How Well Can LLM Agents Simulate End-User Security and Privacy Attitudes and Behaviors?
This work addresses the problem of scalable forecasting of security and privacy risks for product developers, but it is incremental as it benchmarks existing methods rather than introducing a new paradigm.
The researchers investigated whether LLM agents can accurately simulate human security and privacy attitudes and behaviors, finding that current models score between 50 and 64 on a 0-100 alignment scale, with some configurations achieving scores above 95 for specific behavior tests.
A growing body of research assumes that large language model (LLM) agents can serve as proxies for how people form attitudes toward and behave in response to security and privacy (S&P) threats. If correct, these simulations could offer a scalable way to forecast S&P risks in products prior to deployment. We interrogate this assumption using SP-ABCBench, a new benchmark of 30 tests derived from validated S&P human-subject studies, which measures alignment between simulations and human-subjects studies on a 0-100 ascending scale, where higher scores indicate better alignment across three dimensions: Attitude, Behavior, and Coherence. Evaluating twelve LLMs, four persona construction strategies, and two prompting methods, we found that there remains substantial room for improvement: all models score between 50 and 64 on average. Newer, bigger, and smarter models do not reliably do better and sometimes do worse. Some simulation configurations, however, do yield high alignment: e.g., with scores above 95 for some behavior tests when agents are prompted to apply bounded rationality and weigh privacy costs against perceived benefits. We release SP-ABCBench to enable reproducible evaluation as methods improve.