Cyber Situational Awareness Techniques and Human Factors

A special issue of Journal of Cybersecurity and Privacy (ISSN 2624-800X). This special issue belongs to the section "Security Engineering & Applications".

Deadline for manuscript submissions: closed (20 November 2022) | Viewed by 77411

Special Issue Editors

Department of Electronic and Electrical Engineering, University of Strathclyde, Glasgow, Scotland G1 1XW, UK
Interests: cyber-security; deception; maritime security; critical infrastructure security; intrusion detection systems; cyber situational awareness; cyber security training
Special Issues, Collections and Topics in MDPI journals
Department of Electronic and Electrical Engineering, University of Strathclyde, Glasgow, Scotland G1 1XW, UK
Interests: cryptography; chaos theory; secure communications; privacy; cyber-security; blockchain
Special Issues, Collections and Topics in MDPI journals
Department of Computer Science, Cardiff School of Technologies, Cardiff Metropolitan University, Llandaff Campus, Western Avenue, Cardiff, UK
Interests: cryptography; cyber security; secret sharing; resilient, smart and anonymized cloud-based data storage methods
Abertay University, School of Design and Informatics, Bell Street, Dundee DD1 1HG, Scotland, UK
Interests: intrusion detection systems; artificial intelligence; machine learning; cyber-security; mobile security; IoT security

Special Issue Information

Dear Colleagues,

Over the past decade, the rise of new technologies, such as the Internet of Things and associated interfaces, has dramatically increased our reliance on the cyberspace and the need to understand our environment accurately, to predict, respond, and solve potential cybersecurity problems that may occur.

Cyber situational awareness focuses on the correlation of disparate data, playing an integral role in information assurance. In order to achieve cyber situational awareness, understand new threats, and better our defenses, we must obtain relevant information across organizational structures and turn it into usable intelligence allowing security analysts and operators to:

  • Make informed decisions;
  • Visualize their environment;
  • Understand the security posture of the infrastructure;
  • Understand the destructive actions of adversaries;
  • Identify key indicators of malicious activities;
  • Determine the best defense to hinder or stop said malicious activities.

While these applications of CSA have been proven beneficial for the cybersecurity industry, they have also highlighted a number of shortcomings, such as the lack of interconnection with human factors, the difficulty to create fusion centers, the lack of a collaborative defense approach (from a user or network perspective), and the need for CSA frameworks, to name a few.

This Special Issue on “Cyber Situational Awareness Techniques and Human Factors” is aimed at industrial and academic researchers applying non-traditional methods to solve cybersecurity problems. The key areas of this Special Issue include but are not limited to:

  • situational awareness assessments
  • information security metrics and measurements
  • OSING
  • cyber behavioral analytics and profiling
  • PsyOPS
  • web analytics and incident response
  • social network intelligence
  • game theory
  • cyberattack scenarios
  • situation-aware application
  • context-aware application
  • situation-aware network
  • context-aware network
  • attack graphs
  • security and incident analysis
  • sensor fusion
  • data correlation
  • cyber psychology
  • human decision control
  • proactive defense strategies

Dr. Xavier Bellekens
Dr. Mohamed Amine Ben Farah
Dr. Elochukwu Ukwandu
Dr. Hanan Hindy
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Journal of Cybersecurity and Privacy is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (10 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Review, Other

15 pages, 1077 KiB  
Article
The Cybersecurity Awareness INventory (CAIN): Early Phases of Development of a Tool for Assessing Cybersecurity Knowledge Based on the ISO/IEC 27032
by Giorgia Tempestini, Ericka Rovira, Aryn Pyke and Francesco Di Nocera
J. Cybersecur. Priv. 2023, 3(1), 61-75; https://doi.org/10.3390/jcp3010005 - 16 Feb 2023
Cited by 2 | Viewed by 2605
Abstract
Knowledge of possible cyber threats as well as awareness of appropriate security measures plays a crucial role in the ability of individuals to not only discriminate between an innocuous versus a dangerous cyber event, but more importantly to initiate appropriate cybersecurity behaviors. The [...] Read more.
Knowledge of possible cyber threats as well as awareness of appropriate security measures plays a crucial role in the ability of individuals to not only discriminate between an innocuous versus a dangerous cyber event, but more importantly to initiate appropriate cybersecurity behaviors. The purpose of this study was to construct a Cybersecurity Awareness INventory (CAIN) to be used as an instrument to assess users’ cybersecurity knowledge by providing a proficiency score that could be correlated with cyber security behaviors. A scale consisting of 46 items was derived from ISO/IEC 27032. The questionnaire was administered to a sample of college students (N = 277). Based on cybersecurity behaviors reported to the research team by the college’s IT department, each participant was divided into three groups according to the risk reports they received in the past nine months (no risk, low risk, and medium risk). The ANOVA results showed a statistically significant difference in CAIN scores between those in the no risk and medium-risk groups; as expected, CAIN scores were lower in the medium-risk group. The CAIN has the potential to be a useful assessment tool for cyber training programs as well as future studies investigating individuals’ vulnerability to cyberthreats. Full article
(This article belongs to the Special Issue Cyber Situational Awareness Techniques and Human Factors)
Show Figures

Figure 1

14 pages, 286 KiB  
Article
Addressing Human Factors in Cybersecurity Leadership
by William J. Triplett
J. Cybersecur. Priv. 2022, 2(3), 573-586; https://doi.org/10.3390/jcp2030029 - 22 Jul 2022
Cited by 9 | Viewed by 8973
Abstract
This article identifies human factors in workplaces that contribute to the challenges faced by cybersecurity leadership within organizations and discusses strategic communication, human–computer interaction, organizational factors, social environments, and security awareness training. Cybersecurity does not simply focus on information technology systems; it also [...] Read more.
This article identifies human factors in workplaces that contribute to the challenges faced by cybersecurity leadership within organizations and discusses strategic communication, human–computer interaction, organizational factors, social environments, and security awareness training. Cybersecurity does not simply focus on information technology systems; it also considers how humans use information systems and susceptible actions leading to vulnerabilities. As cyber leaders begin to identify human behavior and processes and collaborate with individuals of the same mindset, an organization’s strategy can improve substantially. Cybersecurity has been an expanding focal point from the viewpoint of human factors. Human inaccuracy can be unintentional due to an inaccurate strategic implementation or accurate unsatisfactory plan implementation. A systematic literature review was conducted to realize unintentional human factors in cybersecurity leadership. The results indicate that humans were the weakest link during the transmission of secure data. Furthermore, specific complacent and unintentional behaviors were observed, enabled by the ignorance of leaders and employees. Therefore, the enforcement of cybersecurity focuses on education, awareness, and communication. A research agenda is outlined, highlighting a further need for interdisciplinary research. This study adopts an original approach by viewing security from a human perspective and assessing how people can reduce cybersecurity incidents. Full article
(This article belongs to the Special Issue Cyber Situational Awareness Techniques and Human Factors)
26 pages, 326 KiB  
Article
Work Experience as a Factor in Cyber-Security Risk Awareness: A Survey Study with University Students
by Tibor Pósa and Jens Grossklags
J. Cybersecur. Priv. 2022, 2(3), 490-515; https://doi.org/10.3390/jcp2030025 - 28 Jun 2022
Cited by 3 | Viewed by 6216
Abstract
The emergence of the COVID-19 pandemic in early 2020 has transformed how individuals work and learn and how they can apply cyber-security requirements in their, mostly remote, environments. This transformation also affected the university student population; some needed to adjust to new remote [...] Read more.
The emergence of the COVID-19 pandemic in early 2020 has transformed how individuals work and learn and how they can apply cyber-security requirements in their, mostly remote, environments. This transformation also affected the university student population; some needed to adjust to new remote work settings, and all needed to adjust to the new remote study environment. In this online research study, we surveyed a large number of university students (n = 798) to understand their expectations in terms of support and help for this new remote work and study environment. We also asked students to report on their practices regarding remote location and Wi-Fi security settings, smart home device usage, BYOD (bring your own device) and personal device usage and social engineering threats, which can all lead to compromised security. A key aspect of our work is a comparison between the practices of students having work experience with the practices of students having no such additional experience. We identified that both the expectations and the level of cyber-security awareness differ significantly between the two student populations and that cyber-security awareness is increased by work experience. Work experience students are more aware of the cyber-security risks associated with a remote environment, and a higher portion of them know the dedicated employee whom they can contact in the event of incidents. We present the organizational security practices through the lens of employees with initial work experience, contributing to a topic that has so far received only limited attention from researchers. We provide recommendations for remote study settings and also for remote work environments, especially where the existing research literature survey results differ from the findings of our survey. Full article
(This article belongs to the Special Issue Cyber Situational Awareness Techniques and Human Factors)
16 pages, 283 KiB  
Article
Checked and Approved? Human Resources Managers’ Uses of Social Media for Cybervetting
by Michel Walrave, Joris Van Ouytsel, Kay Diederen and Koen Ponnet
J. Cybersecur. Priv. 2022, 2(2), 402-417; https://doi.org/10.3390/jcp2020021 - 08 Jun 2022
Viewed by 4668
Abstract
Human resource (HR) professionals who assess job candidates may engage in cybervetting, the collection and analysis of applicants’ personal information available on social network sites (SNS). This raises important questions about the privacy of job applicants. In this study, interviews were conducted with [...] Read more.
Human resource (HR) professionals who assess job candidates may engage in cybervetting, the collection and analysis of applicants’ personal information available on social network sites (SNS). This raises important questions about the privacy of job applicants. In this study, interviews were conducted with 24 HR professionals from profit and governmental organizations to examine how information found on SNS is used to screen job applicants. HR managers were found to check for possible mismatches between the online information and the experiences and competences claimed by candidates. Pictures of the job candidates’ spare time activities, drinking behavior, and physical appearance are seen as very informative. Pictures posted by job candidates’ connections are valued as more informative than those posted by the applicants themselves. Governmental organizations’ HR managers differ from profit-sector professionals by the fact that political views may play a role for the former. Finally, some HR professionals do not collect personal information about job candidates through social media, since they aim to respect a clear distinction between private life and work. They do not want to be influenced by information that has no relation with candidates’ qualifications. The study’s implications for theory and practice are also discussed. Full article
(This article belongs to the Special Issue Cyber Situational Awareness Techniques and Human Factors)
29 pages, 833 KiB  
Article
The Effect of Countermeasure Readability on Security Intentions
by Tim Smit, Max van Haastrecht and Marco Spruit
J. Cybersecur. Priv. 2021, 1(4), 675-703; https://doi.org/10.3390/jcp1040034 - 19 Nov 2021
Cited by 2 | Viewed by 5846
Abstract
Human failure is a primary contributor to successful cyber attacks. For any cybersecurity initiative, it is therefore vital to motivate individuals to implement secure behavior. Research using protection motivation theory (PMT) has given insights into what motivates people to safeguard themselves in cyberspace. [...] Read more.
Human failure is a primary contributor to successful cyber attacks. For any cybersecurity initiative, it is therefore vital to motivate individuals to implement secure behavior. Research using protection motivation theory (PMT) has given insights into what motivates people to safeguard themselves in cyberspace. Recent PMT results have highlighted the central role of the coping appraisal in the cybersecurity context. In cybersecurity, we cope with threats using countermeasures. Research has shown that countermeasure awareness is a significant antecedent to all coping appraisal elements. Yet, although awareness plays a key role within the PMT framework, it is generally challenging to influence. A factor that is easy to influence is countermeasure readability. Earlier work has shown the impact of readability on understanding and that readability metrics make measuring and improving readability simple. Therefore, our research aims to clarify the relationship between countermeasure readability and security intentions. We propose an extended theoretical framework and investigate its implications using a survey. In line with related studies, results indicate that people are more likely to have favorable security intentions if they are aware of countermeasures and are confident in their ability to implement them. Crucially, the data show that countermeasure readability influences security intentions. Our results imply that cybersecurity professionals can utilize readability metrics to assess and improve the readability of countermeasure texts, providing an actionable avenue towards influencing security intentions. Full article
(This article belongs to the Special Issue Cyber Situational Awareness Techniques and Human Factors)
Show Figures

Figure 1

20 pages, 960 KiB  
Article
Enhancing Machine Learning Prediction in Cybersecurity Using Dynamic Feature Selector
by Mostofa Ahsan, Rahul Gomes, Md. Minhaz Chowdhury and Kendall E. Nygard
J. Cybersecur. Priv. 2021, 1(1), 199-218; https://doi.org/10.3390/jcp1010011 - 21 Mar 2021
Cited by 47 | Viewed by 7338
Abstract
Machine learning algorithms are becoming very efficient in intrusion detection systems with their real time response and adaptive learning process. A robust machine learning model can be deployed for anomaly detection by using a comprehensive dataset with multiple attack types. Nowadays datasets contain [...] Read more.
Machine learning algorithms are becoming very efficient in intrusion detection systems with their real time response and adaptive learning process. A robust machine learning model can be deployed for anomaly detection by using a comprehensive dataset with multiple attack types. Nowadays datasets contain many attributes. Such high dimensionality of datasets poses a significant challenge to information extraction in terms of time and space complexity. Moreover, having so many attributes may be a hindrance towards creation of a decision boundary due to noise in the dataset. Large scale data with redundant or insignificant features increases the computational time and often decreases goodness of fit which is a critical issue in cybersecurity. In this research, we have proposed and implemented an efficient feature selection algorithm to filter insignificant variables. Our proposed Dynamic Feature Selector (DFS) uses statistical analysis and feature importance tests to reduce model complexity and improve prediction accuracy. To evaluate DFS, we conducted experiments on two datasets used for cybersecurity research namely Network Security Laboratory (NSL-KDD) and University of New South Wales (UNSW-NB15). In the meta-learning stage, four algorithms were compared namely Bidirectional Long Short-Term Memory (Bi-LSTM), Gated Recurrent Units, Random Forest and a proposed Convolutional Neural Network and Long Short-Term Memory (CNN-LSTM) for accuracy estimation. For NSL-KDD, experiments revealed an increment in accuracy from 99.54% to 99.64% while reducing feature size of one-hot encoded features from 123 to 50. In UNSW-NB15 we observed an increase in accuracy from 90.98% to 92.46% while reducing feature size from 196 to 47. The proposed approach is thus able to achieve higher accuracy while significantly lowering number of features required for processing. Full article
(This article belongs to the Special Issue Cyber Situational Awareness Techniques and Human Factors)
Show Figures

Figure 1

Review

Jump to: Research, Other

18 pages, 1304 KiB  
Review
Cybersecurity Practices for Social Media Users: A Systematic Literature Review
by Thilini B. G. Herath, Prashant Khanna and Monjur Ahmed
J. Cybersecur. Priv. 2022, 2(1), 1-18; https://doi.org/10.3390/jcp2010001 - 20 Jan 2022
Cited by 23 | Viewed by 15044
Abstract
In this paper, we present secondary research on recommended cybersecurity practices for social media users from the user’s point of view. Through following a structured methodological approach of the systematic literature review presented, aspects related to cyber threats, cyber awareness, and cyber behavior [...] Read more.
In this paper, we present secondary research on recommended cybersecurity practices for social media users from the user’s point of view. Through following a structured methodological approach of the systematic literature review presented, aspects related to cyber threats, cyber awareness, and cyber behavior in internet and social media use are considered in the study. The study presented finds that there are many cyber threats existing within the social media platform, such as loss of productivity, cyber bullying, cyber stalking, identity theft, social information overload, inconsistent personal branding, personal reputation damage, data breach, malicious software, service interruptions, hacks, and unauthorized access to social media accounts. Among other findings, the study also reveals that demographic factors, for example age, gender, and education level, may not necessarily be influential factors affecting the cyber awareness of the internet users. Full article
(This article belongs to the Special Issue Cyber Situational Awareness Techniques and Human Factors)
Show Figures

Figure 1

21 pages, 538 KiB  
Review
Augmented Reality and the Digital Twin: State-of-the-Art and Perspectives for Cybersecurity
by Fabian Böhm, Marietheres Dietz, Tobias Preindl and Günther Pernul
J. Cybersecur. Priv. 2021, 1(3), 519-538; https://doi.org/10.3390/jcp1030026 - 09 Sep 2021
Cited by 9 | Viewed by 10438
Abstract
The rapid advancements of technology related to the Internet of Things and Cyber-Physical Systems mark an ongoing industrial revolution. Digital Twins and Augmented Reality play a significant role in this technological advancement. They are highly complementary concepts enabling the representation of physical assets [...] Read more.
The rapid advancements of technology related to the Internet of Things and Cyber-Physical Systems mark an ongoing industrial revolution. Digital Twins and Augmented Reality play a significant role in this technological advancement. They are highly complementary concepts enabling the representation of physical assets in the digital space (Digital Twin) and the augmentation of physical space with digital information (Augmented Reality). Throughout the last few years, research has picked up on this and explored the possibilities of combining DT and AR. However, cybersecurity scholars have not yet paid much attention to this combined-arms approach, despite its potential. Especially, concerning contemporary security challenges, such as developing cyber situational awareness and including human factors into cybersecurity, AR and DT, offer tremendous potential for improvement. In this work, we systematize existing knowledge on AR-powered DTs and shed light on why and how cybersecurity could benefit from this combination. Full article
(This article belongs to the Special Issue Cyber Situational Awareness Techniques and Human Factors)
Show Figures

Figure 1

Other

Jump to: Research, Review

29 pages, 659 KiB  
Systematic Review
SoK: An Evaluation of the Secure End User Experience on the Dark Net through Systematic Literature Review
by Faiza Tazi, Sunny Shrestha, Junibel De La Cruz and Sanchari Das
J. Cybersecur. Priv. 2022, 2(2), 329-357; https://doi.org/10.3390/jcp2020018 - 27 May 2022
Cited by 5 | Viewed by 6615
Abstract
The World Wide Web (www) consists of the surface web, deep web, and Dark Web, depending on the content shared and the access to these network layers. Dark Web consists of the Dark Net overlay of networks that can be accessed through specific [...] Read more.
The World Wide Web (www) consists of the surface web, deep web, and Dark Web, depending on the content shared and the access to these network layers. Dark Web consists of the Dark Net overlay of networks that can be accessed through specific software and authorization schema. Dark Net has become a growing community where users focus on keeping their identities, personal information, and locations secret due to the diverse population base and well-known cyber threats. Furthermore, not much is known of Dark Net from the user perspective, where often there is a misunderstanding of the usage strategies. To understand this further, we conducted a systematic analysis of research relating to Dark Net privacy and security on N=200 academic papers, where we also explored the user side. An evaluation of secure end-user experience on the Dark Net establishes the motives of account initialization in overlaid networks such as Tor. This work delves into the evolution of Dark Net intelligence for improved cybercrime strategies across jurisdictions. The evaluation of the developing network infrastructure of the Dark Net raises meaningful questions on how to resolve the issue of increasing criminal activity on the Dark Web. We further examine the security features afforded to users, motives, and anonymity revocation. We also evaluate more closely nine user-study-focused papers revealing the importance of conducting more research in this area. Our detailed systematic review of Dark Net security clearly shows the apparent research gaps, especially in the user-focused studies emphasized in the paper. Full article
(This article belongs to the Special Issue Cyber Situational Awareness Techniques and Human Factors)
Show Figures

Figure 1

12 pages, 416 KiB  
Viewpoint
Getting Rid of the Usability/Security Trade-Off: A Behavioral Approach
by Francesco Di Nocera and Giorgia Tempestini
J. Cybersecur. Priv. 2022, 2(2), 245-256; https://doi.org/10.3390/jcp2020013 - 28 Mar 2022
Cited by 2 | Viewed by 7057
Abstract
The usability/security trade-off indicates the inversely proportional relationship that seems to exist between usability and security. The more secure the systems, the less usable they will be. On the contrary, more usable systems will be less secure. So far, attempts to reduce the [...] Read more.
The usability/security trade-off indicates the inversely proportional relationship that seems to exist between usability and security. The more secure the systems, the less usable they will be. On the contrary, more usable systems will be less secure. So far, attempts to reduce the gap between usability and security have been unsuccessful. In this paper, we offer a theoretical perspective to exploit this tradeoff rather than fight it, as well as a practical approach to the use of contextual improvements in system usability to reward secure behavior. The theoretical perspective, based on the concept of reinforcement, has been successfully applied to several domains, and there is no reason to believe that the cybersecurity domain will represent an exception. Although the purpose of this article is to devise a research agenda, we also provide an example based on a single-case study where we apply the rationale underlying our proposal in a laboratory experiment. Full article
(This article belongs to the Special Issue Cyber Situational Awareness Techniques and Human Factors)
Show Figures

Figure 1

Back to TopTop