New study suggests that critical thinking and technical literacy are as important as cybersecurity software
When it comes to cybersecurity, humans are often seen as the weakest link, but new research suggests that with a little help, people can do a surprisingly effective job at identifying malware.
In a first-of-its-kind study, researchers from the Cheriton School of Computer Science teamed up with University of Guelph cybersecurity experts to test how users, ranging from tech novices to experts, can respond to real-time legitimate and malicious software download requests in a simulated office setting.
“Most existing malware research analyzes ‘after action’ reports, that is, investigations into what went wrong after a successful attack,” said Daniel Vogel, a Professor at the Cheriton School of Computer Science and a co-author of the study. “Our study, which featured novice, intermediate and expert users, is the first malware research to observe user strategies in real time.”
Three-dozen participants received messages from fake coworkers in a Microsoft Teams-like environment, prompting them to download and install various programs. Participants had full control over whether to install the software and could research their choices however they liked.
In the initial trial, users identified malware with 75 per cent accuracy. Novice users were right 68 per cent of the time, while expert users achieved 81 per cent accuracy.
“It was interesting how novice users sometimes flagged legitimate software as malware due to a typo or poor interface design yet missed real malware when the clue was unusual system behaviour, like high processor usage,” said Brandon Lit, a PhD student at the Cheriton School of Computer Science and the lead author of the study.