Corpus ID: 235422059

INADVERT: An Interactive and Adaptive Counterdeception Platform for Attention Enhancement and Phishing Prevention

  title={INADVERT: An Interactive and Adaptive Counterdeception Platform for Attention Enhancement and Phishing Prevention},
  author={Linan Huang and Quanyan Zhu},
Deceptive attacks exploiting the innate and the acquired vulnerabilities of human users have posed severe threats to information and infrastructure security. This work proposes INADVERT, a systematic solution that generates interactive visual aids in real-time to prevent users from inadvertence and counter visual-deception attacks. Based on the eye-tracking outcomes and proper data compression, the INADVERT platform automatically adapts the visual aids to the user’s varying attention status… Expand
2 Citations

Figures from this paper

Combating Informational Denial-of-Service (IDoS) Attacks: Modeling and Mitigation of Attentional Human Vulnerability
This work proposes a new class of proactive attacks called the Informational Denial-of-Service (IDoS) attacks that exploit the attentional human vulnerability. By generating a large volume of feints,Expand
Reinforcement Learning for Feedback-Enabled Cyber Resilience
This work discusses the cyber-resilient defenses against three major types of vulnerabilities, i.e., posture-related, information- related, and human-related vulnerabilities, and introduces moving target defense, defensive cyber deception, and assistive human security technologies as three application domains of CRMs to elaborate on their designs. Expand


Eyes on URLs: Relating Visual Behavior to Safety Decisions
Users have a cap on the amount of cognitive resources they are willing to expend on vetting a URL; they tend to believe that the presence of www in the domain name indicates that the URL is safe; and they do not carefully parse the URL beyond what they perceive as thedomain name. Expand
Where the User Does Look When Reading Phishing Mails - An Eye-Tracking Study
This study limits itself to visual stimuli of phishing mails and therefore uses an eye-tracking procedure to determine the gaze behavior of the user when confronted with phishing emails. Expand
Phishing Detection: Analysis of Visual Similarity Based Approaches
A comprehensive analysis of phishing attacks, their exploitation, some of the recent visual similarity based approaches for phishing detection, and its comparative study is presented. Expand
What Does Your Gaze Reveal About You? On the Privacy Implications of Eye Tracking
This paper provides a structured overview of personal data that can be inferred from recorded eye activities and shows that eye tracking data may implicitly contain information about a user’s biometric identity, gender, age, ethnicity, body weight, personality traits, drug consumption habits, emotional state, skills and abilities, fears, interests, and sexual preferences. Expand
The Role of Eye Gaze in Security and Privacy Applications: Survey and Future HCI Research Directions
The literature is canvassed and the utility of gaze in security applications is classified into a) authentication, b) privacy protection, and c) gaze monitoring during security critical tasks, which allows for charting several research directions. Expand
Why phishing works
This paper provides the first empirical evidence about which malicious strategies are successful at deceiving general users by analyzing a large set of captured phishing attacks and developing a set of hypotheses about why these strategies might work. Expand
Understanding Phishing Email Processing and Perceived Trustworthiness Through Eye Tracking
There is a complex relationship between the presence of indicators associated with phishing within an email and how trustworthy that email is judged to be, and eye tracking technology is a feasible method with which to identify and record how phishing emails are processed visually by individuals. Expand
You've been warned: an empirical study of the effectiveness of web browser phishing warnings
Using a model from the warning sciences, how users perceive warning messages is analyzed and suggestions for creating more effective warning messages within the phishing context are offered. Expand
Eye Can Tell: On the Correlation Between Eye Movement and Phishing Identification
The results demonstrated the possibility to estimate a web users’ intention when making a trust decision, solely based on the user’s eye movement analysis. Expand
What.Hack: Engaging Anti-Phishing Training Through a Role-playing Phishing Simulation Game
The game What.Hack simulates actual phishing attacks in a role-playing game to encourage the player to practice defending themselves and is more engaging and effective in improving performance than a standard form of training and a competing training game design. Expand