Researchers study users to increase cyber security

September 28, 2015 by Joe Mccune, Missouri University of Science and Technology
Researchers study users to increase cyber security
Missouri S&T researchers are looking at user behavior and how it affects computer network safety and security.

Missouri University of Science and Technology researchers are working to build a framework to study the online behavior of Internet users and how that behavior affects the safety of systems and networks.

Dr. Maggie Cheng, associate professor of computer at Missouri S&T, and Dr. Fiona Nah, professor of business and information technology at Missouri S&T, are working with a two-year grant from the National Science Foundation. The researchers are looking to design experiments to study the characteristics of user behavior, Cheng says, creating a theoretical to study human cyber behavior.

Computer systems can be vulnerable because of unexpected human behavior, Cheng says, including situational behavior. "We're trying to consider in what ways user behavior can change the network state," she says.

Network users are not always conscious of risks and aware of security issues. A user can unintentionally compromise a network's security, such as by opening a seemingly innocuous email that turns out to be a virus that infects a whole system. A user's psychological state and cognition capacity affect cyber behavior, and a user's situational cyber behavior also depends on the user's own assessment of the risk. For instance, a user may not want to click on a link received from an email when fully risk-conscious, but when the user is under time pressure or believes the link is what it appears to be, the user may still do it.

A user's cyber may also vary with the network and device the user is on. Cheng says that a user most likely will be more conscious of risk on the networks and devices that have higher security requirements. Malware targeted at mobile devices, such as those found on fake game sites, can easily be downloaded and installed because of users' low security awareness.

"The psychology of a hacker is different from an IT person and an ordinary network user," Cheng says. "IT looks at how it can secure the by improving security policies, but a hacker views the users-caused vulnerability as an opportunity to take what is gleaned and go from there."

Explore further: New technology that identifies users vulnerable to cyber attack based on behavioral and psychological characteristics

Related Stories

New project ensures 'what you see is what you send'

February 25, 2014

Imagine a user who intends to send $2 to a friend through PayPal. Embedded malware in the user's laptop, however, converts the $2 transaction into a $2,000 transfer to the account of the malware author instead.

Detecting and blocking leaky Android apps

May 22, 2015

Nine times out of ten, that Android app is connecting to multiple internet destinations without your knowledge, more than half of them require access to the sensitive, personal information on your mobile device in order to ...

Virtual money and user's identity

November 25, 2014

Bitcoin is the new money: minted and exchanged on the Internet. Faster and cheaper than a bank, the service is attracting attention from all over the world. But a big question remains: are the transactions really anonymous?

Recommended for you

Earwigs and the art of origami

March 22, 2018

ETH Zurich researchers have developed multifunctional origami structures, which they then fabricated into 4-D printed objects. The design principle mimics the structure of an earwig's wing.


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.