Title :
On identifying phishing emails: Uncertainty in machine and human judgment
Author :
Stuart, Lauren M. ; Gilchan Park ; Talor, Julia M. ; Raskin, Victor
Author_Institution :
CERIAS (Center for Educ. & Res. in Inf. Assurance & Security), West Lafayette, IN, USA
Abstract :
A phishing email is an email in which the sender is engaged in social engineering for the purpose of eliciting private data from the recipient. It is estimated that the loss due to phishing in 2012 was over $1.5 billion. The recommended defense against phishing attacks is to educate a user how not to fall for them. Such campaigns are not the most effective solution, and software systems has been created to identify phishing emails. By and large, these systems are crisp. In this paper, we will report on human perception in identifying phishing emails and apply the fuzzy analysis to the experiment results in order to show that a fuzzy system is much more appropriate for dealing with identification of such emails. We will also demonstrate the system´s acceptability to a human user.
Keywords :
data privacy; fuzzy set theory; unsolicited e-mail; fuzzy analysis; fuzzy system; human judgment; human perception; machine uncertainty; phishing attacks; phishing email identification; private data elicitation; social engineering; Computers; Electronic mail; Machine learning algorithms; Natural languages; Pragmatics; Psychology; Semantics; computer phishing detection; fuzzy phlishing detection; human phishing detection; human-computer collaboration;
Conference_Titel :
Norbert Wiener in the 21st Century (21CW), 2014 IEEE Conference on
Conference_Location :
Boston, MA
DOI :
10.1109/NORBERT.2014.6893870
