A Multi-Modal Neuro-Physiological Study of Phishing Detection and Malware Warnings

Neupane, Ajaya; Rahman, Md. Lutfor; Saxena, Nitesh; Hirshfield, Leanne M.

doi:10.1145/2810103.2813660

Cited by 40 publications

(48 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[266] 4 [225], [229], [247], [265] 2 [233], [252] 1 [219] No 6 [10], [230], [238], [249], [250], [258] 3 [242], [260], [263] Webpage Yes 5 [204], [239], [245], [253], [261] No 4 [203], [212], [236], [264] 3 [211], [213], [216] 3 [61], [217], [ [232] in [211] and [214] used Functional Magnetic Resonance Imaging (fMRI) and Electroencephalogram (EEG) to measure brain's electrical activity and an eye-tracker to have a better understanding of users' decision-making process. They used both existing phishing websites (by downloading and hosting them on their own network) and manually created ones.…”

Section: Selected User Study Literaturementioning

confidence: 99%

SoK: A Comprehensive Reexamination of Phishing Research From the Security Perspective

Das

Baki

Aassal

et al. 2020

IEEE Commun. Surv. Tutorials

108

View full text Add to dashboard Cite

Phishing and spear phishing are typical examples of masquerade attacks since trust is built up through impersonation for the attack to succeed. Given the prevalence of these attacks, considerable research has been conducted on these problems along multiple dimensions. We reexamine the existing research on phishing and spear phishing from the perspective of the unique needs of the security domain, which we call security challenges: real-time detection, active attacker, dataset quality and baserate fallacy. We explain these challenges and then survey the existing phishing/spear phishing solutions in their light. This viewpoint consolidates the literature and illuminates several opportunities for improving existing solutions. We organize the existing literature based on detection techniques for different attack vectors (e.g., URLs, websites, emails) along with studies on user awareness. For detection techniques we examine properties of the dataset, feature extraction, detection algorithms used, and performance evaluation metrics. This work can help guide the development of more effective defenses for phishing, spear phishing and email masquerade attacks of the future, as well as provide a framework for a thorough evaluation and comparison.

show abstract

Section: Selected User Study Literaturementioning

confidence: 99%

SoK: A Comprehensive Reexamination of Phishing Research From the Security Perspective

Das

Baki

Aassal

et al. 2020

IEEE Commun. Surv. Tutorials

108

View full text Add to dashboard Cite

show abstract

“…There are several user studies comparing phishing/spoofed and genuine websites, e.g., [2,3,10,32,25,45], a few works on comparing phishing and legitimate emails [34,24] (although there are several studies that examine various aspects of interaction with phishing emails alone, e.g., [11,12], which are well summarized in [25]), and quite a few on the effectiveness of training programs, e.g., [7,28,38]. The work on training programs is not directly within the scope of this research.…”

Section: Related Workmentioning

confidence: 99%

“…The work on training programs is not directly within the scope of this research. Work is scant on emails containing malware, but effectiveness of malware warnings was studied in [32]. Most studies have been conducted in laboratory settings, notable exceptions to this are [7,25,23,46].…”

Section: Related Workmentioning

confidence: 99%

Scaling and Effectiveness of Email Masquerade Attacks

Baki

Verma

Mukherjee

et al. 2017

Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

We focus on email-based attacks, a rich field with wellpublicized consequences. We show how current Natural Language Generation (NLG) technology allows an attacker to generate masquerade attacks on scale, and study their effectiveness with a within-subjects study. We also gather insights on what parts of an email do users focus on and how users identify attacks in this realm, by planting signals and also by asking them for their reasoning. We find that: (i) 17% of participants could not identify any of the signals that were inserted in emails, and (ii) Participants were unable to perform better than random guessing on these attacks. The insights gathered and the tools and techniques employed could help defenders in: (i) implementing new, customized anti-phishing solutions for Internet users including training next-generation email filters that go beyond vanilla spam filters and capable of addressing masquerade, (ii) more effectively training and upgrading the skills of email users, and (iii) understanding the dynamics of this novel attack and its ability of tricking humans.

show abstract

“…Phishing detection schemes [38][39][40][41][42][43][44][45] that detect a phishing website, either through a web browser on the client side or via specific software at the host, or solutions that detect phishing at the server side are better than phishing prevention and user training schemes. This is because they have a minimal reliance on novice Internet users.…”

Section: Phishing Detection Schemesmentioning

confidence: 99%

A survey and classification of web phishing detection schemes

Varshney

Misra

Atrey

2016

Security Comm Networks

113

View full text Add to dashboard Cite

Phishing is a fraudulent technique that is used over the Internet to deceive users with the goal of extracting their personal information such as username, passwords, credit card, and bank account information. The key to phishing is deception. Phishing uses email spoofing as its initial medium for deceptive communication followed by spoofed websites to obtain the needed information from the victims. Phishing was discovered in 1996, and today, it is one of the most severe cybercrimes faced by the Internet users. Researchers are working on the prevention, detection, and education of phishing attacks, but to date, there is no complete and accurate solution for thwarting them. This paper studies, analyzes, and classifies the most significant and novel strategies proposed in the area of phished website detection, and outlines their advantages and drawbacks. Furthermore, a detailed analysis of the latest schemes proposed by researchers in various subcategories is provided. The paper identifies advantages, drawbacks, and research gaps in the area of phishing website detection that can be worked upon in future research and developments. The analysis given in this paper will help academia and industries to identify the best anti-phishing technique.

show abstract

A Multi-Modal Neuro-Physiological Study of Phishing Detection and Malware Warnings

Cited by 40 publications

References 22 publications

SoK: A Comprehensive Reexamination of Phishing Research From the Security Perspective

SoK: A Comprehensive Reexamination of Phishing Research From the Security Perspective

Scaling and Effectiveness of Email Masquerade Attacks

A survey and classification of web phishing detection schemes

Contact Info

Product

Resources

About