Pub Date : 2017-04-03DOI: 10.1080/15536548.2017.1322437
Chuleeporn Changchit
{"title":"Interview With Lionel Cassin","authors":"Chuleeporn Changchit","doi":"10.1080/15536548.2017.1322437","DOIUrl":"https://doi.org/10.1080/15536548.2017.1322437","url":null,"abstract":"","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"72 1","pages":"97 - 98"},"PeriodicalIF":0.8,"publicationDate":"2017-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90896504","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-04-03DOI: 10.1080/15536548.2017.1322439
Faruk Arslan
Security and Privacy in Social Networks is an edited collection of an introduction and 10 scholarly articles, which are partially based on the research work presented at the Workshop on Security and Privacy in Social Networks, in connection with the 2012 IEEE Social Computing Conference. Given the growing prominence of online social networks (OSN) and their corresponding security and privacy problems, this book aims to propose solutions as well as develop a common language for use between researchers and practitioners. The authors organized the book into 11 chapters, dedicating the first chapter to introduction and the remaining 10 to research articles. In the upcoming paragraphs, I will provide a review of the key ideas discussed in each chapter and then conclude my review.
{"title":"Security and Privacy in Social Networks, by Yaniv Altshuler, Yuval Elovici, Armin B. Cremers, Nadav Aharony, Alex Pentland","authors":"Faruk Arslan","doi":"10.1080/15536548.2017.1322439","DOIUrl":"https://doi.org/10.1080/15536548.2017.1322439","url":null,"abstract":"Security and Privacy in Social Networks is an edited collection of an introduction and 10 scholarly articles, which are partially based on the research work presented at the Workshop on Security and Privacy in Social Networks, in connection with the 2012 IEEE Social Computing Conference. Given the growing prominence of online social networks (OSN) and their corresponding security and privacy problems, this book aims to propose solutions as well as develop a common language for use between researchers and practitioners. The authors organized the book into 11 chapters, dedicating the first chapter to introduction and the remaining 10 to research articles. In the upcoming paragraphs, I will provide a review of the key ideas discussed in each chapter and then conclude my review.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"23 1","pages":"102 - 99"},"PeriodicalIF":0.8,"publicationDate":"2017-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76347677","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-04-03DOI: 10.1080/15536548.2017.1322434
E. Mao, Jing Zhang
ABSTRACT This project represents one of the few efforts in studying the effectiveness of social media advertising (ads). Specifically, the effects of three major communication components—message, channel/media, and receiver/audience—on ad clicks are examined. The message component includes perceived informativeness, entertainment, and intrusiveness of the ad; the media component focuses on social media security and the audience component focuses on their involvement. The effects of ad clicks on product evaluations and then on intentions to spread positive word-of-mouth are also investigated. A research model is developed and tested with online-survey data from 572 social media users. The contributions, practical implications, and future research directions are discussed in the context of social media.
{"title":"What Affects Users to Click on Display Ads on Social Media? The Roles of Message Values, Involvement, and Security","authors":"E. Mao, Jing Zhang","doi":"10.1080/15536548.2017.1322434","DOIUrl":"https://doi.org/10.1080/15536548.2017.1322434","url":null,"abstract":"ABSTRACT This project represents one of the few efforts in studying the effectiveness of social media advertising (ads). Specifically, the effects of three major communication components—message, channel/media, and receiver/audience—on ad clicks are examined. The message component includes perceived informativeness, entertainment, and intrusiveness of the ad; the media component focuses on social media security and the audience component focuses on their involvement. The effects of ad clicks on product evaluations and then on intentions to spread positive word-of-mouth are also investigated. A research model is developed and tested with online-survey data from 572 social media users. The contributions, practical implications, and future research directions are discussed in the context of social media.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"30 1","pages":"84 - 96"},"PeriodicalIF":0.8,"publicationDate":"2017-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85172767","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-04-03DOI: 10.1080/15536548.2017.1322421
W. Arunothong, D. Nazareth
ABSTRACT As healthcare providers seek to comply with HIPAA and endeavor to secure their data from external breaches, they also need to realize that another threat to misuse of this data is inappropriate internal use by employees. Not all instances of misuse constitute a HIPAA violation, but they have the potential to become one. Medical data misuse by employees can be alleviated and curbed through the appropriate use of procedural and technological countermeasures. This paper seeks to determine whether electronic health records (EHR) policy and auditing procedures play a role in the propensity of providers to misuse medical data. Through an on-line survey of US physicians, nurses, medical students, and nursing students, using four case vignettes representing various forms of misuse, this research found that providers who were more aware of institutional security policy were more likely to adhere to policies than their counterparts who were not similarly informed. Likewise, providers who believed that their organizations monitored their EHR usage were less likely to engage in misuse than their counterparts who believed they were not monitored. The findings underscore the need for healthcare organizations to emphasize the importance of HIPAA compliance, and inform employees about the steps that the institution takes to maintain compliance, both from a procedural as well as technological standpoint. This study suggests that increasing the awareness of security and policy measures among employees is a vital part of preventing misuse.
