TU Darmstadt / ULB / TUbiblio

NoPhish App Evaluation: Lab and Retention Study

Canova, Gamze ; Volkamer, Melanie ; Bergmann, Clemens ; Reinheimer, Benjamin (2015)
NoPhish App Evaluation: Lab and Retention Study.
San Diego
Conference or Workshop Item, Bibliographie

Abstract

Phishing is a prevalent issue of today’s Internet. Previous approaches to counter phishing do not draw on a crucial factor to combat the threat - the users themselves. We believe user education about the dangers of the Internet is a further key strategy to combat phishing. For this reason, we developed an Android app, a game called –NoPhish–, which educates the user in the detection of phishing URLs. It is crucial to evaluate NoPhish with respect to its effectiveness and the users’ knowledge retention. Therefore, we conducted a lab study as well as a retention study (five months later). The outcomes of the studies show that NoPhish helps users make better decisions with regard to the legitimacy of URLs immediately after playing NoPhish as well as after some time has passed. The focus of this paper is on the description and the evaluation of both studies. This includes findings regarding those types of URLs that are most difficult to decide on as well as ideas to further improve NoPhish. 

Item Type: Conference or Workshop Item
Erschienen: 2015
Creators: Canova, Gamze ; Volkamer, Melanie ; Bergmann, Clemens ; Reinheimer, Benjamin
Type of entry: Bibliographie
Title: NoPhish App Evaluation: Lab and Retention Study
Language: English
Date: February 2015
Publisher: Internet Society
Book Title: NDSS Workshop on Usable Security 2015
Event Location: San Diego
Abstract:

Phishing is a prevalent issue of today’s Internet. Previous approaches to counter phishing do not draw on a crucial factor to combat the threat - the users themselves. We believe user education about the dangers of the Internet is a further key strategy to combat phishing. For this reason, we developed an Android app, a game called –NoPhish–, which educates the user in the detection of phishing URLs. It is crucial to evaluate NoPhish with respect to its effectiveness and the users’ knowledge retention. Therefore, we conducted a lab study as well as a retention study (five months later). The outcomes of the studies show that NoPhish helps users make better decisions with regard to the legitimacy of URLs immediately after playing NoPhish as well as after some time has passed. The focus of this paper is on the description and the evaluation of both studies. This includes findings regarding those types of URLs that are most difficult to decide on as well as ideas to further improve NoPhish. 

Uncontrolled Keywords: Security, Usability and Society;Secure Data
Identification Number: TUD-CS-2015-0014
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > SECUSO - Security, Usability and Society
20 Department of Computer Science > Theoretical Computer Science - Cryptography and Computer Algebra
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
20 Department of Computer Science
Profile Areas
LOEWE
Date Deposited: 28 Jul 2016 18:35
Last Modified: 17 May 2018 13:02
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details