Empirical analysis of weapons of influence, life domains, and demographic-targeting in modern spam: an age-comparative perspective

Springer Science and Business Media LLC - 2019

Daniela Oliveira¹, Tian Lin², Harold A Rocha², Donovan M. Ellis², Sandeep Dommaraju³, Huizi Yang¹, Devon Weir², Sebastián Marín², Natalie C. Ebner²

¹Department of Electrical and Computer Engineering University of Florida, Gainesville, FL, USA

²Department of Psychology, University of Florida, Gainesville, FL, USA

³Department of Computer & Information Science & Engineering, Gainesville, FL, USA

Tóm tắt

Từ khóa

Tài liệu tham khảo

Akbar, N. (2014). Analysing Persuasion principles in phishing emails. Master’s thesis, University of Twente.

Benenson, Z., Gassmann, F., & Landwirth, R. (2017). Unpacking spear phishing susceptibility. Financial Cryptography and Data Security Workshops, 1–17.

Caputo, D. D., Pfleeger, S. L., Freeman, J. D., & Johnson, M. E. (2014). Going spear phishing: Exploring embedded training and awareness. IEEE Security & Privacy, 12(1), 28–38.

Cialdini, R. B. (2006). Influence—The psychology of Persuasion (1st ed.). New York: Harper Business.

Downs, J.S., Holbrook, M.B., & Cranor, L.F. (2006). Decision strategies and susceptibility to phishing. Symposium on Usable Privacy and Security (SOUPS).

Drucker, H., Wu, D., & Vapnik, V. N. (1999). Support vector machines for spam categorization. IEEE Transactions on Neural Networks, 10(5), 1048–1054. https://doi.org/10.1109/72.788645 .

Edwards, B., Hofmeyr, S., Forrest, S., & van Eeten, M. (2015). Analyzing and modeling longitudinal security data: Promise and pitfalls. In: Proceedings of the 31st annual computer security applications conference. ACSAC 2015 (pp. 391–400). New York, NY, USA: ACM. https://doi.org/10.1145/2818000.2818010 .

FBI. Fraud against Seniors. https://www.fbi.gov/scams-and-safety/common-fraud-schemes/seniors .

Ferreira, A., & Lenzini, G. (2015). An analysis of social engineering principles in effective phishing. Workshop on Socio-Technical Aspects in Security and Trust (STAST).

Fette, I., Sadeh, N., & Tomasic, A. (2007). Learning to detect phishing emails. In: Proceedings of the 16th international conference on World Wide Web (pp. 649–656). ACM.

Gragg, D. (2003). A multi-level defense against social engineering. SANS Reading Room, 13.

Gravetter, F., & Wallnau, L. (2009). Statistics for the behavioral sciences (8th ed.). Independence: Cengage Learning.

Hadnagy, C. (2010). Social engineering: The art of human hacking. Hoboken: Wiley.

Hao, S., Syed, N. A., Feamster, N., Gray, A. G., & Krasser, S. (2009). Detecting spammers with snare: Spatio-temporal network-level automatic reputation engine. In: Proceedings of the 18th conference on USENIX security symposium. SSYM’09 (pp. 101–118). Berkeley, CA, USA: USENIX Association. http://dl.acm.org/citation.cfm?id=1855768.1855775 .

Johnson, M. (1990). Age differences in decision making: A process methodology for examining strategic information processing. Journal of Gerontology: Psychological Sciences, 45(2), 75–78.

Kanich, C., Kreibich, C., Levchenko, K., Enright, B., Voelker, G.M., Paxson, V., & Savage, S. (2008). Spamalytics: An empirical analysis of spam marketing conversion. In: Proceedings of the 15th ACM conference on computer and communications security. CCS ’08 (pp. 3–14). New York, NY, USA: ACM. https://doi.org/10.1145/1455770.1455774 .

Kanich, C., Weavery, N., McCoy, D., Halvorson, T., Kreibichy, C., Levchenko, K., Paxson, V., Voelker, G.M., & Savage, S. (2011). Show me the money: Characterizing spam-advertised revenue. In: Proceedings of the 20th USENIX conference on security. SEC’11 (pp. 15–15). Berkeley, CA, USA: USENIX Association. http://dl.acm.org/citation.cfm?id=2028067.2028082 .

Kumaraguru, P. (2009). Phishguru: A system for educating users about semantic attacks (PhD Thesis), Carnegie Mellon University.

Kumaraguru, P., Rhee, Y., Acquisti, A., Cranor, L.F., Hong, J., & Nunge, E. (2007). Protecting people from phishing: the design and evaluation of an embedded training email system. In: Proceedings of the SIGCHI conference on human factors in computing systems (pp. 905–914). ACM.

Kumaraguru, P., Sheng, S., Acquisti, A., Cranor, L. F., & Hong, J. (2010). Teaching johnny not to fall for phish. ACM Transactions on Internet Technology (TOIT), 10(2), 7.

Lauricella, T.: If you’re over 50, you’re a scam target. The Wall Street Journal. http://www.wsj.com/articles/if-youre-over-50-youre-a-scam-target-1412467756 .

Mata, R., Josef, A. K., Samanez-Larkin, G. R., & Hertwig, R. (2011a). Age differences in risky choice: A meta-analysis. Annals of the New York Academy of Sciences, 1235, 18–29.

Mata, R., Josef, A., Samanez-Larkin, G., & Hertwig, R. (2011b). Age differences in risky choice: A meta-analysis. New York: New York Academy of Sciences.

Mather, M. (2006). When I’m 64—A review of decision-making processes: Weighing the risks and benefits of aging. Washington, DC: The National Academies Press.

Meyer, T. A., & Whateley, B. (2005). Spambayes: Effective open-source, bayesian based, email classification system. In: Proceedings of the first conference on email and anti-spam. CEAS.

Mitnick, K., Simonand, W. L., & Wozniak, S. (2002). The art of deception: Controlling the human element of security. Hoboken: Wiley.

Oliveira, D., Rocha, H., Yang, H., Ellis, D., Dommaraju, S., Muradoglu, M., Weir, D., Soliman, A., Lin, T., & Ebner, N. (2017). Dissecting spear phishing emails for older vs young adults: On the interplay of weapons of influence and life domains in predicting susceptibility to phishing. In: Proceedings of the 2017 CHI conference on human factors in computing systems. CHI ’17 (pp. 6412–6424). New York, NY, USA: ACM. https://doi.org/10.1145/3025453.3025831 .

Ortiz, P. (2010). Machine learning techniques for persuasion detection in conversation. Master’s thesis, Naval Post Graduate School.

Pitsillidis, A., Levchenko, K., Kreibich, C., Kanich, C., Voelker, G.M., Paxson, V., Weaver, N., & Savage, S. (2010). Botnet judo: Fighting spam with itself. In: Proceedings of the network and distributed system security symposium, NDSS 2010. San Diego, California, USA, 28th February–3rd March 2010.

Ramachandran, A., Feamster, N., & Vempala, S. (2007). Filtering spam with behavioral blacklisting. In: Proceedings of the 14th ACM conference on computer and communications security. CCS ’07 (pp. 342–351). New York, NY, USA: ACM. https://doi.org/10.1145/1315245.1315288 .

Redmiles, E.M., Chachra, N., & Waismeyer, B. (2018). Examining the demand for spam: Who clicks? In: Proceedings of the 2018 CHI conference on human factors in computing systems. CHI’18.

Reed, A. E., Chan, L., & Mikels, J. A. (2014). Meta-analysis of the age-related positivity effect: Age differences in preferences for positive over negative information. Psychology and Aging, 1, 1–15.

Saldana, J. (2012). The coding manual for qualitative researchers. Thousand Oaks: SAGE Publications.

Schindler, I., Staudinger, U. M., & Nesselroade, J. R. (2006). Development and structural dynamics of personal life investment in old age. Psychology and Aging, 21, 737–753.

Schwartz, A. (2004). SpamAssassin. Sebastopol: O’Reilly Media, Inc.

Sculley, D., & Wachman, G. M. (2007). Relaxed online svms for spam filtering. In: Proceedings of the 30th annual international ACM SIGIR conference on research and development in information retrieval. SIGIR ’07 (pp. 415–422). New York, NY, USA: ACM. https://doi.org/10.1145/1277741.1277813 .

Sheng, S., Wardman, B., Warner, G., Cranor, L.F., Hong, J., & Zhang, C. (2009). An empirical analysis of phishing blacklists. CEAS—Sixth conference on email and anti-Spam.

Sheng, S., Magnien, B., Kumaraguru, P., Acquisti, A., Cranor, L.F., Hong, J., & Nunge, E. (2007). Anti-phishing phil: the design and evaluation of a game that teaches people not to fall for phish. In: Proceedings of the 3rd symposium on usable privacy and security (pp. 88–99). ACM.

Stajano, F., & Wilson, P. (2011). Understanding scam victims: Seven principles for systems security. Communications of ACM, 54(3), 70–75.

