Good news - humans are getting better at spotting malware...but we're still pretty bad at it

News
By published

Turns out humans can spot malware pretty well

Cybersecurity ensures data protection on internet. Data encryption, firewall, encrypted network, VPN, secure access and authentication defend against malware, hacking, cyber crime and digital threat
(Image credit: Shutterstock)
  • Report finds humans spot malware with an 88% accuracy rate
  • Additional tools like Task Manager can help them identify it even more
  • There are still some pretty common misconceptions surrounding certificates

A new report from researchers at the University of Guelph and the University of Waterloo has uncovered a slight improvement in human detection of potential cybersecurity threats, but has warned we're still missing too many signs.

The small study of 36 participants (split equally between basic, intermediate and advanced PC users) had them face six separate software samples, half of which included malware, with varying levels of assistance.

The participants already successfully scored an 88% malware detection accuracy when faced with the potential threats, but this improved even more to 94% with the use of an enhanced Task Manager interface, showing details like CPU usage, network activity and file access.

Humans aren't too bad at detecting malware

Despite relatively strong detection, the researchers observed three key misconceptions.

Users commonly misinterpreted the UAC shield icon as a sign of security while also demonstrating a lack of understanding of digital certificates. They also noted an overthrust in file names and interface aesthetics.

Users' detection techniques varied depending on their experience levels, with basic users relying heavily on superficial cues like icons, typos and aesthetics.

Intermediate users were able to improve their accuracy with additional system data, but advanced users often took a backwards step by over-analyzing threats, leading to false positives.

In this particular test, the researchers were able to identify 25 separate secondary indicators users use to determine whether something is a threat or not, on top of four primary indicators.

One of the paper's limitations mentions the fact that the participants knew they were looking to identify malware – unsuspecting victims downloading files from the web aren't often so lucky to have a heads-up.

Still, the research is especially valuable for developers, who can use the findings to tweak their software "to eradicate misconceptions and improve security related interfaces and notifications."

You might also like

TOPICS
Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.