{"title":"The Effect of Procedural and Technological Security Countermeasures on the Propensity to Misuse Medical Data","authors":"W. Arunothong, D. Nazareth","doi":"10.1080/15536548.2017.1322421","DOIUrl":"https://doi.org/10.1080/15536548.2017.1322421","url":null,"abstract":"ABSTRACT As healthcare providers seek to comply with HIPAA and endeavor to secure their data from external breaches, they also need to realize that another threat to misuse of this data is inappropriate internal use by employees. Not all instances of misuse constitute a HIPAA violation, but they have the potential to become one. Medical data misuse by employees can be alleviated and curbed through the appropriate use of procedural and technological countermeasures. This paper seeks to determine whether electronic health records (EHR) policy and auditing procedures play a role in the propensity of providers to misuse medical data. Through an on-line survey of US physicians, nurses, medical students, and nursing students, using four case vignettes representing various forms of misuse, this research found that providers who were more aware of institutional security policy were more likely to adhere to policies than their counterparts who were not similarly informed. Likewise, providers who believed that their organizations monitored their EHR usage were less likely to engage in misuse than their counterparts who believed they were not monitored. The findings underscore the need for healthcare organizations to emphasize the importance of HIPAA compliance, and inform employees about the steps that the institution takes to maintain compliance, both from a procedural as well as technological standpoint. This study suggests that increasing the awareness of security and policy measures among employees is a vital part of preventing misuse.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"48 1","pages":"69 - 83"},"PeriodicalIF":0.8,"publicationDate":"2017-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76303175","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-04-03DOI: 10.1080/15536548.2017.1322413
Chuleeporn Changchit, K. Bagchi
First of all, I’m glad to be back on board and allow Dr. Bagchi to take a good break for a while. It is nice to be in touch with everyone again. The second issue of the Journal of Information Privacy & Security (JIPS) for 2017 contains three articles, one expert opinion, and one book review. The first two articles focus on the importance of protecting personal information and securing data in the healthcare industries. The third article discusses the influence of consumers’ security perception on their social advertising usage. In the Expert Opinion section, Mr. Lionel Cassin, an information security officer at Texas A&M University–Corpus Christi, discusses the major issues of security and privacy that the university is facing, and points out that it is crucial to improve awareness of information security and privacy on campus. In the Book Review section, Dr. Arslan reviews the book titled Security and Privacy in Social Networks by Yaniv Altshuler, Yuval Elovici, Armin B. Cremers, Nadav Aharony, and Alex Pentland. More details are as follows: The first article is titled “Handling Confidentiality and Privacy on Cloud-based Health Information Systems.” The authors Carlos Serrao and Elsa Cardoso propose an approach to minimize the security risks in health-related data based on rights management technologies. Based on a trend that the health-related data may be migrated into the cloud, opportunities are increasing for cybercriminals to commit fraud or other similar criminal schemes after directing their attacks towards health and medical data of patients. To prevent organizations from financial and reputational losses, several initiatives have been created to improve the confidentiality and privacy requirements of the health and medical information. In this article, the authors propose the usage of the rights management systems as this approach can offer a governed environment and enables critical privacy and security mechanism. Although the system will not solve all the problems, it can help reducing the impact of large data breaches, making it more difficult for potential attacker to access unprotected information. The second article, “The Effect of Procedural and Technological Security Countermeasures on the Propensity to Misuse Medical Data,” authored by Wachiraporn Arunothong and Derek L. Nazareth, discusses the healthcare providers’ concern about the threat to misuse of medical data by internal users such as their employees. Even though the use of electronic medical records (EMRs) and electronic health records (EHRs) can help increase the efficiency and effectiveness of healthcare services, it is crucial to cultivate the awareness of security and to ensure that the employees follow the policy measures to avoid misuse. The results from conducting an online survey with physicians, nurses, medical students, and nursing students revealed that the healthcare providers who have more conscious of institutional security policy were less likely to engag
首先,我很高兴能回到船上让巴奇博士好好休息一会儿。能和大家再次联系真是太好了。《信息隐私与安全杂志》2017年第二期包含三篇文章、一篇专家意见和一篇书评。前两篇文章重点介绍了在医疗保健行业中保护个人信息和保护数据的重要性。第三篇文章探讨了消费者安全感知对其社交广告使用的影响。在专家意见部分,德克萨斯A&M大学科珀斯克里斯蒂分校的信息安全官员Lionel Cassin先生讨论了该大学面临的主要安全和隐私问题,并指出提高校园信息安全和隐私意识至关重要。在书评部分,Arslan博士评论了Yaniv Altshuler、Yuval Elovici、Armin B. Cremers、Nadav Aharony和Alex Pentland合著的《社交网络中的安全和隐私》一书。更多细节如下:第一篇文章的标题是“处理基于云的医疗信息系统的机密性和隐私”。作者Carlos Serrao和Elsa Cardoso提出了一种基于权限管理技术的最小化健康相关数据安全风险的方法。基于与健康相关的数据可能迁移到云的趋势,网络犯罪分子在将攻击指向患者的健康和医疗数据后实施欺诈或其他类似犯罪计划的机会正在增加。为防止各组织遭受财务和声誉损失,已制定了若干举措,以改进对健康和医疗信息的保密和隐私要求。在本文中,作者建议使用权限管理系统,因为这种方法可以提供受治理的环境,并启用关键的隐私和安全机制。虽然该系统不会解决所有问题,但它可以帮助减少大型数据泄露的影响,使潜在的攻击者更难以访问未受保护的信息。第二篇文章,“程序和技术安全对策对滥用医疗数据倾向的影响”,由Wachiraporn Arunothong和Derek L. Nazareth撰写,讨论了医疗服务提供者对内部用户(如员工)滥用医疗数据威胁的担忧。尽管电子医疗记录(emr)和电子健康记录(EHRs)的使用有助于提高医疗保健服务的效率和有效性,但培养安全意识并确保员工遵守政策措施以避免滥用至关重要。对医生、护士、医学生和护理专业学生进行的在线调查结果显示,更了解机构安全政策的医疗保健提供者不太可能滥用。因此,医疗保健组织有必要提供一些培训,例如强大的培训,并定期进行进修培训,以教育员工了解HIPAA合规性的重要性,并从程序和技术的角度告知他们机构为保持合规性所采取的步骤。该研究的结论是,提高员工对安全和政策措施的认识是防止滥用的重要组成部分。本期最后一篇文章题为“是什么影响用户点击社交媒体上的展示广告?”《信息价值、参与和安全的角色》由毛恩和张静合著。这些作者研究了影响社交媒体广告效果的广告点击的三个主要传播成分——信息、渠道/媒体和接收者/受众。然后,他们提出了一个研究模型,并使用来自572社会杂志的在线调查数据进行了测试。2,49 - 50 https://doi.org/10.1080/15536548.2017.1322413
{"title":"Privacy and Security Concerns with Healthcare Data and Social Media Usage","authors":"Chuleeporn Changchit, K. Bagchi","doi":"10.1080/15536548.2017.1322413","DOIUrl":"https://doi.org/10.1080/15536548.2017.1322413","url":null,"abstract":"First of all, I’m glad to be back on board and allow Dr. Bagchi to take a good break for a while. It is nice to be in touch with everyone again. The second issue of the Journal of Information Privacy & Security (JIPS) for 2017 contains three articles, one expert opinion, and one book review. The first two articles focus on the importance of protecting personal information and securing data in the healthcare industries. The third article discusses the influence of consumers’ security perception on their social advertising usage. In the Expert Opinion section, Mr. Lionel Cassin, an information security officer at Texas A&M University–Corpus Christi, discusses the major issues of security and privacy that the university is facing, and points out that it is crucial to improve awareness of information security and privacy on campus. In the Book Review section, Dr. Arslan reviews the book titled Security and Privacy in Social Networks by Yaniv Altshuler, Yuval Elovici, Armin B. Cremers, Nadav Aharony, and Alex Pentland. More details are as follows: The first article is titled “Handling Confidentiality and Privacy on Cloud-based Health Information Systems.” The authors Carlos Serrao and Elsa Cardoso propose an approach to minimize the security risks in health-related data based on rights management technologies. Based on a trend that the health-related data may be migrated into the cloud, opportunities are increasing for cybercriminals to commit fraud or other similar criminal schemes after directing their attacks towards health and medical data of patients. To prevent organizations from financial and reputational losses, several initiatives have been created to improve the confidentiality and privacy requirements of the health and medical information. In this article, the authors propose the usage of the rights management systems as this approach can offer a governed environment and enables critical privacy and security mechanism. Although the system will not solve all the problems, it can help reducing the impact of large data breaches, making it more difficult for potential attacker to access unprotected information. The second article, “The Effect of Procedural and Technological Security Countermeasures on the Propensity to Misuse Medical Data,” authored by Wachiraporn Arunothong and Derek L. Nazareth, discusses the healthcare providers’ concern about the threat to misuse of medical data by internal users such as their employees. Even though the use of electronic medical records (EMRs) and electronic health records (EHRs) can help increase the efficiency and effectiveness of healthcare services, it is crucial to cultivate the awareness of security and to ensure that the employees follow the policy measures to avoid misuse. The results from conducting an online survey with physicians, nurses, medical students, and nursing students revealed that the healthcare providers who have more conscious of institutional security policy were less likely to engag","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"23 1","pages":"49 - 50"},"PeriodicalIF":0.8,"publicationDate":"2017-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88522801","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-01-02DOI: 10.1080/15536548.2016.1243854
Murad A. Moqbel, Valerie L. Bartelt, M. Al-Suqri, A. Al-Maskari
ABSTRACT To date, there is little research on the extent to which privacy, security, and trust influence consumer technology-use decisions based on generation. We, therefore, examine, through the lens of the expectancy-valence theory, the extent to which privacy, security, and trust influence the decision to use personal cloud computing among millennials. We also examine the moderating effect of innovativeness on these relationships. Our structural equation modeling (SEM) analysis of 371 millennials shows that privacy is irrelevant for millennials when making decisions to use personal cloud and that individuals with high innovativeness tend to disregard security when making an adoption decision.
{"title":"Does privacy matter to millennials? The case for personal cloud","authors":"Murad A. Moqbel, Valerie L. Bartelt, M. Al-Suqri, A. Al-Maskari","doi":"10.1080/15536548.2016.1243854","DOIUrl":"https://doi.org/10.1080/15536548.2016.1243854","url":null,"abstract":"ABSTRACT To date, there is little research on the extent to which privacy, security, and trust influence consumer technology-use decisions based on generation. We, therefore, examine, through the lens of the expectancy-valence theory, the extent to which privacy, security, and trust influence the decision to use personal cloud computing among millennials. We also examine the moderating effect of innovativeness on these relationships. Our structural equation modeling (SEM) analysis of 371 millennials shows that privacy is irrelevant for millennials when making decisions to use personal cloud and that individuals with high innovativeness tend to disregard security when making an adoption decision.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"32 1","pages":"17 - 33"},"PeriodicalIF":0.8,"publicationDate":"2017-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75874888","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-01-02DOI: 10.1080/15536548.2017.1281602
K. Muralidhar
ABSTRACT Government agencies, researchers, healthcare providers, and other organizations release data for public use. To protect the privacy of the data subjects, these organizations mask the data prior to release. One popular masking procedure is data swapping, by which values of records are exchanged before being released. Data swapping is one of the preferred techniques since it is simple, easy to implement, and---based on prior studies---provides a reasonable balance between disclosure risk and data utility. In this study, we investigate the ability of an adversary with limited knowledge (of just a single record) to re-identify a record in the swapped data by using a procedure that reverse engineers the data-swapping process. The study also provides the adversary with the ability to evaluate the effectiveness of the re-identification. We empirically evaluate the effectiveness of data swapping using a dataset that has been used previously to evaluate the effectiveness of masking techniques. Our results demonstrate that data swapping can be vulnerable to disclosure even against this limited knowledge adversary.
{"title":"Record Re-Identification of Swapped Numerical Microdata","authors":"K. Muralidhar","doi":"10.1080/15536548.2017.1281602","DOIUrl":"https://doi.org/10.1080/15536548.2017.1281602","url":null,"abstract":"ABSTRACT Government agencies, researchers, healthcare providers, and other organizations release data for public use. To protect the privacy of the data subjects, these organizations mask the data prior to release. One popular masking procedure is data swapping, by which values of records are exchanged before being released. Data swapping is one of the preferred techniques since it is simple, easy to implement, and---based on prior studies---provides a reasonable balance between disclosure risk and data utility. In this study, we investigate the ability of an adversary with limited knowledge (of just a single record) to re-identify a record in the swapped data by using a procedure that reverse engineers the data-swapping process. The study also provides the adversary with the ability to evaluate the effectiveness of the re-identification. We empirically evaluate the effectiveness of data swapping using a dataset that has been used previously to evaluate the effectiveness of masking techniques. Our results demonstrate that data swapping can be vulnerable to disclosure even against this limited knowledge adversary.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"58 1","pages":"34 - 45"},"PeriodicalIF":0.8,"publicationDate":"2017-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90984068","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-01-02DOI: 10.1080/15536548.2016.1257681
Rui Chen, Jingguo Wang, Tejaswini C. Herath, H. Rao
ABSTRACT In this article, we develop a three-stage study to examine the role of an e-mail authentication and identification service (eATS) intervention in affecting end-user e-mail risk perceptions. We deploy the eATS and find that it reduces users’ risk perception. Pre-intervention risk perception is found to be positively associated with user perception of the e-authentication service’s usefulness. Moreover, perceived usefulness of the service negatively relates to e-mail risk perception in the post-use stage. Finally, privacy concerns related to the e-authentication service dilute this relationship between usefulness of service and e-mail risk perception reduction.
{"title":"An examination of an e-authentication service as an intervention in e-mail risk perception","authors":"Rui Chen, Jingguo Wang, Tejaswini C. Herath, H. Rao","doi":"10.1080/15536548.2016.1257681","DOIUrl":"https://doi.org/10.1080/15536548.2016.1257681","url":null,"abstract":"ABSTRACT In this article, we develop a three-stage study to examine the role of an e-mail authentication and identification service (eATS) intervention in affecting end-user e-mail risk perceptions. We deploy the eATS and find that it reduces users’ risk perception. Pre-intervention risk perception is found to be positively associated with user perception of the e-authentication service’s usefulness. Moreover, perceived usefulness of the service negatively relates to e-mail risk perception in the post-use stage. Finally, privacy concerns related to the e-authentication service dilute this relationship between usefulness of service and e-mail risk perception reduction.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"1 1","pages":"16 - 2"},"PeriodicalIF":0.8,"publicationDate":"2017-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90050687","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-01-02DOI: 10.1080/15536548.2017.1279876
Faruk Arslan
As the emerging field of data science permeates many domains inclusive of information security and privacy, understanding the process of turning information into insights continues to be a major endeavor. In this book, Max Shron provides a practice-oriented set of guidelines, which is geared towards expanding the soft skills required for making the most out of the data. As a data strategy consultant, Mr. Shron acknowledges the importance of hard skills such as data cleaning, mathematical modeling, and data visualization; however, he notes that the soft skills have been ignored within the data science field. He emphasizes that these soft skills, which include “translating vague problems into precisely answerable ones, and combining multiple lines or arguments into one useful result,” can be adapted from other disciplines. The author organizes the book into six chapters. Chapter 1 deals with problem scoping and introduces the readers to a practical framework called CoNVO, which stands for context, need, vision, and outcome. Chapter 2 focuses on techniques to refine the original vision and elaborates on the scaffolding strategy, which is geared toward the initial exploration of data to ensure proper understanding of the problem on hand. Chapter 3 deals with building and presenting arguments, while Chapter 4 discusses three groups of reasoning patterns, which facilitate the structuring of useful arguments. Chapter 5 is dedicated to causal reasoning, whereas the final chapter synthesizes the materials covered from Chapter 1 to 5. The author concludes the book with an appendix dedicated to reading materials, which can be used to further investigate the concepts discussed within the book. In the upcoming paragraphs, I will provide a review of the key ideas discussed in each chapter and conclude my review.
{"title":"Thinking with Data: How to Turn Information into Insights, by Max Shron","authors":"Faruk Arslan","doi":"10.1080/15536548.2017.1279876","DOIUrl":"https://doi.org/10.1080/15536548.2017.1279876","url":null,"abstract":"As the emerging field of data science permeates many domains inclusive of information security and privacy, understanding the process of turning information into insights continues to be a major endeavor. In this book, Max Shron provides a practice-oriented set of guidelines, which is geared towards expanding the soft skills required for making the most out of the data. As a data strategy consultant, Mr. Shron acknowledges the importance of hard skills such as data cleaning, mathematical modeling, and data visualization; however, he notes that the soft skills have been ignored within the data science field. He emphasizes that these soft skills, which include “translating vague problems into precisely answerable ones, and combining multiple lines or arguments into one useful result,” can be adapted from other disciplines. The author organizes the book into six chapters. Chapter 1 deals with problem scoping and introduces the readers to a practical framework called CoNVO, which stands for context, need, vision, and outcome. Chapter 2 focuses on techniques to refine the original vision and elaborates on the scaffolding strategy, which is geared toward the initial exploration of data to ensure proper understanding of the problem on hand. Chapter 3 deals with building and presenting arguments, while Chapter 4 discusses three groups of reasoning patterns, which facilitate the structuring of useful arguments. Chapter 5 is dedicated to causal reasoning, whereas the final chapter synthesizes the materials covered from Chapter 1 to 5. The author concludes the book with an appendix dedicated to reading materials, which can be used to further investigate the concepts discussed within the book. In the upcoming paragraphs, I will provide a review of the key ideas discussed in each chapter and conclude my review.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"113 1","pages":"46 - 47"},"PeriodicalIF":0.8,"publicationDate":"2017-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88811660","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-10-01DOI: 10.1080/15536548.2016.1257680
O. Folorunso, F. E. Ayo, Y. Babalola
ABSTRACT A signature-based system (SBS) is a common approach for intrusion detection and the most preferable by researchers. In spite of the popularity of SBS, it cannot detect new attacks on the network compared to anomaly-based systems (ABS). The most challenging problem of SBS is keeping an up-to-date database of known attack signatures and the setting of a suitable threshold level for intrusion detection. In this article, a network intrusion detection system based on combinatorial algorithm (CA-NIDS) is proposed. The CA-NIDS uses additional databases to enable the SBS to act as an ABS for the purpose of detecting new attacks and to speed up network traffic during traffic analysis by the combinatorial algorithm. A suitable threshold of 12 was also set based on the study of past works to lower the false positive rate. The CA-NIDS was evaluated with similar online schemes and result shows a small false-positive rate of 3% and a better accuracy of 96.5% compared with related online algorithms.
{"title":"Ca-NIDS: A network intrusion detection system using combinatorial algorithm approach","authors":"O. Folorunso, F. E. Ayo, Y. Babalola","doi":"10.1080/15536548.2016.1257680","DOIUrl":"https://doi.org/10.1080/15536548.2016.1257680","url":null,"abstract":"ABSTRACT A signature-based system (SBS) is a common approach for intrusion detection and the most preferable by researchers. In spite of the popularity of SBS, it cannot detect new attacks on the network compared to anomaly-based systems (ABS). The most challenging problem of SBS is keeping an up-to-date database of known attack signatures and the setting of a suitable threshold level for intrusion detection. In this article, a network intrusion detection system based on combinatorial algorithm (CA-NIDS) is proposed. The CA-NIDS uses additional databases to enable the SBS to act as an ABS for the purpose of detecting new attacks and to speed up network traffic during traffic analysis by the combinatorial algorithm. A suitable threshold of 12 was also set based on the study of past works to lower the false positive rate. The CA-NIDS was evaluated with similar online schemes and result shows a small false-positive rate of 3% and a better accuracy of 96.5% compared with related online algorithms.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"6 1","pages":"181 - 196"},"PeriodicalIF":0.8,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87582066","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: