IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v14y2022i4p104-d779616.html
   My bibliography  Save this article

Evaluation of Contextual and Game-Based Training for Phishing Detection

Author

Listed:
  • Joakim Kävrestad

    (School of Informatics, University of Skövde, 541 28 Skövde, Sweden)

  • Allex Hagberg

    (Xenolith AB, 541 34 Skövde, Sweden)

  • Marcus Nohlberg

    (School of Informatics, University of Skövde, 541 28 Skövde, Sweden)

  • Jana Rambusch

    (School of Informatics, University of Skövde, 541 28 Skövde, Sweden)

  • Robert Roos

    (Xenolith AB, 541 34 Skövde, Sweden)

  • Steven Furnell

    (School of Computer Science, University of Nottingham, Nottingham NG7 2RD, UK)

Abstract

Cybersecurity is a pressing matter, and a lot of the responsibility for cybersecurity is put on the individual user. The individual user is expected to engage in secure behavior by selecting good passwords, identifying malicious emails, and more. Typical support for users comes from Information Security Awareness Training (ISAT), which makes the effectiveness of ISAT a key cybersecurity issue. This paper presents an evaluation of how two promising methods for ISAT support users in acheiving secure behavior using a simulated experiment with 41 participants. The methods were game-based training, where users learn by playing a game, and Context-Based Micro-Training (CBMT), where users are presented with short information in a situation where the information is of direct relevance. Participants were asked to identify phishing emails while their behavior was monitored using eye-tracking technique. The research shows that both training methods can support users towards secure behavior and that CBMT does so to a higher degree than game-based training. The research further shows that most participants were susceptible to phishing, even after training, which suggests that training alone is insufficient to make users behave securely. Consequently, future research ideas, where training is combined with other support systems, are proposed.

