Modeling Phishing Decision using Instance Based Learning and Natural Language Processing

Date
2022-01-04
Authors
Xu, Tianhao
Singh, Kuldeep
Rajivan, Prashanth
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Phishing is the practice of deceiving humans into disclosing sensitive information or inappropriately granting access to a secure system. Unfortunately, there is a severe lack of theoretical models to adequately explain and predict the cognitive dynamics underlying end-user susceptibility to phishing emails. This paper reports findings from an Instance-Based Learning (IBL) model developed to predict human response to emails obtained from a laboratory experiment. Particularly, this work investigates the effectiveness of using established natural language processing methods, such as LSA, GloVe, and BERT, to represent email text within IBL models. We found that using representations that consider contextual meanings assigned by humans could enable IBL agents to predict human response with high accuracy (>80%). In addition, we found that traditional NLP methods that capture semantic meanings in natural language may not be effective at representing how people may encode and recall email messages. We discuss the implications of these findings.
Description
Keywords
Cyber Deception and Cyberpsychology for Defense, cognitive modeling, deception, natural language processing, phishing
Citation
Rights
Access Rights
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.