• Login
    View Item 
    •   NM-AIST Home
    • Computational and Communication Science Engineering
    • Research Articles [CoCSE]
    • View Item
    •   NM-AIST Home
    • Computational and Communication Science Engineering
    • Research Articles [CoCSE]
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    An Empirical Approach to Phishing Countermeasures Through Smart Glasses and Validation Agents

    Thumbnail
    View/Open
    Full text (1.733Mb)
    Date
    2019-09-10
    Author
    Ndibwile, Jema David
    Luhanga, Edith T.
    Fall, Doudou
    Miyamoto, Daisuke
    Blanc, Gregory
    Metadata
    Show full item record
    Abstract
    Phishing attacks have been persistent for more than two decades despite mitigation efforts from academia and industry. We believe that users fall victim to attacks not only because of lack of knowledge and awareness, but also because they are not attentive enough to security indicators and visual abnormalities on the webpages they visit. This is also probably why smart device users, who have more limited screen size and device capabilities compared to desktop users, are three times more likely to fall victim to phishing attacks. To assert our claim, we first investigated general phishing awareness among different groups of smartphone users. We then used smart eyeglasses (electro-oculographic) to experimentally measure the mental effort and vigilance exhibited by users while surfing a website and while playing an Android phishing game that we developed. The results showed that knowledge and awareness about phishing do not seem to have a significant impact on security behaviours, as knowledgeable participants exhibited insecure behaviours such as opening email attachments from unfamiliar senders. However, attentiveness was important as even participants with low cybersecurity knowledge could effectively identify attacks if they were reasonably attentive. Based on these results, we asserted that users are more likely to continue falling victim to phishing attacks due to insecure behaviours, unless tools to lessen the identification burden are provided. We thus recommended implementing a lightweight algorithm into a custom Android browser for detecting phishing sites deceptively without a user interaction. We used fake login credentials as validation agents and monitor the destination server HTTP responses to determine the authenticity of a webpage. We also presented initial evaluation results of this algorithm.
    URI
    10.1109/ACCESS.2019.2940669
    http://dspace.nm-aist.ac.tz/handle/123456789/591
    Collections
    • Research Articles [CoCSE]

    Nelson Mandela-AIST copyright © 2021  DuraSpace
    Theme by 
    Atmire NV
     

     

    Browse

    All PublicationsCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    My Account

    LoginRegister

    Nelson Mandela-AIST copyright © 2021  DuraSpace
    Theme by 
    Atmire NV