Measuring the Potential for Victimization in Malicious Content

Matthew L. Hale, R. Gamble, J. Hale, M. Haney, J. Lin, C. Walter

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Sending malicious content to users for obtaining personnel, financial, or intellectual property has become a multi-billion dollar criminal enterprise. This content is primarily presented in the form of emails, social media posts, and phishing websites. User training initiatives seek to minimize the impact of malicious content through improved vigilance. Training works best when tailored to specific user deficiencies. However, tailoring training requires understanding how malicious content victimizes users. In this paper, we link a set of malicious content design factors, in the form of degradations and sophistications, to their potential to form a victimization prediction metric. The design factors examined are developed from an analysis of over 100 pieces of content from email, social media and websites. We conducted an experiment using a sample of the content and a game-based simulation platform to evaluate the efficacy of our victimization prediction metric. The experimental results and their analysis are presented as part of the evaluation.

Original languageEnglish (US)
Title of host publicationProceedings - 2015 IEEE International Conference on Web Services, ICWS 2015
EditorsHong Zhu, John A. Miller
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages305-312
Number of pages8
ISBN (Electronic)9781467380904
DOIs
Publication statusPublished - Aug 13 2015
EventIEEE International Conference on Web Services, ICWS 2015 - New York, United States
Duration: Jun 27 2015Jul 2 2015

Publication series

NameProceedings - 2015 IEEE International Conference on Web Services, ICWS 2015

Other

OtherIEEE International Conference on Web Services, ICWS 2015
CountryUnited States
CityNew York
Period6/27/157/2/15

    Fingerprint

Keywords

  • content assessment
  • maliciousness
  • metrics
  • phishing
  • trust
  • trust factors
  • user training
  • victimization

ASJC Scopus subject areas

  • Computer Science Applications
  • Human-Computer Interaction
  • Computer Networks and Communications

Cite this

Hale, M. L., Gamble, R., Hale, J., Haney, M., Lin, J., & Walter, C. (2015). Measuring the Potential for Victimization in Malicious Content. In H. Zhu, & J. A. Miller (Eds.), Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015 (pp. 305-312). [7195583] (Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICWS.2015.49