26,006 research outputs found

    Detecting and characterizing lateral phishing at scale

    Get PDF
    We present the first large-scale characterization of lateral phishing attacks, based on a dataset of 113 million employee-sent emails from 92 enterprise organizations. In a lateral phishing attack, adversaries leverage a compromised enterprise account to send phishing emails to other users, benefit-ting from both the implicit trust and the information in the hijacked user's account. We develop a classifier that finds hundreds of real-world lateral phishing emails, while generating under four false positives per every one-million employee-sent emails. Drawing on the attacks we detect, as well as a corpus of user-reported incidents, we quantify the scale of lateral phishing, identify several thematic content and recipient targeting strategies that attackers follow, illuminate two types of sophisticated behaviors that attackers exhibit, and estimate the success rate of these attacks. Collectively, these results expand our mental models of the 'enterprise attacker' and shed light on the current state of enterprise phishing attacks

    Watch, listen and learn: Observing children’s social conduct through their communication

    Get PDF
    This paper argues for the use of conversation analysis (CA) and membership categorisation analysis (MCA) (Sacks, 1992) to investigate children’s social conduct. A majority of prior research in this area has tended to focus on limited theoretical perspectives situated in developmental psychology, resulting in a dichotomous presentation of either prosocial or antisocial behaviour (see Bateman & Church, 2008 for an overview). Although the use of predefined categories “antisocial” and “prosocial” may be helpful for the organisation of data, there is a concern that these pre-defined classifications lead to children themselves being categorised as either consistently prosocial or antisocial (for example Nelson & Crick, 1999). This view encourages stigma and the labeling of children rather than offering further insight into children’s social worlds (Bateman & Church, 2008). This problem represents a shortfall in information regarding the complexity of peer interactions and how they are locally managed by the children themselves, disregarding the range of social competencies engaged in by the participants. Therefore a shift in theoretical approach is argued for here as this informs of how social order is produced through verbal and non-verbal communications between the participants themselves (Butler, Fitzgerald & Gardner, 2009; Sacks, 1992a; 1992b;). Analyzing children’s social conduct through observing their communication offers an innovative, theoretical shift which is becoming more valued in many different areas of early childhood and particularly for the study of social relationships in education. This paper will outline the concept of communication as perceived from an ethnomethodological (EM) perspective, provide a background to EM and conversation analysis (CA), discuss some findings from research and then discuss the practical application of these findings for practice

    Assessing safety climate in acute hospital settings: a systematic review of the adequacy of the psychometric properties of survey measurement tools

    Get PDF
    Background: The perceived importance of safety culture in improving patient safety and its impact on patient outcomes has led to a growing interest in the assessment of safety climate in healthcare organizations; however, the rigour with which safety climate tools were developed and psychometrically tested was shown to be variable. This paper aims to identify and review questionnaire studies designed to measure safety climate in acute hospital settings, in order to assess the adequacy of reported psychometric properties of identified tools. Methods: A systematic review of published empirical literature was undertaken to examine sample characteristics and instrument details including safety climate dimensions, origin and theoretical basis, and extent of psychometric evaluation (content validity, criterion validity, construct validity and internal reliability). Results: Five questionnaire tools, designed for general evaluation of safety climate in acute hospital settings, were included. Detailed inspection revealed ambiguity around concepts of safety culture and climate, safety climate dimensions and the methodological rigour associated with the design of these measures. Standard reporting of the psychometric properties of developed questionnaires was variable, although evidence of an improving trend in the quality of the reported psychometric properties of studies was noted. Evidence of the theoretical underpinnings of climate tools was limited, while a lack of clarity in the relationship between safety culture and patient outcome measures still exists. Conclusions: Evidence of the adequacy of the psychometric development of safety climate questionnaire tools is still limited. Research is necessary to resolve the controversies in the definitions and dimensions of safety culture and climate in healthcare and identify related inconsistencies. More importance should be given to the appropriate validation of safety climate questionnaires before extending their usage in healthcare contexts different from those in which they were originally developed. Mixed methods research to understand why psychometric assessment and measurement reporting practices can be inadequate and lacking in a theoretical basis is also necessary

    Automatic Detection of Online Jihadist Hate Speech

    Full text link
    We have developed a system that automatically detects online jihadist hate speech with over 80% accuracy, by using techniques from Natural Language Processing and Machine Learning. The system is trained on a corpus of 45,000 subversive Twitter messages collected from October 2014 to December 2016. We present a qualitative and quantitative analysis of the jihadist rhetoric in the corpus, examine the network of Twitter users, outline the technical procedure used to train the system, and discuss examples of use.Comment: 31 page

    Analyzing equivalalences in discourse: are discourse theory and membership categorization analysis comptatible

    Get PDF
    Facing a crucial leap from political philosophy to empirical analysis, the approach to discourse analysis that arose in the aftermath of Laclau and Mouffe (1985), and that is currently known as the Essex school of discourse theory (DT), has in recent years repeatedly been accused of suffering from a methodological deficit. This paper examines to what extent membership categorization analysis (MCA), a branch of ethnomethodology that investigates lay actors' situated descriptions-in-context as practical activity, can play a part in rendering poststructuralist DT notions such as articulation and equivalence analytically tangible in empirically observable discourse. Based on a review of Laclau and Mouffe's foundational text as well as on Glynos and Howarth's recent exposition of the framework (2007), it is argued that MCA empirically substantiates many poststructuralist claims about the indeterminacy of signification. However, MCA consistently falters - and willingly so - at the point where DT would articulate emerging equivalences between identity categories as part of a second-order explanatory concept, such as Glynos and Howarth’s notion of political logic. Nevertheless, MCA also contains the kernel of an "endogenous" notion of the political that comes fairly close to DT’s all-pervasive understanding of the concept. To support these arguments, a variety of empirical sources are mobilized, ranging from the transcript of a political talk show, a newspaper report regarding a discrimination case in a dance class, to data drawn from earlier research on the way that minority members are treated by the Belgian criminal justice system

    Themes in Information Security Research in the Information Systems Discipline: A Topic Modeling Approach

    Get PDF
    Information security continues to grow in importance in all aspects of society, and therefore evolves as a prevalent research area. The Information Systems (IS) discipline offers a unique perspective from which to move this stream of literature forward. Using a semi-automated thematic analysis approach based on the topic modeling technique, we review a broad range of information security literature to investigate how we might theorize about information security on a grander scale. Five themes resulted from our analysis: Software Security Decisions, Firm Security Strategy, Susceptibility, Information Security Policy Compliance, and Other Developing Themes. Implications of our findings and future research directions are discussed

    Workplace Violence and Security: Are there Lessons for Peacemaking?

    Get PDF
    Workplace violence has captured the attention of commentators, employers, and the public at large. Although statistically the incidents of workplace homicide and assault are decreasing, public awareness of the problem has heightened, largely through media reports of violent incidents. Employers are exhorted to address the problem of workplace violence and are offered a variety of programs and processes to prevent its occurrence. Many techniques, however, conflict with values that are critical to achieving sustainable peace. We focus on types of workplace violence that are triggered by organizational factors. From among the plethora of recommendations, we identify those responses that are most and least consistent with positive peace. We find that processes that promote privacy, transparency, and employee rights hold the most promise for peacemaking. We submit that such structures and processes can be transportable beyond the workplace to promote peace locally, nationally, and globally.http://deepblue.lib.umich.edu/bitstream/2027.42/39920/3/wp535.pd

    The Changing Spaces of Racialized Contestation in Brampton, Ontario; A Multimedia Analysis

    Get PDF
    Demographic changes, most notably changes in ethnic composition, can have major implications for the successful functioning of a community. Brampton, Ontario, is an example of one of these changing communities. Using two media sources: one traditional—the local newspaper—and the other emergent—online news—this thesis answers several key questions: is demographic change from a predominantly European-descent population in 1991 to today’s majority ‘visible minority’ population related to changes in the manifestations of racialized incidents in Brampton as reported in The Brampton Guardian? Has the emergence of online news impacted the geographic scope and nature of racialized incidents? Content analysis of one-hundred and twenty-two articles collected from The Brampton Guardian from 1991 to 2016 evidences substantial changes in the types of racialized incidents and the spaces in which they manifest in the community. Analysis of the top fifty comments from three distinct online news sites surrounding a viral, racialized incident in Brampton from 2017 demonstrates that online discourse is less geographically circumscribed, less censored and more politically-charged, than discourse in print media
    • 

    corecore