Saved in:
Bibliographic Details
Main Authors: Usman, Warda, Zou, Yixin, Zappala, Daniel
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2511.13781
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866908660262764544
author Usman, Warda
Zou, Yixin
Zappala, Daniel
author_facet Usman, Warda
Zou, Yixin
Zappala, Daniel
contents Human-centered threat modeling (HCTM) is an emerging area within security and privacy research that focuses on how people define and navigate threats in various social, cultural, and technological contexts. While researchers increasingly approach threat modeling from a human-centered perspective, little is known about how they prepare for and engage with HCTM in practice. In this work, we conduct 23 semi-structured interviews with researchers to examine the state of HCTM, including how researchers design studies, elicit threats, and navigate values, constraints, and long-term goals. We find that HCTM is not a prescriptive process but a set of evolving practices shaped by relationships with participants, disciplinary backgrounds, and institutional structures. Researchers approach threat modeling through sustained groundwork and participant-centered inquiry, guided by values such as care, justice, and autonomy. They also face challenges including emotional strain, ethical dilemmas, and structural barriers that complicate efforts to translate findings into real-world impact. We conclude by identifying opportunities to advance HCTM through shared infrastructure, broader recognition of diverse contributions, and stronger mechanisms for translating findings into policy, design, and societal change.
format Preprint
id arxiv_https___arxiv_org_abs_2511_13781
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Human-Centered Threat Modeling in Practice: Lessons, Challenges, and Paths Forward
Usman, Warda
Zou, Yixin
Zappala, Daniel
Cryptography and Security
Computers and Society
Human-centered threat modeling (HCTM) is an emerging area within security and privacy research that focuses on how people define and navigate threats in various social, cultural, and technological contexts. While researchers increasingly approach threat modeling from a human-centered perspective, little is known about how they prepare for and engage with HCTM in practice. In this work, we conduct 23 semi-structured interviews with researchers to examine the state of HCTM, including how researchers design studies, elicit threats, and navigate values, constraints, and long-term goals. We find that HCTM is not a prescriptive process but a set of evolving practices shaped by relationships with participants, disciplinary backgrounds, and institutional structures. Researchers approach threat modeling through sustained groundwork and participant-centered inquiry, guided by values such as care, justice, and autonomy. They also face challenges including emotional strain, ethical dilemmas, and structural barriers that complicate efforts to translate findings into real-world impact. We conclude by identifying opportunities to advance HCTM through shared infrastructure, broader recognition of diverse contributions, and stronger mechanisms for translating findings into policy, design, and societal change.
title Human-Centered Threat Modeling in Practice: Lessons, Challenges, and Paths Forward
topic Cryptography and Security
Computers and Society
url https://arxiv.org/abs/2511.13781