Design and Evaluation of an Anti-Phishing Artifact Based on Useful Transparency
Beckmann, Christopher
1; Berens, Benjamin
1; Kühl, Niklas
2,3; Mayer, Peter
1; Mossano, Mattia
1; Volkamer, Melanie 1
1 Institut für Angewandte Informatik und Formale Beschreibungsverfahren (AIFB), Karlsruher Institut für Technologie (KIT)
2 Karlsruhe Service Research Institute (KSRI), Karlsruher Institut für Technologie (KIT)
3 Institut für Wirtschaftsinformatik und Marketing (IISM), Karlsruher Institut für Technologie (KIT)
1; Berens, Benjamin
1; Kühl, Niklas
2,3; Mayer, Peter
1; Mossano, Mattia
1; Volkamer, Melanie 11 Institut für Angewandte Informatik und Formale Beschreibungsverfahren (AIFB), Karlsruher Institut für Technologie (KIT)
2 Karlsruhe Service Research Institute (KSRI), Karlsruher Institut für Technologie (KIT)
3 Institut für Wirtschaftsinformatik und Marketing (IISM), Karlsruher Institut für Technologie (KIT)
Abstract (englisch):
Background: Various security interventions to support users in detecting phishing emails exist including providing the URL in a tooltip or the statusbar.
Aim: Designing and evaluating an anti-phishing artifact based on the Useful Transparency theory.
Method:}We used the design science research approach for the entire process. As evaluation we ran a between-subjects study with 109 participants from the UK to determine the anti-phishing artifact effectiveness to support users distinguishing between phishing and legitimate emails.
Results: Our results show that, when compared against the state of the art security interventions (displaying the URL in the statusbar), our anti-phishing artifact increase the detection significantly, i.e. phishing detection increased from 50% to 72%.
Conclusion: Albeit further studies are required, the evaluation demonstrate that the Useful Transparency theory can result in promising security interventions. Thus, it might be worth considering it for other security interventions, too.
Aim: Designing and evaluating an anti-phishing artifact based on the Useful Transparency theory.
Method:}We used the design science research approach for the entire process. As evaluation we ran a between-subjects study with 109 participants from the UK to determine the anti-phishing artifact effectiveness to support users distinguishing between phishing and legitimate emails.
Results: Our results show that, when compared against the state of the art security interventions (displaying the URL in the statusbar), our anti-phishing artifact increase the detection significantly, i.e. phishing detection increased from 50% to 72%.
Conclusion: Albeit further studies are required, the evaluation demonstrate that the Useful Transparency theory can result in promising security interventions. Thus, it might be worth considering it for other security interventions, too.
| Zugehörige Institution(en) am KIT | Institut für Angewandte Informatik und Formale Beschreibungsverfahren (AIFB) Institut für Wirtschaftsinformatik und Marketing (IISM) Karlsruhe Service Research Institute (KSRI) Kompetenzzentrum für angewandte Sicherheitstechnologie (KASTEL) |
| Publikationstyp | Proceedingsbeitrag |
| Publikationsdatum | 29.09.2022 |
| Sprache | Englisch |
| Identifikator | KITopen-ID: 1000150844 |
| HGF-Programm | 46.23.01 (POF IV, LK 01) Methods for Engineering Secure Systems |
| Erschienen in | International Workshop on Socio-Technical Aspects in Security |
| Veranstaltung | 12th International Workshop on Socio-Technical Aspects in Security - Affiliated with the 27th European Symposium on Research in Computer Security (STAST/ESORICS 2022), Kopenhagen, Dänemark, 29.09.2022 |
| Serie | Lecture Notes in Computer Science Series |
| Bemerkung zur Veröffentlichung | in press |