We propose a paradigm shift in human-centered security research
in which users’ objective behavior and physiological states move
into focus. This proposal is motivated by the fact that many per-
sonal and wearable devices today come with capabilities that allow
researchers to assess users’ behavior and physiology in real-time.
We expect substantial advances due to the ability to develop more
targeted approaches to human-centered security in which solutions
are targeted at individuals’ literacy, skills, and acontext. To this end,
the main contribution of this work is a research space: we first pro-
vide an overview of common human-centered attacks that could
be better understood and addressed through our approach. Based
on this overview, we then showcase how specific security habits
can benefit from the knowledge of users’ current state. Our work
is complemented by a discussion of the implications and research
directions enabled through this novel paradigm.
«