Developing Personalized Training Material using AI Tools for Anti-phishing Cyber-security Awareness

Dimitrios Lappas; Panagiotis Karampelas

doi:10.5281/zenodo.14512877

Authors

Dimitrios Lappas University of the Aegean Author https://orcid.org/0000-0001-7914-5656
Panagiotis Karampelas Hellenic Air Force Academy Author https://orcid.org/0000-0003-1684-7612

DOI:

https://doi.org/10.5281/zenodo.14512877

Keywords:

Anti-phishing Training, ChatGPT, Cybersecurity

Abstract

The increasing availability of smart devices and seamless internet connectivity has led cyber criminals to continuously target mobile workers and commuters, aiming to steal their personal data or digital identities. The most popular methods of such attacks are phishing and spear phishing emails. With the advent of AI tools, phishing techniques are expected to become more sophisticated, making them more difficult for anti-phishing tools to detect and more personalized due to AI's ability to customize email content for specific victims. As a result, traditional anti-phishing training will soon become obsolete. Motivated by this gap, we propose a novel anti-phishing training intervention that focuses on personalized training for company employees. This approach involves automatically preparing personalized spear phishing emails for each employee using an AI tool. This method helps employees better identify potential spear phishing emails in the future and understand the severity of the personal information exposed on their social media profiles.

Author Biographies

Dimitrios Lappas, University of the Aegean

Dimitrios Lappas -University of the Aegean; PhD (c); [email protected]; tel: +306947453811; ORCID [0000-0001-7914-5656]
Panagiotis Karampelas , Hellenic Air Force Academy

Panagiotis Karampelas-Hellenic Air Force Academy; PhD; [email protected]; tel: +306944661646; ORCID [0000-0003-1684-7612]

References

Cash, K. (1983). Designing and using simulation for training. Technical Note, 20, Massachusetts Univ.: Amherst.

Dewey, J. (1915). The Subject-Matter of Metaphysical Inquiry. The Journal of Philosophy, Psychology and Scientific Methods, 12(13), 337-345.

Gagne, R. (1975) Essentials of learning for instruction. New York: Dryden.

Hara, M., Yamada, A., & Miyake, Y. (2009). Visual similarity-based phishing detection without victim site information. In 2009 IEEE Symposium on Computational Intelligence in Cyber Security (pp. 30-36). IEEE.

Jagatic, T. N., (2007). Johnson, N. A., Jakobsson, M., & Menczer, F. Social phishing. Communications of the ACM, 50(10), 94-100.

Kumaraguru, P., Sheng, S., Magnien, B., Acquisti, A., Cranor, L. F., Hong, J., & Nunge, E. (2007). Anti-phishing Phil: the design and evaluation of a game that teaches people not to fall for phish. In Proceedings of the 3rd symposium on Usable privacy and security (pp. 88-99).

Khonji, M., Iraqi, Y., & Jones, A. (2013). Phishing detection: a literature survey. IEEE Communications Surveys & Tutorials, 15(4), 2091-2121.

Kolb, D. A. (1984). Experiential Learning: Experience as the Source of Learning and Development. Englewood Cliffs, NJ: Prentice Hall.

Lappas, D. & Karampelas, P. (2023). Designing an Email Attack by Analysing the Victim’s Profile. An Alternative Anti-Phishing Training Method. In n Proceedings of the 22nd European Conference on Cyber Warfare and Security, Athens, Greece, 22 - 23 June 2023.

Lave, J. (2010). Teaching, as Learning, in Practice. Journal Title, Pages 149-164. Published online: 10 Jun 2010.

Lee, S., (1987). Case Studies in Business Computing, Hutchinson, London.

Md, A. Q., Jaiswal, D., Daftari, J., Haneef, S., Iwendi, C., & Jain, S. K. (2022). Efficient Dynamic Phishing Safeguard System Using Neural Boost Phishing Protection. Electronics, 11(19), 3133.

Merrill, D. M. (2002). First principles of instruction, Educational Technology Research and Development, 50(3), 43–59.

Naidu, S. (2007). Instructional designs for distance education. In M. G. Moore (ed.), Handbook of Distance Education (2nd edition) (pp. 247–258), Lawrence Erlbaum, Mahwah, New Jersey.

Quadir, A., Md, A., et al. (2022). Efficient Dynamic Phishing Safeguard System Using Neural Boost Phishing Protection. MDPI Electronics.

Riesbeck, C. (1981) Failure-Driven Reminding for Incremental Learning. In Proceedings of the International Joint Conference on Artificial Intelligence (IJCAI), 115-120.

Romiszowski, P. & Stockmayer, W. H. (1984). Effect of variable excluded volume on dynamics of lattice chains.

Roepke, R., Koehler, K., Drury, V., Schroeder, U., Wolf, M. R., & Meyer, U. (2020). A pond full of phishing games-analysis of learning games for anti-phishing education. In International Workshop on Model-Driven Simulation and Training Environments for Cybersecurity (pp. 41-60). Springer, Cham.

Vayansky, I., & Kumar, S. (2018). Phishing–challenges and solutions. Computer Fraud & Security, 2018(1), 15-20.

Fry, R., & Kolb, D. (1979). Experiential Learning Theory and Learning Experiences in Liberal Arts Education. Service Learning, General, 109.

Wash, R. (2020). How experts detect phishing scam emails. Proceedings of the ACM on Human-Computer Interaction, 4(CSCW2), 1-28.

Wolfe, D. E., & Byrne, E. T. (1975). Research on Experiential Learning: Enhancing the Process.

Developing Personalized Training Material using AI Tools for Anti-phishing Cyber-security Awareness

Authors

DOI:

Keywords:

Abstract

Author Biographies

References

Published

Issue

Section

License

How to Cite

Similar Articles

Information

Similar Articles

Effectiveness versus legality of anti-smog drones

Diamond flight training system. DART project

Development of training methods in aviation

Composites technology in aviation

Identification of hazards resulting from performing patrol flights over power lines

Safely integrating crew aviation and unmanned aviation in the polish sky

EVOLUTION OF SAFETY CULTURE IN CIVIL AVIATION

Warehousing for a Greener Tomorrow: Innovations in Logistics Sustainability

Fake news in the socio-economic environment in the context of the war in Ukraine