The Bimodal Study of Phishing Detection, and Malware Warnings
Detecting phishing attacks (identifying fake vs. real websites) and heeding security warnings represent classical user-centered security tasks subjected to a series of prior investigations. However, our understanding of user behavior underlying these tasks is still not fully mature, motivating further work concentrating at the neuro-physiological level governing the human processing of such tasks.
We pursue a comprehensive three-dimensional study of phishing detection and malware warnings, focusing not only on what users’ task performance is but also on how users process these tasks based on: (1) neural activity captured using Electroencephalogram (EEG) cognitive metrics, and (2) eye gaze patterns captured using an eye-tracker. Our primary novelty lies in employing multi-modal neuro-physiological measures in a single study and providing a near realistic set-up (in contrast to a recent neuro-study conducted inside an fMRI scanner). Our work serves to advance, extend and sup-port prior knowledge in several significant ways. Specifically, in the context of phishing detection, we show that users do not spend enough time analyzing key phishing indicators and often fail at detecting these attacks, although they may be mentally engaged in the task and subconsciously processing real sites differently from fake sites. In the malware warning tasks, in contrast, we show that users are frequently reading, possibly comprehending, and eventually heeding the message embedded in the warning.
Our study provides an initial foundation for building future mechanisms based on the studied real-time neural and eye gaze features, that can automatically infer a user’s “alertness” state, and determine whether or not the user’s response should be relied upon.
Experimental Setting
People
Faculty
Student
- Ajaya Neupane (@UAB; PhD 2017)
- Md. Lutfor Rahman (MS student; currently doing PhD at UCR)
External Collaborators:
- Leanne Hirshfield (Syracuse University)
Publication
- A Multi-Modal Neuro-Physiological Study of Phishing Detection and Malware Warnings
Ajaya Neupane, Md. Lutfor Rahman, Nitesh Saxena, and Leanne Hirshfield
In ACM Conference on Computer and Communications Security (CCS), October 2015
[pdf]
Media Coverage
- UAB research studies cyberattacks through the lens of EEG and eye tracking, UAB News, Oct 22, 2015
- Research studies cyberattacks through the lens of EEG and eye tracking, Phys.org, Oct 23, 2015
- Cyberattacks studied through the lens of EEG and eye tracking, Science News, Oct 23, 2015
- UAB Research Studies Cyberattacks Through the Lens of EEG and Eye Tracking, Newswise, Oct 23, 2015
- Research Studies Cyberattacks Through The Lens Of EEG And Eye Tracking, ECN, Oct 23, 2015
- Research studies cyberattacks through the lens of EEG and eye tracking, Geek Journal, Oct 23, 2015
- Research studies cyberattacks through the lens of EEG and eye tracking, Follow News Oct 23, 2015
- Cyberattacks studied through the lens of EEG and eye tracking, My Clever Mind Oct 23, 2015
- UAB research studies cyberattacks through the lens of EEG and eye tracking, Wn.com Oct 23, 2015
- Research studies cyberattacks through the lens of EEG and eye tracking, Three Novices Oct 23, 2015
- Research Studies Cyberattacks Through the Lens of EEG and Eye Tracking, Make Me Feed, Oct 23, 2015
- Cyber Attacks Studied Through Lens of EEG and Eye Tracking, News United, Oct 24, 2015
- Cyberattacks studied through the lens of EEG and eye tracking, IT Security News Oct 24, 2015
- Better understanding of how computer users detect malware and phishing attacks, Homeland Security News Wire, Oct 27, 2015
- Studying Cyberattacks through Lens of EEG and Eye Tracking, Scientific Computing, Oct 27, 2015
- Users fail to identify phishing attacks, study says, Network World, Oct 29, 2015
- UAB Research Studies Cyberattacks Through the Lens of EEG and Eye Tracking, Communications of the ACM, Oct 26, 2015
- Detection of cyber attacks through the lens EEG and eye tracking, Mirin, Nov 2, 2015
- Cyberattacks studied through the lens of EEG and eye tracking, USN World Nov 3, 2015