Educating the effective digital forensics practitioner: academic, professional, graduate and student perspectives

Over the years, digital forensics has become an important and sought-after profession where the gateway of training and education has developed vastly over the past decade. Many UK higher education (HE) institutions now deliver courses that prepare students for careers in digital forensics and, in most recent advances, cyber security. Skills shortages and external influences attributed within the field of cyber security, and its relationship as a discipline with digital forensics, has shifted the dynamic of UK higher education provisions. The implications of this now sees the route to becoming a digital forensic practitioner, be it in law enforcement or business, transform from on-the-job training to university educated, trained analysts. This thesis examined courses within HE and discovered that the delivery of these courses often overlooked areas such as mobile forensics, live data forensics, Linux and Mac knowledge. This research also considered current standards available across HE to understand whether educational programmes are delivering what is documented as relevant curriculum. Cyber security was found to be the central focus of these standards within inclusion of digital forensics, adding further to the debate and lack of distinctive nature of digital forensics as its own discipline. Few standards demonstrated how the topics, knowledge, skills and competences drawn were identified as relevant and effective for producing digital forensic practitioners. Additionally, this thesis analyses and discusses results from 201 participants across five stakeholder groups: graduates, professionals, academics, students and the public. These areas were selected due to being underdeveloped in existing literature and the crucial role they play in the cycle of producing effective practitioners. Analysis on stakeholder views, experiences and thoughts surrounding education and training offer unique insight, theoretical underpinnings and original contributions not seen in existing literature. For example, challenges, costs and initial issues with introducing graduates to employment for the employers and/or supervising practitioners, the lack of awareness and contextualisation on behalf of students and graduates towards what knowledge and skills they have learned and acquired on a course and its practical application on-the-job which often lead to suggestions of a lack of fundamental knowledge and skills. This is evidenced throughout the thesis, but examples include graduates: for their reflections on education based on their new on-the-job experiences and practices; professionals: for their job experiences and requirements, academics: for their educational practices and challenges; students: their initial expectations and views; and, the public: for their general understanding. This research uniquely captures these perspectives, bolstering the development of digital forensics as an academic discipline, along with the importance these diverse views play in the overall approach to delivering skilled practitioners. While the main contribution to knowledge within this thesis is its narrative focusing on the education of effective digital forensic practitioners and its major stakeholders, this thesis also makes additional contributions both academically and professionally; including the discussion, analysis and reflection of: - improvements for education and digital forensics topics for research and curriculum development; - where course offerings can be improved for institutions offering digital forensic degree programmes; - the need for further collaboration between industry and academia to provide students and graduates with greater understanding of the real-life role of a digital forensic practitioner and the expectations in employment; - continuous and unique challenges within both academia and the industry which digital forensics possess and the need for improved facilities and tool development to curate and share problem and scenario-based learning studies

A Novel Framework for Improving Cyber Security Management and Awareness for Home Users

A wide and increasing range of different technologies, devices, platforms, applications and services are being used every day by home users. In parallel, home users are also experiencing a range of different online threats and attacks. Indeed, home users are increasingly being targeted as they lack the knowledge and awareness about potential threats and how to protect themselves. The increase in technologies and platforms also increases the burden upon a user to understand how to apply security across the differing technologies, operating systems and applications. This results in managing the security across their technology portfolio increasingly more troublesome and time-consuming. Thus, it is apparent that a more innovative, convenient and usable security management solution is vital. This thesis investigates current online awareness tools and reviews studies which try to enhance cybersecurity awareness and education among the home users. It is evident from the analysis that most of the studies which have made efforts in proposing “one-fits-all” solutions do not have the ability to provide the users with a tailored awareness content based on a number of criteria such as the current needs, prior knowledge, and security priorities for each user. The thesis proposes an approach for improving security management and awareness for home users by providing them with a customised security awareness. A design science research methodology has been used for understanding the current problem, creating and developing an artefact which can enhance security management and awareness for home users. A number of security controls and requirements were identified which need to be managed and monitored for different technologies and services. In addition, the research designed several preliminary interfaces which can show the main components and aspects in the proposed solution based on HCI principles. A participant-based study was undertaken to get feedback on the initial design requirements and interfaces. A survey of 434 digital device users was undertaken and reveal result that there is a positive correlation between the security concern, knowledge and management amongst home users towards different security aspects. Positive feedback and some valuable comments were received about the preliminary interface designs in terms of the usability and functionality aspects. This builds into a final design phase which proposes a novel architecture for enhancing security management and awareness for home users. The proposed framework is capable of creating and assigning different security policies for different digital devices. These assigned policies are monitored, checked and managed in order to review the user’s compliance with the assigned policies and provide bespoke security awareness. In addition. A mockup design was developed to simulate the proposed framework to show different interactions with different components and sections in order to visualise the main concepts and the functions which might be performed when it is deployed in a real environment. Ultimately, two separate focus group discussions, involving experts and end-users have been conducted in order to provide a comprehensive evaluation of the identified research problem, the feasibility and the effectiveness of the proposed approach. The overall feedback of the two discussions can be considered as positive, constructive and encouraging. The experts agreed that the identified research problem is very important and a real problem. In addition, the participants agreed that the proposed framework is feasible and effective in improving security management and awareness for home users. The outcomes have also shown a reasonable level of satisfaction from the participants towards different components and aspects of the proposed design.Saudi governmen

A personality-based behavioural model: Susceptibility to phishing on social networking sites

The worldwide popularity of social networking sites (SNSs) and the technical features they offer users have created many opportunities for malicious individuals to exploit the behavioral tendencies of their users via social engineering tactics. The self-representation and social interactions on SNSs encourage users to reveal their personalities in a way which characterises their behaviour. Frequent engagement on SNSs may also reinforce the performance of certain activities, such as sharing and clicking on links, at a “habitual” level on these sites. Subsequently, this may also influence users to overlook phishing posts and messages on SNSs and thus not apply sufficient cognitive effort in their decision-making. As users do not expect phishing threats on these sites, they may become accustomed to behaving in this manner which may consequently put them at risk of such attacks. Using an online survey, primary data was collected from 215 final-year undergraduate students. Employing structural equation modelling techniques, the associations between the Big Five personality traits, habits and information processing were examined with the aim to identify users susceptible to phishing on SNSs. Moreover, other behavioural factors such as social norms, computer self-efficacy and perceived risk were examined in terms of their influence on phishing susceptibility. The results of the analysis revealed the following key findings: 1) users with the personality traits of extraversion, agreeableness and neuroticism are more likely to perform habitual behaviour, while conscientious users are least likely; 2) users who perform certain behaviours out of habit are directly susceptible to phishing attacks; 3) users who behave out of habit are likely to apply a heuristic mode of processing and are therefore more susceptible to phishing attacks on SNSs than those who apply systematic processing; 4) users with higher computer self-efficacy are less susceptible to phishing; and 5) users who are influenced by social norms are at greater risk of phishing. This study makes a contribution to scholarship and to practice, as it is the first empirical study to investigate, in one comprehensive model, the relationship between personality traits, habit and their effect on information processing which may influence susceptibility to phishing on SNSs. The findings of this study may assist organisations in the customisation of an individual anti-phishing training programme to target specific dispositional factors in vulnerable users. By using a similar instrument to the one used in this study, pre-assessments could determine and classify certain risk profiles that make users vulnerable to phishing attacks.Thesis (PhD) -- Faculty of Commerce, Information Systems, 202