Liar, liar, email on fire: the security value of lie detecting algorithms

News by Davey Winder

Researchers have developed a method of identifying linguistic clues in electronic communications that could point to possible cases of deception. Could lie-detecting algorithms reduce the impact of phishing emails?

Researchers have developed a lie detecting algorithm designed to identify linguistic cues of deception within computer-mediated communications such as email. contemplates whether such an algorithm would be of use in cyber-security solutions.

The paper, 'Untangling a Web of Lies: Exploring Automated Detection of Deception in Computer-Mediated Communication', is about to be published in the Journal of Management Information Systems. 

It reveals how, by applying automated text analysis to an archive of emails to assess the ability of word use (at the micro-level), message development (at the macro-level) and intertextual exchange cues (at the meta-level), the algorithm can detect the severity of deception being perpetrated within a business framework.

In other words, if you'll pardon the pun, things such as the use of personal pronouns, unnecessary adjectives, over-structured arguments, minimal self-deprecation and increased patterns of flattery all point towards deception.

SC spoke to a member of the research team, Dr Tom van Laer from Cass Business School which is part of City University London, who told us who the research was aimed at. "Consumer watchdogs can use this technology to assign a 'possibly lying' score to advertisements of a dubious nature," Dr van Lear said. "Security companies and national border forces can use the algorithm to assess documents, such as visa applications and landing cards, to better monitor compliance with access and entry rules and regulations."

Dr van Laer suggested that secretaries of higher education exam committees and editors of academic journals could apply the algorithm to improve their proofing tools for automatically checking student theses and academic articles for plagiarism.

"Humans are startlingly bad at consciously detecting deception," Dr van Laer said. "Human accuracy, when it comes to spotting a lie, is just 54 percent which is hardly better than chance." The digital lie detector, however, claims an accuracy rate of 70 percent. "It can be put to work to fight fraud wherever it occurs in computerised content and," Dr van Laer concluded, "as the technology evolves, its warnings can be wholly automated and its accuracy will increase even further."

So what about a lie-detecting algorithm being of use in cyber-security solutions?

"It's possible that these algorithms would work for certain types of scams, such as those targeting women on dating sites," said Jeannie Warner, security manager at WhiteHat Security. "There are detectable patterns of both typing and topics for these types of scams. The story arc has a methodology, designed to entice the emotionally vulnerable and weed out the intellectual."

Bal√°zs Scheidler, co-founder and CTO at Balabit, remained less convinced. "There's considerable research on how much of our communication depends on words," Scheidler said, "and how much is reflected through non-verbal means." 

With the majority coming from non-verbal aspects, according to Scheidler, he questioned how efficient such an algorithm would be in the real world. "Security should focus on the people aspect of threats and risks," he concluded.

James Henry, consultancy practice manager at Auriga, doesn't deny that a lie-detecting algorithm with high accuracy and efficiency would be a useful tool for multiple purposes. "Regarding cyber-security, it could be used to enhance spam filtering and facilitate analysts to detect social engineering attack vectors," Henry told SC. "Of course, given its probabilistic nature it would require human interaction and further results analysis but it would definitely be a useful addition to the cyber-defence arsenal."

SC asked Henry if there was an opportunity for such an algorithm to be useful as part of a training and awareness aid when it comes to cyber-security threats? "I would say that this wouldn't be wise," was his response. "This approach is designed for incoming e-mails, ie Phishing. It could potentially be altered to filter SMSs, which would pose a very interesting research challenge, since SMS has a limited length and research has proved that SMS-like and Twitter-like texts require a different approach."

Stephen Gates, chief research intelligence analyst at NSFOCUS, recounted how he has seen phishing emails that would fool a lie-detecting algorithm as they didn't include any lies but rather just carried a bogus and malicious link. 

However, Gates insisted, "Any technology that reduces cyber-infection rates provides a benefit, regardless of how small." 

He concluded, "If researchers added some sort of analysis tool, that showed a user why the email was flagged as a phishing attempt, it could act as an awareness teaching aid and provide even greater value." 


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews