Scientifically Defensible and Measurable Anti-Phishing Training


Problem: How can the effectiveness of a phishing attack be quantified and/or measured? Applications: This project will provide a resource for Idaho National Labs to quantitavely evaluate the effectiveness of their security awareness program in regards to phishing attacks. In turn, it will aid them in hardening the human element of security at the research facility. Approach: Our approach is to construct a fully functional phishing system where we can craft phishing emails, send emails, and place links that point to our web application. We hope to use this system to conduct an anonymous and non-malicious experiment. This data will assist in the design and implementation of the algorithm that will evaluate the relative effectiveness of a phishing email. Interim Results: At this point in time we have have started the experimental approval process and developed a functioning phishing system to use in our experiment. We have created the framework in which to construct our algorithm. Anticipated Results: Next Semester we plan to have a fully functioning phishing email evaluation algorithm. In addition are trying to run a live phishing study at VCU and if it is approved, itwill provide valuable data on the accuracy of our algorithm.

Similar works

Full text


VCU Scholars Compass

Provided a free PDF time updated on 11/11/2016View original full text link

This paper was published in VCU Scholars Compass.

Having an issue?

Is data on this page outdated, violates copyrights or anything else? Report the problem now and we will take corresponding actions after reviewing your request.