Addressing STEM Geek Culture Through Peer Learning

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.STEM is generally considered to be a male-dominated environment. The geek culture that often leads to social issues, and the gender imbalance that leads to fewer girls choosing a STEM subject, are becoming important topics of research. Peer learning has been widely used across the world to support retention and better grades with a more recent focus on adopting this approach to tackle issues around gender imbalance and perceived ‘laddish’ culture. Through peer learning, students are encouraged to work alongside their tutors, and to practice the critical soft skills that they will need as they move into the workplace. This paper explores the role of gender and geek culture, considering how students can break down the stereotypes while moving away from didactic approaches. The gender gap in STEM has narrowed, but women are still underrepresented. ‘Geek culture’ often creates a high-tech, androcentric environment. Policy makers have agreed that the geek culture needs to be researched and its impact identified. Social interactions and relations are the reflection of interpersonal values, and the peer norms may affect a students’ engagement and motivations in STEM subjects. The discussion will examine how peer learning can prepare students in Higher Education and offer insights into creating an environment in which students can become partners. Peer learning can represent a significant step in enabling students to become more engaged in their learning and is becoming an important element across institutions globally. There is a plethora of approaches to peer learning and it is encouraging to observe how students transform and mature by participating in the scheme. Evidence is accumulating that peer learning can enable students to become more confident and independent, enhancing not only their transition into Higher Education but also into industry. Peer learning can have a positive influence across the disciplines and supports students in achieving more than they might otherwise do. It can also examine, in an informal way, the gender issues, laddish and geek culture, and promote the sense of belongingness in STEM disciplines. This paper will inform readers about how peer learning can reconstruct the geek culture and transform it from self-centred to forming relationships and overcoming social issues. With regard to Higher Education specifically, we try to understand the different situational frames that are being generated by such cultures, how we can influence those stereotypes, and make them more acceptable and more inclusive

User Authentication and Supervision in Networked Systems

This thesis considers the problem of user authentication and supervision in networked systems. The issue of user authentication is one of on-going concern in modem IT systems with the increased use of computer systems to store and provide access to sensitive information resources. While the traditional username/password login combination can be used to protect access to resources (when used appropriately), users often compromise the security that these methods can provide. While alternative (and often more secure) systems are available, these alternatives usually require expensive hardware to be purchased and integrated into IT systems. Even if alternatives are available (and financially viable), they frequently require users to authenticate in an intrusive manner (e.g. forcing a user to use a biometric technique relying on fingerprint recognition). Assuming an acceptable form of authentication is available, this still does not address the problem of on-going confidence in the users’ identity - i.e. once the user has logged in at the beginning of a session, there is usually no further confirmation of the users' identity until they logout or lock the session in which they are operating. Hence there is a significant requirement to not only improve login authentication but to also introduce the concept of continuous user supervision. Before attempting to implement a solution to the problems outlined above, a range of currently available user authentication methods are identified and evaluated. This is followed by a survey conducted to evaluate user attitudes and opinions relating to login and continuous authentication. The results reinforce perceptions regarding the weaknesses of the traditional username/password combination, and suggest that alternative techniques can be acceptable. This provides justification for the work described in the latter part o f the thesis. A number of small-scale trials are conducted to investigate alternative authentication techniques, using ImagePIN's and associative/cognitive questions. While these techniques are of an intrusive nature, they offer potential improvements as either initial login authentication methods or, as a challenge during a session to confirm the identity of the logged-in user. A potential solution to the problem of continuous user authentication is presented through the design and implementation o f a system to monitor user activity throughout a logged-in session. The effectiveness of this system is evaluated through a series of trials investigating the use of keystroke analysis using digraph, trigraph and keyword-based metrics (with the latter two methods representing novel approaches to the analysis of keystroke data). The initial trials demonstrate the viability of these techniques, whereas later trials are used to demonstrate the potential for a composite approach. The final trial described in this thesis was conducted over a three-month period with 35 trial participants and resulted in over five million samples. Due to the scope, duration, and the volume of data collected, this trial provides a significant contribution to the domain, with the use of a composite analysis method representing entirely new work. The results of these trials show that the technique of keystroke analysis is one that can be effective for the majority of users. Finally, a prototype composite authentication and response system is presented, which demonstrates how transparent, non-intrusive, continuous user authentication can be achieved

Biometric security: A novel ear recognition approach using a 3D morphable ear model

Biometrics is a critical component of cybersecurity that identifies persons by verifying their behavioral and physical traits. In biometric-based authentication, each individual can be correctly recognized based on their intrinsic behavioral or physical features, such as face, fingerprint, iris, and ears. This work proposes a novel approach for human identification using 3D ear images. Usually, in conventional methods, the probe image is registered with each gallery image using computational heavy registration algorithms, making it practically infeasible due to the time-consuming recognition process. Therefore, this work proposes a recognition pipeline that reduces the one-to-one registration between probe and gallery. First, a deep learning-based algorithm is used for ear detection in 3D side face images. Second, a statistical ear model known as a 3D morphable ear model (3DMEM), was constructed to use as a feature extractor from the detected ear images. Finally, a novel recognition algorithm named you morph once (YMO) is proposed for human recognition that reduces the computational time by eliminating one-to-one registration between probe and gallery, which only calculates the distance between the parameters stored in the gallery and the probe. The experimental results show the significance of the proposed method for a real-time application

Behaviour Profiling for Transparent Authentication for Mobile Devices

Since the first handheld cellular phone was introduced in 1970s, the mobile phone has changed significantly both in terms of popularity and functionality. With more than 4.6 billion subscribers around the world, it has become a ubiquitous device in our daily life. Apart from the traditional telephony and text messaging services, people are enjoying a much wider range of mobile services over a variety of network connections in the form of mobile applications. Although a number of security mechanisms such as authentication, antivirus, and firewall applications are available, it is still difficult to keep up with various mobile threats (i.e. service fraud, mobile malware and SMS phishing); hence, additional security measures should be taken into consideration. This paper proposes a novel behaviour-based profiling technique by using a mobile user’s application usage to detect abnormal mobile activities. The experiment employed the MIT Reality dataset. For data processing purposes and also to maximise the number of participants, one month (24/10/2004-20/11/2004) of users’ application usage with a total number of 44,529 log entries was extracted from the original dataset. It was further divided to form three subsets: two intra-application datasets compiled with telephone and message data; and an inter-application dataset containing the rest of the mobile applications. Based upon the experiment plan, a user’s profile was built using either static and dynamic profiles and the best experimental results for the telephone, text message, and application-level applications were an EER (Equal Error Rate) of: 5.4%, 2.2% and 13.5% respectively. Whilst some users were difficult to classify, a significant proportion fell within the performance expectations of a behavioural biometric and therefore a behaviour profiling system on mobile devices is able to detect anomalies during the use of the mobile device. Incorporated within a wider authentication system, this biometric would enable transparent and continuous authentication of the user, thereby maximising user acceptance and security

Intelligent building systems: Security and facility professionals’ understanding of system threats,vulnerabilities and mitigation practice

Intelligent Buildings or Building Automation and Control Systems (BACS) are becoming common in buildings, driven by the commercial need for functionality, sharing of information, reduced costs and sustainable buildings. The facility manager often has BACS responsibility; however, their focus is generally not on BACS security. Nevertheless, if a BACS-manifested threat is realised, the impact to a building can be significant, through denial, loss or manipulation of the building and its services, resulting in loss of information or occupancy. Therefore, this study garnered a descriptive understanding of security and facility professionals’ knowledge of BACS, including vulnerabilities and mitigation practices. Results indicate that the majority of security and facility professionals hold a general awareness of BACS security issues, although they lacked a robust understanding to meet necessary protection. For instance, understanding of 23 BACS vulnerabilities were found to be equally critical with limited variance. Mitigation strategies were no better, with respondents indicating poor threat diagnosis. In contrast, cybersecurity and technical security professionals such as integrators or security engineering design professionals displayed a robust understanding of BACS vulnerabilities and resulting mitigation strategies. Findings support the need for greater awareness for both security management and facility professionals of BACS vulnerabilities and mitigation strategies

