developing a user profile to predict phishing susceptibility and … · 2013. 3. 26. ·...

Science of Security Lablet

Understanding & Accounting Human Behavior

Developing a User Profile to Predict Phishing Susceptibility

and Security Technology Acceptance Kyung Wha Hong , Dr. Emerson Murphy-Hill Computer Science Department

Christopher M. Kelly, Dr. Christopher B. Mayhorn Psychology Department



What is Phishing?



How is Phishing doing?



Problem Area Previous approach Our approach

Technology



Research Questions

•What behavioral characteristics make some users more susceptible to phishing?

• Are “at-risk” users willing to use new security related tools?



Goal

• Develop a user-profile that predict when and where phishing attacks will be successful

• Build a user friendly tool to help users distinguish phishing attempts



Initial Survey

Phishing ?



Initial Survey

• Goal – Provide pilot data on perceptions of phishing

and related characteristics • Participants

– 155 people recruited from Amazon’s Mechanical Turk



Initial Survey

•Methods – Computer Usage and Risk Profile Tool – Perceptions of phishing – Factors related to phishing – Personal phishing experiences



Initial Survey: Results

• Almost everyone had experienced a phishing attempt (22% actually had loss)

• Participants actively engage efforts to protect themselves online



Initial Survey: Results

• Phishers often poses as members of organizations

• The consequences of phishing attacks go beyond financial loss (e.g., embarrassment , erosion of trust)



Study 2

• Specific Aim – Identify behavioral, cognitive, and perceptual

attributes that might make some users more susceptible to phishing than others



Study 2

• Participants – 53 undergraduate students

•Material – Self-reported measures – Behavioral measures



Study 2

(1) Online Survey – Previous experiences with phishing – Online purchasing behavior – General computing behavior – Dispositional trust – Impulsivity – Personality



Study 2

(2) Lab Test – Vision Test – Working Memory Capacity Test – Sustained Attention Test – Evaluate Phishing Susceptibility via Email Task – Vocabulary Test – Spatial Ability Test



Study 2

• Email Task – Ask user to determine whether provided email

is legitimate or suspicious – Let user response through marking each email

either as important, archive, or trash



Study 2: Results

• Individual Differences – Less trusting individuals, introverts, those less

open to new experiences were more likely to trash legitimate emails

– Women less likely to identify phishing emails



Study 2: Results

• Email Task Performance – More than 92% were susceptible to phishing – 52% had misclassified more than half of the

phishing emails



Study 3: Plan

• Develop an anti-phishing training tool – Adapting user profiles developed from Study 2

•Measure participant’s phishing susceptibility before and after the training



Study 3: Plan



Possible Collaboration • Helping us find participants for Study 2 • Contacts

– Dr. Christopher B. Mayhorn <[email protected]> – Dr. Emerson Murphy-Hill <[email protected]> – Christopher M. Kelly <[email protected]> – Kyung Wha Hong <[email protected]>

developing a user profile to predict phishing susceptibility and … · 2013. 3. 26. ·...

Documents