مقاله انگلیسی رایگان در مورد درجه بندی اعتماد مصنوعات خودکار امنیت IT: – الزویر ۲۰۲۱
مشخصات مقاله | |
ترجمه عنوان مقاله | درجه بندی اعتماد به مصنوعات خودکار امنیت IT: مطالعه چند دامنه ای فیشینگ – ابزار تشخیص وبسایت |
عنوان انگلیسی مقاله | Trust calibration of automated security IT artifacts: A multi-domain study of phishing-website detection tools |
انتشار | مقاله سال ۲۰۲۱ |
تعداد صفحات مقاله انگلیسی | ۱۶ صفحه |
هزینه | دانلود مقاله انگلیسی رایگان میباشد. |
پایگاه داده | نشریه الزویر |
نوع نگارش مقاله |
مقاله پژوهشی (Research Article) |
مقاله بیس | این مقاله بیس میباشد |
نمایه (index) | Scopus – Master Journals List – JCR |
نوع مقاله | ISI |
فرمت مقاله انگلیسی | |
ایمپکت فاکتور(IF) |
۸٫۹۴۰ در سال ۲۰۲۰ |
شاخص H_index | ۱۶۲ در سال ۲۰۲۱ |
شاخص SJR | ۲٫۱۴۷ در سال ۲۰۲۰ |
شناسه ISSN | ۰۳۷۸-۷۲۰۶ |
شاخص Quartile (چارک) | Q1 در سال ۲۰۲۰ |
فرضیه | ندارد |
مدل مفهومی | دارد |
پرسشنامه | ندارد |
متغیر | دارد |
رفرنس | دارد |
رشته های مرتبط | فناوری اطلاعات، کامپیوتر |
گرایش های مرتبط | رایانش امن، اینترنت و شبکه های گسترده، امنیت اطلاعات |
نوع ارائه مقاله |
ژورنال |
مجله | اطلاعات و مدیریت – Information & Management |
دانشگاه | Florida International University, United States |
کلمات کلیدی | درجه بندی اعتماد، امنیت خودکار IT، وبسایت های فیشینگ، ابزار تشخیص، اعتماد به IT |
کلمات کلیدی انگلیسی | Trust calibration, Automated security IT, Phishing websites, Detection tools, Trust in IT |
شناسه دیجیتال – doi |
https://doi.org/10.1016/j.im.2020.103394 |
کد محصول | E15531 |
وضعیت ترجمه مقاله | ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید. |
دانلود رایگان مقاله | دانلود رایگان مقاله انگلیسی |
سفارش ترجمه این مقاله | سفارش ترجمه این مقاله |
فهرست مطالب مقاله: |
Abstract Keywords ۱٫ Introduction ۲٫ Literature review ۳٫ Theoretical framework ۴٫ Model of trust calibration for phishing-website detection tools ۵٫ Research methodology ۶٫ Scale development and data collection ۷٫ Analysis and results ۸٫ Discussion ۹٫ Theoretical and practical implications ۱۰٫ Limitations and future research directions Acknowledgements Appendix A. Supplementary data References Vitae |
بخشی از متن مقاله: |
Abstract Phishing websites become a critical cybersecurity threat affecting individuals and organizations. Phishing-website detection tools are designed to protect users against such sites. Nevertheless, detection tools face serious user trust and suboptimal performance issues which require trust calibration to align trust with the tool’s capabilities. We employ the theoretical framework of automation trust and reliance as a kernel theory to develop the trust calibration model for phishing-website detection tools. We test the model using a controlled lab experiment. The results of our analysis show that users’ trust in detection tools can be calibrated by trust calibrators. Moreover, users’ calibrated trust has significant consequences, including users’ tool reliance, use, and performance against phishing websites. ۱٫ Introduction Phishing websites victimize millions of Internet users, exacting significant monetary losses and social costs for individuals and organizations [[1], [2], [3]]. An FBI announcement showed that phishing rendered $26 billion damage over a three-year period from 2016 to 2019 [4]. About $1.1 million per hour is lost to phishing attacks [5]. Phishing websites come in two forms: spoof and concocted. Spoof sites mimic existing, generally well-known websites to engage in identity theft or malware dissemination [6,7]. Concocted sites are fictional websites designed to conduct social engineering, fraudulent online advertising, or black-hat search engine optimization-based attacks for monetary gains or malware propagations. Both categories of phishing websites have serious implications for Internet users and organizations, such as damaging brand equity and increasing customer churn rates [6]. Concocted websites also frequently appear in top-ranked search results [8] and routinely disseminate malware to unsuspecting site visitors [9]. Phishing-website detection tools protect users against such sites. These detection tools belong to a subcategory of IT called automated security IT and are defined as a type of security IT that uses certain mechanisms to automatically classify an event/objective as normal or malicious [10] while allowing users to make the final security decision [11]. There are many phishing-website detection tools, but reports indicate that users often ignore or disuse their advice [12,13]. A survey of Internet users found that 60 % of respondents do not use the web browsers’ built-in phishing-website detection tools [14]. Many users rely solely on intuition to judge the credibility of a website despite the fact that spoof rates can be as high as 33 %–۴۵ % when users rely on their own mental model [9,15,16]. While research shows that user accuracy in detecting phishing websites is much lower than the accuracy of the detection tools [1], the rate of ignoring certain types of warnings in some browsers (e.g., SSL warnings) can be as high as 60 % [17]. These results suggest that detection tools face serious trust issues in users. Addressing these issues demands a novel approach to investigate user trust vis-à-vis characteristics of detection tools. |