The Interplay of Information Processing, Mindfulness, and Affective State in Phishing Detection

2023 | International Conference on Information Systems | Citations: 0

Authors: Bera, Debalina; Kim, Dan

Abstract: This study investigates the effect of individuals' information processing modes ... Expand

Abstract: This study investigates the effect of individuals' information processing modes on phishing email detection mechanisms and accuracy. Drawing on the heuristic-systematic model of processing, mindful decision-making, and affect-and-persuasion literature, this study examines the antecedents (i.e., heuristic, systematic processing, general and domain mindfulness, and affective state) and behavioral consequences (i.e., detection accuracy) in phishing identification. Using a scenario-based survey experiment this study shows mindfulness and affectivity navigate information processing mechanisms, thus influence phishing detection accuracy. It aims to contribute to information security literature by examining novel associations between general, domain mindfulness and its effect on online users' information processing strategy and phishing detection accuracy. Furthermore, this study contributes to phishing training and awareness by identifying the function of cognitive-affective (affective states, trait mindfulness) and cognitive-behavioral (domain mindfulness) factors on the choice of information processing modes and phishing detection accuracy. Finally, the affective states might help improve the efficacy of automatic filters. Collapse

Topics: phishing mindfulness electronic mail email phishing data security

Methods: experiment survey partial least squares regression machine learning laboratory experiment

Theories: protection motivation theory

A Genetic Algorithm Based Consensus Reaching Method on Malware Labels

2023 | Americas Conference on Information Systems | Citations: 0

Authors: Hsiao, Shun-Wen; Wang, Shih-Yu

Abstract: In the field of cybersecurity, antivirus vendors produce malware labels, known ... Expand

Abstract: In the field of cybersecurity, antivirus vendors produce malware labels, known as AV labels, to categorize malware samples based on their behavior. Such labels are used by researchers for future analysis. Unfortunately, their inconsistent format and naming cause clutter and reduce trustworthiness because the naming was based on each antivirus vendor's viewpoints. Previous approaches to solving this problem have relied on majority voting, but this method is prone to bias. To address this issue, we introduce a novel scoring system, the Pairwise Consensus Score (PCS), which scores the result by labeling logic instead of the cacophonous labels. Our consensus reaching method then uses PCS and a Genetic Algorithm to find the best label to represent the malware. The entire process clusters and rename malware samples based on the agreement among different antivirus vendors providing more consistent and trustworthy AV labels for malware samples. Collapse

Topics: malware

Methods: computational algorithm experiment

Visualizing Convolutional Neural Network Models’ Sensitivity to Nonnatural Data Order

2023 | Information Systems Frontiers | Citations: 0

Authors: Klepetko, Randy; Krishnan, Ram

Abstract: Convolutional neural networks (CNN) have revolutionized image recognition techno ... Expand

Abstract: Convolutional neural networks (CNN) have revolutionized image recognition technology and found applications in various nonimage-related fields. For nonnatural data, such as cybersecurity packets, in which the data sample order is not defined by nature, some models trained on certain orderings of data perform better than when trained with other orderings. Some orderings create patterns from which the CNN extracts better features. Understanding how to best order the training data to improve CNN performance is not well-studied. In this study, we investigate this problem by examining malware infections using different CNN models and include visualization tools to enhance our analysis. We define a functional algorithm for ordering and show that order importance in CNNs is model dependent. In addition, we show that depending on the model, statistical relationships are crucial in establishing order with better performance. Collapse

Topics: malware mobile system cloud computing infrastructure as a service

Methods: experiment descriptive statistic machine learning computational algorithm Keras

The effects of knowledge mechanisms on employees' information security threat construal

2023 | Information Systems Journal | Citations: 1

Authors: Mady, Ashraf; Gupta, Saurabh; Warkentin, Merrill

Abstract: Organisations implement a variety of knowledge mechanisms such as information se ... Expand

Abstract: Organisations implement a variety of knowledge mechanisms such as information security education, training and awareness (SETA) programs and information security policies, to influence employees' secure behaviour. Despite increased efforts to provide information systems (IS) security knowledge to employees, data breaches and other security incidents resulting from insider behaviour continue. Recent IS security research, primarily grounded on assumptions of employees' rational assessment of numerous factors, has yielded inconsistent results. Challenging this paradigm, we model secure behaviour on security knowledge mechanisms, which focuses on the multidimensional nature of security knowledge breadth, depth and finesse to represent the full array of managerial levers. We further draw on construal level theory to conceptualise users' perceptual judgements of security messages. Two studies support our model, with the second building on the first. Study 1, an experiment with 312 participants, focused on validating the treatments. Study 2, a survey with 219 participants, validated the entire model. Results showed that our model has significantly more explanatory and predictive power than the orthodox paradigm. Our results have practical implications for optimising the organisation of knowledge mechanisms by emphasising the personal relevance of threats and defining the factors that lead to secure behaviour. We also contribute to the discourse on information security research and provide a template for integrating theories, thus opening new avenues for future research. Collapse

Topics: data security email phishing security policy IT security task complexity

Methods: survey experiment Student's t-test parametric test survey design

Theories: construal level theory security compliance theory

Applying Dispositional, Situational, and Organizational Risk Propensity to Technology Threat Avoidance Theory - A tripartite View

2023 | European Conference On Information Systems | Citations: 0

Authors: Pfaff, Theresa; Nastjuk, Ilja; Matschak, Tizian

Abstract: Human error is one of the biggest cybersecurity vulnerabilities in organization ... Expand

Abstract: Human error is one of the biggest cybersecurity vulnerabilities in organizations, making organizational security solutions become ineffective. It is therefore crucial for organizations to adapt their risk management in concordance to arising threats. Using the Technology Threat Avoidance Theory (TTAT) as a theoretical lens, this article investigates the relationship between security threats, employees' risk perception, and avoidance behavior. While recent research has suggested that an individual's dispositional risk propensity can influence the perception of technology threats, we argue that additional risk facets, namely situational and organizational risk propensity, can influence employees' threat perception. Through a scenario-based online experiment, our study reveals that risk perception in a work environment is not a static risk assessment but rather depends on situational aspects and the organization's risk propensity. Our study contributes to existing research by investigating the different aspects of risk-taking in an organizational context improving our understanding of employees' behavior at work. Collapse

Topics: electronic mail self efficacy malware website IT security

Methods: survey experiment PLS tool partial least squares path modeling computational algorithm

Theories: technology threat avoidance theory

Towards Adversarially Superior Malware Detection Models: An Adversary Aware Proactive Approach using Adversarial Attacks and Defenses

2023 | Information Systems Frontiers | Citations: 1

Authors: Rathore, Hemant; Samavedhi, Adithya; Sahay, Sanjay K.; Sewak, Mohit

Abstract: The android ecosystem (smartphones, tablets, etc.) has grown manifold in the las ... Expand

Abstract: The android ecosystem (smartphones, tablets, etc.) has grown manifold in the last decade. However, the exponential surge of android malware is threatening the ecosystem. Literature suggests that android malware can be detected using machine and deep learning classifiers; however, these detection models might be vulnerable to adversarial attacks. This work investigates the adversarial robustness of twenty-four diverse malware detection models developed using two features and twelve learning algorithms across four categories (machine learning, bagging classifiers, boosting classifiers, and neural network). We stepped into the adversary’s shoes and proposed two false-negative evasion attacks, namely GradAA and GreedAA, to expose vulnerabilities in the above detection models. The evasion attack agents transform malware applications into adversarial malware applications by adding minimum noise (maximum five perturbations) while maintaining the modified applications’ structural, syntactic, and behavioral integrity. These adversarial malware applications force misclassifications and are predicted as benign by the detection models. The evasion attacks achieved an average fooling rate of 83.34% (GradAA) and 99.21% (GreedAA) which reduced the average accuracy from 90.35% to 55.22% (GradAA) and 48.29% (GreedAA) in twenty-four detection models. We also proposed two defense strategies, namely Adversarial Retraining and Correlation Distillation Retraining as countermeasures to protect detection models from adversarial attacks. The defense strategies slightly improved the detection accuracy but drastically enhanced the adversarial robustness of detection models. Finally, investigating the robustness of malware detection models against adversarial attacks is an essential step before their real-world deployment and can help in developing adversarially superior detection models. Collapse

Topics: malware Android mobile application database system Google+

Methods: machine learning artificial neural network computational algorithm deep learning descriptive statistic

What are the trend and core knowledge of information security? A citation and co-citation analysis

2023 | Information & Management | Citations: 0

Authors: Shiau, Wen-Lung; Wang, Xiaoqun; Zheng, Fei

Abstract: Information technology brings business success opportunities, but also causes po ... Expand

Abstract: Information technology brings business success opportunities, but also causes potential safety hazards to orga­ nizations. In response to the increasing academia and industry concerns regarding information security (ISec), this study systematically explored extant ISec research and identified eight core knowledge groups, including (1) intrusion detection, (2) privacy protection, (3) secure machine learning, (4) cryptosystem, (5) data service se­ curity, (6) malware analysis, (7) security decision-making, and (8) security management. The detection of research hotspots shows that data service security and risk management garner the most current research attention. Furthermore, we establish a comprehensive ISec framework to help systematically understand and achieve ISec. Collapse

Topics: privacy decision making intrusion detection system malware database system

Methods: co-citation analysis cluster analysis literature sample hierarchical clustering multidimensional scaling

Protection Motivation Theory in Information Security Behavior Research: Reconsidering the Fundamentals

2023 | Communications of the Association for Information Systems | Citations: 0

Authors: Siponen, Mikko; Rönkkö, Mikko; Fufan, Liu; Haag, Steffi; Laatikainen, Gabriella

Abstract: Scholars commonly use protection motivation theory (PMT) by Rogers to examine i ... Expand

Abstract: Scholars commonly use protection motivation theory (PMT) by Rogers to examine information systems (IS) security behaviors and behavioral intentions. A recent, influential paper by Boss, Galletta, Lowry, Moody, and Polak (2015; hereafter BGLMP) in MIS Quarterly outlines correct and incorrect uses of PMT in Information Security behavior research. In this paper, we review some of BGLMP's key recommendations, such as the claim that all IS behavior studies that apply PMT should always use the model of the full theory, contain and measure fear, and measure actual behaviors. We defend an interpretation of Rogers (1975Rogers ( , 1983) that differs from the interpretation that BGLMP propose. We present evidence that Rogers' PMT and the empirical evidence do not adequately support many of BGLMP's suggestions and that these suggestions contradict good scientific practices (e.g., restricting the use of the method of isolation) that the philosophy of science and the original literature on PMT uphold. As a result, if reviewers and editors continue to embrace these recommendations, they could hinder the progress of IS behavior research by not allowing isolation or the combination of different theoretical components. In contrast to BGLMP's paper, we argue that further PMT research can focus on isolated PMT components and combine them with other theories. Some of our ideas (e.g., isolation) are not PMT-specific and could be useful for IS research in general. In summary, we contest BGLMP's recommendations and offer revised recommendations in return. Collapse

Topics: malware data security behavioral intention self efficacy social influence

Methods: functional magnetic resonance imaging literature study experiment experimental group structural equation modeling

Theories: protection motivation theory technology threat avoidance theory

HOW PARTS CONNECT TO WHOLE IN BUILDING DIGITAL GENERATIVITY IN DIGITAL PLATFORM ECOSYSTEMS

2023 | European Conference On Information Systems | Citations: 0

Authors: Sun, Jiamei; Xu, Dongming; Karanasios, Stan

Abstract: Generativity drives digital innovation and platform growth by engaging many oth ... Expand

Abstract: Generativity drives digital innovation and platform growth by engaging many other businesses with diverse digital skills and resources in a digital platform. As the proliferation of generativity research grows, the Information Systems (IS) literature demonstrates the basic understanding of this notion in the areas of properties of digital technologies, social events, and/or the interaction between these two without an integrated view of how generativity is raised to enable the digital innovation. Therefore, considering that digital platforms are a kind of ecosystem, we aim to develop a new understanding of this emerging phenomenon by employing a holistic perspective. Through the information ecology theoretical lens, we develop a digital generativity process model that explains how the technological and social resources interact to generate perpetual digital innovation in digital platform ecosystems (DPE). This study contributes to generativity research by providing a dynamic and holistic view of generativity formalization in DPEs. Collapse

Topics: innovation management digital ecosystem digital innovation digital platform technological change

Methods: business process modeling qualitative content analysis literature sample grounded theory applicability check

Customer Cybersecurity and Supplier Cost Management Strategy

2023 | International Conference on Information Systems | Citations: 0

Authors: Yang, Xu; Liang, Peng; Hu, Nan; Xue, Fujing

Abstract: In this paper, we explore the spillover effect of customer firms' data breaches ... Expand

Abstract: In this paper, we explore the spillover effect of customer firms' data breaches on their upstream supplier firms' cost management strategies, proxied by cost stickiness. Our primary analyses suggest that data breaches suffered by customer firms are associated with a decrease in cost stickiness among supplier firms. Furthermore, the reductions in supplier cost stickiness are stronger if suppliers are managed by CEOs from national cultural groups with high uncertainty avoidance, low long-term orientations, and/or low individualism. In sum, the findings contribute to both Information Systems (IS) and Operations Management (OM) disciplines in terms of data breach, cost management strategy, and the role of national culture in OM. In particular, the findings can facilitate the management and regulation of data breaches for managers and regulators. Collapse

Topics: data breach strategic management national culture supply chain management database system

Methods: descriptive statistic ordinary least square natural experiment longitudinal research difference in differences

Theories: cultural dimensions theory