A Human Information-Processing Analysis of Online Deception Detection - January 2017

Public Audience
Purpose: To highlight project progress. Information is generally at a higher level which is accessible to the interested public. All information contained in the report (regions 1-3) is a Government Deliverable/CDRL.

PI(s):  Robert W. Proctor, Ninghui Li
Researchers: Jing Chen; Weining Yang; Aiping Xiong; Wanling Zou

HARD PROBLEM(S) ADDRESSED

• Human Behavior - Predicting individual users’ judgments and decisions regarding possible online deception.  Our research addresses this problem within the context of examining user decisions with regard to phishing attacks. This work is grounded within the scientific literature on human decision-making processes.

PUBLICATIONS

• Xiong, A., Proctor, R. W., Yang, W., & Li, N. (in press). Is domain highlighting actually helpful in identifying phishing webpages? Human Factors: The Journal of the Human Factors and Ergonomics Society.

• Chen, J., Proctor, R. W., & Li, N. (2016, November). Human trust in automation in a phishing context. Talk presented at 46th Annual Meeting of the Society for Computers in Psychology (SCiP), Boston, MA.

• Xiong, A., Proctor, R. W., Li, N., & Yang, W. (2016, November). Use of warnings for instructing users how to detect phishing webpages. Talk presented at the 46th Annual Meeting of the Society for Computers in Psychology (SCiP), Boston, MA.

ACCOMPLISHMENT HIGHLIGHTS

• We have conducted human-subjects research in the context of phishing.  A major finding is that training about phishing is essential to help people make informed decisions about whether a webpage is fraudulent.  We also showed that phishing training can be delivered through embedding it within phishing warnings.  We have also shown that users’ trust in phishing warnings systematically varies as a function of whether they are informed explicitly about the actual reliability of the warning system or whether this knowledge is acquired through experience.