CyLab Usable Privacy and Security Laboratory C yLab U sable P rivacy and S ecurity Laboratory Statistical.

Slides:



Advertisements
Similar presentations
Ronn Ritke Tony McGregor NLANR/MNA (UCSD/SDSC) Funded by the National Science Foundation/CISE/SCI cooperative agreement no. ANI
Advertisements

C MU U sable P rivacy and S ecurity Laboratory Anti-Phishing Phil The Design and Evaluation of a Game That Teaches People Not to.
What is the degree of your global awareness?
Official Languages: English and French. International Civil Aviation Organization (ICAO) recognizes the Academy as an International Non-Government Association.
Build /16/2017 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION.
CMU Usable Privacy and Security Laboratory A Brief History of Semantic Attacks or How Not to Get Screwed Online Serge Egelman.
Usable Privacy and Security Carnegie Mellon University Spring 2007 Cranor/Hong 1 Course Overview January 16, 2007.
SAP Student Interest Group
© Lloyd’s Regional Watch Content Guide CLICK ANY BOX AMERICAS IMEA EUROPE ASIA PACIFIC.
AZR211: What’s New in Windows Azure? Wade Wegner Blog: AZR211.
Introduction to project- Clare Madge. Structure of presentation 1.Welcome 2.Background to the project 3.Tour of the site 4.The project process 5.Evaluation.
Solar Physics Board Meeting Rio de Janeiro July, 2009.
International Outcomes of Learning in Mathematics and Problem Solving: PISA 2003 Results from the U.S. Perspective Commissioner Robert Lerner National.
Windows Azure Global Footprint video Inside a Datacenter 
Product news and Updates Future Roadmap Paul Greaves Sales Director.
CMU Usable Privacy and Security Laboratory Phinding Phish: An Evaluation of Anti-Phishing Toolbars Yue Zhang, Serge Egelman, Lorrie.
By: Israel Franco. Differences-Memory - If you did not log-off it remembers your name the next time the site is visited. Hello Israel!
Windows Azure Inside a Datacenter  video 
Capitalist. Main Points In a capitalist or free-market country, people can own their own businesses and property. People can also buy services for private.
PISA2006 LEVEL/BALANCE JARKKO HAUTAMÄKI PATRIK SCHEININ SEPPO LAAKSONEN UNIVERSITY OF HELSINKI Revised
Global MAX Welcome to the world of…. About us We take pleasure in inviting you to become a member of Global MAX. We have two objectives: 1 st to provide.
Perfection in Automation
Statistics Project Wendy Kim & Tina Shin.  What is the most visited country in the world?
C MU U sable P rivacy and S ecurity Laboratory Protecting People from Phishing: The Design and Evaluation of an Embedded Training.
Chapter 27 Chapter 27 Geographic Variability in Hip and Vertebral Fractures Copyright © 2013 Elsevier Inc. All rights reserved.
FDLRS Region 3 serving Brevard, Indian River, Lake, Martin, Okeechobee, Orange, Osceola, St. Lucie, Seminole, Sumter, and Volusia Marcia Sterner, Regional.
Why is there a need for a European Association for Language Testing and Assessment? Charles Alderson, Lancaster University, Coordinator of ENLTA.
Usable Privacy and Security and Mobile Social Services Jason Hong
The United States The Economy. What is GDP ? Gross Domestic Product (GDP): The total market (or dollar) value of all final goods and services produced.
Usable Privacy and Security Carnegie Mellon University Spring 2008 Lorrie Cranor 1 Usable Privacy and Security.
Hello Around the World ! Europe France Everyone in France speaks French. Bonjour (BONE-zhure) Example Slide.
The (IMG) Systems for Comparative Analysis of Microbial Genomes & Metagenomes: N America: 1,180 Europe: 386 Asia: 235 Africa: 6 Oceania: 81 S America:
2016 Global Manufacturing Competitiveness Index. 2Deloitte and US Council on Competitiveness I 2016 Global Manufacturing Competitiveness IndexCopyright.
Country EPS-12 Total (with ICPS) Hungary7979 Germany5559 Romania3841 Ukraine2527 United Kingdom1930 Finland1842 France1616 Italy1616 Poland1313 Switzerland1314.
The Mission of CERN  Push back  Push back the frontiers of knowledge E.g. the secrets of the Big Bang …what was the matter like within the first moments.
Figure 1. PARTICIPATING STEM CELL DONOR REGISTRIES Number of registries Year ©BMDW.
Bed Linen Markets in the World to 2017 Bharat Book Bureau.
Global Aluminium Foil Market to Market Size, Growth, and Forecasts in Nearly 60 Countries Published on : Jul 2014.
Global Powered Lawn Mower Market to Market Size, Growth, and Forecasts in Nearly 70 Countries “This comprehensive publication enables readers the.
Global Potassic Fertilizer Market to Market Size, Growth, and Forecasts in Nearly 60 Countries “This comprehensive publication enables readers the.
Global Printing Ink Market to Market Size, Growth, and Forecasts in Over 70 Countries “This comprehensive publication enables readers the critical.
Global Aluminium Pipe and Tube Market to 2018 (Market Size, Growth, and Forecasts in Nearly 60 Countries) Published Date: Jul-2014 Reports and Intelligence.
Chief Financial Officers List
STUDY ABROAD TRENDS April 2009 Sara Dumont Director Abroad at AU American University.
Copyright © 2007 Rockwell Automation, Inc. All rights reserved. Insert Photo Here RSLogix 5000 with FactoryTalk Activation Grace Period.
IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components.
IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components.
Pinger and IEPM-BW activity at FNAL By Frank Nagy FTP/CCF Computing Division Fermilab.
IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components.
Chief Accounting Officers Database List A chief accounting officer or a CAO plays a vital role in the organization as he/she is responsible for.
IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components.
Atos in a nutshell CEO: Thierry Breton, since 2009 $12bn annual revenue employees in 72 countries Among Top 7 IT Service Providers WW #2 in ITO.
Global Golf Equipment Market to 2019 The report focuses on global major leading industry players with information such as company profiles, product picture.
Best Sustainable Development Practices for Food Security UV-B radiation: A Specific Regulator of Plant Growth and Food Quality in a Changing Climate The.
Assessment Of The Global Construction Market And Growth Trends In Global Economy, 2021 Published: Apr 2017 Single User PDF: US$ 4950 Order this report.
Higher or Lower? Get your answer right and you earn a point.
Certification CS-100/ CSE-200 /CSC-1
The IECEE Global Motor Energy Efficiency Programme
Six Sigma Total Error Percent Process Sigma 1,000, ,000 10% 2.78
Introduction to The Open Group
Social Norms and Education for English Language Learners
Economic Exports.
Electrification Products
Locations where Black Panther was released in the theaters in 2018.
Citi Virtual Card Accounts – Continued Global Expansion
Sourcing. Costs. HARDWARE + SERVICE
Flags of Countries.
IBM's Geographical Structure and where IBM Global Financing has clients IBM Global Financing, the world's largest IT captive financier, has a total asset.
Flags of Countries.
Electrification business
Presentation transcript:

