Advanced search
Publication Cover
International Journal of Human–Computer Interaction Volume 32, 2016 - Issue 3: Special Issue on Interactive Persuasive Systems
Submit an article Journal homepage
1,291
Views
15
CrossRef citations to date
0
Altmetric
Articles

The Role of Instructional Design in Persuasion: A Comics Approach for Improving Cybersecurity

Leah Zhang-KennedySchool of Computer Science, Carleton University, Ottawa, Ontario, CanadaCorrespondence[email protected]
View further author information
,
Sonia ChiassonSchool of Computer Science, Carleton University, Ottawa, Ontario, CanadaView further author information
&
Robert BiddleSchool of Computer Science, Carleton University, Ottawa, Ontario, CanadaView further author information
Pages 215-257 | Published online: 17 Feb 2016

REFERENCES

  • Adams, A., & Sasse, M. A. (1999). Users are not the enemy. Communications of the ACM, 42(12), 40–46.
  • Adams, S. (2012). Dilbert. Available from http://search.dilbert.com/comic/Security
  • Anderson, C. L., & Agarwal, R. (2010). Practicing safe computing: A multimedia empirical examination of home computer user security behavioral intentions. MIS Quarterly, 34, 613–643.
  • Anderson, J. R., Corbett, A. T., Koedinger, K. R., & Pelletier, R. (1995). Cognitive tutors: Lessons learned. Journal of Learning Sciences, 4, 167–207.
  • Anti-Phishing Working Group (2013). APWG CMU-Cylab phishing education landing page program. Availabel from http://phish-education.apwg.org.
  • Asgharpour, F., Liu, D., & Camp, L. (2007). Mental models of security risks. In Financial cryptography & data security, LNCS ( pp. 367–377). New York, NY: Springer.
  • Atkinson, R. K. (2002). Optimizing learning from examples using animated pedagogical agents. Journal of Educational Psychology, 94, 416–427.
  • Balebako, R., Jung, J., Lu, W., Cranor, L., & Nguyen, C. (2013, July). Little brothers watching you: Raising awareness of data leaks on smartphones. Paper presented at the symposium on Usable Privacy and Security, Newcastle, UK.
  • Boyatzis, R. E. (1998). Transforming qualitative information: Thematic analysis and code development. Thousand Oaks, CA: Sage.
  • Branson, R. K., Rayner, G. T., Cox, J., Furman, J. P., & King, F. J. (1975, August 1). Interservice procedures for instructional systems development: Executive summary and model. (Tech. Rep.). DTIC Document.
  • Braun, V., & Clarke, V. (2006). Using thematic analysis in psychology. Qualitative Research in Psychology, 3, 77–101.
  • Brophy, J. (1983). Conceptualizing student motivation. Educational Psychologist, 18, 200–215.
  • Camp, L. J. (2009). Mental models of privacy and security. IEEE, Technology & Society Magazine, 28, 37–46.
  • Chiasson, S., Manas, M., & Biddle, R. (2013). Auction hero: The design of a game to learn and teach about computer security. Retrieved from http://hotsoft.carleton.ca/˜sonia/content/Chiasson_Auctionhero_ELearn2011.pdf.
  • Chiasson, S., van Oorschot, P. C., & Biddle, R. (2006). A usability study and critique of two password managers. Proceedings of the 15th USENIX Security Symposium, Article 1.
  • Clark, R. C. (2011). Developing technical training: A structured approach for developing classroom and computer-based instructional materials. New York, NY: Wiley & Sons.
  • Clark, R. C., & Mayer, R. E. (2011). E-learning and the science of instruction: Proven guidelines for consumers and designers of multimedia learning. New York, NY: Wiley & Sons.
  • Commons, W. (2013). Addie model of design. Retrieved from http://upload.wikimedia.org/wikipedia/commons/d/d3/ADDIE_Model_of_Design.jpg.
  • Corbin, J. M., & Strauss, A. (1990). Grounded theory research: Procedures, canons, and evaluative criteria. Qualitative Sociology, 13, 3–21.
  • Craik, K., & James, W. (1967). The nature of explanation. New York, NY: Cambridge University Press.
  • Dedoose (2013). Dedoose research application. http://www.dedoose.com.
  • Denning, T., Kohno, T., & Shostack, A. (2013). Control-alt-hack: A card game for computer security outreach and education. Technical Symposium on Computer Science Education, 729–729.
  • Dixon, N. M. (1990). Evaluation: A tool for improving HRD quality. San Diego, CA: University Associates.
  • Dormann, C., & Biddle, R. (2009). A review of humor for computer games: Play, laugh and more. Simulation & Gaming, 40, 802–824.
  • Dourish, P., Grinter, R. E., De La Flor, J. D., & Joseph, M. (2004). Security in the wild: User strategies for managing security as an everyday, practical problem. Personal & Ubiquitous Computing, 8, 391–401.
  • Eisner, W. (1985). Comics & sequential art. Tamarac, FL: Poorhouse Press.
  • Fies, B. (2011). Mom’s cancer. New York, NY: Abrams.
  • Florencio, D., & Herley, C. (2010). Where do security policies come from? Proceeding of the 6th Symposium on Usable Privacy and Security.
