IMPROVING PHISHING REPORTING IN HIGHER EDUCATION: A USER-CENTERED DESIGN APPROACH
Author
Whitaker, Rachel Mei LeeIssue Date
2024Advisor
Rahaman, Sazzadur
Metadata
Show full item recordPublisher
The University of Arizona.Rights
Copyright © is held by the author. Digital access to this material is made possible by the University Libraries, University of Arizona. Further transmission, reproduction or presentation (such as public display or performance) of protected items is prohibited except with permission of the author.Abstract
Phishing attacks are a persistent cybersecurity challenge, leveraging human psychology and technological gaps to exploit unsuspecting users. Higher education institutions (HEIs) face unique vulnerabilities due to their decentralized structures, diverse user populations, and dynamic environments. This literature review examines existing phishing reporting technologies in HEIs, highlighting deficiencies in usability, user engagement, and systemic support. Despite advancements in automated detection and awareness training, user interaction with reporting tools remains underexplored, limiting their effectiveness. Drawing on research and practical experience at the University of Arizona's Security Operations Center (SOC), this work identifies key barriers to phishing reporting, including inconsistent interfaces, psychological deterrents, and limited user knowledge. It emphasizes the importance of user-centered design in reporting mechanisms, proposing that intuitive, accessible tools (such as single-button reporting systems) can significantly enhance user participation and institutional defenses. The study also evaluates behavioral and demographic factors influencing phishing susceptibility and reporting, noting gaps in targeted awareness initiatives. To address these challenges, a two-phase experiment is proposed, combining surveys and focus groups to analyze user interactions with phishing reporting systems. This approach seeks to uncover actionable insights for improving reporting rates and cybersecurity outcomes. By bridging the gap between technical solutions and user behaviors, this research contributes to the development of effective phishing mitigation strategies tailored to the needs of HEIs. Its findings have broader implications, offering a framework for enhancing user engagement and institutional resilience in combating phishing across diverse sectors.Type
Electronic Thesistext
Degree Name
B.S.Degree Level
bachelorsDegree Program
Computer ScienceHonors College