Ecole d'ingénieur et centre de recherche en Sciences du numérique

Insights into user behavior in dealing with internet attacks

Onarlioglu, Kaan; Ozan Yilmaz, Utku; Balzarotti, Davide; Kirda, Engin

NDSS 2012, 19th Annual Network and Distributed System Security Symposium, February 5-8, 2012, San Diego, USA

The Internet is a lucrative medium for criminals targeting Internet users. Most common Internet attacks require some form of user interaction such as clicking on an exploit link. Hence, the problem at hand is not only a technical one, but it also has a strong human aspect. Although the security community has proposed many technical solutions to common attacks, the behavior of users when they face current threats, and the way they evaluate the security implications of their actions remain largely unexplored. In this paper we describe an online experiment platform we built for testing the behavior of users when they are confronted with prevalent, concrete attack scenarios such as reflected cross-site scripting, session fixation, and file sharing scams. We conducted experiments with 164 Internet users with diverse backgrounds. Our findings suggest that many non-technical users can exhibit performance comparable to security experts at averting relatively simple threats that they are frequently exposed to in everyday life. They can do so solely by following their intuition, without actually perceiving the severity of the threat. However, when facing more sophisticated attacks, these non-technical users often rely on misleading cues such as the "size" and "length" of artifacts (e.g., URLs), and hence, fail to protect themselves. We also show that trick banners that are common in file sharing websites and shortened URLs have high success rates of deceiving non-technical users, thus posing a severe security risk.

Document Bibtex

Titre:Insights into user behavior in dealing with internet attacks
Type:Conférence
Langue:English
Ville:San Diego
Pays:ÉTATS-UNIS
Date:
Département:Sécurité numérique
Eurecom ref:3553
Copyright: © ISOC. Personal use of this material is permitted. The definitive version of this paper was published in NDSS 2012, 19th Annual Network and Distributed System Security Symposium, February 5-8, 2012, San Diego, USA and is available at :
Bibtex: @inproceedings{EURECOM+3553, year = {2012}, title = {{I}nsights into user behavior in dealing with internet attacks }, author = {{O}narlioglu, {K}aan and {O}zan {Y}ilmaz, {U}tku and {B}alzarotti, {D}avide and {K}irda, {E}ngin}, booktitle = {{NDSS} 2012, 19th {A}nnual {N}etwork and {D}istributed {S}ystem {S}ecurity {S}ymposium, {F}ebruary 5-8, 2012, {S}an {D}iego, {USA} }, address = {{S}an {D}iego, {\'{E}}{TATS}-{UNIS}}, month = {02}, url = {http://www.eurecom.fr/publication/3553} }
Voir aussi: