An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering

Tiantian Qin; Judee K. Burgoon

doi:10.1109/isi.2007.379548

An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering

Tiantian Qin, Judee K. Burgoon

Management of Information, Center for

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

15 Scopus citations

Abstract

Social engineering (as used by the military or law-enforcement) is the emerging technique for obtaining classified information by interacting and deceiving people who can access that information. Rather than using traditional techniques of attacking the technical shields such as firewalls, many sophisticated computer hackers find that social engineering is more effective and difficult to detect by humans. Why can people not effectively detect social engineering or more specifically, the art of deception? What can be done to augment human abilities for the task? The current findings warrant several possibilities that influence human ability to detect deception. Factors include such things as truth-bias, stereotypical thinking and processing ability. Knowing that human detection ability is limited, we propose a method to automatically detect deception that potentially assists humans. Results show that a system, using discriminant analysis to classify deception performed significantly better than humans in detecting deception. The findings can also be applied to general situations to ensure information authentication-scenarios other than social engineering.

Original language	English (US)
Title of host publication	ISI 2007
Subtitle of host publication	2007 IEEE Intelligence and Security Informatics
Publisher	IEEE Computer Society
Pages	152-159
Number of pages	8
ISBN (Print)	1424413303, 9781424413300
DOIs	https://doi.org/10.1109/isi.2007.379548
State	Published - Jan 1 2007
Event	ISI 2007: 2007 IEEE Intelligence and Security Informatics - New Brunswick, NJ, United States Duration: May 23 2007 → May 24 2007

Publication series

Name	ISI 2007: 2007 IEEE Intelligence and Security Informatics

Other

Other	ISI 2007: 2007 IEEE Intelligence and Security Informatics
Country	United States
City	New Brunswick, NJ
Period	5/23/07 → 5/24/07

Keywords

Automatic deception detection
Social engineering

ASJC Scopus subject areas

Computer Science(all)
Control and Systems Engineering

Access to Document

10.1109/isi.2007.379548

Fingerprint Dive into the research topics of 'An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering'. Together they form a unique fingerprint.

Cite this

Qin, T., & Burgoon, J. K. (2007). An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering. In ISI 2007: 2007 IEEE Intelligence and Security Informatics (pp. 152-159). [4258689] (ISI 2007: 2007 IEEE Intelligence and Security Informatics). IEEE Computer Society. https://doi.org/10.1109/isi.2007.379548

An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering. / Qin, Tiantian; Burgoon, Judee K.

ISI 2007: 2007 IEEE Intelligence and Security Informatics. IEEE Computer Society, 2007. p. 152-159 4258689 (ISI 2007: 2007 IEEE Intelligence and Security Informatics).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Qin, T & Burgoon, JK 2007, An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering. in ISI 2007: 2007 IEEE Intelligence and Security Informatics., 4258689, ISI 2007: 2007 IEEE Intelligence and Security Informatics, IEEE Computer Society, pp. 152-159, ISI 2007: 2007 IEEE Intelligence and Security Informatics, New Brunswick, NJ, United States, 5/23/07. https://doi.org/10.1109/isi.2007.379548

@inproceedings{217449625a5d40ad82c501eaa164677e,

title = "An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering",

abstract = "Social engineering (as used by the military or law-enforcement) is the emerging technique for obtaining classified information by interacting and deceiving people who can access that information. Rather than using traditional techniques of attacking the technical shields such as firewalls, many sophisticated computer hackers find that social engineering is more effective and difficult to detect by humans. Why can people not effectively detect social engineering or more specifically, the art of deception? What can be done to augment human abilities for the task? The current findings warrant several possibilities that influence human ability to detect deception. Factors include such things as truth-bias, stereotypical thinking and processing ability. Knowing that human detection ability is limited, we propose a method to automatically detect deception that potentially assists humans. Results show that a system, using discriminant analysis to classify deception performed significantly better than humans in detecting deception. The findings can also be applied to general situations to ensure information authentication-scenarios other than social engineering.",

keywords = "Automatic deception detection, Social engineering",

author = "Tiantian Qin and Burgoon, {Judee K.}",

year = "2007",

month = jan,

day = "1",

doi = "10.1109/isi.2007.379548",

language = "English (US)",

isbn = "1424413303",

series = "ISI 2007: 2007 IEEE Intelligence and Security Informatics",

publisher = "IEEE Computer Society",

pages = "152--159",

booktitle = "ISI 2007",

note = "ISI 2007: 2007 IEEE Intelligence and Security Informatics ; Conference date: 23-05-2007 Through 24-05-2007",

}

TY - GEN

T1 - An investigation of heuristics of human judgment in detecting deception and potential implications in countering social engineering

AU - Qin, Tiantian

AU - Burgoon, Judee K.

PY - 2007/1/1

Y1 - 2007/1/1

N2 - Social engineering (as used by the military or law-enforcement) is the emerging technique for obtaining classified information by interacting and deceiving people who can access that information. Rather than using traditional techniques of attacking the technical shields such as firewalls, many sophisticated computer hackers find that social engineering is more effective and difficult to detect by humans. Why can people not effectively detect social engineering or more specifically, the art of deception? What can be done to augment human abilities for the task? The current findings warrant several possibilities that influence human ability to detect deception. Factors include such things as truth-bias, stereotypical thinking and processing ability. Knowing that human detection ability is limited, we propose a method to automatically detect deception that potentially assists humans. Results show that a system, using discriminant analysis to classify deception performed significantly better than humans in detecting deception. The findings can also be applied to general situations to ensure information authentication-scenarios other than social engineering.

AB - Social engineering (as used by the military or law-enforcement) is the emerging technique for obtaining classified information by interacting and deceiving people who can access that information. Rather than using traditional techniques of attacking the technical shields such as firewalls, many sophisticated computer hackers find that social engineering is more effective and difficult to detect by humans. Why can people not effectively detect social engineering or more specifically, the art of deception? What can be done to augment human abilities for the task? The current findings warrant several possibilities that influence human ability to detect deception. Factors include such things as truth-bias, stereotypical thinking and processing ability. Knowing that human detection ability is limited, we propose a method to automatically detect deception that potentially assists humans. Results show that a system, using discriminant analysis to classify deception performed significantly better than humans in detecting deception. The findings can also be applied to general situations to ensure information authentication-scenarios other than social engineering.

KW - Automatic deception detection

KW - Social engineering

UR - http://www.scopus.com/inward/record.url?scp=34748869064&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34748869064&partnerID=8YFLogxK

U2 - 10.1109/isi.2007.379548

DO - 10.1109/isi.2007.379548

M3 - Conference contribution

AN - SCOPUS:34748869064

SN - 1424413303

SN - 9781424413300

T3 - ISI 2007: 2007 IEEE Intelligence and Security Informatics

SP - 152

EP - 159

BT - ISI 2007

PB - IEEE Computer Society

T2 - ISI 2007: 2007 IEEE Intelligence and Security Informatics

Y2 - 23 May 2007 through 24 May 2007

ER -