Security Knowledge Research Articles

The Influence of Cyber Security Knowledge, Cyber Security Awareness, and Behaviour Protection on Intention to Use Among Mobile Banking Users in Jakarta

Businesses and individuals, especially banks, must use risk assessment methods and preventive measures to protect mobile banking application users. Looking at these events, the researcher aims to see whether cyber security awareness, knowledge & behavior protection of users affect the intention to use mobile banking applications and whether these three variables are important for mobile banking users to understand in maintaining the security of transactions using mobile banking which will test the influence of these 3 variables on users' interest in continuing to use mobile banking even though users know the high risk if there is negligence in carrying out these 3 things and believing in the security of the mobile banking system in Indonesia. The population of this study is people who work in Jakarta. The respondents' answers were taken using Google Docs and distributed in general. The researcher obtained a total of 130 respondents. The data was processed using SPSS 27 with the analysis method of validity, reliability, and hypothesis test including the R2 test, F test, and T-test.

Understanding Cassava Ethnovarieties in the Brazilian Amazon: Harnessing Traditional Knowledge For Food Security and Sustainable Agriculture

Objective: To characterize ethnovarieties of cassava (Manihot esculenta Crantz) in traditional communities on the border between Juruti (Pará) and Parintins (Amazonas), focusing on the diversity and management practices associated with the cultivation of this plant in the Brazilian Amazon. Theoretical Framework: Cassava is vital for food security and the economy in the Brazilian Amazon. The loss of traditional varieties or ethnovarieties in border communities in Amazonas and Pará is a reality. By focusing on morphological descriptors, ancestry and management practices, we can identify the use of these varieties and thus highlight ecological and diverse adaptations in the region. Method: With ethical approval and community consent, ethnobotanical interviews, farm walks and participatory analysis were carried out in four communities. Morphological descriptors were used, such as leaf shape and root pulp color, as well as climatic variations, to understand the relationship between traditional knowledge and the adaptation of local varieties to the conditions. Results and Discussion: The data was analyzed using PCA (Principal Component Analysis) and a statistical dendrogram, which revealed high similarity between areas 2 and 3, followed by area 1, indicating similar agricultural practices and environments. This diversity of ethnovarieties reflects an ancestral and consolidated agricultural management system, showing a deep cultural identity and knowledge about the adaptability of varieties to the region. Research Implications: In this research, the importance for community members to conserve ethnovarieties in situ for social justice resistance, income and culinary quality, important factors for the conservation and sustainable use of agrobiodiversity, can be seen in the localities. Originality/Value: In order to give greater value to the use and conservation of these ethnovarieties, this research shows the potential for genetic improvement programs and public policies in these locations aimed at food security and strengthening family farming in the Amazon.

Leveraging the Power of Storytelling to Encourage and Empower Children towards Strong Passwords

With the increasing use of computer and smartphones by children, their online safety has been of major concern due to their limited security knowledge and skills. User authentication is pivotal for their security protection, where a body of work focused on children's password practices. The insights from these studies highlight children's lack of awareness and skills in creating a strong password. However, there is a dearth in existing literature to understand the scopes of designs for encouraging and empowering children towards strong passwords. As we begin to address this gap, we leveraged the power of storytelling to foster user attachment, encouragement, and empowerment. To this end, we adopted a systematic approach through a series of studies. First, a focus group session with three experts whose research primarily focuses on children contributed to build the narrative of a story, followed by a participatory design study with 20 children (aged between 8 and 12) to understand their preferences and perceptions of design components for the visual depiction of that narrative. The insights from focus group and participatory design led to the design of 'Story', a digital storytelling based design representing password advice for children. We also created the baseline designs and compared them with Story in a within-subject survey with 44 children aged between 8 and 12. The findings from our study unpack the efficacy of storytelling, leading us to offer guidelines for future research in these directions.

SecKG2vec: A novel security knowledge graph relational reasoning method based on semantic and structural fusion embedding

Knowledge graph technology is widely used in network security design, analysis, and detection. By collecting, organizing, and mining various security knowledge, it provides scientific support for security decisions. Some public Security Knowledge Repositories (SKRs) are frequently used to construct security knowledge graphs. The quality of SKRs affects the efficiency and effectiveness of security analysis. However, the current situation is that the identification of relational information among security knowledge elements is not sufficient and timely, and a large number of key relational information is missing. In view of this, we propose a security knowledge graph relational reasoning method, based on the fusion embedding of semantic correlation and structure correlation, named SecKG2vec. By SecKG2vec, the embedded vector simultaneously presents both semantic and structural characteristics, and it can exhibit better relational reasoning performance. In qualitative evaluation and quantitative experiments with baseline methods, SecKG2vec has better performance in relationship reasoning task and entity reasoning task, and potential capability of 0-shot scenario prediction.

A conceptual hybrid model based on Ethereum for implementing sustainable development goals

The United Nations’ sustainable development goals (SDGs) present a global challenge that demands innovative solutions. Combining emerging technologies can be a transformative approach to achieving these goals and overcoming associated challenges. Blockchain provides a secure and transparent platform, while big data and data mining enable the analysis of vast datasets to identify critical areas and measure progress. Additionally, blockchain facilitates secure knowledge exchange among stakeholders through knowledge sharing and management. Recent research demonstrates the effectiveness of blockchain in implementing SDGs. Our study explores the benefits of various technologies and proposes a hybrid model based on Ethereum. This model leverages additional technologies to enhance performance, increase transparency, and reduce gas fees. This combination empowers informed decision-making and accelerates progress towards a sustainable future.

The Shortest Nuclear Route to Climate Tipping Points to Great Power Competition: Tracing Arctic Security from the Cold War to Now

<p>Arctic security has been growing in popularity across academia, policymaking, and news media. However, this popularity has come with a notable question: what does Arctic security mean and what knowledge underpins it? This study traces the discourse on Arctic security from the Cold War to present examining the emergence of different types of security which range from more traditional variants to wider and deeper readings such as environmental and comprehensive security. I identify key strands of Arctic security discourse, trace their interaction over time, and periodize the region. While the Cold War era was dominated by nuclear and traditional security logics, there have been three main shifts since then including 2) 1990s-2007, 3) 2007-2019, and 4) 2019-present. This research finds that Arctic security knowledge clearly follows global security trends. Thus, as security has widened and deepened globally, so too have the potential meanings of Arctic security expanded. However, there is a clear hierarchy in today’s general discourse regarding what issues take center stage for the Arctic such as great power competition and climate change. This is in contrast to the Arctic Council, which takes into account all but military security definitions for Arctic security and integrates them in a relatively balanced way. This has implications for ocean governance institutions and the degree to which traditional military security concerns should be left out of broader ocean governance.</p>

Building awareness of the role of knowledge: risks of knowledge for public security and organisations

Building awareness of the role of knowledge: risks of knowledge for public security and organisations

Survey on Quality Assurance of Smart Contracts

As blockchain technology continues to advance, the secure deployment of smart contracts has become increasingly prevalent, underscoring the critical need for robust security measures. This surge in usage has led to a rise in security breaches, often resulting in substantial financial losses for users. This paper presents a comprehensive survey of smart contract quality assurance, from understanding vulnerabilities to evaluating the effectiveness of detection tools. Our work is notable for its innovative classification of forty smart contract vulnerabilities, mapping them to established attack patterns. We further examine nine defense mechanisms, assessing their efficacy in mitigating smart contract attacks. Furthermore, we develop a labeled dataset as a benchmark encompassing ten common vulnerability types, which serves as a critical resource for future research. We also conduct comprehensive experiments to evaluate fourteen vulnerability detection tools, providing a comparative analysis that highlights their strengths and limitations. In summary, this survey synthesizes state-of-the-art knowledge in smart contract security, offering practical recommendations to guide future research and foster the development of robust security practices in the field.

