Mouse Behavior as an Index of Phishing Awareness

Phishing attacks are one of the most common security challenges faced by individuals and organizations today. Although many techniques exist to filter out phishing emails, they are not always effective leaving humans as the most vulnerable links in the information security chain. This paper presents a study investigating how human behavior, especially mouse movements, may reflect cybersecurity awareness, in particular to phishing emails. Using an email sorting task, we examined three key mouse movement features: hover, slow movement, and response time. The results suggest that slow mouse movements indicate high awareness of phishing emails and could be used to determine the likelihood of users falling victim to phishing attacks. However, contrary to intuition, response time and mouse hovering behaviors do not correlate with phishing awareness.

[1]  Malcolm Robert Pattinson,et al.  Phishing for the Truth: A Scenario-Based Experiment of Users' Behavioural Response to Emails , 2013, SEC.

[2]  Ponnurangam Kumaraguru,et al.  Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions , 2010, CHI.

[3]  J. Sweller COGNITIVE LOAD THEORY, LEARNING DIFFICULTY, AND INSTRUCTIONAL DESIGN , 1994 .

[4]  Fang Chen,et al.  A Qualitative Investigation of Bank Employee Experiences of Information Security and Phishing , 2017, SOUPS.

[5]  Albrecht Schmidt,et al.  Knowing the User's Every Move – User Activity Tracking for Website Usability Evaluation and Implicit Interaction , 2006 .

[6]  Jonathan St. B. T. Evans,et al.  Questions and challenges for the new psychology of reasoning , 2012 .

[7]  Lorrie Faith Cranor,et al.  School of phish: a real-world evaluation of anti-phishing training , 2009, SOUPS.

[8]  Alexander J. Smola,et al.  Measurement and modeling of eye-mouse behavior in the presence of nonlinear page layouts , 2013, WWW.

[9]  Alex Paramythis,et al.  Using browser interaction data to determine page reading behavior , 2011, UMAP'11.

[10]  Cláudio T. Silva,et al.  A User Study of Visualization Effectiveness Using EEG and Cognitive Load , 2011, Comput. Graph. Forum.

[11]  Lorrie Faith Cranor,et al.  Proceedings of the Anti-Phishing Working Groups 2nd Annual eCrime Researchers Summit 2007, Pittsburgh, Pennsylvania, USA, October 4-5, 2007 , 2007, eCrime Researchers Summit.

[12]  Marti A. Hearst,et al.  Why phishing works , 2006, CHI.

[13]  Mark D. Smucker,et al.  Mouse movement during relevance judging: implications for determining user attention , 2014, SIGIR.

[14]  Ryen W. White,et al.  No clicks, no problem: using cursor movements to understand and improve search , 2011, CHI.

[15]  Malcolm Robert Pattinson,et al.  Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q) , 2014, Comput. Secur..

[16]  Ernesto Arroyo,et al.  Usability tool for analysis of web designs using mouse tracks , 2006, CHI Extended Abstracts.

[17]  Lorrie Faith Cranor,et al.  Behavioral response to phishing risk , 2007, eCrime '07.

[18]  Ryen W. White,et al.  User see, user point: gaze and cursor alignment in web search , 2012, CHI.

[19]  Malcolm Robert Pattinson,et al.  Adapting Cyber-Security Training to Your Employees , 2018, HAISA.

[20]  K. Stanovich,et al.  The Cognitive Reflection Test as a predictor of performance on heuristics-and-biases tasks , 2011, Memory & cognition.

[21]  Jonathan J. Oliver,et al.  Anatomy of a Phishing Email , 2004, CEAS.

[22]  Malcolm Robert Pattinson,et al.  Breaching the Human Firewall: Social engineering in Phishing and Spear-Phishing Emails , 2016, ACIS.