh et al.) as first described in the paper “Topological Methods for the Analysis of High Dimensional Data Sets and 3D Object Recognition”.
Some things I’ve made. Links are scattered throughout blog posts, so I’m gathering them here.
College Financial Calculator
Calculator that helps plan how much needs to be invested now, using a variety of investment strategies, in order to pay for college in the future.
Grade curve calculator
Some schools have guidelines for distribution of letter grades for a class. This tool helps with compliance with those guidelines.
Kali on GCP
DevOps for material for my information security management class. Includes a pen test lab on GCP.
NIST Cybersecurity Framework ⭤ 800‑53 Controls Mapping
The NIST CSF Core maps controls from 800-53 (and other) informative references, but only by code, which makes text-searching impossible. Mashup!