KIT | KIT-Bibliothek | Impressum | Datenschutz

Design and Evaluation of an Anti-Phishing Artifact Based on Useful Transparency

Beckmann, Christopher ORCID iD icon 1; Berens, Benjamin ORCID iD icon 1; Kühl, Niklas ORCID iD icon 2,3; Mayer, Peter ORCID iD icon 1; Mossano, Mattia 1; Volkamer, Melanie 1
1 Institut für Angewandte Informatik und Formale Beschreibungsverfahren (AIFB), Karlsruher Institut für Technologie (KIT)
2 Karlsruhe Service Research Institute (KSRI), Karlsruher Institut für Technologie (KIT)
3 Institut für Wirtschaftsinformatik und Marketing (IISM), Karlsruher Institut für Technologie (KIT)

Abstract (englisch):

Background: Various security interventions to support users in detecting phishing emails exist including providing the URL in a tooltip or the statusbar.

Aim: Designing and evaluating an anti-phishing artifact based on the Useful Transparency theory.

Method:}We used the design science research approach for the entire process. As evaluation we ran a between-subjects study with 109 participants from the UK to determine the anti-phishing artifact effectiveness to support users distinguishing between phishing and legitimate emails.

Results: Our results show that, when compared against the state of the art security interventions (displaying the URL in the statusbar), our anti-phishing artifact increase the detection significantly, i.e. phishing detection increased from 50% to 72%.

Conclusion: Albeit further studies are required, the evaluation demonstrate that the Useful Transparency theory can result in promising security interventions. Thus, it might be worth considering it for other security interventions, too.

Preprint §
DOI: 10.5445/IR/1000150844
Veröffentlicht am 16.10.2023
Cover der Publikation
Zugehörige Institution(en) am KIT Institut für Angewandte Informatik und Formale Beschreibungsverfahren (AIFB)
Institut für Wirtschaftsinformatik und Marketing (IISM)
Karlsruhe Service Research Institute (KSRI)
Kompetenzzentrum für angewandte Sicherheitstechnologie (KASTEL)
Publikationstyp Proceedingsbeitrag
Publikationsdatum 29.09.2022
Sprache Englisch
Identifikator KITopen-ID: 1000150844
HGF-Programm 46.23.01 (POF IV, LK 01) Methods for Engineering Secure Systems
Erschienen in International Workshop on Socio-Technical Aspects in Security
Veranstaltung 12th International Workshop on Socio-Technical Aspects in Security - Affiliated with the 27th European Symposium on Research in Computer Security (STAST/ESORICS 2022), Kopenhagen, Dänemark, 29.09.2022
Serie Lecture Notes in Computer Science Series
Bemerkung zur Veröffentlichung in press
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page