<p>Phishing attacks remain a significant security threat. One approach to addressing this challenge is through personalized and adaptive anti-phishing training solutions capable of tailoring learning experiences to individual needs and context. This requires cognitive models that are predictive of individual phishing responses and are amenable to analyzing and measuring the cognitive factors underlying people’s susceptibility to phishing attacks. In this paper, we study a key challenge associated with developing cognitive models of phishing decision-making grounded in instance-based learning theory (IBLT): instance engineering. We investigate the effectiveness of different approaches to designing instances using transformer-based methods for natural language representation. This work also investigates which aspects of phishing decision-making IBL models could represent and predict. We found that using representations that consider contextual meanings assigned by humans could enable cognitive agents to predict human responses to phishing emails with high accuracy. In particular, we also found that the IBL models were predictive of the responses of participants who participated in the quick and intuitive form of the decision-making process. This work underscores cognitive models’ potential to analyze differences in individual’s responses to phishing attacks, identify gaps in security awareness, and enhance anti-phishing training effectiveness.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Analyzing instance representation in cognitive models of phishing decision-making

  • Tianhao Xu,
  • Prashanth Rajivan

摘要

Phishing attacks remain a significant security threat. One approach to addressing this challenge is through personalized and adaptive anti-phishing training solutions capable of tailoring learning experiences to individual needs and context. This requires cognitive models that are predictive of individual phishing responses and are amenable to analyzing and measuring the cognitive factors underlying people’s susceptibility to phishing attacks. In this paper, we study a key challenge associated with developing cognitive models of phishing decision-making grounded in instance-based learning theory (IBLT): instance engineering. We investigate the effectiveness of different approaches to designing instances using transformer-based methods for natural language representation. This work also investigates which aspects of phishing decision-making IBL models could represent and predict. We found that using representations that consider contextual meanings assigned by humans could enable cognitive agents to predict human responses to phishing emails with high accuracy. In particular, we also found that the IBL models were predictive of the responses of participants who participated in the quick and intuitive form of the decision-making process. This work underscores cognitive models’ potential to analyze differences in individual’s responses to phishing attacks, identify gaps in security awareness, and enhance anti-phishing training effectiveness.