CyLab Usable Privacy and Security Laboratory C yLab U sable P rivacy and S ecurity Laboratory Statistical Analysis of Phished Users, Intercepted by the APWG/CMU Phishing Education Landing Page Jason Hong, PhD Carnegie Mellon University Wombat Security Technologies May 2010

CyLab Usable Privacy and Security Laboratory 2 User Education is Challenging  Users are not motivated to learn about security  Security is a secondary task  Difficult to teach people to make right online trust decision without increasing false positives “User education is a complete waste of time. It is about as much use as nailing jelly to a wall…. They are not interested…they just want to do their job.” Martin Overton, IBM security specialist

CyLab Usable Privacy and Security Laboratory 3 But Actually, Users Are Trainable  Our research demonstrates that users can learn techniques to protect themselves from phishing… if you can get them to pay attention to training P. Kumaraguru, S. Sheng, A. Acquisti, L. Cranor, and J. Hong. Teaching Johnny Not to Fall for Phish. CyLab Technical Report CMUCyLab07003, 2007.

CyLab Usable Privacy and Security Laboratory 4 How Do We Get People Trained?  Solution – Find “teachable moments”: PhishGuru – Make training fun: AntiPhishing Phil, AntiPhishing Phyllis – Use learning science principles

CyLab Usable Privacy and Security Laboratory 5 PhishGuru Embedded Training  Send s that look like a phishing attack  If recipient falls for it, show intervention that teaches what cues to look for in succinct and engaging format  Multiple user studies have demonstrated that this is effective  Delivering same training via direct is not effective!