  • Fogg, B. J. (2003). Persuasive technology: Using computers to change what we think and do. San Francisco, CA: Morgan Kaufmann.
  • Friedland, G., Maier, G., Sommer, R., & Weaver, N. (2011). Sherlock holmes’ evil twin: On the impact of global inference for online privacy. Proceedings of the 2011 New Security Paradigms Workshop, 105–114.
  • Friedland, G., & Sommer, R. (2010). Cybercasing the joint: On the privacy implications of geo-tagging. Proceedings of the 5th USENIX Workshop on Hot Topics in Security.
  • Gagne, R. M., Wager, W. W., Golas, K. C., Keller, J. M., & Russell, J. D. (2005). Principles of instructional design. Wiley Online Library.
  • Garner, R. L. (2006). Humor in pedagogy: How ha-ha can lead to aha! College Teaching, 54, 177–180.
  • Gaw, S., & Felten, E. W. (2006). Password management strategies for online accounts. Proceedings of the Symposium on Usable Privacy and Security, 44–55.
  • Goga, O., Lei, H., Parthasarathi, S. H. K., Friedland, G., Sommer, R., & Teixeira, R. (2013). Exploiting innocuous activity for correlating users across sites. Proceedings of the International Conference on the World Wide Web.
  • Görling, S. (2006). The myth of user education. Virus Bulletin Conference, 11, 13.
  • Green, M. J., & Myers, K. R. (2010). Graphic medicine: Use of comics in medical education and patient care. BMJ, 340, C863.
  • Grinter, R. E., Edwards, W. K., Newman, M. W., & Ducheneaut, N. (2005). The work to make a home network work. European Conference on Computer-Supported Cooperative Work, 469–488.
  • Gross, J. B., & Rosson, M. B. (2007). Looking for trouble: Understanding end-user security management. Symposium on Computer–Human Interaction for the Management of Information Technology, 10.
  • Gyselinck, V., & Tardieu, H. (1999). The role of illustrations in text comprehension: What, when, for whom, and why? Mahwah, NJ: Erlbaum.
  • Harp, S. F., & Mayer, R. E. (1998). How seductive details do their damage: A theory of cognitive interest in science learning. Journal of Educational Psychology, 90, 414.
  • Hattie, J., & Timperley, H. (2007). The power of feedback. Review of Educational Research, 77, 81–112.
  • Herley, C. (2009). So long, and no thanks for the externalities. Proceedings of the 2009 New Security Paradigms Workshop, 133–144.
  • Johnson-Laird, P. N., Girotto, V., & Legrenzi, P. (1998). Mental models: A gentle guide for outsiders. Sistemi Intelligenti, 9, 33.
  • Kelley, P. G., Bresee, J., Cranor, L. F., & Reeder, R. W. (2009). A nutrition label for privacy. Symposium on Usable Privacy and Security, Article it.
  • Kephart, J. O., Sorkin, G. B., Arnold, W. C., Chess, D. M., Tesauro, G. J., White, S. R., & Watson, T. J. (1995). Biologically inspired defences against computer viruses. International Joint Conference on Artificial Intelligence, 985–996.
  • Kumaraguru, P., Rhee, Y., Sheng, S., Hasan, S., Acquisti, A., Cranor, L. F., & Hong, J. (2007). Getting users to pay attention to anti-phishing education: Evaluation of retention and transfer. APWG eCrime Summit, 70–81.
  • Marchetto, M. A. (2014). Cancer vixen: A true story. New York, NY: Pantheon.
  • Mautone, P. D., & Mayer, R. E. (2001). Signaling as a cognitive guide in multimedia learning. Journal of Educational Psychology, 93, 377–389.
  • Mayer, R. E. (2002). Multimedia learning. Psychology of Learning & Motivation, 41, 85–139.
  • Mayer, R. E. (2005). Principles for reducing extraneous processing in multimedia learning: Coherence, signaling, redundancy, spatial contiguity, and temporal contiguity principles. In The Cambridge handbook of multimedia learning ( pp. 183–200.) New York, NY: Cambridge University Press.
  • Mayer, R. E., & Anderson, R. B. (1992). The instructive animation: Helping students build connections between words and pictures in multimedia learning. Journal of Educational Psychology, 84, 444–452.
  • Mayer, R. E., & Chandler, P. (2001). When learning is just a click away: Does simple user interaction foster deeper understanding of multimedia messages? Journal of Educational Psychology, 93, 390–397.
  • Mayer, R. E., Dow, G. T., & Mayer, S. (2003). Multimedia learning in an interactive self-explaining environment: What works in the design of agent-based microworlds? Journal of Educational Psychology, 95, 806–812.
  • McCloud, S. (2000). Reinventing comics: How imagination and technology are revolutionizing an art form. New York, NY: William Morrow.
  • Mekhail, C., Zhang-Kennedy, L., & Chiasson, S. (2014). Visualizations to teach about mobile online privacy. Persuasive Technology, Adjunct Proceedings of the 9th International Conference on. 43–45.
  • Mintz, J., & Aagaard, M. (2012). The application of persuasive technology to educational settings. Educational Technology Research & Development, 60, 483–499.
