16 research outputs found

    Man vs. machine: Investigating the effects of adversarial system use on end-user behavior in automated deception detection interviews

    Get PDF
    Deception is an inevitable component of human interaction. Researchers and practitioners are developing information systems to aid in the detection of deceptive communication. Information systems are typically adopted by end users to aid in completing a goal or objective (e.g., increasing the efficiency of a business process). However, end-user interactions with deception detection systems (adversarial systems) are unique because the goals of the system and the user are orthogonal. Prior work investigating systems-based deception detection has focused on the identification of reliable deception indicators. This research extends extant work by looking at how users of deception detection systems alter their behavior in response to the presence of guilty knowledge, relevant stimuli, and system knowledge. An analysis of data collected during two laboratory experiments reveals that guilty knowledge, relevant stimuli, and system knowledge all lead to increased use of countermeasures. The implications and limitations of this research are discussed and avenues for future research are outline

    Trends in Phishing Attacks: Suggestions for Future Research

    Get PDF
    One of the most common and costly forms of deception and fraud online is phishing. Due to the ramifications of successfulphishing attacks, security experts and researchers seek to better understand this phenomenon. Prior phishing research hasaddressed the “bait” and “hook” components of phishing attacks, the human-computer interaction that takes place as usersjudge the veracity of phishing emails and websites, and the development of technologies that can aid users in identifying andrejecting these attacks. Despite the extant research on this topic, phishing attacks continue to be successful as tactics evolve,rendering existing research less relevant. Although numerous tools have been created to aid people in recognizing phishingattacks, users disregard the recommendations of these tools. This paper summarizes the core of phishing research, providesan update on trending attack methods, and proposes future research addressing computer credibility in a phishing context

    When Disclosure is Involuntary: Empowering Users with Control to Reduce Concerns

    Get PDF
    Modern organizations must carefully balance the practice of gathering large amounts of valuable data from individuals with the associated ethical considerations and potential negative public image inherent in breaches of privacy. As it becomes increasingly commonplace for many types of information to be collected without individuals\u27 knowledge or consent, managers and researchers alike can benefit from understanding how individuals react to such involuntary disclosures, and how these reactions can impact evaluations of the data-collecting organizations. This research develops and empirically tests a theoretical model that shows how empowering individuals with a sense of control over their personal information can help mitigate privacy concerns following an invasion of privacy. Using a controlled experiment with 94 participants, we show that increasing control can reduce privacy concerns and significantly influence individuals\u27 attitudes toward the organization that has committed a privacy invasion. We discuss theoretical and practical implications of our work

    Establishing a Foundation for Automated Human Credibility Screening

    Get PDF
    Automated human credibility screening is an emerging research area that has potential for high impact in fields as diverse as homeland security and accounting fraud detection. Systems that conduct interviews and make credibility judgments can provide objectivity, improved accuracy, and greater reliability to credibility assessment practices, need to be built. This study establishes a foundation for developing automated systems for human credibility screening

    A Comparison of Invasive and Noninvasive Sensors in the Concealed Information Test

    No full text
    Rapid screening requires identifying individuals concealing information promptly and noninvasively. The standard Concealed Information Test (CIT) is not conducive to a rapid screening context, however, researchers are investigating the ability to conduct adaptations of the CIT using noninvasive sensors. The purpose of this paper is to propose a study that will investigate and compare the accuracy rates of electro dermal, oculometric, and vocalic measures in identifying concealed information. The ability to detect criminals and high-risk individuals rapidly and with stand-off methods during security screening has implications for a wide variety of applications

    Improving Password Cybersecurity Through Inexpensive and Minimally Invasive Means: Detecting and Deterring Password Reuse Through Keystroke-Dynamics Monitoring and Just-in-Time Fear Appeals

    No full text
    Password reuse - using the same password for multiple accounts - is a prevalent phenomenon that can make even the most secure systems vulnerable. When passwords are reused across multiple systems, hackers may compromise accounts by stealing passwords from low-security sites to access sites with higher security. Password reuse can be particularly threatening to users in developing countries in which cybersecurity training is limited, law enforcement of cybersecurity is non-existent, or in which programs to secure cyberspace are limited. This article proposes a two-pronged solution for reducing password reuse through detection and mitigation. First, based on the theories of routine, cognitive load and motor movement, we hypothesize that password reuse can be detected by monitoring characteristics of users' typing behavior (i.e. keystroke dynamics). Second, based on protection motivation theory, we hypothesize that providing just-in-time fear appeals when a violation is detected will decrease password reuse. We tested our hypotheses in an experiment and found that users' keystroke dynamics are diagnostic of password reuse. By analyzing changes in typing patterns, we were able to detect password reuse with 81.71% accuracy. We also found that just-in-time fear appeals decrease password reuse; 88.41% of users who received a fear appeal subsequently created unique passwords, whereas only 4.45% of users who did not receive a fear appeal created unique passwords. Our results suggest that future research should continue to examine keystroke dynamics as an indicator of cybersecurity behaviors and use just-in-time fear appeals as a method for reducing non-secure behavior. The findings of our research provide a practical and cost-effective solution to bolster cybersecurity through discouraging password reuse. © 2013 © 2013 Commonwealth Secretariat.Link_to_subscribed_fulltex

    Patterns of Nonverbal Behavior Associated with Truth and Deception: Illustrations from Three Experiments

    No full text
    The digital age has brought with it new and powerful computer-based methods of analyzing heretofore elusive patterns of nonverbal behavior. C-BAS (Meservy 2010) is a computer-assisted behavioral observation tool for identifying and tracking nonverbal behaviors from video. THEME (Magnusson, The hidden structure of interaction: from neurons to culture patterns, IOS Press, Amsterdam, pp 4–22, 2005) is a software program that discovers patterns among discrete events in time-ordered data. Together, these tools enable more precise measurement and analysis of nonverbal behavioral dynamics. Applications to three corpora derived from interpersonal deception experiments reveal unique nonverbal patterns that distinguish deceptive from nondeceptive interactions. The first and second experiments produced serial, hierarchically related patterns of behaviors that differed in length and complexity between truthful and deceptive participants during interviews about a theft and cheating, respectively. The third experiment produced differential patterns by and among group members completing a task. Deceivers were inclined toward strategic initiations and interactional control, whereas suspicious group members adopted a more passive, possibly watchful stance. Discovery of these patterns challenges the prevailing view that nonverbal behaviors are too faint and inconsistent to identify deceptive communication. Results have numerous implications regarding the following: the development of new measurement tools locating significant effects of nonverbal behaviors, support for theory that coherent and repetitive relationships exist within and among interactants’ communication, demonstration of the role of nonverbal behaviors in deceptive communication and the dynamic and strategic nature of deception
    corecore