Subject: Revision to Your Amazon.com Information

Please login and enter your information

CyLab Usable Privacy and Security Laboratory 9 APWG Landing Page  Taking the “teachable moment” concept one step further  Provide education (instead of 404) when users click on real phishing links and arrive at real phishing sites that have been taken down P. Kumaraguru, L. Cranor, and L. Mather. AntiPhishing Landing Page: Turning a 404 into a Teachable Moment for End Users. CEAS

CyLab Usable Privacy and Security Laboratory 10 How the Landing Page Works  Brand owner or phish site takedown provider identifies phish site  ISP or registrar is asked to redirect disabled phish site to APWG redirect page  Consumer receives phishing and clicks  Consumer is shown APWG education message instead of 404 page – Page available in many languages – Automatic redirect to appropriate language based on browser language code to happen soon

CyLab Usable Privacy and Security Laboratory 11 APWG Landing Page

CyLab Usable Privacy and Security Laboratory 12 Landing Page Data Collection  APWG server logs all requests to landing page – Time stamp – IP address (to determine country) – Language (will redirect to page in user’s language)  We’ve asked sites to embed info in redirect URL to track how people end up on landing page – Original URL taken down – Brand code (optional)  CMU CUPS Lab and Wombat Security Technologies have been analyzing the data

CyLab Usable Privacy and Security Laboratory 13 Lots of noisy data!  20 months of data (Sept 2008-April 2010)  840K hits on 15,000 unique redirected URLs  But this data contains lots of noise – Brand monitors checking up on sites to make sure they stay down – Random web crawlers – People testing landing page – Incorrectly redirected sites  We used heuristics to filter out most of the noise

CyLab Usable Privacy and Security Laboratory 14 Filtering Out the Noise  We filtered the data set by removing: – Hits that don’t identify the original phishing site (brand) – Hits that seem to be for testing only URLs appearing only once IPs that hit multiple URLs per day IPs that hit same URL for more than a month – Hits from bots (e.g., specific IPs, 'bot', 'plurk', etc) – Hits from wonderdogsoftware (server misconfiguration that linked to homepage)  Filtering not perfect – Some noise remains – Improperly redirected sites don’t get counted

CyLab Usable Privacy and Security Laboratory 15 Filtered Data  201,084 hits – estimate of actual would-be phishing victims visiting landing page over 20 month period  1285 unique URLs redirected – Note that this is URLs, not domains  Number of hits per URL varies a lot – URL with most hits after filtering had 17,911 hits – Monthly mean hits per URL typically – Monthly median hits per URL 2-7

CyLab Usable Privacy and Security Laboratory 16

CyLab Usable Privacy and Security Laboratory 17 Analysis of Time  Monitoring time period of each observed URL may give us insights into length of phishing campaigns  Time observed for each URL is number of days between first observation and last observation  Limitations – Our first observation is time when site was redirected; we don’t know how long it was live before being redirected – Some URLs are observed across month boundaries – Once browsers start blocking URL we may not have hits – Some redirects are removed after a period of time

CyLab Usable Privacy and Security Laboratory 18

CyLab Usable Privacy and Security Laboratory 19 April 2010 Top 20 countries hit landing page  United States 11,159  Canada 3,819  United Kingdom 1,790  Netherlands 725  Germany 650  Spain 600  France 470  Japan 452  Australia 449  India 417  Singapore 292  Mexico 238  Egypt 212  NA 184  Russian Federation 184  Austria 174  Sweden 145  China 137  Brazil 126  Norway 101

CyLab Usable Privacy and Security Laboratory 20 Analysis of Brands  7 brands have requested brand codes  Only 2 have shown up in logs  April 2010 brand data – Brand 1 Total Hits: 2715 Total unique URLs: 52 – Brand 2 Total Hits: 370 Total unique URLs: 3  We supplied each brand with a report showing list of their URLs and number of hits for each

CyLab Usable Privacy and Security Laboratory 21 Ongoing Work  Will soon be posting monthly reports at  Redirecting landing page automatically to show correct language (soon)  Encouraging more brands to redirect to landing page – If you sign up for a brand code we can provide you with monthly brand reports –  Continuing to automate log processing, report generation, report distribution

CyLab Usable Privacy and Security Laboratory 22 For more information  Learn how to participate in the initiative:  View the landing page:

C yLab U sable P rivacy and S ecurity Laboratory

CyLab Usable Privacy and Security Laboratory 24 Other countries that sometimes make top 20  Italy  Romania  Czech Republic  Finland  Ireland  India  EU  Turkey  Belgium  Switzerland  Colombia  Israel  Morocco  Saudi Arabia  Argentina  Indonesia  Thailand  Tunisia  Poland  Greece  Korea  Chile  Pakistan

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.