In general, people are poorly protected against cyberthreats, with the main reason being user behaviour. For the study described in this paper, a questionnaire was developed in order to understand how people’s knowledge of and attitude towards both cyberthreats and cyber security controls affect intention to adopt cybersecure behaviour. The study divides attitude into a cognitive and an affective component. Although only the cognitive component of attitude is usually studied, the results from a questionnaire of 300 respondents show that both the affective and cognitive components of attitude have a clearly positive, albeit varying, influence on behavioural intention, with the affective component having an even greater effect on attitude than the cognitive aspect. No correlation was found between knowledge and behavioural intention. The results indicate that attitude is an important factor to include when developing behavioural interventions, but also that different kinds of attitude should be addressed differently in interventions. A R T I C L E I N F O : RECEIVED: 10 MAY 2020 REVISED: 31 JUL 2020 ONLINE: 03 SEP 2020 K E Y W O R D S : information security, cybersecurity awareness, cybersecurity behaviour, cybersecurity questionnaire, cybersecurity knowledge, cybersecurity attitude Creative Commons BY-NC 4.0
一般来说,人们对网络威胁的保护很差,主要原因是用户行为。对于本文中描述的研究,开发了一份问卷,以了解人们对网络威胁和网络安全控制的知识和态度如何影响采用网络安全行为的意愿。该研究将态度分为认知和情感两部分。虽然通常只研究态度的认知成分,但对300名受访者的问卷调查结果表明,态度的情感和认知成分对行为意图都有明显的积极影响,尽管有所不同,其中情感成分对态度的影响甚至比认知方面更大。知识和行为意图之间没有相关性。结果表明,态度是制定行为干预措施时要考虑的一个重要因素,但在干预措施中,不同类型的态度应得到不同的处理。A R T I C C L EI N F O:收稿日期:2020年5月10日修稿日期:2020年7月31日在线日期:2020年9月3日K E E W O R D S:信息安全、网络安全意识、网络安全行为、网络安全问卷、网络安全知识、网络安全态度创作共用BY-NC 4.0
{"title":"The Influence of Knowledge and Attitude on Intention to Adopt Cybersecure Behaviour","authors":"Lisa C. de Kok, D. Oosting, M. Spruit","doi":"10.11610/isij.4618","DOIUrl":"https://doi.org/10.11610/isij.4618","url":null,"abstract":"In general, people are poorly protected against cyberthreats, with the main reason being user behaviour. For the study described in this paper, a questionnaire was developed in order to understand how people’s knowledge of and attitude towards both cyberthreats and cyber security controls affect intention to adopt cybersecure behaviour. The study divides attitude into a cognitive and an affective component. Although only the cognitive component of attitude is usually studied, the results from a questionnaire of 300 respondents show that both the affective and cognitive components of attitude have a clearly positive, albeit varying, influence on behavioural intention, with the affective component having an even greater effect on attitude than the cognitive aspect. No correlation was found between knowledge and behavioural intention. The results indicate that attitude is an important factor to include when developing behavioural interventions, but also that different kinds of attitude should be addressed differently in interventions. A R T I C L E I N F O : RECEIVED: 10 MAY 2020 REVISED: 31 JUL 2020 ONLINE: 03 SEP 2020 K E Y W O R D S : information security, cybersecurity awareness, cybersecurity behaviour, cybersecurity questionnaire, cybersecurity knowledge, cybersecurity attitude Creative Commons BY-NC 4.0","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131868293","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The cyberspace today has become the unavoidable part of today’s society, its virtual dimension. The nations and international community put many efforts to assure certain terms and responsibilities in this virtual dimension of the society. Many national cyber security strategies, including EU and NATO strategies, in a very short time have become high priority activities. The questions about the responsible institutions to address in the strategy, guiding principles to follow, and the way of implementing the strategy, still remains very differently approached within different nations. The goal of this paper is to propose a method that offers a more consistent approach to the development of cyber security strategies. The key research question is whether the proposed approach results in a more consistent national cyber security strategy that covers all the necessary national requirements and expectations, and that is easier to harmonise with different international requirements. In order to verify the proposed method, the paper shows the brief overview of the results achieved in the case of the development process of Croatian National Cyber Security Strategy.
{"title":"A Method for the Development of Cyber Security Strategies","authors":"A. Klaic","doi":"10.11610/ISIJ.3403","DOIUrl":"https://doi.org/10.11610/ISIJ.3403","url":null,"abstract":"The cyberspace today has become the unavoidable part of today’s society, its virtual dimension. The nations and international community put many efforts to assure certain terms and responsibilities in this virtual dimension of the society. Many national cyber security strategies, including EU and NATO strategies, in a very short time have become high priority activities. The questions about the responsible institutions to address in the strategy, guiding principles to follow, and the way of implementing the strategy, still remains very differently approached within different nations. The goal of this paper is to propose a method that offers a more consistent approach to the development of cyber security strategies. The key research question is whether the proposed approach results in a more consistent national cyber security strategy that covers all the necessary national requirements and expectations, and that is easier to harmonise with different international requirements. In order to verify the proposed method, the paper shows the brief overview of the results achieved in the case of the development process of Croatian National Cyber Security Strategy.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128402846","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Abstract : The break-up of the Soviet Union unleashed a flood of nationalism throughout Southeastern Europe (SEE). Freed from the yoke of suppression, the nations of the region sought economic stability and security in a dramatically changing global environment. These nations are anxious to display Western leanings and to ensure national security through multinational regional coalitions. These coalitions, in turn, are being supported by a variety of national, NATO, and U.S. sponsored initiatives with the common goal of regional stability. Within the regions of the Pacific Rim, similar coalitions may emerge with similar goals to which the principles set forth in this paper will equally apply. The common thread through these SEE initiatives is the use of Information Technology (IT) to improve Command, Control, and Communications (C3) in a combined military/peace support domain. This paper proposes an IT-driven Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance (C4ISR) Architectural Framework approach to the integration of combat and peace support forces in regional coalition initiatives. Although the framework is applicable across the total C4ISR domain, only Command, Control, and Communications are relevant to the subject addressed in this paper and will be the term used throughout. Computers are assumed as a logical part of C3. This paper also proposes that this type of architectural approach is applicable to regional coalitions on a global basis.
{"title":"C4ISR Architectural Frameworks in Coalition Environments","authors":"Charles R. Myer","doi":"10.11610/ISIJ.0504","DOIUrl":"https://doi.org/10.11610/ISIJ.0504","url":null,"abstract":"Abstract : The break-up of the Soviet Union unleashed a flood of nationalism throughout Southeastern Europe (SEE). Freed from the yoke of suppression, the nations of the region sought economic stability and security in a dramatically changing global environment. These nations are anxious to display Western leanings and to ensure national security through multinational regional coalitions. These coalitions, in turn, are being supported by a variety of national, NATO, and U.S. sponsored initiatives with the common goal of regional stability. Within the regions of the Pacific Rim, similar coalitions may emerge with similar goals to which the principles set forth in this paper will equally apply. The common thread through these SEE initiatives is the use of Information Technology (IT) to improve Command, Control, and Communications (C3) in a combined military/peace support domain. This paper proposes an IT-driven Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance (C4ISR) Architectural Framework approach to the integration of combat and peace support forces in regional coalition initiatives. Although the framework is applicable across the total C4ISR domain, only Command, Control, and Communications are relevant to the subject addressed in this paper and will be the term used throughout. Computers are assumed as a logical part of C3. This paper also proposes that this type of architectural approach is applicable to regional coalitions on a global basis.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2000-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130623577","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
E. Semerdjiev, L. Mihaylova, T. Semerdjiev, V. Bogdanova
Tracking of manoeuvring targets is a problem of a great practical and theoretical interest. The real-world tracking applications meet a number of difficulties caused by the presence of different kinds of uncertainty due to the unknown or not precisely known system model and random processes’ statistics or because of their abrupt changes. 2-5, 9 These problems are especially complicated in the marine navigation practice, 7, 14, 15, 19 where the commonly used simple models of rectilinear or curvilinear target motions do not match the highly non-linear dynamics of the manoeuvring ship. A solution of these problems is to derive more adequate descriptions of the real ship dynamics and to design adaptive estimation algorithms.
