Share This Article:

Behind HumanBoost: Analysis of Users’ Trust Decision Patterns for Identifying Fraudulent Websites

Full-Text HTML Download Download as PDF (Size:369KB) PP. 319-329
DOI: 10.4236/jilsa.2012.44033    3,248 Downloads   5,353 Views   Citations

ABSTRACT

This paper analyzes users’ trust decision patterns for detecting phishing sites. Our previous work proposed HumanBoost [1] which improves the accuracy of detecting phishing sites by using users’ Past Trust Decisions (PTDs). Web users are generally required to make trust decisions whenever their personal information is requested by a website. Human-Boostassumed that a database of Web user’s PTD would be transformed into a binary vector, representing phishing or not-phishing, and the binary vector can be used for detecting phishing sites, similar to the existing heuristics. Here, this paper explores the types of the users whose PTDs are useful by running a subject experiment, where 309 participants- browsed 40 websites, judged whether the site appeared to be a phishing site, and described the criterion while assessing the credibility of the site. Based on the result of the experiment, this paper classifies the participants into eight groups by clustering approach and evaluates the detection accuracy for each group. It then clarifies the types of the users who can make suitable trust decisions for HumanBoost.

Conflicts of Interest

The authors declare no conflicts of interest.

Cite this paper

D. Miyamoto, H. Hazeyama, Y. Kadobayashi and T. Takahashi, "Behind HumanBoost: Analysis of Users’ Trust Decision Patterns for Identifying Fraudulent Websites," Journal of Intelligent Learning Systems and Applications, Vol. 4 No. 4, 2012, pp. 319-329. doi: 10.4236/jilsa.2012.44033.

References

[1] D. Miyamoto, H. Hazeyama and Y. Kadobayashi, “HumanBoost: Utilization of Users’ Past Trust Decision for Identifying Fraudulent Websites,” Journal of Intelligent Learning Systems and Applications, Vol. 2, No. 4, 2010, pp.190-199. doi:10.4236/jilsa.2010.24022
[2] Y. Freund and R. E. Schapire, “A Decision-Theoretic Generalization of On-Line Learning and an Application to Boosting,” Journal of Computer and System Science, Vol. 55, No. 1, 1997, pp. 119-139.
[3] S. Sheng, B. Wardman, G. Warner, L. F. Cranor, J. Hong and C. Zhang, “An Empirical Analysis of Phishing Blacklists,” 2009. http://ceas.cc/2009/main.shtml
[4] Y. Zhang, J. Hong and L. Cranor, “CANTINA: A Content-Based Approach to Detect Phishing Web Sites,” Proceedings of the 16th World Wide Web Conference, Banff, 8-12 May 2007, pp. 649-656. doi:10.1145/1242572.1242659
[5] D. Miyamoto, H. Hazeyama and Y. Kadobayashi, “An Evaluation of Machine Learning-based Methods for Detection of Phishing Sites,” Australian Journal of Intelligent Information Processing Systems, Vol. 10, No. 2, 2008, pp. 54-63.
[6] OpenDNS, “PhishTank—Join the Fight against Phishing.” http://www.phishtank.com.
[7] M. Wu, R. C. Miller and S. L. Garnkel, “Do SecurityToolbars Actually Prevent Phishing Attacks?” Proceedings of Conference on Human Factors in Computing Systems, New York, 22-27 April 2006.
[8] P. Kumaraguru, Y. Rhee, A. Acquisti, L. F. Cranor, J. I. Hong and E. Nunge, “Protecting People from Phishing: The Design and Evaluation of an Embedded Training Email System,” Proceedings of Conference on Human Factors in Computing Systems, San Jose, 27 April-3 May 2007, pp. 905-914.
[9] R. Dhamija, J. D. Tygar and M. A. Hearst, “Why Phishing Works,” Proceedings of Conference on Human Factors in Computing Systems, New York, 22-27 April 2006, pp. 581-590.
[10] B. J. Fogg, L. Marable, J. Stanford and E. R. Tauber, “How Do People Evaluate a Web Site’s Credibility? Results from a Large Study,” Technical Report, Stanford, 2002.
[11] R. Biddle, P. C. van Oorschot, A. S. Patrick, J. Sobey and T. Whalen, “Browser Interfaces and Extended Validation ssl Certificates: An Empirical Study,” Proceedings of the 2009 ACM Workshop on Cloud Computing Security, New York, 9-13 November 2009, pp. 19-30.
[12] A. P. Dempster, N. Laird and D. Rubin, “Maximum Likelihood from Incomplete Data via the EM Algorithm,” Journal of the Royal Statistical Society Series, Vol. 39, No. 1, 1977, pp. 1-38.
[13] G. E. Schwarz, “Estimating the Dimension of a Model,” Annals of Statistics, Vol. 6, No. 2, 1978, pp. 461-464. doi:10.1214/aos/1176344136

  
comments powered by Disqus

Copyright © 2018 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.