SaTC: EDU: Collaborative: Personalized Cybersecurity Education and Training

SaTC：EDU：协作：个性化网络安全教育和培训

基本信息

批准号：
1919004
负责人：
David Chan-Tin
金额：
$ 20.27万
依托单位：
Loyola University of Chicago
依托单位国家：
美国
项目类别：
Standard Grant
财政年份：
2019
资助国家：
美国
起止时间：
2019-07-01 至 2024-06-30
项目状态：
已结题

来源：
https://www.nsf.gov/awardsearch/showAward?AWD_ID=1919004&HistoricalAwards=false
关键词：
SaTC EDU Collaborative Personalized Cybersecurity

项目摘要

The average citizen is often unaware of common strategies to protect themselves from cybersecurity threats. Consequently, large numbers of computer users are vulnerable to lapses in security from actions such as choosing weak passwords, clicking on phishing links, opening attachments from unknown senders, ignoring security warnings on devices, and falling victim to social engineering or identity theft. Although there have been many studies on training and educating people on cybersecurity best practices, the fact that these vulnerabilities are still being exploited imply that current training is not effective for all users. The objective of this project is to effectively educate the average user about common cybersecurity threats so that they are not vulnerable to these types of attacks. The project will create new education modules that are personalized to each user, building on the fact that different users have different personalities and may react to threats in different ways. The result could be more cybersecurity-aware citizens, which could reduce the number of "easy" hacks and cyber thefts. It has already been shown that different models are needed to effectively educate individuals with different personality traits and learning behaviors. There is no "one-size-fits-all" model. The researchers' aims are to 1) increase cybersecurity compliance with schema matching messages, and 2) develop and evaluate the effectiveness of cybersecurity education modules. The researchers have shown that individual differences in personality traits can be used to predict cybersecurity perceptions and practices. The research will classify personalities through analysis of the language of social media. Personalized cybersecurity education modules will then be developed and evaluated. Users' personalities will be assigned based on the "True Colors" Personality Categories, which are based on the Myers-Briggs personality categories, and the Big Five Personality traits. This personalized education module approach could be applied in other areas such as management, teaching, and safety training. Moreover, users will become more security-aware which could lead to a reduction in cybersecurity breaches.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

普通公民通常不知道保护自己免受网络安全威胁的共同策略。因此，大量的计算机用户容易受到诸如选择弱密码，单击网络钓鱼链接，开放未知发件人的附件，忽略设备上的安全警告以及成为社会工程或身份盗窃的受害者的操作，遭受安全性失误的影响。尽管已经有许多关于培训和教育网络安全最佳实践的研究，但仍在利用这些漏洞的事实暗示当前的培训对所有用户都不是有效的。该项目的目的是有效地教育普通用户有关常见的网络安全威胁，以便他们不容易受到这类攻击的影响。该项目将创建向每个用户个性化的新教育模块，这是基于以下事实：不同的用户具有不同的个性，并且可能会以不同的方式对威胁做出反应。结果可能是更多的网络安全性公民，这可能会减少“轻松”黑客盗窃和网络盗窃的数量。已经显示出需要不同的模型来有效地教育具有不同人格特征和学习行为的个人。没有“一定程度的全部”模型。研究人员的目的是1）提高网络安全符合模式匹配消息，以及2）开发和评估网络安全教育模块的有效性。研究人员表明，人格特征上的个体差异可用于预测网络安全的看法和实践。该研究将通过分析社交媒体语言来对个性进行分类。然后将开发和评估个性化的网络安全教育模块。用户的个性将根据“真实颜色”的个性类别分配，该类别基于Myers-Briggs的个性类别和五大人格特质。这种个性化的教育模块方法可以应用于管理，教学和安全培训等其他领域。此外，用户将变得更加安全感，这可能会导致网络安全漏洞的减少。该奖项反映了NSF的法定任务，并被认为是值得通过基金会的知识分子优点和更广泛的影响评估标准通过评估来获得支持的。

项目成果

期刊论文数量（10）

专著数量（0）

科研奖励数量（0）

会议论文数量（0）

专利数量（0）

WebTracker: Real Webbrowsing Behaviors

DOI：
10.1109/svcc56964.2023.10164930
发表时间：
2023-05
期刊：
2023 Silicon Valley Cybersecurity Conference (SVCC)
影响因子：
0
作者：
Daisy Reyes;Eno Dynowski;T. Chovan;John Mikos;Eric Chan-Tin;Mohammed Abuhamad;S. Kennison
通讯作者：
Daisy Reyes;Eno Dynowski;T. Chovan;John Mikos;Eric Chan-Tin;Mohammed Abuhamad;S. Kennison

Who creates strong passwords when nudging fails