skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Sonifying Internet Security Threats
The Internet enables users to access vast resources, but it can also expose users to harmful cyber-attacks. It is imperative that users be informed about a security incident in a timely manner in order to make proper decisions. Visualization of security threats and warnings is one of the effective ways to inform users. However, visual cues are not always accessible to all users, and in particular, those with visual impairments. This late-breaking-work paper hypothesizes that the use of proper sounds in conjunction with visual cues can better represent security alerts to all users. Toward our research goal to validate this hypothesis, we first describe a methodology, referred to as sonification, to effectively design and develop auditory cyber-security threat indicators to warn users about cyber-attacks. Next, we present a case study, along with the results, of various types of usability testing conducted on a number of Internet users who are visually impaired. The presented concept can be viewed as a general framework for the creation and evaluation of human factor interactions with sounds in a cyber-space domain. The paper concludes with a discussion of future steps to enhance this work.  more » « less
Award ID(s):
1347521
PAR ID:
10186852
Author(s) / Creator(s):
; ; ;
Date Published:
Journal Name:
CHI EA '16: Proceedings of the 2016 CHI Conference Extended Abstracts on Human Factors in Computing Systems
Page Range / eLocation ID:
2306 to 2313
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; (, SN Applied Sciences)
    AbstractThis paper reports a formative evaluation of auditory representations of cyber security threat indicators and cues, referred to as sonifications, to warn users about cyber threats. Most Internet browsers provide visual cues and textual warnings to help users identify when they are at risk. Although these alarming mechanisms are very effective in informing users, there are certain situations and circumstances where these alarming techniques are unsuccessful in drawing the user’s attention: (1) security warnings and features (e.g., blocking out malicious Websites) might overwhelm a typical Internet user and thus the users may overlook or ignore visual and textual warnings and, as a result, they might be targeted, (2) these visual cues are inaccessible to certain users such as those with visual impairments. This work is motivated by our previous work of the use of sonification of security warnings to users who are visually impaired. To investigate the usefulness of sonification in general security settings, this work uses real Websites instead of simulated Web applications with sighted participants. The study targets sonification for three different types of security threats: (1) phishing, (2) malware downloading, and (3) form filling. The results show that on average 58% of the participants were able to correctly remember what the sonification conveyed. Additionally, about 73% of the participants were able to correctly identify the threat that the sonification represented while performing tasks using real Websites. Furthermore, the paper introduces “CyberWarner”, a sonification sandbox that can be installed on the Google Chrome browser to enable auditory representations of certain security threats and cues that are designed based on several URL heuristics. Article highlightsIt is feasible to develop sonified cyber security threat indicators that users intuitively understand with minimal experience and training.Users are more cautious about malicious activities in general. However, when navigating real Websites, they are less informed. This might be due to the appearance of the navigating Websites or the overwhelming issues when performing tasks.Participants’ qualitative responses indicate that even when they did not remember what the sonification conveyed, the sonification was able to capture the user’s attention and take safe actions in response. 
    more » « less
  2. ; (, ADMI 2022:The Symposium of Computing at Minority Institutions)
    This report discusses Digital Forensics and Cyber-Security and different vulnerabilities that put the users at risk of compromising their sensitive data and making it available to attackers. With the raising of new threats aiming at technology, some people are not aware of hackers stealing their data. This study will discuss what Cyber-Security is and how many people are aware of what it all entails. This study will also recommendations on how to recognize attacks and learn basic terms to help inform the public. The study utilizes surveys of students from Hampton University so the authors can make the proper analysis and recommendations regarding the issue. 
    more » « less
  3. ; ; ; (, NMIOTC Maritime interdiction operations journal)
    For years, there has been discussion about physical security in the maritime transportation system (MTS). That discussion has led to standards, regulations, etc. In recent years, there has been an increasing interest in cyber security in the MTS that has led to discussions about best practices for cyber security. It is likely that many future attacks on the MTS (and other systems) will be multi-modal, including both a cyber and a physical component. As a simple example, hacking into security cameras at a port increases vulnerability to a physical intrusion. Thus, a cyber attack could be a precursor to a physical attack, and in fact the opposite could also be the case. This paper presents scenarios of combined cyber and physical attacks and describes ways to understand their likelihood based on ease of attack and seriousness of potential consequences. 
    more » « less
  4. ; (, ADMI 2021: The Symposium of Computing at Minority Institutions)
    null (Ed.)
    This report was made to develop a deeper understanding of what could be done to help better protect computer systems through ways other than simply creating programs. Human error, negligence, and apathy are also problems when it comes to preventing issues with safely browsing the internet or preventing cyber-attacks. Warnings can become too wordy, not be concise enough, not be present enough to notice, and these basic issues can cause even bigger problems. When the layout and functions of a website or an operating system become unclear, there’s an entire branch of computer science principles that can be utilized to make it manageable for people to use, and that is where Human-Computer Interaction (HCI) comes in. By analyzing what makes specific HCI principles effective, the potential to reduce, or possibly eliminate, flaws within cyber security caused by users or perpetuated by poor design choices by the creator. 
    more » « less
  5. ; ; ; ; (, Journal of Computing and Information Science in Engineering)
    Abstract The advancement of sensing technology enables efficient data collection from manufacturing systems for monitoring and control. Furthermore, with the rapid development of the Internet of Things (IoT) and information technologies, more and more manufacturing systems become cyber-enabled, facilitating real-time data sharing and information exchange, which significantly improves the flexibility and efficiency of manufacturing systems. However, the cyber-enabled environment may pose the collected sensor data under high risks of cyber-physical attacks during the data and information sharing. Specifically, cyber-physical attacks could target the manufacturing process and/or the data transmission process to maliciously tamper the sensor data, resulting in false alarms or failures in anomaly detection in monitoring. In addition, the cyber-physical attacks may also enable illegal data access without authorization and cause the leakage of key product/process information. Therefore, it becomes critical to develop an effective approach to protect data from these attacks so that the cyber-physical security of the manufacturing systems could be assured in the cyber-enabled environment. To achieve this goal, this paper proposes an integrative blockchain-enabled data protection method by leveraging camouflaged asymmetry encryption. A real-world case study that protects cyber-physical security of collected sensor data in additive manufacturing is presented to demonstrate the effectiveness of the proposed method. The results demonstrate that malicious tampering could be detected in a relatively short time (less than 0.05ms) and the risk of unauthorized data access is significantly reduced as well. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email