Using Eyetracker to Find Ways to Mitigate Ransomware

Budi Arief, Andy Periam, Orcun Cetin, Julio Hernandez-Castro

Abstract

Ransomware is a form of malware designed to prevent access to data by either locking out the victims from their system or encrypting some or all of their files until a ransom has been paid to the attacker. Victims would know that they had been hit by ransomware because a ransom demand (splash screen) would be displayed on their compromised device. This study aims to identify key user interface features of ransomware splash screens and see how these features affect victims’ likelihood to pay, and how this information may be used to create more effective countermeasures to mitigate the threat of ransomware. We devised an experiment that contained three broad types of splash screens (Text, Time-Sensitive Counter, and Other). A total of nine splash screens were shown to each participant, from which data on the participants’ eye behaviour were collected. After each splash screen, participants were also asked a set of questions that would help describe their experience and be cross-referenced with the eye tracking data to aid analysis. Our experiment collected quantitative eye tracker data and qualitative data regarding willingness to pay from 25 participants. Several key components of the splash screens such as the text, logo, images, and technical information were analysed. Comments from the participants on whether they would pay the ransom or not, and the reasons behind their decision were also recorded. We found that there is no clear indication that one type of splash screen would have a higher chance of success with regard to ransom payment. Our study revealed that there are some characteristics in splash screens that would strongly discourage some victims from paying. Further investigation will be carried out in this direction, in order to design and develop more effective countermeasures to ransomware.

Download


Paper Citation


in Harvard Style

Arief B., Periam A., Cetin O. and Hernandez-Castro J. (2020). Using Eyetracker to Find Ways to Mitigate Ransomware.In Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-399-5, pages 448-456. DOI: 10.5220/0008956004480456


in Bibtex Style

@conference{icissp20,
author={Budi Arief and Andy Periam and Orcun Cetin and Julio Hernandez-Castro},
title={Using Eyetracker to Find Ways to Mitigate Ransomware},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2020},
pages={448-456},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0008956004480456},
isbn={978-989-758-399-5},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Using Eyetracker to Find Ways to Mitigate Ransomware
SN - 978-989-758-399-5
AU - Arief B.
AU - Periam A.
AU - Cetin O.
AU - Hernandez-Castro J.
PY - 2020
SP - 448
EP - 456
DO - 10.5220/0008956004480456