Team for Research in
Ubiquitous Secure Technology

Community-based web security: complementary roles of the serious and casual contributors
Pern Hui Chia, John Chuang

Citation
Pern Hui Chia, John Chuang. "Community-based web security: complementary roles of the serious and casual contributors". Proceedings of the ACM 2012 conference on Computer Supported Cooperative Work, ACM, 2012.

Abstract
Does crowdsourcing work for web security? While the herculean task of evaluating hundreds of millions of websites can certainly benefit from the wisdom of crowds, skeptics question the coverage and reliability of inputs from ordinary users for assessing web security. We analyze the contribution patterns of serious and casual users in Web of Trust (WOT), a community-based system for website reputation and security. We find that the serious contributors are responsible for reporting and attending to a large percentage of bad sites, while a large fraction of attention on the goodness of sites come from the casual contributors. This complementarity enables WOT to provide warnings about malicious sites while differentiating the good sites from the unknowns. This in turn helps steer users away from the numerous bad sites created daily. We also find that serious contributors are more reliable in evaluating bad sites, but no better than casual contributors in evaluating good sites. We discuss design implications for WOT and for community-based systems more generally.

Electronic downloads

Citation formats  
  • HTML
    Pern Hui Chia, John Chuang. <a
    href="http://www.truststc.org/pubs/865.html"
    >Community-based web security: complementary roles of the
    serious and casual contributors</a>, Proceedings of
    the ACM 2012 conference on Computer Supported Cooperative
    Work, ACM, 2012.
  • Plain text
    Pern Hui Chia, John Chuang. "Community-based web
    security: complementary roles of the serious and casual
    contributors". Proceedings of the ACM 2012 conference
    on Computer Supported Cooperative Work, ACM, 2012.
  • BibTeX
    @inproceedings{ChiaChuang12_CommunitybasedWebSecurityComplementaryRolesOfSerious,
        author = {Pern Hui Chia and John Chuang},
        title = {Community-based web security: complementary roles
                  of the serious and casual contributors},
        booktitle = {Proceedings of the ACM 2012 conference on Computer
                  Supported Cooperative Work},
        organization = {ACM},
        year = {2012},
        abstract = {Does crowdsourcing work for web security? While
                  the herculean task of evaluating hundreds of
                  millions of websites can certainly benefit from
                  the wisdom of crowds, skeptics question the
                  coverage and reliability of inputs from ordinary
                  users for assessing web security. We analyze the
                  contribution patterns of serious and casual users
                  in Web of Trust (WOT), a community-based system
                  for website reputation and security. We find that
                  the serious contributors are responsible for
                  reporting and attending to a large percentage of
                  bad sites, while a large fraction of attention on
                  the goodness of sites come from the casual
                  contributors. This complementarity enables WOT to
                  provide warnings about malicious sites while
                  differentiating the good sites from the unknowns.
                  This in turn helps steer users away from the
                  numerous bad sites created daily. We also find
                  that serious contributors are more reliable in
                  evaluating bad sites, but no better than casual
                  contributors in evaluating good sites. We discuss
                  design implications for WOT and for
                  community-based systems more generally.},
        URL = {http://www.truststc.org/pubs/865.html}
    }
    

Posted by Mary Stewart on 4 Apr 2012.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.