Instrument for Measuring Computing and Security Expertise

Abstract

The Science of Security, particularly in the case of human factors and usability, is nebulous and inchoate. Individual research groups and researchers develop code, simulations, instruments, dataset and experimental designs that are either not released with adequate detail for reproducibility or simply not reused beyond the individual research group. Through this paper we seek to contribute to the Science of Security by providing our instruments grounded in previous scholarship to measure computer and security expertise of participants. Furthermore, we provide the rationale for developing an instrument for measuring user computer and security expertise, information needed to analyze results yielded using this instrument and also methods to measure confidence in such expertise instruments.