Loading...
Paper Number
1132
Paper Type
Short
Description
Malicious web content includes phishing emails, social media posts, and websites that imitate legitimate sites. Phishing attacks are rising, and human-centered phishing risk mitigation is often an afterthought eclipsed by technical system-centric efforts like firewalls. Training tools can be deployed for combating phishing but often lack sufficient labeled training content. Using signal detection theory, this paper assesses the feasibility of using citizen science and crowdsourcing volunteers to label images for use in cybersecurity training tools. Crowd volunteer performance was compared to gold standard content and prior studies of Fortune 500 company employees. Findings show no significant statistical differences between crowd volunteers and corporate employees' performance on gold standard content in identifying phishing. Based on these findings, citizen scientists can be valuable for generating annotated images for cybersecurity training tools.
Recommended Citation
Ahuja, Vinod Kumar; Rosser, Holly K.; Grover, Andrea; and Hale, Matthew, "Phish Finders: Improving Cybersecurity Training Tools Using Citizen Science" (2022). ICIS 2022 Proceedings. 1.
https://aisel.aisnet.org/icis2022/security/security/1
Phish Finders: Improving Cybersecurity Training Tools Using Citizen Science
Malicious web content includes phishing emails, social media posts, and websites that imitate legitimate sites. Phishing attacks are rising, and human-centered phishing risk mitigation is often an afterthought eclipsed by technical system-centric efforts like firewalls. Training tools can be deployed for combating phishing but often lack sufficient labeled training content. Using signal detection theory, this paper assesses the feasibility of using citizen science and crowdsourcing volunteers to label images for use in cybersecurity training tools. Crowd volunteer performance was compared to gold standard content and prior studies of Fortune 500 company employees. Findings show no significant statistical differences between crowd volunteers and corporate employees' performance on gold standard content in identifying phishing. Based on these findings, citizen scientists can be valuable for generating annotated images for cybersecurity training tools.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
06-Security