Neural Underpinnings of Website Legitimacy and Familiarity Detection: An fNIRS Study

In this paper, we study the neural underpinnings relevant to user-centered web security through the lens of functional near-infrared spectroscopy (fNIRS). Specifically, we design and conduct an fNIRS study to pursue a thorough investigation of users' processing of legitimate vs. illegitimate and familiar vs. unfamiliar websites. We pinpoint the neural activity in these tasks as well as the brain areas that control such activity. We show that, at the neurological level, users process the legitimate websites differently from the illegitimate websites when subject to phishing attacks. Similarly, we show that users exhibit marked differences in the way their brains process the previously familiar websites from unfamiliar websites. These findings have several defensive and offensive implications. In particular, we discuss how these differences may be used by the system designers in the future to differentiate between legitimate and illegitimate websites automatically based on neural signals. Similarly, we discuss the potential for future malicious attackers, with access to neural signals, in compromising the privacy of users by detecting whether a website is previously familiar or unfamiliar to the user. Compared to prior research, our novelty lies in several aspects. First, we employ a neuroimaging methodology (fNIRS) not tapped into by prior security research for the problem domain we are studying. Second, we provide a focused study design and comprehensive investigation of the neural processing underlying the specific tasks of legitimate vs. illegitimate and familiar vs. unfamiliar websites. Third, we use an experimental set-up much more amenable to real-world settings, compared to previous fMRI studies. Beyond these scientific innovations, our work also serves to corroborate and extend several of the findings of the prior literature with independent methodologies, tools, and settings.

[1]  C. Curtis,et al.  Persistent activity in the prefrontal cortex during working memory , 2003, Trends in Cognitive Sciences.

[2]  R. Buxton,et al.  Modeling the hemodynamic response to brain activation , 2004, NeuroImage.

[3]  M. Platt,et al.  Risky business: the neuroeconomics of decision making under uncertainty , 2008, Nature Neuroscience.

[4]  Hiroki Yamamoto,et al.  Judgments About Others’ Trustworthiness: An fMRI Study , 2011 .

[5]  S. Quartz,et al.  Getting to Know You: Reputation and Trust in a Two-Person Economic Exchange , 2005, Science.

[6]  V. Goel,et al.  Middle Temporal Gyrus Encodes Individual Differences in Perceived Facial Attractiveness , 2013 .

[7]  Min Wu,et al.  Do security toolbars actually prevent phishing attacks? , 2006, CHI.

[8]  Nina F Dronkers,et al.  The role of inferior parietal and inferior frontal cortex in working memory. , 2006, Neuropsychology.

[9]  M. Husain,et al.  Control of Visuotemporal Attention by Inferior Parietal and Superior Temporal Cortex , 2002, Current Biology.

[10]  Vir V. Phoha,et al.  fNIRS: A new modality for brain activity-based biometric authentication , 2015, 2015 IEEE 7th International Conference on Biometrics Theory, Applications and Systems (BTAS).

[11]  Angelika Dimoka,et al.  What Does the Brain Tell Us About Trust and Distrust? Evidence from a Functional Neuroimaging Study , 2010, MIS Q..

[12]  A. Villringer,et al.  Non-invasive optical spectroscopy and imaging of human brain function , 1997, Trends in Neurosciences.

[13]  Lorrie Faith Cranor,et al.  Crying Wolf: An Empirical Study of SSL Warning Effectiveness , 2009, USENIX Security Symposium.

[14]  Bonnie Brinton Anderson,et al.  Using Measures of Risk Perception to Predict Information Security Behavior: Insights from Electroencephalography (EEG) , 2014, J. Assoc. Inf. Syst..

[15]  J. Hanley,et al.  The meaning and use of the area under a receiver operating characteristic (ROC) curve. , 1982, Radiology.

[16]  Stuart E. Schechter,et al.  The Emperor's New Security Indicators , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[17]  A M Dale,et al.  Event-related functional MRI: past, present, and future. , 1998, Proceedings of the National Academy of Sciences of the United States of America.

[18]  Colin Camerer,et al.  Distinct contributions of the amygdala and parahippocampal gyrus to suspicion in a repeated bargaining game , 2012, Proceedings of the National Academy of Sciences.

[19]  Adrienne Porter Felt,et al.  Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness , 2013, USENIX Security Symposium.

[20]  J. Leon-Carrion,et al.  Functional Near-Infrared Spectroscopy (fNIRS): Principles and Neuroscientific Applications , 2012 .

[21]  Helen Nissenbaum,et al.  Users' conceptions of web security: a comparative study , 2002, CHI Extended Abstracts.

[22]  Nitesh Saxena,et al.  Neural Signatures of User-Centered Security: An fMRI Study of Phishing, and Malware Warnings , 2014, NDSS.

[23]  Britton Chance,et al.  Functional Optical Brain Imaging Using Near-Infrared During Cognitive Tasks , 2004, Int. J. Hum. Comput. Interact..

[24]  Robert J. K. Jacob,et al.  This is your brain on interfaces: enhancing usability testing with functional near-infrared spectroscopy , 2011, CHI.

[25]  Marti A. Hearst,et al.  Why phishing works , 2006, CHI.

[26]  Dawn Xiaodong Song,et al.  On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces , 2012, USENIX Security Symposium.

[27]  References , 1971 .

[28]  R. Kikinis,et al.  Middle and inferior temporal gyrus gray matter volume abnormalities in first-episode schizophrenia: an MRI study. , 2006, The American journal of psychiatry.

[29]  Bonnie Brinton Anderson,et al.  How Polymorphic Warnings Reduce Habituation in the Brain: Insights from an fMRI Study , 2015, CHI.

[30]  Ponnurangam Kumaraguru,et al.  Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions , 2010, CHI.

[31]  Margot J. Taylor,et al.  Neural correlates of personally familiar faces: Parents, partner and own faces , 2009, Human brain mapping.

[32]  Lorrie Faith Cranor,et al.  An Empirical Analysis of Phishing Blacklists , 2009, CEAS 2009.

[33]  T. Egner,et al.  Emotional processing in anterior cingulate and medial prefrontal cortex , 2011, Trends in Cognitive Sciences.

[34]  L. Garey Brodmann's localisation in the cerebral cortex , 1999 .

[35]  Daniel Afergan,et al.  Investigation of fNIRS brain sensing as input to information filtering systems , 2013, AH.

[36]  Tom Fawcett,et al.  An introduction to ROC analysis , 2006, Pattern Recognit. Lett..

[37]  N. Kriegeskorte,et al.  Neural correlates of trust , 2007, Proceedings of the National Academy of Sciences.

[38]  Adam Craig,et al.  Suspicious Minds: Exploring Neural Processes during Exposure to Deceptive Advertising , 2012 .

[39]  Andrew J. Parker,et al.  Human Neuroscience Original Research Article Human Cortical Activity Evoked by the Assignment of Authenticity When Viewing Works of Art , 2022 .

[40]  Lorrie Faith Cranor,et al.  You've been warned: an empirical study of the effectiveness of web browser phishing warnings , 2008, CHI.

[41]  R. Kikinis,et al.  Middle and inferior temporal gyrus gray matter volume abnormalities in chronic schizophrenia: an MRI study. , 2004, The American journal of psychiatry.

[42]  Kimberly L. Ray,et al.  Meta-analytic evidence for a superordinate cognitive control network subserving diverse executive functions , 2012, Cognitive, affective & behavioral neuroscience.

[43]  Mark S. Seidenberg,et al.  Neural Systems Underlying the Recognition of Familiar and Newly Learned Faces , 2000, The Journal of Neuroscience.

[44]  Martin Mozina,et al.  Orange: data mining toolbox in python , 2013, J. Mach. Learn. Res..

[45]  Kevin Murphy,et al.  An empirical investigation into the number of subjects required for an event-related fMRI study , 2004, NeuroImage.

[46]  Nitesh Saxena,et al.  A Multi-Modal Neuro-Physiological Study of Phishing Detection and Malware Warnings , 2015, CCS.

[47]  Xu Cui,et al.  Functional near infrared spectroscopy (NIRS) signal improvement based on negative correlation between oxygenated and deoxygenated hemoglobin dynamics , 2010, NeuroImage.

[48]  M. Ingvar,et al.  Distinct Contributions of the Dorsolateral Prefrontal and Orbitofrontal Cortex during Emotion Regulation , 2012, PloS one.

[49]  Martin P. Paulus,et al.  Superior temporal gyrus and insula provide response and outcome-dependent information during assessment and action selection in a decision-making situation , 2005, NeuroImage.

[50]  Alireza Gharabaghi,et al.  The role of the right superior temporal gyrus in visual search—Insights from intraoperative electrical stimulation , 2006, Neuropsychologia.

[51]  R. Derakhshani,et al.  Classification-guided feature selection for NIRS-based BCI , 2011, 2011 5th International IEEE/EMBS Conference on Neural Engineering.