{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T04:49:08Z","timestamp":1755838148001,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":82,"publisher":"ACM","license":[{"start":{"date-parts":[[2008,7,15]],"date-time":"2008-07-15T00:00:00Z","timestamp":1216080000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2008,7,15]]},"DOI":"10.1145\/1600176.1600178","type":"proceedings-article","created":{"date-parts":[[2009,9,8]],"date-time":"2009-09-08T12:53:09Z","timestamp":1252414389000},"page":"1-14","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":31,"title":["Security and usability"],"prefix":"10.1145","author":[{"given":"Mohammad","family":"Mannan","sequence":"first","affiliation":[{"name":"Carleton University, Ottawa, Ontario, Canada"}]},{"given":"P. C.","family":"van Oorschot","sequence":"additional","affiliation":[{"name":"Carleton University, Ottawa, Ontario, Canada"}]}],"member":"320","published-online":{"date-parts":[[2008,7,15]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/322796.322806"},{"volume-title":"Symposium on Security for Asia Network (SyScan)","year":"2007","author":"Aitel J.","key":"e_1_3_2_1_2_1"},{"key":"e_1_3_2_1_3_1","unstructured":"ArsTechnica.com. Half of Americans clueless about online threats. News article (Aug. 14 2007). ArsTechnica.com. Half of Americans clueless about online threats. News article (Aug. 14 2007)."},{"volume-title":"EICAR","year":"2006","author":"Aycock J.","key":"e_1_3_2_1_4_1"},{"journal-title":"News. Malware 'hijacks Windows Updates'. News article","year":"2007","author":"BBC","key":"e_1_3_2_1_5_1"},{"volume-title":"USENIX Workshop on Hot Topics in Security (HotSec)","year":"2006","author":"Bellissimo A.","key":"e_1_3_2_1_6_1"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2006.63"},{"key":"e_1_3_2_1_8_1","unstructured":"Beskerming.com. How the online trust model is broken - the BankOfIndia.com attack. News article (Aug. 31 2007). Beskerming.com. How the online trust model is broken - the BankOfIndia.com attack. News article (Aug. 31 2007)."},{"volume-title":"Cranor and S. Garfinkel. O'Reilly","year":"2005","author":"Bishop M.","key":"e_1_3_2_1_9_1"},{"key":"e_1_3_2_1_10_1","unstructured":"J. Blascovich. Mind games: A psychological analysis of common email scams. McAfee Avert Labs white paper (June 25 2007). http:\/\/www.mcafee.com\/us\/local_content\/white_papers\/wp_mind_games_en.pdf. J. Blascovich. Mind games: A psychological analysis of common email scams. McAfee Avert Labs white paper (June 25 2007). http:\/\/www.mcafee.com\/us\/local_content\/white_papers\/wp_mind_games_en.pdf."},{"key":"e_1_3_2_1_11_1","first-page":"w3","author":"CA Virus Information Center","year":"2005","journal-title":"Grams.I"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/820745.821124"},{"key":"e_1_3_2_1_13_1","unstructured":"CNET.com. TJX says 45.7 million customer records were compromised. News article (Mar. 29 2007). CNET.com. TJX says 45.7 million customer records were compromised. News article (Mar. 29 2007)."},{"key":"e_1_3_2_1_14_1","unstructured":"Commtouch.com. Malware outbreak trend report: Storm-Worm. Online article (Jan. 31 2007). http:\/\/www.commtouch.com\/downloads\/Storm-Worm_MOTR.pdf. Commtouch.com. Malware outbreak trend report: Storm-Worm. Online article (Jan. 31 2007). http:\/\/www.commtouch.com\/downloads\/Storm-Worm_MOTR.pdf."},{"volume-title":"'07)","key":"e_1_3_2_1_15_1"},{"volume-title":"'05)","key":"e_1_3_2_1_16_1"},{"key":"e_1_3_2_1_17_1","unstructured":"DarkReading.com. Antivirus tools underperform when tested in LinuxWorld 'Fight Club'. News article (Aug. 9 2007). DarkReading.com. Antivirus tools underperform when tested in LinuxWorld 'Fight Club'. News article (Aug. 9 2007)."},{"volume-title":"USENIX Security Symposium","year":"1996","author":"Davis D.","key":"e_1_3_2_1_18_1"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1124772.1124861"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1143120.1143131"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2007.558"},{"key":"e_1_3_2_1_22_1","unstructured":"Entrust.com. Katrina scams show browser security model is broken. Entrust blog (Sep. 9 2005). Entrust.com. Katrina scams show browser security model is broken. Entrust blog (Sep. 9 2005)."},{"key":"e_1_3_2_1_23_1","unstructured":"eWeek.com. Microsoft patches causing breakages lockups. News article (Apr. 17 2006). eWeek.com. Microsoft patches causing breakages lockups. News article (Apr. 17 2006)."},{"key":"e_1_3_2_1_24_1","unstructured":"eWeek.com. Microsoft says recovery from malware becoming impossible. News article (Apr. 4 2006). eWeek.com. Microsoft says recovery from malware becoming impossible. News article (Apr. 4 2006)."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242661"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1143120.1143127"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/954373.954374"},{"key":"e_1_3_2_1_28_1","unstructured":"Globe and Mail. globeandmail.com: Mary Kirwan. News article (Nov. 16 2006). http:\/\/www.theglobeandmail.com\/servlet\/story\/RTGAM.20061116.gtkirwan1116\/BNStory\/Technology\/home. Globe and Mail. globeandmail.com: Mary Kirwan. News article (Nov. 16 2006). http:\/\/www.theglobeandmail.com\/servlet\/story\/RTGAM.20061116.gtkirwan1116\/BNStory\/Technology\/home."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065907.1066032"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.5555\/1785594.1785637"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"crossref","unstructured":"J. Heasman. Implementing and detecting a PCI rootkit. White paper (Nov. 15 2006). http:\/\/www.ngssoftware.com. J. Heasman. Implementing and detecting a PCI rootkit. White paper (Nov. 15 2006). http:\/\/www.ngssoftware.com.","DOI":"10.1016\/S1353-4858(06)70326-9"},{"key":"e_1_3_2_1_32_1","first-page":"11","author":"Hertzum M.","year":"2004","journal-title":"Australasian Journal of Information Systems"},{"volume-title":"IFIP Security Conference","year":"2007","author":"Herzogl A.","key":"e_1_3_2_1_33_1"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.5555\/1785594.1785633"},{"volume-title":"Networking and Mobile Computing","year":"2005","author":"Jin N.","key":"e_1_3_2_1_35_1"},{"volume-title":"Workshop on the Economics of Information Security (WEIS)","year":"2007","author":"Johnson M. E.","key":"e_1_3_2_1_36_1"},{"volume-title":"Cranor and S. Garfinkel. O'Reilly","year":"2005","author":"Just M.","key":"e_1_3_2_1_37_1"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2003.1174449"},{"journal-title":"Virus News","year":"2006","author":"Malicious","key":"e_1_3_2_1_39_1"},{"key":"e_1_3_2_1_40_1","unstructured":"Keynote.com. Online banking critical to bank selection and brand perception. Press release (Jan. 6 2005). Keynote.com. Online banking critical to bank selection and brand perception. Press release (Jan. 6 2005)."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.38"},{"key":"e_1_3_2_1_42_1","unstructured":"MacDevCenter.com. How Paris got hacked? News article (Feb. 22 2005). MacDevCenter.com. How Paris got hacked? News article (Feb. 22 2005)."},{"key":"e_1_3_2_1_43_1","unstructured":"McAfee and National Cyber Security Alliance (NCSA). McAfee-NCSA online safety study Oct. 2007. McAfee and National Cyber Security Alliance (NCSA). McAfee-NCSA online safety study Oct. 2007."},{"key":"e_1_3_2_1_44_1","unstructured":"Microsoft. Password checker. http:\/\/www.microsoft.com\/athome\/security\/privacy\/password_checker.mspx. Microsoft. Password checker. http:\/\/www.microsoft.com\/athome\/security\/privacy\/password_checker.mspx."},{"key":"e_1_3_2_1_45_1","unstructured":"Microsoft Support. Detailed installation walkthrough for Windows XP Service Pack 2. http:\/\/support.microsoft.com. Microsoft Support. Detailed installation walkthrough for Windows XP Service Pack 2. http:\/\/support.microsoft.com."},{"key":"e_1_3_2_1_46_1","unstructured":"J. Milletary. Technical trends in phishing attacks. US-CERT Reading room article http:\/\/www.us-cert.gov. J. Milletary. Technical trends in phishing attacks. US-CERT Reading room article http:\/\/www.us-cert.gov."},{"key":"e_1_3_2_1_47_1","unstructured":"National Post. Watchdog pushed CIBC on lost file. News article (Jan. 26 2007). http:\/\/www.canada.com. National Post. Watchdog pushed CIBC on lost file. News article (Jan. 26 2007). http:\/\/www.canada.com."},{"key":"e_1_3_2_1_48_1","unstructured":"Netcraft.com. Bank customers spar over phishing losses. News article (Sep. 13 2006). Netcraft.com. Bank customers spar over phishing losses. News article (Sep. 13 2006)."},{"key":"e_1_3_2_1_49_1","unstructured":"Netcraft.com. More than 450 phishing attacks used SSL in 2005. News article (Dec. 28 2005). Netcraft.com. More than 450 phishing attacks used SSL in 2005. News article (Dec. 28 2005)."},{"key":"e_1_3_2_1_50_1","unstructured":"Netcraft.com. MySpace accounts compromised by phishers. News article (Oct. 27 2006). Netcraft.com. MySpace accounts compromised by phishers. News article (Oct. 27 2006)."},{"volume-title":"Fourth Edition (July","year":"2007","author":"New Zealand Bankers' Association (NZBA).","key":"e_1_3_2_1_51_1"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/1056808.1057001"},{"volume-title":"Cranor and S. Garfinkel. O'Reilly","year":"2005","author":"Nodder C.","key":"e_1_3_2_1_53_1"},{"key":"e_1_3_2_1_54_1","unstructured":"Office of the Privacy Commissioner of Canada. Guidelines for identification and authentication Oct. 2006. http:\/\/www.privcom.gc.ca\/information\/guide\/auth_061013_e.asp. Office of the Privacy Commissioner of Canada. Guidelines for identification and authentication Oct. 2006. http:\/\/www.privcom.gc.ca\/information\/guide\/auth_061013_e.asp."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1007\/11889663_1"},{"volume-title":"SyScan Conference.","author":"Rutkowska J.","key":"e_1_3_2_1_56_1"},{"key":"e_1_3_2_1_57_1","unstructured":"SANS Institute Internet Storm Center. Windows XP: Surviving the first day Nov. 2003. SANS Institute Internet Storm Center. Windows XP: Surviving the first day Nov. 2003."},{"key":"e_1_3_2_1_58_1","unstructured":"SANS Internet Storm Center. Fake microsoft patch email -> fake spyware doctor! Handler's diary (June 26 2007). SANS Internet Storm Center. Fake microsoft patch email -> fake spyware doctor! Handler's diary (June 26 2007)."},{"key":"e_1_3_2_1_59_1","unstructured":"SANS Internet Storm Center. Symantec false-positive on Filezilla NASA World Wind. Handler's diary (July 16 2007). SANS Internet Storm Center. Symantec false-positive on Filezilla NASA World Wind. Handler's diary (July 16 2007)."},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1011902718709"},{"volume-title":"Cranor and S. Garfinkel. O'Reilly","year":"2005","author":"Sasse M. A.","key":"e_1_3_2_1_61_1"},{"key":"e_1_3_2_1_62_1","unstructured":"scanit.be. Browser security test: A year of bugs 2004. http:\/\/bcheck.scanit.be. scanit.be. Browser security test: A year of bugs 2004. http:\/\/bcheck.scanit.be."},{"volume-title":"Blog (Feb. 11","year":"2005","author":"Schneier B.","key":"e_1_3_2_1_63_1"},{"key":"e_1_3_2_1_64_1","unstructured":"SecurityFocus.com. Bot spreads through antivirus Windows flaws. News article (Nov. 28 2006). SecurityFocus.com. Bot spreads through antivirus Windows flaws. News article (Nov. 28 2006)."},{"volume-title":"Virus Bulletin Conference (VB)","year":"2006","author":"Shipp A.","key":"e_1_3_2_1_65_1"},{"key":"e_1_3_2_1_66_1","unstructured":"Silicon.com. Banks must boost security to drive online banking. Forrester Research News article (Mar. 29 2005). Silicon.com. Banks must boost security to drive online banking. Forrester Research News article (Mar. 29 2005)."},{"issue":"6","key":"e_1_3_2_1_67_1","volume":"28","author":"Singer A.","year":"2003","journal-title":"The USENIX Magazine"},{"issue":"2","key":"e_1_3_2_1_68_1","doi-asserted-by":"crossref","DOI":"10.3390\/jtaer1020014","volume":"1","author":"Singh S.","year":"2006","journal-title":"Journal of Theoretical and Applied Electronic Commerce Research"},{"key":"e_1_3_2_1_69_1","unstructured":"Statistics Canada. Canadian Internet Use Survey 2005 Aug. 2006. http:\/\/www.statcan.ca. Statistics Canada. Canadian Internet Use Survey 2005 Aug. 2006. http:\/\/www.statcan.ca."},{"key":"e_1_3_2_1_70_1","unstructured":"M. Tulloch. Resolving Windows XP SP2 -- related application compatibility problems. Microsoft article on using XP. M. Tulloch. Resolving Windows XP SP2 -- related application compatibility problems. Microsoft article on using XP."},{"key":"e_1_3_2_1_71_1","unstructured":"M. Vea. 2006 Operating System vulnerability summary. Online article published at OmniNerd.com (Mar. 26 2007). M. Vea. 2006 Operating System vulnerability summary. Online article published at OmniNerd.com (Mar. 26 2007)."},{"volume-title":"Inc.","year":"1994","author":"Wharton C.","key":"e_1_3_2_1_72_1"},{"volume-title":"USENIX Security Symposium","year":"1999","author":"Whitten A.","key":"e_1_3_2_1_73_1"},{"key":"e_1_3_2_1_74_1","unstructured":"WindowsSecrets.com. Microsoft McAfee Symantec charge cards repeatedly. News article (May 17 2007). WindowsSecrets.com. Microsoft McAfee Symantec charge cards repeatedly. News article (May 17 2007)."},{"key":"e_1_3_2_1_75_1","doi-asserted-by":"publisher","DOI":"10.1145\/1124772.1124863"},{"key":"e_1_3_2_1_76_1","doi-asserted-by":"publisher","DOI":"10.1145\/508171.508194"},{"key":"e_1_3_2_1_77_1","unstructured":"ZDNet.com. Security tools face increased attack. News article based on Yankee Group report (June 20 2005). ZDNet.com. Security tools face increased attack. News article based on Yankee Group report (June 20 2005)."},{"key":"e_1_3_2_1_78_1","doi-asserted-by":"crossref","unstructured":"ZDNet.com.au. Eighty percent of new malware defeats antivirus. News article (July 19 2006). ZDNet.com.au. Eighty percent of new malware defeats antivirus. News article (July 19 2006).","DOI":"10.1016\/S1361-3723(06)70404-3"},{"volume-title":"Annual Network and Distributed System Security Symposium (NDSS)","year":"2007","author":"Zhang Y.","key":"e_1_3_2_1_79_1"},{"key":"e_1_3_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2005.60"},{"key":"e_1_3_2_1_81_1","doi-asserted-by":"publisher","DOI":"10.1145\/304851.304859"},{"key":"e_1_3_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.5555\/2619314.2619638"}],"event":{"name":"NSPW '07: Proceedings of the 2007 New Security Paradigms Workshop","sponsor":["San Diego Super Computing Ctr San Diego Super Computing Ctr","James Madison University","ACSA Applied Computing Security Assoc"],"location":"New Hampshire","acronym":"NSPW '07"},"container-title":["Proceedings of the 2007 Workshop on New Security Paradigms"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1600176.1600178","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1600176.1600178","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T12:18:16Z","timestamp":1750249096000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1600176.1600178"}},"subtitle":["the gap in real-world online banking"],"short-title":[],"issued":{"date-parts":[[2008,7,15]]},"references-count":82,"alternative-id":["10.1145\/1600176.1600178","10.1145\/1600176"],"URL":"https:\/\/doi.org\/10.1145\/1600176.1600178","relation":{},"subject":[],"published":{"date-parts":[[2008,7,15]]},"assertion":[{"value":"2008-07-15","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}