Saudi Cultural Missions Theses & Dissertations
Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10
Browse
5 results
Search Results
Now showing 1 - 5 of 5
Item Unknown A Cognimetric Authentication Tool (CAT): Temporal Analysis of Touch Dynamics(University of Sussex, 2024) Alwhibi, Munirah; Cheng, PeterMuch research in touch biometric authentication is grounded in a pragmatic, data-driven methodology, involving the collection and analysis of touch data to train machine learning models. In contrast, this research explores the integration of established theories of human cognition and interactive behaviour to inform the design of a Cognimetric Authentication Tool (CAT). In the field of cognitive science, time related measures are widely used to differentiate individuals during task performance. This investigation analyses two temporal measures of swipe and scroll interactions: touch durations (touch) and durations between touches (gap). An existing dataset, comprising interactions from 41 participants engaged in two realistic and cognitively demanding tasks—reading Wikipedia articles (read) and comparing image pairs (compare)—is utilised. The goal of this research is to develop methods for capturing, modelling and comparing participant behaviours for potential authentication applications. It adopts histograms to model and compare temporal behaviours based on the shapes of frequency distributions of each measure within each task. The metric Absolute Distribution Difference (ADD) is introduced by this research to quantify the consistency of temporal behaviour within participants and its distinctiveness across participants. The analysis reveals that intra-participant variations (inconsistency) are overshadowed by inter-participant differences (distinctiveness), which is necessary for authentication. However, the intricate relationship between them emphasises a trade-off; neither is independently sufficient for authentication. Trained only on genuine user’s behaviour, CAT drops error rates to around 10% for a single measure and halving to 5% when combining two measures. To accomplish this, CAT utilises 4 user profiles per participant, tailored to each measure and task, and consisting of the average behaviour of a participant and their personal inconsistency thresholds. This multi-level personalisation approach can compensate for the natural variability and context-dependent nature of human behaviour, and it extends to the fusion functions. Through the research, two sampling techniques are employed: initially, using the entire document as a sample, and subsequently, adopting action-based sampling (a conventional technique). In their current state, both sampling techniques are eligible for delayed authentication, as second factor authentication. Similarly, two fusion methods are employed: measures are combined within the same tasks (a conventional technique), and across tasks, providing complementing aspects of task-specific behaviours. Both sampling and fusion techniques prove effective particularly in relation to the previous research conducted with this dataset.12 0Item Unknown A Trust Framework For Information Sharing(University of Southampton, 2024-03-14) Ghamri, Rayan Mohamed S; Wills, Gary; Al Hashimy, Nawfal; Farhat, HikmatThe Kingdom of Saudi Arabia (KSA) is planning Vision 2030 to improve the outcomes of its education and training system and subsequently to develop a local and global labour market. The country needs to establish KSA’s current educational and employment status, as this will assist in finding areas that need development to support government planning and human resource capital, mainly since education is provided and funded by the government. Since the government funds education, most young people study. whatever they like or what is readily available. That means it creates a dearth of a particular graduate’s specialisation and an overflow of another, which leads to training and educating more graduates majoring in subjects than the employment market needs or not training enough graduates in specific areas the employment market needs. Without information sharing between employment and education, it lowers having accurate information to make economic growth decisions. This novel framework assists in finding the numbers of skilled candidates, vacancy opportunities and learners in one place, thus ensuring sustainability, efficiency and effectiveness. In light of the above, there is a need for a research project to explore how best to allocate and share trusted and accurate information on educational certificates and employment achievements while preserving the privacy and security of stakeholders’ digital assets. This research examines current practices in information-sharing of educational certificates and employment history verification in the integrated environment intending to reduce wasted resources. Part of the e-government system, the scheme considers aspects relating to both KSA’s unique context and information-sharing technologies, making it highly relevant and context-specific. A prerequisite is a framework of factors to enable information-sharing among educational providers, employers and the government. This research introduces a novel framework comprising four principal dimensions: Facilitating Conditions, IT Services, Secure Access, and Trust and Accuracy (FIST). These four elements collectively form the basis of the innovative framework, named the ’FIST Framework,’ an acronym derived from the initial letter of each dimension. The FIST Framework aims to help software engineers structure an integration system at an early stage of the software development life cycle. Four dimensions characterise the architecture: Facilitating Conditions; IT Services; Secure Access; and Trust and Accuracy. Each has six requirements (factors) defined in natural language for software engineers when implementing the FIST Framework. The purpose is to preserve the trust and accuracy of integrated data (Shared or Exchanged) that contain both organisations’ and individuals’ personal and private data. The primary objective of this research is to build a robust framework, known as the FIST framework, developed to improve the outcomes of education and training systems to strengthen economic growth in the labour sector through information sharing. This framework development happened through comprehensive expert reviews and analysis. The core purpose of the FIST framework is to tackle two hidden but critical problems in data integration: Trust and Accuracy. Experts often express concern regarding the trustworthiness of data integration, primarily due to the potential unavailability of data. Additionally, there needs to be more accuracy, particularly in identifying the data sources. This lack of trust and observed inaccuracy pose significant challenges for data integration. This research used the Delphi method to confirm and expose various factors and their associated requirements. It involved a systematic approach for gathering requirements, primarily focusing on human interactions, then a modelling approach for designing interaction models. Formal