Warning of Phishing Attacks: Supporting Human Information Processing, Identifying Phishing Deception Indicators, and Reducing Vulnerability - July 2014

Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.

PI(s):  Christopher Mayhorn, Emerson Murphy-Hill
Researchers: Allaire Welk, Olga Zielinska

HARD PROBLEM(S) ADDRESSED

• Human Behavior - This preliminary work in understanding how mental models vary between novice users, experts (such as IT professionals), and hackers should be useful in accomplishing the ultimate goal of the work: to build secure systems that reduce user vulnerability to phishing.

PUBLICATIONS
Report papers written as a results of this research. If accepted by or submitted to a journal, which journal. If presented at a conference, which conference.

None.

ACCOMPLISHMENT HIGHLIGHTS:

• Conducted literature search on mental models and the use of Pathfinder statistical analysis application. These tools will be informative in understanding how different groups of users conceptualize phishing. 
• As part of the proposed Phase 1 of the research plan, we developed the procedure and stimuli for an experiment that will allow us to assess whether the mental models of novices, experts (e.g., IT personnel--red teams), and hackers differ from one another.  These efforts should be informative in Phases 2-3 of the research plan and ultimately in developing anti-phishing strategies.
• Began collecting pilot data with a small convenience sample at NCSU.