Report finds humans spot malware with an 88% accuracy rate
Additional tools like Task Manager can help them identify it even more.
There are still some pretty common misconceptions surrounding certificates.
A new report from researchers at the University of Guelph and the University of Waterloo has uncovered a slight improvement in human detection of potential cybersecurity threats but has warned we’re still missing too many signs.
The small study of 36 participants (split equally between basic, intermediate, and advanced PC users) had them face six separate software samples, half of which included malware, with varying levels of assistance.
The participants already successfully scored an 88% malware detection accuracy when faced with the potential threats, but this improved even more to 94% with the use of an enhanced Task Manager interface, showing details like CPU usage, network activity, and file access.
Humans aren’t too bad at detecting malware
Despite relatively strong detection, the researchers observed three key misconceptions.
Users commonly misinterpreted the UAC shield icon as a sign of security while also demonstrating a lack of understanding of digital certificates. They also noted an overtrust in file names and interface aesthetics.
Users’ detection techniques varied depending on their experience levels, with basic users relying heavily on superficial cues like icons, typos, and aesthetics. Intermediate users were able to improve their accuracy with additional system data, but advanced users often took a backward step by over-analyzing threats, leading to false positives.
Are you a pro? Subscribe to our newsletter. Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features, and guidance your business needs to succeed! Contact me with news and offers from other Future brands. Receive email from us on behalf of our trusted partners or sponsors.
In this particular test, the researchers were able to identify 25 separate secondary indicators users use to determine whether something is a threat or not, on top of four primary indicators.
One of the paper’s limitations mentions the fact that the participants knew they were looking to identify malware – unsuspecting victims downloading files from the web aren’t often so lucky to have a heads-up.
Still, the research is especially valuable for developers, who can use the findings to tweak their software “to eradicate misconceptions and improve security-related interfaces and notifications.”
Original Author: Craig Hale | Source: TechRadar