Modelling is essential in validating the critical tasks of systems based on the FIST framework. Utilising Rodin for rigorous analysis, this approach strengthens the system by ensuring robustness and detecting inconsistencies in data integration, sharing, and exchange. This process is necessary for the FIST framework’s integrity, which involves simulating various scenarios to test the data integration system’s effectiveness against theoretical and real-world requirements. The outcome is a reliable, trusted system for essential tasks in education and employment. Formal Modelling demonstrates the FIST framework’s theoretical soundness and practical effectiveness, especially in maintaining trust and accuracy in data integration. Applying Formal Modelling rectifies potential weaknesses, enhancing the FIST framework’s recognition and stakeholder confidence.39 0Item Unknown Employees awareness assessment of cyber security in Saudi universities Case Study on Taif university(Saudi Digital Library, 2023-11-14) Almaliki, Abdulrahman Abdulrazak; Safari, SolmazThis research aimed to bolster cybersecurity awareness among Taif University's employees through a designed website and evaluate its efficacy using a questionnaire. Initially, a specialised website was conceptualised, designed, and implemented to enhance awareness about cybersecurity amongst the staff. This is done while utilising the System Development Life Cycle (SDLC) for a structured approach. The website provided resources relevant to cybersecurity challenges faced by the employees which allow flexible and paced learning. An online questionnaire was administered to 93 staff members to collect feedback on the website and gather data on their cybersecurity awareness levels. The online format was selected for its cost-effectiveness, efficiency and the ability to reach a larger audience which is mainly important in a post-pandemic environment where remote methods are favoured. The questionnaire which is designed on Google Forms consisted of Twenty-one close-ended items including demographic queries and questions related to cybersecurity awareness and items were measured by using a 5-point Likert scale and multiple-choice format. The sampling involved a convenience method with participants selected for their availability and willingness to participate. Nonetheless, the results provided thoughts into the staff's cybersecurity awareness levels and the designed website's effectiveness. As such, this research is perceived as a foundation for future research and practice in the field.30 0Item Unknown Physics and AI-Driven Anomaly Detection in Cyber-Physical Systems(Saudi Digital Library, 2023) Alotibi, Faris; Tipper, DavidOrganizations across various sectors are moving rapidly to digitization. Multiple applications in cyber-physical systems (CPSs) emerged from interconnectivity such as smart cities, autonomous vehicles, and smart grids, utilizing advanced capabilities of the Internet of Things (IoTs), cloud computing, and machine learning. Interconnectivity also becomes a critical component in industrial systems such as smart manufacturing, smart oil, and gas distribution grid, smart electric power grid, etc. These critical infrastructures and systems rely on industrial IoT and learning-enabled components to handle the uncertainty and variability of the environment and increase autonomy in making effective operational decisions. The prosperity and benefits of systems interconnectivity demand the fulfillment of functional requirements such as interoperability of communication and technology, efficiency and reliability, and real-time communication. Systems need to integrate with various communication technologies and standards, process and analyze shared data efficiently, ensure the integrity and accuracy of exchanged data, and execute their processes with tolerable delay. This creates new attack vectors targeting both physical and cyber components. Protection of systems interconnection and validation of communicated data against cyber and physical attacks become critical due to the consequences of disruption attacks pose to critical systems. In this dissertation, we tackle one of the prominent attacks in the CPS space, namely the false data injection attack (FDIA). FDIA is an attack executed to maliciously influence decisions, that is CPSs operational decisions such as opening a valve, changing wind turbine configurations, charging/discharging energy storage system batteries, or coordinating autonomous vehicles driving. We focus on the development of anomaly detection techniques to protect CPSs from this emerging threat. The anomaly detection mechanisms leverage both physics of CPSs and AI to improve their detection capability as well as the CPSs' ability to mitigate the impact of FDIA on their operations.40 0Item Unknown The Critical Success Factors for Security Education, Training and Awareness (SETA) Programme Effectiveness: A Lifecycle Model(0022-09-30) Alyami, Areej Nasser; Sammon, David; Neville, Karen; Mahony, CarolanneSecurity Education, Training, and Awareness (SETA) programmes are one of the most important cybersecurity strategies to protect the valuable assets of any organisation, raise awareness, change behaviour, comply with Information Systems (IS) security policy, and minimises IS security threats. The significance of SETA programmes is widely accepted by both academics and practitioners. However, more research is needed to improve SETA programme effectiveness in organisations. A review of the relevant IS/cyber security literature reveals a lack of research into the Critical Success Factors (CSFs) for SETA programme effectiveness. Therefore, this research study explores the CSFs for SETA programme effectiveness. A multi-stage research design is adopted for this research study. Stage One involves the gathering and analysis of lived experiences (using semi-structured interviews) from 20 key expert informants. Emerging from this stage are 11 CSFs for SETA programme effectiveness. These CSFs are mapped along the phases of the SETA programme lifecycle (design, development, implementation, evaluation). Furthermore, 9 relationships between these CFSs are identified (both within and across the lifecycle phases). This research output is a Lifecycle Model of CSFs for SETA programme effectiveness. Stage Two of this research involves an evaluation of the importance of the 11 CSFs for SETA programme effectiveness (emerging from stage one). This evaluation is achieved through administering a short online survey questionnaire (completed by 65 respondents - IS/cyber security professionals) and a series of follow-up probing interviews (with 9 IS/cyber security professionals – 4 key informants for stage one, and 5 survey respondents for stage two). Emerging from this stage is a ranked list of CSFs and 5 guiding principles to overcome the challenges of delivering an effective SETA programme. This research output is an evaluated Lifecycle Model of CSFs for SETA programme effectiveness. Overall, this research provides a depth of insight contributing to both theory and practice and lays the foundation for further research.