Saudi Cultural Missions Theses & Dissertations

Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10

Browse

Has files: YesSubject: search.filters.subject.cybersecurity

Search Results

Now showing 1 - 10 of 31
  • No Thumbnail Available
    ItemRestricted
    Public Awareness, Trust and Perception of Cybersecurity Development in Saudi Digital Governance: A Quantitative Study under Vision 2030 Framework
    (Saudi Digital Library, 2025) ِAlshaeri, Abdulaziz; Knabe-Nicol, Susanne
    Despite extensive digital transformation efforts, Saudi Arabia faces cybersecurity threats, which highlights the need for increased public cybersecurity resilience. This study addresses an important gap in understanding public awareness, trust and perception regarding cybersecurity within Saudi Arabia’s Vision 2030 digital governance initiatives. The primary aim was to analyse the levels of public awareness, trust and perception of cybersecurity practices among Saudi citizens. By employing Technology Acceptance Model (TAM), complemented by literature on institutional trust and digital literacy, this research adopted a positivist, quantitative approach. An online survey of 96 respondents was conducted, analysed through descriptive statistics, Pearson correlation, regression analyses, and independent-sample t-tests. Findings demonstrated formal education significantly improves cybersecurity awareness, whereas technical understanding of cyber threats and risks among citizens alone does not increase further learning motivation. Trust in institutions strongly predicts perceived cybersecurity protection, with notable disparities based on gender and employment sector. Clear government communication strengthens trust, but macro-level cybersecurity threats fail to improve individual data protection confidence. Key recommendations include targeted cybersecurity education programmes for less-educated groups, gender-sensitive cybersecurity initiatives addressing specific threats faced by Saudi women, and personalised, actionable governmental cybersecurity communication.
    24 0
  • No Thumbnail Available
    ItemRestricted
    Enhancing Learner Engagement and Personalisation in AI-Powered Quiz Application through Adaptive Learning, Gamification, and Mobile Optimisation
    (Saudi Digital Library, 2025) Alnageeb, Moaz Omar; papazoglou, varvara
    This dissertation investigates the integration of adaptive learning techniques, gamification elements, and mobile optimisation into SkillsDotAI, an AI-powered educational platform that dynamically adjusts question difficulty based on real-time user performance. The research addresses three core questions concerning adaptive learning implementation, gamification’s impact on engagement, and mobile accessibility in educational technology. Thesystem employs a sophisticated architecture built on Node.js/Express.js with PostgreSQL database integration, featuring a multi-stage difficulty adjustment algorithm that adapts question complexity across discrete learning phases. Central to the platform is an AI-powered feedback system utilising Claude 3 Haiku, which provides personalised learning guidance based on comprehensive session data analysis. Gamification elements, including achievement badges, global leaderboards, and progress tracking, are implemented to enhance user motivation and engagement. A comprehensive evaluation was conducted with 100 participants who interacted with both adaptive and competitive learning modes. Results demonstrate strong user recognition of adaptive features, with 77% of participants perceiving intelligent difficulty adjustments. Statistical analysis revealed significant positive correlations between perceived adaptability and overall satisfaction (r = 0.305, p = .002), and between feedback helpfulness and satisfaction (r = 0.577, p ≤ .001). The mobile design approach proved highly successful, with 79% of participants using mobile devices and strong positive correlations between mobile preference and satisfaction (r = 0.348, p ≤ .001). Keycontributions include empirical validation of transparent adaptive learning mechanisms, demonstration of relationships between adaptive features and AI-powered feedback, and practical frameworks for mobile-optimised educational technology development. The research provides evidence that users who recognise adaptive system behaviours report higher satisfaction levels, challenging assumptions about transparent versus hidden adaptation strategies. This work advances the field of AI in education by providing a robust technical framework for adaptive learning implementation, comprehensive evaluation methodologies for complex educational systems, and practical insights for developing engaging, accessible learning platforms
    16 0
  • No Thumbnail Available
    ItemRestricted
    Metadata-Centric Cybersecurity Classification: A Fair Benchmark of LLMs and Classical Models
    (Saudi Digital Library, 2025) Binothman, Elyas; Chaudhry, Umair Bilal
