Cyber Safety and Security

Cyber Security 1

Human-technology interaction is a double-edged sword.  On the one hand, technology can enhance human potential helping people to do things that might otherwise be difficult, if not impossible.  On the other hand, technology creates a vast spectrum of potential problems for individuals, organizations, and societies related to the human behavior of technology users.  We have examined two aspects of these problems related to user security and Internet predation.

In our user security research we received NSF funding to explore the relation of user awareness of security vulnerabilities and risks and their adoption/use of safe security-related practices with respect to their computers and personal devices.  In this work, we explored the impact of commonly employed security awareness themes based on factors like deterrence, morality, regret, incentives, and feedback. We found messages involving those themes were perceived differently by college students in terms of their positive or negative emotional valence and arousal.  These messages were found to selectively affect memory for different elements of the visual displays used to present the messages, and to selectively promote safe or risky practices related to computer and cell phone usage.

In our ongoing Internet predation work, we are examining another dark side of human-technology interaction involving the sexual exploitation of children. Internet chat has become a method used by those with deviate interests to identify, seek out, and contact children for purposes of sexual gratification and/or contact. In this work, we are using text-mining and statistical analysis techniques to create a predictive computer model capable of correctly classifying offenders and their victims, based on the frequency and pattern of words used in Internet chats.  For example, we examined chat transcripts of 70 criminal offenders who were investigated by law enforcement for the sexual exploitation of a "pseudo-child," who in reality was an undercover police officer posing online as a child. Our resulting model classifed the criminal offenders as either contact-driven (wanted to eventually meet and physically engage with the child) or fantasy-driven (no desire for eventual contact) with 95% accuracy.  Also, the model distinguished both types of offenders from victims with 98% accuracy. Ultimately, we believe the development and validation of a fully-automated system based on this type of predictive model will greatly assist law enforcement in improving the efficiency of offender identification and facilitating the process of bringing sexual predators to justice.  

Our scholarly products thus far in these two related areas include the following:

Crowell, C. R. (2007). [Review of the book Cyberbullying and cyberthreats: responding to the challenge of online social cruelty, threats, and distress]. Journal of Moral Education, 36(4), 539-541.

Chapple, M. J., Striegel, A, & Crowell, C. R. (2011). Firewall Rulebase Management: Tools and Techniques. In M. Quigley (Ed.). ICT Ethics and Security in the 21st Century: New Developments and Applications. Hershey, PA: Idea Group.  

Kajzer, M., Crowell, C. R., Ferreira, A.,  D’Arcy, J., Van Bruggen, D., & Striegel, A.  (2013, July). Memorability of Computer Security Posters as Affected by Message Type. Poster presented at Ninth Symposium on Usable Privacy and Security, Newcastle, UK.

Kajzer, M., Crowell, C. R., & Villano, M.  (2014, July). Text Mining Chat Utterances to Automatically Predict Contact-Driven or Fantasy-Driven Internet Child Sexual Offenders. Paper presented at the International Family Violence and Child Victimization Research Conference, Portsmouth, NH.

Van Bruggen, D., Liu, S., Kajzer, M., Striegel, A., Crowell, C. R., & D'Arcy, J. (2013). Modifying smartphone user locking behavior. In Proceedings of the Ninth Symposium on Usable Privacy and Security (full paper). ACM.  

Kajzer, M., D'Arcy, J., Crowell, C. R., Striegel, A., Van Bruggen, D. (2014). An Exploratory Investigation of Message-Person Congruence in Security Awareness Campaigns. Computers & Security,43, 64-76.

Kajzer, M. D., Crowell, C. R., Villano, M., Segerson, J., & Zenk, J. (revision under review). Using Chat Utterances to Predict Participant Classification as Pseudo-Child or Sexual Offender.  Cyberpsychology, Behavior, and Social Networking