Understanding Security Behavior of Real Users: Analysis of a Phishing Study

dc.contributor.author Kang, Mingqing
dc.contributor.author Shonman, Matthew
dc.contributor.author Subramanya, Anshul
dc.contributor.author Zhang, Haoruo
dc.contributor.author Li, Xiangyang
dc.contributor.author Dahbura, Anton
dc.date.accessioned 2020-12-24T20:29:43Z
dc.date.available 2020-12-24T20:29:43Z
dc.date.issued 2021-01-05
dc.description.abstract This paper presents a set of statistical analyses on an empirical study of phishing email sorting by real online users. Participants were assigned to multitasking and/or incentive conditions in unattended web-based tasks that are the most realistic in any comparable study to date. Our three stages of analyses included logistic regression models to identify individual phishing “cues” contributing to successful classifications, statistical significance tests assessing the links between participants’ training experience and self-assessments of success to their actual performance, significance tests searching for significant demographic factors influencing task completion performance, and lastly k-means clustering based on a range of performance measures and utilizing participants’ demographic attributes. In particular, the results indicate that multitasking and incentives create complex dynamics while demographic traits and cybersecurity training can be informative predictors of user security behavior. These findings strongly support the benefits of security training and education and advocate for customized and differentiated interventions to increase users’ success of correctly identifying phishing emails.
dc.format.extent 10 pages
dc.identifier.doi 10.24251/HICSS.2021.862
dc.identifier.isbn 978-0-9981331-4-0
dc.identifier.uri http://hdl.handle.net/10125/71483
dc.language.iso English
dc.relation.ispartof Proceedings of the 54th Hawaii International Conference on System Sciences
dc.rights Attribution-NonCommercial-NoDerivatives 4.0 International
dc.rights.uri https://creativecommons.org/licenses/by-nc-nd/4.0/
dc.subject Security and Privacy Aspects of Human-Computer-Interactions
dc.subject demographic analysis
dc.subject empirical study
dc.subject phishing
dc.subject security
dc.subject user behavior
dc.title Understanding Security Behavior of Real Users: Analysis of a Phishing Study
prism.startingpage 7163
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
1.07 MB
Adobe Portable Document Format