Usable Secure Email Through Short-Lived Keys

Monson, Tyler Jay

01 October 2017

Participants from recent secure email user studies have expressed a need to use secure email tools only a few times a year. At the same time, Internet users are expressing concerns over the permanence of personal information on the Internet. Support for short-lived keys has the potential to address both of these problems. However, the short-lived keys usability and security space is underdeveloped and unexplored. In this thesis, we present an exploration of the short-lived keys usability and security design space. We implement both a short-lived keys and a long-term keys secure email prototype. With these two prototypes, we conduct a within-subjects user study. Results from our study show that participants believe the short-lived keys prototype is more secure and more trusted. Participants also provide feedback on what they want in a system supporting short-lived keys. They also discuss how concerned they are about the permanence of their information on the Internet and on their devices.

short-lived keys

secure email

usability

user study

information permanence

privacy

end-to-end encryption

Computer Sciences

Email load and stress impact on susceptibility to phishing and scam emails

Rozentals, Emils

January 2021

How does the email load and stress affect the susceptibility to phishing and scam emails? The study was conducted with a Qualitative research approach. Semi-structured interviews were selected for the data gathering. Thematic Analysis was used to analyze Empirical data. This research studied if a high email load affects the likelihood of falling victim to phishing and scam attacks. Research was studied through a theoretical lens of stress, since high email load is subjective for each individual and stress rate can show better how people are perceiving their email load. Findings suggest that high email load for the majority of people in this study, does increase the susceptibility towards phishing and scam emails. Furthermore, those people with higher email load who are processing their emails heuristically evaluated their stress rates higher than those with high email load who are processing their emails systematically. Therefore, the results indicate that there is a relation between high email load, stress and susceptibility to phishing and scam emails. In this study, it was found that majority of respondents described high stress as a factor that played a role in their susceptibility of falling victim to phishing and scam emails.

phishing

scam

email load

stress

workload

COVID-19

Computer Sciences

Datavetenskap (datalogi)

Information Systems

Umělé imunitní systémy pro detekci spamů / Artificial Immune Systems for Spam Detection

Hohn, Michal

January 2011

This work deals with creating a hybrid system based on the aggregation of artificial immune system with appropriate heuristics to make the most effective spam detection. This work describes the main principles of biological and artificial immune system and conventional techniques to detect spam including several classifiers. The developed system is tested using well known database corpuses and a comparison of the final experiments is made.

Obsahová analýza řetězových e-mailů vztahujících se k prezidentským kandidátům / Content analysis of chain e-mails related to presidential candidates

Tunová, Zuzana

January 2021

This thesis aims to provide analysis of chain emails during the second direct presidential election in the Czech Republic. The main goal of this work is to set out a semiotic analysis in order to provide detailed research of emails related to both candidates Miloš Zeman and Jiří Drahoš. The chain emails usually using a specific linguistic terms and persuasive procedures. Therefore, the attention will be paid mainly to linguistic and persuasive procedures which are identified. In order to examine the phenomenon the theoretical framework will be based on several key words and terms such as: chain emails, disinformation, hoax, semiotics, etc. Aforementioned, this work is aiming to provide a detailed overview of chain mails. In order to address the topic, I will approach the political background within the media context to present solid foundational analysis, which will conduct disinformation topics.

Women “Auto” Write Differently: A Case Study of Feminist Rhetorical Practices in Professional Email Communication in the Automotive Industry

Chia, Chieh Ting Evelyn

30 May 2019

No description available.

Communication

Rhetoric

Womens Studies

feminist rhetorical studies

women in leadership

leadership

email communication

professional writing

digital communication

automotive

autoethnography

case study

Recognizing and Defending Against Phishing Attacks in Large Organizations

Mayrany, Matay

January 2023

As technology keeps integrating further into our personal and professional lives, digital security is a growing concern for our individual and public safety. Email phishing is the most common attack vector, often utilized by malicious actors to trick victims into taking irresponsible actions that benefit the attackers. Phishing attacks targeting large organizations have demonstrated the ability to incur costs that reach great magnitudes. Justifiably, many organizations invest in defense solutions against such attacks. This research investigates the different attack and defense strategies that can affect the success rates for phishing attacks. A retrospective data analysis is performed, on the interaction data of employees with simulated training campaigns, at an organization running a security training program for the last three years, and survey and interview studies with the employees are conducted. The results show that personal qualities such as attachment to the organization, and technological ability have an effect on the employees’ susceptibility to phishing attacks. Attack strategies which exploit human emotions, such as fear through the use of authority, and curiosity through the use of current events, are effective at inducing higher interaction rates. Educational training programs are deemed successful at reducing the employees’ susceptibility to phishing attacks. However, such programs should be implemented carefully to avoid resource waste and produce the sought after results. We determine that a holistic defense strategy should combine multiple security layers, by utilizing technical solutions such as email filters to reduce the number of attempts that are viewed by the employees, with well designed educational solutions, such as the training programs, to reduce the number of interactions with phishing emails, and reporting features to mitigate the potential losses incurred from successful attacks. / Allteftersom teknik upptar en större plats i våra liv blir digital säkerhet en växande fråga för samhällets säkerhet. Nätfiske via e-post är den vanligaste attackvektorn i cyberattacker. Nätfiskekampanjer riktade mot större organisationer har visat sig kunna åstadkomma stora kostnader. Detta orsakar många organisationer att investera pengar ämnade till försvar mot nätfiskeattacker. Den här forskningen undersöker möjliga attackstrategier som används för nätfiskeattacker samt deras framgång, och de olika försvarsåtgärderna som organisationer kan ta. Data från ett IT företag över hur dess anställda påverkas och interagerar med ett säkerhetsutbildningsprogram över 3 års tid, samt enkät och intervjustudier analyseras. Resultaten visar att personliga egenskaper som engagemang för företaget och teknisk förmåga påverkar de anställdas mottaglighet för nätfiskeattacker. Attackstrategier som spelar på känslor, såsom rädsla genom användning av auktoritet, eller nyfikenhet genom användning av aktuella händelser, är effektiva. Säkerhetsutbildningar påvisas vara ett framgångsrikt sätt att minska de anställdas mottaglighet för nätfiskeattacker. Utbildningarna bör dock implementeras noggrant för att undvika resursslöseri och för att försäkra deras effektivitet. Forskningen fastställer att en holistisk försvarsstrategi bör kombinera flera säkerhetslager, genom att använda tekniska lösningar som e-postfilter för att minska antalet försök som de anställda utsätts för, med väldesignade utbildningslösningar för att minska mottagligheten till nätfiske-e-postmeddelanden, och rapporteringsfunktioner för att minska effektiviteten av framgångsrika attacker.

Security

Email

Phishing

Social Engineering

Educational Training Programs

Säkerhet

e-post

nätfiske

social teknik

utbildningsprogram

Computer and Information Sciences

Data- och informationsvetenskap

The consumer attitude towards AI in marketing : An experimental study of consumers attitudes and purchase intention

Eickhoff, Frida, Zhevak, Leonid

January 2023

The use of AI has developed during the recent decades, and the application of it within different markets is continually growing. The application of it within marketing comes with different benefits that allow businesses to engage with the consumer and build a stronger relationship. The more AI is becoming applied in marketing, the more important it is to understand the consumers attitude towards its usage and effect of it on consumer purchase intention. The purpose of this study is to explore the effect of consumer attitudes towards AI- generated content within email marketing on purchasing intention. Theory of planned behavior and diffusion of innovations theory are applied to formulate the hypotheses. The research was conducted using a quantitative method in an experimental context. An online survey divided into two parts was developed and distributed to participants in Sweden in ages from 18 and above. A total of 114 respondents were recorded in the first survey and of those, 71 respondents were recorded in the second survey. The data was then analyzed in SPSS. The results from the survey showed the element of compatibility within the theory of diffusion of innovation having a significant and positive effect on consumers attitude towards AI-usage in marketing. The relationship between the observability element and attitude was found to be non-significant. Additionally, no significant difference was found when comparing the experimental group and the control group. Lastly, attitude towards AI was found to have a significant and positive effect on purchasing intention in the experimental group.

