Abstract
Anti-phishing systems are developed to prevent users from interacting with fraudulent websites. However these tools are ineffective since users often disregard their warnings. We present a design science-based assessment of interface design elements for such systems. An extensive taxonomy of important design elements is constructed. A survey is used to evaluate the perceived saliency of various elements encompassed in the taxonomy. The results suggest preferred design elements are in line with efficient information processing of human vision, and indicate that existing tools often fail to consider users’ preferences regarding warning design alternatives. The results of users’ preference also show the presence of a subset of design elements that could potentially be customized for the population of our sample and others that could be personalized. These findings are being applied in an NSF-supported project, in which we evaluate the impact of customized and personalized warnings on user performance.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Abbasi, A., Chen, H.: A Comparison of Tools for Detecting Fake Websites. IEEE Computer 42(10), 78–86 (2009)
Abbasi, A., Zhang, Z., Zimbra, D., Chen, H., Nunamaker Jr., J.F.: Detecting Fake Websites: The Contribution of Statistical Learning Theory. MIS Quarterly 34(3), 435–461 (2010)
Amer, T.S., Maris, J.B.: Signal Words and Signal Icons in Application Control and Information Technology Exception Messages—Hazard Matching and Habituation Effects. Journal of Information Systems 21(2), 1–26 (2007)
Cranor, L.F.: A framework for Reasoning about the Human in the Loop. In: Proc. of 1st Con. on Usability, Psychology, and Security, pp. 1–15. USENIX Association, Berkeley (2008)
Csikszentmihalyi, M.: Finding Flow: The Psychology of Engagement in Everyday Life. Basic Book, New York (1997)
Desaulniers, D.R.: Layout, Organization, and the Effectiveness of Consumer Product Warnings. In: Proc. Human Factors Society 31st Annual Meeting, Santa Monica, CA, pp. 50–60 (1987)
Dhamija, R., Tygar, J.D., Hearst, M.: Why Phishing Works. In: Proceedings of the ACM Conference on Computer Human Interaction, Montreal, Quebec, pp. 581–590 (2006)
Edworthy, J.: The Design and Implementation of Non-Verbal Auditory Warnings. Applied Ergonomics 25(4), 202–210 (1994)
Edworthy, J.: Warnings and Hazards: An Integrative Approach to Warnings Research. International Journal of Cognitive Ergonomics 2(1/2), 3–18 (1998)
Gyongyi, Z., Garcia-Molina, H.: Spam: It’s not Just for Inboxes Anymore. IEEE Computer 389(10), 28–34 (2005)
Herzberg, A., Jbara, A.: Security and Identification Indicators for Browsers Against Spoofing and Phishing Attacks. ACM Transactions on Internet Technology 8(4), article #16 (2008)
Hevner, A.R., March, S.T., Park, J., Ram, S.: Design Science in Information Systems Research. MIS Quarterly 28(1), 75–105 (2004)
Iwasaki, M., Inomara, H.: Relation between Superficial Capillaries and Foveal Structures in the Human Retina. Investigative Ophthalmology & Visual Science 27, 1698–1705 (1986)
Jacobs, S., Nathans, J.: The Evolution of Primate Color Vision. Scientific America, 32–39 (April 2009)
Johnson, J.: Designing with the Mind in Mind. Morgan Kaufmann Publishers, Burlington (2010)
Kahl, R. (ed.): Selected Writings of Herman Von Hemlholtz. Wesleyan University Press, Middleton (1971)
Li, L., Helenius, M.: Usability Evaluation of Anti-Phishing Toolbars. Journal in Computer Virology 3(2), 163–184 (2007)
March, S.T., Smith, G.: Design and Natural Science Research on Information Technology. Decision Support Systems 15(4), 251–266 (1995)
Markus, M.L., Majchrzak, A., Gasser, L.: A Design Theory for Systems that Support Emergent Knowledge Processes. MIS Quarterly 26(3), 179–212 (2002)
