|
- A Phishing Study with Real Mechanical Turk Users
- Modeling and Simulation of Cognition in Phishing Detection
A Phishing Study with Real Mechanical Turk Users
|
|
In Fall 2017 a user study of phishing email detection was deployed and conducted on Amazon Mechanical Turk. Each participant interacted with Roundcube, an open source webmail system, to classify a set of 40 emails into either legitimate or phishing categories. Detailed behavioral information was collected of these participants, including every action taken on the web user interface in completing requested tasks.
In a multitasking context, a subset of these participants was asked to solve problems being presented concurrently with these emails, by an embedded Qualtrics iframe.
Moreover, as an incentive mechanism, some of these participants would receive additional tiered monetary rewards if they achieved accuracies as required. Information on design and implementation of this user study and all the logged user behavior data are available below for download.
|
To start, you can review a paper on the overall user study and some preliminary results. [link]
|
Design and implementation of this user study platform can be found at this document. [link]
|
Description of the 40 emails used in this user study can be found here. [link]
|
The set of Qualtrics questions used for multi-tasking experiments can be found here. [link]
|
The log files of 177 participants who have completed the user study are in this zip file. [link]
|
Captured information is explained here. [link]
Modeling and Simulation of Cognition in Phishing Detection
|
|
A simulation has been developed to model participants classifying emails controlled by a cognitive chunk activation mechanism similar to that in the ACT-R architecture. You are encouraged to first review a paper on this simulation study.
|
The code in python used for this simulation study can be downloaded here. [link]
|
The information cues and the associated 40 emails used for simulation is available here. [link]
Note:
Any opinions, findings and conclusions or recommendations expressed on this web site are those of the author(s) and do not necessarily reflect the views of the National Science Foundation (NSF).
|