TU Darmstadt / ULB / TUbiblio

TORPEDO: TOoltip-poweRed Phishing Email DetectiOn

Volkamer, Melanie and Renaud, Karen and Reinheimer, Benjamin (2016):
TORPEDO: TOoltip-poweRed Phishing Email DetectiOn.
In: 31st International Conference on ICT Systems Security and Privacy Protection (IFIP SEC), Springer, Ghent, Belgium, [Conference or Workshop Item]

Abstract

We propose a concept called TORPEDO to improve phish detection by providing just-in-time and just-in-place trustworthy tooltips to help people judge links embedded in emails. TORPEDO’s tooltips contain the actual URL with the domain highlighted and delay link activation for a short period, giving the person time to inspect the URL before they click. Furthermore, TORPEDO consists of an information diagram to explain phish detection. We evaluated TORPEDO in particular with respect to its effectiveness: Compared to the worst case ‘status bar’. as used in Thunderbird and Web email clients. TORPEDO performed significantly better in detecting phishes and identifying legitimate emails (85.17 % versus 43.31 % correct answers for phish). A proof of concept implementation is available as a Thunderbird Add-On.

Item Type: Conference or Workshop Item
Erschienen: 2016
Creators: Volkamer, Melanie and Renaud, Karen and Reinheimer, Benjamin
Title: TORPEDO: TOoltip-poweRed Phishing Email DetectiOn
Language: English
Abstract:

We propose a concept called TORPEDO to improve phish detection by providing just-in-time and just-in-place trustworthy tooltips to help people judge links embedded in emails. TORPEDO’s tooltips contain the actual URL with the domain highlighted and delay link activation for a short period, giving the person time to inspect the URL before they click. Furthermore, TORPEDO consists of an information diagram to explain phish detection. We evaluated TORPEDO in particular with respect to its effectiveness: Compared to the worst case ‘status bar’. as used in Thunderbird and Web email clients. TORPEDO performed significantly better in detecting phishes and identifying legitimate emails (85.17 % versus 43.31 % correct answers for phish). A proof of concept implementation is available as a Thunderbird Add-On.

Title of Book: 31st International Conference on ICT Systems Security and Privacy Protection (IFIP SEC)
Publisher: Springer
Uncontrolled Keywords: Security, Usability and Society;Secure Data
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > Theoretical Computer Science - Cryptography and Computer Algebra
20 Department of Computer Science > SECUSO - Security, Usability and Society
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
20 Department of Computer Science
Profile Areas
LOEWE
Event Location: Ghent, Belgium
Date Deposited: 28 Jul 2016 18:35
Identification Number: TUD-CS-2016-0056
Related URLs:
Export:

Optionen (nur für Redakteure)

View Item View Item