TY - CHAP
T1 - ADVERT
T2 - Defending against Reactive Attention Attacks
AU - Huang, Linan
AU - Zhu, Quanyan
N1 - Publisher Copyright:
© 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2023
Y1 - 2023
N2 - Following the definition in Sect. 1.2.3.2, phishing can be a typical class of reactive attention attacks that exploit inattention to evade detection. This chapter proposes ADVERT, a human-technical solution that generates adaptive visual aids in real-time to prevent users from inadvertence and reduce their susceptibility to phishing attacks. Based on eye-tracking data, we extract visual states and attention states as system-level sufficient statistics to characterize the user’s visual behaviors and attention status. By adopting a data-driven approach and two learning feedback of different time scales, this work lays out a theoretical foundation to analyze, evaluate, and particularly modify humans’ attention processes while they vet and recognize phishing emails. We corroborate the effectiveness, efficiency, and robustness of ADVERT through a case study based on the data set collected from human subject experiments conducted at New York University. The results show that the visual aids can statistically increase the attention level and improve the accuracy of phishing recognition from 74.6% to a minimum of 86%. The meta-adaptation can further improve the accuracy to 91.5% (resp. 93.7%) in less than 3 (resp. 50) tuning stages.
AB - Following the definition in Sect. 1.2.3.2, phishing can be a typical class of reactive attention attacks that exploit inattention to evade detection. This chapter proposes ADVERT, a human-technical solution that generates adaptive visual aids in real-time to prevent users from inadvertence and reduce their susceptibility to phishing attacks. Based on eye-tracking data, we extract visual states and attention states as system-level sufficient statistics to characterize the user’s visual behaviors and attention status. By adopting a data-driven approach and two learning feedback of different time scales, this work lays out a theoretical foundation to analyze, evaluate, and particularly modify humans’ attention processes while they vet and recognize phishing emails. We corroborate the effectiveness, efficiency, and robustness of ADVERT through a case study based on the data set collected from human subject experiments conducted at New York University. The results show that the visual aids can statistically increase the attention level and improve the accuracy of phishing recognition from 74.6% to a minimum of 86%. The meta-adaptation can further improve the accuracy to 91.5% (resp. 93.7%) in less than 3 (resp. 50) tuning stages.
KW - Attention management
KW - Bayesian optimization
KW - Eye tracking
KW - Phishing mitigation
KW - Reactive attention vulnerability
KW - Reinforcement learning
UR - http://www.scopus.com/inward/record.url?scp=85161805194&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85161805194&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-30709-6_5
DO - 10.1007/978-3-031-30709-6_5
M3 - Chapter
AN - SCOPUS:85161805194
T3 - SpringerBriefs in Computer Science
SP - 67
EP - 83
BT - SpringerBriefs in Computer Science
PB - Springer
ER -