Model for analysing Anti-Phishing Authentication Ceremonies

Edina Hatunic-Webster, Fred Mtenzi, Brendan O'Shea

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Citation (Scopus)

Abstract

Phishing takes advantage of the way humans interact with computers or interpret messages; and also that many online authentication protocols place a disproportional burden on human abilities. A security ceremony is an extension of the concept of network security protocol and includes user interface and human-protocol interaction. It is one way of extending the reach of current methods for social, technical and contextual analysis of security protocols to include humans. In this paper, we propose a Human Factors in Anti-Phishing Authentication Ceremonies (APAC) Framework for investigating phishing attacks in authentication ceremonies, which builds on The Human-in-the-Loop Security Framework of communication processing. We show how to apply the APAC framework to model human-protocol behaviour. The resulting Model for Analysing APAC correlates the framework components and examines how the authentication tasks required to be performed by humans influence their decision-making and consequently their phishing detection.

Original languageEnglish
Title of host publication2014 9th International Conference for Internet Technology and Secured Transactions, ICITST 2014
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages144-150
Number of pages7
ISBN (Electronic)9781908320391
DOIs
Publication statusPublished - 2014
Externally publishedYes
Event2014 9th International Conference for Internet Technology and Secured Transactions, ICITST 2014 - London, United Kingdom
Duration: 8 Dec 201410 Dec 2014

Publication series

Name2014 9th International Conference for Internet Technology and Secured Transactions, ICITST 2014

Conference

Conference2014 9th International Conference for Internet Technology and Secured Transactions, ICITST 2014
Country/TerritoryUnited Kingdom
CityLondon
Period8/12/1410/12/14

Keywords

  • Anti-Phishing Authentication
  • Ceremonies
  • Modeling Human-Protocol Behaviour

Fingerprint

Dive into the research topics of 'Model for analysing Anti-Phishing Authentication Ceremonies'. Together they form a unique fingerprint.

Cite this