Warning of Phishing Attacks: Supporting Human Information Processing, Identifying Phishing Deception Indicators, and Reducing Vulnerability - July 2016![Conflict Detection Enabled Conflict Detection Enabled](/sites/all/themes/redux/css/images/icons/conflict_enabled_icon.png)
Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.
PI(s): Christopher Mayhorn, Emerson Murphy-Hill
Researchers: Allaire Welk, Olga Zielinska
HARD PROBLEM(S) ADDRESSED
- Human Behavior - Ongoing efforts have focused on understanding how mental models vary between novice users, experts (such as IT professionals), and hackers should be useful in accomplishing the ultimate goal of the work: to build secure systems that reduce user vulnerability to phishing. Moreover, mapping out the mental models that underlie security-related decision making should also inform behavioral models of users, security-experts (i.e., system administrators), and adversaries seeking to exploit system functionality.
PUBLICATIONS
-
Zielinska, Olga, Welk, Allaire, Mayhorn, Christopher B., Murphy-Hill, Emerson. 2016. The Persuasive Phish: Examining the Social Psychological Principles Hidden in Phishing Emails. Proceedings of the Symposium and Bootcamp on the Science of Security. :126–126. doi: 10.1145/2898375.2898382
URL: http://doi.acm.org/10.1145/2898375.2898382 -
Pearson, Carl J., Welk, Allaire K., Boettcher, William A., Mayer, Roger C., Streck, Sean, Simons-Rudolph, Joseph M., Mayhorn, Christopher B.. 2016. Differences in Trust Between Human and Automated Decision Aids. Proceedings of the Symposium and Bootcamp on the Science of Security. :95–98. doi: 10.1145/2898375.2898385
URL: http://doi.acm.org/10.1145/2898375.2898385
ACCOMPLISHMENT HIGHLIGHTS
- We are in the process of completing our study of the interaction between personality and susceptibility to different phishing attacks (that vary by persuasion principles) identified from our corpus of phishing stimuli used in previous efforts. We encountered some difficulties with stimulus development but have been able to proceed to populating Qualtrics, the software used to present our stimulus materials. Data collection will begin no later than mid-July.
- In April, Olga Zielinska's work with the SoS Lablet was featured in the College of Humanities and Social Sciences newsletter at NCSU (see link: http://news.chass.ncsu.edu/2016/04/21/exploring-the-evolution-of-phishing/)
- Warning of Phishing Attacks, Supporting Human Information Processing, Identifying Phishin Deception Indicators, and Reducing Vulnerability
- NSA Program Manager
- Human Behavior
- NCSU
- Warning of Phishing Attacks: Supporting Human Information Processing, Identifying Phishing Deception Indicators & Reducing Vuln.
- FY14-18
- July'16