{"title":"The impact of work pressure and work completion justification on intentional nonmalicious information security policy violation intention","authors":"Randi Jiang , Jianru Zhang","doi":"10.1016/j.cose.2023.103253","DOIUrl":"10.1016/j.cose.2023.103253","url":null,"abstract":"<div><p>As businesses have had to change how they operate due to the coronavirus pandemic, the need for remote work has risen. With the continuous advancements in technology and increases in typical job demands, employees need to increase their work productivity beyond regular work hours in the office. This type of work environment creates even more opportunities for security breaches due to employees intentionally violating information security policy violations. Although explicitly prohibited by information security policies (ISP), organizations have observed that employees bring critical data out of the office to complete their work responsibilities remotely. Consequently, developing a deeper understanding of how work pressure may influence employees to violate ISPs intentionally is crucial for organizations to protect their critical information better. Based upon the fraud triangle theory, this study proposes the opportunity to copy critical data, work pressure, and work completion justification as the primary motivational factors behind why employees copy critical company data to unsecured storage devices to work at home. A survey was conducted of 207 employees from a marketing research firm. The results suggest that opportunity, work pressure, and work completion justification are positively related to nonmalicious ISP violation intentions. Furthermore, the interaction effect between work completion justification and work pressure on the ISP violation intention is significant and positive. This study provides new insights into our understanding of the roles of work pressure and work completion justification on intentional nonmalicious ISP violation behaviors.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"130 ","pages":"Article 103253"},"PeriodicalIF":5.6,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10079594/pdf/","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"9388658","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Raphael Hoheisel , Guido van Capelleveen , Dipti K. Sarmah , Marianne Junger
{"title":"The development of phishing during the COVID-19 pandemic: An analysis of over 1100 targeted domains","authors":"Raphael Hoheisel , Guido van Capelleveen , Dipti K. Sarmah , Marianne Junger","doi":"10.1016/j.cose.2023.103158","DOIUrl":"10.1016/j.cose.2023.103158","url":null,"abstract":"<div><p>To design preventive policy measures for email phishing, it is helpful to be aware of the phishing schemes and trends that are currently applied. How phishing schemes and patterns emerge and adapt is an ongoing field of study. Existing phishing works already reveal a rich set of phishing schemes, patterns, and trends that provide insight into the mechanisms used. However, there seems to be limited knowledge about how email phishing is affected in periods of social disturbance, such as COVID-19 in which phishing numbers have quadrupled. Therefore, we investigate how the COVID-19 pandemic influences the phishing emails sent during the first year of the pandemic. The email content (header data and html body, excl. attachments) is evaluated to assess how the pandemic influences the topics of phishing emails over time (peaks and trends), whether email campaigns correlate with momentous events and trends of the COVID-19 pandemic, and what hidden content revealed. This is studied through an in-depth analysis of the body of 500.000 phishing emails addressed to Dutch registered top-level domains collected during the start of the pandemic. The study reveals that most COVID-19 related phishing emails follow known patterns indicating that perpetrators are more likely to adapt than to reinvent their schemes.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"128 ","pages":"Article 103158"},"PeriodicalIF":5.6,"publicationDate":"2023-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9957662/pdf/","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"9287239","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Efficient ABAC based information sharing within MQTT environments under emergencies","authors":"Pietro Colombo, Elena Ferrari, Engin Deniz Tümer","doi":"10.1016/j.cose.2022.102829","DOIUrl":"10.1016/j.cose.2022.102829","url":null,"abstract":"<div><p>Recent emergencies, such as the COVID-19 pandemic have shown how timely information sharing is essential to promptly and effectively react to emergencies. Internet of Things has magnified the possibility of acquiring information from different sensors and using it for emergency management and response. However, it has also amplified the potential of information misuse and unauthorized access to information by untrusted users. Therefore, this paper proposes an access control framework tailored to MQTT-based IoT ecosystems. By leveraging Complex Event Processing, we can enforce controlled and timely data sharing in emergency and ordinary situations. The system has been tested with a case study that targets patient monitoring during the COVID-19 pandemic, showing promising results.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"120 ","pages":"Article 102829"},"PeriodicalIF":5.6,"publicationDate":"2022-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9259026/pdf/","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"40494324","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"What changed in the cyber-security after COVID-19?","authors":"Rajesh Kumar, Siddharth Sharma, Chirag Vachhani, Nitish Yadav","doi":"10.1016/j.cose.2022.102821","DOIUrl":"10.1016/j.cose.2022.102821","url":null,"abstract":"<div><p>This paper examines the transition in the cyber-security discipline induced by the ongoing COVID-19 pandemic. Using the classical information retrieval techniques, a more than twenty thousand documents are analyzed for the cyber content. In particular, we build the topic models using the Latent Dirichlet Allocation (LDA) unsupervised machine learning algorithm. The literature corpus is build through a uniform keyword search process made on the scholarly and the non-scholarly platforms filtered through the years 2010-2021. To qualitatively know the impact of COVID-19 pandemic on cyber-security, and perform a trend analysis of key themes, we organize the entire corpus into various (combination of) categories based on time period and whether the literature has undergone peer review process. Based on the weighted distribution of keywords in the aggregated corpus, we identify the key themes. While in the pre-COVID-19 period, the topics of cyber-threats to technology, privacy policy, blockchain remain popular, in the post-COVID-19 period, focus has shifted to challenges directly or indirectly brought by the pandemic. In particular, we observe post-COVID-19 cyber-security themes of privacy in healthcare, cyber insurance, cyber risks in supply chain gaining recognition. Few cyber-topics such as of malware, control system security remain important in perpetuity.</p><p>We believe our work represents the evolving nature of the cyber-security discipline and reaffirms the need to tailor appropriate interventions by noting the key trends.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"120 ","pages":"Article 102821"},"PeriodicalIF":5.6,"publicationDate":"2022-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9254575/pdf/","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"40592393","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Junaid Haseeb , Saif Ur Rehman Malik , Masood Mansoori , Ian Welch
{"title":"Probabilistic modelling of deception-based security framework using markov decision process","authors":"Junaid Haseeb , Saif Ur Rehman Malik , Masood Mansoori , Ian Welch","doi":"10.1016/j.cose.2021.102599","DOIUrl":"10.1016/j.cose.2021.102599","url":null,"abstract":"<div><p><span>Existing studies using deception are ad-hoc attempts and few theoretical models have been designed to plan and integrate deception. We theorise that a pre-planning stage should be a fundamental part to obtain information about the attackers’ behaviours and the attack process by analysing known attacks. This will help plan and take defence actions by actively interacting with the attackers and predicting their actions using a probabilistic approach. This paper proposes a framework that provides a theoretical understanding to plan and integrate deception systematically and strategically. We also present probabilistic modelling to predict attack actions by formalising a real case of attacks captured on simulated </span>Internet of Things devices<span> as an Markov Decision Process<span> (MDP) and verifying related properties using Probabilistic Symbolic Model Checker (PRISM). MDP’s properties verification results reveal that the associated cost for defence actions can be decreased by successfully predicting attackers’ probable actions. Moreover, we identify several quantification metrics (e.g. cost, reward, trust, incentive and penalty) to evaluate the performance of actions performed by attackers and defenders.</span></span></p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"115 ","pages":"Article 102599"},"PeriodicalIF":5.6,"publicationDate":"2022-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41456071","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Filipo Sharevski, Raniem Alsaadi, Peter Jachim, Emma Pieroni
{"title":"Misinformation warnings: Twitter’s soft moderation effects on COVID-19 vaccine belief echoes","authors":"Filipo Sharevski, Raniem Alsaadi, Peter Jachim, Emma Pieroni","doi":"10.1016/j.cose.2021.102577","DOIUrl":"10.1016/j.cose.2021.102577","url":null,"abstract":"<div><p>Twitter, prompted by the rapid spread of alternative narratives, started actively warning users about the spread of COVID-19 misinformation. This form of soft moderation comes in two forms: as an interstitial cover before the Tweet is displayed to the user or as a contextual tag displayed below the Tweet. We conducted a 319-participants study with both verified and misleading Tweets covered or tagged with the COVID-19 misinformation warnings to investigate how Twitter users perceive the accuracy of COVID-19 vaccine content on Twitter. The results suggest that the interstitial covers work, but not the contextual tags, in reducing the perceived accuracy of COVID-19 misinformation. Soft moderation is known to create so-called ”belief echoes” where the warnings echo back, instead of dispelling, preexisting beliefs about morally-charged topics. We found that such “belief echoes” do exist among Twitter users in relationship to the perceived safety and efficacy of the COVID-19 vaccine as well as the vaccination hesitancy for themselves and their children. These “belief echoes” manifested as skepticism of adequate COVID-19 immunization particularly among Republicans and Independents as well as female Twitter users. Surprisingly, we found that the belief echoes are strong enough to preclude adult Twitter users to receive the COVID-19 vaccine regardless of their education level.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"114 ","pages":"Article 102577"},"PeriodicalIF":5.6,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8675217/pdf/","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"10358446","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Multiuser physical layer security mechanism in the wireless communication system of the IIOT","authors":"Ruizhong Du , Lin Zhen","doi":"10.1016/j.cose.2021.102559","DOIUrl":"10.1016/j.cose.2021.102559","url":null,"abstract":"<div><p>Wireless system in industrial scene plays an important role in the process of automation. This kind of system urgently needs low complexity, lightweight, high security authentication mechanism. The emergence of physical layer authentication meets these requirements. However, the existing authentication mechanism based on binary hypothesis testing can only perform ideally under fixed conditions, and cannot distinguish multiple users; The authentication mechanism based on deep neural network (DNN) algorithm has limitations in small sample learning and parameter setting. In order to further improve the accuracy of authentication in dynamic industrial scenarios, a new multiuser physical layer authentication scheme is proposed. The mechanism uses machine learning algorithm based on autonomous parameter optimization to replace the traditional decision making method based on user-defined threshold, and is suitable for small sample learning. This paper takes the channel matrix estimated by the mobile node as the authentication input, obtains different channel matrix dimensions through down sampling, and finds out the optimal channel matrix dimension through experiments, so as to reduce the running time and improve the authentication accuracy. A large number of simulations are carried out using the public dynamic industrial scene data set. Compared with the existing authentication schemes, the proposed authentication scheme further improves the accuracy of multiuser authentication in dynamic industrial scenarios.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"113 ","pages":"Article 102559"},"PeriodicalIF":5.6,"publicationDate":"2022-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41841885","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Voluntary and instrumental information security policy compliance: an integrated view of prosocial motivation, self-regulation and deterrence","authors":"Yan Chen , Weidong Xia , Karlene Cousins","doi":"10.1016/j.cose.2021.102568","DOIUrl":"10.1016/j.cose.2021.102568","url":null,"abstract":"<div><p>Understanding employees’ motivations and behaviors toward compliance with information security policies (ISPs) remains a theoretical and practical challenge. Although previous information security researchers have investigated different motivational factors related to ISP compliance, most have not recognized different forms of ISP compliance behaviors characterized by their levels of willingness and persistence, nor have they noted the importance of adopting an other-oriented lens to examine such behaviors. In this paper, we propose and test an integrated model that investigates how various motivational factors affect different ISP compliance behaviors. Specifically, the model anchors on the prosocial motivational perspective in addition to the instrumental and self-regulatory motivational perspectives and investigates two types of compliance behaviors (voluntary ISP compliance and instrumental ISP compliance). We tested our model using survey data collected from 407 employee respondents. Our results show that the three sets of motivational factors have different effects on the two types of ISP compliance behaviors. Prosocial motivation and self-regulatory motivation positively affect voluntary ISP compliance behavior. Deterrence as an instrumental control leads to instrumental ISP compliance behavior but undermines voluntary ISP compliance behavior. Our study highlights that, to foster employees’ voluntary ISP compliance, organizations need to take a more holistic approach by integrating the prosocial approach with the instrumental and self-regulatory approaches in managing voluntary compliance behaviors, while being mindful of the negative effects of instrumental controls (e.g., deterrence) on such behaviors.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"113 ","pages":"Article 102568"},"PeriodicalIF":5.6,"publicationDate":"2022-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42157295","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Vincent Omollo Nyangaresi , Anthony Joachim Rodrigues
{"title":"Efficient handover protocol for 5G and beyond networks","authors":"Vincent Omollo Nyangaresi , Anthony Joachim Rodrigues","doi":"10.1016/j.cose.2021.102546","DOIUrl":"10.1016/j.cose.2021.102546","url":null,"abstract":"<div><p><span><span><span><span>The fifth generation (5G) and beyond 5G (B5G) networks offer ultra-low latencies, higher reliability, scalability, data rates and capacities to support applications such as </span>vehicular communications, </span>internet of everything<span><span><span> (IoE) and device to device (D2D) communication. In spite of these excellent features, user privacy, resource management and handover </span>authentications present some challenges. To facilitate seamless connectivity in 5G and B5G networks, numerous </span>machine learning schemes have been developed to facilitate target cell selection based on parameters such as signal strength and </span></span>signal to noise ratio<span> (SNR). However, most of these approaches concentrate on performance enhancements, ignoring security and privacy issues. On their part, majority of the conventional handover authentication schemes<span> exhibit long latencies which contravenes 5G and B5G requirements. Moreover, the base stations in these networks have very small footprints and hence require the deployment of numerous base stations within the coverage area. This serves to compound performance, security and privacy issues due to the resulting frequent handovers. In this paper, a multilayer neural network (MLNN) privacy and security preservation protocol is presented. To facilitate target cell selection, parameters that took user satisfaction, network, user equipment (UE) and service requirements into consideration were deployed so as to enhance both quality of service (QoS) and </span></span></span>quality of experience (QoE) during and after handover. For handover security, timestamps, ephemerals and random nonces were deployed during handover authentication to offer both security and privacy. Formal security analysis using Burrows-Abadi-Needham (BAN) showed that the proposed protocol offered strong mutual authentication among the communicating entities. On the other hand, informal security analysis showed that the proposed protocol offers perfect forward key secrecy and is robust against attacks such as impersonation and packet replays. In addition, performance evaluation showed that it has the lowest communication costs and average computation overheads. Moreover, it exhibited a 27.1% increase in handover success rate, and a 24.1% reduction in ping pong rate.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"113 ","pages":"Article 102546"},"PeriodicalIF":5.6,"publicationDate":"2022-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41311963","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A novel malware classification and augmentation model based on convolutional neural network","authors":"Adem Tekerek , Muhammed Mutlu Yapici","doi":"10.1016/j.cose.2021.102515","DOIUrl":"10.1016/j.cose.2021.102515","url":null,"abstract":"<div><p><span><span>The rapid development and widespread use of the Internet have led to an increase in the number and variety of malware proliferating via the Internet. Malware is the general nomenclature for malicious software. Malware classification is an undecidable problem and technically NP hard problem because the halting problem is NP hard. In this study, we proposed a </span>convolutional neural network<span> based novel method for malware classification. Since CNN models use the images as input, bytes files are transformed to gray separately and RGB image<span> formats for the classification process. A new approach called B2IMG is developed for the transformation of bytes file. Moreover, a new CycleGAN-based data augmentation method is proposed to address the problem of </span></span></span>imbalanced data<span> size between malware families. The proposed system was tested on the BIG2015, and DumpWare10 datasets. According to the experimental results, classification performance increased thanks to the proposed data augmentation method. The accuracy of the classification is 99.86% for the BIG2015 dataset and 99.60% for the dataset.</span></p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"112 ","pages":"Article 102515"},"PeriodicalIF":5.6,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41953410","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}