20 research outputs found
DeltaPhish: Detecting Phishing Webpages in Compromised Websites
The large-scale deployment of modern phishing attacks relies on the automatic
exploitation of vulnerable websites in the wild, to maximize profit while
hindering attack traceability, detection and blacklisting. To the best of our
knowledge, this is the first work that specifically leverages this adversarial
behavior for detection purposes. We show that phishing webpages can be
accurately detected by highlighting HTML code and visual differences with
respect to other (legitimate) pages hosted within a compromised website. Our
system, named DeltaPhish, can be installed as part of a web application
firewall, to detect the presence of anomalous content on a website after
compromise, and eventually prevent access to it. DeltaPhish is also robust
against adversarial attempts in which the HTML code of the phishing page is
carefully manipulated to evade detection. We empirically evaluate it on more
than 5,500 webpages collected in the wild from compromised websites, showing
that it is capable of detecting more than 99% of phishing webpages, while only
misclassifying less than 1% of legitimate pages. We further show that the
detection rate remains higher than 70% even under very sophisticated attacks
carefully designed to evade our system.Comment: Preprint version of the work accepted at ESORICS 201
Stress factors and stress management interventions: the heuristic of âbottom upâ an update from a systematic review
Organizations have increasingly sought to adopt innovative interventions to prevent stress-related issues. In the field of manufacturing, however, the effectiveness of these interventions remains unclear because a systematic and specific review of existing primary evidence has not been undertaken. The present systematic literature review sought to address the foregoing limitation in the literature by summarizing the main source of stress and effectiveness of stress management interventions as grounded in the context of manufacturing. Our review was limited to only randomized clinical trials (RCTs) and quasi-experimental studies and concerned employees from the manufacturing sector. Twenty-two studies on primary, secondary and tertiary interventions across four continents (Asia, Europe, USA and South America) were selected and analyzed in terms of stress factors, methodological properties and outcomes. Most of these were RCT studies (68% Vs 32%) with a majority of secondary interventions (Nâ=â11, 50%), followed by primary (Nâ=â5, 22%), tertiary (Nâ=â3, 13%), and two (9%) mixed interventions. The main outcomes included an improvement of psychological wellbeing, decreased stress reactivity and an increment of general health. There was a predominance of interventions utilizing skills programs and/or cognitive-behavioral techniques. The main source of stress reported related to professional identity, organizational deficiencies, interpersonal conflicts, physical complaints and poor work environment. Taken together, the findings provide important theoretical and practical implications for advancing the study of stress factors and the use of stress management interventions in the workplace. The prerequisite for a successful intervention is to address the real problems experienced by professionals and help them to cope with their difficult situations. The strategy of âbottom-upâ offers a potential means of enhancing employeesâ health and well-being; however, the most effective means of implementing these interventions needs to be understood better
Long-Term Cultured Hairy Roots of ChicoryâA Rich Source of Hydroxycinnamates and 8-Deoxylactucin Glucoside
Task-Technology Fit and Continuance of Use of Web- based Programming Tool: A Pilot Study
Web-based coding tools are widely accepted in computer science education. The use of these tools allows us to improve learning, but the requirement is to understand the factors that affect their acceptance. Carefully selecting technology that best suits the needs of the task will allow the optimal use of these tools in education. The purpose of this study is to develop a model that incorporates constructs of the Task-technology fit (TTF) model and the Expectation-confirmation model of IT continuance (ECM) to better understand the impact of the toolâs suitability on the userâs behavioral intention. The analysis was performed using the partial least squares approach to structural equation modeling. The results show a significant impact of task-technology fit factor on student satisfaction and their continuance intention. Consequently, this demonstrates that the proposed model is appropriate for understanding the acceptance of web-based programming tools in an educational context