  • Moon, J. A. (2013). Reflection in learning and professional development: Theory and practice. New York, NY: Routledge.
  • Moreno, R., Reislein, M., & Ozogul, G. (2010). Using virtual peers to guide visual attention during learning. Journal of Media Psychology: Theories, Methods, and Applications, 22, 52–60.
  • Munroe, R. (2012). XKCD: A webcomic of romance, sarcasm, math, and language. Retrieved from http://xkcd.com/936/
  • Negrete, A., & Lartigue, C. (2004). Learning from education to communicate science as a good story. Endeavour, 28, 120–124.
  • Nielsen, J. (2004, October). User education is not the answer to security problems. Alertbox.
  • Nijholt, A. (2002). Embodied agents: A new impetus to humor research. In The April Fools’ Day Workshop on Computational Humour (Vol. 20). University of Twente, Twenty the Netherlands.
  • Paivio, A. (1991). Dual coding theory: Retrospect and current status. Canadian Journal of Psychology, 45, 255–287.
  • Pastor-Satorras, R., & Vespignani, A. (2001). Epidemic spreading in scale-free networks. Physical Review Letters, 86, 3200–3203.
  • Pellegrino, J. W., Bransford, J. D., & Donovan, M. S. (1999). How people learn: Bridging research and practice. Washington, DC: National Academies Press.
  • Petty, R. E., & Cacioppo, J. T. (1986). The elaboration likelihood model of persuasion. Advances in Experimental Social Psychology, 19, 123–205.
  • Raja, F., Hawkey, K., Hsu, S., Wang, K., & Beznosov, K. (2011). A brick wall, a locked door, and a bandit: A physical security metaphor for firewall warnings. Symposium on Usable Privacy and Security.
  • Reeves, B., & Nass, C. (1996). How people treat computers, television, and new media like real people and places. CSLI Publications & Cambridge University Press.
  • Riley, S. (2006). Password security: What users know and what they actually do. Usability News, 8(1).
  • Rittle-Johnson, B., & Alibali, M. W. (1999). Conceptual and procedural knowledge of mathematics: Does one lead to the other? Journal of Educational Psychology, 91, 175.
  • Sanok, D. J., Jr. (2005). An analysis of how antivirus methodologies are utilized in protecting computers from malicious code. In Information security curriculum development ( pp. 142–144). New York, NY: ACM.
  • Schmidt, R. A., & Bjork, R. A. (1992). New conceptualizations of practice: Common principles in three paradigms suggest new concepts for training. Psychological Science, 3, 207–217.
  • Sheng, S., Magnien, B., Kumaraguru, P., Acquisti, A., Cranor, L., Hong, J., & Nunge, E. (2007). Anti-phishing phil: The design and evaluation of a game that teaches people not to fall for phish. Proceedings of the 7th Symposium on Usable Privacy and Security, 88–99.
  • Singhal, A., & Rogers, E. M. (2012). Entertainment-education: A communication strategy for social change. New York, NY: Routledge.
  • Srikwan, S., and Jakobsson, M. (2008). Using cartoons to teach Internet security. Cryptologia, 32, 137–154.
  • Wade, S. E. (2001). Research on importance and interest: Implications for curriculum development and future research. Educational Psychology Review, 13, 243–261.
  • Warkentin, M., Davis, K., & Bekkering, E. (2004). Introducing the check-off password system (COPS): An advancement in user authentication methods and information security. Journal of Organizational & End-User Computing, 16, 41–58.
  • Wash, R. (2010). Folk models of home computer security. Proceedings of the 6th Symposium on Usable Privacy and Security, Article 11.
  • Weirich, D., & Sasse, M. A. (2001). Pretty good persuasion: A first step towards effective password security in the real world. In New Security Paradigms Workshop, 137–143.
  • Whitten, A., Tygar, J. D. (1999). Why Johnny can’t encrypt: A usability evaluation of PGP 5.0. Proceedings of the 8th USENIX Security Symposium, 169–184.
  • Young, R. M. (1983). Surrogates and mappings: Two kinds of conceptual models for interactive devices. Mental Models, 35–52.
  • Zhang-Kennedy, L., & Chiasson, S. (2014). Using comics to teach users about mobile online privacy (Tech. Rep. TR-14-02). School of Computer Science, Carleton University, Ottawa, Canada.
  • Zhang-Kennedy, L., Chiasson, S., & Biddle, R. (2013). Password advice shouldn’t be boring: Visualizing password guessing attacks. APWG eCrime Summit, 1–10.
  • Zhang-Kennedy, L., Chiasson, S., & Biddle, R. (2014). Stop clicking on “update later”: Persuading users they need up-to-date antivirus protection. In Persuasive technology, LNCS (pp. 302–322). New York NY: Springer.
  • Zhang-Kennedy, L., Dorey, S., Mekhail, C., & Chiasson, S. (2014). Secure comics. Retrieved from http://www.versipass.com/edusec

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.