Suggested Citation

  • Joakim Kävrestad & Allex Hagberg & Marcus Nohlberg & Jana Rambusch & Robert Roos & Steven Furnell, 2022. "Evaluation of Contextual and Game-Based Training for Phishing Detection," Future Internet, MDPI, vol. 14(4), pages 1-16, March.
    • Handle: RePEc:gam:jftint:v:14:y:2022:i:4:p:104-:d:779616
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/14/4/104/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/1999-5903/14/4/104/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Owusu-Agyei, Samuel & Okafor, Godwin & Chijoke-Mgbame, Aruoriwo Marian & Ohalehi, Paschal & Hasan, Fakhrul, 2020. "Internet adoption and financial development in sub-Saharan Africa," Technological Forecasting and Social Change, Elsevier, vol. 161(C).
    2. B. B. Gupta & Nalin A. G. Arachchilage & Kostas E. Psannis, 2018. "Defending against phishing attacks: taxonomy of methods, current issues and future directions," Telecommunication Systems: Modelling, Analysis, Design and Management, Springer, vol. 67(2), pages 247-267, February.
    3. Rana Alabdan, 2020. "Phishing Attacks Survey: Types, Vectors, and Technical Approaches," Future Internet, MDPI, vol. 12(10), pages 1-37, September.
    4. Thulani Mashiane & Elmarie Kritzinger, 2021. "Identifying Behavioral Constructs in Relation to User Cybersecurity Behavior," Eurasian Journal of Social Sciences, Eurasian Publications, vol. 9(2), pages 98-122.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Ren, Siyu & Hao, Yu & Xu, Lu & Wu, Haitao & Ba, Ning, 2021. "Digitalization and energy: How does internet development affect China's energy consumption?," Energy Economics, Elsevier, vol. 98(C).
    2. Muhammad Waqas & Alishba Hania & Farzan Yahya & Iqra Malik, 2023. "Enhancing Cybersecurity: The Crucial Role of Self-Regulation, Information Processing, and Financial Knowledge in Combating Phishing Attacks," SAGE Open, , vol. 13(4), pages 21582440231, December.
    3. Njangang, Henri & Beleck, Alim & Tadadjeu, Sosson & Kamguia, Brice, 2022. "Do ICTs drive wealth inequality? Evidence from a dynamic panel analysis," Telecommunications Policy, Elsevier, vol. 46(2).
    4. Henri Njangang & Alim Beleck & Sosson Tadadjeu & Brice Kamguia, 2021. "Do ICTs drive wealth inequality? Evidence from a dynamic panel analysis," Working Papers of the African Governance and Development Institute. 21/057, African Governance and Development Institute..
    5. Bunje, Madinatou Yeh & Abendin, Simon & Wang, Yin, 2022. "The multidimensional effect of financial development on trade in Africa: The role of the digital economy," Telecommunications Policy, Elsevier, vol. 46(10).
    6. Lee, Chien-Chiang & He, Zhi-Wen & Xiao, Fu, 2022. "How does information and communication technology affect renewable energy technology innovation? International evidence," Renewable Energy, Elsevier, vol. 200(C), pages 546-557.
    7. Bahati Sanga & Meshach Aziakpono, 2022. "The impact of technological innovations on financial deepening: Implications for SME financing in Africa," African Development Review, African Development Bank, vol. 34(4), pages 429-442, December.
    8. Pradhan, Rudra P. & Arvin, Mak B. & Nair, Mahendhiran S. & Hall, John H. & Bennett, Sara E., 2021. "Sustainable economic development in India: The dynamics between financial inclusion, ICT development, and economic growth," Technological Forecasting and Social Change, Elsevier, vol. 169(C).
    9. Robert Karamagi, 2022. "A Review of Factors Affecting the Effectiveness of Phishing," Computer and Information Science, Canadian Center of Science and Education, vol. 15(1), pages 1-20, February.
    10. Joël Cariolle & David A Carroll, 2020. "Advancing digital frontiers in African economies: lessons learned from firm-level innovations," Working Papers hal-03118738, HAL.
    11. Abdul Basit & Maham Zafar & Xuan Liu & Abdul Rehman Javed & Zunera Jalil & Kashif Kifayat, 2021. "A comprehensive survey of AI-enabled phishing attacks detection techniques," Telecommunication Systems: Modelling, Analysis, Design and Management, Springer, vol. 76(1), pages 139-154, January.
    12. Cichowicz Ewa & Iwanicz-Drozdowska Małgorzata & Kurowski Łukasz, 2021. "“Every knock is a boost”. Cyber risk behaviour among Poles," Economics and Business Review, Sciendo, vol. 7(4), pages 94-120, December.
    13. Padmalochan Panda & Alekha Kumar Mishra & Deepak Puthal, 2022. "A Novel Logo Identification Technique for Logo-Based Phishing Detection in Cyber-Physical Systems," Future Internet, MDPI, vol. 14(8), pages 1-17, August.
    14. Jaime A. Teixeira da Silva & Aceil Al-Khatib & Panagiotis Tsigaris, 2020. "Spam emails in academia: issues and costs," Scientometrics, Springer;Akadémiai Kiadó, vol. 122(2), pages 1171-1188, February.
    15. Lee, Chien-Chiang & Yuan, Zihao & Wang, Qiaoru, 2022. "How does information and communication technology affect energy security? International evidence," Energy Economics, Elsevier, vol. 109(C).
    16. Ravi Kashyap, 2023. "DeFi Security: Turning The Weakest Link Into The Strongest Attraction," Papers 2312.00033, arXiv.org.
    17. Chatterjee, Sheshadri & Chaudhuri, Ranjan & Thrassou, Alkis & Vrontis, Demetris, 2022. "Social network games (SNGs) addiction: Psychological dimensions and impacts on life quality and society," Technological Forecasting and Social Change, Elsevier, vol. 177(C).
    18. Çetin, Murat & Sarıgül, Sevgi Sümerli & Işık, Cem & Avcı, Pınar & Ahmad, Munir & Alvarado, Rafael, 2023. "The impact of natural resources, economic growth, savings, and current account balance on financial sector development: Theory and empirical evidence," Resources Policy, Elsevier, vol. 81(C).
    19. Jingyi Wang & Qingning Lin & Xuebiao Zhang, 2023. "How Does Digital Economy Promote Agricultural Development? Evidence from Sub-Saharan Africa," Agriculture, MDPI, vol. 14(1), pages 1-20, December.
    20. Jimmy Moedjahedy & Arief Setyanto & Fawaz Khaled Alarfaj & Mohammed Alreshoodi, 2022. "CCrFS: Combine Correlation Features Selection for Detecting Phishing Websites Using Machine Learning," Future Internet, MDPI, vol. 14(8), pages 1-18, July.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:14:y:2022:i:4:p:104-:d:779616. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.