Dr. Acar Tamersoy has been a researcher in the research group at NortonLifeLock, formerly known as Symantec, since 2016. More information about him can be found on his academic website.
Selected Academic Papers
In Proceedings of ACM CHI Conference on Human Factors in Computing Systems (CHI 2020) (Honorable Mention Award)
Our online survey of 902 individuals studies the reasons for which users struggle to adhere to expert-recommended security, privacy, and identity-protection practices. We examined 30 of these practices, finding that gender, education, technical background, and prior negative experiences correlate with practice adoption levels. We found that practices were abandoned when they were perceived as low-value, inconvenient, or when overridden by subjective judgment. We discuss how tools and expert recommendations can better align to user needs.
In Proceedings of the 41st IEEE Symposium on Security and Privacy (S&P 2020)
Technology increasingly facilitates interpersonal attacks such as stalking, abuse, and other forms of harassment. While prior studies have examined the ecosystem of software designed for stalking, our study uncovers a larger landscape of apps---what we call creepware---used for interpersonal attacks. We discover and report on apps used for harassment, impersonation, fraud, information theft, concealment, hacking, and other attacks, as well as creative defensive apps that victims use to protect themselves.
In Proceedings of the 25th International World Wide Web Conference (WWW), 2016
We study the problem of determining the proper aggregation granularity for a stream of time-stamped edges. To this end, we propose ADAGE and demonstrate its value in automatically finding the appropriate aggregation intervals on edge streams for belief propagation to detect malicious files and machines.
IEEE Transactions on Visualization and Computer Graphics (TVCG), 24(1), 2018, Presented at the 2017 IEEE Conference on Visual Analytics Science and Technology (VAST), 2017
We present VIGOR, a novel interactive visual analytics system, for exploring and making sense of graph query results. VIGOR contributes an exemplar-based interaction technique and a feature-aware subgraph result summarization. Through a collaboration with Symantec, we demonstrate how VIGOR helps tackle real-world cybersecurity problems.
In Proceedings of the Annual Computer Security Applications Conference (ACSAC 2017)
Smoke Detector significantly expands upon limited collections of hand-labeled security incidents by framing event data as relationships between events and machines, and performing random walks to rank candidate security incidents. Smoke Detector significantly increases incident detection coverage for mature Managed Security Service Providers.
In Proceedings of the 2020 CHI Workshop on Designing Interactions for the Ageing Populations - Addressing Global Challenges
Older adults are disproportionately affected by scams, many of which target them specifically. We present Fraud Bingo, an intervention designed by WISE \& Healthy Aging Center in Southern California prior to 2012, that has been played by older adults throughout the United States. We also present the Scam Defender Obstacle Course (SDOC), an interactive web application that tests a user's ability to identify scams, and subsequently teaches them how to recognize the scams. SDOC is patterned after existing phishing-recognition training tools for working professionals. We present the results of running a workshop with 17 senior citizens, where we performed a controlled study that and used SDOC to measure the effectiveness of Fraud Bingo. We outline the difficulties several participants had with completing SDOC, which indicate that tools like SDOC should be tailored to the needs of older adults.
To appear in IEEE Transactions on Dependable and Secure Computing (TDSC)
In Proceedings of the 20th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD ‘14)
We present AESOP, a scalable algorithm that identifies malicious executable files by leveraging a novel combination of locality-sensitive hashing and belief propagation. AESOP attained early labeling of 99% of benign files and 79% of malicious files with a 0.9961 true positive rate at 0.0001 false positive rate.