{"title":"Interacting Multiple Model Algorithms for Manoeuvring Ship Tracking Based On New Ship Models","authors":"E. Semerdjiev, L. Mihaylova, T. Semerdjiev, V. Bogdanova","doi":"10.11610/ISIJ.0211","DOIUrl":"https://doi.org/10.11610/ISIJ.0211","url":null,"abstract":"Tracking of manoeuvring targets is a problem of a great practical and theoretical interest. The real-world tracking applications meet a number of difficulties caused by the presence of different kinds of uncertainty due to the unknown or not precisely known system model and random processes’ statistics or because of their abrupt changes. 2-5, 9 These problems are especially complicated in the marine navigation practice, 7, 14, 15, 19 where the commonly used simple models of rectilinear or curvilinear target motions do not match the highly non-linear dynamics of the manoeuvring ship. A solution of these problems is to derive more adequate descriptions of the real ship dynamics and to design adaptive estimation algorithms.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2000-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129175370","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Abstract : Bulgaria's actions and policies on military reform between 1990 and March 1997 left the country's institutions and military largely unprepared for integration with the Alliance. Bulgarian government and military officials have emerged from the state's self-imposed isolation lacking an understanding of how far behind they are, as well as what they need to do, to seek integration. Bulgaria's armed forces are only now starting to reform and downsize. The resultant social and economic pain has yet to be felt, and the state is likely to suffer significant political consequences. Some social and political figures may elect to portray the United States and NATO as the cause of Bulgaria's social, economic, and political pain. Bulgaria's citizens, politicians and military need NATO to better define its standards for interoperability.
{"title":"Bulgaria and NATO: 7 Lost Years","authors":"J. Simon","doi":"10.11610/ISIJ.0119","DOIUrl":"https://doi.org/10.11610/ISIJ.0119","url":null,"abstract":"Abstract : Bulgaria's actions and policies on military reform between 1990 and March 1997 left the country's institutions and military largely unprepared for integration with the Alliance. Bulgarian government and military officials have emerged from the state's self-imposed isolation lacking an understanding of how far behind they are, as well as what they need to do, to seek integration. Bulgaria's armed forces are only now starting to reform and downsize. The resultant social and economic pain has yet to be felt, and the state is likely to suffer significant political consequences. Some social and political figures may elect to portray the United States and NATO as the cause of Bulgaria's social, economic, and political pain. Bulgaria's citizens, politicians and military need NATO to better define its standards for interoperability.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"208 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1998-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132087517","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Content Focus Never forget, the lowest bidder made your weapons Applying simulations to enhance jointness and to promote national and multi-national cooperation and interoperability. The theory is that this will help lead toward developing a Modeling and Simulation (MS and its' relationship with the National Military Command Center (NMCC) initiative. Caution is extended for the user to exercise due diligence and caveat emptor when selecting systems and system integrators.
{"title":"A Small Step toward Interoperability","authors":"R. J. Roland","doi":"10.11610/ISIJ.1210","DOIUrl":"https://doi.org/10.11610/ISIJ.1210","url":null,"abstract":"Content Focus Never forget, the lowest bidder made your weapons Applying simulations to enhance jointness and to promote national and multi-national cooperation and interoperability. The theory is that this will help lead toward developing a Modeling and Simulation (MS and its' relationship with the National Military Command Center (NMCC) initiative. Caution is extended for the user to exercise due diligence and caveat emptor when selecting systems and system integrators.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115163300","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In 2000, Peyravian and Zunic proposed a simple and efficient password authentication scheme based on the collision-resistant hash function. Later, Hwang and Yeh indicated that Peyravian and Zunic's scheme is insecure and proposed an improvement by using the server's public key. Nevertheless, in practice, services that do not use public keys are quite often superior to PKIs. At the same time, Lee, Li and Hwang indicated that Peyravian and Zunic's scheme suffers from off-line password guessing attacks and presented an improved version. However, Lee-Li- Hwang's proposed scheme is still vulnerable to the same attacks and denial-of-ser- vice attacks. Therefore, this article presents a secure and efficient improvement.
