TU Darmstadt / ULB / TUbiblio

NoPhish App Evaluation: Lab and Retention Study

Canova, Gamze and Volkamer, Melanie and Bergmann, Clemens and Reinheimer, Benjamin (2015):
NoPhish App Evaluation: Lab and Retention Study.
In: NDSS Workshop on Usable Security 2015, Internet Society, San Diego, [Conference or Workshop Item]

Abstract

Phishing is a prevalent issue of today’s Internet. Previous approaches to counter phishing do not draw on a crucial factor to combat the threat - the users themselves. We believe user education about the dangers of the Internet is a further key strategy to combat phishing. For this reason, we developed an Android app, a game called –NoPhish–, which educates the user in the detection of phishing URLs. It is crucial to evaluate NoPhish with respect to its effectiveness and the users’ knowledge retention. Therefore, we conducted a lab study as well as a retention study (five months later). The outcomes of the studies show that NoPhish helps users make better decisions with regard to the legitimacy of URLs immediately after playing NoPhish as well as after some time has passed. The focus of this paper is on the description and the evaluation of both studies. This includes findings regarding those types of URLs that are most difficult to decide on as well as ideas to further improve NoPhish. 

Item Type: Conference or Workshop Item
Erschienen: 2015
Creators: Canova, Gamze and Volkamer, Melanie and Bergmann, Clemens and Reinheimer, Benjamin
Title: NoPhish App Evaluation: Lab and Retention Study
Language: English
Abstract:

Phishing is a prevalent issue of today’s Internet. Previous approaches to counter phishing do not draw on a crucial factor to combat the threat - the users themselves. We believe user education about the dangers of the Internet is a further key strategy to combat phishing. For this reason, we developed an Android app, a game called –NoPhish–, which educates the user in the detection of phishing URLs. It is crucial to evaluate NoPhish with respect to its effectiveness and the users’ knowledge retention. Therefore, we conducted a lab study as well as a retention study (five months later). The outcomes of the studies show that NoPhish helps users make better decisions with regard to the legitimacy of URLs immediately after playing NoPhish as well as after some time has passed. The focus of this paper is on the description and the evaluation of both studies. This includes findings regarding those types of URLs that are most difficult to decide on as well as ideas to further improve NoPhish. 

Title of Book: NDSS Workshop on Usable Security 2015
Publisher: Internet Society
Uncontrolled Keywords: Security, Usability and Society;Secure Data
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > SECUSO - Security, Usability and Society
20 Department of Computer Science > Theoretical Computer Science - Cryptography and Computer Algebra
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
20 Department of Computer Science
Profile Areas
LOEWE
Event Location: San Diego
Date Deposited: 28 Jul 2016 18:35
Identification Number: TUD-CS-2015-0014
Export:

Optionen (nur für Redakteure)

View Item View Item