The Wisdom of Crowds
Evaluating the Wisdom of Crowds in Assessing Phishing Websites
Financial Cryptography and Data Security
SS'08 Proceedings of the 17th conference on Security symposium
Power-Law Distributions in Empirical Data
SIAM Review
Adverse selection in online "trust" certifications and search results
Electronic Commerce Research and Applications
Use of ratings from personalized communities for trustworthy application installation
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Community-based web security: complementary roles of the serious and casual contributors
Proceedings of the ACM 2012 conference on Computer Supported Cooperative Work
Is this app safe?: a large scale study on application permissions and risk signals
Proceedings of the 21st international conference on World Wide Web
Hi-index | 0.00 |
We examine the outcomes of the Web of Trust (WOT), a user-based system for assessing web security and find that it is more comprehensive than three automated services in identifying ‘bad' domains. Similarly to PhishTank, the participation patterns in WOT are skewed; however, WOT has implemented a number of measures to mitigate the risks of exploitation. In addition, a large percentage of its current user inputs are found to be based on objective and verifiable evaluation factors. We also confirm that users are concerned not only about malware and phishing. Online risks such as scams, illegal pharmacies and misuse of personal information are regularly brought up by the users. Such risks are not evaluated by the automated services, highlighting the potential benefits of user inputs. We also find a lack of sharing among the vendors of the automated services. We analyze the strengths and potential weaknesses of WOT and put forward suggestions for improvement.