• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Home
  • Research Projects
  • Publications
  • People
  • Teaching
  • Media Outreach
  • News Archive

SPIES Lab, Computer Science and Engineering

Texas A&M University College of Engineering

EEG + Eye Tracking Study

The Bimodal Study of Phishing Detection, and Malware Warnings

Detecting phishing attacks (identifying fake vs. real websites) and heeding security warnings represent classical user-centered security tasks subjected to a series of prior investigations. However, our understanding of user behavior underlying these tasks is still not fully mature, motivating further work concentrating at the neuro-physiological level governing the human processing of such tasks.
We pursue a comprehensive three-dimensional study of phishing detection and malware warnings, focusing not only on what users’ task performance is but also on how users process these tasks based on: (1) neural activity captured using Electroencephalogram (EEG) cognitive metrics, and (2) eye gaze patterns captured using an eye-tracker. Our primary novelty lies in employing multi-modal neuro-physiological measures in a single study and providing a near realistic set-up (in contrast to a recent neuro-study conducted inside an fMRI scanner). Our work serves to advance, extend and sup-port prior knowledge in several significant ways. Specifically, in the context of phishing detection, we show that users do not spend enough time analyzing key phishing indicators and often fail at detecting these attacks, although they may be mentally engaged in the task and subconsciously processing real sites differently from fake sites. In the malware warning tasks, in contrast, we show that users are frequently reading, possibly comprehending, and eventually heeding the message embedded in the warning.
Our study provides an initial foundation for building future mechanisms based on the studied real-time neural and eye gaze features, that can automatically infer a user’s “alertness” state, and determine whether or not the user’s response should be relied upon.

Experimental Setting

Experimental Setting

People

Faculty

  • Nitesh Saxena

Student

  • Ajaya Neupane (@UAB; PhD 2017)
  • Md. Lutfor Rahman (MS student; currently doing PhD at UCR)

External Collaborators:

  • Leanne Hirshfield (Syracuse University)

Publication

  • A Multi-Modal Neuro-Physiological Study of Phishing Detection and Malware Warnings
    Ajaya Neupane, Md. Lutfor Rahman, Nitesh Saxena, and Leanne Hirshfield
    In ACM Conference on Computer and Communications Security (CCS), October 2015
    [pdf]

Media Coverage

  • UAB research studies cyberattacks through the lens of EEG and eye tracking, UAB News, Oct 22, 2015
  • Research studies cyberattacks through the lens of EEG and eye tracking, Phys.org, Oct 23, 2015
  • Cyberattacks studied through the lens of EEG and eye tracking, Science News, Oct 23, 2015
  • UAB Research Studies Cyberattacks Through the Lens of EEG and Eye Tracking, Newswise, Oct 23, 2015
  • Research Studies Cyberattacks Through The Lens Of EEG And Eye Tracking, ECN, Oct 23, 2015
  • Research studies cyberattacks through the lens of EEG and eye tracking, Geek Journal, Oct 23, 2015
  • Research studies cyberattacks through the lens of EEG and eye tracking, Follow News Oct 23, 2015
  • Cyberattacks studied through the lens of EEG and eye tracking, My Clever Mind Oct 23, 2015
  • UAB research studies cyberattacks through the lens of EEG and eye tracking, Wn.com Oct 23, 2015
  • Research studies cyberattacks through the lens of EEG and eye tracking, Three Novices Oct 23, 2015
  • Research Studies Cyberattacks Through the Lens of EEG and Eye Tracking, Make Me Feed, Oct 23, 2015
  • Cyber Attacks Studied Through Lens of EEG and Eye Tracking, News United, Oct 24, 2015
  • Cyberattacks studied through the lens of EEG and eye tracking, IT Security News Oct 24, 2015
  • Better understanding of how computer users detect malware and phishing attacks, Homeland Security News Wire, Oct 27, 2015
  • Studying Cyberattacks through Lens of EEG and Eye Tracking, Scientific Computing, Oct 27, 2015
  • Users fail to identify phishing attacks, study says, Network World, Oct 29, 2015
  • UAB Research Studies Cyberattacks Through the Lens of EEG and Eye Tracking, Communications of the ACM, Oct 26, 2015
  • Detection of cyber attacks through the lens EEG and eye tracking, Mirin, Nov 2, 2015
  • Cyberattacks studied through the lens of EEG and eye tracking, USN World Nov 3, 2015

Recent News

  • Paper accepted to CCS 2023 September 2, 2023
  • Paper accepted to PETS 2024 August 31, 2023
  • Paper accepted to CNS 2023 August 13, 2023
  • Paper accepted to MobiCom 2023 August 6, 2023
  • Presenting SPIES’ 13th PhD Graduate — Shalini Saini June 20, 2023
  • Dr. Saxena appointed as Associate Director of Cybersecurity Institute June 7, 2023
  • Saxena and team awarded $6M DOD grant on cognitive security May 3, 2023
  • Dr. Saxena appointed as the Vice Chair of EFAC May 3, 2023
  • Paper accepted to MobiSys 2023 May 2, 2023
  • Paper accepted to ICDCS 2023 April 11, 2023
  • Journal paper accepted to ACM Computing Surveys April 2, 2023
  • 3 full papers accepted to WiSec 2023 March 28, 2023
  • Paper accepted to Oakland 2023 March 14, 2023
  • Paper accepted to USENIX Security 2023 February 21, 2023
  • Cybersecurity Program Led By Dr. Saxena Ranks Best! January 26, 2023
  • EarSpy in Media January 26, 2023
  • Dr. Saxena is a Co-PI on Thematic AI Lab November 28, 2022
  • Paper accepted to PMC 2022 November 28, 2022
  • Paper accepted to ICISC 2022 November 28, 2022
  • A New Grant from NSA October 17, 2022

© 2016–2023 SPIES Lab, Computer Science and Engineering Log in

Texas A&M Engineering Experiment Station Logo
  • College of Engineering
  • Facebook
  • Twitter
  • State of Texas
  • Open Records
  • Risk, Fraud & Misconduct Hotline
  • Statewide Search
  • Site Links & Policies
  • Accommodations
  • Environmental Health, Safety & Security
  • Employment