TU Darmstadt / ULB / TUbiblio

NoPhish App Evaluation: Lab and Retention Study

Canova, Gamze ; Volkamer, Melanie ; Bergmann, Clemens ; Reinheimer, Benjamin (2015)
NoPhish App Evaluation: Lab and Retention Study.
San Diego
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

Phishing is a prevalent issue of today’s Internet. Previous approaches to counter phishing do not draw on a crucial factor to combat the threat - the users themselves. We believe user education about the dangers of the Internet is a further key strategy to combat phishing. For this reason, we developed an Android app, a game called –NoPhish–, which educates the user in the detection of phishing URLs. It is crucial to evaluate NoPhish with respect to its effectiveness and the users’ knowledge retention. Therefore, we conducted a lab study as well as a retention study (five months later). The outcomes of the studies show that NoPhish helps users make better decisions with regard to the legitimacy of URLs immediately after playing NoPhish as well as after some time has passed. The focus of this paper is on the description and the evaluation of both studies. This includes findings regarding those types of URLs that are most difficult to decide on as well as ideas to further improve NoPhish. 

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2015
Autor(en): Canova, Gamze ; Volkamer, Melanie ; Bergmann, Clemens ; Reinheimer, Benjamin
Art des Eintrags: Bibliographie
Titel: NoPhish App Evaluation: Lab and Retention Study
Sprache: Englisch
Publikationsjahr: Februar 2015
Verlag: Internet Society
Buchtitel: NDSS Workshop on Usable Security 2015
Veranstaltungsort: San Diego
Kurzbeschreibung (Abstract):

Phishing is a prevalent issue of today’s Internet. Previous approaches to counter phishing do not draw on a crucial factor to combat the threat - the users themselves. We believe user education about the dangers of the Internet is a further key strategy to combat phishing. For this reason, we developed an Android app, a game called –NoPhish–, which educates the user in the detection of phishing URLs. It is crucial to evaluate NoPhish with respect to its effectiveness and the users’ knowledge retention. Therefore, we conducted a lab study as well as a retention study (five months later). The outcomes of the studies show that NoPhish helps users make better decisions with regard to the legitimacy of URLs immediately after playing NoPhish as well as after some time has passed. The focus of this paper is on the description and the evaluation of both studies. This includes findings regarding those types of URLs that are most difficult to decide on as well as ideas to further improve NoPhish. 

Freie Schlagworte: Security, Usability and Society;Secure Data
ID-Nummer: TUD-CS-2015-0014
Fachbereich(e)/-gebiet(e): LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > SECUSO - Security, Usability and Society
20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra
Profilbereiche > Cybersicherheit (CYSEC)
LOEWE > LOEWE-Zentren
20 Fachbereich Informatik
Profilbereiche
LOEWE
Hinterlegungsdatum: 28 Jul 2016 18:35
Letzte Änderung: 17 Mai 2018 13:02
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen