Ontology-Based Intelligent Interface Personalization for Protection Against Phishing Attacks

IF 5 3区管理学 Q1 INFORMATION SCIENCE & LIBRARY SCIENCE

Information Systems Research Pub Date : 2023-10-11 DOI:10.1287/isre.2021.0065

Fatemeh Mariam Zahedi, Yan Chen, Huimin Zhao

{"title":"Ontology-Based Intelligent Interface Personalization for Protection Against Phishing Attacks","authors":"Fatemeh Mariam Zahedi, Yan Chen, Huimin Zhao","doi":"10.1287/isre.2021.0065","DOIUrl":null,"url":null,"abstract":"Millions of users on the Internet have fallen into phishing website traps. Detection tools are designed to warn users against such attacks, but often fail to achieve this purpose. One crucial reason behind this is that users rarely have a chance to interact and build a relationship with a detection tool that stealthily runs at the backend. A warning message on a rarely seen interface from such a tool hardly inspires users’ trust in its authenticity and accuracy. In this study, we propose an ontology-based intelligent interface personalization (OBIIP) design for the warning interfaces of phishing website detection tools. We first constructed an ontology of warning interface elements (OWIE), which is a comprehensive knowledgebase for warning interface design. We then used OWIE in the design and creation of an OBIIP prototype and assessed it in a laboratory experiment and an online experiment. The results show the significant value of OBIIP in improving users’ performance in terms of self-protection against website phishing attacks and building a stronger relationship with the detection tool in terms of trust in and use of the tool.","PeriodicalId":48411,"journal":{"name":"Information Systems Research","volume":null,"pages":null},"PeriodicalIF":5.0000,"publicationDate":"2023-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Systems Research","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1287/isre.2021.0065","RegionNum":3,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"INFORMATION SCIENCE & LIBRARY SCIENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Millions of users on the Internet have fallen into phishing website traps. Detection tools are designed to warn users against such attacks, but often fail to achieve this purpose. One crucial reason behind this is that users rarely have a chance to interact and build a relationship with a detection tool that stealthily runs at the backend. A warning message on a rarely seen interface from such a tool hardly inspires users’ trust in its authenticity and accuracy. In this study, we propose an ontology-based intelligent interface personalization (OBIIP) design for the warning interfaces of phishing website detection tools. We first constructed an ontology of warning interface elements (OWIE), which is a comprehensive knowledgebase for warning interface design. We then used OWIE in the design and creation of an OBIIP prototype and assessed it in a laboratory experiment and an online experiment. The results show the significant value of OBIIP in improving users’ performance in terms of self-protection against website phishing attacks and building a stronger relationship with the detection tool in terms of trust in and use of the tool.

查看原文本刊更多论文

基于本体的智能接口个性化网络钓鱼防护

数以百万计的互联网用户落入了网络钓鱼网站的陷阱。检测工具的设计目的是警告用户防范此类攻击，但通常无法实现这一目的。这背后的一个关键原因是，用户很少有机会与在后端偷偷运行的检测工具进行交互和建立关系。这样一个工具很少出现的界面上的警告信息很难激发用户对其真实性和准确性的信任。在这项研究中，我们提出了一种基于本体的智能接口个性化(OBIIP)设计，用于网络钓鱼网站检测工具的警告接口。首先构建了预警界面元素本体(OWIE)，这是预警界面设计的综合知识库。然后我们在设计和创建OBIIP原型时使用了OWIE，并在实验室实验和在线实验中对其进行了评估。结果表明，OBIIP在提高用户对网站钓鱼攻击的自我保护性能以及在对工具的信任和使用方面与检测工具建立更强的关系方面具有显著的价值。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Information Systems Research Multiple-

CiteScore

9.10

自引率

8.20%

发文量

120

期刊介绍： ISR (Information Systems Research) is a journal of INFORMS, the Institute for Operations Research and the Management Sciences. Information Systems Research is a leading international journal of theory, research, and intellectual development, focused on information systems in organizations, institutions, the economy, and society.