Behaviour profiling on mobile devices

Over the last decade, the mobile device has become a ubiquitous tool within everyday life. Unfortunately, whilst the popularity of mobile devices has increased, a corresponding increase can also be identified in the threats being targeted towards these devices. Security countermeasures such as AV and firewalls are being deployed, however, the increasing sophistication of the attacks requires additional measures to be taken. This paper proposes a novel behaviour-based profiling technique that is able to build upon the weaknesses of current systems by developing a comprehensive multilevel approach to profiling. In support of this model, a series of experiments have been designed to look at profiling calling, device usage and Bluetooth network scanning. Using neural networks, experimental results for the aforementioned activities\u27 are able to achieve an EER (Equal Error Rate) of: 13.5%, 35.1% and 35.7%

Examination of traditional botnet detection on Iot-based bots

A botnet is a collection of Internet-connected computers that have been suborned and are controlled externally for malicious purposes. Concomitant with the growth of the Internet of Things (IoT), botnets have been expanding to use IoT devices as their attack vectors. IoT devices utilise specific protocols and network topologies distinct from conventional computers that may render detection techniques ineffective on compromised IoT devices. This paper describes experiments involving the acquisition of several traditional botnet detection techniques, BotMiner, BotProbe, and BotHunter, to evaluate their capabilities when applied to IoT-based botnets. Multiple simulation environments, using internally developed network traffic generation software, were created to test these techniques on traditional and IoT-based networks, with multiple scenarios differentiated by the total number of hosts, the total number of infected hosts, the botnet command and control (CnC) type, and the presence of aberrant activity. Externally acquired datasets were also used to further test and validate the capabilities of each botnet detection technique. The results indicated, contrary to expectations, that BotMiner and BotProbe were able to detect IoT-based botnets—though they exhibited certain limitations specific to their operation. The results show that traditional botnet detection techniques are capable of detecting IoT-based botnets and that the different techniques may offer capabilities that complement one another

Cooperative co-evolution for feature selection in big data with random feature grouping

© 2020, The Author(s). A massive amount of data is generated with the evolution of modern technologies. This high-throughput data generation results in Big Data, which consist of many features (attributes). However, irrelevant features may degrade the classification performance of machine learning (ML) algorithms. Feature selection (FS) is a technique used to select a subset of relevant features that represent the dataset. Evolutionary algorithms (EAs) are widely used search strategies in this domain. A variant of EAs, called cooperative co-evolution (CC), which uses a divide-and-conquer approach, is a good choice for optimization problems. The existing solutions have poor performance because of some limitations, such as not considering feature interactions, dealing with only an even number of features, and decomposing the dataset statically. In this paper, a novel random feature grouping (RFG) has been introduced with its three variants to dynamically decompose Big Data datasets and to ensure the probability of grouping interacting features into the same subcomponent. RFG can be used in CC-based FS processes, hence called Cooperative Co-Evolutionary-Based Feature Selection with Random Feature Grouping (CCFSRFG). Experiment analysis was performed using six widely used ML classifiers on seven different datasets from the UCI ML repository and Princeton University Genomics repository with and without FS. The experimental results indicate that in most cases [i.e., with naïve Bayes (NB), support vector machine (SVM), k-Nearest Neighbor (k-NN), J48, and random forest (RF)] the proposed CCFSRFG-1 outperforms an existing solution (a CC-based FS, called CCEAFS) and CCFSRFG-2, and also when using all features in terms of accuracy, sensitivity, and specificity