CyberPhishing: A game-based platform for phishing awareness testing

Matthew L. Hale, Rose F. Gamble, Philip Gamble

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)

Abstract

Phishing attacks sap billions of dollars annually from unsuspecting individuals while compromising individual privacy. Companies and privacy advocates seek ways to better educate the populace against such attacks. Current approaches examining phishing include test-based techniques that ask subjects to classify content as phishing or not and inthe- wild techniques that directly observe subject behavior through distribution of faked phishing attacks. Both approaches have issues. Test-based techniques produce less reliable data since subjects may adjust their behavior with the expectation of seeing phishing stimuli, while in-the-wild studies can put subjects at risk through lack of consent or exposure of data. This paper examines a third approach that seeks to incorporate game-based learning techniques to combine the realism of in-thewild approaches with the training features of testing approaches. We propose a three phase experiment to test our approach on our CyberPhishing simulation platform, and present the results of phase one.

Original languageEnglish (US)
Title of host publicationProceedings of the 48th Annual Hawaii International Conference on System Sciences, HICSS 2015
EditorsRalph H. Sprague, Tung X. Bui
PublisherIEEE Computer Society
Pages5260-5269
Number of pages10
ISBN (Electronic)9781479973675
DOIs
StatePublished - Mar 26 2015
Event48th Annual Hawaii International Conference on System Sciences, HICSS 2015 - Kauai, United States
Duration: Jan 5 2015Jan 8 2015

Publication series

NameProceedings of the Annual Hawaii International Conference on System Sciences
Volume2015-March
ISSN (Print)1530-1605

Other

Other48th Annual Hawaii International Conference on System Sciences, HICSS 2015
CountryUnited States
CityKauai
Period1/5/151/8/15

Fingerprint

Testing
Industry
Experiments

ASJC Scopus subject areas

  • Engineering(all)

Cite this

Hale, M. L., Gamble, R. F., & Gamble, P. (2015). CyberPhishing: A game-based platform for phishing awareness testing. In R. H. Sprague, & T. X. Bui (Eds.), Proceedings of the 48th Annual Hawaii International Conference on System Sciences, HICSS 2015 (pp. 5260-5269). [7070447] (Proceedings of the Annual Hawaii International Conference on System Sciences; Vol. 2015-March). IEEE Computer Society. https://doi.org/10.1109/HICSS.2015.670

CyberPhishing : A game-based platform for phishing awareness testing. / Hale, Matthew L.; Gamble, Rose F.; Gamble, Philip.

Proceedings of the 48th Annual Hawaii International Conference on System Sciences, HICSS 2015. ed. / Ralph H. Sprague; Tung X. Bui. IEEE Computer Society, 2015. p. 5260-5269 7070447 (Proceedings of the Annual Hawaii International Conference on System Sciences; Vol. 2015-March).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Hale, ML, Gamble, RF & Gamble, P 2015, CyberPhishing: A game-based platform for phishing awareness testing. in RH Sprague & TX Bui (eds), Proceedings of the 48th Annual Hawaii International Conference on System Sciences, HICSS 2015., 7070447, Proceedings of the Annual Hawaii International Conference on System Sciences, vol. 2015-March, IEEE Computer Society, pp. 5260-5269, 48th Annual Hawaii International Conference on System Sciences, HICSS 2015, Kauai, United States, 1/5/15. https://doi.org/10.1109/HICSS.2015.670
Hale ML, Gamble RF, Gamble P. CyberPhishing: A game-based platform for phishing awareness testing. In Sprague RH, Bui TX, editors, Proceedings of the 48th Annual Hawaii International Conference on System Sciences, HICSS 2015. IEEE Computer Society. 2015. p. 5260-5269. 7070447. (Proceedings of the Annual Hawaii International Conference on System Sciences). https://doi.org/10.1109/HICSS.2015.670
Hale, Matthew L. ; Gamble, Rose F. ; Gamble, Philip. / CyberPhishing : A game-based platform for phishing awareness testing. Proceedings of the 48th Annual Hawaii International Conference on System Sciences, HICSS 2015. editor / Ralph H. Sprague ; Tung X. Bui. IEEE Computer Society, 2015. pp. 5260-5269 (Proceedings of the Annual Hawaii International Conference on System Sciences).
@inproceedings{fc0b83cf571940d4bbbbabd46aeb7874,
title = "CyberPhishing: A game-based platform for phishing awareness testing",
abstract = "Phishing attacks sap billions of dollars annually from unsuspecting individuals while compromising individual privacy. Companies and privacy advocates seek ways to better educate the populace against such attacks. Current approaches examining phishing include test-based techniques that ask subjects to classify content as phishing or not and inthe- wild techniques that directly observe subject behavior through distribution of faked phishing attacks. Both approaches have issues. Test-based techniques produce less reliable data since subjects may adjust their behavior with the expectation of seeing phishing stimuli, while in-the-wild studies can put subjects at risk through lack of consent or exposure of data. This paper examines a third approach that seeks to incorporate game-based learning techniques to combine the realism of in-thewild approaches with the training features of testing approaches. We propose a three phase experiment to test our approach on our CyberPhishing simulation platform, and present the results of phase one.",
author = "Hale, {Matthew L.} and Gamble, {Rose F.} and Philip Gamble",
year = "2015",
month = "3",
day = "26",
doi = "10.1109/HICSS.2015.670",
language = "English (US)",
series = "Proceedings of the Annual Hawaii International Conference on System Sciences",
publisher = "IEEE Computer Society",
pages = "5260--5269",
editor = "Sprague, {Ralph H.} and Bui, {Tung X.}",
booktitle = "Proceedings of the 48th Annual Hawaii International Conference on System Sciences, HICSS 2015",

}

TY - GEN

T1 - CyberPhishing

T2 - A game-based platform for phishing awareness testing

AU - Hale, Matthew L.

AU - Gamble, Rose F.

AU - Gamble, Philip

PY - 2015/3/26

Y1 - 2015/3/26

N2 - Phishing attacks sap billions of dollars annually from unsuspecting individuals while compromising individual privacy. Companies and privacy advocates seek ways to better educate the populace against such attacks. Current approaches examining phishing include test-based techniques that ask subjects to classify content as phishing or not and inthe- wild techniques that directly observe subject behavior through distribution of faked phishing attacks. Both approaches have issues. Test-based techniques produce less reliable data since subjects may adjust their behavior with the expectation of seeing phishing stimuli, while in-the-wild studies can put subjects at risk through lack of consent or exposure of data. This paper examines a third approach that seeks to incorporate game-based learning techniques to combine the realism of in-thewild approaches with the training features of testing approaches. We propose a three phase experiment to test our approach on our CyberPhishing simulation platform, and present the results of phase one.

AB - Phishing attacks sap billions of dollars annually from unsuspecting individuals while compromising individual privacy. Companies and privacy advocates seek ways to better educate the populace against such attacks. Current approaches examining phishing include test-based techniques that ask subjects to classify content as phishing or not and inthe- wild techniques that directly observe subject behavior through distribution of faked phishing attacks. Both approaches have issues. Test-based techniques produce less reliable data since subjects may adjust their behavior with the expectation of seeing phishing stimuli, while in-the-wild studies can put subjects at risk through lack of consent or exposure of data. This paper examines a third approach that seeks to incorporate game-based learning techniques to combine the realism of in-thewild approaches with the training features of testing approaches. We propose a three phase experiment to test our approach on our CyberPhishing simulation platform, and present the results of phase one.

UR - http://www.scopus.com/inward/record.url?scp=84944195138&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84944195138&partnerID=8YFLogxK

U2 - 10.1109/HICSS.2015.670

DO - 10.1109/HICSS.2015.670

M3 - Conference contribution

AN - SCOPUS:84944195138

T3 - Proceedings of the Annual Hawaii International Conference on System Sciences

SP - 5260

EP - 5269

BT - Proceedings of the 48th Annual Hawaii International Conference on System Sciences, HICSS 2015

A2 - Sprague, Ralph H.

A2 - Bui, Tung X.

PB - IEEE Computer Society

ER -