acm-header
Sign In

Communications of the ACM

ACM TechNews

Polymorphic Security Warnings More Effective Than Same, Static Ones


View as: Print Mobile App Share:
Polymorphic warning design variants.

A team of researchers has determined that polymorphic security warnings make computer users more likely to pay attention and not dismiss them outright.

Credit: Net-Security.org

Polymorphic security warnings help reduce habituation in the brain, making computer users more likely to pay attention and not dismiss them outright, according to researchers from Brigham Young University, the University of Pittsburgh, and Google.

Polymorphic security warnings also slow the rate of habituation, the researchers found.

The team used functional magnetic resonance imaging to study the effectiveness of polymorphic security warnings.

The most effective polymorphic variations were warnings with animation, with windows that repeatedly changed colors, and those that used symbols.

The researchers note their work demonstrates neuroscience can be useful to security. "Because automatic or unconscious mental processes underlie much of human cognition and decision making, they likely play an important role in a number of other security behaviors, such as security education, training, and awareness SETA programs, password use, and information security policy compliance," the researchers say. "Additionally, neuroscience methods have the potential to lead to the development of more complete behavioral security theories and guide the design of more effective security interventions."

From Help Net Security
View Full Article - May Require Free Registration

 

Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account