Abstract

Cybersecurity is an increasing area of concern for organizations and individuals alike. The majority of successfully executed cyberattacks are a result of human error. One common type of attack that targets human users is phishing. In spite of this, there is a lack of research surrounding human implications on phishing behavior. Using an online survey platform with both phishing and legitimate emails, the present research examined the utility of various cognitive engineering models for modeling responses to these example emails. Using Signal Detection Theory (SDT) and Fuzzy Signal Detection Theory (Fuzzy SDT), the influence of familiarity with phishing and having a background in cybersecurity on phishing behavior was examined. The results from SDT analysis indicated that familiarity with phishing only accounted for 11% of the variance in sensitivity and 5% in bias. When examining the same using Fuzzy SDT analysis, familiarity with phishing accounted for 6% of the variance in bias. When examining background in cybersecurity using SDT analysis, t-tests indicated the null hypothesis could be rejected for the relationship of background in cybersecurity with sensitivity and bias. When examining the same for Fuzzy SDT, the null hypothesis could only be rejected for the relationship between bias and background in cybersecurity. In addition to these findings, the use of a confusion matrix revealed that the percentage of successfully transmitted information from the stimuli to the judgements made by participants was only 26%. Participant identification of phishing cues was also examined. Participants most frequently identified requests for personal information within the emails. Future research should continue to explore predictors of phishing behavior and the application of the different cognitive engineering models to phishing behavior.

Library of Congress Subject Headings

Phishing--Psychological aspects; Computer security--Psychological aspects; Human-computer interaction

Publication Date

12-21-2021

Document Type

Thesis

Student Type

Graduate

Degree Name

Experimental Psychology (MS)

Department, Program, or Center

Psychology (CLA)

Advisor

Esa M. Rantanen

Advisor/Committee Member

Ehsan Warriach

Advisor/Committee Member

Justin Pelletier

Campus

RIT – Main Campus

Plan Codes

EXPSYC-MS

Download

Share

COinS