International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Human Factor & Artificial Intelligence: For future software security to be invincible, a confronting comprehensive survey

  • Al-Amri, Bayan O (Department of Computer Science, College of Computers and Information Technology, Taif University) ;
  • Alsuwat, Hatim (Department of Computer Science, College of Computer and Information Systems, Umm Al Qura University) ;
  • Alsuwat, Emad (Department of Computer Science, College of Computers and Information Technology, Taif University)
  • Received : 2021.06.05
  • Published : 2021.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

This work aims to focus on the current features and characteristics of Human Element and Artificial intelligence (AI), ask some questions about future information security, and whether we can avoid human errors by improving machine learning and AI or invest in human knowledge more and work them both together in the best way possible? This work represents several related research results on human behavior towards information security, specified with elements and factors like knowledge and attitude, and how much are they invested for ISA (information security awareness), then presenting some of the latest studies on AI and their contributions to further improvements, making the field more securely advanced, we aim to open a new type of thinking in the cybersecurity field and we wish our suggestions of utilizing each point of strengths in both human attributions in software security and the existence of a well-built AI are going to make better future software security.

Keywords

References

  1. M. Jouini, L. B. A. Rabai, and A. B. Aissa, "Classification of Security Threats in Information Systems," ANT/SEIT, vol. 32, pp. 489-496.
  2. A. McCormac, T. Zwaans, K. Parsons, D. Calic, M. Butavicius, and M. Pattinson, "Individual differences and information security awareness," Computers in human behavior, vol. 69, pp. 151-156. https://doi.org/10.1016/j.chb.2016.11.065
  3. R. J. Mejias and P. A. Balthazard, "A model of information security awareness for assessing information security risk for emerging technologies," Journal of Information Privacy and Security, vol. 10, pp. 160-185. https://doi.org/10.1080/15536548.2014.974407
  4. P. Coopers, "Key findings from the Global State of Information Security Survey 2013," Changing the game.
  5. S. M. Furnell, A. Jusoh, and D. Katsabas, "The challenges of understanding and using security: A survey of end-users," Computers & Security, vol. 25, pp. 27-35, 2006. https://doi.org/10.1016/j.cose.2005.12.004
  6. K. Parsons, A. McCormac, M. Butavicius, and L. Ferguson, "Human factors and information security: individual, culture, and security environment," DEFENCE SCIENCE AND TECHNOLOGY ORGANISATION EDINBURGH (AUSTRALIA) COMMANDA a€¦.
  7. K. Parsons, A. McCormac, M. Butavicius, M. Pattinson, and C. Jerram, "Determining employee awareness using the human aspects of information security questionnaire (HAIS-Q)," Computers & Security, vol. 42, pp. 165-176. https://doi.org/10.1016/j.cose.2013.12.003
  8. B. ISO, "iso," IEC Directives Part, vol. 1, 2008.
  9. H. A. Kruger and W. D. Kearney, "A prototype for assessing information security awareness," Computers & security, vol. 25, pp. 289-296, 2006. https://doi.org/10.1016/j.cose.2006.02.008
  10. J. HeinstrAm, "Five personality dimensions and their influence on information behaviour," Information research, vol. 9, pp. 9-1, 2003.
  11. M. Pattinson, M. Butavicius, K. Parsons, A. McCormac, and D. Calic, "Factors that influence information security Behavior: An australian web-based study," in International Conference on Human Aspects of Information Security, Privacy, and Trust, pp. 231-241.
  12. S. Sheng, M. Holbrook, P. Kumaraguru, L. F. Cranor, and J. Downs, "Who falls for phish? A demographic analysis of phishing susceptibility and effectiveness of interventions," in Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 373-382.
  13. P. E. Spector, "A consideration of the validity and meaning of self-report measures of job conditions," 1992.
  14. C. Vroom and R. Von Solms, "Towards information security behavioural compliance," Computers & security, vol. 23, pp. 191-198, 2004. https://doi.org/10.1016/j.cose.2004.01.012
  15. S. GeriA‡ and A. e. Hutinski, "Information system security threats classifications," Journal of Information and organizational sciences, vol. 31, pp. 51-61, 2007.
  16. M. Alhabeeb, A. Almuhaideb, P. D. Le, and B. Srinivasan, "Information security threats classification pyramid," in 2010 IEEE 24th international conference on advanced information networking and applications workshops, pp. 208-213.
  17. A. McCue, "Beware the insider security threat,a€‹ CIO Jury," 2008.
  18. B.-h. Li, B.-c. Hou, W.-t. Yu, X.-b. Lu, and C.-w. Yang, "Applications of artificial intelligence in intelligent manufacturing: a review," Frontiers of Information Technology & Electronic Engineering, vol. 18, pp. 86-96. https://doi.org/10.1631/fitee.1601885
  19. Y. Pan, "Heading toward artificial intelligence 2.0. Engineering, 2 (4): 409-413." https://doi.org/10.1016/j.eng.2016.04.018
  20. W. Pieters, "Explanation and trust: what to tell the user in security and AI?," Ethics and information technology, vol. 13, pp. 53-64. https://doi.org/10.1007/s10676-010-9253-3
  21. A. Avizienis, J.-C. Laprie, B. Randell, and C. Landwehr, "Basic concepts and taxonomy of dependable and secure computing," IEEE transactions on dependable and secure computing, vol. 1, pp. 11-33, 2004. https://doi.org/10.1109/TDSC.2004.2
  22. B. B. Bederson, B. Lee, R. M. Sherman, P. S. Herrnson, and R. G. Niemi, "Electronic voting system usability issues," in Proceedings of the SIGCHI conference on Human factors in computing systems, 2003, pp. 145-152.
  23. D. Fahrenholtz and A. Bartelt, "Towards a sociological view of trust in computer science," in Proceedings of the eighth research symposium on emerging electronic markets (RSEEM 01), 2001.
  24. B. Harris and D. Allen, Black box voting: Ballot tampering in the 21st century: Talion Pub., 2004.
  25. N. Luhmann, "Familiarity, confidence, trust: Problems and alternatives," Trust: Making and breaking cooperative relations, vol. 6, pp. 94-107, 2000.
  26. J. H. Park, "England's controversy over the secret ballot," Political Science Quarterly, vol. 46, pp. 51-86, 1931. https://doi.org/10.2307/2143109
  27. K. Veeramachaneni, I. Arnaldo, V. Korrapati, C. Bassias, and K. Li, "AI^ 2: training a big data machine to defend," in 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS), pp. 49-54.