Visible to the public A Human Information-Processing Analysis of Online Deception Detection - July 2015Conflict Detection Enabled

Submitted by drwright on Wed, 06/17/2015 - 9:28am

Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.

PI(s):  Robert W. Proctor, Ninghui Li
Researchers: Jing Chen; Weining Yang; Aiping Xiong

 

HARD PROBLEM(S) ADDRESSED

  • Human Behavior - Predicting individual users’ judgments and decisions regarding possible online deception.  Our research addresses this problem within the context of examining user decisions with regard to phishing attacks. This work is grounded within the scientific literature on human decision-making processes.

 

PUBLICATIONS
Chen, J., Gates, C. S., Jorgensen, Z., Yang, W., Xiong, A., Li, N., Yu, T., & Proctor, R. W. (2015). "Effective risk communication for end users: A multi-granularity approach." Poster presented at the Women in CyberSecurity (WiCyS) Conference. Atlanta, GA.

Yang, W., Chen, J., Xiong, A., Proctor, R. W., & Li, N. (2015). "Effectiveness of a phishing warning in field settings." Poster presented at the Symposium and Bootcamp on the Science of Security (HotSoS). Champaign-Urbana, IL.

 

ACCOMPLISHMENT HIGHLIGHTS

  • Based on the results from a previous pilot study, a phishing warning interface was modified to include the following: Explicit mention of "Phishing" in the main page of the warning; a "Stop" sign highlighted the recommended "stopping" action; ranking examples of popular websites were provided as a reference; etc.
  • The effectiveness of the warning was evaluated in a field experiment, in which participants were phished during their daily internet browsing. Preliminary results confirmed the effectiveness of the new warning interface at preventing users from entering their personal information into the fraudulent web site.
  • Domain highlighting was evaluated with an online survey in which participants judged the safety of web pages. Preliminary results suggest that highlighting did not improve detection of fake web sites, whereas performance was improved by directing participants to look at the address bar.
Groups: