Privileged Learning for Instance Representation in Cognitive Models of Phishing Decisions
Abstract
Risk arising from human behavior, such as employees falling victim to phishing, continues to undermine organizational security posture. Prior work has attributed phishing susceptibility to attentional failures in detecting suspicious cues, motivating training approaches focused on detecting such cues. However, growing evidence suggests that susceptibility to phishing is better explained through activation and retrieval process of relevant experiences from memory. Models capable of estimating awareness gaps and predicting how individuals respond to or report phishing emails are therefore critical for delivering personalized training and testing interventions. A key challenge in building such cognitive models is finding effective ways to represent the contextual cues that shape how individuals perceive, store, and recall phishing-related content. This paper applies a privileged learning strategy to construct richer instance representations within cognitive models of phishing judgment. Combining instance-based learning (IBL) with neural network-based text similarity, we infer how recipients interpret email content and underlying intent. Results indicate that this privileged learning pipeline substantially enhances the predictive ability of cognitive models of phishing, opening new methods for developing individualized anti-phishing interventions.
Keywords: Phishing Detection, Cognitive Modeling, Privileged Learning, Instance-based Learning, Neural Networks
DOI: 10.54941/ahfe1007411
Cite this paper
More from this volume
- A Human Factors-Cyber-Safety Framework for Risk and Requirements in Critical Infrastructure
- Cognitive Load and Compliance: A Human-Centric Framework for NIS2 in Latvian SMEs
- Eye tracking study to analyze context encoding during phishing decision making
- Enhancing Cybersecurity Learning Through Online Platforms and Gamified Approaches
- Calibrating Trust in AI-Driven Cyber Defenses: Human Reliance, Resistance, and Decision Dynamics
- Governing the human factor in cybersecurity: A regulatory perspective
- Assessing Trust in Digital Service Engineering: An Empirical Case Study of Public CCTV Analytics in Germany
- Simulating the Threat: A Phishing Campaign to Enhance Cyber Resilience in a Large Organization
- Micro-Decisions Under Time Pressure and Dark Patterns in Digital Interfaces
- Designing an AI-Driven Framework for Human-Centered Cybersecurity Practices
- Beyond Security Awareness: A Scoping Review of Human Factors in SME Cyber Resilience Frameworks (2018-2026)
- The Human Factor in Cyber Resilience: Behavioural, Organisational and Sociotechnical Perspectives


AHFE Open Access