Improving non-compliant information security behavior using algorithms
Аннотация
Ключевые слова
Полный текст:
PDF (English)Литература
[1] Donalds C. and Osei-Bryson K. Cybersecurity compliance behavior: Exploring the influences of individual de-cision style and other antecedents. Int. J. Inf. Manage., v. 51, p. 102056, 2020.
DOI: 10.1016/j.ijinfomgt.2019.102056.
[2] Konsolakis K. et al. Human behaviour analysis through smartphones. Proceedings 2018, 2(19), 1243.
DOI: https://doi.org/10.3390/proceedings2191243.
[3] Zhu M., Liu S. and Jiang J. A hybrid method for learning multi-dimensional Bayesian network classifiers based on an optimization model. Appl Intell 44, 123–148 (2016).
DOI: https://doi.org/10.1007/s10489-015-0698-2.
[4] Gayathri R.G., Sajjanhar A., Xiang Y. and Ma X. Anomaly Detection for Scenario-based Insider Activities using CGAN Augmented Data. IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Shenyang, China, 2021, p. 718–725.
DOI: 10.1109/TrustCom53373.2021.00105.
[5] Olhede S.C. and Wolfe P.J. The growing ubiquity of algorithms in society: implications, impacts and innova-tions. Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences,
v. 376, (2128), p. 20170364, 2018.
DOI: https://doi.org/10.1098/rsta.2017.0364
[6] AI can now learn to manipulate human behaviour. URL: http://theconversation.com/ai-can-now-learn-to-manipulate-human-behaviour-155031 (accessed: 03.06.2024).
[7] Tolstoy Alexander I. Cybersecurity concepts’ taxonomy. IT Security (Russia), [S.l.], v. 31, no. 1, p. 158–175, 2024. ISSN 2074-7136. DOI: http://dx.doi.org/10.26583/bit.2024.1.10 (in Russian).
[8] Abhigna B.S., Soni N. and Dixit S. Crowdsourcing–A step towards advanced machine learning. Procedia Com-puter Science, v. 132, p. 632–642, 2018.
DOI: https://doi.org/10.1016/j.procs.2018.05.062.
[9] Haider N., Baig M.Z. and Imran M. Artificial Intelligence and Machine Learning in 5G Network Security: Op-portunities, advantages, and future research trends. arXiv Preprint arXiv:2007.04490, 2020.
DOI: https://doi.org/10.48550/arXiv.2007.04490.
[10] Yan Chen, Dennis F. Galletta, Paul Benjamin Lowry, Xin (Robert) Luo, Gregory D. Moody, Robert Willison (2021) Understanding Inconsistent Employee Compliance with Information Security Policies Through the Lens of the Extended Parallel Process Model. Information Systems Research 32(3):1043-1065.
DOI: https://doi.org/10.1287/isre.2021.1014.
[11] Cheng L. et al. Understanding the violation of IS security policy in organizations: An integrated model based on social control and deterrence theory," Comput. Secur., v. 39, p. 447–459, 2013.
DOI: 10.1016/j.cose.2013.09.009.
[12] Sarkar S. et al. The influence of professional subculture on information security policy violations: A field study in a healthcare context," Information Systems Research, v. 31, (4), p. 1240–1259, 2020.
DOI: 10.1287/isre.2020.0941.
[13] Lowry P.B. et al. Leveraging fairness and reactance theories to deter reactive computer abuse following enhanced organisational information security policies: An empirical study of the influence of counterfactual reasoning and organisational trust," Information Systems Journal, v. 25, (3), p. 193–273, 2015.
DOI: 10.1111/isj.12063.
[14] D'Arcy J., Hovav A. and Galletta D. User awareness of security countermeasures and its impact on infor-mation systems misuse: A deterrence approach. Information Systems Research, v. 20, (1), p. 79–98, 2009.
DOI: 10.1287/isre.1070.0160.
[15] D'Arcy J., Herath T. and Shoss M.K. Understanding employee responses to stressful information security re-quirements: A coping perspective. J. Manage. Inf. Syst., v. 31, (2), p. 285–318, 2014.
DOI: 10.2753/MIS0742-1222310210.
[16] Hu Q. et al. Does deterrence work in reducing information security policy abuse by employees? Commun ACM, v. 54, (6), p. 54–60, 2011. DOI: 10.1145/1953122.1953142.
[17] Kuppusamy P. and Bharathi V.C. Human abnormal behavior detection using CNNs in crowded and un-crowded surveillance–A survey. Measurement: Sensors, v. 24, p. 100510, 2022.
DOI: 10.1016/j.measen.2022.100510.
[18] Zong J. et al. ReLAC: Revocable and lightweight access control with blockchain for smart consumer electron-ics. IEEE Transactions on Consumer Electronics, v. 70, no. 1, p. 3994–4004, 2024.
DOI: 10.1109/TCE.2023.3279652.
[19] Murturi A., Kantarci B. and Oktug S.F. A reference model for crowdsourcing as a service. IEEE 4th International Conference on Cloud Networking (CloudNet), Niagara Falls, ON, Canada, 2015, p. 64–66.
DOI: 10.1109/CloudNet.2015.7335281.
[20] Modaresnezhad M. et al. Information Technology (IT) enabled crowdsourcing: A conceptual framework. In-formation Processing & Management, v. 57, (2), p. 102135, 2020.
DOI: 10.1016/j.ipm.2019.102135.
[21] Yu D., Zhou Z. and Wang Y. Crowdsourcing Software Task Assignment Method for Collaborative Development. IEEE Access, v. 7, p. 35743–35754, 2019. DOI: 10.1109/ACCESS.2019.2905054.
[22] Lan H. and Pan Y. A Crowdsourcing Quality Prediction Model Based on Random Forests. 2019 IEEE/ACIS 18th International Conference on Computer and Information Science (ICIS), Beijing, China, 2019, p. 315–319. DOI: 10.1109/ICIS46139.2019.8940306.
[23] Howe J. The rise of crowdsourcing. Wired Magazine, v. 14, p. 1–4, 2006.
URL: https://disco.ethz.ch/courses/fs10/seminar/paper/michael-8.pdf (accessed: 03.06.2024).
[24] He S., Pan H., Zhao S., Chen C. and Bian X. A Crowdsourcing-based Medical Image Classification Method. 2019 IEEE International Conference on Bioinformatics and Biomedicine (BIBM), San Diego, CA, USA, 2019, p. 1492–1499.
DOI: 10.1109/BIBM47256.2019.8983103.
[25] Li J. Cyber security meets artificial intelligence: a survey. Frontiers of Information Technology & Electronic Engineering, v. 19, (12), p. 1462–1474, 2018. DOI: 10.1631/FITEE.1800573.
[26] Secinaro S. et al. The role of artificial intelligence in healthcare: a structured literature review. BMC Medical Informatics and Decision Making, v. 21, p. 1–23, 2021. DOI:10.1186/s12911-021-01488-9.
[27] Zapechnikov Sergey V.; Konkin Anatoly Yu. Ensuring the privacy of information in distributed ledger systems with zero-knowledge proofs. IT Security (Russia), [S.l.], v. 31, no. 1, p. 75–85, 2024. ISSN 2074-7136.
DOI: http://dx.doi.org/10.26583/bit.2024.1.04 (in Russian).
[28] Wang W. et al. Lightweight blockchain-enhanced mutual authentication protocol for UAVs. IEEE Internet of Things Journal, 2023. DOI:10.1109/JIOT.2023.3324543.
[29] Yan C. et al. Edge-Assisted Hierarchical Batch Authentication Scheme for VANETs. IEEE Transactions on Vehicular Technology. IEEE Transactions on Vehicular Technology, v. 73, no. 1, p. 1253–1262, 2024.
DOI: 10.1109/TVT.2023.3305556.
[30] Machiraju S, Modi R. Developing Bots with Microsoft Bots Framework. Developing Bots with Microsoft Bots Framework. 1-278. 2018. DOI: https://doi.org/10.1007/978-1-4842-3312-2.
[31] Abuali K.M., Nissirat L. and Al-Samawi A. Intrusion Detection Techniques in Social Media Cloud: Review and Future Directions. Wireless Communications and Mobile Computing, v. 2023, p. 1, 2023.
DOI: 10.1155/2023/6687023.
[32] Usman O.L. et al. Advance machine learning methods for Dyslexia biomarker detection: a review of imple-mentation details and challenges. IEEE Access, v. 9, p. 36879–36897, 2021.
DOI: 10.1109/ACCESS.2021.3062709.
[33] Raman A. and Tok W.H. A Developer's Guide to Building AI Applications: Create Your First Intelligent Bot with Microsoft AI. O'Reilly Media, 2018. URL: https://www.oreilly.com/library/view/a-developers-guide/9781492037835/ (accessed: 03.06.2024).
[34] Brundage M. et al. The malicious use of artificial intelligence: Forecasting, prevention, and mitigation. arXiv Preprint arXiv:1802.07228, 2018.
DOI: https://doi.org/10.48550/arXiv.1802.07228.
[35] Njenga, K., and Ndlovu, S. On privacy calculus and underlying consumer concerns influencing mobile banking subscriptions. Information Security for South Africa 1-9. IEEE. August 2012.
DOI: 10.1109/ISSA.2012.6320453.
[36] Ajzen I. The theory of planned behavior. Organ. Behav. Hum. Decis. Process., v. 50, (2), p. 179–211, 1991.
DOI: 10.1016/0749-5978(91)90020-T.
[37] Sheppard B.H., Hartwick J. and Warshaw P.R. The theory of reasoned action: A meta-analysis of past re-search with recommendations for modifications and future research. Journal of Consumer Research, v. 15, (3), p. 325–343, 1988.
[38] Mahmud T. et al. A rule based approach for NLP based query processing. 2015 2nd International Conference on Electrical Information and Communication Technologies (EICT), Khulna, Bangladesh, 2015, p. 78–82.
DOI: 10.1109/EICT.2015.7391926.
[39] Houshmand S. and Aggarwal S. 2012. Building better passwords using probabilistic techniques. In Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC '12). Association for Computing Machinery, New York, NY, USA, 109–118. DOI: https://doi.org/10.1145/2420950.2420966.
[40] Wei H., Wang W. and Kao X. A novel approach to ultra-short-term wind power prediction based on feature engineering and informer. Energy Reports, v. 9, p. 1236–1250, 2023.
DOI: 10.1016/j.egyr.2022.12.062.
[41] Lipton Z.C. et al. Learning to diagnose with LSTM recurrent neural networks, 2016.
DOI: https://doi.org/10.48550/arXiv.1511.03677.
[42] Géron A. Hands-on Machine Learning with Scikit-Learn, Keras, and TensorFlow: Concepts, Tools, and Techniques to Build Intelligent Systems. (Second ed.), 2019. – 856 p.
URL: http://elib.vku.udn.vn/handle/123456789/2505 (accessed: 03.06.2024).
[43] Lowry P.B. et al. Leveraging fairness and reactance theories to deter reactive computer abuse following enhanced organisational information security policies: An empirical study of the influence of counterfactual reasoning and organisational trust. Information Systems Journal, v. 25, (3), p. 193–273, 2015.
DOI: https://doi.org/10.1111/isj.12063.
[44] Sasse M.A., Brostoff S. and Weirich D. Transforming the 'weakest link' - a human/computer interaction approach to usable and effective security: Security," BT Technology Journal, v. 19, (3), p. 122–131, 2001.
DOI: https://doi.org/10.1023/A:1011902718709.
[45] Ur Blase et al. How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation. USENIX Security Symposium (2012). URL: https://www.semanticscholar.org/paper/How-Does-Your-Password-Measure-Up-The-Effect-of-on-Ur-Kelley/f09080496c8ad2da44346bae330dc364e8707d70 (accessed: 03.06.2024).
[46] Hall R.C., Hoppa M.A. and Hu Y. An empirical study of password policy compliance. In Journal of the Colloquium for Information Systems Security Education, 2023. DOI:10.53735/cisse.v10i1.156.
[47] Florencio D. and Herley C. A large-scale study of web password habits. 2007.
DOI: 10.1145/1242572.1242661.
[48] Adams A. and Sasse M.A. Users Are Not The Enemy. Commun ACM, v. 42, (12), 1999.
DOI: 10.1145/322796.322806.
[49] Markus M.L., Majchrzak A. and Gasser L. A design theory for systems that support emergent knowledge processes. MIS Quarterly, p. 179–212, 2002. DOI: 10.2307/4132330.
[50] De Sordi J.O. Design Science Research Methodology: Theory Development from Artifacts,
2021. – XVII, 146 p. DOI: https://doi.org/10.1007/978-3-030-82156-2.
[51] Dresch A., Lacerda D.P. and Antunes Jr J.A.V. Design Science Research: A Method for Sci-ence and Technology Advancement. 2015. DOI: 10.1007/978-3-319-07374-3.
[52] Hevner A. et al. Design science in information systems research. MIS Quarterly, v. 28, no. 1, p. 75–105, 2004.
DOI: 10.2307/25148625.
[53] March S.T. and Smith G.F. Design and natural science research on information technology," Decision Support Systems v. 15, (4), p. 251–266, 1995. DOI: 10.1016/0167-9236(94)00041-2.
[54] Simon H.A. The Sciences of the Artificial, 1996. – 231 p.
[55] Hevner Alan R.; March Salvatore T.; Par Jinsoo; and Ram, Sudha. 2004. Design Science in Information Systems Research. MIS Quarterly, (28: 1). URL: https://aisel.aisnet.org/misq/vol28/iss1/6/ (accessed: 03.06.2024).
[56] Yin R.K. Case Study Research: Design and Methods. 2009. DOI: https://doi.org/10.33524/cjar.v14i1.73.
[57] Taherdoost H. Sampling methods in research methodology; how to choose a sampling technique for research. How to Choose a Sampling Technique for Research (April 10, 2016), 2016.
DOI: 10.2139/ssrn.3205035.
[58] Bishop C.M. Pattern recognition and machine learning. Springer Google Schola, no. 1, 2006. – XX, 778 p.
[59] Kuhn M. and Johnson K. Applied Predictive Modeling. 2013. – XIII, 600 p.
DOI: https://doi.org/10.1007/978-1-4614-6849-3.
[60] Peffers K., Tuunanen T., Rothenberger M. A., & Chatterjee S. (2007). A Design Science Research Methodology for Information Systems Research. Journal of Management Information Systems, 24(3), p. 45–77. DOI: https://doi.org/10.2753/MIS0742-1222240302.
[61] AI, NIST (2023). Artificial Intelligence Risk Management Framework (AI RMF 1.0).
URL: https://nvlpubs.nist.gov/nistpubs/ai/nist.ai.100-1.pdf (accessed: 03.06.2024).
[62] Oprea A., & Vassilev A. (2023). Adversarial machine learning: A taxonomy and terminology of attacks and mitigations (No. NIST Artificial Intelligence (AI) 100-2 E2023 (Withdrawn)). National Institute of Standards and Technology.
DOI: https://doi.org/10.6028/NIST.AI.100-2e2023.
[63] Jsang A. Subjective Logic: A formalism for reasoning under uncertainty. Springer Publishing Company, Incorporated, 2018. – 337 p.
[64] ETSI GR SAI 005 V1.1.1 (2021) Securing Artificial Intelligence (SAI); Mitigation Strategy Report.
URL: https://www.standict.eu/sites/default/files/2021-04/blank_1.pdf (accessed: 03.06.2024).
[65] Bai Y. SQL Server Database Programming with Visual Basic. NET: Concepts, Designs and Implementations. 2020. – 688 p.
DOI: http://dx.doi.org/10.26583/bit.2024.3.02
Ссылки
- На текущий момент ссылки отсутствуют.
Это произведение доступно по лицензии Creative Commons «Attribution» («Атрибуция») 4.0 Всемирная.