Exploring expert and novice mental models of phishing
Title | Exploring expert and novice mental models of phishing |
Publication Type | Conference Proceedings |
Year of Publication | 2015 |
Authors | Olga Zielinska, Allaire Welk, Christopher B. Mayhorn, Emerson Murphy-Hill |
Conference Name | HotSoS: Symposium and Bootcamp on the Science of Security |
Conference Location | Urbana-Champaign, IL |
Keywords | Warning of Phishing Attacks, Supporting Human Information Processing, Identifying Phishin Deception Indicators, and Reducing Vulnerability |
Abstract | Experience influences actions people take in protecting themselves against phishing. One way to measure experience is through mental models. Mental models are internal representations of a concept or system that develop with experience. By rating pairs of concepts on the strength of their relationship, networks can be created through Pathfinder, showing an in-depth analysis of how information is organized. Researchers had novice and expert computer users rate three sets of terms related to phishing. The terms were divided into three categories: prevention of phishing, trends and characteristics of phishing attacks, and the consequences of phishing. Results indicated that expert mental models were more complex with more links between concepts. Specifically, experts had sixteen, thirteen, and fifteen links in the networks describing the prevention, trends, and consequences of phishing, respectively; however, novices only had eleven, nine, and nine links in the networks describing prevention, trends, and consequences of phishing, respectively. These preliminary results provide quantifiable network displays of mental models of novices and experts that cannot be seen through interviews. This information could provide a basis for future research on how mental models could be used to determine phishing vulnerability and the effectiveness of phishing training. |
Citation Key | node-18823 |
Refereed Designation | Unknown |