Visible to the public Biblio

Found 222 results

Filters: Keyword is Tools  [Clear All Filters]
2020-07-10
Koloveas, Paris, Chantzios, Thanasis, Tryfonopoulos, Christos, Skiadopoulos, Spiros.  2019.  A Crawler Architecture for Harvesting the Clear, Social, and Dark Web for IoT-Related Cyber-Threat Intelligence. 2019 IEEE World Congress on Services (SERVICES). 2642-939X:3—8.
The clear, social, and dark web have lately been identified as rich sources of valuable cyber-security information that -given the appropriate tools and methods-may be identified, crawled and subsequently leveraged to actionable cyber-threat intelligence. In this work, we focus on the information gathering task, and present a novel crawling architecture for transparently harvesting data from security websites in the clear web, security forums in the social web, and hacker forums/marketplaces in the dark web. The proposed architecture adopts a two-phase approach to data harvesting. Initially a machine learning-based crawler is used to direct the harvesting towards websites of interest, while in the second phase state-of-the-art statistical language modelling techniques are used to represent the harvested information in a latent low-dimensional feature space and rank it based on its potential relevance to the task at hand. The proposed architecture is realised using exclusively open-source tools, and a preliminary evaluation with crowdsourced results demonstrates its effectiveness.
2020-07-03
Zhang, Yonghong, Zheng, Peijia, Luo, Weiqi.  2019.  Privacy-Preserving Outsourcing Computation of QR Decomposition in the Encrypted Domain. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :389—396.
Signal processing in encrypted domain has become an important mean to protect privacy in an untrusted network environment. Due to the limitations of the underlying encryption methods, many useful algorithms that are sophisticated are not well implemented. Considering that QR decomposition is widely used in many fields, in this paper, we propose to implement QR decomposition in homomorphic encrypted domain. We firstly realize some necessary primitive operations in homomorphic encrypted domain, including division and open square operation. Gram-Schmidt process is then studied in the encrypted domain. We propose the implementation of QR decomposition in the encrypted domain by using the secure implementation of Gram-Schmidt process. We conduct experiments to demonstrate the effectiveness and analyze the performance of the proposed outsourced QR decomposition.
Feng, Ri-Chen, Lin, Daw-Tung, Chen, Ken-Min, Lin, Yi-Yao, Liu, Chin-De.  2019.  Improving Deep Learning by Incorporating Semi-automatic Moving Object Annotation and Filtering for Vision-based Vehicle Detection*. 2019 IEEE International Conference on Systems, Man and Cybernetics (SMC). :2484—2489.
Deep learning has undergone tremendous advancements in computer vision studies. The training of deep learning neural networks depends on a considerable amount of ground truth datasets. However, labeling ground truth data is a labor-intensive task, particularly for large-volume video analytics applications such as video surveillance and vehicles detection for autonomous driving. This paper presents a rapid and accurate method for associative searching in big image data obtained from security monitoring systems. We developed a semi-automatic moving object annotation method for improving deep learning models. The proposed method comprises three stages, namely automatic foreground object extraction, object annotation in subsequent video frames, and dataset construction using human-in-the-loop quick selection. Furthermore, the proposed method expedites dataset collection and ground truth annotation processes. In contrast to data augmentation and data generative models, the proposed method produces a large amount of real data, which may facilitate training results and avoid adverse effects engendered by artifactual data. We applied the constructed annotation dataset to train a deep learning you-only-look-once (YOLO) model to perform vehicle detection on street intersection surveillance videos. Experimental results demonstrated that the accurate detection performance was improved from a mean average precision (mAP) of 83.99 to 88.03.
2020-06-29
Blazek, Petr, Gerlich, Tomas, Martinasek, Zdenek.  2019.  Scalable DDoS Mitigation System. 2019 42nd International Conference on Telecommunications and Signal Processing (TSP). :617–620.
Distributed Denial of Service attacks (DDoS) are used by attackers for their effectiveness. This type of attack is one of the most devastating attacks in the Internet. Every year, the intensity of DDoS attacks increases and attackers use sophisticated multi-target DDoS attacks. In this paper, a modular system that allows to increase the filtering capacity linearly and allows to protect against the combination of DDoS attacks is designed and implemented. The main motivation for development of the modular filtering system was to find a cheap solution for filtering DDoS attacks with possibility to increase filtering capacity. The proposed system is based on open-source detection and filtration tools.
2020-06-26
Puccetti, Armand.  2019.  The European H2020 project VESSEDIA (Verification Engineering of Safety and SEcurity critical Dynamic Industrial Applications). 2019 22nd Euromicro Conference on Digital System Design (DSD). :588—591.
This paper presents an overview of the H2020 project VESSEDIA [9] aimed at verifying the security and safety of modern connected systems also called IoT. The originality relies in using Formal Methods inherited from high-criticality applications domains to analyze the source code at different levels of intensity, to gather possible faults and weaknesses. The analysis methods are mostly exhaustive an guarantee that, after analysis, the source code of the application is error-free. This paper is structured as follows: after an introductory section 1 giving some factual data, section 2 presents the aims and the problems addressed; section 3 describes the project's use-cases and section 4 describes the proposed approach for solving these problems and the results achieved until now; finally, section 5 discusses some remaining future work.
2020-06-15
Gressl, Lukas, Steger, Christian, Neffe, Ulrich.  2019.  Consideration of Security Attacks in the Design Space Exploration of Embedded Systems. 2019 22nd Euromicro Conference on Digital System Design (DSD). :530–537.
Designing secure systems is a complex task, particularly for designers who are no security experts. Cyber security plays a key role in embedded systems, especially for the domain of the Internet of Things (IoT). IoT systems of this kind are becoming increasingly important in daily life as they simplify various tasks. They are usually small, either embedded into bigger systems or battery driven, and perform monitoring or one shot tasks. Thus, they are subject to manifold constraints in terms of performance, power consumption, chip area, etc. As they are continuously connected to the internet and utilize our private data to perform their tasks, they are interesting for potential attackers. Cyber security thus plays an important role for the design of an IoT system. As the usage of security measures usually increases both computation time, as well as power consumption, a conflict between these constraints must be solved. For the designers of such systems, balancing these constraints constitutes a highly complex task. In this paper we propose a novel approach for considering possible security attacks on embedded systems, simplifying the consideration of security requirements immediately at the start of the design process. We introduce a security aware design space exploration framework which based on an architectural, behavioral and security attack description, finds the optimal design for IoT systems. We also demonstrate the feasibility and the benefits of our framework based on a door access system use case.
2020-06-04
Briggs, Shannon, Perrone, Michael, Peveler, Matthew, Drozdal, Jaimie, Balagyozyan, Lilit, Su, Hui.  2019.  Multimodal, Multiuser Immersive Brainstorming and Scenario Planning for Intelligence Analysis. 2019 IEEE International Symposium on Technologies for Homeland Security (HST). :1—4.

This paper discusses two pieces of software designed for intelligence analysis, the brainstorming tool and the Scenario Planning Advisor. These tools were developed in the Cognitive Immersive Systems Lab (CISL) in conjunction with IBM. We discuss the immersive environment the tools are situated in, and the proposed benefit for intelligence analysis.

2020-06-03
Cedillo, Priscila, Camacho, Jessica, Campos, Karina, Bermeo, Alexandra.  2019.  A Forensics Activity Logger to Extract User Activity from Mobile Devices. 2019 Sixth International Conference on eDemocracy eGovernment (ICEDEG). :286—290.

Nowadays, mobile devices have become one of the most popular instruments used by a person on its regular life, mainly due to the importance of their applications. In that context, mobile devices store user's personal information and even more data, becoming a personal tracker for daily activities that provides important information about the user. Derived from this gathering of information, many tools are available to use on mobile devices, with the restrain that each tool only provides isolated information about a specific application or activity. Therefore, the present work proposes a tool that allows investigators to obtain a complete report and timeline of the activities that were performed on the device. This report incorporates the information provided by many sources into a unique set of data. Also, by means of an example, it is presented the operation of the solution, which shows the feasibility in the use of this tool and shows the way in which investigators have to apply the tool.

2020-06-01
Halba, Khalid, Griffor, Edward, Kamongi, Patrick, Roth, Thomas.  2019.  Using Statistical Methods and Co-Simulation to Evaluate ADS-Equipped Vehicle Trustworthiness. 2019 Electric Vehicles International Conference (EV). :1–5.
With the increasing interest in studying Automated Driving System (ADS)-equipped vehicles through simulation, there is a growing need for comprehensive and agile middleware to provide novel Virtual Analysis (VA) functions of ADS-equipped vehicles towards enabling a reliable representation for pre-deployment test. The National Institute of Standards and Technology (NIST) Universal Cyber-physical systems Environment for Federation (UCEF) is such a VA environment. It provides Application Programming Interfaces (APIs) capable of ensuring synchronized interactions across multiple simulation platforms such as LabVIEW, OMNeT++, Ricardo IGNITE, and Internet of Things (IoT) platforms. UCEF can aid engineers and researchers in understanding the impact of different constraints associated with complex cyber-physical systems (CPS). In this work UCEF is used to produce a simulated Operational Domain Design (ODD) for ADS-equipped vehicles where control (drive cycle/speed pattern), sensing (obstacle detection, traffic signs and lights), and threats (unusual signals, hacked sources) are represented as UCEF federates to simulate a drive cycle and to feed it to vehicle dynamics simulators (e.g. OpenModelica or Ricardo IGNITE) through the Functional Mock-up Interface (FMI). In this way we can subject the vehicle to a wide range of scenarios, collect data on the resulting interactions, and analyze those interactions using metrics to understand trustworthiness impact. Trustworthiness is defined here as in the NIST Framework for Cyber-Physical Systems, and is comprised of system reliability, resiliency, safety, security, and privacy. The goal of this work is to provide an example of an experimental design strategy using Fractional Factorial Design for statistically assessing the most important safety metrics in ADS-equipped vehicles.
2020-05-22
Shah, Mujahid, Ahmed, Sheeraz, Saeed, Khalid, Junaid, Muhammad, Khan, Hamayun, Ata-ur-rehman.  2019.  Penetration Testing Active Reconnaissance Phase – Optimized Port Scanning With Nmap Tool. 2019 2nd International Conference on Computing, Mathematics and Engineering Technologies (iCoMET). :1—6.

Reconnaissance might be the longest phase, sometimes take weeks or months. The black hat makes use of passive information gathering techniques. Once the attacker has sufficient statistics, then the attacker starts the technique of scanning perimeter and internal network devices seeking out open ports and related services. In this paper we are showing traffic accountability and time to complete the specific task during reconnaissance phase active scanning with nmap tool and proposed strategies that how to deal with large volumes of hosts and conserve network traffic as well as time of the specific task.

2020-05-18
Panahandeh, Mahnaz, Ghanbari, Shirin.  2019.  Correction of Spaces in Persian Sentences for Tokenization. 2019 5th Conference on Knowledge Based Engineering and Innovation (KBEI). :670–674.
The exponential growth of the Internet and its users and the emergence of Web 2.0 have caused a large volume of textual data to be created. Automatic analysis of such data can be used in making decisions. As online text is created by different producers with different styles of writing, pre-processing is a necessity prior to any processes related to natural language tasks. An essential part of textual preprocessing prior to the recognition of the word vocabulary is normalization, which includes the correction of spaces that particularly in the Persian language this includes both full-spaces between words and half-spaces. Through the review of user comments within social media services, it can be seen that in many cases users do not adhere to grammatical rules of inserting both forms of spaces, which increases the complexity of the identification of words and henceforth, reducing the accuracy of further processing on the text. In this study, current issues in the normalization and tokenization of preprocessing tools within the Persian language and essentially identifying and correcting the separation of words are and the correction of spaces are proposed. The results obtained and compared to leading preprocessing tools highlight the significance of the proposed methodology.
Kermani, Fatemeh Hojati, Ghanbari, Shirin.  2019.  Extractive Persian Summarizer for News Websites. 2019 5th International Conference on Web Research (ICWR). :85–89.
Automatic extractive text summarization is the process of condensing textual information while preserving the important concepts. The proposed method after performing pre-processing on input Persian news articles generates a feature vector of salient sentences from a combination of statistical, semantic and heuristic methods and that are scored and concatenated accordingly. The scoring of the salient features is based on the article's title, proper nouns, pronouns, sentence length, keywords, topic words, sentence position, English words, and quotations. Experimental results on measurements including recall, F-measure, ROUGE-N are presented and compared to other Persian summarizers and shown to provide higher performance.
Liu, Xueqing.  2018.  Assisting the Development of Secure Mobile Apps with Natural Language Processing. 2018 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC). :279–280.
With the rapid growth of mobile devices and mobile apps, mobile has surpassed desktop and now has the largest worldwide market share [1]. While such growth brings in more opportunities, it also poses new challenges in security. Among the challenges, user privacy protection has drawn tremendous attention in recent years, especially after the Facebook-Cambridge Analytica data scandal in April 2018 [2].
2020-05-15
Egert, Rolf, Grube, Tim, Born, Dustin, Mühlhäuser, Max.  2019.  Modular Vulnerability Indication for the IoT in IP-Based Networks. 2019 IEEE Globecom Workshops (GC Wkshps). :1—6.

With the rapidly increasing number of Internet of Things (IoT) devices and their extensive integration into peoples' daily lives, the security of those devices is of primary importance. Nonetheless, many IoT devices suffer from the absence, or the bad application, of security concepts, which leads to severe vulnerabilities in those devices. To achieve early detection of potential vulnerabilities, network scanner tools are frequently used. However, most of those tools are highly specialized; thus, multiple tools and a meaningful correlation of their results are required to obtain an adequate listing of identified network vulnerabilities. To simplify this process, we propose a modular framework for automated network reconnaissance and vulnerability indication in IP-based networks. It allows integrating a diverse set of tools as either, scanning tools or analysis tools. Moreover, the framework enables result aggregation of different modules and allows information sharing between modules facilitating the development of advanced analysis modules. Additionally, intermediate scanning and analysis data is stored, enabling a historical view of derived information and also allowing users to retrace decision-making processes. We show the framework's modular capabilities by implementing one scanner module and three analysis modules. The automated process is then evaluated using an exemplary scenario with common IP-based IoT components.

Oujezsky, Vaclav, Chapcak, David, Horvath, Tomas, Munster, Petr.  2019.  Security Testing Of Active Optical Network Devices. 2019 42nd International Conference on Telecommunications and Signal Processing (TSP). :9—13.

This article presents results and overview of conducted testing of active optical network devices. The base for the testing is originating in Kali Linux and penetration testing generally. The goal of tests is to either confirm or disprove a vulnerability of devices used in the tested polygon. The first part deals with general overview and topology of testing devices, the next part is dedicated to active and passive exploration and exploits. The last part provides a summary of the results.

2020-05-11
Chandre, Pankaj Ramchandra, Mahalle, Parikshit Narendra, Shinde, Gitanjali Rahul.  2018.  Machine Learning Based Novel Approach for Intrusion Detection and Prevention System: A Tool Based Verification. 2018 IEEE Global Conference on Wireless Computing and Networking (GCWCN). :135–140.
Now a day, Wireless Sensor Networks are widely used in military applications by its applications, it is extended to healthcare, industrial environments and many more. As we know that, there are some unique features of WSNs such as limited power supply, minimum bandwidth and limited energy. So, to secure traditional network, multiple techniques are available, but we can't use same techniques to secure WSNs. So to increase the overall security of WSNs, we required new ideas as well as new approaches. In general, intrusion prevention is the primary issue in WSNs and intrusion detection already reached to saturation. Thus, we need an efficient solution for proactive intrusion prevention towards WSNs. Thus, formal validation of protocols in WSN is an essential area of research. This research paper aims to formally verify as well as model some protocol used for intrusion detection using AVISPA tool and HLPSL language. In this research paper, the results of authentication and DoS attacks were detected is presented, but there is a need to prevent such type of attacks. In this research paper, a system is proposed in order to avoid intrusion using machine learning for the wireless sensor network. So, the proposed system will be used for intrusion prevention in a wireless sensor network.
2020-05-08
Dionísio, Nuno, Alves, Fernando, Ferreira, Pedro M., Bessani, Alysson.  2019.  Cyberthreat Detection from Twitter using Deep Neural Networks. 2019 International Joint Conference on Neural Networks (IJCNN). :1—8.
To be prepared against cyberattacks, most organizations resort to security information and event management systems to monitor their infrastructures. These systems depend on the timeliness and relevance of the latest updates, patches and threats provided by cyberthreat intelligence feeds. Open source intelligence platforms, namely social media networks such as Twitter, are capable of aggregating a vast amount of cybersecurity-related sources. To process such information streams, we require scalable and efficient tools capable of identifying and summarizing relevant information for specified assets. This paper presents the processing pipeline of a novel tool that uses deep neural networks to process cybersecurity information received from Twitter. A convolutional neural network identifies tweets containing security-related information relevant to assets in an IT infrastructure. Then, a bidirectional long short-term memory network extracts named entities from these tweets to form a security alert or to fill an indicator of compromise. The proposed pipeline achieves an average 94% true positive rate and 91% true negative rate for the classification task and an average F1-score of 92% for the named entity recognition task, across three case study infrastructures.
Elmaghrabi, Azza Yousif, Eljack, Sarah Mustafa.  2019.  Enhancement of Moodle learning Management System Regarding Quizzes Security and Stability Problems. 2019 2nd International Conference on Computer Applications Information Security (ICCAIS). :1—7.

This study aims to enhance the security of Moodle system environment during the Execution of online exams, Taking into consideration the most common problems facing online exams and working to solve them. This was handled by improving the security performance of Moodle Quiz tool, which is one of the most important tools in the learning Management system as general and in Moodle system as well. In this paper we include two enhancement aspects: The first aspect is solving the problem of losing the answers during sudden short disconnection of the network because of the server crash or any other reasons, the second aspect is Increasing the level of confidentiality of e-Quiz by preventing accessing the Quiz from more than one computer or browser at the same time. In order to verify the efficiency of the new quiz tool features, the upgraded tool have been tested using an experimental test Moodle site.

2020-05-04
Jie, Bao, Liu, Jingju, Wang, Yongjie, Zhou, Xuan.  2019.  Digital Ant Mechanism and Its Application in Network Security. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :710–714.
Digital ant technology is a new distributed and self-organization cyberspace defense paradigm. This paper describes digital ants system's developing process, characteristics, system architecture and mechanisms to illustrate its superiority, searches the possible applications of digital ants system. The summary of the paper and the trends of digital ants system are pointed out.
2020-04-24
Ogale, Pushkar, Shin, Michael, Abeysinghe, Sasanka.  2018.  Identifying Security Spots for Data Integrity. 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC). 02:462—467.

This paper describes an approach to detecting malicious code introduced by insiders, which can compromise the data integrity in a program. The approach identifies security spots in a program, which are either malicious code or benign code. Malicious code is detected by reviewing each security spot to determine whether it is malicious or benign. The integrity breach conditions (IBCs) for object-oriented programs are specified to identify security spots in the programs. The IBCs are specified by means of the concepts of coupling within an object or between objects. A prototype tool is developed to validate the approach with a case study.

Vazquez Sandoval, Itzel, Lenzini, Gabriele.  2018.  Experience Report: How to Extract Security Protocols' Specifications from C Libraries. 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC). 02:719—724.

Often, analysts have to face a challenging situation when formally verifying the implementation of a security protocol: they need to build a model of the protocol from only poorly or not documented code, and with little or no help from the developers to better understand it. Security protocols implementations frequently use services provided by libraries coded in the C programming language; automatic tools for codelevel reverse engineering offer good support to comprehend the behavior of code in object-oriented languages but are ineffective to deal with libraries in C. Here we propose a systematic, yet human-dependent approach, which combines the capabilities of state-of-the-art tools in order to help the analyst to retrieve, step by step, the security protocol specifications from a library in C. Those specifications can then be used to create the formal model needed to carry out the analysis.

2020-04-20
Huang, Zhen, Lie, David, Tan, Gang, Jaeger, Trent.  2019.  Using Safety Properties to Generate Vulnerability Patches. 2019 IEEE Symposium on Security and Privacy (SP). :539–554.
Security vulnerabilities are among the most critical software defects in existence. When identified, programmers aim to produce patches that prevent the vulnerability as quickly as possible, motivating the need for automatic program repair (APR) methods to generate patches automatically. Unfortunately, most current APR methods fall short because they approximate the properties necessary to prevent the vulnerability using examples. Approximations result in patches that either do not fix the vulnerability comprehensively, or may even introduce new bugs. Instead, we propose property-based APR, which uses human-specified, program-independent and vulnerability-specific safety properties to derive source code patches for security vulnerabilities. Unlike properties that are approximated by observing the execution of test cases, such safety properties are precise and complete. The primary challenge lies in mapping such safety properties into source code patches that can be instantiated into an existing program. To address these challenges, we propose Senx, which, given a set of safety properties and a single input that triggers the vulnerability, detects the safety property violated by the vulnerability input and generates a corresponding patch that enforces the safety property and thus, removes the vulnerability. Senx solves several challenges with property-based APR: it identifies the program expressions and variables that must be evaluated to check safety properties and identifies the program scopes where they can be evaluated, it generates new code to selectively compute the values it needs if calling existing program code would cause unwanted side effects, and it uses a novel access range analysis technique to avoid placing patches inside loops where it could incur performance overhead. Our evaluation shows that the patches generated by Senx successfully fix 32 of 42 real-world vulnerabilities from 11 applications including various tools or libraries for manipulating graphics/media files, a programming language interpreter, a relational database engine, a collection of programming tools for creating and managing binary programs, and a collection of basic file, shell, and text manipulation tools.
2020-04-17
Bicakci, Kemal, Ak, Ihsan Kagan, Ozdemir, Betul Askin, Gozutok, Mesut.  2019.  Open-TEE is No Longer Virtual: Towards Software-Only Trusted Execution Environments Using White-Box Cryptography. 2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). :177—183.

Trusted Execution Environments (TEEs) provide hardware support to isolate the execution of sensitive operations on mobile phones for improved security. However, they are not always available to use for application developers. To provide a consistent user experience to those who have and do not have a TEE-enabled device, we could get help from Open-TEE, an open-source GlobalPlatform (GP)-compliant software TEE emulator. However, Open-TEE does not offer any of the security properties hardware TEEs have. In this paper, we propose WhiteBox-TEE which integrates white-box cryptography with Open-TEE to provide better security while still remaining complaint with GP TEE specifications. We discuss the architecture, provisioning mechanism, implementation highlights, security properties and performance issues of WhiteBox-TEE and propose possible revisions to TEE specifications to have better use of white-box cryptography in software-only TEEs.

2020-04-13
Morishita, Shun, Hoizumi, Takuya, Ueno, Wataru, Tanabe, Rui, Gañán, Carlos, van Eeten, Michel J.G., Yoshioka, Katsunari, Matsumoto, Tsutomu.  2019.  Detect Me If You… Oh Wait. An Internet-Wide View of Self-Revealing Honeypots. 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). :134–143.
Open-source honeypots are a vital component in the protection of networks and the observation of trends in the threat landscape. Their open nature also enables adversaries to identify the characteristics of these honeypots in order to detect and avoid them. In this study, we investigate the prevalence of 14 open- source honeypots running more or less default configurations, making them easily detectable by attackers. We deploy 20 simple signatures and test them for false positives against servers for domains in the Alexa top 10,000, official FTP mirrors, mail servers in real operation, and real IoT devices running telnet. We find no matches, suggesting good accuracy. We then measure the Internet-wide prevalence of default open-source honeypots by matching the signatures with Censys scan data and our own scans. We discovered 19,208 honeypots across 637 Autonomous Systems that are trivially easy to identify. Concentrations are found in research networks, but also in enterprise, cloud and hosting networks. While some of these honeypots probably have no operational relevance, e.g., they are student projects, this explanation does not fit the wider population. One cluster of honeypots was confirmed to belong to a well-known security center and was in use for ongoing attack monitoring. Concentrations in an another cluster appear to be the result of government incentives. We contacted 11 honeypot operators and received response from 4 operators, suggesting the problem of lack of network hygiene. Finally, we find that some honeypots are actively abused by attackers for hosting malicious binaries. We notified the owners of the detected honeypots via their network operators and provided recommendations for customization to avoid simple signature-based detection. We also shared our results with the honeypot developers.
2020-04-10
Baral, Gitanjali, Arachchilage, Nalin Asanka Gamagedara.  2019.  Building Confidence not to be Phished Through a Gamified Approach: Conceptualising User's Self-Efficacy in Phishing Threat Avoidance Behaviour. 2019 Cybersecurity and Cyberforensics Conference (CCC). :102—110.

Phishing attacks are prevalent and humans are central to this online identity theft attack, which aims to steal victims' sensitive and personal information such as username, password, and online banking details. There are many antiphishing tools developed to thwart against phishing attacks. Since humans are the weakest link in phishing, it is important to educate them to detect and avoid phishing attacks. One can argue self-efficacy is one of the most important determinants of individual's motivation in phishing threat avoidance behaviour, which has co-relation with knowledge. The proposed research endeavours on the user's self-efficacy in order to enhance the individual's phishing threat avoidance behaviour through their motivation. Using social cognitive theory, we explored that various knowledge attributes such as observational (vicarious) knowledge, heuristic knowledge and structural knowledge contributes immensely towards the individual's self-efficacy to enhance phishing threat prevention behaviour. A theoretical framework is then developed depicting the mechanism that links knowledge attributes, self-efficacy, threat avoidance motivation that leads to users' threat avoidance behaviour. Finally, a gaming prototype is designed incorporating the knowledge elements identified in this research that aimed to enhance individual's self-efficacy in phishing threat avoidance behaviour.