Aiping Xiong

Polarity Correspondence as a General Compatibility Principle

Proctor and Cho (2006) proposed that, when making binary decisions, people code the stimulus and response alternatives asymmetrically (positive and negative polarities), with performance being best when the codes of the corresponding polarities are paired. They presented evidence that polarity correspondence could explain many results associated with orthogonal compatibility, the Implicit Association Test, and numerical judgments. We review and evaluate literature on these topics and on polarity coding in the context of metaphorical relations published during the ensuing 10 years. Our conclusion is that the results have supported polarity correspondence as a contributor to binary decisions. We consider issues concerning the principle and topics in need of research.

Decreasing auditory Simon effects across reaction time distributions

The Simon effect for left-right visual stimuli previously has been shown to decrease across the reaction time (RT) distribution. This decrease has been attributed to automatic activation of the corresponding response, which then dissipates over time. In contrast, for left-right tone stimuli, the Simon effect has not been found to decrease across the RT distribution but instead tends to increase. It has been proposed that automatic activation occurs through visuomotor information transmission, whereas the auditory Simon effect reflects cognitive coding interference and not automatic activation. In 4 experiments, we examined distributions of the auditory Simon effect for RT, percentage error (PE), and an inverse efficiency score [IES = RT/(1 - PE)] as a function of tone frequency and duration to determine whether the activation-dissipation account is also applicable to auditory stimuli. Consistent decreasing functions were found for the RT Simon effect distribution with short-duration tones of low frequency and for the PE and IES Simon effect distributions for all durations and frequency sets. Together, these findings provide robust evidence that left and right auditory stimuli also produce decreasing Simon effect distribution functions suggestive of automatic activation and dissipation of the corresponding response.

Use of Phishing Training to Improve Security Warning Compliance: Evidence from a Field Experiment

The current approach to protect users from phishing attacks is to display a warning when the webpage is considered suspicious. We hypothesize that users are capable of making correct informed decisions when the warning also conveys the reasons why it is displayed. We chose to use traffic rankings of domains, which can be easily described to users, as a warning trigger and evaluated the effect of the phishing warning message and phishing training. The evaluation was conducted in a field experiment. We found that knowledge gained from the training enhances the effectiveness of phishing warnings, as the number of participants being phished was reduced. However, the knowledge by itself was not sufficient to provide phishing protection. We suggest that integrating training in the warning interface, involving traffic ranking in phishing detection, and explaining why warnings are generated will improve current phishing defense.

Is Domain Highlighting Actually Helpful in Identifying Phishing Web Pages

Objective: To evaluate the effectiveness of domain highlighting in helping users identify whether Web pages are legitimate or spurious. Background: As a component of the URL, a domain name can be overlooked. Consequently, browsers highlight the domain name to help users identify which Web site they are visiting. Nevertheless, few studies have assessed the effectiveness of domain highlighting, and the only formal study confounded highlighting with instructions to look at the address bar. Method: We conducted two phishing detection experiments. Experiment 1 was run online: Participants judged the legitimacy of Web pages in two phases. In Phase 1, participants were to judge the legitimacy based on any information on the Web page, whereas in Phase 2, they were to focus on the address bar. Whether the domain was highlighted was also varied. Experiment 2 was conducted similarly but with participants in a laboratory setting, which allowed tracking of fixations. Results: Participants differentiated the legitimate and fraudulent Web pages better than chance. There was some benefit of attending to the address bar, but domain highlighting did not provide effective protection against phishing attacks. Analysis of eye-gaze fixation measures was in agreement with the task performance, but heat-map results revealed that participants’ visual attention was attracted by the highlighted domains. Conclusion: Failure to detect many fraudulent Web pages even when the domain was highlighted implies that users lacked knowledge of Web page security cues or how to use those cues. Application: Potential applications include development of phishing prevention training incorporating domain highlighting with other methods to help users identify phishing Web pages.

An Empirical Study of Mnemonic Sentence-based Password Generation Strategies

Mnemonic strategy has been recommended to help users generate secure and memorable passwords. We evaluated the security of

Information Processing: The Language and Analytical Tools for Cognitive Psychology in the Information Age

6

Vertically arrayed stimuli and responses: transfer of incompatible spatial mapping to Simon task occurs regardless of response-device orientation

mnemonic strategy variants in a series of online studies involving

Human Factors in the Privacy and Security of the Internet of Things

5,484

Increasing the Influence of Permission Safety on App Selections by Changes in Visual Representation

participants. In addition to applying the standard method of using guess numbers or similar metrics to compare the generated passwords, we also measured the frequencies of the most commonly chosen sentences as well as the resulting passwords. While metrics similar to guess numbers suggested that all variants provided highly secure passwords, statistical metrics told a different story. In particular, differences in the exact instructions had a tremendous impact on the security level of the resulting passwords. We examined the mental workload and memorability of 2 mnemonic strategy variants in another online study with

Can Cognitive Analytic-Abstractive Research Provide a Bridge Between Functional and Cognitive Psychologists? Commentary on De Houwer, Hughes, and Barnes-Holmes (2017)

752