Volkamer, Melanie ; Renaud, Karen ; Reinheimer, Benjamin ; Kunz, Alexandra (2017)
User experiences of TORPEDO: TOoltip-powered phishing email DetectiOn.
In: >Computers & Security, 71
doi: 10.1016/j.cose.2017.02.004
Artikel, Bibliographie
Kurzbeschreibung (Abstract)
Abstract We propose a concept called TORPEDO to improve phish detection by providing just-in-time and just-in-place trustworthy tooltips. These help people to identify phish links embedded in emails. TORPEDO's tooltips contain the actual URL with the domain highlighted. Link activation is delayed for a short period, giving the person time to inspect the URL before they click on a link. Furthermore, TORPEDO provides an information diagram to explain phish detection. We evaluated TORPEDO's effectiveness, as compared to the worst case "status bar" as provided by other Web email interfaces. People using TORPEDO performed significantly better in detecting phishes and identifying legitimate emails (85.17% versus 43.31% correct answers for phish). We then carried out a field study with a number of TORPEDO users to explore actual user experiences of TORPEDO. We conclude the paper by reporting on the outcome of this field study and suggest improvements based on the feedback from the field study participants.
| Typ des Eintrags: | Artikel |
|---|---|
| Erschienen: | 2017 |
| Autor(en): | Volkamer, Melanie ; Renaud, Karen ; Reinheimer, Benjamin ; Kunz, Alexandra |
| Art des Eintrags: | Bibliographie |
| Titel: | User experiences of TORPEDO: TOoltip-powered phishing email DetectiOn |
| Sprache: | Englisch |
| Publikationsjahr: | Februar 2017 |
| Titel der Zeitschrift, Zeitung oder Schriftenreihe: | >Computers & Security |
| Jahrgang/Volume einer Zeitschrift: | 71 |
| DOI: | 10.1016/j.cose.2017.02.004 |
| Kurzbeschreibung (Abstract): | Abstract We propose a concept called TORPEDO to improve phish detection by providing just-in-time and just-in-place trustworthy tooltips. These help people to identify phish links embedded in emails. TORPEDO's tooltips contain the actual URL with the domain highlighted. Link activation is delayed for a short period, giving the person time to inspect the URL before they click on a link. Furthermore, TORPEDO provides an information diagram to explain phish detection. We evaluated TORPEDO's effectiveness, as compared to the worst case "status bar" as provided by other Web email interfaces. People using TORPEDO performed significantly better in detecting phishes and identifying legitimate emails (85.17% versus 43.31% correct answers for phish). We then carried out a field study with a number of TORPEDO users to explore actual user experiences of TORPEDO. We conclude the paper by reporting on the outcome of this field study and suggest improvements based on the feedback from the field study participants. |
| Freie Schlagworte: | Security, Usability and Society;Phishing detection, Email, Thunderbird, Usable security, Tooltips, User studies |
| ID-Nummer: | TUD-CS-2017-0034 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik > SECUSO - Security, Usability and Society Profilbereiche > Cybersicherheit (CYSEC) 20 Fachbereich Informatik Profilbereiche |
| Hinterlegungsdatum: | 15 Feb 2017 19:12 |
| Letzte Änderung: | 15 Mai 2018 10:33 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum