COSTECH Integrated Repository

An Empirical Approach to Phishing Countermeasures Through Smart Glasses and Validation Agents

Show simple item record

dc.creator Ndibwile, Jema David
dc.creator Luhanga, Edith T.
dc.creator Fall, Doudou
dc.creator Miyamoto, Daisuke
dc.creator Blanc, Gregory
dc.date 2020-03-03T11:53:47Z
dc.date 2020-03-03T11:53:47Z
dc.date 2019-09-10
dc.date.accessioned 2022-10-25T09:15:47Z
dc.date.available 2022-10-25T09:15:47Z
dc.identifier 10.1109/ACCESS.2019.2940669
dc.identifier http://dspace.nm-aist.ac.tz/handle/123456789/591
dc.identifier.uri http://hdl.handle.net/123456789/94597
dc.description This research article published by IEEE, Volume: 7, 2019
dc.description Phishing attacks have been persistent for more than two decades despite mitigation efforts from academia and industry. We believe that users fall victim to attacks not only because of lack of knowledge and awareness, but also because they are not attentive enough to security indicators and visual abnormalities on the webpages they visit. This is also probably why smart device users, who have more limited screen size and device capabilities compared to desktop users, are three times more likely to fall victim to phishing attacks. To assert our claim, we first investigated general phishing awareness among different groups of smartphone users. We then used smart eyeglasses (electro-oculographic) to experimentally measure the mental effort and vigilance exhibited by users while surfing a website and while playing an Android phishing game that we developed. The results showed that knowledge and awareness about phishing do not seem to have a significant impact on security behaviours, as knowledgeable participants exhibited insecure behaviours such as opening email attachments from unfamiliar senders. However, attentiveness was important as even participants with low cybersecurity knowledge could effectively identify attacks if they were reasonably attentive. Based on these results, we asserted that users are more likely to continue falling victim to phishing attacks due to insecure behaviours, unless tools to lessen the identification burden are provided. We thus recommended implementing a lightweight algorithm into a custom Android browser for detecting phishing sites deceptively without a user interaction. We used fake login credentials as validation agents and monitor the destination server HTTP responses to determine the authenticity of a webpage. We also presented initial evaluation results of this algorithm.
dc.format application/pdf
dc.language en
dc.publisher IEEE
dc.subject Social engineering
dc.subject Smart glasses
dc.subject Mobile devices
dc.subject Deceptive login
dc.subject Android browser
dc.subject Electro-oculographic
dc.subject Cybersecurity psychology
dc.title An Empirical Approach to Phishing Countermeasures Through Smart Glasses and Validation Agents
dc.type Article


Files in this item

Files Size Format View
JA_CoCSE_2019 .pdf 1.817Mb application/pdf View/Open

This item appears in the following Collection(s)

Show simple item record

Search COSTECH


Advanced Search

Browse

My Account