Search: id:"swepub:oai:DiVA.org:hj-62715" >
Evaluation of Conte...
Evaluation of Contextual and Game-Based Training for Phishing Detection
-
- Kävrestad, Joakim, 1989- (author)
- Högskolan i Skövde,Institutionen för informationsteknologi,Forskningsmiljön Informationsteknologi,Informationssystem, Information Systems
-
- Hagberg, Allex (author)
- Xenolith AB, Skövde, Sweden
-
- Nohlberg, Marcus, 1976- (author)
- Högskolan i Skövde,Institutionen för informationsteknologi,Forskningsmiljön Informationsteknologi,Informationssystem, Information Systems
-
show more...
-
- Rambusch, Jana (author)
- Högskolan i Skövde,Institutionen för informationsteknologi,Forskningsmiljön Informationsteknologi,Interaction Lab
-
- Roos, Robert (author)
- Xenolith AB, Skövde, Sweden
-
- Furnell, Steven (author)
- School of Computer Science, University of Nottingham, UK
-
show less...
-
(creator_code:org_t)
- 2022-03-25
- 2022
- English.
-
In: Future Internet. - : MDPI. - 1999-5903. ; 14:4
- Related links:
-
https://doi.org/10.3...
-
show more...
-
https://hj.diva-port... (primary) (Raw object)
-
https://his.diva-por... (primary) (Raw object)
-
https://urn.kb.se/re...
-
https://doi.org/10.3...
-
https://urn.kb.se/re...
-
show less...
Abstract
Subject headings
Close
- Cybersecurity is a pressing matter, and a lot of the responsibility for cybersecurity is put on the individual user. The individual user is expected to engage in secure behavior by selecting good passwords, identifying malicious emails, and more. Typical support for users comes from Information Security Awareness Training (ISAT), which makes the effectiveness of ISAT a key cybersecurity issue. This paper presents an evaluation of how two promising methods for ISAT support users in acheiving secure behavior using a simulated experiment with 41 participants. The methods were game-based training, where users learn by playing a game, and Context-Based Micro-Training (CBMT), where users are presented with short information in a situation where the information is of direct relevance. Participants were asked to identify phishing emails while their behavior was monitored using eye-tracking technique. The research shows that both training methods can support users towards secure behavior and that CBMT does so to a higher degree than game-based training. The research further shows that most participants were susceptible to phishing, even after training, which suggests that training alone is insufficient to make users behave securely. Consequently, future research ideas, where training is combined with other support systems, are proposed
Subject headings
- NATURVETENSKAP -- Data- och informationsvetenskap -- Datavetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Computer Sciences (hsv//eng)
Keyword
- usable security
- cybersecurity training
- ISAT
- SETA
- phishing
- user awareness
- security behavior
- Information Systems
- Informationssystem (IS)
- Interaction Lab (ILAB)
- Interaction Lab (ILAB)
- INF303 Informationssäkerhet
- INF303 Information Security
Publication and Content Type
- ref (subject category)
- art (subject category)
Find in a library
To the university's database