Bayesian Network Models in Cyber Security: A Systematic Review

Bayesian Networks (BNs) are an increasingly popular modelling technique in cyber security especially due to their capability to overcome data limitations. This is also instantiated by the growth of BN models development in cyber security. However, a comprehensive comparison and analysis of these models is missing. In this paper, we conduct a...

On the anatomy of social engineering attacks: A literature-based dissection of successful attacks

The aim of this study was to explore the extent to which persuasion principles are used in successful social engineering attacks. Seventy-four scenarios were extracted from 4 books on social engineering (written by social engineers) and analysed. Each scenario was split into attack steps, containing single interactions between offender and...

The Internet of Things: Foundational ethical issues

This paper surveys foundational ethical issues that attach to the Internet of Things (IoT). In Section 1, we provide an overview of the technology, indicating both current and future applications. Subsequent sections consider particular ethical issues, including: informed consent (Section 2), privacy (Section 3), information security (Section...

Secure or usable computers? Revealing employees’ perceptions and trade-offs by means of a discrete choice experiment

It is often suggested in the literature that employees regard technical security measures (TSMs) as user-unfriendly, indicating a trade-off between security and usability. However, there is little empirical evidence of such a trade-off, nor about the strength of the associated negative correlation and the importance employees attach to both...