I Don't Need an Expert! Making URL Phishing Features Human Comprehensible

Kholoud Althobaiti, Nicole Meng, Kami E Vaniea

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Judging the safety of a URL is something that even security experts struggle to do accurately without additional information. \changed{In this work, we aim to make experts' tools accessible to non-experts and assist general users in judging the safety of URLs by providing them with a usable report based on the information professionals use.} We designed the report by iterating with 8 focus groups made up of end users, HCI experts, and security experts to ensure that the report was usable as well as accurately interpreted the information. We also conducted an online evaluation with 153 participants to compare different report-length options. We find that the longer comprehensive report allows users to accurately judge URL safety (93% accurate) and that summaries still provide benefit (83% accurate) compared to domain highlighting (65\% accurate).
Original languageEnglish
Title of host publicationProceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '21)
PublisherAssociation for Computing Machinery (ACM)
Pages1-17
Number of pages17
ISBN (Electronic)9781450380966
DOIs
Publication statusPublished - 6 May 2021
EventThe ACM CHI Conference on Human Factors in Computing Systems 2021 - Virtual Conference, Japan
Duration: 8 May 202113 May 2021
https://chi2021.acm.org/

Conference

ConferenceThe ACM CHI Conference on Human Factors in Computing Systems 2021
Abbreviated titleCHI 2021
CountryJapan
CityVirtual Conference
Period8/05/2113/05/21
Internet address

Keywords

  • Phishing
  • URL reading
  • phishing awareness
  • usable privacy and security
  • real-time learning
  • security education
  • decision support

Fingerprint

Dive into the research topics of 'I Don't Need an Expert! Making URL Phishing Features Human Comprehensible'. Together they form a unique fingerprint.

Cite this