Measuring the Potential for Victimization in Malicious Content

Matthew L. Hale; R. Gamble; J. Hale; M. Haney; J. Lin; C. Walter

doi:10.1109/ICWS.2015.49

Measuring the Potential for Victimization in Malicious Content

Matthew L. Hale, R. Gamble, J. Hale, M. Haney, J. Lin, C. Walter

Cybersecurity

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

3 Scopus citations

Abstract

Sending malicious content to users for obtaining personnel, financial, or intellectual property has become a multi-billion dollar criminal enterprise. This content is primarily presented in the form of emails, social media posts, and phishing websites. User training initiatives seek to minimize the impact of malicious content through improved vigilance. Training works best when tailored to specific user deficiencies. However, tailoring training requires understanding how malicious content victimizes users. In this paper, we link a set of malicious content design factors, in the form of degradations and sophistications, to their potential to form a victimization prediction metric. The design factors examined are developed from an analysis of over 100 pieces of content from email, social media and websites. We conducted an experiment using a sample of the content and a game-based simulation platform to evaluate the efficacy of our victimization prediction metric. The experimental results and their analysis are presented as part of the evaluation.

Original language	English (US)
Title of host publication	Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015
Editors	John A. Miller, Hong Zhu
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	305-312
Number of pages	8
ISBN (Electronic)	9781467372725
DOIs	https://doi.org/10.1109/ICWS.2015.49
State	Published - Aug 13 2015
Event	IEEE International Conference on Web Services, ICWS 2015 - New York, United States Duration: Jun 27 2015 → Jul 2 2015

Publication series

Name	Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015

Other

Other	IEEE International Conference on Web Services, ICWS 2015
Country/Territory	United States
City	New York
Period	6/27/15 → 7/2/15

Keywords

content assessment
maliciousness
metrics
phishing
trust
trust factors
user training
victimization

ASJC Scopus subject areas

Computer Science Applications
Human-Computer Interaction
Computer Networks and Communications

Access to Document

10.1109/ICWS.2015.49

Cite this

Hale, M. L., Gamble, R., Hale, J., Haney, M., Lin, J., & Walter, C. (2015). Measuring the Potential for Victimization in Malicious Content. In J. A. Miller, & H. Zhu (Eds.), Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015 (pp. 305-312). Article 7195583 (Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICWS.2015.49

Measuring the Potential for Victimization in Malicious Content. / Hale, Matthew L.; Gamble, R.; Hale, J. et al.
Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015. ed. / John A. Miller; Hong Zhu. Institute of Electrical and Electronics Engineers Inc., 2015. p. 305-312 7195583 (Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Hale, ML, Gamble, R, Hale, J, Haney, M, Lin, J & Walter, C 2015, Measuring the Potential for Victimization in Malicious Content. in JA Miller & H Zhu (eds), Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015., 7195583, Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015, Institute of Electrical and Electronics Engineers Inc., pp. 305-312, IEEE International Conference on Web Services, ICWS 2015, New York, United States, 6/27/15. https://doi.org/10.1109/ICWS.2015.49

Hale ML, Gamble R, Hale J, Haney M, Lin J, Walter C. Measuring the Potential for Victimization in Malicious Content. In Miller JA, Zhu H, editors, Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 305-312. 7195583. (Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015). doi: 10.1109/ICWS.2015.49

Hale, Matthew L. ; Gamble, R. ; Hale, J. et al. / Measuring the Potential for Victimization in Malicious Content. Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015. editor / John A. Miller ; Hong Zhu. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 305-312 (Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015).

@inproceedings{643cf246571a4c66a809ad0e1cf8f251,

title = "Measuring the Potential for Victimization in Malicious Content",

abstract = "Sending malicious content to users for obtaining personnel, financial, or intellectual property has become a multi-billion dollar criminal enterprise. This content is primarily presented in the form of emails, social media posts, and phishing websites. User training initiatives seek to minimize the impact of malicious content through improved vigilance. Training works best when tailored to specific user deficiencies. However, tailoring training requires understanding how malicious content victimizes users. In this paper, we link a set of malicious content design factors, in the form of degradations and sophistications, to their potential to form a victimization prediction metric. The design factors examined are developed from an analysis of over 100 pieces of content from email, social media and websites. We conducted an experiment using a sample of the content and a game-based simulation platform to evaluate the efficacy of our victimization prediction metric. The experimental results and their analysis are presented as part of the evaluation.",

keywords = "content assessment, maliciousness, metrics, phishing, trust, trust factors, user training, victimization",

author = "Hale, {Matthew L.} and R. Gamble and J. Hale and M. Haney and J. Lin and C. Walter",

note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; IEEE International Conference on Web Services, ICWS 2015 ; Conference date: 27-06-2015 Through 02-07-2015",

year = "2015",

month = aug,

day = "13",

doi = "10.1109/ICWS.2015.49",

language = "English (US)",

series = "Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "305--312",

editor = "Miller, {John A.} and Hong Zhu",

booktitle = "Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015",

}

TY - GEN

T1 - Measuring the Potential for Victimization in Malicious Content

AU - Hale, Matthew L.

AU - Gamble, R.

AU - Hale, J.

AU - Haney, M.

AU - Lin, J.

AU - Walter, C.

PY - 2015/8/13

Y1 - 2015/8/13

N2 - Sending malicious content to users for obtaining personnel, financial, or intellectual property has become a multi-billion dollar criminal enterprise. This content is primarily presented in the form of emails, social media posts, and phishing websites. User training initiatives seek to minimize the impact of malicious content through improved vigilance. Training works best when tailored to specific user deficiencies. However, tailoring training requires understanding how malicious content victimizes users. In this paper, we link a set of malicious content design factors, in the form of degradations and sophistications, to their potential to form a victimization prediction metric. The design factors examined are developed from an analysis of over 100 pieces of content from email, social media and websites. We conducted an experiment using a sample of the content and a game-based simulation platform to evaluate the efficacy of our victimization prediction metric. The experimental results and their analysis are presented as part of the evaluation.

AB - Sending malicious content to users for obtaining personnel, financial, or intellectual property has become a multi-billion dollar criminal enterprise. This content is primarily presented in the form of emails, social media posts, and phishing websites. User training initiatives seek to minimize the impact of malicious content through improved vigilance. Training works best when tailored to specific user deficiencies. However, tailoring training requires understanding how malicious content victimizes users. In this paper, we link a set of malicious content design factors, in the form of degradations and sophistications, to their potential to form a victimization prediction metric. The design factors examined are developed from an analysis of over 100 pieces of content from email, social media and websites. We conducted an experiment using a sample of the content and a game-based simulation platform to evaluate the efficacy of our victimization prediction metric. The experimental results and their analysis are presented as part of the evaluation.

KW - content assessment

KW - maliciousness

KW - metrics

KW - phishing

KW - trust

KW - trust factors

KW - user training

KW - victimization

UR - http://www.scopus.com/inward/record.url?scp=84956680852&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84956680852&partnerID=8YFLogxK

U2 - 10.1109/ICWS.2015.49

DO - 10.1109/ICWS.2015.49

M3 - Conference contribution

AN - SCOPUS:84956680852

T3 - Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015

SP - 305

EP - 312

BT - Proceedings - 2015 IEEE International Conference on Web Services, ICWS 2015

A2 - Miller, John A.

A2 - Zhu, Hong

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - IEEE International Conference on Web Services, ICWS 2015

Y2 - 27 June 2015 through 2 July 2015

ER -

Measuring the Potential for Victimization in Malicious Content

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this