Tag: human-centered ai

Five (!) new papers published in the first half of 2025

I’m a fan of the African (maybe?) proverb: “If you want to go fast, go alone. If you want to go far, go together.” In research, collaboration – bringing together different perspectives and shared resources – is the special sauce that can enable long-term success.

This year has yielded a number of high-quality manuscripts from my Security and Privacy Experiences (SPEX) group and from external collaborations. I have co-authored five new papers that have been accepted for publication.

Work from SPEX Students

  • Sarah Tabassum, Nishka Mathew, and Cori Faklaris. “Privacy on the Move: Understanding Educational Migrants’ Social Media Practices through the Lens of Communication Privacy Management Theory.” In Proceedings of the ACM Journal on Computing and Sustainable Societies (COMPASS 2025) and associated conference, July 22-25, 2025, in Toronto, Canada. Association of Computing Machinery, New York, NY, USA. [Preprint]

This paper is the result of Sarah’s pre-dissertation work to identify socio-technical gaps for a key U.S. higher-ed population – educational migrants. Drawing on 40 interviews with international students from 14 countries, we introduce the concept of “triple presence” to describe migrants’ simultaneous engagement with their home country, host society, and diaspora communities. Using Communication Privacy Management (CPM) theory, the study reveals that privacy concerns shift across three migration stages—pre-migration, transition and arrival, and post-migration—highlighting increased vulnerability during transition and complex privacy negotiations post-migration. Migrants adopt strategies like platform segmentation, encrypted communication, and strategic disconnection to manage privacy turbulence caused by scams, surveillance, and cultural differences. Next step: Sarah is planning a participatory design study to probe how newer AI affordances may be useful for designing for culturally responsive privacy tools and platform-level interventions.

  • Narges Zare, Cori Faklaris, Sarah Tabassum, and Heather Lipford. “Improving Mobile Security with Visual Trust Indicators for Smishing Detection.” In Proceedings of the IEEE 6th Annual World AI IoT Congress (AIIoT 2025), May 28-30, in Seattle, WA, USA. Institute of Electrical and Electronics Engineers, New York, NY, USA. [Preprint]

Since beginning her Phd in 2023, Narges has been studying how to counter the rise in mobile threats from smishing (SMS phishing). In this paper, we explore how visual trust indicators can empower mobile users to better detect these fraudulent messages. Through a user-centered design and evaluation process involving 30 participants, the study tested intuitive, color-coded icons—such as green checkmarks for legitimacy, yellow exclamation marks for caution, and red crosses for fraud—within realistic mobile messaging prototypes. Participants favored familiar, non-verbal icons for quick recognition, while tooltips offering clear, actionable guidance (like “report spam”) enhanced confidence, especially for ambiguous messages. The findings underscore the importance of accessible, customizable, and culturally sensitive design in mobile security interfaces. Next step: Narges is planning an online experiment to test hypotheses derived from this paper about which indicators are likely to perform the best.

Work with Collaborators

  • Rajatsubhra Chakraborty, Xujun Che, Depeng Xu, Cori Faklaris, Xi Niu, and Shuhan Yuan. “BiasMap: Can Cross-Attention Uncover Hidden Social Biases?” In Proceedings of the CVPR 2025 Demographic Diversity in Computer Vision Workshop (CVPR 2025 DemoDiv), June 11, 2025, in Nashville, TN, USA. IEEE Computer Society and The Computer Vision Foundation, Ithaca, NY, USA, 10 pages. [Preprint

It has been a delight to work with Raj and with Depeng (Raj’s main Phd advisor and a UNC Charlotte faculty colleague) on tackling mitigations for biased AI-generated imagery. This paper introduces a novel framework for detecting latent biases in text-to-image diffusion models like Stable Diffusion. Unlike traditional fairness audits that focus on output demographics, BiasMap uses cross-attention attribution maps to reveal how demographic attributes (e.g., gender, race) become spatially entangled with semantic concepts (e.g., professions) during image generation. The findings show that biases originate early in the model’s U-Net architecture and persist through the generation process, highlighting the limitations of current debiasing methods. We hope that this work will pave the way for more equitable generative AI systems.

  • Noga Gercsak. “Enhancing Cybersecurity in DER-Based Smart Grids with Blockchain and Differential Privacy.” In Proceedings of the IEEE 6th Annual World AI IoT Congress (AIIoT 2025), May 28-30, in Seattle, WA, USA. Institute of Electrical and Electronics Engineers, New York, NY, USA. [Preprint]

Confession: I did not expect Noga – a student at David W. Butler High School in Matthews, NC – to get as far as she did in realizing this research vision! Noga followed up on a interest of mine to respond to the growing cybersecurity threats facing distributed energy resources (DERs) in smart grids. (DER examples: electric vehicle charging stations; smart thermostats and other home networked devices; arrays of solar panels connected to the larger electric grid.) Her paper proposes a novel framework that integrates blockchain technology and differential privacy to enhance system resilience, scalability, and data protection. The framework employs a lightweight blockchain for secure, tamper-proof communication and dynamic certificate management, while differential privacy adds noise to sensitive data to preserve anonymity without sacrificing utility. Through simulations involving certificate issuance, replay attacks, spoofing, and DDoS scenarios, the system demonstrated robust performance—achieving block creation times averaging 0.85 seconds and attack recovery in under 40 microseconds. The results show that this hybrid approach not only withstands cyberattacks but also maintains high efficiency and privacy, offering a promising path forward for securing DER-based smart grids in real-world deployments. (Earlier this year, Noga won the North Carolina engineering competition for the Junior Humanities and Science Symposium with her presentation of this work.)

  • Jacob Hopkins, Carlos Rubio Medrano, and Cori Faklaris. “The Price Should Be Right: Exploring User Perspectives on Data Sharing Negotiations.” In Proceedings of the Fifteenth Usable Security and Privacy Symposium (USEC 2025), Feb. 24, 2025, in San Diego, CA, USA. Internet Society, Reston, VA, and Geneva, Switzerland. [Preprint]

Jacob’s Phd work focuses on how to rebalance the power dynamics in voluntary data-sharing events, such as when a bouncer asks for proof of your age at the bar door. He, me, and his faculty advisor at Texas A&M-Corpus Christi, Carlos Rubio Medrano, aim to empower individuals—data subjects—by enabling them to negotiate what personal data is shared and how it is used, rather than passively accepting opaque terms set by data requesters. Jacob envisions a multi-track user study, involving both data subjects and data requesters, to explore what data people are willing to share, under what conditions, and what controls both parties need to feel secure and informed. The study will inform the design of a future privacy negotiation framework that supports manual, automated, and semi-automated negotiations, with the goal of increasing transparency, minimizing privacy risks, and ensuring usability for a wide range of users. I love how his vision lays the groundwork for privacy-enhancing technologies that treat data exchange as a fair and informed negotiation—not a one-sided transaction.

Role-Playing Papers for an Undergraduate-Level Course in Human-Centered AI

This Spring 2025, I have had the honor of creating and teaching our first-ever course in Human-Centered Artificial Intelligence (HCAI). This 4000-level course (cross-listed at the 5000 level for graduate students, no prerequisites) has three objectives:

  • [CO1] Understand the current state of AI systems and technologies. 
  • [CO2] Understand ethical considerations and methods for incorporating human perspectives in AI systems and technologies.
  • [CO3] Develop professional skills for creating and evaluating human-centered AI systems and technologies.

In preparation, I skimmed the internet and asked Human-Computer Interaction (HCI) researchers in a Slack workspace to share their syllabi. Of those who responded or who had posted their materials online, all were teaching either doctoral-level seminars or heavily technical courses. Most were teaching in seminar-style, with an emphasis on reading and discussing research papers. 

While I had found a good User Experience Design (UXD) book to use as the course backbone ([CO1][CO2][CO3]), I knew that I would also need to incorporate research papers. The newer papers capture nuances and specifics for the cutting-edge of HCAI research ([CO1] [CO2]), while the foundational papers originated many key concepts that we use today for e.g. mixed-initiative interfaces ([CO2][CO3]). [The UXD book that I ended up requiring is Akshay Kore. 2022. Designing Human-Centric AI Experiences: Applied UX Design for Artificial Intelligence. APress, Berlin, Germany. It seems to draw heavily from Google’s People + AI Research (PAIR) online resources.]