{"title":"AN EFFICIENT AND PRACTICAL REMOTE USER AUTHENTICATION SCHEME","authors":"Ya-Fen Chang, Chinchen Chang","doi":"10.11610/ISIJ.1505","DOIUrl":"https://doi.org/10.11610/ISIJ.1505","url":null,"abstract":"In 2000, Peyravian and Zunic proposed a simple and efficient password authentication scheme based on the collision-resistant hash function. Later, Hwang and Yeh indicated that Peyravian and Zunic's scheme is insecure and proposed an improvement by using the server's public key. Nevertheless, in practice, services that do not use public keys are quite often superior to PKIs. At the same time, Lee, Li and Hwang indicated that Peyravian and Zunic's scheme suffers from off-line password guessing attacks and presented an improved version. However, Lee-Li- Hwang's proposed scheme is still vulnerable to the same attacks and denial-of-ser- vice attacks. Therefore, this article presents a secure and efficient improvement.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115611993","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
esigning and building simulation systems is a dynamically developing area, in which, for relatively short time and under definite conditions, good results can be achieved. Our army has gained significant experience in the development and use of various simulation systems. The participation in a great number of seminars, presentations and computer aided exercises gives us the opportunity to analyze the achievements in the area of development and use of simulation systems in the education and training process of the staffs at various levels.
{"title":"The Computer- Aided Exercise – An Alternative of the Conventional Exercises in the Armed Forces","authors":"Nikolay Vraikov, A. Naidenov","doi":"10.11610/ISIJ.0308","DOIUrl":"https://doi.org/10.11610/ISIJ.0308","url":null,"abstract":"esigning and building simulation systems is a dynamically developing area, in which, for relatively short time and under definite conditions, good results can be achieved. Our army has gained significant experience in the development and use of various simulation systems. The participation in a great number of seminars, presentations and computer aided exercises gives us the opportunity to analyze the achievements in the area of development and use of simulation systems in the education and training process of the staffs at various levels.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121806891","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
he 11 September 2001 terrorist attacks in the United States changed fundamentally threat perceptions regarding the use of weapons of mass destruction by terrorists. The ability to use such weapons is all the more credible because sophisticated delivery systems are not required to conduct a terrorist attack. As a consequence, governments have reviewed longstanding plans to respond to terrorist incidents and have sought to identify weaknesses and address these where possible.
{"title":"Chemical and Biological Weapons Terrorism: Forging a Response","authors":"I. Monitor","doi":"10.11610/ISIJ.1012","DOIUrl":"https://doi.org/10.11610/ISIJ.1012","url":null,"abstract":"he 11 September 2001 terrorist attacks in the United States changed fundamentally threat perceptions regarding the use of weapons of mass destruction by terrorists. The ability to use such weapons is all the more credible because sophisticated delivery systems are not required to conduct a terrorist attack. As a consequence, governments have reviewed longstanding plans to respond to terrorist incidents and have sought to identify weaknesses and address these where possible.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"112 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116922370","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This problem stems from two basic facts. The first is connected with the physics of the processes taking place in digital electronic equipment. The second is due to the way of representing, processing, and transferring the information. The presence of current pulses in power buses due to the impulse character of the functioning of the digital integrated circuits, the existence of inductive and capacity parasite connections, which cause the emergence of high frequency current, and the impulse character of the currents in connecting cables and interface chains all cause the emergence of parasite electromagnetic emissions, which are transmitted as electromagnetic waves. At the same time, in the cables of the power supply alternating currents are induced in such a way that the power supply circuitry becomes a source of secondary wide band emission.
{"title":"Electromagnetic Radiation and the Computer Systems Data Security Problem","authors":"A. Nachev","doi":"10.11610/ISIJ.0407","DOIUrl":"https://doi.org/10.11610/ISIJ.0407","url":null,"abstract":"This problem stems from two basic facts. The first is connected with the physics of the processes taking place in digital electronic equipment. The second is due to the way of representing, processing, and transferring the information. The presence of current pulses in power buses due to the impulse character of the functioning of the digital integrated circuits, the existence of inductive and capacity parasite connections, which cause the emergence of high frequency current, and the impulse character of the currents in connecting cables and interface chains all cause the emergence of parasite electromagnetic emissions, which are transmitted as electromagnetic waves. At the same time, in the cables of the power supply alternating currents are induced in such a way that the power supply circuitry becomes a source of secondary wide band emission.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127199742","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: