BayeShield: A Conversational Anti-Phishing User Interface

ثبت نشده
چکیده

In this paper we present BayeShield, a novel anti-phishing tool that uses a conversational approach to partner with users in determining whether a website is phishing when the website is suspicious but not blacklisted. We describe the iterative user-centered development of BayeShield's user interface, discussing its evolution and the design principles we followed. In an empirical evaluation, BayeShield performed better than Firefox 2.0 in preventing participants from entering information on phishing sites. In a second portion of the study, we evaluate BayeShield's usability and obtain positive results including high user satisfaction ratings, and a high-level of engagement as demonstrated by perceived duration of tasks being lower than actual durations. In addition, we learned user characteristics that affect the likelihood users will enter information on phishing websites. Author

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Fighting phishing at the user interface

The problem that this thesis concentrates on is phishing attacks. Phishing attacks use email messages and web sites designed to look as if they come from a known and legitimate organization, in order to deceive users into submitting their personal, financial, or computer account information online at those fake web sites. Phishing is a semantic attack. The fundamental problem of phishing is tha...

متن کامل

Evaluation of the Model for Analysing Anti-Phishing Authentication Ceremonies

Phishing takes advantage of the way humans interact with computers or interpret messages. A security ceremony is one way of extending the reach of current methods for social, technical and contextual analysis of security protocols to include humans. It is an extension of the concept of network security protocol and includes user interface and human-protocol interaction. We propose a model with ...

متن کامل

Phish Phinder: A Game Design Approach to Enhance User Confidence in Mitigating Phishing Attacks

Phishing is an especially challenging cyber security threat as it does not attack computer systems, but targets the user who works on that system by relying on the vulnerability of their decision-making ability. Phishing attacks can be used to gather sensitive information from victims and can have devastating impact if they are successful in deceiving the user. Several anti-phishing tools have ...

متن کامل

Poster: Towards a Model for Analysing Anti-Phishing Authentication Ceremonies

Phishing uses both social engineering and technical means to carry out attacks. Therefore, human factors incorrect human trust decisions play an important role in phishing. Many online authentication techniques place a disproportional burden on human abilities. Assumptions made about human-protocol behaviour are often flawed. In our approach we use the concept of a ceremony to analyse and impro...

متن کامل

Security and Morality: A Tale of User Deceit

There has been considerable debate about the apparent irrationality of end users in choosing with whom to share information, with much of the discourse crystallized in research on phishing. Designs for security technology in general, anti-spam technology, and anti-phishing technology has been targeted on specific problems with distinct methods of mitigation. In contrasts, studies of human risk ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008