Stone-Gross, B., Holz, T., Stringhini, G., & Vigna, G. (2011). The underground economy of spam: A botmaster’s perspective of coordinating large-scale spam campaigns. In: Proceedings of the 4th USENIX conference on large-scale exploits and emergent threats. LEET’11 (pp. 4–4). Berkeley, CA, USA: USENIX Association. http://dl.acm.org/citation.cfm?id=1972441.1972447 .

Stringhini, G., Holz, T., Stone-Gross, B., Kruegel, C., & Vigna, G. (2011). Botmagnifier: Locating spambots on the internet. In: Proceedings of the 20th USENIX conference on security. SEC’11 (pp. 28–28). Berkeley, CA, USA: USENIX Association. http://dl.acm.org/citation.cfm?id=2028067.2028095 .

Stringhini, G., Egele, M., Zarras, A., Holz, T., Kruegel, C., & Vigna, G. (2012). B@bel: Leveraging email delivery for spam mitigation. In: Presented as Part of the 21st USENIX Security Symposium (USENIX Security 12) (pp. 16–32). Bellevue, WA: USENIX. https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/stringhini .

Stringhini, G., Hohlfeld, O., Kruegel, C., & Vigna, G. (2014). The harvester, the botmaster, and the spammer: On the relations between the different actors in the spam landscape. In: Proceedings of the 9th ACM symposium on information, computer and communications security. ASIA CCS ’14 (pp. 353–364). New York, NY, USA: ACM. https://doi.org/10.1145/2590296.2590302 .

Symantec (2017). Symantec security report 2017. Retrieved June, 05, 2017, from https://www.symantec.com/security-center/threat-report .

Taylor, B. (2006). Sender reputation in a large webmail service. In: Conference on email and anti-SPAM. CEAS.

Tentoria, K., Oshersonb, D., Hasherc, L., & May, C. (2001). Wisdom and aging: Irrational preferences in college students but not older adults. Amsterdam: Elsevier Science.

Toolbar, N.: Netcraft Ltd. https://toolbar.netcraft.com/ .

Uebelacker, S., & Quiel, S. (2014). The social engineering personality framework. Workshop on Socio-Technical Aspects in Security and Trust (STAST).

Verhaeghen, P. (2003). Aging and vocabulary score: A meta-analysis. Psychology and Aging, 18(2), 332–339.

Verhaeghen, P., & Salthouse, T. A. (1997). Meta-analyses of age-cognition relations in adulthood: Estimates of linear and nonlinear age effects and structural models. Psychological Bulletin, 122(3), 231–249.

Wong, J. C., & Solon, O. (2017). Massive ransomware cyber-attack hits nearly 100 countries around the world. Retrieved June, 05, 2017, from https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-nsa-uk-nhs .

Workman, M. (2007). Gaining access with social engineering: An empirical study of the threat. Information Systems Security, 16(6), 315–331.

Xie, Y., Yu, F., Achan, K., Panigrahy, R., Hulten, G., & Osipkov, I. (2008). Spamming botnets: Signatures and characteristics. ACM SIGCOMM Computer Communication Review, 38(4), 171–182. https://doi.org/10.1145/1402946.1402979 .

Zhang, Y., Egelman, S., Cranor, L., & Hong, J. (2006). Phinding phish: Evaluating anti-phishing tools. Reston: ISOC.

Scholar Hub - Công cụ hỗ trợ trích dẫn và phân tích khoa học Việt Nam

Về chúng tôi

Scholar Hub là công cụ hỗ trợ trích dẫn và phân tích các bài báo, công bố khoa học Việt Nam. Công cụ trợ giúp người nghiên cứu, tạp chí, đơn vị nghiên cứu tra cứu, phân tích và thống kê dữ liệu nghiên cứu khoa học tại Việt Nam và quốc tế.
ScholarHub KHÔNG đăng thông tin tổng hợp, KHÔNG đăng lại nội dung từ các trang báo chí Việt Nam hoặc trang thông tin điện tử khác tại Việt Nam.

Thông tin, cập nhật

Đăng ký Tạp chí tham gia vào Scholar Hub

Phản hồi ý kiến về Scholar Hub

Bài viết, nội dung cập nhật

Chủ đề khoa học

Website liên kết

Hệ thống CSDL Khoa học & Công nghệ

Phần mềm kiểm tra trùng lặp Kiểm Tra Tài Liệu

Phần mềm xuất bản tạp chí điện tử VOJS

Nền tảng trắc nghiệm và đề thi đa lĩnh vực LetQA