The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.02 - March/April (2008 vol.6)
pp: 66-68
Markus Jakobsson , Palo Alto Research Center
Nathaniel Johnson , Indiana University
Peter Finn , Indiana University
ABSTRACT
The authors argue that user studies are vital in order to improve our understanding of online fraud and other sociotechnical security problems. They then provide an overview of common approaches and describe how to carry out the approach that they believe results in the most accurate measurements, the so-called naturalistic phishing experiment. They give examples of such experiments, and illustrate ethical and technical issues that may arise for such experiments.
INDEX TERMS
deceit, debriefing, ethics, experiment, fraud, naturalistic, phishing, subject-expectancy bias
CITATION
Markus Jakobsson, Nathaniel Johnson, Peter Finn, "Why and How to Perform Fraud Experiments", IEEE Security & Privacy, vol.6, no. 2, pp. 66-68, March/April 2008, doi:10.1109/MSP.2008.52
REFERENCES
1. M. Jakobsson and J. Ratkiewicz, "Designing Ethical Phishing Experiments: A Study of (ROT13) rOnl Auction Query Features," Proc. 15th Int'l Conf. World Wide Web, ACM Press, 2006, pp. 513–522.
2. R. Dhamija and J.D. Tygar, "The Battle against Phishing: Dynamic Security Skins," Proc. 2005 Symp. Usable Privacy and Security, ACM Press, 2006, pp. 77–83.
3. M. Jakobsson et al., "What Instills Trust? A Qualitative Study of Phishing," Proc. 1st Int'l Workshop on Usable Security, Springer-Verlag, 2007; www.informatics.indiana.edu/markus/papers trust_USEC.pdf.
4. S. Srikwan and M. Jakobsson, "Using Cartoons to Teach Internet Security," Cryptologia, vol. 32, no. 2, 2008; .
5. V. Anandpara et al., "Phishing IQ Tests Measure Fear, not Ability," Proc. 1st Int'l Workshop on Usable Security, Springer-Verlag, 2007; www.securitycartoon.com/cryptologia08www.informatics.indiana.edu/ markus/papersphish6.pdf .
6. P. Finn and M. Jakobsson, "Designing and Conducting Phishing Experiments," IEEE Technology and Society, special issue on usability and security, vol. 26, no. 1, 2007, pp. 46–58.
7. T. Jagatic et al., "Social Phishing," Comm. ACM, vol. 5, no. 10, 2007, pp. 94–100; http://portal.acm.orgcitation.cfm?doid=1290958.1290968 .
42 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool