International Journal of Information Security and Privacy最新文献

{"title":"Geospatial Intelligence, Technological Development, and Human Interaction","authors":"R. Mugavero, Federico Benolli, V. Sabato","doi":"10.1080/15536548.2015.1105652","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105652","url":null,"abstract":"In today’s steadily mutable era, threats and hazards are increasingly expanding. In addition to terrorism, asymmetric conflicts and social unrest are endangering international security while technological knowledge and defensive tools symmetrically respond. With this interpretation, it appears clear that the investigative methods require thorough scientific support if they are to be a tool for investigation as well as for decision-making. In contrast, recent worldwide accidents such as the 2001 Twin Towers attack on September 11 in New York City have revealed a lack of intelligence, which cannot be fixed without acknowledging the fundamental value of the human intelligence (HUMINT) contribution. In order to face these issues, it is relevant to characterize the key aspects that allow a suitable interaction among the highly technological geospatial intelligence (GEOINT) and the traditional HUMINT activities, with the goal to design the main procedures for a crucial collaboration.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"2 1","pages":"243 - 261"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82259071","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Challenges of Multi-Source Data and Information New Era","authors":"R. Mugavero, Federico Benolli, V. Sabato","doi":"10.1080/15536548.2015.1105617","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105617","url":null,"abstract":"As a consequence of the advancement of modern global dynamics, the international debate concerning intelligence strategies is pointing to an investigative tools revolution. To keep up with the pace of advancement, these tools have to be able to collect and convert data taking advantage of the entire spectrum of technological expertise and methodological progress. In this view, a multi-source intelligence technique appears the leading approach to effectively respond to the needs of the community. Actually, a steady interaction among information acquired from the principal disciplines of IMINT, MASINT, SIGINT, GEOINT, HUMINT and OSINT should supply an undeniable value added in order to offer effective products, which are intuitive, clear, and timely. The principal purpose is to analyze and display how the intelligence community’s interactive network operates according to both standard and intelligence, security and defense requests.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"32 1","pages":"230 - 242"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81254018","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Job Quitters, Information Security Awareness, and Knowledge Management Strategies","authors":"Hongbo Lyu, Z. Zhang","doi":"10.1080/15536548.2015.1105594","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105594","url":null,"abstract":"Information security culture plays a crucial role in improving employees’ security awareness within a firm. Knowledge management initiatives can help transform culturally unfit workers into those who will possess the necessary level of security awareness and are aligned with a firm’s information security culture. This research analytically models and studies the best knowledge management performance quotient (KMPQ) in a firm to convert workers who are unfit into those who fit with its security culture in order to improve the firm’s organizational level of security awareness (OLSA) and maximize its total payoff. When the potential security threat comes from all the workers who depart the firm, either voluntarily or involuntarily, findings in this study suggest that the firm should implement full knowledge management initiatives to achieve a KMPQ as high as possible if the loss from the security threat is less than a specific threshold level. This study further differentiates three sources of a security threat (voluntary unfit quitters, voluntary fit quitters, and involuntary quitters), and assesses the firm’s best KMPQ accordingly. In addition, this article illustrates the implementation process of the firm’s knowledge management strategies based on the study’s decision framework. This research provides valuable guidance for practitioners to effectively implement knowledge management strategies to build a successful information security culture within organizations.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"7 1","pages":"189 - 210"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80563555","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Bioterrorism: New Technologies for Global Emergencies and Public Health","authors":"R. Mugavero, V. Sabato, M. Basso, W. D‘amico, Federico Benolli","doi":"10.1080/15536548.2015.1105658","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105658","url":null,"abstract":"Nowadays, the increasing number of unconventional biological attacks around the world, as well as innovative technologies and a larger availability of tools and materials, contribute to a wider expertise on dealing with devices and agents due to their inherent dual-use nature. This report focuses on modern technologies that offer proper protection against those attacks, in order to provide support in preventing and reducing their related risks. What is unprecedented in such attacks is the huge number of healthcare workers and first responders who have been infected or injured. The aim of this article is to propose a modern exploitation of advanced technologies in overcoming that lack of proper protection and in helping prevention and reduction of both risks and consequences for emergency teams through vehicles provided with innovative and integrated solutions for biohazard protection. The proposed solution is a new way to address global and public health emergencies, not only from natural and anthropogenic threats, but also from intentional and deliberated human actions as bioterrorism, moving the “operational protection” through a collective approach.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"27 1","pages":"262 - 273"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83603949","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The Application of Keystroke Analysis for Physical Security: A Field Experiment","authors":"C. Leberknight, M. Recce","doi":"10.1080/15536548.2015.1105599","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105599","url":null,"abstract":"A major factor restricting the widespread acceptance of biometric security technologies is the lack of experimental results from repeated use in a real world setting. Specifically, with respect to keystroke analysis, previous research has primarily discussed the classification performance of the biometric by controlling different variables during laboratory experiments. This research is an extension of previous work that investigates the classification performance of keystroke analysis using a biometric keypad and several novel typing features during a 5-week field experiment. The ultimate goal is to explore stabilization patterns over time and to test if field study results support the optimal parameters and classification rates identified in the laboratory study. Results from the experiment demonstrate that a classification rate of 87% can be achieved during actual use of the biometric keypad by employing the optimal parameters. This finding helps to validate and extend previous work conducted in a laboratory setting. It also provides useful insight into experimental designs and support for the application of keystroke analysis in a real world environment.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"75 1","pages":"211 - 227"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73515377","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Research Essay Editorial","authors":"Gaurav Gupta, I. Bose","doi":"10.1080/15536548.2015.1105601","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105601","url":null,"abstract":"Modern human life resides at the behest of information. Access to information has been attributed to power and control in societies. Jeremy Bentham, in the late 18th century, used the concept of panopticon to explain the perception of control through constant monitoring. The panopticon prison architecture allows monitoring of all inmates from a central location, and the expectation that monitoring affects their behavior. In the book titled In the Age of the Smart Machine: The Future of Work and Power (1988), Shoshana Zuboff uses the same lens to explain the notion of information panopticon. She argues that supervision and surveillance are an inevitable consequence of our dependence on information processing machines (including computers and networked devices). As monitoring and analyzing technologies improve, both, intensity and capability of surveillance shall improve too. Since both overt and covert communications do traverse in varied medium (e.g., internet, telephony) and most of these media are also being shared for public communication, the need for monitoring them simultaneously is implied as necessary for public safety. The emergence of multiple communication platforms with different underlying technologies has increased the cost and complexity of surveillance. Collection of surveillance data from several different sources and their co-analysis poses significant demands on existing technological capabilities too. Expeditious analysis of the collected data and its conversion into actionable intelligence is crucial for surveillance and adds another layer of complexity to this use case. Information and Communication Technology (ICT) has added capabilities to both monitor and connect citizens with the government. Government-backed intelligence agencies worldwide are introducing self-reporting platforms to allow citizens to notify agencies of anomalies in their vicinity. Adoption of these platforms would make citizens a critical component of the state-run physical surveillance framework. Human intelligence is a crucial link in the whole surveillance architecture, and analyzes and interprets the output from other technology-backed surveillance techniques, thus making surveillance actionable. The first article written by Mugavero, Benolli, and Sabato, in this Research Essay special section of the Journal of Information Privacy and Security (JIPS), projects some of these issues concerning challenges posed due to multiple sources of intelligence data. Consequently, these authors present the extant understanding of intelligence and its identification as a process. They provide an introduction of the different sources of intelligence and then present a model for encompassing all existing intelligence products. This","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"470 1","pages":"228 - 229"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77747968","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Editorial Preface","authors":"K. Bagchi","doi":"10.1080/15536548.2015.1105590","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105590","url":null,"abstract":"The fourth issue of Journal of Information Privacy and Security (JIPS), 2014, contains two regular research papers and a research essay special section containing three interesting research essays. The first regular article titled, “Job Quitters, Information Security Awareness, and Knowledge Management Strategies” by Hongbo Lyu and Justin Zhang talks about a unique set of people: Job Quitters. A lack of theory in this area is what makes the article interesting. When the potential security threat comes from Job Quitters, Lyu and Zhang find that the firm should implement full knowledge management initiatives to achieve a knowledge management performance quotient as high as possible under certain conditions. The article also provides initial guidance on knowledge management strategy to security practitioners. The second regular contribution titled, “The Application of Keystroke Analysis for Physical Security: A Field Experiment” by Christopher S. Leberknight and Michael L. Recce is on the role of keystroke analysis as a behavioral biometric analysis using a real world environment. It extends the previous work by investigating the classification performance of keystroke analysis using a biometric keypad and several novel typing features during a 5-week field experiment. The article observes that typing patterns stabilize with very little variation between different time periods. The Research Essay special section that follows contains three research essays on physical security related issues. This special section starts with an introduction by Gaurav Gupta and Indranil Bose (Associate Editor, JIPS). Three research essays follow this introduction. Since information and communication technologies have become a part of surveillance infrastructures, new privacy and security issues arise. In order to cope with these challenges, the readers of JIPS may need to have an understanding of these physical security issues. In the Book Review section, Adolfo Coronado reviews a book titled, “Information Assurance for the Enterprise: A Roadmap to Information Security”, written by C. Schou and D. Shoemaker. Dr. Coronado observes that “The aim of this book is to take a management role, therefore, the topics are introduced with a management emphasis and not a technical perspective.” We acknowledge services of JIPS reviewers as well as outside reviewers for the journal. Thanks are also due to our editorial board members and associate editors for their untiring efforts to provide critical reviews in a timely manner. Thanks to Dr. Choton Basu (University of Wisconsin Whitewater) for conducting a few interviews for JIPS, in spite of his busy schedule. Thanks also to Dr. Chuleeporn Changchit (Texas A&M, Corpus Christi) for routinely forwarding articles sent to her by authors. Finally, thanks are due to our publisher who helped us in every possible way. Happy holidays and a happy new year to you all!","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"11 1","pages":"187 - 188"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82136235","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Investigating Factors Influencing Web-Browsing Safety Efficacy (WSE) Among Older Adults","authors":"Victoria Kisekka, Rajarshi Chakraborty, S. Bagchi‐Sen, H. Rao","doi":"10.1080/15536548.2015.1073534","DOIUrl":"https://doi.org/10.1080/15536548.2015.1073534","url":null,"abstract":"This research investigates the ability of older adults to perceive online threats. Specifically, the factors that influence web-browsing safety efficacy (WSE) among older adults are investigated. The factors investigated are: attitude towards unsolicited email senders, risk aversion, perceived efficacy in finding information, security education, and perceived social connectivity. Partial least squares regression analysis was used to analyze a sample of older adults age 55 years and older. The results showed that risk aversion, security education, and perceived ability in finding information online were positively associated with WSE among older adults. No relationship was found between social connectedness and attitude towards unsolicited e-mail senders.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"357 1","pages":"158 - 173"},"PeriodicalIF":0.8,"publicationDate":"2015-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76501873","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"M0Droid: An Android Behavioral-Based Malware Detection Model","authors":"Mohsen Damshenas, A. Dehghantanha, Kim-Kwang Raymond Choo, Ramlan Mahmud","doi":"10.1080/15536548.2015.1073510","DOIUrl":"https://doi.org/10.1080/15536548.2015.1073510","url":null,"abstract":"Anti-mobile malware has attracted the attention of the research and security community in recent years due to the increasing threat of mobile malware and the significant increase in the number of mobile devices. M0Droid, a novel Android behavioral-based malware detection technique comprising a lightweight client agent and a server analyzer, is proposed here. The server analyzer generates a signature for every application (app) based on the system call requests of the app (termed app behavior) and normalizes the generated signature to improve accuracy. The analyzer then uses Spearman’s rank correlation coefficient to identify malware with similar behavior signatures in a previously generated blacklist of malwares signatures. The main contribution of this research is the proposed method to generate standardized mobile malware signatures based on their behavior and a method for comparing generated signatures. Preliminary experiments running M0Droid against Genome dataset and APK submissions of Android client agent or developers indicate a detection rate of 60.16% with 39.43% false-positives and 0.4% false-negatives at a threshold value of 0.90. Increasing or decreasing the threshold value can adjust the strictness of M0Droid. As the threshold value increases, the false-negative rate will also increase, and as the threshold value decreases, the detection and false-positive rates will also decrease. The authors hope that this research will contribute towards Android malware detection techniques.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"286 1 1","pages":"141 - 157"},"PeriodicalIF":0.8,"publicationDate":"2015-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72903445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Introduction to Computer Security, by M. T. Goodrich and R. Tamassia","authors":"Adolfo S. Coronado","doi":"10.1080/15536548.2015.1073538","DOIUrl":"https://doi.org/10.1080/15536548.2015.1073538","url":null,"abstract":"","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"1 1","pages":"184 - 186"},"PeriodicalIF":0.8,"publicationDate":"2015-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90967925","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}