InfoSec Seminar: Applying Sentiment Analysis to Identify Different Conceptions of Security and Usability

Speaker: Ingolf Becker

Date/Time: 01-Jan-1970, 00:00 UTC




A person's security behaviour is driven by underlying mental constructs, perceptions and beliefs. Researchers studying security behaviour conduct interviews to elicit these constructs, transcribe them and analyse the text using qualitative methods. The dominant analysis method is Grounded Theory (GT) coding, where qualitative data is explored to develop new theories. GT coding is time-consuming, and often carried out by a single researcher. This raises questions about the internal and external validity of those mental constructs and behaviours identified with GT. In this paper, we show how the application of Sentiment Analysis can be used to assess the quality of GT coding and refine any insights about the mental constructs, perceptions and beliefs that influence the security-related behaviour of various actors in an organisation.

We analyse 21 GT-coded interviews with 9 security specialists, 9 developers and 3 usability experts at 3 large organisations, individually and across both roles and organisations. The interviews study the development processes leading to supposed `usable security products'.

By analysing the distribution of sentiment over each of the GT codes, we identify specific divergences which may contribute to the reality found in much security behaviour research - that security products are difficult or impossible to use. Amongst findings are that usability specialists feel disconnected from others in the development process, and that organisations can believe they provide usable security features while not applying usability principles.



Ingolf Becker is a PhD student in the Information Security group. His research combines Usable Security and Natural Language Processing in innovative and diverse new methodologies.

This page was last modified on 27 Mar 2014.