SoK: Still Plenty of Phish in the Sea - A Taxonomy of User-Oriented Phishing Interventions and Avenues for Future Research

Franz, Anjuli ; Zimmermann, Verena ; Albrecht, Gregor ; Hartwig, Katrin ; Reuter, Christian ; Benlian, Alexander ; Vogt, Joachim (2023)
SoK: Still Plenty of Phish in the Sea - A Taxonomy of User-Oriented Phishing Interventions and Avenues for Future Research.
30th USENIX Security Symposium. virtual Conference (08.08.2021-13.08.2021)
doi: 10.26083/tuprints-00020675
Konferenzveröffentlichung, Zweitveröffentlichung, Verlagsversion

Es ist eine neuere Version dieses Eintrags verfügbar.

URL / URN: https://tuprints.ulb.tu-darmstadt.de/20675

Kurzbeschreibung (Abstract)

Phishing is a prevalent cyber threat, targeting individuals and organizations alike. Previous approaches on anti-phishing measures have started to recognize the role of the user, who, at the center of the target, builds the last line of defense. However, user-oriented phishing interventions are fragmented across a diverse research landscape, which has not been systematized to date. This makes it challenging to gain an overview of the various approaches taken by prior works. In this paper, we present a taxonomy of phishing interventions based on a systematic literature analysis. We shed light on the diversity of existing approaches by analyzing them with respect to the intervention type, the addressed phishing attack vector, the time at which the intervention takes place, and the required user interaction. Furthermore, we highlight shortcomings and challenges emerging from both our literature sample and prior meta-analyses, and discuss them in the light of current movements in the field of usable security. With this article, we hope to provide useful directions for future works on phishing interventions.

Typ des Eintrags:	Konferenzveröffentlichung
Erschienen:	2023
Autor(en):	Franz, Anjuli ; Zimmermann, Verena ; Albrecht, Gregor ; Hartwig, Katrin ; Reuter, Christian ; Benlian, Alexander ; Vogt, Joachim
Art des Eintrags:	Zweitveröffentlichung
Titel:	SoK: Still Plenty of Phish in the Sea - A Taxonomy of User-Oriented Phishing Interventions and Avenues for Future Research
Sprache:	Englisch
Publikationsjahr:	2023
Ort:	Darmstadt
Publikationsdatum der Erstveröffentlichung:	2021
Verlag:	USENIX Association
Buchtitel:	Proceedings of the Seventeenth Symposium on Usable Privacy and Security (SOUPS 2021)
Veranstaltungstitel:	30th USENIX Security Symposium
Veranstaltungsort:	virtual Conference
Veranstaltungsdatum:	08.08.2021-13.08.2021
DOI:	10.26083/tuprints-00020675
URL / URN:	https://tuprints.ulb.tu-darmstadt.de/20675
Zugehörige Links:	Identisches Werk
Herkunft:	Zweitveröffentlichungsservice
Kurzbeschreibung (Abstract):	Phishing is a prevalent cyber threat, targeting individuals and organizations alike. Previous approaches on anti-phishing measures have started to recognize the role of the user, who, at the center of the target, builds the last line of defense. However, user-oriented phishing interventions are fragmented across a diverse research landscape, which has not been systematized to date. This makes it challenging to gain an overview of the various approaches taken by prior works. In this paper, we present a taxonomy of phishing interventions based on a systematic literature analysis. We shed light on the diversity of existing approaches by analyzing them with respect to the intervention type, the addressed phishing attack vector, the time at which the intervention takes place, and the required user interaction. Furthermore, we highlight shortcomings and challenges emerging from both our literature sample and prior meta-analyses, and discuss them in the light of current movements in the field of usable security. With this article, we hope to provide useful directions for future works on phishing interventions.
Status:	Verlagsversion
URN:	urn:nbn:de:tuda-tuprints-206754
Zusätzliche Informationen:	Presentation video: https://youtu.be/k8m8zGNNFBA
Sachgruppe der Dewey Dezimalklassifikatin (DDC):	000 Allgemeines, Informatik, Informationswissenschaft > 004 Informatik
Fachbereich(e)/-gebiet(e):	20 Fachbereich Informatik 20 Fachbereich Informatik > Wissenschaft und Technik für Frieden und Sicherheit (PEASEC)
Hinterlegungsdatum:	10 Feb 2023 09:54
Letzte Änderung:	16 Feb 2023 12:19
PPN:
Export:

Suche nach Titel in:	TUfind oder in Google

Verfügbare Versionen dieses Eintrags

SoK: Still Plenty of Phish in the Sea - A Taxonomy of User-Oriented Phishing Interventions and Avenues for Future Research. (deposited 10 Feb 2023 09:54) [Gegenwärtig angezeigt]
- SoK: Still Plenty of Phish in the Sea - A Taxonomy of User-Oriented Phishing Interventions and Avenues for Future Research. (deposited 22 Sep 2021 06:41)

Frage zum Eintrag

Optionen (nur für Redakteure)

Redaktionelle Details anzeigen

OAI 2.0-Basis-URL: https://tubiblio.ulb.tu-darmstadt.de/cgi/oai2 TUbiblio verwendet EPrints 3.

Drucken |

Impressum |

Datenschutzerklärung