Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

NIST Topic Areas

Report Number

Publication Date

Max Publication Date

NIST Authors in Bold

Displaying 1 - 25 of 126

Towards Integrating Human-Centered Cybersecurity Research Into Practice: A Practitioner Survey

January 30, 2024

Author(s)

Julie Haney, Clyburn Cunningham, Susanne M. Furman

The "research-practice gap" can prevent the appli- cation of valuable research insights into practice. While the gap has been studied in several fields, it is unclear if prior findings and recommendations apply to human-centered cybersecurity (HCC), which

Tradeoffs, Transparency, and Shared Responsibility: Exploring Users' Perceptions of Smart Home Security and Privacy in the U.S.

December 13, 2023

Author(s)

Julie Haney

Smart home technology may expose adopters to increased risk to network security, information privacy, and physical safety. However, users of this technology may lack understanding of the privacy and security implications, and manufacturers often fail to

Usability and Accessibility of Electronic Pollbooks, Part 2: A Usability Test Protocol

December 4, 2023

Author(s)

Whitney Quesenbery, Lynn Baumeister, Shanee Dawkins

This document is the second part of a series of documents on the usability of electronic pollbooks. It contains a procedure for how e-pollbooks might be evaluated, including a preliminary protocol for running a usability test. It can be used by people

Usability and Accessibility of Electronic Pollbooks, Part 1: Usability in the Polling Place

December 1, 2023

Author(s)

Whitney Quesenbery, Lynn Baumeister, Shanee Dawkins

This publication is a report on the exploration of the use of electronic pollbooks (e-pollbooks) in elections. The scope of this report is on usability and accessibility of e-pollbooks, that is, their use by poll workers and voters, rather than on

NIST Phish Scale User Guide

November 15, 2023

Author(s)

Shanee Dawkins, Jody Jacobs

The phishing cyber threat exploits vulnerabilities in the U.S. and around the world across private and public sectors. Embedded phishing awareness training programs, where simulated phishing emails are sent to employees, are designed to prepare employees

Can you Spot a Phish?

September 26, 2023

Author(s)

Jody Jacobs, Shanee Dawkins

This talk will cover findings from over 4 years of NIST phishing training data, highlighting user context as the key to phishing susceptibility. We will discuss the NIST Phish Scale, our research on why users click, and how it can help users spot a phish.

It's Not Always What the Eye Can See - Challenges in the Evaluation of Augmented Reality

September 19, 2023

Author(s)

Kurtis Goad, Kevin C. Mangold, Susanne M. Furman

Augmented reality (AR) technology is developing at a fast pace. Usability evaluation methodologies for AR need to be updated to accommodate the increasing complexity of how people interact with AR technology. Eye tracking metrics, which have been

From Compliance to Impact: Tracing the Transformation of an Organizational Security Awareness Program

September 14, 2023

Author(s)

Julie Haney, Wayne Lutters

There is a growing recognition of the need for a transformation from organizational security awareness programs focused on compliance -- measured by training completion rates -- to those resulting in behavior change. However, few prior studies have begun

Phishing for User Context: Understanding the NIST Phish Scale

August 23, 2023

Author(s)

Shanee Dawkins, Jody Jacobs

The NIST Phish Scale is a method for measuring human phishing detection difficulty, providing a metric – a phishing email detection difficulty rating – for phishing training implementers to gain a better understanding of the variability in click rates

How to Scale a Phish: An Investigation into the Use of the NIST Phish Scale

August 7, 2023

Author(s)

Shanee Dawkins, Jody Jacobs

Organizations around the world are using the NIST Phish Scale (NPS) in their phishing awareness training programs. As a new metric for measuring human phish-ing detection difficulty of phishing emails, the use of the NPS by phishing training implementers

Peering into the Phish Bowl: An Analysis of Real-World Phishing Cues

August 7, 2023

Author(s)

Lorenzo Neil, Shanee Dawkins, Jody Jacobs, Julia Sharp

Organizations use simulated phishing awareness train-ing exercises to help users identify, detect, and defend against the ever-changing phishing threat landscape. Realistic phishing emails are used to test users' ability to spot a phish from visible cues

Youth understandings of online privacy and security: A dyadic study of children and their parents

August 7, 2023

Author(s)

Olivia Williams, Yee-Yin Choong, Kerrianne Buchanan

With youth increasingly accessing and using the internet, it is important to understand what they know about online privacy and security (OPS), and from where they gain this knowledge in order to best support their learning and online practices. Currently

Cybersecurity Definitions for Non-Experts

August 6, 2023

Author(s)

Lorenzo Neil, Julie Haney, Kerrianne Buchanan, Charlotte Healy

Despite the importance of cybersecurity, there is no standard definition nor common terminology for explaining cybersecurity. Existing definitions largely target academics or technical experts but not non-experts (those without cybersecurity proficiency)

Mind the Gap: Exploring Human-Centered Security Researcher-Practitioner Interactions (Extended Abstract)

August 6, 2023

Author(s)

Clyburn Cunningham, Susanne M. Furman, Julie Haney

Our work-in-progress study aims to develop an understanding of current researcher-practitioner interaction points and associated challenges throughout the entire human-centered security research life cycle.

Measuring the Effectiveness of U.S. Government Security Awareness Programs: A Mixed-Methods Study

July 31, 2023

Author(s)

Jody Jacobs, Julie Haney, Susanne M. Furman

This paper presents our research from our mixed-methods study analyzing how organizations determine security awareness program effectiveness. This paper is being submitted to the 10TH International Conference on HCI in Business, Government and

'They're not risky' vs 'It can ruin your whole life': How youth/parent dyads differ in their understandings of online risk

July 23, 2023

Author(s)

Olivia Williams, Kerrianne Buchanan, Yee-Yin Choong

Encountering and/or engaging in risky online behavior is an inherent aspect of being an online user. In particular, youth are vulnerable to such risky be-havior, making it important to know how they understand and think about this risk-taking behavior

Data Guardians: Behaviors and Challenges While Caring for Others' Personal Data

July 23, 2023

Author(s)

Julie Haney, Sandra Prettyman, Mary Frances Theofanos, Susanne M. Furman

Many professional domains require the collection and use of personal data. Protecting systems and data is a major concern in these settings, necessitating that workers who handle personal data under- stand and practice good security and privacy habits

Parents, passwords, and parenting: How parents think about passwords and are involved in their children's password practices

July 23, 2023

Author(s)

Yee-Yin Choong, Kerrianne Buchanan, Olivia Williams

Though much is known about how adults understand and use passwords, little research attention has been paid specifically to parents or, more importantly, to how parents influence their children's password practices. To better understand both the password

Smart Home Device Loss of Support: Consumer Perspectives and Preferences

July 23, 2023

Author(s)

Julie Haney, Susanne M. Furman

Unsupported smart home devices can pose serious safety and security issues for consumers. However, unpatched and vulnerable devices may remain connected because consumers may not be alerted that their devices are no longer supported or do not understand

Analyzing Cybersecurity Definitions for Non-experts

July 4, 2023

Author(s)

Lorenzo Neil, Julie Haney, Kerrianne Buchanan

There is no standard definition for cybersecurity, with current definitions often being technically-complex and targeted at practitioners and academics. However, non-experts (those who do not have security expertise) need an understandable definition to

A Generic STS Viewer on the Web

June 13, 2023

Author(s)

Wendell Piez

In an alternate universe, XML (1998) and XSLT 1.0 (1999) were not developed so early, and did not have to wait for the rest of the web to catch up. In ours, it took two decades before other critically important pieces of the puzzle – CSS, DOM, ECMAScript

Advanced communications
-Open Radio Access Network (Open-RAN)
-Quantum communications
-Spectrum sharing
-Wireless (RF)
Bioscience
-Bioinformatics
-Biomanufacturing
-Biomaterials
-Cell biology
-Engineering / synthetic biology
-Genomics
-Glycomics
-Metabolomics
-Microbial measurements
-Proteomics
Buildings and Construction
-Building codes and standards
-Building control systems
-Building damage and repair
-Building economics
-Building materials
-Energy efficiency
-Heating, ventilation and air conditioning equipment
-Indoor air quality
-Structural engineering
-Thermal comfort
Chemistry
-Analytical chemistry
-Chemical engineering and processing
-Chemical thermodynamics and chemical properties
-Molecular characterization
-Theoretical chemistry and modeling
-Thermochemical properties
Electronics
-Electromagnetics
-Flexible electronics
-Magnetoelectronics
-Optoelectronics
-Organic electronics
-Semiconductors
-Sensors
-Superconducting electronics
Energy
-Alternative energy
-Conventional energy
-Electric power / smart grid
-Fuels
Environment
-Air / water / soil quality
-Climate
-Environmental health
-Greenhouse gas measurements
-Marine science
-Sustainability
Fire
-Emergency building evacuation
-Fire detection
-Fire dynamics and science
-Fire fighting
-Fire modeling
-Fire risk reduction
-Materials flammability
-Structural fire resistance
-Wildland urban interface fire
Forensic Science
-Digital evidence
-Drugs and toxicology
-Firearms and toolmarks
-Forensic biometrics
-Forensic genetics
-Trace evidence
Health
-Biopharmaceuticals
-Clinical diagnostics
-Dentistry
-Food and nutrition
-Medical imaging
-Precision medicine
-Regenerative medicine and advanced therapy
Information technology
-Artificial intelligence
--AI measurement and evaluation
--Applied AI
--Fundamental AI
--Hardware for AI
--Machine learning
--Trustworthy and responsible AI
-Biometrics
-Cloud computing and virtualization
-Complex systems
-Computational science
-Conformance testing
-Cyber-physical systems
--Smart cities
-Cybersecurity
--Cryptography
--Cybersecurity education and workforce development
--Cybersecurity measurement
--Identity and access management
--Privacy engineering
--Risk management
--Securing emerging technologies
--Trustworthy networks
--Trustworthy platforms
-Data and informatics
--Human language technology
--Information retrieval
--Natural language processing
-Federal information processing standards (FIPS)
-Health IT
-Internet of Things (IoT)
-Interoperability testing
-Location based services
-Mobile
-Networking
--Mobile and wireless networking
--Network management and monitoring
--Network modeling and analysis
--Network security and robustness
--Network test and measurement
--Next generation networks
--Protocol design and standardization
--Software defined and virtual networks
-Privacy
-Software research
--Software testing
-Usability and human factors
--Accessibility
-Video analytics
-Virtual / augmented reality
-Visualization research
-Voting systems
Infrastructure
Manufacturing
-Additive manufacturing
-Factory communications
-Factory operations planning and control
-Interoperability in manufacturing
-Machining
-Manufacturing economics
-Manufacturing systems design and analysis
-Monitoring, diagnostics and prognostics
-Process improvement
-Process measurement and control
-Product data
-Quality assurance
-Robotics in manufacturing
--Agility and adaptability
--Collaborative robots
--Dexterous grasping
--Manipulation
--Mobility and industrial autonomous vehicles
--Navigation / actuation / control
--Sensing and perception
-Supply chain
-Sustainable manufacturing
-Systems engineering
-Systems integration
-Technology commercialization
Materials
-Ceramics
-Composites
-Concrete / cement
-Materials characterization
--Composition and structure
--Mechanical properties
--Thermal properties
-Metals
-Modeling and computational material science
-Polymers
-Superconductors
Mathematics and statistics
-Experiment design
-Image and signal processing
-Modeling and simulation research
-Numerical methods and software
-Statistical analysis
-Uncertainty quantification
Metrology
-Amount of substance
-Dimensional metrology
-Electrical / electromagnetic metrology
-Flow metrology and rheology
-Force metrology
-Humidity metrology
-Ionizing radiation metrology
-Mass metrology
-Metric
-Optical / photometry / laser metrology
-Pressure and vacuum metrology
-Thermometry metrology
-Time and frequency metrology
-Weights and measures
Nanotechnology
-Nanobiotechnology
-Nanochemistry
-Nanoelectronics
-Nanofabrication / manufacturing
--Lithography
--Self-assembly
-Nanofluidics
-Nanomagnetics
-Nanomaterials
-Nanomechanics
-Nanometrology
-Nanophotonics
-Nanophysics
-Nanoplasmonics
Neutron research
Performance excellence
-Assessment tools and services
-Baldrige award
-Baldrige examiners
-Baldrige Framework and Criteria
-Best practices
-Leadership development
Physics
-Atomic / molecular / quantum
-Biological physics
-Condensed matter
-Electron physics
-Magnetics
-Nuclear physics
-Optical physics and communications
-Quantum information science
-Radiation
-Spectroscopy
-Thermodynamics
-Time and frequency
Public safety
-Chemical / Biological / Radiological / Nuclear / Explosives (CBRNE)
-First responder preparedness
-Law enforcement
-Public safety communications research
-Response robots
Resilience
-Community resilience
-Disaster and failure studies
-Earthquake risk reduction
-Resilience economics
-Resilient materials
-Windstorm impact reduction
Standards
-Accreditation
-Calibration services
-Conformity assessment
-Documentary standards
-Frameworks
-Reference data
-Reference instruments
-Reference materials
-Standards education
Transportation
-Aerospace
-Automotive