首页 > 最新文献

International Journal of Information Security and Privacy最新文献

英文 中文
Geospatial Intelligence, Technological Development, and Human Interaction 地理空间情报、技术发展与人类互动
IF 0.8 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2015-10-02 DOI: 10.1080/15536548.2015.1105652
R. Mugavero, Federico Benolli, V. Sabato
In today’s steadily mutable era, threats and hazards are increasingly expanding. In addition to terrorism, asymmetric conflicts and social unrest are endangering international security while technological knowledge and defensive tools symmetrically respond. With this interpretation, it appears clear that the investigative methods require thorough scientific support if they are to be a tool for investigation as well as for decision-making. In contrast, recent worldwide accidents such as the 2001 Twin Towers attack on September 11 in New York City have revealed a lack of intelligence, which cannot be fixed without acknowledging the fundamental value of the human intelligence (HUMINT) contribution. In order to face these issues, it is relevant to characterize the key aspects that allow a suitable interaction among the highly technological geospatial intelligence (GEOINT) and the traditional HUMINT activities, with the goal to design the main procedures for a crucial collaboration.
在当今瞬息万变的时代,威胁和危害日益扩大。除了恐怖主义,不对称的冲突和社会动荡正在危及国际安全,而技术知识和防御工具则是对称的。根据这种解释,调查方法如果要成为调查和决策的工具,显然需要充分的科学支持。与此相反,2001年9月11日纽约双子塔恐怖袭击等最近发生的世界范围内的事故暴露了情报的缺乏,如果不承认人类情报(HUMINT)贡献的根本价值,就无法解决这一问题。为了面对这些问题,有必要描述允许高科技地理空间情报(GEOINT)和传统人类情报活动之间适当相互作用的关键方面,目的是为关键合作设计主要程序。
{"title":"Geospatial Intelligence, Technological Development, and Human Interaction","authors":"R. Mugavero, Federico Benolli, V. Sabato","doi":"10.1080/15536548.2015.1105652","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105652","url":null,"abstract":"In today’s steadily mutable era, threats and hazards are increasingly expanding. In addition to terrorism, asymmetric conflicts and social unrest are endangering international security while technological knowledge and defensive tools symmetrically respond. With this interpretation, it appears clear that the investigative methods require thorough scientific support if they are to be a tool for investigation as well as for decision-making. In contrast, recent worldwide accidents such as the 2001 Twin Towers attack on September 11 in New York City have revealed a lack of intelligence, which cannot be fixed without acknowledging the fundamental value of the human intelligence (HUMINT) contribution. In order to face these issues, it is relevant to characterize the key aspects that allow a suitable interaction among the highly technological geospatial intelligence (GEOINT) and the traditional HUMINT activities, with the goal to design the main procedures for a crucial collaboration.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"2 1","pages":"243 - 261"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82259071","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Challenges of Multi-Source Data and Information New Era 新时代多源数据信息的挑战
IF 0.8 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2015-10-02 DOI: 10.1080/15536548.2015.1105617
R. Mugavero, Federico Benolli, V. Sabato
As a consequence of the advancement of modern global dynamics, the international debate concerning intelligence strategies is pointing to an investigative tools revolution. To keep up with the pace of advancement, these tools have to be able to collect and convert data taking advantage of the entire spectrum of technological expertise and methodological progress. In this view, a multi-source intelligence technique appears the leading approach to effectively respond to the needs of the community. Actually, a steady interaction among information acquired from the principal disciplines of IMINT, MASINT, SIGINT, GEOINT, HUMINT and OSINT should supply an undeniable value added in order to offer effective products, which are intuitive, clear, and timely. The principal purpose is to analyze and display how the intelligence community’s interactive network operates according to both standard and intelligence, security and defense requests.
作为现代全球动态发展的结果,关于情报战略的国际辩论正指向一场调查工具革命。为了跟上发展的步伐,这些工具必须能够利用整个技术专长和方法进步来收集和转换数据。从这个角度来看,多源情报技术似乎是有效响应社会需求的主要途径。实际上,IMINT、MASINT、SIGINT、GEOINT、HUMINT、OSINT等主要学科获取的信息之间的稳定互动,应该提供不可否认的附加价值,从而提供直观、清晰、及时的有效产品。主要目的是分析和展示情报界的交互网络如何根据标准和情报、安全和防御要求进行操作。
{"title":"Challenges of Multi-Source Data and Information New Era","authors":"R. Mugavero, Federico Benolli, V. Sabato","doi":"10.1080/15536548.2015.1105617","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105617","url":null,"abstract":"As a consequence of the advancement of modern global dynamics, the international debate concerning intelligence strategies is pointing to an investigative tools revolution. To keep up with the pace of advancement, these tools have to be able to collect and convert data taking advantage of the entire spectrum of technological expertise and methodological progress. In this view, a multi-source intelligence technique appears the leading approach to effectively respond to the needs of the community. Actually, a steady interaction among information acquired from the principal disciplines of IMINT, MASINT, SIGINT, GEOINT, HUMINT and OSINT should supply an undeniable value added in order to offer effective products, which are intuitive, clear, and timely. The principal purpose is to analyze and display how the intelligence community’s interactive network operates according to both standard and intelligence, security and defense requests.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"32 1","pages":"230 - 242"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81254018","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Job Quitters, Information Security Awareness, and Knowledge Management Strategies 离职者、信息安全意识和知识管理策略
IF 0.8 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2015-10-02 DOI: 10.1080/15536548.2015.1105594
Hongbo Lyu, Z. Zhang
Information security culture plays a crucial role in improving employees’ security awareness within a firm. Knowledge management initiatives can help transform culturally unfit workers into those who will possess the necessary level of security awareness and are aligned with a firm’s information security culture. This research analytically models and studies the best knowledge management performance quotient (KMPQ) in a firm to convert workers who are unfit into those who fit with its security culture in order to improve the firm’s organizational level of security awareness (OLSA) and maximize its total payoff. When the potential security threat comes from all the workers who depart the firm, either voluntarily or involuntarily, findings in this study suggest that the firm should implement full knowledge management initiatives to achieve a KMPQ as high as possible if the loss from the security threat is less than a specific threshold level. This study further differentiates three sources of a security threat (voluntary unfit quitters, voluntary fit quitters, and involuntary quitters), and assesses the firm’s best KMPQ accordingly. In addition, this article illustrates the implementation process of the firm’s knowledge management strategies based on the study’s decision framework. This research provides valuable guidance for practitioners to effectively implement knowledge management strategies to build a successful information security culture within organizations.
信息安全文化在提高公司员工的安全意识方面起着至关重要的作用。知识管理计划可以帮助将文化上不适应的员工转变为拥有必要的安全意识水平并与公司的信息安全文化保持一致的员工。本文通过对企业最佳知识管理绩效商数(KMPQ)的分析建模和研究,将不适合企业安全文化的员工转化为适合企业安全文化的员工,从而提高企业的组织安全意识水平(OLSA),使企业的总收益最大化。当潜在的安全威胁来自所有离开公司的员工,无论是自愿的还是非自愿的,本研究的结果表明,如果安全威胁的损失小于特定的阈值水平,公司应该实施全面的知识管理举措,以实现尽可能高的KMPQ。本研究进一步区分了安全威胁的三种来源(自愿不适合辞职、自愿适合辞职和非自愿辞职),并据此评估了公司的最佳KMPQ。此外,本文还在研究的决策框架基础上阐述了企业知识管理战略的实施过程。本研究为从业者有效地实施知识管理策略以在组织内建立成功的信息安全文化提供了有价值的指导。
{"title":"Job Quitters, Information Security Awareness, and Knowledge Management Strategies","authors":"Hongbo Lyu, Z. Zhang","doi":"10.1080/15536548.2015.1105594","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105594","url":null,"abstract":"Information security culture plays a crucial role in improving employees’ security awareness within a firm. Knowledge management initiatives can help transform culturally unfit workers into those who will possess the necessary level of security awareness and are aligned with a firm’s information security culture. This research analytically models and studies the best knowledge management performance quotient (KMPQ) in a firm to convert workers who are unfit into those who fit with its security culture in order to improve the firm’s organizational level of security awareness (OLSA) and maximize its total payoff. When the potential security threat comes from all the workers who depart the firm, either voluntarily or involuntarily, findings in this study suggest that the firm should implement full knowledge management initiatives to achieve a KMPQ as high as possible if the loss from the security threat is less than a specific threshold level. This study further differentiates three sources of a security threat (voluntary unfit quitters, voluntary fit quitters, and involuntary quitters), and assesses the firm’s best KMPQ accordingly. In addition, this article illustrates the implementation process of the firm’s knowledge management strategies based on the study’s decision framework. This research provides valuable guidance for practitioners to effectively implement knowledge management strategies to build a successful information security culture within organizations.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"7 1","pages":"189 - 210"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80563555","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Bioterrorism: New Technologies for Global Emergencies and Public Health 生物恐怖主义:应对全球突发事件和公共卫生的新技术
IF 0.8 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2015-10-02 DOI: 10.1080/15536548.2015.1105658
R. Mugavero, V. Sabato, M. Basso, W. D‘amico, Federico Benolli
Nowadays, the increasing number of unconventional biological attacks around the world, as well as innovative technologies and a larger availability of tools and materials, contribute to a wider expertise on dealing with devices and agents due to their inherent dual-use nature. This report focuses on modern technologies that offer proper protection against those attacks, in order to provide support in preventing and reducing their related risks. What is unprecedented in such attacks is the huge number of healthcare workers and first responders who have been infected or injured. The aim of this article is to propose a modern exploitation of advanced technologies in overcoming that lack of proper protection and in helping prevention and reduction of both risks and consequences for emergency teams through vehicles provided with innovative and integrated solutions for biohazard protection. The proposed solution is a new way to address global and public health emergencies, not only from natural and anthropogenic threats, but also from intentional and deliberated human actions as bioterrorism, moving the “operational protection” through a collective approach.
如今,世界各地非常规生物攻击的数量不断增加,以及创新技术和更多的工具和材料的可用性,有助于在处理装置和制剂方面获得更广泛的专门知识,因为它们具有固有的双重用途性质。本报告重点介绍了针对这些攻击提供适当保护的现代技术,以便为预防和减少相关风险提供支持。在此类袭击中前所未有的是,大量医护人员和急救人员被感染或受伤。本文的目的是建议现代利用先进技术克服缺乏适当保护的问题,并通过提供生物危害保护创新和综合解决方案的车辆,帮助应急小组预防和减少风险和后果。拟议的解决方案是应对全球突发公共卫生事件的一种新方法,不仅可以应对自然和人为威胁,还可以应对蓄意和蓄意的生物恐怖主义等人类行为,从而通过集体方法推动“业务保护”。
{"title":"Bioterrorism: New Technologies for Global Emergencies and Public Health","authors":"R. Mugavero, V. Sabato, M. Basso, W. D‘amico, Federico Benolli","doi":"10.1080/15536548.2015.1105658","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105658","url":null,"abstract":"Nowadays, the increasing number of unconventional biological attacks around the world, as well as innovative technologies and a larger availability of tools and materials, contribute to a wider expertise on dealing with devices and agents due to their inherent dual-use nature. This report focuses on modern technologies that offer proper protection against those attacks, in order to provide support in preventing and reducing their related risks. What is unprecedented in such attacks is the huge number of healthcare workers and first responders who have been infected or injured. The aim of this article is to propose a modern exploitation of advanced technologies in overcoming that lack of proper protection and in helping prevention and reduction of both risks and consequences for emergency teams through vehicles provided with innovative and integrated solutions for biohazard protection. The proposed solution is a new way to address global and public health emergencies, not only from natural and anthropogenic threats, but also from intentional and deliberated human actions as bioterrorism, moving the “operational protection” through a collective approach.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"27 1","pages":"262 - 273"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83603949","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
The Application of Keystroke Analysis for Physical Security: A Field Experiment 击键分析在物理安全中的应用:现场实验
IF 0.8 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2015-10-02 DOI: 10.1080/15536548.2015.1105599
C. Leberknight, M. Recce
A major factor restricting the widespread acceptance of biometric security technologies is the lack of experimental results from repeated use in a real world setting. Specifically, with respect to keystroke analysis, previous research has primarily discussed the classification performance of the biometric by controlling different variables during laboratory experiments. This research is an extension of previous work that investigates the classification performance of keystroke analysis using a biometric keypad and several novel typing features during a 5-week field experiment. The ultimate goal is to explore stabilization patterns over time and to test if field study results support the optimal parameters and classification rates identified in the laboratory study. Results from the experiment demonstrate that a classification rate of 87% can be achieved during actual use of the biometric keypad by employing the optimal parameters. This finding helps to validate and extend previous work conducted in a laboratory setting. It also provides useful insight into experimental designs and support for the application of keystroke analysis in a real world environment.
限制广泛接受生物识别安全技术的一个主要因素是缺乏在现实世界环境中反复使用的实验结果。具体而言,在击键分析方面,以往的研究主要是在实验室实验中通过控制不同变量来讨论生物识别的分类性能。本研究是先前工作的延伸,在为期5周的现场实验中,研究了使用生物识别键盘和几种新型打字特征的击键分析的分类性能。最终目标是探索随时间推移的稳定模式,并测试现场研究结果是否支持实验室研究中确定的最佳参数和分类率。实验结果表明,在实际使用中,采用最优参数的生物特征键盘的分类率可达87%。这一发现有助于验证和扩展以前在实验室环境中进行的工作。它还为实验设计提供了有用的见解,并支持在现实世界环境中应用击键分析。
{"title":"The Application of Keystroke Analysis for Physical Security: A Field Experiment","authors":"C. Leberknight, M. Recce","doi":"10.1080/15536548.2015.1105599","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105599","url":null,"abstract":"A major factor restricting the widespread acceptance of biometric security technologies is the lack of experimental results from repeated use in a real world setting. Specifically, with respect to keystroke analysis, previous research has primarily discussed the classification performance of the biometric by controlling different variables during laboratory experiments. This research is an extension of previous work that investigates the classification performance of keystroke analysis using a biometric keypad and several novel typing features during a 5-week field experiment. The ultimate goal is to explore stabilization patterns over time and to test if field study results support the optimal parameters and classification rates identified in the laboratory study. Results from the experiment demonstrate that a classification rate of 87% can be achieved during actual use of the biometric keypad by employing the optimal parameters. This finding helps to validate and extend previous work conducted in a laboratory setting. It also provides useful insight into experimental designs and support for the application of keystroke analysis in a real world environment.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"75 1","pages":"211 - 227"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73515377","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Research Essay Editorial 研究论文编辑
IF 0.8 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2015-10-02 DOI: 10.1080/15536548.2015.1105601
Gaurav Gupta, I. Bose
Modern human life resides at the behest of information. Access to information has been attributed to power and control in societies. Jeremy Bentham, in the late 18th century, used the concept of panopticon to explain the perception of control through constant monitoring. The panopticon prison architecture allows monitoring of all inmates from a central location, and the expectation that monitoring affects their behavior. In the book titled In the Age of the Smart Machine: The Future of Work and Power (1988), Shoshana Zuboff uses the same lens to explain the notion of information panopticon. She argues that supervision and surveillance are an inevitable consequence of our dependence on information processing machines (including computers and networked devices). As monitoring and analyzing technologies improve, both, intensity and capability of surveillance shall improve too. Since both overt and covert communications do traverse in varied medium (e.g., internet, telephony) and most of these media are also being shared for public communication, the need for monitoring them simultaneously is implied as necessary for public safety. The emergence of multiple communication platforms with different underlying technologies has increased the cost and complexity of surveillance. Collection of surveillance data from several different sources and their co-analysis poses significant demands on existing technological capabilities too. Expeditious analysis of the collected data and its conversion into actionable intelligence is crucial for surveillance and adds another layer of complexity to this use case. Information and Communication Technology (ICT) has added capabilities to both monitor and connect citizens with the government. Government-backed intelligence agencies worldwide are introducing self-reporting platforms to allow citizens to notify agencies of anomalies in their vicinity. Adoption of these platforms would make citizens a critical component of the state-run physical surveillance framework. Human intelligence is a crucial link in the whole surveillance architecture, and analyzes and interprets the output from other technology-backed surveillance techniques, thus making surveillance actionable. The first article written by Mugavero, Benolli, and Sabato, in this Research Essay special section of the Journal of Information Privacy and Security (JIPS), projects some of these issues concerning challenges posed due to multiple sources of intelligence data. Consequently, these authors present the extant understanding of intelligence and its identification as a process. They provide an introduction of the different sources of intelligence and then present a model for encompassing all existing intelligence products. This
现代人的生活依赖于信息。获取信息被归因于社会中的权力和控制。18世纪晚期,杰里米·边沁(Jeremy Bentham)用圆形监狱(panopticon)的概念来解释通过不断的监视来控制的感觉。panopticon监狱架构允许从一个中心位置监控所有囚犯,并期望监控影响他们的行为。在《智能机器时代:工作和权力的未来》(1988)一书中,肖莎娜·祖伯夫用同样的视角解释了信息全景监狱的概念。她认为,监督和监视是我们依赖信息处理机器(包括计算机和网络设备)的必然结果。随着监测和分析技术的进步,监测的强度和能力也要提高。由于公开和秘密通信都是通过各种媒介(例如,互联网,电话)进行的,而且这些媒体中的大多数也被用于公共通信,因此同时监控它们的必要性被认为是公共安全的必要条件。使用不同底层技术的多种通信平台的出现增加了监控的成本和复杂性。从几个不同来源收集监测数据并对其进行联合分析也对现有技术能力提出了重大要求。对收集的数据进行快速分析并将其转换为可操作的情报对于监视至关重要,并为该用例增加了另一层复杂性。信息和通信技术(ICT)增加了监控公民和连接公民与政府的能力。世界各地的政府支持的情报机构正在推出自我报告平台,允许公民通知他们附近的异常情况。采用这些平台将使公民成为国家实体监控框架的关键组成部分。人工智能是整个监控体系结构的关键环节,并分析和解释其他技术支持的监控技术的输出,从而使监控具有可操作性。Mugavero、Benolli和Sabato撰写的第一篇文章发表在《信息隐私与安全杂志》(jip)的研究论文特辑中,提出了由于情报数据的多种来源所带来的挑战。因此,这些作者提出了现有的理解智能及其识别作为一个过程。他们介绍了不同的情报来源,然后提出了一个涵盖所有现有情报产品的模型。这
{"title":"Research Essay Editorial","authors":"Gaurav Gupta, I. Bose","doi":"10.1080/15536548.2015.1105601","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105601","url":null,"abstract":"Modern human life resides at the behest of information. Access to information has been attributed to power and control in societies. Jeremy Bentham, in the late 18th century, used the concept of panopticon to explain the perception of control through constant monitoring. The panopticon prison architecture allows monitoring of all inmates from a central location, and the expectation that monitoring affects their behavior. In the book titled In the Age of the Smart Machine: The Future of Work and Power (1988), Shoshana Zuboff uses the same lens to explain the notion of information panopticon. She argues that supervision and surveillance are an inevitable consequence of our dependence on information processing machines (including computers and networked devices). As monitoring and analyzing technologies improve, both, intensity and capability of surveillance shall improve too. Since both overt and covert communications do traverse in varied medium (e.g., internet, telephony) and most of these media are also being shared for public communication, the need for monitoring them simultaneously is implied as necessary for public safety. The emergence of multiple communication platforms with different underlying technologies has increased the cost and complexity of surveillance. Collection of surveillance data from several different sources and their co-analysis poses significant demands on existing technological capabilities too. Expeditious analysis of the collected data and its conversion into actionable intelligence is crucial for surveillance and adds another layer of complexity to this use case. Information and Communication Technology (ICT) has added capabilities to both monitor and connect citizens with the government. Government-backed intelligence agencies worldwide are introducing self-reporting platforms to allow citizens to notify agencies of anomalies in their vicinity. Adoption of these platforms would make citizens a critical component of the state-run physical surveillance framework. Human intelligence is a crucial link in the whole surveillance architecture, and analyzes and interprets the output from other technology-backed surveillance techniques, thus making surveillance actionable. The first article written by Mugavero, Benolli, and Sabato, in this Research Essay special section of the Journal of Information Privacy and Security (JIPS), projects some of these issues concerning challenges posed due to multiple sources of intelligence data. Consequently, these authors present the extant understanding of intelligence and its identification as a process. They provide an introduction of the different sources of intelligence and then present a model for encompassing all existing intelligence products. This","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"470 1","pages":"228 - 229"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77747968","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Editorial Preface 编辑前言
IF 0.8 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2015-10-02 DOI: 10.1080/15536548.2015.1105590
K. Bagchi
The fourth issue of Journal of Information Privacy and Security (JIPS), 2014, contains two regular research papers and a research essay special section containing three interesting research essays. The first regular article titled, “Job Quitters, Information Security Awareness, and Knowledge Management Strategies” by Hongbo Lyu and Justin Zhang talks about a unique set of people: Job Quitters. A lack of theory in this area is what makes the article interesting. When the potential security threat comes from Job Quitters, Lyu and Zhang find that the firm should implement full knowledge management initiatives to achieve a knowledge management performance quotient as high as possible under certain conditions. The article also provides initial guidance on knowledge management strategy to security practitioners. The second regular contribution titled, “The Application of Keystroke Analysis for Physical Security: A Field Experiment” by Christopher S. Leberknight and Michael L. Recce is on the role of keystroke analysis as a behavioral biometric analysis using a real world environment. It extends the previous work by investigating the classification performance of keystroke analysis using a biometric keypad and several novel typing features during a 5-week field experiment. The article observes that typing patterns stabilize with very little variation between different time periods. The Research Essay special section that follows contains three research essays on physical security related issues. This special section starts with an introduction by Gaurav Gupta and Indranil Bose (Associate Editor, JIPS). Three research essays follow this introduction. Since information and communication technologies have become a part of surveillance infrastructures, new privacy and security issues arise. In order to cope with these challenges, the readers of JIPS may need to have an understanding of these physical security issues. In the Book Review section, Adolfo Coronado reviews a book titled, “Information Assurance for the Enterprise: A Roadmap to Information Security”, written by C. Schou and D. Shoemaker. Dr. Coronado observes that “The aim of this book is to take a management role, therefore, the topics are introduced with a management emphasis and not a technical perspective.” We acknowledge services of JIPS reviewers as well as outside reviewers for the journal. Thanks are also due to our editorial board members and associate editors for their untiring efforts to provide critical reviews in a timely manner. Thanks to Dr. Choton Basu (University of Wisconsin Whitewater) for conducting a few interviews for JIPS, in spite of his busy schedule. Thanks also to Dr. Chuleeporn Changchit (Texas A&M, Corpus Christi) for routinely forwarding articles sent to her by authors. Finally, thanks are due to our publisher who helped us in every possible way. Happy holidays and a happy new year to you all!
《信息隐私与安全杂志》(Journal of Information Privacy and Security, JIPS) 2014年第四期包含两篇常规研究论文和一篇研究论文专题,其中包含三篇有趣的研究论文。第一篇定期文章题为“辞职者、信息安全意识和知识管理策略”,由吕洪波和贾斯汀·张撰写,讨论了一群独特的人:辞职者。这方面缺乏理论正是这篇文章的有趣之处。Lyu和Zhang发现,当潜在的安全威胁来自于离职者时,企业应该实施全面的知识管理举措,以在一定条件下实现尽可能高的知识管理绩效商。本文还为安全从业者提供了关于知识管理策略的初步指导。第二个定期贡献题为“击键分析在物理安全中的应用:现场实验”,作者是Christopher S. Leberknight和Michael L. Recce,讨论了击键分析作为一种使用真实世界环境的行为生物计量分析的作用。在为期5周的现场实验中,通过研究使用生物识别键盘和几个新颖的打字特征的击键分析的分类性能,扩展了先前的工作。本文观察到,键入模式在不同时间段之间的变化非常小,非常稳定。下面的研究论文特别部分包含三篇关于物理安全相关问题的研究论文。这个特别的部分从Gaurav Gupta和Indranil Bose (JIPS副主编)的介绍开始。接下来是三篇研究论文。由于信息和通信技术已成为监视基础设施的一部分,因此出现了新的隐私和安全问题。为了应对这些挑战,JIPS的读者可能需要了解这些物理安全问题。在书评部分,Adolfo Coronado评论了一本名为“企业信息保障:信息安全路线图”的书,作者是C. Schou和D. Shoemaker。科罗纳多博士指出:“这本书的目的是扮演一个管理角色,因此,这些主题是从管理的角度介绍的,而不是从技术的角度。”我们感谢JIPS审稿人以及期刊外部审稿人的服务。我们也要感谢我们的编辑委员会成员和副编辑们的不懈努力,及时提供重要的评论。感谢Choton Basu博士(威斯康星大学白水分校)在百忙之中为JIPS进行了几次采访。也感谢chleeporn Changchit博士(Texas A&M, Corpus Christi)定期转发作者发给她的文章。最后,感谢我们的发行商,他们以各种可能的方式帮助了我们。祝大家节日快乐,新年快乐!
{"title":"Editorial Preface","authors":"K. Bagchi","doi":"10.1080/15536548.2015.1105590","DOIUrl":"https://doi.org/10.1080/15536548.2015.1105590","url":null,"abstract":"The fourth issue of Journal of Information Privacy and Security (JIPS), 2014, contains two regular research papers and a research essay special section containing three interesting research essays. The first regular article titled, “Job Quitters, Information Security Awareness, and Knowledge Management Strategies” by Hongbo Lyu and Justin Zhang talks about a unique set of people: Job Quitters. A lack of theory in this area is what makes the article interesting. When the potential security threat comes from Job Quitters, Lyu and Zhang find that the firm should implement full knowledge management initiatives to achieve a knowledge management performance quotient as high as possible under certain conditions. The article also provides initial guidance on knowledge management strategy to security practitioners. The second regular contribution titled, “The Application of Keystroke Analysis for Physical Security: A Field Experiment” by Christopher S. Leberknight and Michael L. Recce is on the role of keystroke analysis as a behavioral biometric analysis using a real world environment. It extends the previous work by investigating the classification performance of keystroke analysis using a biometric keypad and several novel typing features during a 5-week field experiment. The article observes that typing patterns stabilize with very little variation between different time periods. The Research Essay special section that follows contains three research essays on physical security related issues. This special section starts with an introduction by Gaurav Gupta and Indranil Bose (Associate Editor, JIPS). Three research essays follow this introduction. Since information and communication technologies have become a part of surveillance infrastructures, new privacy and security issues arise. In order to cope with these challenges, the readers of JIPS may need to have an understanding of these physical security issues. In the Book Review section, Adolfo Coronado reviews a book titled, “Information Assurance for the Enterprise: A Roadmap to Information Security”, written by C. Schou and D. Shoemaker. Dr. Coronado observes that “The aim of this book is to take a management role, therefore, the topics are introduced with a management emphasis and not a technical perspective.” We acknowledge services of JIPS reviewers as well as outside reviewers for the journal. Thanks are also due to our editorial board members and associate editors for their untiring efforts to provide critical reviews in a timely manner. Thanks to Dr. Choton Basu (University of Wisconsin Whitewater) for conducting a few interviews for JIPS, in spite of his busy schedule. Thanks also to Dr. Chuleeporn Changchit (Texas A&M, Corpus Christi) for routinely forwarding articles sent to her by authors. Finally, thanks are due to our publisher who helped us in every possible way. Happy holidays and a happy new year to you all!","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"11 1","pages":"187 - 188"},"PeriodicalIF":0.8,"publicationDate":"2015-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82136235","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Investigating Factors Influencing Web-Browsing Safety Efficacy (WSE) Among Older Adults 调查影响老年人网络浏览安全效能的因素
IF 0.8 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2015-07-03 DOI: 10.1080/15536548.2015.1073534
Victoria Kisekka, Rajarshi Chakraborty, S. Bagchi‐Sen, H. Rao
This research investigates the ability of older adults to perceive online threats. Specifically, the factors that influence web-browsing safety efficacy (WSE) among older adults are investigated. The factors investigated are: attitude towards unsolicited email senders, risk aversion, perceived efficacy in finding information, security education, and perceived social connectivity. Partial least squares regression analysis was used to analyze a sample of older adults age 55 years and older. The results showed that risk aversion, security education, and perceived ability in finding information online were positively associated with WSE among older adults. No relationship was found between social connectedness and attitude towards unsolicited e-mail senders.
这项研究调查了老年人感知网络威胁的能力。具体而言,研究了影响老年人网络浏览安全效能(WSE)的因素。调查的因素包括:对不请自来的电子邮件发送者的态度、风险厌恶、发现信息的感知效能、安全教育和感知的社会联系。偏最小二乘回归分析用于分析55岁及以上的老年人样本。结果显示,风险厌恶、安全教育和网络信息搜寻能力与老年人的网络安全行为呈正相关。没有发现社会联系和对不请自来的电子邮件发送者的态度之间的关系。
{"title":"Investigating Factors Influencing Web-Browsing Safety Efficacy (WSE) Among Older Adults","authors":"Victoria Kisekka, Rajarshi Chakraborty, S. Bagchi‐Sen, H. Rao","doi":"10.1080/15536548.2015.1073534","DOIUrl":"https://doi.org/10.1080/15536548.2015.1073534","url":null,"abstract":"This research investigates the ability of older adults to perceive online threats. Specifically, the factors that influence web-browsing safety efficacy (WSE) among older adults are investigated. The factors investigated are: attitude towards unsolicited email senders, risk aversion, perceived efficacy in finding information, security education, and perceived social connectivity. Partial least squares regression analysis was used to analyze a sample of older adults age 55 years and older. The results showed that risk aversion, security education, and perceived ability in finding information online were positively associated with WSE among older adults. No relationship was found between social connectedness and attitude towards unsolicited e-mail senders.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"357 1","pages":"158 - 173"},"PeriodicalIF":0.8,"publicationDate":"2015-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76501873","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
M0Droid: An Android Behavioral-Based Malware Detection Model M0Droid:基于Android行为的恶意软件检测模型
IF 0.8 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2015-07-03 DOI: 10.1080/15536548.2015.1073510
Mohsen Damshenas, A. Dehghantanha, Kim-Kwang Raymond Choo, Ramlan Mahmud
Anti-mobile malware has attracted the attention of the research and security community in recent years due to the increasing threat of mobile malware and the significant increase in the number of mobile devices. M0Droid, a novel Android behavioral-based malware detection technique comprising a lightweight client agent and a server analyzer, is proposed here. The server analyzer generates a signature for every application (app) based on the system call requests of the app (termed app behavior) and normalizes the generated signature to improve accuracy. The analyzer then uses Spearman’s rank correlation coefficient to identify malware with similar behavior signatures in a previously generated blacklist of malwares signatures. The main contribution of this research is the proposed method to generate standardized mobile malware signatures based on their behavior and a method for comparing generated signatures. Preliminary experiments running M0Droid against Genome dataset and APK submissions of Android client agent or developers indicate a detection rate of 60.16% with 39.43% false-positives and 0.4% false-negatives at a threshold value of 0.90. Increasing or decreasing the threshold value can adjust the strictness of M0Droid. As the threshold value increases, the false-negative rate will also increase, and as the threshold value decreases, the detection and false-positive rates will also decrease. The authors hope that this research will contribute towards Android malware detection techniques.
近年来,由于移动恶意软件的威胁不断增加,移动设备数量显著增加,反移动恶意软件引起了研究和安全界的关注。本文提出了一种新的基于Android行为的恶意软件检测技术M0Droid,该技术由一个轻量级客户端代理和一个服务器分析器组成。服务器分析器根据应用的系统调用请求(称为应用行为)为每个应用生成一个签名,并对生成的签名进行规范化,以提高准确性。分析器然后使用斯皮尔曼的等级相关系数来识别恶意软件具有相似的行为签名在先前生成的恶意软件签名黑名单。本研究的主要贡献是提出了一种基于行为生成标准化移动恶意软件签名的方法,以及一种比较生成签名的方法。M0Droid对基因组数据集和Android客户端代理或开发者提交的APK进行初步实验,检测率为60.16%,假阳性39.43%,假阴性0.4%,阈值为0.90。增加或减少阈值可以调整M0Droid的严格性。随着阈值的增大,假阴性率也会增大,随着阈值的减小,检出率和假阳性率也会减小。作者希望本研究对Android恶意软件检测技术有所贡献。
{"title":"M0Droid: An Android Behavioral-Based Malware Detection Model","authors":"Mohsen Damshenas, A. Dehghantanha, Kim-Kwang Raymond Choo, Ramlan Mahmud","doi":"10.1080/15536548.2015.1073510","DOIUrl":"https://doi.org/10.1080/15536548.2015.1073510","url":null,"abstract":"Anti-mobile malware has attracted the attention of the research and security community in recent years due to the increasing threat of mobile malware and the significant increase in the number of mobile devices. M0Droid, a novel Android behavioral-based malware detection technique comprising a lightweight client agent and a server analyzer, is proposed here. The server analyzer generates a signature for every application (app) based on the system call requests of the app (termed app behavior) and normalizes the generated signature to improve accuracy. The analyzer then uses Spearman’s rank correlation coefficient to identify malware with similar behavior signatures in a previously generated blacklist of malwares signatures. The main contribution of this research is the proposed method to generate standardized mobile malware signatures based on their behavior and a method for comparing generated signatures. Preliminary experiments running M0Droid against Genome dataset and APK submissions of Android client agent or developers indicate a detection rate of 60.16% with 39.43% false-positives and 0.4% false-negatives at a threshold value of 0.90. Increasing or decreasing the threshold value can adjust the strictness of M0Droid. As the threshold value increases, the false-negative rate will also increase, and as the threshold value decreases, the detection and false-positive rates will also decrease. The authors hope that this research will contribute towards Android malware detection techniques.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"286 1 1","pages":"141 - 157"},"PeriodicalIF":0.8,"publicationDate":"2015-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72903445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 79
Introduction to Computer Security, by M. T. Goodrich and R. Tamassia 《计算机安全导论》,m.t. Goodrich和R. Tamassia著
IF 0.8 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2015-07-03 DOI: 10.1080/15536548.2015.1073538
Adolfo S. Coronado
{"title":"Introduction to Computer Security, by M. T. Goodrich and R. Tamassia","authors":"Adolfo S. Coronado","doi":"10.1080/15536548.2015.1073538","DOIUrl":"https://doi.org/10.1080/15536548.2015.1073538","url":null,"abstract":"","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"1 1","pages":"184 - 186"},"PeriodicalIF":0.8,"publicationDate":"2015-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90967925","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
International Journal of Information Security and Privacy
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1