An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering

Tiantian Qin, Judee K Burgoon

Research output: Chapter in Book/Report/Conference proceedingConference contribution

14 Citations (Scopus)

Abstract

Social engineering (as used by the military or law-enforcement) is the emerging technique for obtaining classified information by interacting and deceiving people who can access that information. Rather than using traditional techniques of attacking the technical shields such as firewalls, many sophisticated computer hackers find that social engineering is more effective and difficult to detect by humans. Why can people not effectively detect social engineering or more specifically, the art of deception? What can be done to augment human abilities for the task? The current findings warrant several possibilities that influence human ability to detect deception. Factors include such things as truth-bias, stereotypical thinking and processing ability. Knowing that human detection ability is limited, we propose a method to automatically detect deception that potentially assists humans. Results show that a system, using discriminant analysis to classify deception performed significantly better than humans in detecting deception. The findings can also be applied to general situations to ensure information authentication-scenarios other than social engineering.

Original languageEnglish (US)
Title of host publicationISI 2007: 2007 IEEE Intelligence and Security Informatics
Pages152-159
Number of pages8
StatePublished - 2007
EventISI 2007: 2007 IEEE Intelligence and Security Informatics - New Brunswick, NJ, United States
Duration: May 23 2007May 24 2007

Other

OtherISI 2007: 2007 IEEE Intelligence and Security Informatics
CountryUnited States
CityNew Brunswick, NJ
Period5/23/075/24/07

Fingerprint

Law enforcement
Discriminant analysis
Authentication
Processing

Keywords

  • Automatic deception detection
  • Social engineering

ASJC Scopus subject areas

  • Computer Science(all)
  • Control and Systems Engineering

Cite this

Qin, T., & Burgoon, J. K. (2007). An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering. In ISI 2007: 2007 IEEE Intelligence and Security Informatics (pp. 152-159). [4258689]

An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering. / Qin, Tiantian; Burgoon, Judee K.

ISI 2007: 2007 IEEE Intelligence and Security Informatics. 2007. p. 152-159 4258689.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Qin, T & Burgoon, JK 2007, An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering. in ISI 2007: 2007 IEEE Intelligence and Security Informatics., 4258689, pp. 152-159, ISI 2007: 2007 IEEE Intelligence and Security Informatics, New Brunswick, NJ, United States, 5/23/07.
Qin T, Burgoon JK. An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering. In ISI 2007: 2007 IEEE Intelligence and Security Informatics. 2007. p. 152-159. 4258689
@inproceedings{217449625a5d40ad82c501eaa164677e,
title = "An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering",
abstract = "Social engineering (as used by the military or law-enforcement) is the emerging technique for obtaining classified information by interacting and deceiving people who can access that information. Rather than using traditional techniques of attacking the technical shields such as firewalls, many sophisticated computer hackers find that social engineering is more effective and difficult to detect by humans. Why can people not effectively detect social engineering or more specifically, the art of deception? What can be done to augment human abilities for the task? The current findings warrant several possibilities that influence human ability to detect deception. Factors include such things as truth-bias, stereotypical thinking and processing ability. Knowing that human detection ability is limited, we propose a method to automatically detect deception that potentially assists humans. Results show that a system, using discriminant analysis to classify deception performed significantly better than humans in detecting deception. The findings can also be applied to general situations to ensure information authentication-scenarios other than social engineering.",
keywords = "Automatic deception detection, Social engineering",
author = "Tiantian Qin and Burgoon, {Judee K}",
year = "2007",
language = "English (US)",
isbn = "1424413303",
pages = "152--159",
booktitle = "ISI 2007: 2007 IEEE Intelligence and Security Informatics",

}

TY - GEN

T1 - An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering

AU - Qin, Tiantian

AU - Burgoon, Judee K

PY - 2007

Y1 - 2007

N2 - Social engineering (as used by the military or law-enforcement) is the emerging technique for obtaining classified information by interacting and deceiving people who can access that information. Rather than using traditional techniques of attacking the technical shields such as firewalls, many sophisticated computer hackers find that social engineering is more effective and difficult to detect by humans. Why can people not effectively detect social engineering or more specifically, the art of deception? What can be done to augment human abilities for the task? The current findings warrant several possibilities that influence human ability to detect deception. Factors include such things as truth-bias, stereotypical thinking and processing ability. Knowing that human detection ability is limited, we propose a method to automatically detect deception that potentially assists humans. Results show that a system, using discriminant analysis to classify deception performed significantly better than humans in detecting deception. The findings can also be applied to general situations to ensure information authentication-scenarios other than social engineering.

AB - Social engineering (as used by the military or law-enforcement) is the emerging technique for obtaining classified information by interacting and deceiving people who can access that information. Rather than using traditional techniques of attacking the technical shields such as firewalls, many sophisticated computer hackers find that social engineering is more effective and difficult to detect by humans. Why can people not effectively detect social engineering or more specifically, the art of deception? What can be done to augment human abilities for the task? The current findings warrant several possibilities that influence human ability to detect deception. Factors include such things as truth-bias, stereotypical thinking and processing ability. Knowing that human detection ability is limited, we propose a method to automatically detect deception that potentially assists humans. Results show that a system, using discriminant analysis to classify deception performed significantly better than humans in detecting deception. The findings can also be applied to general situations to ensure information authentication-scenarios other than social engineering.

KW - Automatic deception detection

KW - Social engineering

UR - http://www.scopus.com/inward/record.url?scp=34748869064&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34748869064&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:34748869064

SN - 1424413303

SN - 9781424413300

SP - 152

EP - 159

BT - ISI 2007: 2007 IEEE Intelligence and Security Informatics

ER -