Author(s)

Daisuke Miyamoto, Hiroaki Hazeyama, Youki Kadobayashi

.

This paper presents HumanBoost, an approach that aims at improving the accuracy of detecting so-called phishing sites by utilizing users’ past trust decisions (PTDs). Web users are generally required to make trust decisions whenever their personal information is requested by a website. We assume that a database of user PTDs would be transformed into a binary vector, representing phishing or not-phishing, and the binary vector can be used for detecting phishing sites, similar to the existing heuristics. For our pilot study, in November 2007, we invited 10 participants and performed a subject experiment. The participants browsed 14 simulated phishing sites and six legitimate sites, and judged whether or not the site appeared to be a phishing site. We utilize participants’ trust decisions as a new heuristic and we let AdaBoost incorporate it into eight existing heuristics. The results show that the average error rate for HumanBoost was 13.4%, whereas for participants it was 19.0% and for AdaBoost 20.0%. We also conducted two follow-up studies in March 2010 and July 2010, observed that the average error rate for HumanBoost was below the others. We therefore conclude that PTDs are available as new heuristics, and HumanBoost has the potential to improve detection accuracy for Web user.

Phishing, Personalization, AdaBoost, Trust Decision

D. Miyamoto, H. Hazeyama and Y. Kadobayashi, "HumanBoost: Utilization of Users’ Past Trust Decision for Identifying Fraudulent Websites," Journal of Intelligent Learning Systems and Applications, Vol. 2 No. 4, 2010, pp. 190-199. doi: 10.4236/jilsa.2010.24022.