    Cybersecurity breach classification supports triage and risk response but is hindered by heterogeneous reporting, class imbalance, and limited semantic coverage in traditional pipelines. Prior work has relied on rule-based heuristics and classical models (SVM, Random Forest) with heavy feature engineering, while recent LLM studies rarely evaluate breach metadata under identical, fair splits; severity labels are often absent or not reproducibly constructed. We present a metadata-centric benchmark on the Privacy Rights Clearinghouse chronology spanning two tasks: breach-type classification and severity tiering in three and five labels, with severity derived reproducibly from native fields using a Breach Level Index style mapping. All models share one preprocessing recipe and a single stratified 80/20 train–test split. We compare parameter-efficient transformers (DistilBERT and T5 with LoRA) against tuned tabular baselines (Linear SVM, Random Forest, compact ANN). On breach type, DistilBERT achieves the strongest results (Accuracy 0.943; Macro– F1 0.840), surpassing tabular baselines. For severity, a classweighted ANN on TF–IDF and categorical features attains the highest Macro–F1 at both granularities, while T5 shows high accuracy but low Macro–F1, indicating majority-class bias. The study contributes a unified PRC schema with transparent severity construction, a fair head-to-head comparison under identical conditions, and an efficiency-oriented training recipe suitable for modest hardware.
    12 0
  • No Thumbnail Available
    ItemRestricted
    Evaluating Machine Learning for Intrusion Detection in CAN Bus for in-Vehicle Security
    (Saudi Digital Library, 2025) Alfardus, Asma; Rawat, Danda
    The past decade has seen a potential rise in the automobile industry accompanied by some serious challenges and threats. Increased demand for intelligent transportation system facilities has given a boom to the automotive industry. A safer and better experience is much sought from vehicles. It opens opportunities of including autonomous vehicles and Vehicle to Everything technologies in the automotive sector. Enabling vehicles to connect to various services exposes to compromise and misuse by the adversaries. There are numerous electronic devices in the modern vehicle which communicate with each other using multiple standard communication protocols. State-of-the-art vehicles are the assembly of complex mechanical devices with the sophisticated technology of electronic devices and connections to the external world. Controller Area Network (CAN) is one of the widely used protocols for in-vehicle communications. However, the lack of some fundamental security features such as encryption and authentication in CAN makes it vulnerable to security attacks. The backbone of connecting autonomous vehicles is CAN with limited bandwidth and exposure to unauthorized access. Various attacks compromise the confidentiality, integrity, and availability of vehicular data through intrusions which may endanger the physical safety of vehicles and passengers. These security shortcomings, therefore, lead to accidents and financial loss to the users of vehicles. To protect the in-vehicle electronic devices, researchers have proposed several security countermeasures. In this work, we discuss various security vulnerabilities and potential solutions to CAN’s. Further, a machine learning-based approach is also developed to devise an Intrusion Detection System for the CAN bus network. This study aims to explore the adaptability of the proposed intrusion detection system across diverse vehicular architectures and operational conditions. Furthermore, the findings contribute to advancing the state-ofthe-art in automotive cybersecurity, fostering safer and more resilient transportation ecosystems. Moreover, it investigates the scalability of the intrusion detection system to handle the increasing complexity and volume of data generated by modern vehicles.
    25 0
  • No Thumbnail Available
    ItemRestricted
    Human Vulnerability Attack in Saudi Arabia
    (University of Portsmouth, 2025) AlZabin, Naif Abdullah M; Zaynab, Lamoyero
    Human vulnerability attacks, which use people rather than technology to get into networks, are a growing cybersecurity problem. This research examines human vulnerability attacks in all key Saudi Arabian industries and proposes effective mitigation techniques. A quantitative survey was used to collect data from Saudi Arabian banking, healthcare, energy, and government professionals. According to the results, psychological biases and repeated lapses dramatically increase cyberattack risk. A majority of respondents agreed that combining training, policy, and technology minimizes the danger of human vulnerability assaults, supporting the theory. Ineffective training and incomplete technical implementation were found, highlighting the need for adjustments. The research underlines the significance of leadership in developing cybersecurity awareness and establishing a security-conscious culture in enterprises. Implementing technical defenses, improving training, and strengthening policies are the study's cybersecurity suggestions. Future studies should increase sample size, examine particular psychological biases, and assess the long-term efficacy of integrated cybersecurity methods.
