Authors:
Yi Li
1
;
Kaiqi Xiong
1
and
Xiangyang Li
2
Affiliations:
1
Intelligent Computer Networking and Security Lab, University of South Florida, Tampa and U.S.A.
;
2
Johns Hopkins University, Baltimore and U.S.A.
Keyword(s):
User Behaviors, Phishing Email, Machine Learning, Amazon Mechanical Turk.
Related
Ontology
Subjects/Areas/Topics:
Data and Application Security and Privacy
;
Human Factors and Human Behaviour Recognition Techniques
;
Information and Systems Security
;
Information Assurance
;
Security and Privacy in Social Networks
Abstract:
Understanding user behaviors plays an important role in security situation assessments and computer system operations. There are very challenging and limited studies on email user behaviors. To study user behaviors related with phishing emails, we design and investigate an email test platform to understand how users behave differently when they read emails, some of which are phishing. We used a set of emails including phishing emails from the real world. We collect experimental data including participants’ basic background information, time measurement, and their answers to survey questions. We first check whether or not factors such as intervention, phishing types, and incentive mechanisms play a major role in user behaviors when phishing attacks occur. We then evaluate the significance of each attribute with a performance score. The performance score is a metric demonstrating how a user makes a correct judgment on phishing while phishing attacks occur. We propose a machine learning
framework, which contains attribute reduction and 10-fold cross-validation, to predict the performance of a user based on our collected data.
(More)