A socio-cognitive and computational model for decision making and user modelling in social phishing

Systems software quality, and system security in particular, is often compromised by phishing attacks. The latter were relatively easy to detect through phishing content filters, in the past. However, it has been increasingly difficult to stop more recent and sophisticated social phishing attacks. To protect the citizens from new types of phishing attacks, software quality engineers need to provide equally sophisticating preventive technology that models people’s reactions. The authors considered the behaviour of people on the Internet from a socio-cognitive perspective and deduced who could be more prone to be spoofed by social phishing techniques. The authors herein propose a computational and interdisciplinary metamodelling methodology, which can assist in capturing and understanding people’s interactive behaviour when they are online. Online behaviour can reveal Internet users’ knowledge, information, and beliefs in a given social context; these could also constitute significant factors for trust in social phishing circumstances which, in turn, can provide valuable insights and decision making meta-knowledge for recognition of potential victims of phishers. The proposed modelling approach is illustrated and explained using real-life phishing cases. This meta-model can i) help social computing and phishing researchers to understand users’ trust decisions from a socio-cognitive perspective, and ii) open ways to integrate artificial intelligence design techniques within software quality management practices in order to protect citizens from being spoofed by social phishing attacks. Thus, this software design quality approach will increase system security as a proactive maintenance strategy

RCAP Solutions Breach Management - Case Study

Companies get hacked every day, and our in-scope company for this case study, RCAP Solution, was not an exception. Security incidents have increased both in volume and range in recent years, and cyber-attacks have become more sophisticated than ever before. There are so many reasons that drive this fact; one is that our infrastructure was not protected efficiently, but also attackers have become more knowledgeable in initiating advanced attacks at a scale. Additionally, the entrance of emerging technologies such as blockchain, machine learning, and the internet of things, added additional complexity to the already complex scene. Cybercriminals are using various attack vectors to target their victims. According to Check Point Cyber Security Report, 27% of all organizations globally were impacted by cyber-attacks that involved mobile devices in 2019 (Check Point Cyber Security Report, 2020). Many security incidents happened last year, but phishing attacks were one of the significant attacks initiated in 2019. Phishing is not a new attack; however, it is getting more popular with more efficient techniques using spear phishing, which is a more targeted attack. In general, phishing attacks happen more frequently than other types of attacks (Brute force, DDoS, Malware, etc.) because it is easier to initiate and most cost-effective

Moving from a "human-as-problem" to a "human-as-solution" cybersecurity mindset

Cybersecurity has gained prominence, with a number of widely publicised security incidents, hacking attacks and data breaches reaching the news over the last few years. The escalation in the numbers of cyber incidents shows no sign of abating, and it seems appropriate to take a look at the way cybersecurity is conceptualised and to consider whether there is a need for a mindset change.To consider this question, we applied a "problematization" approach to assess current conceptualisations of the cybersecurity problem by government, industry and hackers. Our analysis revealed that individual human actors, in a variety of roles, are generally considered to be "a problem". We also discovered that deployed solutions primarily focus on preventing adverse events by building resistance: i.e. implementing new security layers and policies that control humans and constrain their problematic behaviours. In essence, this treats all humans in the system as if they might well be malicious actors, and the solutions are designed to prevent their ill-advised behaviours. Given the continuing incidences of data breaches and successful hacks, it seems wise to rethink the status quo approach, which we refer to as "Cybersecurity, Currently". In particular, we suggest that there is a need to reconsider the core assumptions and characterisations of the well-intentioned human's role in the cybersecurity socio-technical system. Treating everyone as a problem does not seem to work, given the current cyber security landscape.Benefiting from research in other fields, we propose a new mindset i.e. "Cybersecurity, Differently". This approach rests on recognition of the fact that the problem is actually the high complexity, interconnectedness and emergent qualities of socio-technical systems. The "differently" mindset acknowledges the well-intentioned human's ability to be an important contributor to organisational cybersecurity, as well as their potential to be "part of the solution" rather than "the problem". In essence, this new approach initially treats all humans in the system as if they are well-intentioned. The focus is on enhancing factors that contribute to positive outcomes and resilience. We conclude by proposing a set of key principles and, with the help of a prototypical fictional organisation, consider how this mindset could enhance and improve cybersecurity across the socio-technical system

Phishing Attacks: A Security Challenge for University Students Studying Remotely

The emergence of the deadly global respiratory coronavirus disease (COVID-19) in 2019 claimed many lives and altered the way people live and behave as well as how companies operated. Considerable pressure was exerted on Institutions of Higher Learning (universities) to salvage the academic projects through the process of business model reconfiguration. Students were required to study remotely and were, therefore, exposed to phishing and scamming cyber-attacks. The effects of these attacks were examined in this study with the support of literature and empirical research leading to appropriate recommendations being proposed. Data were obtained through semi-structured interviews from students at a selected public-funded university. Atlas.Ti was used for data analysis to identify usable and sensible themes. The study established that students were aware of the factors that exposed them to phishing and scamming attacks but lacked the skills to identify such attacks before becoming victims

Exploring Current Trends and Challenges in Cybersecurity: A Comprehensive Survey

Cyber security is the process of preventing unauthorized access, theft, damage, and interruption to computers, servers, networks, and data. It entails putting policies into place to guarantee the availability, confidentiality, and integrity of information and information systems. Cyber security seeks to protect against a variety of dangers, including as hacking, data breaches, malware infections, and other nefarious actions.  Cyber security has grown to be a major worry as a result of the quick development of digital technology and the growing interconnection of our contemporary society. In order to gain insight into the constantly changing world of digital threats and the countermeasures put in place to address them, this survey seeks to study current trends and issues in the area of cyber security. The study includes responses from end users, business executives, IT administrators, and experts across a wide variety of businesses and sectors. The survey gives insight on important problems such the sorts of cyber threats encountered, the efficacy of current security solutions, future technology influencing cyber security, and the human elements leading to vulnerabilities via a thorough analysis of the replies. The most important conclusions include an evaluation of the most common cyber dangers, such as malware, phishing scams, ransom ware, and data breaches, as well as an investigation of the methods and tools used to counter these threats. The survey explores the significance of staff education and awareness in bolstering cyber security defenses and pinpoints opportunities for development in this area. The survey also sheds insight on how cutting-edge technologies like cloud computing, artificial intelligence, and the Internet of Things (IoT) are affecting cyber security practices. It analyses the advantages and disadvantages of using these technologies while taking into account issues like data privacy, infrastructure security, and the need for specialized skills. The survey also looks at the compliance environment, assessing how industry norms and regulatory frameworks affect cyber security procedures. The survey studies the obstacles organizations encounter in attaining compliance and assesses the degree of knowledge and commitment to these requirements. The results of this cyber security survey help to better understand the current status of cyber security and provide organizations and individual’s useful information for creating effective policies to protect digital assets. This study seeks to promote a proactive approach to cyber security, allowing stakeholders to stay ahead of threats and build a safe digital environment by identifying relevant trends and concerns

The Relationship Between Social Persuasion Strategies, Phishing Features and Email Exposure Time on Phishing Susceptibility

This item is only available electronically.A ‘phishing email’ aims to persuade an unsuspecting individual to reveal personal credentials and sensitive information. Currently, the global costs to businesses and individuals associated with phishing related attacks are reported in the hundreds of millions of dollars. While technological interventions capture a proportion of these phishing emails, ultimately, the human user is the last line of defence in determining the legitimacy of the email. ‘Phishers’ aim to exploit human weaknesses through the use of various persuasion strategies that create a sense of urgency and time pressure to respond to emails. Typically, individuals must also rely on subtle phishing features in an email to determine if the email is genuine or an attempted phish. Furthermore, phishers take advantage of the assumption that users determine the legitimacy of emails in a short amount of time. The present study aims to examine the impact of these email characteristics of persuasion strategies, the number of phishing features, and exposure time on phishing detection and susceptibility. Using an online survey platform, participants (N= 136) completed an email sorting task where they were required to review and sort 60 incoming emails from the inbox of ‘Professor Alex Jones’. Several significant results were obtained supporting the hypotheses. It demonstrated that individuals are better able to detect a phishing email when it utilises common persuasion strategies (authority and scarcity), and contain a greater number of phishing features. It also revealed that with increased email exposure time, individuals had a better phishing detection rate. However, the effect of identifying phishing emails with common persuasion strategies was not greater during shorter exposure time, providing a non-significant result. A greater understanding of these email factors associated with phishing susceptibility could lead to more tailored awareness campaigns and/or training programs to increase phishing detection and reduce susceptibility.Thesis (B.PsychSc(Hons)) -- University of Adelaide, School of Psychology, 202

Explainable Artificial Intelligence Applications in Cyber Security: State-of-the-Art in Research

This survey presents a comprehensive review of current literature on Explainable Artificial Intelligence (XAI) methods for cyber security applications. Due to the rapid development of Internet-connected systems and Artificial Intelligence in recent years, Artificial Intelligence including Machine Learning and Deep Learning has been widely utilized in the fields of cyber security including intrusion detection, malware detection, and spam filtering. However, although Artificial Intelligence-based approaches for the detection and defense of cyber attacks and threats are more advanced and efficient compared to the conventional signature-based and rule-based cyber security strategies, most Machine Learning-based techniques and Deep Learning-based techniques are deployed in the “black-box” manner, meaning that security experts and customers are unable to explain how such procedures reach particular conclusions. The deficiencies of transparencies and interpretability of existing Artificial Intelligence techniques would decrease human users’ confidence in the models utilized for the defense against cyber attacks, especially in current situations where cyber attacks become increasingly diverse and complicated. Therefore, it is essential to apply XAI in the establishment of cyber security models to create more explainable models while maintaining high accuracy and allowing human users to comprehend, trust, and manage the next generation of cyber defense mechanisms. Although there are papers reviewing Artificial Intelligence applications in cyber security areas and the vast literature on applying XAI in many fields including healthcare, financial services, and criminal justice, the surprising fact is that there are currently no survey research articles that concentrate on XAI applications in cyber security. Therefore, the motivation behind the survey is to bridge the research gap by presenting a detailed and up-to-date survey of XAI approaches applicable to issues in the cyber security field. Our work is the first to propose a clear roadmap for navigating the XAI literature in the context of applications in cyber security

Gamification of Cyber Security Awareness : A Systematic Review of Games

The frequency and severity of cyber-attacks have increased over the years with damaging consequences such as financial loss, reputational damage, and loss of sensitive data. Most of these attacks can be attributed to user error. To minimize these errors, cyber security awareness training is conducted to improve user awareness. Cyber security awareness training that is engaging, fun, and motivating is required to ensure that the awareness message gets through to users. Gamification is one such method by which cyber security awareness training can be made fun, engaging, and motivating. This thesis presents the state of the art of games used in cyber security awareness. In this regard, a systematic review of games following PRISMA guidelines was conducted on the relevant papers published between 2010 to 2021. The games were analyzed based on their purpose, cyber security topics taught, target audience, deployment methods, game genres implemented and learning mechanics applied. Analysis of these games revealed that cyber security awareness games are mostly deployed as computer games, targeted at the general public to create awareness in a wide range of cyber security topics. Most of the games implement the role-playing genre and apply demonstration learning mechanics to deliver their cyber security awareness message effectively