Ontology-Based Intelligent Interface Personalization for Protection Against Phishing Attacks

Abstract

Millions of users on the Internet have fallen into phishing website traps. Detection tools are designed to warn users against such attacks, but often fail to achieve this purpose. One crucial reason behind this is that users rarely have a chance to interact and build a relationship with a detection tool that stealthily runs at the backend. A warning message on a rarely seen interface from such a tool hardly inspires users’ trust in its authenticity and accuracy. In this study, we propose an ontology-based intelligent interface personalization (OBIIP) design for the warning interfaces of phishing website detection tools. We first constructed an ontology of warning interface elements (OWIE), which is a comprehensive knowledgebase for warning interface design. We then used OWIE in the design and creation of an OBIIP prototype and assessed it in a laboratory experiment and an online experiment. The results show the significant value of OBIIP in improving users’ performance in terms of self-protection against website phishing attacks and building a stronger relationship with the detection tool in terms of trust in and use of the tool.