Credit: Pixabay/CC0 Public Domain
When it comes to cybersecurity, humans are often considered the weakest link, but new research suggests that with a little help, people can do an incredibly effective job in identifying malware.
In the first study, researchers at the Cheriton School of Computer Science at the University of Waterloo collaborated with Guelph cybersecurity experts to test how users from technological beginners to experts respond to real-time legal and malicious software download requests in simulated office settings.
The study, “I regret being a hit with Run,” appeared in the minutes of the 34th USENIX Security Symposium.
“Most existing malware studies investigate “post-action” reports, that is, what went wrong after the successful attack,” said Daniel Vogel, a professor of computer science at Waterloo and a co-author of the study. “Our study featuring beginners, intermediate and expert users is the first malware study to observe user strategies in real time.”
Three dozen participants received messages from fake colleagues in an environment like the Microsoft team, urging them to download and install various programs. Participants had full control over whether or not to install the software and were able to research the options they liked.
In the first trial, users identified malware with 75% accuracy. Beginner users achieved 68% of the time, while expert users achieved 81% accuracy.
“It was interesting that novice users flag legal software as malware due to typos or inadequate interface designs, but when the clue is abnormal system behavior, such as using a high processor, we missed the actual malware,” the doctorate said. He is a student at the Cheriton School of Computer Science in Waterloo and the lead author of the study.
In the second round of the test, the researchers provided participants with an enhanced task manager and provided instructions on red flags to look for, including software that accesses network connections to numerous files and other countries. That modest support has increased the group’s malware detection rate to 80%.
“With just a little bit of information, beginner users will be comparable to computer scientists,” Lit says. “Developing critical thinking is one of the most important things you can do to increase security.”
Details: Brandon Lit, et al. I regret hit run’: field evaluation of potential malware. www.usenix.org/system/files/co…r-prepub-678-lit.pdf
Provided by the University of Waterloo
Quote: You’re better at discovering malware than you think, in a new study (August 5, 2025) August 5, 2025 https://techxplore.com/news/2025-08-youre-malware.html
This document is subject to copyright. Apart from fair transactions for private research or research purposes, there is no part that is reproduced without written permission. Content is provided with information only.
