By Topic

Eye tracking analysis of browser security indicators

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Darwish, A. ; Comput. Sci. & Eng. Dept., American Univ. of Sharjah, Sharjah, United Arab Emirates ; Bataineh, E.

Understanding the natural human behavior when people interact with Web browsers is essential for building more user-centric interface design that is customized based on user's perception and experience. This paper presents the first empirical study of users' interaction with security indicators in Web browsers in a controlled real life security risk. The work focuses on the natural and spontaneous behavior of the victim's eyes on several predetermined area of interest, and empirically presents users' evaluation of several online logon pages. The experiment and its results provide a quantitative evidence of the usability of visual security indicators in Internet Explorer (IE8). We first categorized a set of Websites and created phishing Web Pages using most known phishing techniques, and then a group of users from different backgrounds and age groups took the controlled experiment on an eye tracking machine. We found that the simplicity approach in Web design causes more damage rather than helping in online security, and that the current sleek design of Web pages helps users find the logon area and overlook the security indicators instead. We also found that the security certificate cue was not used by the participants to determine the legitimacy of the presented Websites.

Published in:

Computer Systems and Industrial Informatics (ICCSII), 2012 International Conference on

Date of Conference:

18-20 Dec. 2012