dc.contributor.author | Arora, Manisha | |
dc.date.accessioned | 2017-02-10T18:43:34Z | |
dc.date.available | 2017-02-10T18:43:34Z | |
dc.date.issued | 2017-02-10T18:43:34Z | |
dc.identifier.uri | http://hdl.handle.net/10222/72684 | |
dc.description.abstract | Phishing attacks and breaches in online security are increasing at a high rate, irrespective
of current security indicators which aim to warn users against those attacks. We
conducted a user study to explore and understand different strategies that users of both
technical and non-technical groups follow to determine the legitimacy of websites and
emails on their own laptops. We showed websites to all the participants and e-mails to
half of them and asked them to determine their legitimacy. This observation session was
screen and video recorded. A post-observation questionnaire and semi-structured
interview gave us a better understanding of the knowledge and reasons of participants for
looking at security cues while making decisions. Based on our results, 67.3% of the
phishing websites were correctly identified by our participants on an average (79.2%
technical, 55.4% non-technical). While our results were mostly in line with prior
research, our use of participants’ laptops uncovered a strategy not previously reported.
We found that some participants check to see if they are logged in to the website or not to
determine its legitimacy, which they can only see while using their own laptops. During
our observation, we also identified some differences in the strategies applied by technical
and non-technical participants. 50% of our participants who visited websites through emails
decided about their legitimacy based on the trustworthiness of e-mail. Based on our
findings, we provide recommendations that might improve the design of security cues
and thus help users in identifying phishing websites more effectively. | en_US |
dc.language.iso | en | en_US |
dc.subject | Legitimate | en_US |
dc.subject | Web sites | en_US |
dc.subject | User Strategies | en_US |
dc.subject | Security Cues | en_US |
dc.title | EXPLORING USER STRATEGIES IN DETERMINING TRUSTWORTHINESS OF WEBSITES | en_US |
dc.type | Thesis | en_US |
dc.date.defence | 2017-02-02 | |
dc.contributor.department | Faculty of Computer Science | en_US |
dc.contributor.degree | Master of Computer Science | en_US |
dc.contributor.external-examiner | n/a | en_US |
dc.contributor.graduate-coordinator | Dr. Malcolm Heywood | en_US |
dc.contributor.thesis-reader | Dr. Derek Reilly | en_US |
dc.contributor.thesis-reader | Dr. Raghav Sampangi | en_US |
dc.contributor.thesis-supervisor | Dr. Kirstie Hawkey | en_US |
dc.contributor.thesis-supervisor | Dr. Srinivas Sampalli | en_US |
dc.contributor.ethics-approval | Received | en_US |
dc.contributor.manuscripts | Not Applicable | en_US |
dc.contributor.copyright-release | Not Applicable | en_US |