Abstract
Cybersecurity is no longer an issue discussed only between the professionals or technologists, but it is also closely related to ordinary people whose daily life is exposed to kinds of cyberattacks. And Womabat Security Technologies conducted a survey revealed that ransomware is an unknown concept to nearly two-thirds of employees. In practical, almost 95% of cybersecurity attacks are due to human error. At fact, expensive and sophisticated systems cannot work effectively without considering the human factor, while human factor is the major vulnerability in cybersecurity. Thus, it has great significance to give people cybersecurity awareness training. In this paper, we present a system, named ASURA, providing adaptive training aimed at improving cybersecurity awareness of people. Three issues can’t be neglected in adaptive cybersecurity awareness training, as follows. Firstly, we need to decide the proper training contents from the huge training materials. Secondly, the training contents should be timely updated, as cyber attacks constantly changing. At last, we should conduct training through effective and acceptable approach. We solved above three issues in this paper, and the innovative idea of this paper is constructing hierarchical concept map from the LOD database DBpedia. Then, we employ a series of processing on hierarchical concept map, including PageRank algorithm used to calculate the importance of each concept node, and filtering used to filtered out undefined and unrelated concepts. In particular, we get training contents from DBpedia dynamically and timely updated, so that training contents is keeping up to date. ASURA delivered training contents completely online, thus significant trimmed budget and allowed learners accessing training outside of a traditional classroom. Moreover, ASURA provide adaptive training targeted to individual learner, as it generate training contents based on the keyword from the learner.
Similar content being viewed by others
References
Aloul, F.A. (2012). The need for effective information security awareness.
Abawajy, J. (2014). User preference of cyber security awareness delivery methods. Behaviour & Information Technology, 33(3), 237–248.
Abawajy, J. (2014). User preference of cyber security awareness delivery methods. Behaviour & Information Technology, 33(3), 237–248.
Bada, M., Sasse, A.M., & Nurse, J.R.C. (2014). Cyber security awareness campaigns: why do they fail to change behaviour? arXiv:1901.02672.
Beuran, R., Tang, D., Tan, Z., Hasegawa, S., Tan, Y., & Shinoda, Y. (2019). Supporting cybersecurity education and training via lms integration: Cylms. Education and Information Technologies, 06.
Bizer, C., Heath, T., & Berners-Lee, T. (2009). Linked data - the story so far. Int. J. Semantic Web Inf. Syst., 5, 1–22.
Bizer, C., Lehmann, J., Kobilarov, G., Auer, S., Becker, C., Cyganiak, R., & Hellmann, S. (2009). Dbpedia - a crystallization point for the web of data. Journal of Web Semantics, 7(3), 154–165. The Web of Data.
Brin, S., & Page, L. (1998). The anatomy of a large-scale hypertextual web search engine. In Seventh international World-Wide Web Conference (WWW 1998).
Brin, S., & Page, L. (2007). Dbpedia: a nucleus for a web of open data. In Proceedings of the 6th international the semantic web and 2nd Asian conference on asian semantic web conference, ISWC’07/ASWC’07 (pp. 722–735). Berlin: Springer.
Cormen, T.H., Leiserson, C.E., & Rivest, R.L. (1990). Introduction to algorithms MIT Press.
DBpedia. (2019). About dbpdedia.
Delaney, E., & Easttom, C. (2018). CompTIA Security+ guide. The name of the publisher, 7 edn.
ESET. (2020). Eset authorize training center. https://www.eset.com/us/cybertraining/.
FraudWatch. (2018). What is cyber security awareness training and why is it so important?
Goldman, J. (2017). An urgent need for security awareness training: 30 percent of employees don’t know what phishing is.
Haveliwala, T.H. (2003). Topic-sensitive pagerank: a context-sensitive ranking algorithm for web search. IEEE Transactions on Knowledge and Data Engineering, 15(4), 784–796.
Jaap, M., Murre, J., & Dros, J. (2015). Replication and analysis of ebbinghaus ’ forgetting curve murre.
Kaur, N. , & Garg, D. (2012). Analysis of the depth first search algorithms.
Kelley, C.R. (1969). What is adaptive training? Human Factors, 11(6), 547–556.
Ki-Aries, D., & Faily, S. (2017). Persona-centred information security awareness. Computers & Security, 70, 663–674.
Lehmann, J., Isele, R., Jakob, M., Jentzsch, A., Kontokostas, D., Mendes, P.N., Hellmann, S., Morsey, M., van Kleef, P., Auer, S., & Bizer, C. (2015). DBpedia - a large-scale, multilingual knowledge base extracted from wikipedia. Semantic Web Journal, 6(2), 167–195.
MediaPRO. (2016). 2016 privacy security awareness report.
MediaPRO. (2018). 2018 privacy security awareness report.
Mendes, P., Jakob, M., & Bizer, C. (2012). DBPedia: a multilingual cross-domain knowledge base. In Proceedings of the Eighth International Conference on Language Resources and Evaluation (LREC-2012) (pp. 1813–1817). Istanbul, Turkey: European Languages Resources Association (ELRA).
Miller, E.J. (2001). An introduction to the resource description framework. Journal of Library Administration, 34, 245–255, 12.
Nguyen, L. (2008). Learner model in adaptive learning.
Nicol, D. (2007). E-assessment by design: using multiple-choice tests to good effect. Journal of Further and Higher Education, 31(1), 53–64.
Nkambou, R., Bourdeau, J., & Mizoguchi, R. (2010). Advances in intelligent tutoring systems. Berlin: Springer.
Prud’hommeaux, E., & Seaborne, A. (2007). Sparql query language for rdf 01.
Shaw, R.S., Chen, C.C., Harris, A.L., & Huang, H.-J. (2009). The impact of information richness on information security awareness training effectiveness. Computers & Education, 52(1), 92–100.
Strikingloo. (2019). Fuzzywuzzy: how to measure string distance on python.
TopBraid Composer. (2020). Property has broader.
TopBraid Composer. (2020). Property dct:subject.
W3C. (2020). Serializing sparql query results in json. https://www.w3.org/TR/rdf-sparql-json-res/.
Acknowledgements
This work was supported by JSPS KAKENHI Grants Number 17K00478 and 17K00479.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Tan, Z., Beuran, R., Hasegawa, S. et al. Adaptive security awareness training using linked open data datasets. Educ Inf Technol 25, 5235–5259 (2020). https://doi.org/10.1007/s10639-020-10155-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10639-020-10155-x