Due to the increasingly online nature of business (e-commerce), it is essential to understand how end-users can be protected from malicious online activities such as malware. Several factors have been examined in the research on this topic. Digital native status was identified as a factor that has not been investigated thoroughly. This study examined how the security decision-making process is impacted by digital native status by looking at Protection Motivation Theory. Digital Native Status was investigated as a mediating factor in the PMT model. Intent to use antivirus was utilized as the protective measure. The findings indicate that digital native status does not mediate Fear. However, other factors, such as Fear, selfefficacy, and response efficacy, play a part in the intent to use antivirus. Conversely, the other constructs in the model, response-costs and maladaptive rewards, did not have a relationship with antivirus usage. Practically speaking, employers and eCommerce businesses could use these findings to identify factors that play into their end-user behaviors. These findings can be utilized to help guide training programs and professionals researching end-user behavior. These findings also suggest that future research should focus on factors other than age.
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
Increasingly, all kinds of organizations and institutions are adopting the E-business model to conduct their
activities and provide E-Services for their customers. In the process, whether they know it or not, those
organizations are also opening themselves up to the risk of information security breaches. Therefore
protecting an organization’s ICT infrastructure, IT systems, and Data is a vital issue that is often
underestimated. Research has shown that one of the most significant threats to information security comes
not from external attack but rather from the system's users, because they are familiar with the
infrastructure and have access to its resources, but may be unaware of the risks. Moreover, using only
technological solutions to protect an organization’s assets is not enough; there is a need to consider the
human factor by raising users’ security awareness. Our contribution to this problem is to propose an
Information Security Awareness Program that aims at raising and maintaining the level of users’ security
awareness. This paper puts forward a general model for an information security awareness program and
describes how it could be incorporated into an organization’s website through the process of development
life cycle.
System Dynamics Based Insider Threats ModelingIJNSA Journal
Insider threat has been recognized as one of the most dangerous security threats and become a much more complex issue. Insider threat is resulted from the legitimate users abusing their privileges and cause tremendous damage or losses. Not always being friends, insiders can be main threats to the organization. Currently, there is no equivalent prevention solution for insider threat to an intrution prevention system or vulnerability scanner. From the survey of literature of insider threat studies, we conclude that the system dynamics (SD) is an effective tool to analyze the root causes of insider threat incidents and evaluate mitigation strategies from people, process, and technology perspectives. A generized case based SD model can be tailored and applied to analyze and evaluate specific insider threat incidents. We
present a well known insider threat incident of Taiwan and tailor the generized case based SD model to analyze it. The simulation results indicate that the risk of insider threats can be reduced and the probability of detecting insider threats can be increased.
A LITERATURE SURVEY AND ANALYSIS ON SOCIAL ENGINEERING DEFENSE MECHANISMS AND...IJNSA Journal
Social engineering attacks can be severe and hard to detect. Therefore, to prevent such attacks, organizations should be aware of social engineering defense mechanisms and security policies. To that end, the authors developed a taxonomy of social engineering defense mechanisms, designed a survey to measure employee awareness of these mechanisms, proposed a model of Social Engineering InfoSec Policies (SE-IPs), and designed a survey to measure the incorporation level of these SE-IPs. After analyzing the data from the first survey, the authors found that more than half of employees are not aware of social engineering attacks. The paper also analyzed a second set of survey data, which found that on average, organizations incorporated just over fifty percent of the identified formal SE-IPs. Such worrisome results show that organizations are vulnerable to social engineering attacks, and serious steps need to be taken to elevate awareness against these emerging security threats.
An Improved Method for Preventing Data Leakage in an OrganizationIJERA Editor
Data is one of the most important assets an organisation has since it denes each organisations unique- ness.It
includes data on members and prospects, their inter- ests and purchases, your events, speakers, your content,
social media, press, your staff, budget, strategic plan, and much more. As organizations open their doors to
employees, part- ners, customers and suppliers to provide deeper access to sensitive information, the risk
sassociated with business increase. Now, more than ever, within creasing threats of cyber terrorism, cor- porate
governance issues, fraud, and identity theft, the need for securing corporate information has become paramount.
Informa- tion theft is not just about external hackers and unauthorized external users stealing your data, it is also
about managing internal employees and even contractors who may be working within your organization for
short periods of time. Adding to the challenge of securing information is the increasing push for corporate
governance and adherence to legislative or regulatory requirements. Failure to comply and provide privacy,
audit and internal controls could result in penalties ranging from large nes to jail terms. Non-compliance can
result in not only potential implications for executives, but also possible threats to the viability of a corporation.
Insiders too represent a sign cant risk to data security. The task of detecting malicious insiders is very
challenging as the methods of deception become more and more sophisticated. There are various solutions
present to avoid data leakage. Data leakage detection, prevention (DLPM) and monitoring solutions became an
inherent component of the organizations security suite.DLP solutions monitors sensitive data when at rest, in
motion, or in use and enforce the organizational data protection policy.These solutions focus mainly on the data
and its sensitivity level, and on preventing it from reaching an unauthorized person. They ignore the fact that an
insider is gradually exposed to more and more sensitive data,to which she is authorized to access. Such data
may cause great damage to the organization when leaked or misused. Data can be leaked via emails, instant
messaging, le transfer etc. This research is focusing on email data leakage monitoring, detection and
prevention. It is proposed to be carried out in two phases: leakage detection through mining and prevention
through encryption of email content.
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...CSCJournals
The growing usage of smart speakers raises many privacy and trust concerns compared to other technologies such as smart phones and computers. In this study, a proxy measure of trust is used to gauge users’ opinions on three different technologies based on an empirical study, and to understand which technology most people are most likely to trust. The collected data were analyzed using the Kruskal-Wallis H test to determine the statistical differences between the users’ trust level of the three technologies: smart speaker, computer and smart phone. The findings of the study revealed that despite the wide acceptance, ease of use and reputation of smart speakers, people find it difficult to trust smart speakers with their sensitive information via the Direct Voice Input (DVI) and would prefer to use a keyboard or touchscreen offered by computers and smart phones. Findings from this study can inform future work on users’ trust in technology based on perceived ease of use, reputation, perceived credibility and risk of using technologies via DVI.
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
Increasingly, all kinds of organizations and institutions are adopting the E-business model to conduct their
activities and provide E-Services for their customers. In the process, whether they know it or not, those
organizations are also opening themselves up to the risk of information security breaches. Therefore
protecting an organization’s ICT infrastructure, IT systems, and Data is a vital issue that is often
underestimated. Research has shown that one of the most significant threats to information security comes
not from external attack but rather from the system's users, because they are familiar with the
infrastructure and have access to its resources, but may be unaware of the risks. Moreover, using only
technological solutions to protect an organization’s assets is not enough; there is a need to consider the
human factor by raising users’ security awareness. Our contribution to this problem is to propose an
Information Security Awareness Program that aims at raising and maintaining the level of users’ security
awareness. This paper puts forward a general model for an information security awareness program and
describes how it could be incorporated into an organization’s website through the process of development
life cycle.
System Dynamics Based Insider Threats ModelingIJNSA Journal
Insider threat has been recognized as one of the most dangerous security threats and become a much more complex issue. Insider threat is resulted from the legitimate users abusing their privileges and cause tremendous damage or losses. Not always being friends, insiders can be main threats to the organization. Currently, there is no equivalent prevention solution for insider threat to an intrution prevention system or vulnerability scanner. From the survey of literature of insider threat studies, we conclude that the system dynamics (SD) is an effective tool to analyze the root causes of insider threat incidents and evaluate mitigation strategies from people, process, and technology perspectives. A generized case based SD model can be tailored and applied to analyze and evaluate specific insider threat incidents. We
present a well known insider threat incident of Taiwan and tailor the generized case based SD model to analyze it. The simulation results indicate that the risk of insider threats can be reduced and the probability of detecting insider threats can be increased.
A LITERATURE SURVEY AND ANALYSIS ON SOCIAL ENGINEERING DEFENSE MECHANISMS AND...IJNSA Journal
Social engineering attacks can be severe and hard to detect. Therefore, to prevent such attacks, organizations should be aware of social engineering defense mechanisms and security policies. To that end, the authors developed a taxonomy of social engineering defense mechanisms, designed a survey to measure employee awareness of these mechanisms, proposed a model of Social Engineering InfoSec Policies (SE-IPs), and designed a survey to measure the incorporation level of these SE-IPs. After analyzing the data from the first survey, the authors found that more than half of employees are not aware of social engineering attacks. The paper also analyzed a second set of survey data, which found that on average, organizations incorporated just over fifty percent of the identified formal SE-IPs. Such worrisome results show that organizations are vulnerable to social engineering attacks, and serious steps need to be taken to elevate awareness against these emerging security threats.
An Improved Method for Preventing Data Leakage in an OrganizationIJERA Editor
Data is one of the most important assets an organisation has since it denes each organisations unique- ness.It
includes data on members and prospects, their inter- ests and purchases, your events, speakers, your content,
social media, press, your staff, budget, strategic plan, and much more. As organizations open their doors to
employees, part- ners, customers and suppliers to provide deeper access to sensitive information, the risk
sassociated with business increase. Now, more than ever, within creasing threats of cyber terrorism, cor- porate
governance issues, fraud, and identity theft, the need for securing corporate information has become paramount.
Informa- tion theft is not just about external hackers and unauthorized external users stealing your data, it is also
about managing internal employees and even contractors who may be working within your organization for
short periods of time. Adding to the challenge of securing information is the increasing push for corporate
governance and adherence to legislative or regulatory requirements. Failure to comply and provide privacy,
audit and internal controls could result in penalties ranging from large nes to jail terms. Non-compliance can
result in not only potential implications for executives, but also possible threats to the viability of a corporation.
Insiders too represent a sign cant risk to data security. The task of detecting malicious insiders is very
challenging as the methods of deception become more and more sophisticated. There are various solutions
present to avoid data leakage. Data leakage detection, prevention (DLPM) and monitoring solutions became an
inherent component of the organizations security suite.DLP solutions monitors sensitive data when at rest, in
motion, or in use and enforce the organizational data protection policy.These solutions focus mainly on the data
and its sensitivity level, and on preventing it from reaching an unauthorized person. They ignore the fact that an
insider is gradually exposed to more and more sensitive data,to which she is authorized to access. Such data
may cause great damage to the organization when leaked or misused. Data can be leaked via emails, instant
messaging, le transfer etc. This research is focusing on email data leakage monitoring, detection and
prevention. It is proposed to be carried out in two phases: leakage detection through mining and prevention
through encryption of email content.
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...CSCJournals
The growing usage of smart speakers raises many privacy and trust concerns compared to other technologies such as smart phones and computers. In this study, a proxy measure of trust is used to gauge users’ opinions on three different technologies based on an empirical study, and to understand which technology most people are most likely to trust. The collected data were analyzed using the Kruskal-Wallis H test to determine the statistical differences between the users’ trust level of the three technologies: smart speaker, computer and smart phone. The findings of the study revealed that despite the wide acceptance, ease of use and reputation of smart speakers, people find it difficult to trust smart speakers with their sensitive information via the Direct Voice Input (DVI) and would prefer to use a keyboard or touchscreen offered by computers and smart phones. Findings from this study can inform future work on users’ trust in technology based on perceived ease of use, reputation, perceived credibility and risk of using technologies via DVI.
ANALYZING AND IDENTIFYING FAKE NEWS USING ARTIFICIAL INTELLIGENCEIAEME Publication
The main reason behind the spread of fake news is because of many fake and hyperpartisan sites present on the Internet. These fake sites try to manipulate the truth which creates misunderstanding in society. Therefore, it is important to detect fake news and try to make people aware of the truth. This paper gives an insight into how to detect fake news using Machine Learning and Deep Learning Techniques. On observing our data, we have categorized our data into five attributes namely Title, Text, Subject, Date, and Labels. In order to develop an efficient fake news detection system, the feature along with its degree of impact on the system must be taken into consideration. This paper attempts at providing a detailed analysis of detecting fake news using various models such as LSTM, ANN, Naïve Bayes, SVM, Logistic Regression, XGBoost, and Bert.
Most of the network habitats retain on facing an ever increasing number of security threats. In early times,
firewalls are used as a security examines point in the network environment. Recently the use of Intrusion
Detection System (IDS) has greatly increased due to its more constructive and robust working than
firewall. An IDS refers to the process of constantly observing the incoming and outgoing traffic of a
network in order to diagnose suspicious behavior. In real scenario most of the environments are dynamic
in nature, which leads to the problem of concept drift, is perturbed with learning from data whose
statistical attribute change over time. Concept drift is impenetrable if the dataset is class-imbalanced. In
this review paper, study of IDS along with different approaches of incremental learning is carried out.
From this study, by applying voting rule to incremental learning a new approach is proposed. Further, the
comparison between existing Fuzzy rule method and proposed approach is done.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Exploring Secure Computing for the Internet of Things, Internet of Everything...Maurice Dawson
Secure computing is essential as environments continue to become intertwined and hyperconnected. As the Internet of Things (IoT), Web of Things (WoT), and the Internet of Everything (IoE) dominate the landscape of technological platforms, protection these complicated networks is important. The everyday person who wishes to have more devices that allow the ability to be connected needs to be aware of what threats they could be potentially exposing themselves to. Additionally, for the unknowing consumer of everyday products needs to be aware of what it means to have sensors, Radio Frequency IDentification (RFID), Bluetooth, and WiFi enabled products. This submission explores how Availability, Integrity, and Confidentiality (AIC) can be applied to IoT, WoT, and IoE with consideration for the application of these architectures in the defense sector.
Toward Automated Reduction of Human Errors based on Cognitive AnalysisSherif Zahran
Following the immense development of cyber society where various activities including e-commerce take place,
the demands for security is rapidly growing. Among major
causes of security flaws is human error, which is unintentionally
caused by humans. To cope with that, we intend to build
a human error database that automatically develops further.
We conducted a survey on human factors and concluded that
the root causes of human errors are related to the internal
mental processes, and the cognitive-psychological methodology
is a feasible for the estimation of them. Based on that this
paper proposes a framework that consists of data collection
methods and data structure. It also explores the usability of
the data by presenting use cases of human error prevention
and incident handling.
The Impact of Customer Knowledge on the Security of E-BankingCSCJournals
In this paper one of the most affective factors on security of e-banking will be discussed, by accepting the use of information technology for the execution of the Traditional e-banking, As we know that e-banking is done online and the customers are considered the active element and the other party in e-banking operations. So if the level of customer knowledge in the use of IT ? low, then this points that customers are not professional in the execution of the traditional e-banking using IT , furthermore this create flaws in the security of e-banking by facilitating the sneaking into the personal information and distrust in customer confidence of the e-banking security. which leads to reject the use of technology in e-banking, And this is what will be discussed in this paper by offering some security gaps which is resulting from the low level of customer knowledge in information technology, and that will be studied through Technology Acceptance Model and In light of this we will suggest some solutions.
Battlefield Cyberspace: Exploitation of Hyperconnectivity and Internet of ThingsMaurice Dawson
The threat of cyber terrorism has become a reality with recent attacks such as Stuxtnet, Flame, Sony Pictures, and North Korea's websites. As the Internet of Things (IoT) continues to become more hyperconnected it will be imperative that cyber security experts to develop new security architectures for multiple platforms such as mobile devices, laptops, embedded systems, and even wearable displays. The futures of national and international security rely on complex countermeasures to ensure that a proper security posture is maintained during this state of hyperconnectivity. To protect these systems from exploitation of vulnerabilities it is essential to understand current and future threats to include the laws that drive their need to be secured. Examined within this chapter are the potential security related threats with the use of social media, mobile devices, virtual worlds, augmented reality, and mixed reality.
Electronic Healthcare Record Security and Management in Healthcare Organizationsijtsrd
"This study aim sat identifying the current countermeasures used in protecting the Electronic Healthcare Record and how employees share their knowledge about the existence Electronic Healthcare Record security as well as countermeasures used in mitigating the threats and data breaches in healthcare organizations. A case study of Aminu Kano Teaching Hospital, Nigeria was used and qualitative research method was adopted where purposive and stratified random sampling was used. This led to construction of eleven relevant questions to four categories of staff. A conceptual frame work was proposed to quid the study and the findings we reevaluated using the proposed frame work. There sults revealed that there is lack of knowledge sharing among employees and some factors were found to be the resistance factors, this include educational background, behavior, low security awareness, personality differences and lack of management commitment. On the other hand, deterrent, preventive and organizational actions were partially practiced as countermeasures used to mitigate the threats and vulnerability of data breaches of Electronic Healthcare Records in Aminu Kano Teaching Hospital in Nigeria. Attahiru Saminu, CLN ""Electronic Healthcare Record Security and Management in Healthcare Organizations"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Special Issue | International Conference on Advanced Engineering and Information Technology , November 2018, URL: https://www.ijtsrd.com/papers/ijtsrd19124.pdf
Paper URL: https://www.ijtsrd.com/other-scientific-research-area/other/19124/electronic-healthcare-record-security-and-management-in-healthcare-organizations/attahiru-saminu-cln"
The advancement of Information Technology has hastened the ability to disseminate information across the globe. In particular, the recent trends in ‘Social Networking’ have led to a spark in personally sensitive information being published on the World Wide Web. While such socially active websites are creative tools for expressing one’s personality it also entails serious privacy concerns. Thus, Social Networking websites could be termed a double edged sword. It is important for the law to keep abreast of these developments in technology. The purpose of this paper is to demonstrate the limits of extending existing laws to battle privacy intrusions in the Internet especially in the context of social networking. It is suggested that privacy specific legislation is the most appropriate means of protecting online privacy. In doing so it is important to maintain a balance between the competing right of expression, the failure of which may hinder the reaping of benefits offered by Internet technology
Components of a Model of Cybersecurity Behavior AdoptionCori Faklaris
Our research focuses on understanding how attitudes and social influences act on end users in the process of cybersecurity behavior adoption (or non-adoption). This talk discusses three expectancy-value models and two stage models that have been applied successfully in social psychology, marketing, and public health. We first introduce our project, then give an overview of these existing models. We then present the progress of our empirical mixed-methods research to craft a model specific to cybersecurity adoption that identifies the relevant (1) attitudes and (2) social influences acting at each step, along with (3) tech characteristics that are associated with sustained adoption. We conclude with remarks on how our work can be of use to cybersecurity teams tasked with boosting awareness and/or adoption.
The amount of data in the world seems increasing and computers make it easy to save the data. Companies offer data storage by providing cloud services and the amount of data being stored in these servers is increasing rapidly. In data mining, the data is stored electronically and the search is automated or at least augmented by computer. As the volume of data increases, inexorably, the proportion of it that people understand decreases alarmingly. This paper presents the data leakage problem arises because the services like Facebook and Google store all your data unencrypted on their servers, making it easy for them, or governments and hackers, to monitor the data.
By applying the emerging approach Soft Systems Methodology (SSM) the authors try to develop Information Systems Security Model for the Ethiopian Banking Industry that can be used as a base or initial concept for those wish to undertake a more and detail study on security aspects of Financial industries.
Running head POLICIES FOR MANAGING PRIVACY1POLICIES FOR M.docxjeanettehully
Running head: POLICIES FOR MANAGING PRIVACY
1
POLICIES FOR MANAGING PRIVACY
5
Online Policies for Enabling Financial Companies to Manage Privacy Issues
Name: Sunil Kumar Parisa
Date:03/29/2020
University of Cumberland’s
ABSTRACT
Financial companies are under constant threats in the face of cyber-attacks, which are growing by the day. The companies usually implement measures that primarily focus on the deployment of technologies for suppressing the attacks. They do not consider user policies as essential elements that help curb the vulnerabilities. The policies put in place have a low level of enforceability, which lowers the impact of the plans. The research project will determine the relationship between policy enforceability and the vulnerabilities posed to a system by the internal and external users.
INTRODUCTION
Business companies in the financial sector have the responsibility of ensuring the data that belong to the customers are fully protected. Cyber-crimes are on the rise, and the approaches employed today are not entirely practical. Technological tools and measures are not efficient. They should be complemented by the behavioral standards that suppress the vulnerabilities in all the IT domains (Vincent, Higgs & Pinsker, 2015). Enforceable policies will ensure there is an integration of behavioral and technological measures for promoting data security and privacy.
LITERATURE REVIEW
Financial companies usually emphasize policies that guide the collection of customer and storage as well as access to the data by the internal and external users. These policies are relevant as they promote best practices at both levels. The companies have a belief that these are the areas that need closer monitoring and evaluation. However, the policies put in place are not always enforceable. A lack of enforceability creates a situation where the desired outcomes are not realized (Yeganeh, 2019). It explains why data breaches are still experienced even after such policies are formulated and implemented.
RESEARCH METHOD
To investigate the relationship between enforceability of the policies and the vulnerabilities that business organizations are exposed to, a case study method will be used. It is an essential tool that helps determine a causal relationship (White & McBurney, 2012). Also, it will provide insights that will inform the recommendations that need to be considered by the multiple business organizations in the financial sector. Credible data that are free of confounding variables must be collected, analyzed, and inferences drawn. Two data collection procedures will be utilized as follows.
i. Semi-structured interviews will be conducted to collect diverse data on the design and implementation of user and online policies. The interviewees will offer data that expound on the security and privacy positions of the systems.
ii. Independent observations will be made to inform the behaviors of the users, both internally and externally. The observation ...
ANALYZING AND IDENTIFYING FAKE NEWS USING ARTIFICIAL INTELLIGENCEIAEME Publication
The main reason behind the spread of fake news is because of many fake and hyperpartisan sites present on the Internet. These fake sites try to manipulate the truth which creates misunderstanding in society. Therefore, it is important to detect fake news and try to make people aware of the truth. This paper gives an insight into how to detect fake news using Machine Learning and Deep Learning Techniques. On observing our data, we have categorized our data into five attributes namely Title, Text, Subject, Date, and Labels. In order to develop an efficient fake news detection system, the feature along with its degree of impact on the system must be taken into consideration. This paper attempts at providing a detailed analysis of detecting fake news using various models such as LSTM, ANN, Naïve Bayes, SVM, Logistic Regression, XGBoost, and Bert.
Most of the network habitats retain on facing an ever increasing number of security threats. In early times,
firewalls are used as a security examines point in the network environment. Recently the use of Intrusion
Detection System (IDS) has greatly increased due to its more constructive and robust working than
firewall. An IDS refers to the process of constantly observing the incoming and outgoing traffic of a
network in order to diagnose suspicious behavior. In real scenario most of the environments are dynamic
in nature, which leads to the problem of concept drift, is perturbed with learning from data whose
statistical attribute change over time. Concept drift is impenetrable if the dataset is class-imbalanced. In
this review paper, study of IDS along with different approaches of incremental learning is carried out.
From this study, by applying voting rule to incremental learning a new approach is proposed. Further, the
comparison between existing Fuzzy rule method and proposed approach is done.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Exploring Secure Computing for the Internet of Things, Internet of Everything...Maurice Dawson
Secure computing is essential as environments continue to become intertwined and hyperconnected. As the Internet of Things (IoT), Web of Things (WoT), and the Internet of Everything (IoE) dominate the landscape of technological platforms, protection these complicated networks is important. The everyday person who wishes to have more devices that allow the ability to be connected needs to be aware of what threats they could be potentially exposing themselves to. Additionally, for the unknowing consumer of everyday products needs to be aware of what it means to have sensors, Radio Frequency IDentification (RFID), Bluetooth, and WiFi enabled products. This submission explores how Availability, Integrity, and Confidentiality (AIC) can be applied to IoT, WoT, and IoE with consideration for the application of these architectures in the defense sector.
Toward Automated Reduction of Human Errors based on Cognitive AnalysisSherif Zahran
Following the immense development of cyber society where various activities including e-commerce take place,
the demands for security is rapidly growing. Among major
causes of security flaws is human error, which is unintentionally
caused by humans. To cope with that, we intend to build
a human error database that automatically develops further.
We conducted a survey on human factors and concluded that
the root causes of human errors are related to the internal
mental processes, and the cognitive-psychological methodology
is a feasible for the estimation of them. Based on that this
paper proposes a framework that consists of data collection
methods and data structure. It also explores the usability of
the data by presenting use cases of human error prevention
and incident handling.
The Impact of Customer Knowledge on the Security of E-BankingCSCJournals
In this paper one of the most affective factors on security of e-banking will be discussed, by accepting the use of information technology for the execution of the Traditional e-banking, As we know that e-banking is done online and the customers are considered the active element and the other party in e-banking operations. So if the level of customer knowledge in the use of IT ? low, then this points that customers are not professional in the execution of the traditional e-banking using IT , furthermore this create flaws in the security of e-banking by facilitating the sneaking into the personal information and distrust in customer confidence of the e-banking security. which leads to reject the use of technology in e-banking, And this is what will be discussed in this paper by offering some security gaps which is resulting from the low level of customer knowledge in information technology, and that will be studied through Technology Acceptance Model and In light of this we will suggest some solutions.
Battlefield Cyberspace: Exploitation of Hyperconnectivity and Internet of ThingsMaurice Dawson
The threat of cyber terrorism has become a reality with recent attacks such as Stuxtnet, Flame, Sony Pictures, and North Korea's websites. As the Internet of Things (IoT) continues to become more hyperconnected it will be imperative that cyber security experts to develop new security architectures for multiple platforms such as mobile devices, laptops, embedded systems, and even wearable displays. The futures of national and international security rely on complex countermeasures to ensure that a proper security posture is maintained during this state of hyperconnectivity. To protect these systems from exploitation of vulnerabilities it is essential to understand current and future threats to include the laws that drive their need to be secured. Examined within this chapter are the potential security related threats with the use of social media, mobile devices, virtual worlds, augmented reality, and mixed reality.
Electronic Healthcare Record Security and Management in Healthcare Organizationsijtsrd
"This study aim sat identifying the current countermeasures used in protecting the Electronic Healthcare Record and how employees share their knowledge about the existence Electronic Healthcare Record security as well as countermeasures used in mitigating the threats and data breaches in healthcare organizations. A case study of Aminu Kano Teaching Hospital, Nigeria was used and qualitative research method was adopted where purposive and stratified random sampling was used. This led to construction of eleven relevant questions to four categories of staff. A conceptual frame work was proposed to quid the study and the findings we reevaluated using the proposed frame work. There sults revealed that there is lack of knowledge sharing among employees and some factors were found to be the resistance factors, this include educational background, behavior, low security awareness, personality differences and lack of management commitment. On the other hand, deterrent, preventive and organizational actions were partially practiced as countermeasures used to mitigate the threats and vulnerability of data breaches of Electronic Healthcare Records in Aminu Kano Teaching Hospital in Nigeria. Attahiru Saminu, CLN ""Electronic Healthcare Record Security and Management in Healthcare Organizations"" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Special Issue | International Conference on Advanced Engineering and Information Technology , November 2018, URL: https://www.ijtsrd.com/papers/ijtsrd19124.pdf
Paper URL: https://www.ijtsrd.com/other-scientific-research-area/other/19124/electronic-healthcare-record-security-and-management-in-healthcare-organizations/attahiru-saminu-cln"
The advancement of Information Technology has hastened the ability to disseminate information across the globe. In particular, the recent trends in ‘Social Networking’ have led to a spark in personally sensitive information being published on the World Wide Web. While such socially active websites are creative tools for expressing one’s personality it also entails serious privacy concerns. Thus, Social Networking websites could be termed a double edged sword. It is important for the law to keep abreast of these developments in technology. The purpose of this paper is to demonstrate the limits of extending existing laws to battle privacy intrusions in the Internet especially in the context of social networking. It is suggested that privacy specific legislation is the most appropriate means of protecting online privacy. In doing so it is important to maintain a balance between the competing right of expression, the failure of which may hinder the reaping of benefits offered by Internet technology
Components of a Model of Cybersecurity Behavior AdoptionCori Faklaris
Our research focuses on understanding how attitudes and social influences act on end users in the process of cybersecurity behavior adoption (or non-adoption). This talk discusses three expectancy-value models and two stage models that have been applied successfully in social psychology, marketing, and public health. We first introduce our project, then give an overview of these existing models. We then present the progress of our empirical mixed-methods research to craft a model specific to cybersecurity adoption that identifies the relevant (1) attitudes and (2) social influences acting at each step, along with (3) tech characteristics that are associated with sustained adoption. We conclude with remarks on how our work can be of use to cybersecurity teams tasked with boosting awareness and/or adoption.
The amount of data in the world seems increasing and computers make it easy to save the data. Companies offer data storage by providing cloud services and the amount of data being stored in these servers is increasing rapidly. In data mining, the data is stored electronically and the search is automated or at least augmented by computer. As the volume of data increases, inexorably, the proportion of it that people understand decreases alarmingly. This paper presents the data leakage problem arises because the services like Facebook and Google store all your data unencrypted on their servers, making it easy for them, or governments and hackers, to monitor the data.
By applying the emerging approach Soft Systems Methodology (SSM) the authors try to develop Information Systems Security Model for the Ethiopian Banking Industry that can be used as a base or initial concept for those wish to undertake a more and detail study on security aspects of Financial industries.
Running head POLICIES FOR MANAGING PRIVACY1POLICIES FOR M.docxjeanettehully
Running head: POLICIES FOR MANAGING PRIVACY
1
POLICIES FOR MANAGING PRIVACY
5
Online Policies for Enabling Financial Companies to Manage Privacy Issues
Name: Sunil Kumar Parisa
Date:03/29/2020
University of Cumberland’s
ABSTRACT
Financial companies are under constant threats in the face of cyber-attacks, which are growing by the day. The companies usually implement measures that primarily focus on the deployment of technologies for suppressing the attacks. They do not consider user policies as essential elements that help curb the vulnerabilities. The policies put in place have a low level of enforceability, which lowers the impact of the plans. The research project will determine the relationship between policy enforceability and the vulnerabilities posed to a system by the internal and external users.
INTRODUCTION
Business companies in the financial sector have the responsibility of ensuring the data that belong to the customers are fully protected. Cyber-crimes are on the rise, and the approaches employed today are not entirely practical. Technological tools and measures are not efficient. They should be complemented by the behavioral standards that suppress the vulnerabilities in all the IT domains (Vincent, Higgs & Pinsker, 2015). Enforceable policies will ensure there is an integration of behavioral and technological measures for promoting data security and privacy.
LITERATURE REVIEW
Financial companies usually emphasize policies that guide the collection of customer and storage as well as access to the data by the internal and external users. These policies are relevant as they promote best practices at both levels. The companies have a belief that these are the areas that need closer monitoring and evaluation. However, the policies put in place are not always enforceable. A lack of enforceability creates a situation where the desired outcomes are not realized (Yeganeh, 2019). It explains why data breaches are still experienced even after such policies are formulated and implemented.
RESEARCH METHOD
To investigate the relationship between enforceability of the policies and the vulnerabilities that business organizations are exposed to, a case study method will be used. It is an essential tool that helps determine a causal relationship (White & McBurney, 2012). Also, it will provide insights that will inform the recommendations that need to be considered by the multiple business organizations in the financial sector. Credible data that are free of confounding variables must be collected, analyzed, and inferences drawn. Two data collection procedures will be utilized as follows.
i. Semi-structured interviews will be conducted to collect diverse data on the design and implementation of user and online policies. The interviewees will offer data that expound on the security and privacy positions of the systems.
ii. Independent observations will be made to inform the behaviors of the users, both internally and externally. The observation ...
Running head POLICIES FOR MANAGING PRIVACY1POLICIES FOR M.docxglendar3
Running head: POLICIES FOR MANAGING PRIVACY
1
POLICIES FOR MANAGING PRIVACY
5
Online Policies for Enabling Financial Companies to Manage Privacy Issues
Name: Sunil Kumar Parisa
Date:03/29/2020
University of Cumberland’s
ABSTRACT
Financial companies are under constant threats in the face of cyber-attacks, which are growing by the day. The companies usually implement measures that primarily focus on the deployment of technologies for suppressing the attacks. They do not consider user policies as essential elements that help curb the vulnerabilities. The policies put in place have a low level of enforceability, which lowers the impact of the plans. The research project will determine the relationship between policy enforceability and the vulnerabilities posed to a system by the internal and external users.
INTRODUCTION
Business companies in the financial sector have the responsibility of ensuring the data that belong to the customers are fully protected. Cyber-crimes are on the rise, and the approaches employed today are not entirely practical. Technological tools and measures are not efficient. They should be complemented by the behavioral standards that suppress the vulnerabilities in all the IT domains (Vincent, Higgs & Pinsker, 2015). Enforceable policies will ensure there is an integration of behavioral and technological measures for promoting data security and privacy.
LITERATURE REVIEW
Financial companies usually emphasize policies that guide the collection of customer and storage as well as access to the data by the internal and external users. These policies are relevant as they promote best practices at both levels. The companies have a belief that these are the areas that need closer monitoring and evaluation. However, the policies put in place are not always enforceable. A lack of enforceability creates a situation where the desired outcomes are not realized (Yeganeh, 2019). It explains why data breaches are still experienced even after such policies are formulated and implemented.
RESEARCH METHOD
To investigate the relationship between enforceability of the policies and the vulnerabilities that business organizations are exposed to, a case study method will be used. It is an essential tool that helps determine a causal relationship (White & McBurney, 2012). Also, it will provide insights that will inform the recommendations that need to be considered by the multiple business organizations in the financial sector. Credible data that are free of confounding variables must be collected, analyzed, and inferences drawn. Two data collection procedures will be utilized as follows.
i. Semi-structured interviews will be conducted to collect diverse data on the design and implementation of user and online policies. The interviewees will offer data that expound on the security and privacy positions of the systems.
ii. Independent observations will be made to inform the behaviors of the users, both internally and externally. The observation.
Running head POLICIES FOR MANAGING PRIVACY1POLICIES FOR M.docxtodd581
Running head: POLICIES FOR MANAGING PRIVACY
1
POLICIES FOR MANAGING PRIVACY
5
Online Policies for Enabling Financial Companies to Manage Privacy Issues
Name: Sunil Kumar Parisa
Date:03/29/2020
University of Cumberland’s
ABSTRACT
Financial companies are under constant threats in the face of cyber-attacks, which are growing by the day. The companies usually implement measures that primarily focus on the deployment of technologies for suppressing the attacks. They do not consider user policies as essential elements that help curb the vulnerabilities. The policies put in place have a low level of enforceability, which lowers the impact of the plans. The research project will determine the relationship between policy enforceability and the vulnerabilities posed to a system by the internal and external users.
INTRODUCTION
Business companies in the financial sector have the responsibility of ensuring the data that belong to the customers are fully protected. Cyber-crimes are on the rise, and the approaches employed today are not entirely practical. Technological tools and measures are not efficient. They should be complemented by the behavioral standards that suppress the vulnerabilities in all the IT domains (Vincent, Higgs & Pinsker, 2015). Enforceable policies will ensure there is an integration of behavioral and technological measures for promoting data security and privacy.
LITERATURE REVIEW
Financial companies usually emphasize policies that guide the collection of customer and storage as well as access to the data by the internal and external users. These policies are relevant as they promote best practices at both levels. The companies have a belief that these are the areas that need closer monitoring and evaluation. However, the policies put in place are not always enforceable. A lack of enforceability creates a situation where the desired outcomes are not realized (Yeganeh, 2019). It explains why data breaches are still experienced even after such policies are formulated and implemented.
RESEARCH METHOD
To investigate the relationship between enforceability of the policies and the vulnerabilities that business organizations are exposed to, a case study method will be used. It is an essential tool that helps determine a causal relationship (White & McBurney, 2012). Also, it will provide insights that will inform the recommendations that need to be considered by the multiple business organizations in the financial sector. Credible data that are free of confounding variables must be collected, analyzed, and inferences drawn. Two data collection procedures will be utilized as follows.
i. Semi-structured interviews will be conducted to collect diverse data on the design and implementation of user and online policies. The interviewees will offer data that expound on the security and privacy positions of the systems.
ii. Independent observations will be made to inform the behaviors of the users, both internally and externally. The observation.
The paper emphasizes the human aspects of cyber incidents concerning protecting information and
technology assets by addressing behavioral analytics in cybersecurity for digital forensics applications.
The paper demonstrates the human vulnerabilities associated with information systems technologies and
components. This assessment is based on past literature assessments done in this area. This study also
includes analyses of various frameworks that have led to the adoption of behavioral analysis in digital
forensics. The study's findings indicate that behavioral evidence analysis should be included as part of the
digital forensics examination. The provision of standardized investigation methods and the inclusion of
human factors such as motives and behavioral tendencies are some of the factors attached to the use of
behavioral digital forensic frameworks. However, the study also appreciates the need for a more
generalizable digital forensic method.
The paper emphasizes the human aspects of cyber incidents concerning protecting information and
technology assets by addressing behavioral analytics in cybersecurity for digital forensics applications.
The paper demonstrates the human vulnerabilities associated with information systems technologies and
components. This assessment is based on past literature assessments done in this area. This study also
includes analyses of various frameworks that have led to the adoption of behavioral analysis in digital
forensics. The study's findings indicate that behavioral evidence analysis should be included as part of the
digital forensics examination. The provision of standardized investigation methods and the inclusion of
human factors such as motives and behavioral tendencies are some of the factors attached to the use of
behavioral digital forensic frameworks. However, the study also appreciates the need for a more
generalizable digital forensic method.
The paper emphasizes the human aspects of cyber incidents concerning protecting information and
technology assets by addressing behavioral analytics in cybersecurity for digital forensics applications.
The paper demonstrates the human vulnerabilities associated with information systems technologies and
components. This assessment is based on past literature assessments done in this area. This study also
includes analyses of various frameworks that have led to the adoption of behavioral analysis in digital
forensics. The study's findings indicate that behavioral evidence analysis should be included as part of the
digital forensics examination. The provision of standardized investigation methods and the inclusion of
human factors such as motives and behavioral tendencies are some of the factors attached to the use of
behavioral digital forensic frameworks. However, the study also appreciates the need for a more
generalizable digital forensic method.
The frequency, intensity and repercussions of information security breaches in higher education has prompted colleges and universities around the world to devote more resources to enhance technical and human controls capabilities. Research has repeatedly found that technical solutions to cybercrime are insufficient in preventing incidents. The present analysis utilizes the Health Belief Model (HBM) to explain users' computer security behavior by replicating an earlier research study. The study, however, applies the HBM model to a new context, higher education, and college students serve as the sample for this research. A validated questionnaire was employed to collect responses from 263 students attending a public state Midwestern university in the United States. Multiple Linear Regression mathematical analysis was conducted on the dataset collected to measure constructs of the information security of college students. Findings of this research suggest that perceived susceptibility, perceived benefits and self-efficacy are good determinants of information security behavior for college students at least on the sample observations. Further, the analysis supported the moderating logic of perceived severity on the effects of susceptibility, benefits, general security orientation, self-efficacy and cues to action. Findings of this research call upon higher education security administrators to enact more effective awareness and training programs based on real-work security incidents simulations and incorporating information security into the general education curricula.
INVESTIGATING THE DETERMINANTS OF COLLEGE STUDENTS INFORMATION SECURITY BEHAV...ijcsit
ABSTRACT
The frequency, intensity and repercussions of information security breaches in higher education has prompted colleges and universities around the world to devote more resources to enhance technical and human controls capabilities. Research has repeatedly found that technical solutions to cybercrime are insufficient in preventing incidents. The present analysis utilizes the Health Belief Model (HBM) to explain users' computer security behavior by replicating an earlier research study. The study, however, applies the HBM model to a new context, higher education, and college students serve as the sample for this research. A validated questionnaire was employed to collect responses from 263 students attending a public state Midwestern university in the United States. Multiple Linear Regression mathematical analysis was conducted on the dataset collected to measure constructs of the information security of college students. Findings of this research suggest that perceived susceptibility, perceived benefits and self-efficacy are good determinants of information security behavior for college students at least on the sample observations. Further, the analysis supported the moderating logic of perceived severity on the effects of susceptibility, benefits, general security orientation, self-efficacy and cues to action. Findings of this research call upon higher education security administrators to enact more effective awareness and training programs based on real-work security incidents simulations and incorporating information security into the general education curricula.
Brian Wrote There is a wide range of cybersecurity initiatives .docxhartrobert670
Brian Wrote :
There is a wide range of cybersecurity initiatives that exist on the international level through collaborative efforts between the Department of Homeland Security (DHS) and numerous organizational units (UMUC, 2012). According to UMUC (2012), some examples of these initiatives are:
· Federal Law Enforcement Training Center
· National Cyber Security Division
· National Communications System
· Office of Infrastructure Protection
· Office of Operations Coordination
· Privacy Office
· U.S. Secret Service
· U.S. Immigration and Customs Enforcement
· Organization of American States Assistance
“The National Cyber Security Division works to secure cyberspace and America’s cyber assets in cooperation with public, private, and international entities” (UMUC, 2012). This is done using several strategic plans and directives, such as the Presidential Decision Directive 7, the Information Technology Sector Specific Plan, the National Strategy to Secure Cyber Space, National Infrastructure Preparedness Plan, and the National Response Plan (UMUC, 2012). A challenge that the National Cyber Security Division faces in providing an effective deterrent to cybersecurity threats are the constant evolving technologies. These include for both good and bad. Cyber attacks are constantly evolving and so are the technologies use to protect from them. In order for the National Cyber Security Division to effectively deter them not only do they have to stay up-to-date but also so do all of the strategic plans and directives that they use.
Another initiative is the Federal Law Enforcement Training Center (FLETC) that emerged in the 1980s. This initiative puts forth “efforts to counter international hijackings and financial crimes” (UMUC, 2012). It now also extends law enforcement abroad to help against terrorist activity, international crime, and drug-trafficking (UMUC, 2012). It does those with the partner of Department of State. A challenge that the FLETC faces in providing an effective deterrent to cybersecurity threats are their international limitations. All though they have partnered abroad with select foreign nations they still have restrictions and limitations as to what exactly they can do.
Justin Wrote:
Mutual Legal Assistance Treaties (MLATs) are established between two or more nations and provide a formal means of exchanging evidence and information pertaining to criminal acts or cases that occur outside of a nation’s legal jurisdiction. The primary issue associated with MLATs and cybercrime is the inconsistency of host nation laws. Many nations feel that the idea of a global anti-crime initiative may contradict a nation’s fundamental principles (Finklea & Theohary, 2012, p.24). There is no standardized definition for cybercrime which means that one nation may view a virtual act as a crime and the other, with which the MLAT exists, may not. If the two nations agree on the legality of the act then the requesting nation may sub ...
An Exploratory Study of the Security Management Practices of Hispanic StudentsCSCJournals
The growing Internet and mobile technologies create opportunities for efficient communication and coordination among individuals and institutions. However, these technologies also pose security challenges. Although users’ understanding and behavior towards security solutions have been recognized as critical to ensuring effective security solutions, few research articles have examined user security management practices. The literature lacks empirical research that examines users’ everyday behavior and practices to managing security. In an effort to bridge the gap in user security management practices, this paper presents an exploratory study of how Hispanic college students manage the security of their computer systems. Specifically, we examine how ethnicity, gender, and age influence users’ behavior towards updating their operating systems, non-operating system software and antivirus definitions. The results reveal that gender influences the frequency of updating operating systems, antivirus definitions and non-operating system software, whereas ethnicity and age influence only frequency of update of operating systems but not the frequency of update of non-operating system software and antivirus definitions.
Measuring Information Security: Understanding And Selecting Appropriate MetricsCSCJournals
Thanks to numerous information in newspapers about data leaks, advocacy for information security is no more that difficult. But on the practical side, it is usually tough time for information security professionals when they have to demonstrate the value of information security to their organizations; they have so much metrics available on hand that making the right selection is far from obvious. This paper is about understanding the metrics that are available and discussing how to use them in some specific less developed economies.
Appling tracking game system to measure user behavior toward cybersecurity p...IJECEIAES
Institutions wrestle to protect their information from threats and cybercrime. Therefore, it is dedicating a great deal of their concern to improving the information security infrastructure. Users’ behaviors were explored by applying traditional questionnaire as a research instrument in data collocate process. But researchers usually suffer from a lack of respondents' credibility when asking someone to fill out a questionnaire, and the credibility may decline further if the research topic relates to aspects of the use and implementation of information security policies. Therefore, there is insufficient reliability of the respondent's answers to the questionnaire’s questions, and the responses might not reflect the actual behavior based on the human bias when facing the problems theoretically. The current study creates a new idea to track and study the behavior of the respondents by building a tracking game system aligned with the questionnaire whose results are required to be known. The system will allow the respondent to answer the survey questions related to the compliance with the information security policies by tracking their behavior while using the system.
Healthcares Vulnerability to Ransomware AttacksResearch questioSusanaFurman449
Healthcare's Vulnerability to Ransomware Attacks
Research question: To what extent is the healthcare system vulnerable to ransomware attacks?
This research aims to explain how the healthcare sector can become vulnerable to ransomware attacks. It will also discuss how the ransomware topic can influence practice. Methods and relevance for computer nursing to secure health information technology will be reviewed. Ransomware is a cyber-attack form that can damage a company and its IT infrastructure. A ransomware attack is a criminal cyber-attack using malware or software that blackmails a company to gain a money lift from its systems (Slayton, 2018). The software can delete personal data from computer systems except when a payment is made, and the cyber attacker provides the decryption key for unlocking the system. Many types of ransomware are available, and Intel Corp's McAfee Labs predict that these attacks will continue and their prevalence will increase. Comment by Mary Lind: nursing makes no sense here Comment by Mary Lind: what do you mean by form? Comment by Mary Lind: what is a money lift? Comment by Mary Lind: what software - the ransomware can delete anythign
This study examines the motivation of healthcare professionals to use theoretical protection theory (PMT) and deterrence theory to adopt security measures against ransomware attacks in a hospital setting (Rogers, 1975). These include perceived severe threats and perceived fear-mediated vulnerability. Misfitting rewards and reaction costs both have an important negative impact on motivation for protection. Effectiveness as a major coping factor is demonstrated. The results help to utilize fear and PMT in ransomware threats to influence protection motivation for healthcare devices. Comment by Mary Lind: for computers users in the hospital.
Target population
This research targets healthcare professionals, patients, and the general population because of the constant vulnerability of healthcare systems to ransomware attacks.
Methodology
In this research, we analyze the Healthcare's Vulnerability to Ransomware Attacks using quantitative research. Research involves healthcare professionals, patients, and the general population. The research will also review the safeguards that healthcare system users have implemented. Data will be analyzed via the Variance Analysis (ANOVA) various hypotheses that arise in the course of the research.
Findings
This makes the medical industry extremely sensitive to this criminal cyber-attack like ransomware due to advances in technology and extensive use of electronic medical documents. Many hospitals, such as Erie County Medical Center, have recently been affected by ransomware (ECMC). In April 2017, ECMC was affected by a ranking attack that shut down its IT systems after refusing to pay $30,000 to unlock it. Following the attack, they were obliged to return to the paper charts and maintained power outage operations by introducing urgent plans. Ransomwar ...
PERSONAL INFORMATION PRIVACY SETTINGS OF ONLINE SOCIAL NETWORKS AND THEIR S...ijsptm
Protecting personal information privacy has become a controversial issue among online social network
providers and users. Most social network providers have developed several techniques to decrease threats
and risks to the users’ privacy. These risks include the misuse of personal information which may lead to
illegal acts such as identity theft. This study aims to measure the awareness of users on protecting their
personal information privacy, as well as the suitability of the privacy systems which they use to modify
privacy settings. Survey results show high percentage of the use of smart phones for web services but the
current privacy settings for online social networks need to be improved to support different type of mobile
phones screens. Because most users use their mobilephones for Internet services, privacy settings that are
compatible with mobile phones need to be developed. The method of selecting privacy settings should also
be simplified to provide users with a clear picture of the data that will be shared with others. Results of this
study can be used to develop a new privacy system which will help users control their personal information
easily from different devices, including mobile Internet devices and computers.
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docxtodd521
Running Head: TRENDS IN CYBERSECURITY1
TRENDS IN CYBERSECURITY 5
Trends in Cybersecurity
Student’s Name
Institution
Date
Top Trends in the cybersecurity industry
New components introduced into the ecosystem of computing allow new attack vectors: IoT is one of the components that attract cyber attacks, AI-based systems like assistants will invite attacks since first devices and software will not be built considering security protocols. The existing systems of cloud and mobile security will as well be open to attacks as in social engineering, ransomware and continued Advance Persistent Threat attacks (Qureshi, 2018). (All the old methods will be applied with more specialized goals and increased intensity). Expect high-profit applications like cryptocurrency to attract various attacks too. Developing protections in these areas is an ongoing struggle. In this document, we are going to look at some of the current trends in the cyber-security industry and emerging issues such Security and Privacy Merge, AI + ML = forensics and investigations and then focus the research on IoT security issues (Sharma, Tripathi & Panda, 2018).
Trend 1: Security and Privacy Merge
Even though everybody is still trying to comprehend the new privacy landscape and maybe because we have not grasped the new realities. Perhaps it is our ever-increasing focus on privacy overall and GDPR precisely.
What is evident is that there is an increase in companies seeking NAC solutions to keep up with all the new compliance regulations and it is very satisfying to hear that sigh of relief when a company has implemented their solution.
The global regulatory landscape has given way to the emerging trend of merging privacy and security roles. The new policies on privacy laws will require clear, tangible and operational IT security controls (Lin, 2017). While chief privacy officers and chief information security officers have clearly defined roles, it is important for these two roles and their teams to work closely together to leverage their unique skill sets and knowledge bases to ensure their organizations comply with their required regulations and protect their important, sensitive data and information.
Like peanut butter and jelly or milk and cookies, the security and privacy fields go better together. Both communities have started a slow but steady commingling in recent years, all with the goal of improving information protection measures on a large scale (Whitmore, Agarwal, & Da Xu, 2015). At the heart of the convergence of security and privacy is the recognition that information is an essential tool in every organization setting. As pressure keeps rising to protect data while also defending consumer and employee privacy, it's hard to imagine the two functions will remain siloed for much longer.
Trend 2: AI + ML = forensics and investigations
Artificial Intelligence (AI) and Machine Learning (ML) are going to be implemented into the arena of practical usage in cybersecuri.
Similar to DOES DIGITAL NATIVE STATUS IMPACT END-USER ANTIVIRUS USAGE? (20)
Vehicle Ad Hoc Networks (VANETs) have become a viable technology to improve traffic flow and safety on the roads. Due to its effectiveness and scalability, the Wingsuit Search-based Optimised Link State Routing Protocol (WS-OLSR) is frequently used for data distribution in VANETs. However, the selection of MultiPoint Relays (MPRs) plays a pivotal role in WS-OLSR's performance. This paper presents an improved MPR selection algorithm tailored to WS-OLSR, designed to enhance the overall routing efficiency and reduce overhead. The analysis found that the current OLSR protocol has problems such as redundancy of HELLO and TC message packets or failure to update routing information in time, so a WS-OLSR routing protocol based on improved-MPR selection algorithm was proposed. Firstly, factors such as node mobility and link changes are comprehensively considered to reflect network topology changes, and the broadcast cycle of node HELLO messages is controlled through topology changes. Secondly, a new MPR selection algorithm is proposed, considering link stability issues and nodes. Finally, evaluate its effectiveness in terms of packet delivery ratio, end-to-end delay, and control message overhead. Simulation results demonstrate the superior performance of our improved MR selection algorithm when compared to traditional approaches.
A Novel Medium Access Control Strategy for Heterogeneous Traffic in Wireless ...IJCNCJournal
So far, Wireless Body Area Networks (WBANs) have played a pivotal role in driving the development of intelligent healthcare systems with broad applicability across various domains. Each WBAN consists of one or more types of sensors that can be embedded in clothing, attached directly to the body, or even implanted beneath an individual's skin. These sensors typically serve asingle application. However, the traffic generated by each sensor may have distinct requirements. This diversity necessitates a dual approach: tailored treatment based on the specific needs of each traffic typeand the fulfillment of application requirements, such asreliability and timeliness. Never the less, the presence of energy constraints and the unreliable nature of wireless communications make QoS provisioning under such networks a non-trivial task. In this context, the current paper introduces a novel Medium AccessControl (MAC) strategy for the regular traffic applications of WBANs, designed to significantly enhance efficiency when compared to the established MAC protocols IEEE 802.15.4 and IEEE 802.15.6, with a particular focus on improving reliability, timeliness, and energy efficiency.
May_2024 Top 10 Read Articles in Computer Networks & Communications.pdfIJCNCJournal
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
A Topology Control Algorithm Taking into Account Energy and Quality of Transm...IJCNCJournal
The efficient use of energy in wireless sensor networks is critical for extending node lifetime. The network topology is one of the factors that have a significant impact on the energy usage at the nodes and the quality of transmission (QoT) in the network. We propose a topology control algorithm for software-defined wireless sensor networks (SDWSNs) in this paper. Our method is to formulate topology control algorithm as a nonlinear programming (NP) problem with the objective to optimizing two metrics, maximum communication range, and desired degree. This NP problem is solved at the SDWSN controller by employing the genetic algorithm (GA) to determine the best topology. The simulation results show that the proposed algorithm outperforms the MaxPower algorithm in terms of average node degree and energy expansion ratio.
Multi-Server user Authentication Scheme for Privacy Preservation with Fuzzy C...IJCNCJournal
The integration of artificial intelligence technology with a scalable Internet of Things (IoT) platform facilitates diverse smart communication services, allowing remote users to access services from anywhere at any time. The multi-server environment within IoT introduces a flexible security service model, enabling users to interact with any server through a single registration. To ensure secure and privacy preservation services for resources, an authentication scheme is essential. Zhao et al. recently introduced a user authentication scheme for the multi-server environment, utilizing passwords and smart cards, claiming resilience against well-known attacks. This paper conducts cryptanalysis on Zhao et al.'s scheme, focusing on denial of service and privacy attacks, revealing a lack of user-friendliness. Subsequently, we propose a new multi-server user authentication scheme for privacy preservation with fuzzy commitment over the IoT environment, addressing the shortcomings of Zhao et al.'s scheme. Formal security verification of the proposed scheme is conducted using the ProVerif simulation tool. Through both formal and informal security analyses, we demonstrate that the proposed scheme is resilient against various known attacks and those identified in Zhao et al.'s scheme.
Advanced Privacy Scheme to Improve Road Safety in Smart Transportation SystemsIJCNCJournal
In -Vehicle Ad-Hoc Network (VANET), vehicles continuously transmit and receive spatiotemporal data with neighboring vehicles, thereby establishing a comprehensive 360-degree traffic awareness system. Vehicular Network safety applications facilitate the transmission of messages between vehicles that are near each other, at regular intervals, enhancing drivers' contextual understanding of the driving environment and significantly improving traffic safety. Privacy schemes in VANETs are vital to safeguard vehicles’ identities and their associated owners or drivers. Privacy schemes prevent unauthorized parties from linking the vehicle's communications to a specific real-world identity by employing techniques such as pseudonyms, randomization, or cryptographic protocols. Nevertheless, these communications frequently contain important vehicle information that malevolent groups could use to Monitor the vehicle over a long period. The acquisition of this shared data has the potential to facilitate the reconstruction of vehicle trajectories, thereby posing a potential risk to the privacy of the driver. Addressing the critical challenge of developing effective and scalable privacy-preserving protocols for communication in vehicle networks is of the highest priority. These protocols aim to reduce the transmission of confidential data while ensuring the required level of communication. This paper aims to propose an Advanced Privacy Vehicle Scheme (APV) that periodically changes pseudonyms to protect vehicle identities and improve privacy. The APV scheme utilizes a concept called the silent period, which involves changing the pseudonym of a vehicle periodically based on the tracking of neighboring vehicles. The pseudonym is a temporary identifier that vehicles use to communicate with each other in a VANET. By changing the pseudonym regularly, the APV scheme makes it difficult for unauthorized entities to link a vehicle's communications to its real-world identity. The proposed APV is compared to the SLOW, RSP, CAPS, and CPN techniques. The data indicates that the efficiency of APV is a better improvement in privacy metrics. It is evident that the AVP offers enhanced safety for vehicles during transportation in the smart city.
April 2024 - Top 10 Read Articles in Computer Networks & CommunicationsIJCNCJournal
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
DEF: Deep Ensemble Neural Network Classifier for Android Malware DetectionIJCNCJournal
Malware is one of the threats to security of computer networks and information systems. Since malware instances are available sufficiently, there is increased interest among researchers on usage of Artificial Intelligence (AI). Of late AI-enabled methods such as machine learning (ML) and deep learning paved way for solving many real-world problems. As it is a learning-based approach, accumulated training samples help in improving thequality of training and thus leveraging malware detection accuracy. Existing deep learning methods are focusing on learning-based malware detection systems. However, there is need for improving the state of the art through ensemble approach. Towards this end, in this paper we proposed a framework known as Deep Ensemble Framework (DEF) for automatic malware detection. The framework obtains features from training samples. From given malware instance a grayscale image is generated. There is another process to extract the opcode sequences. Convolutional Neural Network (CNN) and Long Short Term Memory (LSTM) techniques are used to obtain grayscale image and opcode sequence respectively. Afterwards, a stacking ensemble is employed in order to achieve efficient malware detection and classification. Malware samples collected fromthe Internet sources and Microsoft are used for theempirical study. An algorithm known as Ensemble Learning for Automatic Malware Detection (EL-AML) is proposed to realize our framework. Another algorithm named Pre-Process is proposed to assist the EL-AML algorithm for obtaining intermediate features required by CNN and LSTM.Empirical study reveals that our framework outperforms many existing methods in terms of speed-up and accuracy.
High Performance NMF Based Intrusion Detection System for Big Data IOT TrafficIJCNCJournal
With the emergence of smart devices and the Internet of Things (IoT), millions of users connected to the network produce massive network traffic datasets. These vast datasets of network traffic, Big Data are challenging to store, deal with and analyse using a single computer. In this paper we developed parallel implementation using a High Performance Computer (HPC) for the Non-Negative Matrix Factorization technique as an engine for an Intrusion Detection System (HPC-NMF-IDS). The large IoT traffic datasets of order of millions samples are distributed evenly on all the computing cores for both storage and speedup purpose. The distribution of computing tasks involved in the Matrix Factorization takes into account the reduction of the communication cost between the computing cores. The experiments we conducted on the proposed HPC-IDS-NMF give better results than the traditional ML-based intrusion detection systems. We could train the HPC model with datasets of one million samples in only 31 seconds instead of the 40 minutes using one processor), that is a speed up of 87 times. Moreover, we have got an excellent detection accuracy rate of 98% for KDD dataset.
A Novel Medium Access Control Strategy for Heterogeneous Traffic in Wireless ...IJCNCJournal
So far, Wireless Body Area Networks (WBANs) have played a pivotal role in driving the development of intelligent healthcare systems with broad applicability across various domains. Each WBAN consists of one or more types of sensors that can be embedded in clothing, attached directly to the body, or even implanted beneath an individual's skin. These sensors typically serve asingle application. However, the traffic generated by each sensor may have distinct requirements. This diversity necessitates a dual approach: tailored treatment based on the specific needs of each traffic typeand the fulfillment of application requirements, such asreliability and timeliness. Never the less, the presence of energy constraints and the unreliable nature of wireless communications make QoS provisioning under such networks a non-trivial task. In this context, the current paper introduces a novel Medium AccessControl (MAC) strategy for the regular traffic applications of WBANs, designed to significantly enhance efficiency when compared to the established MAC protocols IEEE 802.15.4 and IEEE 802.15.6, with a particular focus on improving reliability, timeliness, and energy efficiency.
A Topology Control Algorithm Taking into Account Energy and Quality of Transm...IJCNCJournal
The efficient use of energy in wireless sensor networks is critical for extending node lifetime. The network topology is one of the factors that have a significant impact on the energy usage at the nodes and the quality of transmission (QoT) in the network. We propose a topology control algorithm for software-defined wireless sensor networks (SDWSNs) in this paper. Our method is to formulate topology control algorithm as a nonlinear programming (NP) problem with the objective to optimizing two metrics, maximum communication range, and desired degree. This NP problem is solved at the SDWSN controller by employing the genetic algorithm (GA) to determine the best topology. The simulation results show that the proposed algorithm outperforms the MaxPower algorithm in terms of average node degree and energy expansion ratio.
Multi-Server user Authentication Scheme for Privacy Preservation with Fuzzy C...IJCNCJournal
The integration of artificial intelligence technology with a scalable Internet of Things (IoT) platform facilitates diverse smart communication services, allowing remote users to access services from anywhere at any time. The multi-server environment within IoT introduces a flexible security service model, enabling users to interact with any server through a single registration. To ensure secure and privacy preservation services for resources, an authentication scheme is essential. Zhao et al. recently introduced a user authentication scheme for the multi-server environment, utilizing passwords and smart cards, claiming resilience against well-known attacks. This paper conducts cryptanalysis on Zhao et al.'s scheme, focusing on denial of service and privacy attacks, revealing a lack of user-friendliness. Subsequently, we propose a new multi-server user authentication scheme for privacy preservation with fuzzy commitment over the IoT environment, addressing the shortcomings of Zhao et al.'s scheme. Formal security verification of the proposed scheme is conducted using the ProVerif simulation tool. Through both formal and informal security analyses, we demonstrate that the proposed scheme is resilient against various known attacks and those identified in Zhao et al.'s scheme.
Advanced Privacy Scheme to Improve Road Safety in Smart Transportation SystemsIJCNCJournal
In -Vehicle Ad-Hoc Network (VANET), vehicles continuously transmit and receive spatiotemporal data with neighboring vehicles, thereby establishing a comprehensive 360-degree traffic awareness system. Vehicular Network safety applications facilitate the transmission of messages between vehicles that are near each other, at regular intervals, enhancing drivers' contextual understanding of the driving environment and significantly improving traffic safety. Privacy schemes in VANETs are vital to safeguard vehicles’ identities and their associated owners or drivers. Privacy schemes prevent unauthorized parties from linking the vehicle's communications to a specific real-world identity by employing techniques such as pseudonyms, randomization, or cryptographic protocols. Nevertheless, these communications frequently contain important vehicle information that malevolent groups could use to Monitor the vehicle over a long period. The acquisition of this shared data has the potential to facilitate the reconstruction of vehicle trajectories, thereby posing a potential risk to the privacy of the driver. Addressing the critical challenge of developing effective and scalable privacy-preserving protocols for communication in vehicle networks is of the highest priority. These protocols aim to reduce the transmission of confidential data while ensuring the required level of communication. This paper aims to propose an Advanced Privacy Vehicle Scheme (APV) that periodically changes pseudonyms to protect vehicle identities and improve privacy. The APV scheme utilizes a concept called the silent period, which involves changing the pseudonym of a vehicle periodically based on the tracking of neighboring vehicles. The pseudonym is a temporary identifier that vehicles use to communicate with each other in a VANET. By changing the pseudonym regularly, the APV scheme makes it difficult for unauthorized entities to link a vehicle's communications to its real-world identity. The proposed APV is compared to the SLOW, RSP, CAPS, and CPN techniques. The data indicates that the efficiency of APV is a better improvement in privacy metrics. It is evident that the AVP offers enhanced safety for vehicles during transportation in the smart city.
DEF: Deep Ensemble Neural Network Classifier for Android Malware DetectionIJCNCJournal
Malware is one of the threats to security of computer networks and information systems. Since malware instances are available sufficiently, there is increased interest among researchers on usage of Artificial Intelligence (AI). Of late AI-enabled methods such as machine learning (ML) and deep learning paved way for solving many real-world problems. As it is a learning-based approach, accumulated training samples help in improving thequality of training and thus leveraging malware detection accuracy. Existing deep learning methods are focusing on learning-based malware detection systems. However, there is need for improving the state of the art through ensemble approach. Towards this end, in this paper we proposed a framework known as Deep Ensemble Framework (DEF) for automatic malware detection. The framework obtains features from training samples. From given malware instance a grayscale image is generated. There is another process to extract the opcode sequences. Convolutional Neural Network (CNN) and Long Short Term Memory (LSTM) techniques are used to obtain grayscale image and opcode sequence respectively. Afterwards, a stacking ensemble is employed in order to achieve efficient malware detection and classification. Malware samples collected fromthe Internet sources and Microsoft are used for theempirical study. An algorithm known as Ensemble Learning for Automatic Malware Detection (EL-AML) is proposed to realize our framework. Another algorithm named Pre-Process is proposed to assist the EL-AML algorithm for obtaining intermediate features required by CNN and LSTM.Empirical study reveals that our framework outperforms many existing methods in terms of speed-up and accuracy.
High Performance NMF based Intrusion Detection System for Big Data IoT TrafficIJCNCJournal
With the emergence of smart devices and the Internet of Things (IoT), millions of users connected to the network produce massive network traffic datasets. These vast datasets of network traffic, Big Data are challenging to store, deal with and analyse using a single computer. In this paper we developed parallel implementation using a High Performance Computer (HPC) for the Non-Negative Matrix Factorization technique as an engine for an Intrusion Detection System (HPC-NMF-IDS). The large IoT traffic datasets of order of millions samples are distributed evenly on all the computing cores for both storage and speedup purpose. The distribution of computing tasks involved in the Matrix Factorization takes into account the reduction of the communication cost between the computing cores. The experiments we conducted on the proposed HPC-IDS-NMF give better results than the traditional ML-based intrusion detection systems. We could train the HPC model with datasets of one million samples in only 31 seconds instead of the 40 minutes using one processor), that is a speed up of 87 times. Moreover, we have got an excellent detection accuracy rate of 98% for KDD dataset.
IoT Guardian: A Novel Feature Discovery and Cooperative Game Theory Empowered...IJCNCJournal
Cyber intrusion attacks increasingly target the Internet of Things (IoT) ecosystem, exploiting vulnerable devices and networks. Malicious activities must be identified early to minimize damage and mitigate threats. Using actual benign and attack traffic from the CICIoT2023 dataset, this WORK aims to evaluate and benchmark machine-learning techniques for IoT intrusion detection. There are four main phases to the system. First, the CICIoT2023 dataset is refined to remove irrelevant features and clean up missing and duplicate data. The second phase employs statistical models and artificial intelligence to discover novel features. The most significant features are then selected in the third phase based on cooperative game theory. Using the original CICIoT2023 dataset and a dataset containing only novel features, we train and evaluate a variety of machine learning classifiers. On the original dataset, Random Forest achieved the highest accuracy of 99%. Still, with novel features, Random Forest's performance dropped only slightly (96%) while other models achieved significantly lower accuracy. As a whole, the work contributes substantial contributions to tailored feature engineering, feature selection, and rigorous benchmarking of IoT intrusion detection techniques. IoT networks and devices face continuously evolving threats, making it necessary to develop robust intrusion detection systems.
Enhancing Traffic Routing Inside a Network through IoT Technology & Network C...IJCNCJournal
IoT networking uses real items as stationary or mobile nodes. Mobile nodes complicate networking. Internet of Things (IoT) networks have a lot of control overhead messages because devices are mobile. These signals are generated by the constant flow of control data as such device identity, geographical positioning, node mobility, device configuration, and others. Network clustering is a popular overhead communication management method. Many cluster-based routing methods have been developed to address system restrictions. Node clustering based on the Internet of Things (IoT) protocol, may be used to cluster all network nodes according to predefined criteria. Each cluster will have a Smart Designated Node. SDN cluster management is efficient. Many intelligent nodes remain in the network. The network design spreads these signals. This paper presents an intelligent and responsive routing approach for clustered nodes in IoT networks. An existing method builds a new sub-area clustered topology. The Nodes Clustering Based on the Internet of Things (NCIoT) method improves message transmission between any two nodes. This will facilitate the secure and reliable interchange of healthcare data between professionals and patients. NCIoT is a system that organizes nodes in the Internet of Things (IoT) by grouping them together based on their proximity. It also picks SDN routes for these nodes. This approach involves selecting one option from a range of choices and preparing for likely outcomes problem addressing limitations on activities is a primary focus during the review process. Predictive inquiry employs the process of analyzing data to forecast and anticipate future events. This document provides an explanation of compact units. The Predictive Inquiry Small Packets (PISP) improved its backup system and partnered with SDN to establish a routing information table for each intelligent node, resulting in higher routing performance. Both principal and secondary roads are available for use. The simulation findings indicate that NCIoT algorithms outperform CBR protocols. Enhancements lead to a substantial 78% boost in network performance. In addition, the end-to-end latency dropped by 12.5%. The PISP methodology produces 5.9% more inquiry packets compared to alternative approaches. The algorithms are constructed and evaluated against academic ones.
IoT Guardian: A Novel Feature Discovery and Cooperative Game Theory Empowered...IJCNCJournal
Cyber intrusion attacks increasingly target the Internet of Things (IoT) ecosystem, exploiting vulnerable devices and networks. Malicious activities must be identified early to minimize damage and mitigate threats. Using actual benign and attack traffic from the CICIoT2023 dataset, this WORK aims to evaluate and benchmark machine-learning techniques for IoT intrusion detection. There are four main phases to the system. First, the CICIoT2023 dataset is refined to remove irrelevant features and clean up missing and duplicate data. The second phase employs statistical models and artificial intelligence to discover novel features. The most significant features are then selected in the third phase based on cooperative game theory. Using the original CICIoT2023 dataset and a dataset containing only novel features, we train and evaluate a variety of machine learning classifiers. On the original dataset, Random Forest achieved the highest accuracy of 99%. Still, with novel features, Random Forest's performance dropped only slightly (96%) while other models achieved significantly lower accuracy. As a whole, the work contributes substantial contributions to tailored feature engineering, feature selection, and rigorous benchmarking of IoT intrusion detection techniques. IoT networks and devices face continuously evolving threats, making it necessary to develop robust intrusion detection systems.
** Connect, Collaborate, And Innovate: IJCNC - Where Networking Futures Take ...IJCNCJournal
The International Journal of Computer Networks & Communications (IJCNC) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of Computer Networks & Communications. The journal focuses on all technical and practical aspects of Computer Networks & data Communications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on advanced networking concepts and establishing new collaborations in these areas.
Enhancing Traffic Routing Inside a Network through IoT Technology & Network C...IJCNCJournal
IoT networking uses real items as stationary or mobile nodes. Mobile nodes complicate networking. Internet of Things (IoT) networks have a lot of control overhead messages because devices are mobile. These signals are generated by the constant flow of control data as such device identity, geographical positioning, node mobility, device configuration, and others. Network clustering is a popular overhead communication management method. Many cluster-based routing methods have been developed to address system restrictions. Node clustering based on the Internet of Things (IoT) protocol, may be used to cluster all network nodes according to predefined criteria. Each cluster will have a Smart Designated Node. SDN cluster management is efficient. Many intelligent nodes remain in the network. The network design spreads these signals. This paper presents an intelligent and responsive routing approach for clustered nodes in IoT networks. An existing method builds a new sub-area clustered topology. The Nodes Clustering Based on the Internet of Things (NCIoT) method improves message transmission between any two nodes. This will facilitate the secure and reliable interchange of healthcare data between professionals and patients. NCIoT is a system that organizes nodes in the Internet of Things (IoT) by grouping them together based on their proximity. It also picks SDN routes for these nodes. This approach involves selecting one option from a range of choices and preparing for likely outcomes problem addressing limitations on activities is a primary focus during the review process. Predictive inquiry employs the process of analyzing data to forecast and anticipate future events. This document provides an explanation of compact units. The Predictive Inquiry Small Packets (PISP) improved its backup system and partnered with SDN to establish a routing information table for each intelligent node, resulting in higher routing performance. Both principal and secondary roads are available for use. The simulation findings indicate that NCIoT algorithms outperform CBR protocols. Enhancements lead to a substantial 78% boost in network performance. In addition, the end-to-end latency dropped by 12.5%. The PISP methodology produces 5.9% more inquiry packets compared to alternative approaches. The algorithms are constructed and evaluated against academic ones.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
Hierarchical Digital Twin of a Naval Power SystemKerry Sado
A hierarchical digital twin of a Naval DC power system has been developed and experimentally verified. Similar to other state-of-the-art digital twins, this technology creates a digital replica of the physical system executed in real-time or faster, which can modify hardware controls. However, its advantage stems from distributing computational efforts by utilizing a hierarchical structure composed of lower-level digital twin blocks and a higher-level system digital twin. Each digital twin block is associated with a physical subsystem of the hardware and communicates with a singular system digital twin, which creates a system-level response. By extracting information from each level of the hierarchy, power system controls of the hardware were reconfigured autonomously. This hierarchical digital twin development offers several advantages over other digital twins, particularly in the field of naval power systems. The hierarchical structure allows for greater computational efficiency and scalability while the ability to autonomously reconfigure hardware controls offers increased flexibility and responsiveness. The hierarchical decomposition and models utilized were well aligned with the physical twin, as indicated by the maximum deviations between the developed digital twin hierarchy and the hardware.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdffxintegritypublishin
Advancements in technology unveil a myriad of electrical and electronic breakthroughs geared towards efficiently harnessing limited resources to meet human energy demands. The optimization of hybrid solar PV panels and pumped hydro energy supply systems plays a pivotal role in utilizing natural resources effectively. This initiative not only benefits humanity but also fosters environmental sustainability. The study investigated the design optimization of these hybrid systems, focusing on understanding solar radiation patterns, identifying geographical influences on solar radiation, formulating a mathematical model for system optimization, and determining the optimal configuration of PV panels and pumped hydro storage. Through a comparative analysis approach and eight weeks of data collection, the study addressed key research questions related to solar radiation patterns and optimal system design. The findings highlighted regions with heightened solar radiation levels, showcasing substantial potential for power generation and emphasizing the system's efficiency. Optimizing system design significantly boosted power generation, promoted renewable energy utilization, and enhanced energy storage capacity. The study underscored the benefits of optimizing hybrid solar PV panels and pumped hydro energy supply systems for sustainable energy usage. Optimizing the design of solar PV panels and pumped hydro energy supply systems as examined across diverse climatic conditions in a developing country, not only enhances power generation but also improves the integration of renewable energy sources and boosts energy storage capacities, particularly beneficial for less economically prosperous regions. Additionally, the study provides valuable insights for advancing energy research in economically viable areas. Recommendations included conducting site-specific assessments, utilizing advanced modeling tools, implementing regular maintenance protocols, and enhancing communication among system components.
DOES DIGITAL NATIVE STATUS IMPACT END-USER ANTIVIRUS USAGE?
1. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
DOI: 10.5121/ijcnc.2021.13207 121
DOES DIGITAL NATIVE STATUS IMPACT
END-USER ANTIVIRUS USAGE?
Gerrianne Roberts, Ph.D.1
and Shawon Rahman, Ph.D.2
1
Full-Time Professor, Department of Cybersecurity and Network Engineering
Technology (CyNET), Valencia College, Orlando, Florida, 32811, USA
2
Professor, Department of Computer Science and Engineering, University of Hawaii-Hilo
Hilo, Hawaii 96720, USA
ABSTRACT
Due to the increasingly online nature of business (e-commerce), it is essential to understand how end-users
can be protected from malicious online activities such as malware. Several factors have been examined in
the research on this topic. Digital native status was identified as a factor that has not been investigated
thoroughly. This study examined how the security decision-making process is impacted by digital native
status by looking at Protection Motivation Theory. Digital Native Status was investigated as a mediating
factor in the PMT model. Intent to use antivirus was utilized as the protective measure. The findings
indicate that digital native status does not mediate Fear. However, other factors, such as Fear, self-
efficacy, and response efficacy, play a part in the intent to use antivirus. Conversely, the other constructs in
the model, response-costs and maladaptive rewards, did not have a relationship with antivirus usage.
Practically speaking, employers and eCommerce businesses could use these findings to identify factors that
play into their end-user behaviors. These findings can be utilized to help guide training programs and
professionals researching end-user behavior. These findings also suggest that future research should focus
on factors other than age.
KEYWORDS
Protection Motivation Theory, Fear Motivation, Digital Native, Digital Immigrant, Information Privacy,
Antivirus.
1. INTRODUCTION
With the advent of the Internet, consumerism has shifted from a purely physical interaction
model to an increasingly eCommerce model [1]. Many companies have successfully used digital
communication models; however, digital communication has also introduced new information
privacy challenges [2]. According to Bansal and Zahedi [3], there has been an increase in online
privacy violations, leading to personal customer information exposure. This exposure, in turn, has
created concern in the consumer community [3].
Information privacy concerns can quickly turn into violations of trust for consumers [2]. For
example, in 2011, Sony experienced a significant data breach that resulted in consumer concern
and customer lawsuits due to the violation of trust [4]. In the same year, multiple other attacks
occurred that dampened consumer trust. Companies such as RSA (an information security
provider), Best Buy, Target, Verizon, and more suffered breaches that ultimately lead to a severe
violation of trust [4].
These types of breaches are not uncommon. Privacy Rights Clearinghouse (PRC) has archived
over 9000 breach events from January 2005 to December 2018 [31]. Altogether, there were 12
2. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
122
billion records in these archives [31]. Many similar organizations have had similar results in their
recording and reporting on information breaches [32]. Such trust violations are of concern to
companies due to the potential loss of revenue. According to Tomlinson and Mayer [5], trust
violations can have consequences such as loss of income (due to loss of sales) and other
irreparable damages (such as legal consequences). Shackelford [4] claims that this loss can be
upwards of $200 per consumer record lost, and potentially more per consumer.
Companies also face potentially severe legal consequences from breaches [6]. Lawsuits aimed at
companies who have violated consumer privacy by illegally selling consumer information and
illegally tracking consumer online behavior through their browser (mainly using “cookies” to
track consumers’ online behaviors) have brought more attention to the privacy issue. These
incidents have spurred new legislation aimed at protecting consumers from breaches of privacy
via online conduits such as company websites and online storefronts.
With the advent of these new laws and added protections to existing laws, companies have had to
find better ways to protect their data to ensure privacy for individuals or businesses they keep
information about. Companies have been accomplishing this task by studying how users interact
with their stored data to create better mechanisms to secure user information [7].
These studies have found that, in general, users who are concerned about their privacy in an
online environment will most likely take measures to protect their privacy, measures such as
installing antivirus or changing privacy settings on social media [8]. These studies have also
found that several factors play into those concerns. Researchers have identified factors such as
ownership [9], generation [10], protection motivation [11, 28], and data handling [12] as
motivating factors. These items represent common themes throughout the research; however,
they are not representative of everything that goes into consumer concern; research on this topic
is still being developed, and new factors are found every day.
Much of the research looking into motivations to take privacy precautions utilize fear motivation
theory. In addition to the study by Boss et al. [11] (referenced for this study), there have been
numerous studies. For example, Tsai et al. [13] looked at fear motivation and planned behavior
and how they relate to the end user’s intention to take privacy protections. Another study, by
Chen, Beaudoin, and Hong [14], looks at online privacy concerns and how protection motivation
theory, in addition to the Extended Parallel Process Model (EPPM), plays into those concerns.
Such studies continue to examine fear motivation and how it affects the end-user in their decision
to take privacy precautions in an online environment.
This study utilizes PMT by keeping the existing framework and introducing a mediating factor
(i.e., digital native status). It is a well-known presumption of those in the information security
industry that familiarity with technology plays a role in how one reacts to situations and what
precautions they may take. One also assumes that if someone is a “digital native” (i.e., born after
1980 during the proliferation of technology), they will be more familiar with technology due to
growing up with it rather than adopting it later in life [15]. Therefore, this study tested the theory
that digital native status moderates fear and the adaptive response to Fear.
Looking at PMT and DNS, the research question was formed. It centered around the idea that
digital native status would be examined using PMT. The main research question is, “To what
extent do high fear levels relate to an increased usage of antivirus software when moderated by
digital native status?”. Other research questions were formed from the PMT model itself. Each
subsequent question sought to understand the relationship between each construct and the
3. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
123
protective measure of antivirus use. These questions were developed to identify any other factors
that impacted the decision-making process and confirm previous research on the topic.
From the research questions came the hypothesis: one null and one positive for each question.
The null hypothesis meant that there were not any relationships between the constructs being
examined in each question. The other, the positive hypothesis, posited that there was a
relationship. The section discussing methods and materials goes further into the questions and
their related hypothesis.
The remainder of the paper is broken down into five additional sections. In section 2, a literature
review is presented to provide background on the topic of PMT, current research, and digital
native status. Next, in section 3, the methodology used in the paper is provided. Then, in section
4, the study’s results are presented and discussed. In section 5, future research recommendations
are discussed. Lastly, in section 6, the paper is closed with conclusions sheened from the
research.
2. LITERATURE REVIEW
This section examines the state of the research as it pertains to protection motivation and digital
native status. This section is divided into three main sections. The first section discusses the
background of PMT and the current state of research. The second section discusses PMT itself.
Lastly, the third section discusses digital native status.
2.1. Background
Fear motivation theory, also known as PMT, posits that behavior may change based on a
response to an event that caused Fear [16]. This is typically considered an adaptive response or a
protection response [11, 16]. Fear motivation has been the focus of several studies to better
understand end-user behavior to create better control mechanisms for end-user privacy [9, 11, 14,
17]. The ultimate goal of these types of studies is to better comply with local, state, federal, and
international laws and to bring a better experience to the end-user [11, 12].
PMT has been used in many studies in the information security realm. Studies by Boss et al. [11],
Doane et al. [17], Ifinedo [18], and many more all use PMT to examine end-user behaviors when
it comes to compliance with policies as well as with taking protection methods such as using
antivirus. Boss et al. [11] studied PMT in the context of end-user behavior with backups and
antivirus usage. Doane et al. [17] used PMT to explore how cyberbullying impacts risky online
transactions. Lastly, Ifinedo [18] studied PMT to see how it affected employee compliance with
security policies.
PMT states that there are positive relationships between Fear and adaptive measures. There are
also positive relationships between response efficacy and adaptive measures and between self-
efficacy and adaptive measures [11]. The theory also shows a negative relationship between
maladaptive rewards and adaptive measures and between response costs and adaptive measures
[11]. As a result of these relationships, high fear levels are thought to lead to more protective
measures [11, 16, 17, 18]. Additionally, Boss et al. [11] found that using high fear appeal
messages created more Fear. In those scenarios where Fear was elevated, users were more likely
to take protective measures.
The relationships between the independent and dependent variables in the PMT model also
suggest that individuals with high perceived response efficacy are more likely to use a protection
4. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
124
method [11, 16, 18]. Ifinedo [18] found that this relationship was supported by empirical
evidence. In Ifindedo’s study, the data analysis indicated a positive relationship between response
efficacy and the likelihood that an individual would use a protection method.
Boss et al. [11] found evidence that individuals with high maladaptive rewards were less likely to
use protection methods. Boss et al. [11] posited that individuals who feel that they are rewarded
for not taking protective measures would be less likely to use protection than individuals
motivated by Fear. PMT posits that individuals who perceive the response cost to be high are less
likely to take protective measures [11]. Scholars have suggested that this relationship is because
individuals may feel that the costs are not worth the effort [11, 18]. Boss et al. [11] found
evidence to support this conclusion, but the results of Ifinedo’s [18] study did not indicate a link
between response cost and protective measures. This lack of consistency in the research suggests
a need for additional research.
PMT theory does not explicitly examine other factors’ influence on the relationships between fear
motivators and adaptive measures. Examples of potential mediating and moderating variables
include age, gender, race, and education level. While age is similar to digital native status as it
has to do with birth year, it is not considered the same. Age is a variable that increases the further
away from birth year one gets, while digital native status has to do with being born before 1980
or in 1980 or after. There are only two groups with digital native status. This study aims to add to
the theory by looking at digital native status as a possible mediating factor in how Fear plays into
adaptive measures.
2.2. Protection Motivation Theory and the Research Model
The research model used in this study is the PMT model. The model was first introduced by
Rogers in 1975 [16] and was meant to examine how Fear plays a role in the decision-making
process. The model has been modified over the years to accommodate new research on the topic
[11]. The model’s current iteration includes several new constructs, such as maladaptive rewards
and response costs [11]. In the current model, these new constructs, in addition to traditional
constructs (such as Fear and self-efficacy), all play a role in how the end-user responds to fear.
The model used for this study is based on what is referred to as the full PMT model and is
considered the most current iteration of the model [11]. In this version of the model, Fear is
affected by the individual’s threat appraisal. The threat appraisal is comprised of two factors:
perceived threat severity and perceived threat vulnerability (i.e., how large is the threat and how
likely it is to occur). If either is large, the individual is expected to have a higher level of Fear and
is more likely to act on that Fear [19].
If the threat is deemed high enough to take action, then the individual will progress to what is
known as the coping appraisal step. In this step, the individual will analyze the response efficacy,
self-efficacy, and response costs factors to see if it is worth moving on to the actual response to
the threat [19]. If the response costs are too high, or if any of the efficacy factors are too low, then
the individual is not likely to move on to the response [19].
Lastly, if the threat is deemed high enough, and the efficacy factors are considered high enough,
they will likely move on and take the protective measure. This behavior implicates that the
individual would be likely to use antivirus to protect their online privacy in our study. This study
introduces a few factor. This new factor is digital native status. Digital native status has to do
with when an individual was born. If the individual was born before 1980, they are considered a
digital immigrant (or someone who adopted technology later in life). If the person was born on or
5. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
125
after 1980, they are considered a digital native because they have grown up during the digital age
and are assumed to have used technology most of their life [20] (see Figure 1 Research Model).
2.3. Digital Natives and Digital Immigrants
The mediating factor for this study is Digital native status. Digital native is a term popularized by
educator Marc Prensky in 2001 [15]. Prensky wrote about digital natives and digital immigrants
in an article titled “Digital Natives, Digital Immigrants.” In the article, Prensky discusses how
learning changes have occurred due to the shift in the way students use technology. Prensky
coined the term “digital native” for students born after 1980 who grew up with technology.
Prensky [15] describes the phenomenon of the digital age as a “singularity” [15, p. 1] that has
changed the way people think and interact with each other. According to Prensky, digital natives
are “native speakers” [15, p. 1] of technologies such as video games, the Internet, and computers
in general. Since they are native speakers, digital natives have an “accent” [15, p. 3] that digital
immigrants do not. For example, Prensky describes the process of information gathering for
digital natives as turning immediately to the Internet instead of traditional sources such as
newspapers and magazines, as a digital immigrant would. Prensky posits that this is because “a
language learned later in life,…goes into a different part of the brain” [15, p. 3].
Figure 1 Research Model
6. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
126
Prensky followed up this article with a second article on digital natives and digital immigrants
called “Digital Natives, Digital Immigrants, Part II: Do They Think Differently?” [21]. In this
article, Prensky explores how growing up in a digital environment changes people’s thinking.
Prensky posits that because one’s thinking patterns can vary based on experiences, growing up
around technology changes how people think and therefore impacts their decision-making
process and how they learn.
Prensky also posits that this change in the way digital natives think impacts how they develop
their skills. In the article, Prensky suggests that digital natives may have lost their reflective
ability (i.e., the ability to learn from experiences). Prensky is implying that their decision-making
and thought processes may not have to do with prior experiences [21, 29, 30]. The change in the
way digital natives think and their perceived increase in digital literacy are motivating factors
behind using digital native status as a mediating factor in this study.
Others question whether or not digital native status impacts information literacy in the way
implied by the very concept of the digital native. In 2017, Kirschner and De Bruyckere [35]
questioned whether digital native status was real. They likened the idea to “yet-like creatures.” In
2019, Marksbury and Bryant [36], agreeing with Kirschner and De Bruyekere, did additional
research on the topic and found that there may be something to the idea that digital literacy is not
so native to the digital natives and more likely has to do with experiences, not age.
This clashing of ideas is one of the leading factors for this study.
The next section discusses the materials and methods used to conduct this study.
3. MATERIALS AND METHODS
This section presents the materials and methods used to conduct this study. First, a background is
provided, then the section is broken into several sections describing different elements of the
methodology. First, the research question and hypothesis are presented. The next section looks at
instrumentation and presents the instrument used in the study. Validity and reliability are also
discussed. Sampling procedures are then presented. In the last section, a brief overview of the
data analysis process is presented.
A nonexperimental, correlational research design was chosen for this study. A survey instrument
was used to collect data. The chosen approach allowed the researcher to quantitatively analyze
the relationships between the different variables of interest in the study using linear regression
analysis [22]. Data were collected via an online survey tool provided by QuestionPro. This
approach was chosen as several related studies, such as the one by Boss et al. [11], utilized this
methodology.
Seven variables were examined as part of the study. The four independent variables consisted of
Fear, maladaptive rewards, response efficacy, self-efficacy, and response costs. Intent to use
antivirus, the adaptive response, was examined as a dependent variable, and digital native status
was examined as a mediating variable. Each of the independent variables was examined with the
dependent variable to see if there was a relationship between them. The participants’ digital
native status was then examined to determine if digital native status acted as a mediating factor
between Fear and adaptive response.
A regression analysis was used to examine the relationships between the variables. Tabachnick
and Fidell [22] noted that “Regression analyses are a set of statistical techniques that allow one to
7. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
127
assess the relationship between one dependent variable (DV) and several independent variables
(IVs)” [22, p. 117]. Regression analysis allowed the research questions to be answered via a
simple analysis of the quantitative data to establish relationships between the various constructs
and the intent to take adaptive measures by increasing the use of antivirus software. IBM SPSS
was used to facilitate data analysis.
3.1. Research Questions and Hypotheses
Five research questions were investigated during the present study. Each research question was
answered by testing a pair of null and alternative hypotheses. The research questions and their
corresponding hypotheses were as follows:
Research Question 1: To what extent do high fear levels relate to increased usage of antivirus
software when moderated by digital native status?
o H01: Higher levels of Fear are not related to increased usage of antivirus software when
moderated by digital native status.
o Ha1: Higher levels of Fear are related to increased usage of antivirus software when
moderated by digital native status.
Research Question 2: To what extent does higher acceptance of maladaptive rewards relate to
increased usage of antivirus software?
o H02: Higher acceptance of maladaptive rewards do not lead to higher levels of usage of
antivirus software
o Ha2: Higher acceptance of maladaptive rewards does lead to higher levels of usage of
antivirus software
Research Question 3: To what extent do higher levels of response efficacy relate to increased
usage of antivirus software?
o H03: Higher levels of response efficacy do not lead to higher levels of usage of antivirus
software.
o Ha3: Higher levels of response efficacy do lead to higher levels of usage of antivirus
software.
Research Question 4: To what extent do higher levels of self-efficacy relate to increased usage
of antivirus software?
o H04: Higher levels of self-efficacy do not lead to higher levels of usage of antivirus software.
o Ha4: Higher levels of self-efficacy does lead to higher levels of usage of antivirus software.
Research Question 5: To what extent does higher response cost relate to increased usage of
antivirus software?
o H05: Higher levels of response costs do not lead to higher levels of usage of antivirus
software.
o Ha5: Higher levels of response costs lead to higher levels of usage of antivirus software.
3.2. Instrumentation
A survey instrument was used for this study. The survey instrument used was the same as the one
used in the Boss et al. [11] study. The study consisted of two sub-studies. One looked at backup
habits, and the other looked at antivirus usage. The sub-study questions that looked at antivirus
were used with the author’s permission for this study. The instrument asked questions about the
various constructs and took responses in a 5-point Likert Scale format. A value of 5 represented
8. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
128
agree, and a value of 1 represented disagree. The following section outlines the questions asked
as part of the survey.
3.2.1. Survey Instrument Questions
Measurement items (from Boss et al. [11]):
1) Intent to use anti-malware software
a) I intend to use anti-malware software in the next three months.
b) I predict I will use anti-malware software in the next three months.
c) I plan to use anti-malware software in the next three months.
2) Threat severity
a) If my computer were infected by malware, it would be severe.
b) If my computer were infected by malware, it would be serious.
c) If my computer were infected by malware, it would be significant.
3) Threat Vulnerability
a) My computer is at risk of becoming infected with malware.
b) It is likely that my computer will become infected with malware
c) My computer may become infected with malware.
4) Response Efficacy
a) Anti-malware software works for protection
b) Anti-malware software is effective for protection.
c) When using anti-malware software, a computer is more likely to be protected.
5) Self-Efficacy
a) Anti-malware software is easy to use.
b) Anti-malware software is convenient to use.
c) I can use anti-malware software without much effort.
6) Fear
a) My computer has a serious malware problem.
b) My computer might be seriously infected with malware.
c) The amount of malware on my computer is terrifying.
d) I am afraid of malware.
e) My computer might become unusable due to malware.
f) My computer might become slower due to malware.
7) Maladaptive Rewards
a) Not using an anti-malware application saves me time.
b) Not using an anti-malware application saves me money.
c) Not using an anti-malware application keeps me from being confused.
d) Using an anti-malware application would slow down the speed of my access to the
Internet.
e) Using an anti-malware application would slow down my computer.
f) Using an anti-malware application would interfere with other programs on my computer.
g) Using an anti-malware application would limit the functionality of my Internet browser.
8) Response Costs
a) The cost of finding an anti-malware application decreases the convenience afforded by
the application.
b) There is too much work associated with trying to increase computer protection through
the use of an anti-malware application.
c) Using an anti-malware application on my computer would require a considerable
investment of effort other than time.
d) Using an anti-malware application would be time-consuming
9. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
129
The survey was created by Boss et al. [11] using several surveys from previous research on
malware. Boss et al. [11] vetted all of the survey questions. The following section discusses the
reliability and validity of the survey instrument.
3.2.2. Validity and Reliability
Boss et al. (2015) tested the validity of the survey instrument using confirmatory factor analysis.
They used STATA/SE version 3.1 to run the analysis. STATE/SE is a software application that
allows for several statistical analyses, including factor analysis. Boss et al. tested both the
convergent and the discriminant validity of the instrument. Testing indicated that the model fit
was good, with values for the comparative fit index (CFI) at 0.948, the root mean square error of
approximation (RMSEA) at 0.045, the Tucker-Lewis index (TLI) at 0.935, the coefficient of
determination (CD) at 1.000, and an X2 value of 6067.02. This testing demonstrated that Boss et
al. ’s instrument was valid for measuring fear motivation and adaptive behavior.
Boss et al. (2015) tested their instrument’s reliability by calculating the Cronbach’s alpha
coefficient for each construct. Cronbach’s alpha tests for internal consistency and reliability
through a complicated algorithm that results in an alpha value (α). This value represents the level
of consistency among the items defining the construct [33]. All of the Cronbach’s alpha scores
reported by Boss et al. were higher than the acceptable threshold of .70. The lowest scores
reported by Boss et al. were for the constructs of Fear (.755) and maladaptive rewards (.777).
Scores between .70 and .80 are considered acceptable. The scores for threat vulnerability (.817),
response costs (.845), and response efficacy (.898) all fell within the range of what is considered
acceptable (i.e., .80 to .90). The remaining scores for threat severity (.915), self-efficacy (.929),
and intent (.984) were above the threshold for excellent (i.e., above .90). Based on these scores,
the instrument was considered reliable for use in the present study.
3.2.3. Sampling
Sampling for this study focused on participants that were regular internet users and were familiar
with the basic concepts of information privacy. All participants were required to be over the age
of 18 and were required to both live and work in the United States. A stratified random sampling
technique was chosen to select the participants of this study. Two groups were formed – those
classified as digital immigrants and one classified as digital natives. The two groups were formed
to determine DNS status.
The sample size was determined through power analysis using G*Power [34]. When calculating
the sample size, several parameters were considered, including effect size, power, and the number
of predictors in the model. The desired effect size was small (i.e., 0.10), and the desired power
was 0.95 (i.e., 95% confidence). There were five predictors in this study (fear level, maladaptive
rewards, response efficacy, self-efficacy, and response costs). Based on these parameters,
G*Power calculated the minimum necessary sample size to be 132 participants. Sixty-six in the
digital immigrant group, and 66 in the digital native group.
QuestionPro facilitated the sampling process and used the desired stratified random sampling
method. Members fitting the research criteria were randomly selected from QuestionPro’s
member database. Once selected, QuestionPro contacted the potential participants via email,
informing them of the study’s purpose and requesting that they complete the survey. Question
Pro also facilitated the collection of data.
10. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
130
3.3. Data Analysis
The data analysis process began once the researcher downloaded the data from QuestionPro’s
website. The data was in a raw numeric format that included both nominal and ordinal data.
Responses to questions about participants’ gender and race constituted nominal data, and
responses to the Likert-scale survey questions constituted ordinal data. The researcher loaded the
raw data into the IBM SPSS tool for management and analysis. Before beginning the analysis, the
researcher reviewed the data for accuracy and completeness. The researcher only modified data if
there were any issues with outliers or deviations from normality. These modifications are
described in the next chapter as part of the analysis. The analysis was done using the following
techniques (see Table 1):
Table 1: Analysis Techniques by Research Question
Research
Question
Hypotheses Analysis Type Descriptive Statistics Posthoc Analysis
1 H01/ Ha1 Multiple Linear
Regression
Central Tendency, Median,
Standard Deviation
p-values, beta
coefficients, and z-
tests
2 H02/ Ha2 Multiple Linear
Regression
Central Tendency, Median,
Standard Deviation
p-values, beta
coefficients, and z-
tests
3 H03/ Ha3 Multiple Linear
Regression
Central Tendency, Median,
Standard Deviation
p-values, beta
coefficients, and z-
tests
4 H04/ Ha4 Multiple Linear
Regression
Central Tendency, Median,
Standard Deviation
p-values, beta
coefficients, and z-
tests
5 H05/ Ha5 Multiple Linear
Regression
Central Tendency, Median,
Standard Deviation
p-values, beta
coefficients, and z-
tests
In the next section, the results of the study are presented and discussed.
4. RESULTS
The following section presents the results of the study and briefly discusses what they mean for
the field. The section is divided into three sections. The first section looks at the demographics of
the respondents to the study. The next section looks at the preliminary analysis and how the
variables met normality. The last section discusses more thoroughly the data analysis and the
results of the study.
4.1. Demographics
The sampling for this study was done using random stratified sampling. QuestionPro took in the
requirements for the sample and provided the participants based on the researcher’s needs. The
sample requested was stratified into two groups: one containing digital immigrants and one
containing digital natives. The following section discusses the sample that was obtained from
QuestionPro.In the raw data, there were 183 samples. Since some of the surveys were not
11. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
131
completed or did not meet additional criteria, some samples were removed. Twenty-four surveys
were identified as incomplete or completely blank. Once the data was cleaned of the 24
incomplete or empty surveys, there were 159 participants in total. Of the 159 participants, 48
were male, 110 were female, and one participant was identified as third gender. Overall, males
made up 30.2% of the respondents, females made up 69.2% of the respondents, and those who do
not identify as either made up 0.6% of the respondents.
One hundred twenty-three people identified as white, 13 people who were black or African
American, two people who were American Indian or Alaskan Native, seven people who were
Asian, ten people of Hispanic or Hispanic Origin, and four people were two or more races. Those
who identified as being white made up 77.4% of the participants. Black or African Americans
made up 8.2% of the participants, American Indian or Alaskan Natives made up 1.3% of the
respondents, those of Asian descent made up 4.4%, Hispanic or of Hispanic Origin made up
6.3%, and those who are two or more races made up 2.5%.
Twelve people were between the ages of 18-24, 58 were between 25-34, 28 between 35-44, 27
between 45-54, 18 were 55-64, and 16 were 65 or older. Those who are 18-24 made up 7.5% of
the participants, those who are 25-34 are 36.5% of participants, 35-44 make up 17.6% of the
participants, 45-54 make up 17%, 55-64 make up 11.3%, those that are 65 or older make up
10.1% of the total sample. 83 people were considered digital immigrants, and 76 were digital
natives. Digital immigrants made up 52.2% of the sample, and digital natives made up 47.8% of
the sample. The goal was 50%. The sample was within a small variance of this. All the
participants were residents or citizens of the United States of America. The following table
summarizes the demographics’ results for the modified sample (after the incomplete surveys
were removed).
Table 2: Demographic Characteristics
Demographic Category Frequency Percent
Gender
Male 48 30.2
Female 110 69.2
Third gender 1 0.6
Race
White 123 77.4
Black or African American 13 8.2
American Indian or Alaskan Native 2 1.3
Asian 7 4.4
Hispanic or of Hispanic Origin 10 6.3
Two or more races 4 2.5
Age
18-24 12 7.5
25-34 58 36.5
35-44 28 17.6
45-54 27 17
55-64 18 11.3
65 and over 16 10.1
12. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
132
Demographic Category Frequency Percent
Digital Native Status
Born before 1980 (digital immigrant) 83 52.2
Born on or after 1980 (digital native) 76 47.8
4.2. Preliminary Analysis
Scales were formed based on the study by Boss et al. [11]. Summary statistics on the scales are
presented in Table 2. The normality of the scales was assessed using z-scores formed by dividing
skewness by the standard error of skewness (SK/SE). Values above +/- 3.29 are indicative of
departures from normality [22]. As shown, two of the scales, the dependent variable, Intent to
Use Anti-Malware, and one of the independent variables, response efficacy, were negatively
skewed. Before using these scales in the comparative analyses to test the hypotheses, a
normalizing transformation was applied to the values, as recommended by [23].
Specifically, the scores were reflected (each score was subtracted from 6), and then the square
root was taken of the result. In presenting the results, the directions of all relationships (either
positive or negative) were adjusted to represent the original variables.
Table 3: Summary Statistics for Study Measures
Scales Mean SD Skewness SE SK/SE
Non-normalized scales
Intent to use anti-malware 3.92 1.09 -0.82 0.19 -4.28
Response efficacy 3.97 0.83 -0.83 0.19 -4.34
Self-efficacy 3.87 0.92 -0.61 0.19 -3.18
Fear 2.85 1.03 0.20 0.19 1.06
Maladaptive rewards 2.65 1.11 0.22 0.19 1.12
Response costs 2.72 1.04 0.19 0.19 0.96
Normalized Scales (square root of reflected scores)
Intent to use anti-malware 1.40 0.37 0.45 0.19 2.35
Response efficacy 1.40 0.29 0.29 0.19 1.51
Once intent to use anti-malware was normalized, the z-value was brought down to 2.35, which is
well within the tolerances for normality (West et al., 1995). Standard deviation and skewness
were also reduced. Response efficacy was then normalized. The z-value was brought down to
1.51, which is also well within the tolerances for normality [22]. Standard Deviation and
Skewness were also reduced.
13. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
133
Figure 2 Intent to Use Malware Histogram, Before
Transformation
Figure 3 Intent to User Malware Histogram, After
Transformation
Figure 4 Response Efficacy Histogram, Before
Transformation
Figure 5 Response Efficacy Histogram, After
Transformation
Self-efficacy met normality requirements with a z-value of -.318, which is just inside the
tolerance for normality [22]. No normalization was needed for this construct. Fear met the
normality requirements at 1.06, which is well within tolerance for normality [22]. No
normalizations were required for this construct as well. Maladaptive rewards also met normality
requirements with a value of 1.12. This value is within the tolerance for normality [22]. This
construct also did not require normalization. Response costs met normality requirements with a
value of 0.96. This value is well within tolerances for normality [22].
14. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
134
Figure 6 Self Efficacy Histogram Figure 7 Fear Histogram
Figure 8 Maladaptive Rewards Histogram Figure 9 Response Costs Histogram
4.3. Full Analysis
The analysis found that several hypotheses could be supported, whereas several of the Null
Hypotheses were supported (see Table 4 for a summary). This section details the testing that was
done for each question and whether the null was accepted or rejected.
Table 4: Results of Data Analysis for All Hypotheses
Hypothesis Variable Entered F p Null Accepted?
H1 Fear 12.43 0.001 No
DNSa 0.04 0.839 No
Fear*DNS 0.3 0.586 No
H2 Maladaptive Rewards 0.03 0.856 Yes
H3 Response Efficacy 125.09 <0.001 No
H4 Self-Efficacy 100.26 <0.001 No
H5 Response Costs 1.61 0.689 Yes
Hypothesis 1: Higher levels of Fear are related to increased usage of antivirus software when
moderated by digital native status.
This hypothesis was tested using a multiple linear regression analysis using the normalized Intent
to Use Anti-Malware scale as the outcome, and Fear as the predictor, moderated by Digital
Native Status. The scales were standardized by subtracting the sample mean from the scores and
15. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
135
dividing by the sample standard deviation to aid in interpretation. A cross-product was then
created by multiplying the centered Fear values by digital native status, which was coded 1 for
those born during or after 1980, and zero otherwise. The results are presented in Table 3. As
shown, Fear was a significant predictor of the Intent to Use Ani-Malware (F(1,157) = 12.43, p =
.001), explaining a minimal (7.3%) but non-random amount of the variance in the outcome.
However, Digital Native Status did not add to the prediction (F(1,156) = 0.04, p = .839), nor did
it moderate the effect of Fear on the outcome (F(1,155) = 0.30, p = .586). While there is not
sufficient evidence to support the claim that digital native status moderates the relationship, the
results support the rejection of the null hypothesis in that higher levels of Fear were significantly
related to the increased usage of antivirus software.
Table 5: Linear regression on Intent to Use Anti-Malware using Fear as the predictor and Digital Native
Status as a moderator
Step
Variable
Entered R R2
R2
Change
F
Change df p β t p
1
Fear
0.271 0.073 0.073 12.43 1,157 0.001 0.228 2.03 0.044
2 DNSa
0.271 0.074 0.000 0.04 1,156 0.839 0.016 0.20 0.840
3 Fear*DNS 0.275 0.075 0.002 0.30 1,155 0.586 0.061 0.55 0.586
Hypothesis 2: Higher acceptance of maladaptive rewards does lead to higher usage of antivirus
software.
This hypothesis was tested using a simple linear regression on Intent to Use Anti-Malware using
Maladaptive Rewards as the predictor. As shown in Table 6, Maladaptive Rewards was not
significantly predictive (F (1,157) = 0.03, p = .856). Therefore, the null hypothesis is accepted.
Table 6: Linear regression on Intent to Use Anti-Malware using Maladaptive Rewards as the predictor
R R2 F β p
0.014 0.000 0.03 -0.014 0.856
Hypothesis 3:Higher levels of response efficacy do lead to higher usage of antivirus software
This hypothesis was tested using a simple linear regression on Intent to Use Anti-Malware using
Response Efficacy as the predictor. As shown in Table 7, Response Efficacy was significantly
predictive (F (1,157) = 125.09, p < .001). This result supports the rejection of the null hypothesis.
Table 7: Linear regression on Intent to Use Anti-Malware using Response Efficacy as the predictor
R R2 F β p
0.666 0.443 125.09 0.666 < .001
Hypothesis 4:Higher levels of self-efficacy do lead to higher usage of antivirus software
This hypothesis was tested using a simple linear regression on Intent to Use Anti-Malware using
Self-Efficacy as the predictor. As shown in Table 5, Self-Efficacy was significantly predictive (F
(1,157) = 100.26, p < .001). This result supports the rejection of the null hypothesis.
16. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
136
Table 8: Linear regression on Intent to Use Anti-Malware using Self-Efficacy as the predictor
R R2 F β p
0.624 0.39 100.26 0.624 < .001
Hypothesis 5:Higher levels of response costs lead to higher usage of antivirus software
This hypothesis was tested using a simple linear regression on Intent to Use Anti-Malware using
Response Costs as the predictor. As shown in Table 4, the Response Costs variable was not
significantly predictive (F (1,157) = 1.61, p = .689). Therefore, the null hypothesis is accepted.
Table 9: Linear regression on Intent to Use Anti-Malware using Response Costs as the predictor
R R2 F β p
0.032 0.001 1.61 0.032 0.689
4.4. Summary of the Results
First, it was found that for Hypothesis 1: Higher levels of Fear are related to an increased
usage of antivirus software when moderated by digital native status, the construct of digital
native status did not have a strong mediating effect on the relationship between Fear and
increased usage of antivirus software. Multiple linear regression analysis using the normalized
Intent to Use Anti-Malware scale as the outcome, and Fear as the predictor, moderated by digital
native status, found that F = 0.3 and p = 0.586; p is more than the alpha level of 0.05, so it is not
significant.
It was also found that there was not a strong relationship between digital native status and intent
to use anti-malware (F = 0.04 and p = 0.839, where p is more than the alpha level of 0.05, so it is
not significant). However, it was found that there is a significant relationship between Fear and
usage of antivirus software (F = 12.43 and p = 0.001, where p is less than the alpha level of 0.05,
so it is significant), so the null hypothesis cannot be fully accepted and must be rejected.
Next, for Hypothesis 2: Higher acceptance of maladaptive rewards does lead to higher usage
of antivirus software. It was found that maladaptive rewards did not significantly impact the
intent to use antivirus. Using simple linear regression on Intent to Use Anti-Malware using
maladaptive rewards as the predictor, it was found that F = 0.03 and p = 0.856, where p is more
than the alpha level of 0.05, so it is not significant. The null hypothesis was accepted.
Maladaptive rewards is not predictive for the protective measure, intent to use anti-malware.
Next, it was found for Hypothesis 3: Higher levels of response efficacy lead to higher usage of
antivirus software. There is a significant relationship between response efficacy and usage of
antivirus software. Using simple linear regression on Intent to Use Anti-Malware using response
efficacy as the predictor, it was found that F = 125.09 and p = <0.001, where p is less than the
alpha level of 0.05, so it is significant. The alternative hypothesis was accepted. This means that
response efficacy is predictive for the protective measure of intent to use anti-malware.
For Hypothesis 4: Higher levels of self-efficacy do lead to higher usage of antivirus software.
There was a significant relationship between self-efficacy and intent to use antivirus. Using
simple linear regression on Intent to Use Anti-Malware using self-efficacy as the predictor, it was
found that F = 100.26 and p = <0.001, where p is less than the alpha level of 0.05, so it is
significant. Since there was a significant relationship, the null hypothesis was rejected. This
17. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
137
means that self-efficacy is also predictive for the protective measure of intent to use anti-
malware.
Lastly, for Hypothesis 5: Higher levels of response costs lead to higher usage of antivirus
software, there was not a significant relationship found. Using simple linear regression on intent
to use anti-malware using response costs as the predictor, it was found that F = 1.61 and p =
0.689, where p is more than the alpha level of 0.05, so it is not significant. In this case, the null
hypothesis was accepted. This means that response costs are not predictive for the protective
measure of intent to use anti-malware.
Figure 2 displays the results of the data analysis in graphical form. Overall, response efficacy,
self-efficacy, and Fear showed significant relationships with the intent to use antivirus.
Conversely, maladaptive rewards and response costs did not show enough of a relationship to be
considered having an impact on intent to use antivirus. Digital native status also did not have a
high enough of a relationship to be considered a mediating factor; however, since Fear did have
an impact, the null hypothesis was not accepted for H1. The next section looks at
recommendations for further research.
5. RECOMMENDATIONS FOR FURTHER RESEARCH
This section looks at recommendations for further research. It details constructs and other items
that have the potential to impact research on the topic. Further research should include fear
manipulations, such as the fear appeals used in the Boss et al. [11] study. These manipulations
have been shown to influence the results of studies on PMT, and therefore, they should be further
examined. Other research has also looked at different methodologies for delivering these appeals
[24]. The delivery methods of fear appeals might be something to consider in future research.
Further research should also incorporate a different mediating factor. Technology anxiety has
been examined as a mediating factor in some studies using the technology acceptance model
(TAM), and research has shown that such anxiety does have an impact on the decision-making
process [25]. As such, it may be a factor to consider for future research. Other factors seen in
research have been experience [26], security awareness [27, 37], and trust [26]. Researchers can
consider a variety of variable relationships in future research.
Further research could also compare longitudinal data and one-time results. According to Boss et
al. [11], fear levels may be affected by time. In one study, the fear appeal was drawn out, while in
another, the fear appeal was acute and sudden [11]. In the study that used acute fear appeals, the
results were more dramatic. The difference may have been due to the message’s sudden nature,
making the fear appeal seem more immediate or extreme. Further studies can help clarify this
phenomenon.
18. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
138
Figure 10 Results of the Data Analysis
Next, it is recommended to look at varied populations in future research. This study was limited
to the United States; cultural factors could play a role in the study results. The results of this
study may be limited to the United States population. Further research using different populations
may net different results. The study was limited because only intent to use antivirus, not actual
antivirus usage, was measured. There could be differences in the intention to use versus actual
usage of antivirus software. Boss et al. [11] suggested that examining actual usage might yield
more accurate results than just measuring intent. Looking at this action, an experimental approach
may provide a more definitive answer on whether age or digital native status impacts PMT and
antivirus usage.
Lastly, further research should examine fear appeals that vary in strength. Boss et al. [11]
suggested that including fear appeals impacts the results of the study. However, no studies have
examined how varying levels of Fear appeals impact behavior or how appeals that are too strong
(i.e., elicit too much of a fear response) would affect the participant. This provides a possibility
for future research. The next section concludes the study and provides some end-thoughts from
the researcher.
19. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
139
6. CONCLUSION
This section concludes the paper. In this section, a discussion on the study, its results, and end-
thoughts from the researcher are presented. End user behavior research has focused on many
factors, including age. There is an assumption among some researchers that a person’s age
impacts their behavior in online environments. To better understand this phenomenon, the present
study examined end-users’ intentions to use antivirus software through the lens of digital native
status. Typically, age is studied using cohort groups and not by digital native status. The intention
of using digital native status was to understand if a combination of age and technological
knowledge could help explain end-users’ protective online behavior.
A nonexperimental survey research design and protection motivation theory were used to
examine the assumptions associated with digital native status and end-users’behaviors. The
present study specifically examined how digital native status mediated the relationship between
Fear and intent to use antivirus software. It was found that digital native status did not mediate
the relationship between Fear and intent to use antivirus software. Digital native status did not
have any correlation at all with the intent to use antivirus software. While digital native status
was not significantly related to fear or intent to use antivirus software, a strong positive
relationship did exist between Fear and intent to use antivirus software. This significant positive
relationship was consistent with previous research.
Previous research suggested that digital native status could impact decision making, as digital
immigrants may not be as familiar with technology as their digital native counterparts.
Technological familiarity is thought to have an impact on end-users’ decision-making
processes.This study found that digital native status does not seem to impact the decision-making
process, previous research suggests that technology familiarity does and should be studied in
more detail.
Relationships between intent to use antivirus software and other constructs in the PMT model
were also examined as part of the present study. Other factors, such as self-efficacy, response-
efficacy, response-costs, and maladaptive rewards, were examined to determine if these factors
influenced end-users’ intent to use antivirus software. It was found that self-efficacy and
response-efficacy were significantly related to the intent to use antivirus software. The two
constructs had a strong, positive relationship with the adaptive response of intent to use antivirus
software. However, the results for the remaining constructs (i.e., maladaptive rewards and
response-costs) were insignificant and not in line with previous research. The lack of a significant
result may have been due to the absence of fear appeals in the present study. A more in-depth
examination is needed to clarify these relationships between these factors in future research.
Overall, the present study confirmed that self-efficacy and response-efficacy are positively
correlated with the intent to use antivirus software. The present study’s findings also confirmed
that Fear is positively correlated with the adaptive response of the intent to use antivirus software.
Digital native status was not correlated with the adaptive response, however. The lack of a
significant result regarding digital native status meant that the combination of age and
technological familiarity does not seem to impact the decision-making process when it comes to
PMT.
In practice, the present study’s findings indicated that self-efficacy, response efficacy, and Fear
were far more likely to contribute to better end-user Security than age, technological familiarity,
maladaptive rewards, and response costs. Professionals should focus on creating training
programs that bolster self-efficacy and response efficacy. It is also important to develop security
controls that inform users about the threats and vulnerabilities they face when antivirus software
20. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
140
is not used. According to Boss et al., fear appeals that properly explain a risk effectively drive
end-user behavior.
The present study has left some questions about maladaptive rewards and response-costs
unanswered. Most studies on PMT find that the two factors are negatively correlated to the
adaptive response. However, a few studies, including this one, have found little to no relationship
between the two constructs and the adaptive response. The lack of a scholarly consensus leaves
the relationship between the two factors and the adaptive response unclear, at best. Further
research should concentrate on these factors to provide more precise guidance for the variety of
stakeholders with an interest in PMT and end-users’ online security behaviors.
CONFLICTS OF INTEREST
The authors declare no conflicts of interest.
REFERENCES
[1] Fortes, N., & Rita, P. (2016). Privacy concerns and online purchasing behaviour: Towards an
integrated model. European Research on Management and Business Economics, 22, 167-176.
doi:10.1016/j.iedeen.2016.04.002
[2] Bahmanziari, T., & Odom, M. D. (2015). Prospect theory and risky choice in the e-commerce setting:
Evidence of a framing effect. Academy of Accounting and Financial Studies Journal, 19(1), 85-106.
Retrieved from http://alliedacademics.org
[3] Bansal, G., & Zahedi, F. M. (2014). Trust violation and repair: The information privacy perspective.
Decision Support Systems, 71, 62-77. Retrieved from
http://www.sciencedirect.com/science/article/pii/S0167923615000196
[4] Shackelford, S. (2012). Should your firm invest in cyber risk insurance? Business Horizons, 55, 349-
356. https://doi.org/10.1016/j.bushor.2012.02.004
[5] Tomlinson, E. C., & Mayer, R. C. (2009). The role of causal attribution dimensions in trust repair.
Academy of Management Review,34(1), 85-104. doi:10.5465/AMR.2009.35713291
[6] FTC. (2015). Privacy and security update. Retrieved from https://www.ftc.gov/reports/privacy-data-
security-update-2015
[7] Milne, G. R., Rohm, A. J., &Bahl, S. (2004). Consumers’ protection of online privacy and identity.
Journal of Consumer Affairs, 38, 217-232. https://doi.org/10.1111/j.1745-6606.2004.tb00865.x
[8] Raine, L., & Duggan, M. (2016). Privacy and information sharing. Washington, DC: Pew Research
Center.
[9] Anderson, C. L., & Agarwal, R. (2010). Practicing safe computing: A multimethod
empiricalexamination of home user security behavioral intentions. MIS Quarterly, 34, 613-643.
doi:10.2307/25750694
[10] Jiang, M., Tsai, H. S., Cotten, S. R., Rifon, N. J., LaRose, R., &Alhabash, S. (2016).
[11] Generational differences in online safety perceptions, knowledge, and practices. Educational
Gerontology, 42, 621-634. doi:10.1080/03601277.2016.1205408
[12] Boss, S. R., Galletta, D. F., Lowry, B. P., Moody, G. D., &Polak, P. (2015). What do systems users
have to fear? Using Fear appeals to engender threats and Fear that motivate protective security
behaviors. MIS Quarterly, 39, 837-864. doi:10.25300/MISQ/2015/39.4.5
[13] Belanger, F., &Crossler, R. E. (2011). Privacy in the digital age: A review of information privacy
research in information systems. MIS Quarterly, 35, 1017-1041. doi:10.2307/41409971
[14] Tsai, H. S., Jaing, M. J., Alabash, S., LaRose, R., Rifon, N. J., & Cotton, S. R. (2016), Understanding
online safety behaviors: A protection motivation theory perspective. Computers & Security, 59, 138-
150. doi: http://dx.doi.org/10.1016/j.cose.2016.02.009.
[15] Chen, H., Beaudoin, C. E., & Hong, T. (2017). Securing online privacy: An empirical test on internet
scam victimization, online privacy concerns, and privacy protection behaviors. Computers in Human
Behavior, 70,291-302. doi:10.1016/j.chb.2017.01.003
[16] Prensky, M. (2001). Digital natives, digital immigrants, part 1. On the Horizon, 9(5), 1-6.
https://doi.org/10.1108/10748120110424816
21. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
141
[17] Rogers, R. W. (1975) A protection motivation theory of fear appeals and attitude change. The Journal
of Psychology, 91(1), 93-114. https://doi.org/10.1080/00223980.1975.9915803
[18] Doane, A. N., Boothe, L. G., Pearson, M. R., & Kelley, M. L. (2016). Risky electronic
communication behaviors and cyberbullying victimization: An application of protection motivation
theory. Computers in Human Behavior, 60, 508-513. https://doi.org/10.1016/j.chb.2016.02.010
[19] Ifinedo, P. (2012). Understanding information systems security policy compliance: An integration of
the theory of planned behavior and the protection motivation theory. Computers & Security, 31(1),
83-95. doi:10.1016/j.cose.2011.10.007
[20] Herath, T., & Rao, H. (2009). Protection motivation and deterrence: A framework for security policy
compliance in organizations. European Journal of Information Systems, 18(2), 106-125.
doi:10.1057/ejis.2009.6
[21] Gasser, U. P. J. (2008). Born digital: Understanding the first generation of digital natives. New York,
NY: Basic Books.
[22] Prensky, M. (2001). Digital natives, digital immigrants, part II: Do they really think differently? On
the Horizon, 9(6), 1-9. https://doi.org/10.1108/10748120110424843
[23] Tabachnick, B. G., &Fidell, L. S. (2013). Using multivariate statistics (6th ed.). Upper Saddle River,
NJ: Pearson Education, Inc.
[24] West, S. G., Finch, J. F., & Curran, P. J. (1995). Structural equation models with non-normal
variables: problems and remedies. In R. J. Hoyle (Ed.), Structural equation modeling: Concepts,
issues and applications (pp. 56-75). Thousand Oaks, CA: Sage Publications.
[25] Warkentin, M., Johnston, A., Walden, E., & Straub, D. (2016). Neural correlates of protection
motivation for secure it behaviors: An frmi examination. Journal of the Association for Information
Systems, 17, 194 -215. https://doi.org/10.17705/1jais.00424
[26] Peral-Peral, B., Arenas-Gaitán, J., &Villarejo-Ramos, Á. (2015). From digital divide to psycho-
digital divide: Elders and online social Networks/De la brecha digital a la brechapsico-digital:
Mayores y redessociales.Comunicar, 23(45), 57. https://doi.org/10.3916/c45-2015-06
[27] Belanger, F., &Crossler, R. E. (2019). Dealing with digital traces: Understanding protective behaviors
on mobile devices. The Journal of Strategic Information Systems, 28(1),34-49.
doi:10.1016/j.jsis.2018.11.002
[28] Hanus, B., & Wu, Y. A. (2016). Impact of users’ security awareness on desktop security behavior: a
protection motivation theory perspective. Information Systems Management,33(1),2-16.
doi:10.1080/10580530.2015.1117842
[29] Gkioulos, V., Wangen, G., & Katsikas, S. (2017). User modeling validation over the security
awareness of digital natives. Future Internet, 9(3), 32. doi:10.3390/fi9030032
[30] Kirk, C. P., Chiagouris, L., Lala, V., & Thomas, J. D. (2015). How do digital natives and digital
immigrants respond differently to interactivity online?: A model for predicting consumer attitudes
and intentions to use digital information products. Journal of Advertising Research, 55(1), 81-94.
doi:10.2501/JAR-55-1-000-000
[31] Akçayır, G., Akçayır, M., & Dündar, H. (2016). What makes you a digital native? Is it enough to be
born after 1980? Computers in Human Behavior, 60, 435-440. doi:10.1016/j.chb.2016.02.089
[32] Hammouchi, H., Cherqi, O., Mezzour, G., Ghogho, M., & El Koutbi, M. (2019). Digging deeper into
data breaches: An exploratory data analysis of hacking breaches over time. Procedia Computer
Science, 151, 1004-1009.
[33] Bonnett, D. G., & Wright, T. A. (2014). Cronbach’s alpha reliability: Interval estimation, hypothesis
testing, and sample size planning. Journal of Organizational Behavior, 36(1), 3-15.
doi:10.1002/job.1960
[34] Faul, F., Erdfelder, E., Buchner, A., & Lang, A. G. (2009). Statistical power analyses using G*Power
3.1: Tests for correlation and regression analyses. Behavior Research Methods, 41, 1149-1160.
https://doi.org/10.3758/brm.41.4.1149
[35] Kirschner, P. A., & De Bruyckere, P. (2017). The myths of the digital native and the multitasker.
Teaching and Teacher Education, 67, 135-142. doi:10.1016/j.tate.2017.06.001
[36] Marksbury, N., & Bryant, E. A. (2019). ENTER THE TWILIGHT ZONE: THE PARADOX OF THE
DIGITAL NATIVE. Issues in Information Systems, 20(2).
[37] Hassandoust, Farkhondeh, and Angsana A. Techatassanasoontorn. "Understanding users' information
security awareness and intentions: A full nomology of protection motivation theory." Cyber Influence
and Cognitive Threats. Academic Press, 2020. 129-143.
22. International Journal of Computer Networks & Communications (IJCNC) Vol.13, No.2, March 2021
142
AUTHORS
Dr. Gerri Roberts has almost 15 years of experience in the fields of Information
Technology and Information Security. She has been teaching and training for over ten
years. Dr. Roberts has held positions in project management, network support,
application support, QA, training, and teaching. Currently, she is a full-time professor at
Valencia College in Orlando, FL. She currently teaches programming, information
security, networking, MS Server, computer hardware, and business information
technology classes. She is also a mentor for the Cybersecurity club. She has a Ph.D. in
Information Assurance and Security and several industry-recognized certifications. She is also a member of
IEEE, ISC2, and CompTIA AITP.
Dr. Shawon S. M. Rahman is a Professor in the Department of Computer Science and
Engineering at the University of Hawaii Hilo. His research interests include software
engineering education, information assurance and security, web accessibility, cloud
computing, software testing, and quality assurance. He has published over 125 peer-
reviewed papers. Dr. Rahman is serving as the Member-at-large and Academic
Advocate: Information Systems Audit and Control Association (ISACA) at the
University of Hawaiʻi at Hilo and Academic Advocate of the IBM Academic Initiative.
He is an active member of many professional organizations, including IEEE, ACM, ASEE, ASQ, and UPE.