CAREER: Understanding the Principles of Working Memory in Phishing Decision Making
University Of Washington, Seattle WA
Investigators
Abstract
Phishing is the practice of deceiving people into disclosing sensitive information or inappropriately granting access to a secure system. Although phishing attacks are rampant on the Internet, due to automation, the likelihood of an individual encountering an attack daily or weekly is small. Yet people are expected to detect the rare attacks that automation misses. These attacks tend to be novel and targeted and, therefore, difficult to detect. Past research has blamed inattention to important cues for human susceptibility to phishing, but the underlying cognitive functions that prevent people from paying attention to indicators in a phishing message are not well understood. This project is developing foundational theories of cognitive processes to explain and predict human decisions to trust or suspect phishing attacks. The project will inform the development of new email security and training solutions to improve the general public’s ability to detect phishing attacks, and in this way, the project has broad potential societal impact. This research is conducted using laboratory experiments and the development of computational models to reveal cognitive functions critical to phishing detection. The research applies natural language processing methods to determine the features in phishing messages that people encode to their memory during decision-making, and the impact of these features on successful detection. This research also studies and characterizes functions critical to memory processes that impact individual susceptibility to phishing attacks. The challenges of applying cognitive models and reinforcement learning models to provide personalized phishing training experiences are also investigated. Knowledge and methods produced from the activities of this project have implications beyond phishing. They inform related challenges in misinformation detection and threat detection. The long-term goal of this project is to establish a multi-disciplinary research program in security and educate a diverse engineering workforce through inclusive research, educational, and outreach activities. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →