Saudi Cultural Missions Theses & Dissertations

Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10

Browse

Filters

2024 - 20253

Settings

Subject: search.filters.subject.Usable Security

Search Results

Now showing 1 - 3 of 3
  • No Thumbnail Available
    ItemRestricted
    The Influence of Usable Security on Security Culture
    (University of Nottingham, 2025) Fallatah, Wesam; Furnell, Steven; Wagner, Christian
    Cybersecurity threats are becoming more complex, and organizations must implement security measures that are technically robust and practical. The lack of usability of these measures can lead to uncompliant behavior, risky workarounds, and a weak security culture, making the organization susceptible to security breaches. To improve cybersecurity posture and resilience, organizations need to understand and strengthen their security culture. This study adopts a mixed-method approach to explore the influence of usable security on security culture. It centers on three core objectives. First, it seeks to understand the concepts of usability, usable security, and security culture by examining their representation in studies and authoritative sources. It also formulates a comprehensive set of definitions to identify the factors that influence these key elements. Second, it aims to characterize the relationship between usable security and security culture by framing the study variables and investigating whether usable security can positively impact security culture, drawing on both quantitative and qualitative analyses. To achieve this, a survey was conducted with over 200 participants, followed by interviews with a smaller sub-population. The study then employed statistical descriptive analysis and thematic analysis to understand the relationship between usable security and security culture. Third, it sought to design a means that leverages the influence of usable security, identifying specific areas where usability improvements can promote a stronger and positive security culture. A thorough review of previous and related studies informs the study’s direction and methodology, laying the groundwork for developing the instruments required to investigate the impact of usable security on security culture. An important outcome of this research is the development of a framework for fostering a strong security culture by employing usable security alongside other necessary elements. This framework, which forms a key contribution to the study, was validated by two groups: participants who completed the survey and interviews and a group of experts. The validation process highlighted the framework's practical value and contributed to enhancing the framework's clarity, presentation, and potential for integration. The research intends that organizations may overcome pitfalls that hinder the development of a positive security culture by establishing a structured approach that addresses common usability barriers. Ultimately, the study has the potential to help organizations achieve greater compliance, reduce cybersecurity risks, and enhance their resilience to evolving threats.
    12 0
  • Thumbnail Image
    ItemRestricted
    UNDERSTANDING AND MITIGATING THE THREATS OF THERMAL IMAGING ON SECURITY
    (University of Glasgow, 2024-06-25) Alotaibi, Norah Mohsen T; Khamis, Mohamed; Williamson, John
    The evolution of thermal cameras from exclusive, prohibitively expensive technology to compact, economically accessible consumer products has paved the way for their potential widespread adoption in personal gadgets such as smartphones, wearables, and displays. However, this accessibility raises significant security concerns, as it can be exploited for malicious uses, such as thermal attacks. In a thermal attack, an attacker captures a thermal image of a user interface, like a keyboard or touchscreen, to reveal thermal traces left by the user's touch. These attacks can be performed without any overt action taken by the attacker, as heat traces persist for up to 60 seconds after the user has interacted and left the device unattended. Attackers can then analyze the captured image either through visual means or via advanced techniques such as image processing to reconstruct sensitive inputs made by the user, including passwords and other confidential information. Recognizing this threat, this thesis investigates the feasibility of thermal attacks when advanced methods of thermal image analysis are employed and explores mitigation methods against thermal attacks. Six studies were conducted, with the first two examining the feasibility of thermal attacks on common computer keyboards. ThermoSecure, a Deep Learning (DL) system that analyzes thermal images to estimate user input, was introduced, alongside the first publicly available dataset of 1500 thermal images of keyboards. Results from these studies highlighted that AI-driven thermal attacks are more effective. Success varied based on factors, including input-related ones like password length and user typing behavior, and interface-related ones such as keycap material and thermal conductivity. These findings underscored the pressing need for mitigation methods against thermal attacks, leading to the third study, which investigated user perceptions of privacy in relation to thermal cameras, their understanding of thermal attacks, and their preferences for mitigation methods. Previous research proposed several user-centric mitigation methods, yet the results from this study emphasized the need for holistic approaches requiring minimal user involvement. Users expressed openness towards using thermal cameras in daily life but also exhibited privacy and security concerns, largely due to unawareness of thermal attacks and mitigation strategies. With that in mind, Two camera-centric mitigations were introduced and evaluated: four distinct obfuscations (Mitigation 1) and a GANs-based mitigation (ThermoGANs) (Mitigation 2), both of which proved effective against thermal attacks. The results emphasized user preference for mitigation methods that require minimal involvement, even at the potential cost of utility. This thesis underscores the need for holistic strategies that not only prevent camera misuse but also minimize utility impact. The final study explores such a method, investigating input-based induced noise that ensures ineffective heat traces for password reconstruction, both in terms of identifying used keys and the sequence of presses. This research contributes a novel understanding of thermal attack feasibility, user perceptions, and mitigation techniques, providing a foundation for future security measures against thermal attacks.
    34 0
  • Thumbnail Image
    ItemRestricted
    Understanding and Improving the Usability, Security, and Privacy of Smart Locks from the Perspective of the End User
    (University of North Carolina at Charlotte, 2024) Hazazi, Hussein; Shehab, Mohamed
    Over the past two decades, the Internet of Things (IoT) has seen a significant expansion in both the sophistication and variety of its applications. These applications span several domains, including enhancing and automating services in healthcare, advancing smart manufacturing processes, and elevating home living standards through smart home technologies. These technologies empower individuals with greater control over their home appliances. Smart locks are smart home devices that were introduced as replacements for traditional locks. Smart locks, designed to go beyond the basic functionality of traditional locks by offering additional features, have seen a surge in market growth and competitiveness. According to the Statista Research Department, it is projected that the global market for smart locks will surpass four billion dollars by 2027. A number of studies have examined end users' concerns, needs, and expectations regarding smart homes in general. However, little research has been conducted to examine these aspects of the smart lock in particular. To address this gap, we conducted a series of user studies that aim to elucidate how smart locks are integrated and interact within smart home environments, focusing on user interactions both with the locks themselves and when they are part of broader automation scenarios. This dissertation contributes to a deeper understanding of smart lock technology from a user-centric viewpoint. It offers insights into user motivations, concerns, and preferences regarding smart lock usage and automation. It also highlights the importance of balancing convenience and security, the pivotal role of trust, and the complexities of integrating smart locks into broader smart home systems.
    34 0

Copyright owned by the Saudi Digital Library (SDL) © 2025