Related papers: Towards a Security Lifecycle Model against Social …
Educating the users on the essential of information security is very vital and important to the mission of establishing a sustainable information security in any organization and institute. At the University Technology Malaysia (UTM), we…
In safety-critical software systems, cybersecurity activities become essential, with risk assessment being one of the most critical. In many software teams, cybersecurity experts are either entirely absent or represented by only a small…
A number of determinants predict the adoption of Information Systems (IS) security innovations. Amongst, perceived vulnerability of IS security threats has been examined in a number of past explorations. In this research, we examined the…
Large language models (LLMs) have revolutionized how we interact with machines. However, this technological advancement has been paralleled by the emergence of "Mallas," malicious services operating underground that exploit LLMs for…
As cyber threats increasingly exploit human behaviour, technical controls alone cannot ensure organisational cybersecurity (CS). Strengthening cybersecurity culture (CSC) is vital in safety-critical industries, yet empirical research in…
The work of Emergency Management (EM) agencies requires timely collection of relevant data to inform decision-making for operations and public communication before, during, and after a disaster. However, the limited human resources…
Secure software engineering is a fundamental activity in modern software development. However, while the field of security research has been advancing quite fast, in practice, there is still a vast knowledge gap between the security experts…
Solving cybersecurity issues requires a holistic understanding of components, factors, structures and their interactions in cyberspace, but conventional modeling approaches view the field of cybersecurity by their boundaries so that we are…
Cybersecurity awareness is shaped by a wide range of professional and personal experiences, including information and training at work and the sharing of news and other content at home. In order to explore how people discover cybersecurity…
Social Engineering has emerged as a significant threat in cyber security. In a dialog based attack, by having enough of a potential victim's personal data to be convincing, a social engineer impersonates the victim in order to manipulate…
Security questions are one of the mechanisms used to recover passwords. Strong answers to security questions (i.e. high entropy) are hard for attackers to guess or obtain using social engineering techniques (e.g. monitoring of social…
The interactive nature of Large Language Models (LLMs), which closely track user data and context, has prompted users to share personal and private information in unprecedented ways. Even when users opt out of allowing their data to be used…
Social engineering has posed a serious threat to cyberspace security. To protect against social engineering attacks, a fundamental work is to know what constitutes social engineering. This paper first develops a domain ontology of social…
The article presents a study using attacks such as a fake access point and a phishing page. The previous publications on social engineering have been reviewed, statistics of break-ups are analyzed and directions and mechanism of realization…
As large language models (LLMs) permeate more and more applications, an assessment of their associated security risks becomes increasingly necessary. The potential for exploitation by malicious actors, ranging from disinformation to data…
The exchange of personal information in digital environments poses significant risks, including identity theft, privacy breaches, and data misuse. Addressing these challenges requires a deep understanding of user behavior and mental models…
This review explores the academic and policy literature in the context of everyday cyber security in organisations. In so doing, it identifies four behavioural sets that influences how people practice cyber security. These are compliance…
Prompt leakage poses a compelling security and privacy threat in LLM applications. Leakage of system prompts may compromise intellectual property, and act as adversarial reconnaissance for an attacker. A systematic evaluation of prompt…
Large Language Models (LLMs) have rapidly evolved over the past few years and are currently evaluated for their efficacy within the domain of offensive cyber-security. While initial forays showcase the potential of LLMs to enhance security…
We live in a virtual world where actual lifestyles are replicated. The growing reliance on the use of social media networks worldwide has resulted in great concern for information security. One of the factors popularizing the social media…