Remote work due to the COVID-19 pandemic is expected to be the new normal, suggesting a situation where people use their personal computers at home for several activities like reading emails, surfing the web, chatting with friends. While doing this, users are not focused on securing their systems and they often do not have the skills and knowledge to defend against cybercrime. In this paper, we present the design and the evaluation of a novel interface that warns users against phishing attacks. This interface looks like the ones shown by browsers like Chrome and Firefox when opening a suspicious phishing website, but it includes information that explains the reasons why the website might be a scam. Such explanations are based on website features commonly used by AI-based systems to classify a website as phishing or not and aim to help users detecting phishing websites. To ensure a high understandability and effectiveness of the explanations, the C-HIP model was adopted to design such messages, which have been iteratively refined performing a static analysis of their comprehension, sentiment, and readability.
Help the User Recognize a Phishing Scam: Design of Explanation Messages in Warning Interfaces for Phishing Attacks / Aneke, J.; Ardito, C.; Desolda, G. (LECTURE NOTES IN COMPUTER SCIENCE). - In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)GEWERBESTRASSE 11, CHAM, CH-6330, SWITZERLAND : Springer Science and Business Media Deutschland GmbH, 2021. - ISBN 9783030773915. - pp. 403-416 [10.1007/978-3-030-77392-2_26]
Help the User Recognize a Phishing Scam: Design of Explanation Messages in Warning Interfaces for Phishing Attacks
Ardito C.;
2021
Abstract
Remote work due to the COVID-19 pandemic is expected to be the new normal, suggesting a situation where people use their personal computers at home for several activities like reading emails, surfing the web, chatting with friends. While doing this, users are not focused on securing their systems and they often do not have the skills and knowledge to defend against cybercrime. In this paper, we present the design and the evaluation of a novel interface that warns users against phishing attacks. This interface looks like the ones shown by browsers like Chrome and Firefox when opening a suspicious phishing website, but it includes information that explains the reasons why the website might be a scam. Such explanations are based on website features commonly used by AI-based systems to classify a website as phishing or not and aim to help users detecting phishing websites. To ensure a high understandability and effectiveness of the explanations, the C-HIP model was adopted to design such messages, which have been iteratively refined performing a static analysis of their comprehension, sentiment, and readability.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
