Abstract
This paper describes an exploratory investigation into the feasibility of predictive analytics of user behavioral data as a possible aid in developing effective user models for adaptive cybersecurity. Partial least squares structural equation modeling is applied to the domain of cybersecurity by collecting data on users’ attitude towards digital security, and analyzing how that influences their adoption and usage of technological security controls. Bayesian-network modeling is then applied to integrate the behavioral variables with simulated sensory data and/or logs from a web browsing session and other empirical data gathered to support personalized adaptive cybersecurity decision-making. Results from the empirical study show that predictive analytics is feasible in the context of behavioral cybersecurity, and can aid in the generation of useful heuristics for the design and development of adaptive cybersecurity mechanisms. Predictive analytics can also aid in encoding digital security behavioral knowledge that can support the adaptation and/or automation of operations in the domain of cybersecurity. The experimental results demonstrate the effectiveness of the techniques applied to extract input data for the Bayesian-based models for personalized adaptive cybersecurity assistance.
Highlights
The need to understand users within any human-computer system has long been identified as a critical design principle by HCI researchers and professionals
Based on findings of significant effects of Perceived Risk (PR) in previous technology adoption studies, we propose that computer users perceiving high risk associated with web browser security controls (WBSC) will have a negative attitude towards cybersecurity in general
The outer measurement model was examined for reliability and convergent validity with the same Partial Least Squares (PLS) software
Summary
The need to understand users within any human-computer system has long been identified as a critical design principle by HCI researchers and professionals. There has been an increasing interest in the role users play in maintaining security within the digital economy. Howe et al (2012) described HCUs users as people who have not received any formal training to use computers but use them to support various tasks in non-work environments. Despite advances in cybersecurity technological solutions, most HCUs are still unable to effectively access them for the protection of their digital assets. As HCUs are increasingly targeted in security breaches (Crossler and Belanger, 2014), there is a consensus among both cybersecurity researchers and key industry players about the urgent need to understand their cybersecurity behaviours and how best to enhance them
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
