Neural correlates of gender differences and color in distinguishing security warnings and legitimate websites: a neurosecurity study

Abstract

Users have long been recognized as the weakest link in security. Accordingly, researchers have applied knowledge from the fields of psychology and human–computer interaction to understand the security behaviors of users. However, many cognitive processes and responses are unconscious or obligatory and yet still have a profound effect on users’ security behaviors. With this in mind, researchers have begun to apply methods and theories of neuroscience to yield greater insights into the “black box” of user cognition. The goal of this approach—termed neurosecurity—is to better understand and improve users’ behaviors. This study illustrates the potential for neurosecurity by investigating how two fundamental biological factors—gender and color perception—affect users’ reception of security warnings. This is important to determine because research has shown that users frequently fail to appropriately respond to security warnings. We conducted a laboratory experiment using electroencephalography, a proven method of measuring neurological activity in temporally sensitive tasks. We found that the amplitude of the P300—an event-related potential component indicative of decision-making ability—was higher for all participants when viewing malware warning screenshots relative to legitimate website shots. Additionally, we found that the P300 was greater for women than for men, indicating that women exhibit higher brain activity than men when viewing malware warnings. However, we found that there was no change in the P300 when viewing red warnings compared to grayscale warnings. Together, our results demonstrate the value of applying neurosecurity methods to the domain of cybersecurity and point to several promising avenues for future research.

DOI: 10.1093/cybsec/tyv005

8 Figures and Tables

Cite this paper

@article{Anderson2015NeuralCO, title={Neural correlates of gender differences and color in distinguishing security warnings and legitimate websites: a neurosecurity study}, author={Bonnie Brinton Anderson and C. Brock Kirwan and David Eargle and Scott R. Jensen and Anthony Vance}, journal={J. Cybersecurity}, year={2015}, volume={1}, pages={109-120} }