Signal Detection Theory (SDT) Is Effective for Modeling User Behavior Toward Phishing and Spear-Phishing Attacks. (December 2018)
- Record Type:
- Journal Article
- Title:
- Signal Detection Theory (SDT) Is Effective for Modeling User Behavior Toward Phishing and Spear-Phishing Attacks. (December 2018)
- Main Title:
- Signal Detection Theory (SDT) Is Effective for Modeling User Behavior Toward Phishing and Spear-Phishing Attacks
- Authors:
- Martin, Jaclyn
Dubé, Chad
Coovert, Michael D. - Abstract:
- Objective: To examine the utility of equal-variance signal detection theory (EVSDT) for evaluating and understanding human detection of phishing and spear-phishing e-mail scams. Background: Although the majority of cybersecurity breaches are due to erroneous responses to deceptive phishing e-mails, it is unclear how best to quantify performance in this context. In particular, it is unclear whether equal variances can safely be assumed in the SDT model, or, relatedly, whether degree of targeting, or threat level, primarily affects mean separation or evidence variability. Method: Through an online inbox simulation, the present research found that differences in susceptibility to phishing and spear-phishing e-mails could be carefully quantified with respect to detection accuracy and response bias through the use of an EVSDT framework. Results: The results indicated that EVSDT-based point metrics are effective for modeling and measuring phishing susceptibility in the inbox task, without the need for parameter estimation or model comparison involving unequal-variance SDT (UVSDT). Threat level modulated mean separation, with no effects on signal variances. Conclusion: These findings support the viability of using EVSDT to initially assess and subsequently monitor training effectiveness for phishing susceptibility, thereby providing measures that are superior to more intuitive metrics, which typically confound an individual's bias and accuracy. Effects of threat level mappedObjective: To examine the utility of equal-variance signal detection theory (EVSDT) for evaluating and understanding human detection of phishing and spear-phishing e-mail scams. Background: Although the majority of cybersecurity breaches are due to erroneous responses to deceptive phishing e-mails, it is unclear how best to quantify performance in this context. In particular, it is unclear whether equal variances can safely be assumed in the SDT model, or, relatedly, whether degree of targeting, or threat level, primarily affects mean separation or evidence variability. Method: Through an online inbox simulation, the present research found that differences in susceptibility to phishing and spear-phishing e-mails could be carefully quantified with respect to detection accuracy and response bias through the use of an EVSDT framework. Results: The results indicated that EVSDT-based point metrics are effective for modeling and measuring phishing susceptibility in the inbox task, without the need for parameter estimation or model comparison involving unequal-variance SDT (UVSDT). Threat level modulated mean separation, with no effects on signal variances. Conclusion: These findings support the viability of using EVSDT to initially assess and subsequently monitor training effectiveness for phishing susceptibility, thereby providing measures that are superior to more intuitive metrics, which typically confound an individual's bias and accuracy. Effects of threat level mapped clearly onto distribution means with no effect on variances, suggesting phishing susceptibility primarily reflects temporally stable discriminative characteristics of observers. Notably, results indicated that people are particularly poor at identifying spear-phishing e-mail threats (demonstrating only 40% accuracy). … (more)
- Is Part Of:
- Human factors. Volume 60:Number 8(2018)
- Journal:
- Human factors
- Issue:
- Volume 60:Number 8(2018)
- Issue Display:
- Volume 60, Issue 8 (2018)
- Year:
- 2018
- Volume:
- 60
- Issue:
- 8
- Issue Sort Value:
- 2018-0060-0008-0000
- Page Start:
- 1179
- Page End:
- 1191
- Publication Date:
- 2018-12
- Subjects:
- decision making -- cognition -- personality -- signal detection theory -- cybersecurity -- human-computer interaction -- computer systems
Human engineering -- Periodicals
620.82 - Journal URLs:
- http://hfs.sagepub.com/ ↗
http://www.sagepublications.com/ ↗ - DOI:
- 10.1177/0018720818789818 ↗
- Languages:
- English
- ISSNs:
- 0018-7208
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 8750.xml