ABSTRACT
Phishing is a cleverly crafted social engineering attack characterized by an attacker imitating a trustworthy source to obtain confidential and private information from a user for malicious purposes. Phishing attacks are primarily carried out via email or other electronic communication channels, affecting both businesses and private individuals. This work focuses only on phishing attacks performed via email. For a successful defense against phishing attacks, the ability to detect phishing is of utmost necessity. Measures to detect phishing can be classified into technical and user-centric. To date, there has been widespread emphasis on technical measures, with little focus on user-centric approaches. Moreover, technical and user-centric measures, taken individually, have shown inherent drawbacks and limited effectiveness. The goal of this work is, for an optimal solution, to develop a solution capturing the interaction of a technical phishing detector and user involvement in the backdrop of behavioral models. This work is focused on explainable AI (XAI). With XAI, presented through the use of LIME and anchor explanations, the aim is to improve the thoughtful cognitive handling of emails, moving a user’s behavior from System 1 to System 2 thinking. The novelty of this work leads to the design of an artifact for detecting phishing emails combining technical and user-centric measures, with the aim of moving a user’s behavior from System 1 to System 2 thinking.
