A close look at a systematic method for analyzing sets of security advice

IF 2.9 Q1 SOCIAL SCIENCES, INTERDISCIPLINARY Journal of Cybersecurity Pub Date : 2023-07-03 DOI:10.1093/cybsec/tyad013
David Barrera, Christopher Bellman, Paul C van Oorschot
{"title":"A close look at a systematic method for analyzing sets of security advice","authors":"David Barrera, Christopher Bellman, Paul C van Oorschot","doi":"10.1093/cybsec/tyad013","DOIUrl":null,"url":null,"abstract":"We carry out a detailed analysis of the security advice coding method (SAcoding) of Barrera et al., which is designed to analyze security advice in the sense of measuring actionability and categorizing advice items as practices, policies, principles, or outcomes. The main part of our analysis explores the extent to which a second coder’s assignment of codes to advice items agrees with that of a first, for a dataset of 1013 security advice items nominally addressing Internet of Things devices. More broadly, we seek a deeper understanding of the soundness and utility of the SAcoding method, and the degree to which it meets the design goal of reducing subjectivity in assigning codes to security advice items. Our analysis results in suggestions for modifications to the coding tree methodology, and some recommendations. We believe the coding tree approach may be of interest for analysis of qualitative data beyond security advice datasets alone.","PeriodicalId":44310,"journal":{"name":"Journal of Cybersecurity","volume":"973 1","pages":""},"PeriodicalIF":2.9000,"publicationDate":"2023-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cybersecurity","FirstCategoryId":"1093","ListUrlMain":"https://doi.org/10.1093/cybsec/tyad013","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"SOCIAL SCIENCES, INTERDISCIPLINARY","Score":null,"Total":0}
引用次数: 0

Abstract

We carry out a detailed analysis of the security advice coding method (SAcoding) of Barrera et al., which is designed to analyze security advice in the sense of measuring actionability and categorizing advice items as practices, policies, principles, or outcomes. The main part of our analysis explores the extent to which a second coder’s assignment of codes to advice items agrees with that of a first, for a dataset of 1013 security advice items nominally addressing Internet of Things devices. More broadly, we seek a deeper understanding of the soundness and utility of the SAcoding method, and the degree to which it meets the design goal of reducing subjectivity in assigning codes to security advice items. Our analysis results in suggestions for modifications to the coding tree methodology, and some recommendations. We believe the coding tree approach may be of interest for analysis of qualitative data beyond security advice datasets alone.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
仔细研究用于分析安全建议集的系统方法
我们对Barrera等人的安全建议编码方法(SAcoding)进行了详细的分析,该方法旨在从度量可操作性和将建议项目分类为实践、策略、原则或结果的意义上分析安全建议。我们分析的主要部分探讨了第二个编码员对建议项目的代码分配与第一个编码员的代码分配在多大程度上是一致的,对于1013个名义上处理物联网设备的安全建议项目的数据集。更广泛地说,我们寻求对编码方法的可靠性和实用性的更深入的理解,以及它在多大程度上满足了将代码分配给安全通知项时减少主观性的设计目标。我们的分析结果提出了修改编码树方法的建议,以及一些建议。我们相信编码树方法可能会对定性数据的分析产生兴趣,而不仅仅是安全建议数据集。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Journal of Cybersecurity
Journal of Cybersecurity SOCIAL SCIENCES, INTERDISCIPLINARY-
CiteScore
6.20
自引率
2.60%
发文量
0
审稿时长
18 weeks
期刊介绍: Journal of Cybersecurity provides a hub around which the interdisciplinary cybersecurity community can form. The journal is committed to providing quality empirical research, as well as scholarship, that is grounded in real-world implications and solutions. Journal of Cybersecurity solicits articles adhering to the following, broadly constructed and interpreted, aspects of cybersecurity: anthropological and cultural studies; computer science and security; security and crime science; cryptography and associated topics; security economics; human factors and psychology; legal aspects of information security; political and policy perspectives; strategy and international relations; and privacy.
期刊最新文献
Narrow windows of opportunity: the limited utility of cyber operations in war ‘There was a bit of PTSD every time I walked through the office door’: Ransomware harms and the factors that influence the victim organization’s experience It is not only about having good attitudes: factor exploration of the attitudes toward security recommendations Interdependent security games in the Stackelberg style: how first-mover advantage impacts free riding and security (under-)investment ‘The trivial tickets build the trust’: a co-design approach to understanding security support interactions in a large university
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1