Projects

Some research I’m working on; some things I’ve made.

Research | Works in Progress

Some pages and tools related to research I am currently working on.

“Creating Construct Distance Maps with Machine Learning: Stargazing Trust”

With: Kai Larsen, David Gefen, Stacie Petter

A design-science approach to creating a tool to graph the nomological space of all survey items used in information systems literature. Applies methods from the domain of topological data analysis to visually graph the nomological space, based on predicted “distances” between item pairs generated by a machine learning predictive model trained on a sampling of survey item-pair relationships (distances) coded by domain experts. Besides leading to insights into already-used IS constructs, the resulting tool can be used to identify placement of new survey items in context in the nomological space.

Links:

  • Visualization live demo
  • Kepler-mapper TDA python library used in the study (docs, github). I became a core developer for this during the course of the study.
  • AMCIS submission ( powerpoint, paper, AISnet link ). Won Best Completed Paper award. See full citation below in the references section.

“When Bots Attack: Threat Modeling and Mitigations of Attacks Against Online Behavioral Experiments”

With: Todd M. Gureckis, Jordan W. Suchow

Psychology and behavioral data is increasingly shifting to being collected online, instead of in brick-and-mortar lab rooms. However, panic has arisen about the degree to which such data is impacted by “bots”, or by malicious actors gaming the system in order to maximize participation payouts. This paper applies models from cybersecurity – specifically, the NIST Cybersecurity Framework’s Five Functions – to systematically evaluate the threat of bots, and to show the process by which controls can be developed to mitigate identified threats. Several cross-industry controls are suggested, including the development of machine learning models to detect anomalous participant behavior, aggregated across participating researchers’ data. The behavioral research community can use these models to defend collected data, and to argue for cross-industry grants to develop novel approaches.

Links:

  • psiTurk – An open platform for science on Amazon Mechanical Turk. I have been the lead developer for psiTurk since 2016.

“The Fog of Warnings: How Non-essential Notifications Blur with Security Warnings”

With: Anthony Vance, Bonnie Anderson, Brock Kirwan, Jeff Jenkins

Through a series of lab and field experiments, the impact of exposure to system notifications of varying degree of visual similarity to security messages is assessed using objective methods such as reaction times and fMRI response data.

Links:

  • Symposium on Usable Privacy and Security (SOUPS’19) submission ( abstract, pdf from usenix.org: )
  • A testing page for some of the modals I made for use during the task, and A portal for testing treatment conditions and full or piecemeal task protocol. I built the whole experimental task from scratch using javascript and the PsiTurk python framework.

“A Spoonful of Sugar: Blending Online News Source and Content to Counter Ideological-Alignment News Biases and Encourage Political Group Depolarization”

With: Valerie Bartelt, Zlatana Nenova, Dennis Galletta

While the oft-heard moniker “fake news” may be used to claim that an article’s content is factually false, it may also be used to label articles from sources that are inconsistent with or opposed to the reader’s political ideology, regardless of the content factuality. Individuals have been shown to be biased against content unaligned with their ideologies, but what of ideological alignment with a publication source’s reputation? And furthermore, little is known about what occurs when a publication source presents content that conflicts with its established reputation. This study uses a within-subject experimental design with online participants to identify and quantify marginal impacts of reader-source and reader-content ideological alignment. The findings confirm that, holding reader-content alignment constant, individuals’ perceptions of an article are biased based on the publication source presenting the content. Suggestions implementable by publication sources and by bias-aware individuals for countering source-related biases are proposed.

Links:

Research | Completed

This list is not exhaustive. The projects listed here are just ones that have neat live links to show off.

See my vita or my google scholar profile for a full list of my publications.

“Do Security Fear Appeals Work when they Interrupt Tasks? A Multi-Method Examination of Password Strength”

With: Anthony Vance, Dennis Eggett, Detmar Straub, Kirk Ouimet

Accepted for forthcoming publication at MISQ. Here’s a link to a working draft of the paper.

This paper was a long time coming. It’s a followup to the wildly popular “Enhancing Password Security through Interactive Fear Appeals: A Web-Based Field Experiment”, HICSS 2013 (Google Scholar).

The original data for this paper was collected through a deception protocol on a website Socwall.com, with password tooltip treatments designed and implemented by Kirk Ouimet. Later versions of the paper required collecting additional data, including running a focus group. I re-implemented the password tooltip treatments in several other website shells – first for BYU, then for Temple. We didn’t end up using the BYU one to collect more data, but we did use the Temple one during a focus group run by Tony with students from there. I also re-implemented the Socwall one – all three on Heroku. I initially used the social engineering toolkit to clone the sites, because I’m cool.

I can never remember the links to the tooltip portals. Here they are.

Instructions for using each are included in the repo’s README’s. Be warned though, they’re “research notes,” which means they’re a mess.

Github Projects

Check out my github activity! deargle

I publish as much of my class content as I can online, via Github Pages rendering. Much of that content is in the deargle-classes github organization. I encourage my students to contribute to class-related repos. Sometimes they do.

I am involved more heavily with development of a few open-source repositories, such as the ones below.

Psiturk

An open platform for science on Amazon Mechanical Turk.

Psiturk is a python Flask app bundled with a javascript library to facilitate interacting with mturkers through all stages of the AMT process – posting HITs, serving an experiment website, approving work, analyzing data.

I have been a core developer for psiTurk since during my phd in ~2016.

Repo
https://github.com/NYUCCL/psiturk
Docs
https://psiturk.readthedocs.io/en/latest/
Paper
https://doi.org/10.5281/zenodo.3598651

Kepler-mapper

Kepler-mapper is a library implementing the Mapper algorithm in Python. KeplerMapper can be used for visualization of high-dimensional data and 3D point cloud data. KeplerMapper can make use of Scikit-Learn API compatible cluster and scaling algorithms.

KeplerMapper employs approaches based on the MAPPER algorithm (Singh et al.) as first described in the paper “Topological Methods for the Analysis of High Dimensional Data Sets and 3D Object Recognition”.

I became a somewhat-major contributor to Kepler-Mapper for a few years now. I do work both on the python side and also the javascript / html d3 visualization side. I’ve done work on the psiturk command-line shell, a web interface, python unit testing, database optimizations, and bug fixes and features-adds throughout the python code.

Repo
https://github.com/scikit-tda/kepler-mapper
Docs
https://kepler-mapper.scikit-tda.org/en/latest/
Paper
https://joss.theoj.org/papers/10.21105/joss.01315

Tools

Some things I’ve made. Links are scattered throughout blog posts, so I’m gathering them here.

College Financial Calculator

https://daveeargle.com/college-financial-calculator/

Calculator that helps plan how much needs to be invested now, using a variety of investment strategies, in order to pay for college in the future.

Grade curve calculator

https://daveeargle.com/nist_csf_800_53_mapping/

Some schools have guidelines for distribution of letter grades for a class. This tool helps with compliance with those guidelines.

Kali on GCP

https://github.com/deargle/kali-on-gcp

DevOps for material for my information security management class. Includes a pen test lab on GCP.

NIST Cybersecurity Framework ⭤ 800‑53 Controls Mapping

https://daveeargle.com/nist_csf_800_53_mapping/

The NIST CSF Core maps controls from 800-53 (and other) informative references, but only by code, which makes text-searching impossible. Mashup!