AI in marketing

diffusion of Innovation theory

consumer attitudes

Theory of planned behaviour

purchase intention

email marketing

Business Administration

Företagsekonomi

Improving Filtering of Email Phishing Attacks by Using Three-Way Text Classifiers

Trevino, Alberto

13 March 2012

The Internet has been plagued with endless spam for over 15 years. However, in the last five years spam has morphed from an annoying advertising tool to a social engineering attack vector. Much of today's unwanted email tries to deceive users into replying with passwords, bank account information, or to visit malicious sites which steal login credentials and spread malware. These email-based attacks are known as phishing attacks. Much has been published about these attacks which try to appear real not only to users and subsequently, spam filters. Several sources indicate traditional content filters have a hard time detecting phishing attacks because the emails lack the traditional features and characteristics of spam messages. This thesis tests the hypothesis that by separating the messages into three categories (ham, spam and phish) content filters will yield better filtering performance. Even though experimentation showed three-way classification did not improve performance, several additional premises were tested, including the validity of the claim that phishing emails are too much like legitimate emails and the ability of Naive Bayes classifiers to properly classify emails.

email

spam filtering

phish

phishing attacks

support vector machines

maximum entropy

naive bayes

bayesian filters

Information Security

Email classification using machine learning algorithms

Jonsson, Isak

January 2022

The goal of this project is to construct a machine learning algorithmthat improves over time. This was done by first constructing a datasetthat reflects real world messages, that would simulate receiving emailsfrom two different sources. The data set was constructed by combiningdata from two different online forums. Two application programminginterrfaces were used to collect and send data to the program. Thedataset was tested on 4 different methods where the best one would beused for the final product. The 4 different methods were: k-nearestneighbors, adaptive boosting, random forest and artificial neuralnetwork. All the above methods were tested and tuned to achieve the bestaccuracy. From the result it became clear that the artificial neuralnetwork outperformed the other methods by a large margin and would bemost suited for the final product. The final product was an algorithmthat would improve over time. This was achieved by using a feedback loopon the new data that was collected over time from the online forums. Ifthe algorithm was sure that a new datapoint was the right class it wouldincorporate it into the dataset and over time the dataset would growlarger and the algorithm would adapt to new data and trends. The finalresult became a growing dataset that started on a 1000 data points andended up at 8464 data points, where the total amount ofmisclassification ended up at 74.

Machine learning

artificial neural networks

email classification

Annan elektroteknik och elektronik

An AI-based System for Assisting Planners in a Supply Chain with Email Communication

Dantu, Sai Shreya Spurthi, Yadlapalli, Akhilesh

January 2023

Background: Communication plays a crucial role in supply chain management (SCM) as it facilitates the flow of information, materials, and goods across various stages of the supply chain. In the context of supply planning, each planner manages thousands of supply chain entities and spends a lot of time reading and responding to high volumes of emails related to part orders, delays, and backorders that can lead to information overload and hinder workflow and decision-making. Therefore, streamlining communication and enhancing email management are essential for optimizing supply chain efficiency. Objectives: This study aims to create an automated system that can summarize email conversations between planners, suppliers, and other stakeholders. The goal is to increase communication efficiency using Natural Language Processing (NLP) algorithms to extract important information from lengthy conversations. Additionally, the study will explore the effectiveness of using conditional random fields (CRF) to filter out irrelevant content during preprocessing. Methods: We chose four advanced pre-trained abstractive dialogue summarization models, BART, PEGASUS, T5, and CODS, and evaluation metrics, ROUGE and BERTScore, to compare their performance in effectively summarizing our email conversations. We used CRF to preprocess raw data from around 400 planner-supplier email conversations to extract important sentences in a dialogue format and label them with specific dialogue act tags. We then manually summarized the 400 conversations and fine-tuned the four chosen models. Finally, we evaluated the models using ROUGE and BERTScore metrics to determine their similarity to human references. Results: The results show that the performance of the summarization models has significantly improved after fine-tuning the models with domain-specific data. The BART model achieved the highest ROUGE-1 score of 0.65, ROUGE-L score of 0.56, and BERTScore of 0.95 compared to other models. Additionally, CRF-based preprocessing proved to be crucial in extracting essential information and minimizing unnecessary details for the summarization process. Conclusions: This study shows that advanced NLP techniques can make supply chain communication workflows more efficient. The BART-based email summarization tool that we created showed great potential in giving important insights and helping planners deal with information overload.

Email Thread Summarization

Natural Language Processing (NLP)

Dialogue Summarization

Conditional Random Field (CRF)

Supply Chain Communication.

Computer Sciences

Datavetenskap (datalogi)