Tom Ristenpart (Cornell) - Computer Security for Victims of Intimate Partner Violence

Computer Security for Victims of Intimate Partner Violence

In this talk I will survey our work on understanding and improving technology’s role in intimate partner violence (IPV). IPV is a widespread social ill affecting about one in four women and one in ten men at some point in their lives. In interviews with survivors and the professionals that work with them in New York City, our research has provided the most granular view to date of technology abuse. Abusers install spyware on mobile devices, compromise victim accounts, exploit social media for harassment, and much more. We complemented this qualitative work with a first-of-its-kind measurement study that discovered a large ecosystem of online resources aimed at helping abusers, including a variety of apps usable as IPV spyware.

Unfortunately, abusers require little technology expertise to mount devastating attacks. Instead, the context of IPV undermines the assumptions underlying traditional security mechanisms such as passwords and malware detection, and, more broadly, we believe traditional approaches to computer security are not yet up to the task of helping IPV victims. We have therefore initiated work on building up a theory and practice of clinical computer security, in which trained technology professionals meet with victims to help diagnose digital insecurities and advise on potential remediations. I will discuss our ongoing field work prototyping clinical services, including deployment of a first-of-its-kind spyware detection tool in New York City, and conclude with a discussion of other domains where clinical computer security may prove useful.

This is covering joint work with: Rahul Chatterjee, Nicola Dell, Peri Doerfler, Sam Havron, Karen Levy, Damon McCoy, Diana Minchala, Hadas Orgad, and Jackeline Palmer.

Host: David Cash