Phishing Awareness via Game-Based Learning
Argianto Rahartomo, Ahmed Tareq Ali Ghaleb, Mohammad Ghafari
TL;DR
This paper presents a game-based learning tool using a serious game with dynamic content to improve user awareness and confidence against various phishing attacks, demonstrating significant effectiveness in a user study.
Contribution
It introduces a novel serious game leveraging Large Language Models and dynamic gameplay features to enhance phishing awareness, which is a new approach in cybersecurity education.
Findings
Participants showed a 24% increase in phishing awareness.
Participants' confidence in avoiding phishing increased by 30%.
The game effectively improved user knowledge and confidence in phishing prevention.
Abstract
The increased use of digital devices and applications has led to a rise in phishing attacks. We develop a serious game to raise awareness about phishing attacks and help people avoid these threats in a risk-free learning environment. This game targets three types of phishing-clone phishing, SMS phishing, and spear phishing-and uses a Large Language Model to generate dialogues and questions dynamically. It also incorporates state randomization and time-limited challenges to enhance the gameplay. We evaluated two groups of participants and found that those who played the game showed, on average, a 24% increase in awareness and a 30% boost in confidence.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSpam and Phishing Detection · Misinformation and Its Impacts