McCrickard, D.S., Chewar, C.M., Somervell, J.P., Ndiwalana, A.: A Model for Notification Systems Evaluation—Assessing User Goals for Multitasking Activity. ACM Transactions on CHI 10(4), 312–338 (2003)
McFarlane, D.C., Latorella, K.A.: The Scope and Importance of Human Interruption in Human–Computer Interaction Design. Human-Computer Interaction 17(1), 1–61 (2002)
Monaghan, S., Blaszczynski, A.: Electronic Gaming Machine Warning Messages: Information versus Self-Evaluation. The Journal of Psychology 144(1), 83–96 (2010)
Obermayer, R.W., Nugent, W.A.: Human-Computer Interaction for Alert Warning and Attention Allocation Systems of the Multi-Modal Watchstation. In: Proceedings of the International Society for Optical Engineering (SPIE), Bellingham, WA, pp. 14–22 (2000)
Osterberg, G.: Topography of the Layer of Rods and Cones in the Human Retina. Acta Ophthalmoogica Supplement 13(6), 1–102 (1935)
Patterson, R.D., Mayfield, T.F.: Auditory Warning Sounds in the Work Environment [and Discussion]. Philosophical Transactions of the Royal Society of London. Series B, Biological Sciences 327(1241), 485–492 (1990)
Rogers, W.A., Lamson, N., Rousseau, G.K.: Warning Research: An Integrative Perspective. Human Factors: J. Human Factors and Ergonomics Society 42(1), 102–139 (2000)
Roorda, A., Williams, D.R.: The Arrangement of the three Cone Classes in the Living Human Eye. Nature 397, 520–522 (1999)
Silver, N.C., Leonard, D.C., Ponsi, K.A., Wogalter, M.S.: Warnings and Purchase Intention for Pre-Control Products. Forensic Reports 4, 17–33 (1991)
Smith, S.M., Fabrigar, L.R., Powell, D.M., Estrada, M.-J.: The Role of Information-Processing Capacity and Goals in Attitude-Congruent Selective Exposure Effects. Pers. Soc. Psychol. Bull. 33(7), 948–960 (2007)
Song, J., Zahedi, F.M.: A Theoretical Approach to Web Design in E-Commerce: A Belief Reinforcement Model. Management Science 51(8), 1219–1235 (2005)
Tam, K.Y., Ho, S.Y.: Understanding the Impact of Web Personalization on User Information Processing and Decision Outcomes. MIS Quarterly 30(4), 865–890 (2006)
Walls, J.G., Widmeyer, G.R., El Sawy, O.A.: Building an Information System Design Theory for Vigilant EIS. Information Systems Research 3(1), 36–59 (1992)
Wandell, B.A.: Foundations of Vision. Sinauer Associates, Sunderland (1995)
Wang, Z., Lu, L., Bovik, A.C.: Foveation Scalable Video Coding with Automatic Fixation Selection. IEEE Transactions on Image Processing 12(2), 243–254 (2003)
Wogalter, M.S. (ed.): Handbook of Warnings. Lawrence Erlbaum Associates, Mahwah (2006)
Wogalter, M.S., Conzola, V.C., Smith-Jackson, T.L.: Research-Based Guidelines for Warning Design and Evaluation. Applied Ergonomics 33(3), 219–230 (2002)
Wyszecki, G., Stiles, W.S.: Color Science: Concepts and Methods, Quantitative Data and Formulae, New York, NY. Wiley Series in Pure and Applied Optics (1982)
Wu, M., Miller, R.C., Garfunkel, S.L.: Do Security Toolbars Actually Prevent Phishing Attacks? In: Proceedings of the Conference on Human Factors in Computing Systems, Montreal, Canada, pp. 601–610 (2006)
Zahedi, F.M., Bansal, G.: Cultural Signifiers of Web Images. Journal of Management Information Systems (2011) (forthcoming)
Zhang, Y., Egelman, S., Cranor, L., Hong, J.: Phinding Phish: Evaluating Anti-phishing Tools. In: Proc. 14th Network and Distributed System Security Symposium, San Diego, CA (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, Y., Zahedi, F.(., Abbasi, A. (2011). Interface Design Elements for Anti-phishing Systems. In: Jain, H., Sinha, A.P., Vitharana, P. (eds) Service-Oriented Perspectives in Design Science Research. DESRIST 2011. Lecture Notes in Computer Science, vol 6629. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-20633-7_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-20633-7_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-20632-0
Online ISBN: 978-3-642-20633-7
eBook Packages: Computer ScienceComputer Science (R0)