Wild edible plants of the Yao people in Jianghua, China: plant-associated traditional knowledge and practice vital for food security and ecosystem service

BackgroundTraditional ecological knowledge (TEK) and practice associated with wild edible plants (WEPs) is an important part of local culture of the Yao people in Jianghua Yao Autonomous County, which possesses the biggest population of Yao ethnic group in China. Economic development, urbanization, and transition of lifestyle and changing interests of the younger generations risk loss of such valuable knowledge. However, no record had been reported about WEPs from the Yao communities of Jianghua County. It is urgent to assemble data on the major WEPs and their uses in Jianghua. This can be used to educate and stimulate new interest in these WEPs, to aid inheritance and improvement of cultural identity and confidence, to enhance local resilience to various changes and to suggest pathways for novel and value-added applications to create new local business opportunities.MethodsTo record WEPs associated with TEK and practice, we conducted field surveys in 2018, 2019 and 2023. The ethnobotanical methods such as free-listing, participatory observation, semi-structured interview, and market survey were adopted in the field investigations. Information about WEPs including vernacular names, parts used, ways of use, and collection time were recorded. Voucher specimens were collected, identified, and deposited in the herbarium at Minzu University of China, in Beijing.ResultsTotally, 81 Yao people from 12 villages were interviewed. WEPs traditionally play a crucial role in Yao peoples’ daily lives. A total of 130 plant species from 89 genera and 49 families were recorded. The plants collected showed great diversity and reflected unique local culture. Most (54.5%) WEPs were also used as medicines. Baba can be defined as a cultural identity food, and WEPs are commonly used as tea substitutes for their health benefits.ConclusionsWe conclude that WEPs use is facing great challenges in a rapidly changing era. Preservation of WEPs related practice and knowledge is not only important for conserving local biocultural diversity, but also valuable in providing potential functional and healthy materials for food security and future economic development. Cultivation of young generations’ interest in nature and biodiversity, combined with local policy to enhance public awareness are recommended.

Cyber Defense Using Cyber Threat Intelligence to Anticipate and Avoid Future Cyber Attacks

Research objective: This study evaluates the efficiency of cyber threat intelligence (CTI) for predicting and mitigating cyber threats, which is important in business today. Organisations endure cyber assaults and fight cyber crimes, which threaten commercial exposure. CTI is a proactive approach to these risks since it gives the finest methods and relevant information on potential cyber crimes. Research significance: This review article analyses the literature in the context to find gaps and include ethical research practices. This systematic study may determine how threat intelligence improves cyber security knowledge and eliminates cyber threats by examining assessable information. It may guide the development of new threat intelligence-influencing methods and frameworks. Methodology: Through a qualitative approach based on the systematic review, the study goals were evaluated, analysed, and explained. PRISMA chart was also used to describe exclusion and inclusion study criteria to ensure correct data gathering. The results were presented in a thematic analysis while examining article dependability, quality, and validity. The author used inductive research to reach the primary study conclusions. Using observations or data, inductive inquiry creates hypotheses or generalisations. Research findings: Threat intelligence may considerably increase an organisation's ability to anticipate and prevent cyber threats. The literature emphasised that threat information improves incident response, identifies new threats, and strengthens cyber security. Organisations should continually train and educate cyber security personnel to increase threat intelligence utilisation. Instruct incident response, threat intelligence analysis, and emerging threat trends.CTI helps a company grow smoothly and achieve its goals.

Implementing Privacy Preserving Techniques in Distributed Big Data Framework on Cloud Computing

Cloud-based deployment architectures have emerged as the preferred model for Big Data operations due to their scalability, flexibility, and cost-effectiveness. However, this shift raises new security concerns as data is no longer directly under the user's control. Securing Big Data in cloud environments is crucial for widespread adoption, but developing a comprehensive security plan is challenging without a thorough analysis of potential vulnerabilities.To address this, a novel security-by-design framework for Big Data deployment on cloud computing, termed Big Cloud, is proposed in this article. The framework leverages systematic security analysis methodologies and automated assessment tools to map domain-specific security knowledge to design best practices. Validation of the framework was conducted through an Apache Hadoop stack use case, demonstrating its effectiveness in enhancing security awareness and reducing design time.The study also evaluates the framework's strengths and limitations, identifying key challenges in the Big Cloud domain.

‘Listening to my readers’: Exploring the ‘Personal literacies landscapes’ of beginner readers

This study takes a more holistic look at reading support, to explore what else is happening in this teaching and learning context, beyond the acquisition of a more secure knowledge of decoding skills. Children are deemed in need of a reading support intervention when their literacy skills are assessed as being significantly below the levels expected by their school for their age, and these difficulties can often negatively impact both upon their confidence as a learner, and also upon their enjoyment of literacy activities in school. Confidence and enjoyment in literacy learning is tacitly presumed to re-emerge once these skills are gained, boosted by the intervention’s focus on the cognitive technical decoding skills. This can often lead to less choice and agency in their reading activities than their peers enjoy. However, the findings of this study suggest that building in activities that promote enjoyment in literacy learning, confidence as a learner and a sense of agency do not detract from the cognitive gains, but seem to boost them. A key aspect of this is linking reading support activities to the literacy activities that the learner enjoys at home as well as in school. This is theorised as an individual’s ‘Personal Literacies Landscape’: all the different texts that they have seen or heard, even if they cannot access them independently, that have contributed to their ways of being in the world.

Sharing is caring: Designing incentive rebate strategies for information‐sharing alliances

AbstractInformation security plays a crucial role in organizational governance and management, and information‐sharing alliances (ISAs) have emerged as effective platforms for the secure and controlled sharing of information security knowledge. Despite their potential, many ISAs face financial and operational challenges, including inadequate pricing policies and insufficient incentives for information sharing. This study addresses these challenges by proposing a modeling framework for the fee rebate strategies that ISAs can deploy to motivate effective information sharing. Taking into account the economic implications of both information sharing and information security technology investment, we propose two ISA‐based pricing rebate strategies for information sharing: the split‐return rebate strategy and the swap‐return rebate strategy. Analytical and numerical analyses are conducted to demonstrate the dynamics in different ISA settings under these pricing rebate strategies. The results suggest that in addition to firm size, the price for participating in sharing should be adjusted based on each participating firm's technology investment level, its information‐sharing level, and the marginal cost of information sharing. Also, by focusing on various information‐sharing environments, the study identifies specific conditions under which unfair sharing practices are likely to occur.

Enhancing IoT Security with Activity-Based Attack Modeling and Hybrid Classification Techniques

The proliferation of Internet of Things (IoT) devices in industrial environments (Industrial IoT or IIoT) has brought about significant advancements in automation and data analytics. However, the integration of these devices also introduces new security vulnerabilities, making them prime targets for cyber-attacks. This study aims to enhance the security of IIoT systems by employing an activity-based attack modeling approach coupled with hybrid classification techniques. Our proposed method leverages a hybrid GRU-LSTM model to detect and mitigate security threats in real-time. Activity-based attack modeling involves the analysis of device behavior and the identification of deviations from normal activity patterns. By focusing on the contextual behavior of IIoT devices, we can more accurately detect anomalies indicative of potential security breaches. The hybrid GRU-LSTM model, which combines the strengths of Gated Recurrent Units (GRUs) and Long Short-Term Memory (LSTM) networks, is utilized to process the sequential data generated by IIoT devices. This combination enhances the model's ability to capture both short-term and long-term dependencies in the data, improving the detection accuracy of complex attack patterns. Our experimental results demonstrate that the proposed hybrid GRU-LSTM model achieves an impressive accuracy rate of 98.18% in identifying various types of cyber-attacks on IIoT systems. The implementation of this model at the edge of IIoT networks ensures real-time threat detection and response, minimizing the latency and reducing the dependency on centralized cloud computing resources. In conclusion, this research presents a robust and efficient approach to enhancing IIoT security through the integration of activity-based attack modeling and advanced hybrid classification techniques. The high accuracy of the proposed method highlights its potential for widespread adoption in securing IIoT environments against evolving cyber threats. This work contributes to the growing body of knowledge in IoT security and paves the way for further innovations in protecting industrial systems from cyber-attacks.

Modernisasi UMKM: Merancang Tahapan Implementasi Berbasis Sistem untuk Mengatasi Ancaman Siklus Persediaan (Studi Kasus pada UMKM X)

Micro, Small, and Medium Enterprises (MSMEs) play a crucial role in the economic recovery of Indonesia by contributing significantly 60% of Indonesia's GDP and employing 96% of the national workforce. However, internal challenges arise as employee-instigated theft and embezzlement resurface due to a lack of security knowledge among MSME owners. This knowledge gap poses a growing risk as MSMEs become more susceptible to fraud, particularly in relation to inventory cycles. MSME X has been chosen as the subject of this research due to its limited understanding of the importance of internal control systems and the non-execution of an accounting information system, notably in the manufacturing sector, where theft risks are heightened. The inventory cycle is closely linked to the sales, purchasing, and production cycles due to the involvement of raw materials, semi-finished goods, and finished goods. The study adopts applied research methods, utilizing both primary (interviews and observations) and secondary data (literature studies). Findings reveal inadequate control activities in MSME X, exacerbated by the absence of functional separation and proper documentation for inventory transactions. Recommendations include a five-stage implementation plan, starting with flowchart creation, CCTV installation, and personnel recruitment. The middle stage involves additional recruitment and transitioning to a digital accounting information system for process integration. The final stage integrates the accounting information system with external parties. Performance evaluations will be conducted at each stage to assess the effectiveness of the accounting information system in minimizing risks

Employees are not the weakest link: an occupational safety view of information security

PurposeI adapt the Integrated Model of Workplace Safety (Christian et al., 2009) to information security and highlight the need to understand additional factors that influence security compliance and additional security outcomes that need to be studied (i.e. security participation).Research limitations/implicationsThis model argues that distal factors in four major categories (employee characteristics, job characteristics, workgroup characteristics and organizational characteristics) influence two proximal factors (security motivation and security knowledge) and the security event itself, which together influence two important outcomes (security compliance and security participation).Practical implicationsSafety is a systems design issue, not an employee compliance issue. When employees make poor safety decisions, it is not the employee who is at fault; instead, the system is at fault because it induced the employee to make a poor decision and enabled the decision to have negative consequences.Social implicationsSecurity compliance is as much a workgroup issue as an individual issue.Originality/valueI believe that by reframing information security from a compliance issue to a systems design issue, we can dramatically improve security.

Assessing teachers' fire security knowledge, training effectiveness and attitudinal changes: a cross‐sectional study in Turkey

AbstractThe purpose of this study was to determine the knowledge level of teachers about basic fire and extinguishing and the effectiveness of the fire training received. This is a cross‐sectional study. The research population comprises teachers employed in educational institutions affiliated with the Ministry of National Education (MNE) in Konya, Turkey, during the year 2021. The sample of this research consisted of 2649 participants who voluntarily agreed to participate in the research and answered all questions completely. Data were collected from the questionnaire forms prepared by the researchers by examining the literature in the electronic environment via Google Forms. Of the participants, 53.7% were women, 39.8% were between the ages of 35 and 44 and 93.0% were working as teachers. The fire safety knowledge score is higher for those who attended the fire training. While the fire knowledge score increased as the end‐of‐training attainment score increased in those receiving fire training, no significant relationship was found between the education environment and content score, the educator effectiveness score, the status of having a fire extinguishing task and having encountered a fire and this score. Teachers' fire safety knowledge score is higher and at a moderate level compared to the attitude score. Participating in fire education positively affects both knowledge and attitude toward fire.

Apicultural Knowledge for Ecological Sustainability, Food Security and Economic Empowerment: A Case of Kajiado County, Kenya

Kajiado County, located in Kenya, faces interconnected challenges of ecological sustainability, food security, and economic empowerment. Amidst these challenges, beekeeping has emerged as a promising solution with the potential to address these multifaceted issues. This study examined the apiculture knowledge in Kajiado County, Kenya, for ecological sustainability, food security, and economic empowerment. The research utilized a mixed-method approach to collect data from beekeepers. The data collection methods used were observations, interviews, and focus group discussions. Data was analyzed using summary statistics and presented in the form of percentages and descriptions. The study revealed that the main motivation for beekeeping for all farmers was honey production while 30% kept bees for cultural practices and medicinal purposes. Beekeepers faced a myriad of challenges which ranged from negative attitudes towards beekeeping by young people at 10% to dry climatic conditions at 100%. Other major challenges included swarming of bees at 75% and attacks by pests and rodents at 83%. These problems were solved by providing water to the bees which was practiced by 100% of the beekeepers, removal of pests manually at 75%, and use of special indigenous trees to make hives with cooler temperatures. As an alternative source of livelihood in the ASALs being championed by the County governments since it is less affected by the adverse effects of climate change, the uptake of apicultural practices is still low in Kajiado largely due to a strong attachment to pastoralism. The apicultural practices in Kajiado County are largely small-scale and traditional with insignificant modernization. However, its practice has led to the management and conservation of some shrubs and trees, hence biodiversity conservation. The study recommends that traditional beekeepers be supported through the provision of relevant knowledge of beekeeping and modern equipment in order to increase both the quantity and quality of honey production for enhanced food security, economic empowerment and ecological sustainability.

Enhancing Big Data Security through Comprehensive Data Protection Measures: A Focus on Securing Data at Rest and In-Transit

Purpose: This research paper aims to enhance Big Data security by implementing comprehensive data protection measures, focusing on securing data at rest and in transit. In the era of Big Data, organizations handle vast quantities of data characterized by high velocity, volume, and variety, which complicates management and increases security risks. Methodology: The study examines various data protection strategies, including encryption, access control, data masking, immutable storage, tokenization, and physical security for data at rest. For data in transit, it explores encryption protocols, secure transfer methods like SSH and TLS, VPNs, Zero Trust architecture, and secure APIs. These methods are crucial for safeguarding sensitive information and preventing unauthorized access. Findings: The findings highlight common security challenges in Big Data, such as data breaches, unauthorized access, and integrity issues. The study emphasizes the need for robust protection measures and offers a comprehensive view of the data security landscape. Implementing these strategies helps organizations safeguard sensitive information and ensure compliance with international data protection regulations, enhancing their overall security posture. Unique contribution to theory policy and practice: This paper contributes to theory, policy, and practice by advocating comprehensive data protection strategies. It stresses the importance of continuous monitoring and regulatory compliance, providing practical insights into best practices and technologies that protect Big Data. The research supports developing robust data protection policies and practices, advancing knowledge in Big Data security.

Warning deterrence or knowledge guidance? Research on triggering mechanism of phishing sensitivity

Using S-O-R model, this study explores the triggering mechanism of phishing sensitivity caused by security warning deterrence, security knowledge guidance, and security warning deterrence + security knowledge guidance. Study 1 explores the triggering effect of these three types of stimuli on phishing sensitivity through online experiments, and considers the moderating effect based on phishing situation. The results show that knowledge guidance and warning deterrence + knowledge guidance have significant triggering effects on phishing sensitivity, whereas warning deterrence has no such effects. The phishing situation plays a moderating role. In study 2, a cognitive neural experiment is conducted. The functional near-infrared spectroscopy (fNIRS) technology is used to explore S-O-R triggering mechanism of phishing sensitivity mediated by cognitive processing and trust. The results show that both cognitive processing and trust play a mediating role between security intervention and phishing sensitivity. The research results have important theoretical value and practical significance for improving phishing sensitivity.