Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher.
Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?
Some links on this page may take you to non-federal websites. Their policies may differ from this site.
-
null (Ed.)In this paper, we propose that the theory of planned behavior (TPB) with the additional factors of awareness and context-based information can be used to positively influence users' cybersecurity behavior. A research model based on TPB is developed and validated using a user study. As a proof-of-concept, we developed a mobile cybersecurity news app that incorporates context-based information such as location, search history, and usage information of other mobile apps into its article recommendations and warning notifications to address user awareness better. Through a survey of 100 participants, the proposed research model was validated, and it was confirmed that context-based information positively influences users' awareness in cybersecurity.more » « less
-
null ; null ; null (Ed.)Program slicing is a common technique to help reconstruct the path of execution a program has taken. It is beneficial for assisting developers in debugging their programs, but its usefulness depends on the slice accuracy that can be achieved, which is limited by the sources of information used in building the slice. In this paper, we demonstrate that two sources of information, namely program logs, and stack traces, previously used in isolation to build program slices, can be combined to build a program slicer capable of handling more scenarios than either method individually. We also demonstrate a sample application of our proposed slicing approach by showing how our slicer can deduce integer inputs that will recreate the detected error’s execution path.more » « less
-
null (Ed.)Log analysis is a technique of deriving knowledge from log files containing records of events in a computer system. A common application of log analysis is to derive critical information about a system's security issues and intrusions, which subsequently leads to being able to identify and potentially stop intruders attacking the system. However, many systems produce a high volume of log data with high frequency, posing serious challenges in analysis. This paper contributes with a systematic literature review and discusses current trends, advancements, and future directions in log security analysis within the past decade. We summarized current research strategies with respect to technology approaches from 34 current publications. We identified limitations that poses challenges to future research and opened discussion on issues towards logging mechanism in the software systems. Findings of this study are relevant for software systems as well as software parts of the Internet of Things (IoT) systems.more » « less
-
null (Ed.)Logging is a vital part of the software development process. Developers use program logging to monitor program execution and identify errors and anomalies. These errors may also cause uncaught exceptions and generate stack traces that help identify the point of error. Both of these sources contain information that can be matched to points in the source code, but manual log analysis is challenging for large systems that create large volumes of logs and have large codebases. In this paper, we contribute a systematic mapping study to determine the state-of-the-art tools and methods used to perform automatic log analysis and stack trace analysis and match the extracted information back to the program's source code. We analyzed 16 publications that address this issue, summarizing their strategies and goals, and we identified open research directions from this body of work.more » « less
-
null (Ed.)In modern computing, log files provide a wealth of information regarding the past of a system, including the system failures and security breaches that cost companies and developers a fortune in both time and money. While this information can be used to attempt to recover from a problem, such an approach merely mitigates the damage that has already been done. Detecting problems, however, is not the only information that can be gathered from log files. It is common knowledge that segments of log files, if analyzed correctly, can yield a good idea of what the system is likely going to do next in real-time, allowing a system to take corrective action before any negative actions occur. In this paper, the authors put forth a systematic map of this field of log prediction, screening several hundred papers and finally narrowing down the field to approximately 30 relevant papers. These papers, when broken down, give a good idea of the state of the art, methodologies employed, and future challenges that still must be overcome. Findings and conclusions of this study can be applied to a variety of software systems and components, including classical software systems, as well as software parts of control, or the Internet of Things (IoT) systems.more » « less
-
Network Intrusion Detection in Smart Grids for Imbalanced Attack Types Using Machine Learning ModelsSmart grid has evolved as the next generation power grid paradigm which enables the transfer of real time information between the utility company and the consumer via smart meter and advanced metering infrastructure (AMI). These information facilitate many services for both, such as automatic meter reading, demand side management, and time-of-use (TOU) pricing. However, there have been growing security and privacy concerns over smart grid systems, which are built with both smart and legacy information and operational technologies. Intrusion detection is a critical security service for smart grid systems, alerting the system operator for the presence of ongoing attacks. Hence, there has been lots of research conducted on intrusion detection in the past, especially anomaly-based intrusion detection. Problems emerge when common approaches of pattern recognition are used for imbalanced data which represent much more data instances belonging to normal behaviors than to attack ones, and these approaches cause low detection rates for minority classes. In this paper, we study various machine learning models to overcome this drawback by using CIC-IDS2018 dataset [1].more » « less
-
A mental model is a useful tool for describing user's general mental processes that go into certain actions. In this paper, we investigate how to enhance the usability of security applications by considering human factors. Specifically, we study how to better understand and develop the user's mental model in the context of computer security through the use of the reasoned action approach (RAA). RAA explains that a user's behavior is determined by her intention to perform the behavior and the intention is, in turn, a function of attitudes towards the behavior, perceived norms (or social pressure), and perceived behavior control (capacity and relevant skills/abilities). A user study was conducted to test the validity of each of the main components of the model. Our user study concluded that alterations to a computer security application improved by the analysis through the mental model created improved user behavior.more » « less