Contributions to CHI 2023

21 April 2023

Our group contributes this year 6 full papers and various late breaking works, workshop papers and demonstrations to the ACM CHI Conference on Human Factors in Computing Systems. 

Full Paper:

The Influence of Context on Response to Spear-Phishing Attacks: an In-Situ Deception Study

In today’s digitized societies, phishing attacks are a security threat with damaging consequences. Organizations remain vulnerable to phishing attacks, and it is not clear how the work context influences people’s perceptions and behaviors related to phishing attempts. I investigate (1) how contextual factors influence reactions to a spear-phishing attempt, (2) why people report or do not report phishing attempts, (3) which opportunities for security-enhancing interventions people identify. I use an in-situ deception methodology to observe participants (N=14) in their realistic work environment. I triangulate observational and self-reported data to obtain rich qualitative insights into participants’ emotions, thoughts, and actions when receiving a targeted phishing email. I find that task, IT, internal and social context play an important role. The email’s request being aligned with expectations and perceived time pressure when responding to emails were associated with insecure behavior. The social context positively influenced phishing detection, but “phished” participants did not tell anyone.

Verena Distler. The Influence of Context on Response to Spear-Phishing Attacks: An In-Situ Deception Study. In Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems. CHI '23. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]

“We Need a Big Revolution in Email Advertising”: Users’ Perception of Persuasion in Permission-based Advertising Emails

Persuasive tactics intend to encourage users to open advertising emails. However, these tactics can overwhelm users, which makes them frustrated and leads to lower open rates. This paper intends to understand which persuasive tactics are used and how they are perceived by users. We first developed a categorization of inbox-level persuasive tactics in permission-based advertising emails. We then asked participants to interact with an email inbox prototype, combined with interviews (N=32), to investigate their opinions towards advertising emails and underlying persuasive tactics. Our qualitative findings reveal poor user experience with advertising emails, which was related to feeling surveilled by companies, forced subscription, high prior knowledge about persuasive tactics, and a desire for more agency. We also found that using certain persuasive tactics on the inbox level is perceived as ethically inappropriate. Based on these insights, we provide design recommendations to improve advertising communication and make such emails more valuable to users.

Anastasia Sergeeva, Björn Rohles, Verena Distler und Vincent Koenig. “We Need a Big Revolution in Email Advertising”: Users’ Perception of Persuasion in Permission-Based Advertising Emails. In Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems. CHI '23. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]

Comparing Dwell time, Pursuits and Gaze Gestures for Gaze Interaction on Handheld Mobile Devices

This paper presents the first experiment in a mobile setting that compares three of the most commonly used gaze interaction methods: Dwell time, Pursuits, and Gaze gestures. In our study, 24 participants selected one of 2, 4, 9, 12 and 32 targets via gaze while sitting and while walking. Results show that input using Pursuits is faster than Dwell time and Gaze gestures especially when there are many targets. Users prefer Pursuits when stationary, but prefer Dwell time when walking. While selection using Gaze gestures is more demanding and slower when there are many targets, it is suitable for contexts where accuracy is more important than speed.

Omar Namnakani, Yasmeen Abdrabou, Jonathan Grizou, Augusto Esteves und Mohamed Khamis. Comparing Dwell Time, Pursuits and Gaze Gestures for Gaze Interaction on Handheld Mobile Devices. In Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems. CHI '23. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]

Keep it Real: Investigating Driver-Cyclist Interaction in Real-World Traffic

We explored driver-cyclist interaction across diverse scenarios through in-the-wild observations (N = 414) and a naturalistic study involving cyclists wearing eye-trackers (N = 12). Results showed cyclists attended to road markings and traffic signs in controlled traffic scenarios but to vehicle sides and windows in uncontrolled encounters. Interactions were unlikely at controlled intersections, but various techniques were used to negotiate right-of-way in uncontrolled scenarios, e.g. cyclists used arm gestures and shoulder checks to communicate their intent and awareness when lane merging. Drivers communicated these through on-vehicle signals and head movements at roundabouts.

Ammar Al-Taie, Yasmeen Abdrabou, Shaun Alexander Macdonald, Frank Pollick und Stephen Anthony Brewster. Keep It Real: Investigating Driver-Cyclist Interaction in Real-World Traffic. In Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems. CHI '23. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]

HotFoot: Foot-Based User Identification using Thermal Imaging

We propose a novel method for seamlessly identifying users by combining thermal and visible feet features. While it is known that users’ feet have unique characteristics, these have so far been underutilized for biometric identification, as observing those features often requires the removal of shoes and socks. As thermal cameras are becoming ubiquitous, we foresee a new form of identification, using feet features and heat traces to reconstruct the footprint even while wearing shoes or socks. We collected a dataset of users’ feet (N = 21), wearing three types of footwear (personal shoes, standard shoes, and socks) on three floor types (carpet, laminate, and linoleum). By combining visual and thermal features, an AUC between 91.1% and 98.9%, depending on floor type and shoe type can be achieved, with personal shoes on linoleum floor performing best. Our findings demonstrate the potential of thermal imaging for continuous and unobtrusive user identification.

Saad Alia, Izadi Kian, Ahmad Khan Anam, Knierim Pascal, Schneegass Stefan, Alt Florian und Abdelrahman Yomna. HotFoot: Foot-Based User Identification Using Thermal Imaging. In Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems. CHI '23. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]

When XR and AI Meet - A Scoping Review on Extended Reality and Artificial Intelligence

Research on Extended Reality (XR) and Artificial Intelligence (AI) is booming, which has led to an emerging body of literature in their intersection. However, the main topics in this intersection are unclear, as are the benefits of combining XR and AI. This paper presents a scoping review that highlights how XR is applied in AI research and vice versa. We screened 2619 publications from 203 international venues published between 2017 and 2021, followed by an in-depth review of 311 papers. Based on our review, we identify five main topics at the intersection of XR and AI, showing how research at the intersection can benefit each other. Furthermore, we present a list of commonly used datasets, software, libraries, and models to help researchers interested in this intersection. Finally, we present 13 research opportunities and recommendations for future work in XR and AI research.

Teresa Hirzle, Florian Müller, Fiona Draxler, Martin Schmitz, Pascal Knierim und Kasper Hornbæk. When XR and AI Meet - A Scoping Review on Extended Reality and Artificial Intelligence. In Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems. CHI '23. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]

Late Breaking Works, Workshop Paper und Demonstrationen:

Exploring the Use of Electromagnets to Influence Key Targeting on Physical Keyboards

We explore if and how users’ key targeting on keyboards can be influenced. To achieve this, we used a magnetic strip on the user’s finger that is actuated with electromagnets below the keyboard.

Lukas Mecke, Ismael Prieto Romero, Sarah Delgado Rodriguez und Florian Alt. Exploring the Use of Electromagnets to Influence Key Targeting on Physical Keyboards. In Extended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems. CHI EA '23. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]

Shake-It-All: A Toolkit for Sensing Tangible Interactions on Everyday Objects

To empower people without this expertise, we envision a future where plug & play toolkits allow everyday objects to be augmented easily, rapidly, and in an inexpensive manner. We present the concept for the Shake-It-All toolkit, enabling plug & play sensing of a large variety of tangible interactions on everyday objects (e.g., touching, tilting, squeezing, shaking or moving).

Sarah Delgado Rodriguez, Oliver Hein, Ismael Prieto Romero, Lukas Mecke, Felix Dietz, Sarah Prange und Florian Alt. Shake-It-All: A Toolkit for Sensing Tangible Interactions on Everyday Objects. CHI2023 Workshop [WS2] - Beyond Prototyping Boards: Future Paradigms for Electronics Toolkits. [Download Bibtex]

Introduction to Authentication using Behavioral Biometrics

Passwords are increasingly superseded by biometrics for their inherent drawbacks, and Behavioral Biometrics are particularly promising for increased usability and user experience. This course provides participants with an introduction to the overall topic, covering all phases of creating novel authentication schemes. It introduces important aspects of evaluating Behavioral Biometrics and provides an overview of technical machine-learning techniques in a hands-on session, inviting practitioners and researchers to extend their knowledge of Behavioral Biometrics.

Jonathan Liebers, Uwe Gruenefeld, Daniel Buschek, Florian Alt und Stefan Schneegass. Introduction to Authentication Using Behavioral Biometrics. In Extended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems. CHI EA '23. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]

I (Don’t) Know What You Did Last Summer: A Framework for Ubiquitous Research Preservation

Research preservation is a pillar for knowledge transfer, science reproducibility and saving time by reusing existing resources. However, human compliance with efficient capturing strategies is a key barrier to creating complete scientific repositories. To circumvent this issue, we introduce the term: Ubiquitous Research Preservation (URP), describing automated knowledge capturing and retrieval in computational science. We also propose a framework composed of three models for designing URP systems (URPS) to 1) understand users’ interaction and data governance, 2) propose technical pipelines for data management, and 3) understand users’ sharing practices. Our work is a theoretical reflection on our past experiences in designing URPS. We plan future evaluation by using the framework to analyze existing URPS. We expect a positive impact from using URPS on researchers’ sense-making and ability to share findings and resources. Our framework is a checklist for design decisions needed to build successful URPS.

Passant Elagroudy, Pascal Knierim, Albrecht Schmidt, Paweł W. Woźniak und Sebastian S. Feger. I (Don’t) Know What You Did Last Summer: A Framework for Ubiquitous Research Preservation. In Extended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems. CHI EA '23. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]

Triggering Empathy out of Malicious Intent: The Role of Empathy in Social Engineering Attacks

Social engineering is a popular attack vector among cyber criminals. During such attacks, impostors often attempt to trigger empathy to manipulate victims into taking dangerous actions, for example, sharing their credentials or clicking on malicious email attachments. The objective of this position paper is to initiate a conversation on the tension between positive and negative aspects of empathy in HCI as it pertains to security-relevant behaviors. To this end, we focus on the malicious ways in which empathy can be instrumentalized in social engineering. We describe examples of such empathy-related social engineering attacks, explore potential solutions (including the automated detection of empathy-triggering communication, or of empathetic communication on the part of a potential victim), and discuss technical, social as well as organizational interventions. We highlight research challenges and directions for future work.

Verena Distler, Yasmeen Abdrabou, Felix Dietz und Florian Alt Triggering Empathy out of Malicious Intent: The Role of Empathy in Social Engineering Attacks. In Extended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems. CHI EA '23. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]