Abstract: This paper presents a project which was conducted in a capstone course in Information Security. The project focused on conducting research concerning the various aspects of phishing, such as why phishing works and who is more likely to be deceived by phishing. Students were guided through the process of conducting research: finding background and related work on the topic, determining the hypothesis, development of the survey system, data collection, analysis of the results, and writing of the academic paper. This project was very successful in that students gained in-depth knowledge about phishing, developed an understanding of research and academic writing, and learned to statistically analyze data to support or refute their hypothesis. Educators who are teaching a capstone course in Information Security may be interested in this project because it is an appropriate level for undergraduate seniors, it can be accomplished in one semester, and the participants can be other students at the institution.
Keywords: Information Security, Phishing Project, Phishing Research, Security capstone course, Security Research Project, student research
Download this article: ISEDJ - V13 N5 Page 71.pdf
Recommended Citation: Ding, Y., Pollacia, L., Yang, S. (2015). Why Phishing Works: Project for an Information Security Capstone Course . Information Systems Education Journal, 13(5) pp 71-82. http://isedj.org/2015-13/ ISSN: 1545-679X. (A preliminary version appears in The Proceedings of ISECON 2014)