However, our undergraduates do not have a lot of experience in reading and breaking down research papers. For some, it would be the first time that they would even be assigned such a paper. And, even for graduate students, research papers can be quite boring! I assigned resources in Week 1 on How to Read a Scientific Article, and I went over the tips in class. But I also wanted to engage the class in the papers more directly.

Role-Play Paper-Reading

To make the papers easier to digest (and, dare I say, fun?), I decided to adapt the Role Play format. As described in a blog post by Alec Jacobson and Colin Raffel, this involves having students cooperatively present a single paper through the lens of specific perspectives. Its benefits include scaffolding technical reading (contributing to [CO1][CO2][CO3]), giving students practice at public presentations ([CO3]), and fostering critical discussion ([CO2][CO3]). The roles that they suggested and I adopted are:

  • Scientific Peer Reviewer, to summarize the paper and evaluate its merits.
  • Hacker, to implement new code or a demo related to the paper.
  • Archaeologist, to put the paper into the context of the wider body of knowledge.
  • Academic Researcher, to brainstorm a follow-on study.
  • Industry Practitioner, to brainstorm a profitable application.
  • Private Investigator, to find out more about the authors.
  • Social Impact Assessor, to critique downstream effects and ethical considerations.

I knew that I would need to make changes to their practices. My class is much larger than a doctoral seminar – 62 students. This is too big for a roundtable discussion, and it is impractical to assign roles for every paper to every student. I also did not want to assign JUST research papers but to provide a mix of class-prep materials, such as UXD book chapters, videos, and blog posts. Further, my active-learning pedagogical style is to break the 75-minute class period into roughly 15-minute segments. This leaves time for ONE paper presentation, along with a mini-lecture, an in-class activity, a discussion of a case study or current event, a guest speaker, or group work time for a semester project. Finally, I knew that I would have to set my expectations at a lower level than if Ph.D. or advanced master’s degree students were presenting the papers.

Adapting the Format

I decided to only require that the entire class skim the papers (they were fair game for the weekly Module Quizzes), while a subset would be assigned to prepare each role-play presentation. I created a sign-up spreadsheet for students to pick which day and paper that they would want to help present. Like the blog post’s authors, I required everyone to sign up for at least one Scientific Peer Reviewer or Hacker role and to make it the largest part of the Role-Play grade. These roles require the most work. Undergraduate students then were required to pick two other roles to present during a class period (for any paper). [Graduate students only were required to pick one other role. This is because I assigned graduate students to pick a topic and deliver one presentation on a current event or case study related to HCAI.] I allow up to three students to sign up for any paper’s roles, to ensure that everyone gets a shot at fulfilling the requirements. 

For each paper, I created a shared slide deck in Google Slides. This copies a template of my design. It has specific slides for each role, with a box at the bottom for the role-player to put their name. Using a single slide deck has helped to facilitate the cooperative presentation by saving time from students switching their laptops in and out. One slide after the title page repeats the directions and has a link to the sign-up spreadsheet and role descriptions, in case of questions. This slide is hidden for the live presentation, along with others that had no one assigned to present, or which no one had filled out by class time. During the presentation, I sit in the audience with the teaching assistant, who takes notes for grading. I delegate one role-play presenter to advance the slides as needed.

Students are assessed on whether they covered the instructions for their role, whether they contributed to the slide deck, whether they created and emailed us their speaking notes before class – and whether they show up to present on their day. Because students have life obstacles that come up (such as job scheduling conflicts, health issues, or unreliable transportation and child care), I allow them to submit a video as a makeup if they can’t make it to class.

AI Usage is OK

I know you are going to ask, what about AI use? Is that a problem? Well, in my class, the students are allowed and even encouraged to use chatbots, study assistants, image diffusion models, and code generators. After all, they can’t design for technologies that they themselves don’t use (see [CO1]), and they need to be familiar with what we are talking about in the course modules, such as error-handling methods and good and bad examples of explainable outputs. If they use AI, they must credit the tool when it is used and say what part is AI work and what part is theirs. I showed them in Week 1 – when I assigned myself a paper and presented almost all the roles as a model – that I had written a prompt script for Copilot to ask it to create the first draft of my presentation notes and slide content.

Apart from the above, my general objective is to create and assign activities that are either (1) intentionally and explicitly supposed to be done with an AI assist, or (2) impractical-to-impossible to do completely through AI. The class-participation aspect of the role-play presentation is the component that the students of necessity do without AI help.

How It’s Going – The Plusses

The In-Class Presentation assignment group is 35% of the course grade. As of this week, we are about 75% of the way through the semester. Of those who have already done presentations, the class average grade on these assignments is 91%, or a low A. This makes me happy. 

Students are covering their roles adequately in contextualizing the papers ([CO1][CO2][CO3]), and they are getting more practice at giving presentations ([CO3]). This meets two of my three informal learning objectives. Less often, I feel that we are able to engage in a short critical discussion ([CO2][CO3]), mostly prompted by my questions to the presenters. I will reflect on how to build in more of this critical discussion of the papers for the next time that I teach this course.

Students are also doing very well on the weekly Module Quizzes, which always include a few questions from the assigned research papers. I also notice that students sometimes will pick the research paper as a source for the other weekly assignment: to post suggested quiz questions for the following week.

How It’s Going – The Minuses

Some students have not come to class or submitted speaker notes or a slide for this assignment. I am not surprised by this — at least 10% of my class in any semester does not come to campus or turn in much work online. For the role-play presentations, part of the issue is that it is on the students to note down and put in a calendar reminder of when the presentation is due. For the first few weeks, I sent reminder emails, but then told the class that it was up to them to check the schedule for each week (linked in the Syllabus tab). I have since added a repeating reminder in Canvas each Sunday afternoon to check whether they have a presentation due in the upcoming week. If I put in zeros for students who blew off at least one role-play assignment and have not submitted makeups as of yet, the class average grade falls to 77%, or a C, which is what I expected to see. (I just sent an announcement to remind those students that they can submit a makeup for partial credit through Week 16.)

The biggest pain point is the lack of a decent microphone and speaker system for the deep, stadium-style classroom. Students are often nervous and/or inexperienced speakers, and their voices do not carry without help. I’d say that only the front rows can hear what is said unless you project sound from your chest cavity, like a theater actor. (For discussions, I tend to walk-and-talk up and down the aisles too, not simply keep stationary up front.) However, the projection screen is big, and I can dim the lights up front, so the slides are visible up to the back row.

What the Students Say 

I recently polled the class about the Role-Play Presentations. Of those enrolled, 26 responded to the anonymous survey link. The majority (not all) say that they are indeed skimming each week’s papers “always,” “often,” or “sometimes,” and that the presentations are “always,” “often,” or “sometimes” helpful for their understanding. 

Forms response chart. Question title: How often do you skim the assigned research papers when you are NOT part of the in-class role-play presentations? . Number of responses: 26 responses.
Forms response chart. Question title: How often do feel that the in-class role-play presentations help you to understand the assigned research papers BETTER? . Number of responses: 26 responses.

From the open-ended responses, however, I can tell that I need to reconsider aspects of my format adaptation beyond the critical discussion piece. I’ve been integrating the paper concepts into the mini-lecture, but probably not emphasizing enough what is from the research papers and what is from other resources. I also should revisit from time to time the explicit directions and rubric, as students say they are still confused sometimes about what is part of the role-play exercise and how they are graded.

I love the role-play presentations. It would be helpful to include a slide right after about a quick overview and key concepts we should take away from the paper.

I would say it is done well, but some of the students just seem to be confused on their part, or it might just be me.

I would like to explicitly know if other group members who do not do their work affect my grade.

I learn a lot about papers I am assigned to, but I dont really retain information from the other papers. It still has helped me get better at extracting the main points from a research paper.