Contextual security awareness: A context-based approach for assessing the security awareness of users

Adir Solomon, Michael Michaelshvili, Ron Bitton, Bracha Shapira, Lior Rokach, Rami Puzis, Asaf Shabtai

Research output: Contribution to journalArticlepeer-review

Abstract

Assessing the information security awareness (ISA) of users is crucial for protecting systems and organizations from social engineering attacks. Current methods do not consider the context of use when assessing users’ ISA, and therefore they cannot accurately reflect users’ actual behavior, which often depends on that context. In this study, we propose a novel context-based, data-driven, approach for assessing the ISA of users. In this approach, different behavioral and contextual factors, such as spatio-temporal information and browsing habits, are used to assess users’ ISA. Since defining each context explicitly is impractical for a large context space, we utilize a deep neural network to represent users’ contexts implicitly from contextual factors. We evaluate our approach empirically using a real-world dataset of users’ activities collected from 120 smartphone users. The results show that the proposed method and context information improve ISA assessment accuracy significantly.

Original languageEnglish
Article number108709
JournalKnowledge-Based Systems
Volume246
DOIs
StatePublished - 21 Jun 2022
Externally publishedYes

Bibliographical note

Publisher Copyright:
© 2022 Elsevier B.V.

Keywords

  • Deep learning
  • Human factors
  • Information security awareness
  • Mobile devices

ASJC Scopus subject areas

  • Software
  • Management Information Systems
  • Information Systems and Management
  • Artificial Intelligence

Fingerprint

Dive into the research topics of 'Contextual security awareness: A context-based approach for assessing the security awareness of users'. Together they form a unique fingerprint.

Cite this