International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Fraud Detection in E-Commerce

  • Alqethami, Sara (College of Computer Science and Information System, Umm Al-Qura University) ;
  • Almutanni, Badriah (College of Computer Science and Information System, Umm Al-Qura University) ;
  • AlGhamdi, Manal (College of Computer Science and Information System, Umm Al-Qura University)
  • Received : 2021.06.05
  • Published : 2021.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

Lack of knowledge and digital skills is a threat to the information security of the state and society, so the formation and development of organizational culture of information security is extremely important to manage this threat. The purpose of the article is to assess the state of information security of the state and society. The research methodology is based on a quantitative statistical analysis of the information security culture according to the EU-27 2019. The theoretical basis of the study is the theory of defense motivation (PMT), which involves predicting the individual negative consequences of certain events and the desire to minimize them, which determines the motive for protection. The results show the passive behavior of EU citizens in ensuring information security, which is confirmed by the low level of participation in trainings for the development of digital skills and mastery of basic or above basic overall digital skills 56% of the EU population with a deviation of 16%. High risks to information security in the context of damage to information assets, including software and databases, have been identified. Passive behavior of the population also involves the use of standard identification procedures when using the Internet (login, password, SMS). At the same time, 69% of EU citizens are aware of methods of tracking Internet activity and access control capabilities (denial of permission to use personal data, access to geographical location, profile or content on social networking sites or shared online storage, site security checks). Phishing and illegal acquisition of personal data are the biggest threats to EU citizens. It have been identified problems related to information security: restrictions on the purchase of products, Internet banking, provision of personal information, communication, etc. The practical value of this research is the possibility of applying the results in the development of programs of education, training and public awareness of security issues.

Keywords

References

  1. AlHogail, A. (2015). Design and validation of information security culture framework. Computers in Human Behavior, 49, 567-575. https://doi.org/10.1016/j.chb.2015.03.054
  2. AlHogail, A., & Mirza, A. (2014, January). Information security culture: a definition and a literature review. In 2014 World Congress on Computer Applications and Information Systems (WCCAIS) (pp. 1-7). IEEE.
  3. Alnatheer, M. A. (2015, April). Information security culture critical success factors. In 2015 12th International Conference on Information Technology-New Generations (pp. 731-735). IEEE.
  4. Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS quarterly, 523-548. https://doi.org/10.2307/25750690
  5. Chen, Y. A. N., Ramamurthy, K. R. A. M., & Wen, K. W. (2015). Impacts of comprehensive information security programs on information security culture. Journal of Computer Information Systems, 55(3), 11-19. https://doi.org/10.1080/08874417.2015.11645767
  6. Da Veiga, A. (2016). Comparing the information security culture of employees who had read the information security policy and those who had not: Illustrated through an empirical study. Information & Computer Security.
  7. Da Veiga, A., & Eloff, J. H. (2010). A framework and assessment instrument for information security culture. Computers & Security, 29(2), 196-207. https://doi.org/10.1016/j.cose.2009.09.002
  8. Da Veiga, A., & Martins, N. (2015). Improving the information security culture through monitoring and implementation actions illustrated through a case study. Computers & Security, 49, 162-176. https://doi.org/10.1016/j.cose.2014.12.006
  9. El-kenawy, E. S. M. T., Saber, M., & Arnous, R. (2019). An Integrated Framework to Ensure Information Security Over the Internet. International Journal of Computer Applications, 975, 8887.
  10. Eurostat (2021a). Individuals' level of digital skills. https://appsso.eurostat.ec.europa.eu/nui/show.do?dataset=isoc_sk_dskl_i&lang=en
  11. Eurostat (2021b). Way of obtaining ICT skills. https://appsso.eurostat.ec.europa.eu/nui/show.do?dataset=isoc_sk_how_i&lang=en
  12. Eurostat (2021c). Cross-classification of fixed assets by industry and by asset (stocks). https://ec.europa.eu/eurostat/web/main/data/database?p_p_id=NavTreeportletprod_WAR_NavTreeportletprod_INSTANCE_nPqeVbPXRmWQ&p_p_lifecycle=0&p_p_state=normal&p_p_mode=view
  13. Eurostat (2021d). Identification procedures used for online services (2020 onwards). https://appsso.eurostat.ec.europa.eu/nui/setupDownloads.do
  14. Eurostat (2021e). Privacy and protection of personal data (2020 onwards). https://appsso.eurostat.ec.europa.eu/nui/setupDownloads.do
  15. Eurostat (2021f). Security related problems experienced when using the internet. https://appsso.eurostat.ec.europa.eu/nui/setupDownloads.do
  16. Eurostat (2021g). Activities via internet not done because of security concerns. https://appsso.eurostat.ec.europa.eu/nui/setupDownloads.do
  17. Hanus, B., & Wu, Y. A. (2016). Impact of users' security awareness on desktop security behavior: A protection motivation theory perspective. Information Systems Management, 33(1), 2-16. https://doi.org/10.1080/10580530.2015.1117842
  18. Karlsson, F., Astrom, J., & Karlsson, M. (2015). Information security culture-state-of-the-art review between 2000 and 2013. Information & Computer Security.
  19. Lebek, B., Uffen, J., Neumann, M., Hohler, B., & Breitner, M. H. (2014). Information security awareness and behavior: a theory-based literature review. Management Research Review. 37 (12), 1049-1092. https://doi.org/10.1108/MRR04-2013-0085
  20. Mahfuth, A., Yussof, S., Baker, A. A., & Ali, N. A. (2017, July). A systematic literature review: Information security culture. In 2017 International Conference on Research and Innovation in Information Systems (ICRIIS) (pp. 1-6). IEEE.
  21. Nasir, A., Arshah, R. A., Ab Hamid, M. R., & Fahmy, S. (2019). An analysis on the dimensions of information security culture concept: A review. Journal of Information Security and Applications, 44, 12-22. https://doi.org/10.1016/j.jisa.2018.11.003
  22. Okere, I., Van Niekerk, J., & Carroll, M. (2012, August). Assessing information security culture: A critical analysis of current approaches. In 2012 Information Security for South Africa (pp. 1-8). IEEE.
  23. Parsons, K. M., Young, E., Butavicius, M. A., McCormac, A., Pattinson, M. R., & Jerram, C. (2015). The influence of organizational information security culture on information security decision making. Journal of Cognitive Engineering and Decision Making, 9(2), 117-129. https://doi.org/10.1177/1555343415575152
  24. Tang, M., & Zhang, T. (2016). The impacts of organizational culture on information security culture: a case study. Information Technology and Management, 17(2), 179-186. https://doi.org/10.1007/s10799-015-0252-2
  25. Van Niekerk, J. F., & Von Solms, R. (2010). Information security culture: A management perspective. Computers & security, 29(4), 476-486. https://doi.org/10.1016/j.cose.2009.10.005
  26. Varenia N., Avramenko S. (2020) Virtual reality as a new global factor for analyzing the level of terrorist threat. Ukrainian Journal of International Law, 2, 46-60. https://doi.org/10.36952/uail.2020.2.46-60