    14 0
  • No Thumbnail Available
    ItemRestricted
    Predictors of Cybersecurity Knowledge, Attitude, and Behaviours among Nurses in Saudi Arabia
    (Saudi Digital Library, 2025-05-21) Alanazi, Abdulhamid Khalifah; Khalifeh, Anas
    Background: Cybersecurity is becoming increasingly critical in healthcare, as nurses frequently access sensitive patient data through electronic health records (EHRs) and other digital platforms. Despite this, gaps in nurses' knowledge, attitudes, and behaviors (KAB) regarding cybersecurity pose risks to data security, especially in Saudi Arabia, where healthcare digitization is expanding rapidly. Research in this area remains limited. Aim: The aim of this study is to explore the predictors of cybersecurity knowledge, attitudes, and behaviors among nurses in Saudi Arabia. Methodology: This cross-sectional, descriptive correlational study was conducted in three hospitals in northern Saudi Arabia: King Khalid Hospital, Prince Abdulaziz Bin Musaed Hospital, and Qurayyat General Hospital. A total of 190 nurses were selected using a convenient sampling method, and then they were surveyed using the Human Aspects of Information Security Questionnaire (HAIS-Q) to assess their cybersecurity knowledge, attitude, and behavior (KAB). Sociodemographic, work-related, and organizational variables were analyzed using multiple regression to identify significant predictors of cybersecurity KAB. Results: Overall, 190 nurses participated in the study, with a mean age of 30.69 years (SD = 7.96). The results showed moderate levels of cybersecurity knowledge, attitudes, and behaviors among nurses in Saudi Arabian hospitals. The highest-scoring domain was mobile device usage, while password management scored the lowest. Significant differences in cybersecurity knowledge were found based on educational level (F = 3.626, p = .029) and monthly income (F = 3.196, p = .043), with nurses holding master’s or doctoral degrees and those earning higher salaries showing better knowledge scores. A statistically significant difference in knowledge scores was also observed based on the clarity of cybersecurity policies (F = 3.179, p = .044). No significant differences were found in attitudes or behaviors based on these variables (p > .05). Cybersecurity knowledge was strongly and positively correlated with both attitude and behavior (p < .001). Similarly, cybersecurity attitude was positively associated with behavior (p < .001). No significant correlations were found between the main variables and demographic factors such as age or years of experience. Cybersecurity attitude (β = .696, p < .001) and behavior (β = .231, p < .001) were significant predictors of cybersecurity knowledge. In turn, cybersecurity knowledge (β = .605, p < .001) and behavior (β = .358, p < .001) significantly predicted attitude. Finally, cybersecurity knowledge (β = .333, p < .001) and attitude (β = .571, p < .001) significantly predicted behavior. Conclusion: The study highlights moderate cybersecurity KAB among nurses, influenced by education, policy clarity, and work-related factors. Strong correlations exist between knowledge, attitudes, and behaviors, emphasizing the need for targeted training and institutional cybersecurity reinforcement
    21 0
  • No Thumbnail Available
    ItemRestricted
    The Influence of Emotions on Employees' Cybersecurity Protection Motivation Behaviour: Examining the Mediating Effect of Self- Efficacy and Moderating Role of Cybersecurity Awareness
    (Aston University, 2024-12) Alshammari, Abdulelah Sulaiman; Vladlena, Benson; Luciano, Batista
    Cyber threats at the employee level are a complex issue that needs more attention. Psychological research shows that emotions influence individuals' motivation to engage in cybersecurity practices. Most existing studies focus on how external factors affect employees' cybersecurity behaviours, including risk perception, rational decision making in cybersecurity policies, security regulations, compliance, and ethical behaviour. However, research into employees' internal capabilities and psychological factors, such as emotions, that enable them to protect organisational information assets is still in its early stages. Therefore, this thesis aims to explore the influence of employees' emotions on their cybersecurity protection motivation behaviours within Saudi Arabia’s context. The research highlights self-efficacy as a mediating factor and cybersecurity awareness as a moderating factor. This thesis is underpinned by the Broaden and Build Theory (BBT) and Protection Motivation Theory (PMT) to explore the influence of negative and positive emotions on employees' cybersecurity protection motivation behaviour. Moreover, it adopted a deductive research design, employing a quantitative approach through an online survey, resulting in 383 responses from participants at King Abdulaziz University in Saudi Arabia. The data were analysed using partial least squares structural equation modelling (PLS-SEM) via SmartPLS 4 software, which included measurement and structural model assessments. The study found that negative emotions do not influence employees' self-efficiency or motivation to protect themselves. Moreover, it found that self-efficacy does not mediate the relationship between negative emotions and employees' protection motivation behaviour. However, positive emotions positively influence employees' self-efficacy and protection motivation behaviour. In addition, self-efficacy positively mediates the relationship between positive emotions and employees’ protection motivation behaviour. Regarding cybersecurity awareness, it was found that it positively influences employees' protection motivation. Moreover, it also moderates the relationships between positive emotions and self-efficacy and protection motivation behaviour, and between self-efficacy and protection motivation behaviour. The study contributes to cybersecurity by showing how emotions influence protective behaviours. It introduces a novel model based on BBT and PMT, exploring how emotions influence employees' self-efficacy and protection motivation behaviour. Moreover, the study's empirical findings address a gap by focusing on how emotions influence cybersecurity protection motivation behaviours.
    23 0
  • No Thumbnail Available
    ItemRestricted
    Assessing Cybersecurity Awareness Among Public Sector Employees in Saudi Arabia: A Study on Social Engineering Vulnerabilities
    (Royal Holloway University of London, 2024-08-28) Almadhi, Khaled; Ojo, Olumide
    The purpose of this study is to evaluate the level of cybersecurity awareness among employees in the public sector of Saudi Arabia with a specific focus on understanding their vulnerability to social engineering attacks. This literature review examines cybersecurity awareness among public sector employees towards social engineering vulnerabilities. Understanding and mitigating these vulnerabilities is critical due to the increasing prevalence of cyber-attacks that exploit human factors. The review critically examines theories (i.e., Protection Motivation Theory (PMT) and the Theory of Planned Behaviour (TPB)) about motivations and behaviours that influence cybersecurity practices among employees. In addition, the review evaluates established frameworks of (i.e., the National Institute of Standards and Technology's Security Awareness, Training, and Education (NIST SATE) framework, the Human Aspects of Information Security Questionnaire (HAIS-Q), and the Cybersecurity Awareness Training (CSAT) framework) to assess for their effectiveness in buttressing cybersecurity awareness and their limitations such as the challenges in measuring training effectiveness and adapting to diverse organisational needs. Furthermore, the review categorises multifarious social engineering threats of (i.e., phishing, spear phishing, pretexting, baiting, tailgating and quid pro quo) so as to provide detailed thoughts into their mechanisms and management strategies. Past studies are critically scrutinised to evaluate the effectiveness of existing cybersecurity training programs, revealing specific vulnerabilities, knowledge gaps and the significant impact of organisational culture and policies on cybersecurity awareness. Such comprehensive analysis identifies critical areas for improvement and underscores the need for continuous updates and tailored training programs. By bridging the gap between theoretical information and practical applications, this review aims to provide a foundation for developing targeted strategies that enhance cybersecurity awareness and resilience among public sector employees. This study measures cybersecurity knowledge across Saudi public sector workers using a quantitative, positivist-guided methodology. It employs a logical approach to test hypotheses using online surveys that are examined using SPSS. Convenience sampling as well as the cross-sectional approach allow for extensive data gathering while upholding participant protection ethics. The results of the T-test, all the alternative hypotheses are accepted as the obtained p-values are less than 0.05 (p<0.05). Oppositely, the results of regression analysis indicate that the first and second hypotheses are accepted, but the third alternative hypothesis cannot be accepted. Hence, by comparing the results of regression analysis with the results of the T-test and graphical analysis, it can be stated that cybersecurity training, organisational policy and organisational culture significantly and positively influence cybersecurity awareness among employees.
    51 0
  • No Thumbnail Available
    ItemRestricted
    “Exploring the Macroeconomic Implications of CBDCs”
    (Brunel University, 2024-09-05) Alnughaymishi, Saleh Mohammed; Korotana, Mohammed
    This dissertation examines the potential macroeconomic implications of CBDC adoption, focusing on monetary policy, financial stability, and economic growth. A comprehensive literature review explores the historical evolution of money and digital currencies, analysing various CBDC models and design choices. The study delves into the potential impacts of CBDCs on monetary policy transmission mechanisms and financial stability, while also considering the technological and operational challenges associated with their implementation. The dissertation provides a detailed analysis of the UK's legislative framework concerning CBDCs, including an overview of current financial legislation, proposed regulatory changes, and the role of the Bank of England. Comparative analyses with other jurisdictions offer a broader perspective on global regulatory approaches. Empirical analysis1 and case studies of CBDC implementations provide practical insights into the real-world implications of these digital currencies. Based on these findings, the dissertation presents policy recommendations for central banks, governments, financial institutions2, and technology providers to effectively navigate the challenges and opportunities presented by CBDCs.
    39 0
  • No Thumbnail Available
    ItemRestricted
    ADAPTIVE INTRUSION DETECTION SYSTEM FOR THE INTERNET OF MEDICAL THINGS (IOMT): ENHANCING SECURITY THROUGH IMPROVED MUTUAL INFORMATION FEATURE SELECTION AND META-LEARNING
    (Towson University, 2024-12) Alalhareth, Mousa; Hong, Sungchul
    The Internet of Medical Things (IoMT) has revolutionized healthcare by enabling continuous patient monitoring and diagnostics but also introduces significant cybersecurity risks. IoMT devices are vulnerable to cyber-attacks that threaten patient data and safety. To address these challenges, Intrusion Detection Systems (IDS) using machine learning algorithms have been introduced. However, the high data dimensionality in IoMT environments often leads to overfitting and reduced detection accuracy. This dissertation presents several methodologies to enhance IDS performance in IoMT. First, the Logistic Redundancy Coefficient Gradual Upweighting Mutual Information Feature Selection (LRGU-MIFS) method is introduced to balance the trade-off between relevance and redundancy, while improving redundancy estimation in cases of data sparsity. This method achieves 95% accuracy, surpassing the 92% reported in related studies. Second, a fuzzy-based self-tuning Long Short-Term Memory (LSTM) IDS model is proposed, which dynamically adjusts training epochs and uses early stopping to prevent overfitting and underfitting. This model achieves 97% accuracy, a 10% false positive rate, and a 94% detection rate, outperforming prior models that reported 95% accuracy, a 12% false positive rate, and a 93% detection rate. Finally, a performance-driven meta-learning technique for ensemble learning is introduced. This technique dynamically adjusts classifier voting weights based on factors such as accuracy, loss, and prediction confidence levels. As a result, this method achieves 98% accuracy, a 97% detection rate, and a 99% F1 score, while reducing the false positive rate to 10%, surpassing previous results of 97% accuracy, a 93% detection rate, a 97% F1 score, and an 11% false positive rate. These contributions significantly enhance IDS effectiveness in IoMT, providing stronger protection for sensitive medical data and improving the security and reliability of healthcare networks.
    27 0

Copyright owned by the Saudi Digital Library (SDL) © 2026