Grouping and Determining Perceived Severity of Cyber-Attack Consequences: Gaining Information Needed to Sonify Cyber-Attacks
Tóm tắt
Cyber-attacks are a continuing problem. These attacks are problematic for users who are visually impaired and cannot rely on visual cues to indicate a potential cyber-attack. Sonification is an alternative way to help users who are visually impaired detect potential cyber-attacks. Sonification provides information to users using non-speech sounds. Sonification could provide users who are visually impaired with information on potential cyber-attack consequences that could stem from their actions. However, there are two challenges with sonifying cyber-attack consequences. First, there are many potential cyber-attack consequences to sonify, and humans have a limited ability to remember associations between sonifications and their meanings. Second, cyber-attack warning messages are better trusted when they align the severity of the consequences with the user’s perceived severity. However, we do not know the perceived severity of individual consequences. Therefore, we need to reduce the number of consequences to sonify and to determine the perceived severity of these consequences. We had non-expert participants group cyber-attack consequences based on perceived similarity. Analyses revealed that participants’ groupings formed seven clusters. We then had non-expert participants rate the perceived severity of each cyber-attack consequence. Those ratings were used to determine the perceived severity of each cluster. These efforts resulted in a set of cyber-attack consequence clusters that (a) is small enough that users should be able to remember associations between sonifications and their meanings, and (b) can be sonified in a way that reflects users’ perceptions regarding the severity of the clustered cyber-attack consequences. As such, the results of these studies are critical steps towards creating effective sonifications that serve as cyber-security warning messages.
Tài liệu tham khảo
United States Department of Homeland Security (2020) Homeland Threat Assessment. https://www.dhs.gov/sites/default/files/publications/2020_10_06_homeland-threat-assessment.pdf. Accessed 3 March 2021
Centers for Disease Control and Prevention (2021) COVID-19 Related Phone Scams and Phishing Attacks. https://www.cdc.gov/media/phishing.html. Accessed 3 March 2021
Siami Namin A, Hewett R, Jones KS, Pogrund R(2016) Sonifying internet security threats. In: Proceedings of the 2016 CHI Conference Extended Abstracts on Human Factors in Computing Systems, pp. 2306–2313. https://doi.org/10.1145/2851581.2892363
Alsharnouby M, Alaca F, Chiasson S (2015) Why phishing still works: User strategies for combating phishing attacks. Int J Hum Comput Stud 82:69–82. https://doi.org/10.1016/j.ijhcs.2015.05.005
Holman J, Lazar J, Feng J (2008) Investigating the security-related challenges of blind users on the Web. In: Langdon P, Clarkson J, Robinson P (eds) Designing inclusive futures. Springer, London, pp 129–138
Inan FA, Namin AS, Pogrund RL, Jones KS (2016) Internet use and cybersecurity concerns of individuals with visual impairments. J Educational Technol Soc 19:28–40
Lazar J, Allen A, Kleinman J, Malarkey C (2007) What frustrates screen reader users on the Web: A study of 100 blind users. Int J Hum Comput Interact 22:247–269. https://doi.org/10.1080/10447310709336964
Csapó Á, Wersényi G, Nagy H, Stockman T (2015) A survey of assistive technologies and applications for blind users on mobile platforms: a review and foundation for research. J Multimodal User Interfaces 9(4):275–286
Murphy E, Kuber R, McAllister G, Strain P, Yu W (2008) An empirical investigation into the difficulties experienced by visually impaired Internet users. Univ Access Inf Soc 7:79–91. https://doi.org/10.1007/s10209-007-0098-4
Zhao H, Plaisant C, Shneiderman B, Lazar J (2006) A framework for auditory data exploration and evaluation with geo-referenced data sonification. Manuscript under review
Walker BN, Nees MA (2011) Theory of Sonification. In: Hermann T, Hunt A, Neuhoff JG (eds) The Sonification Handbook. Logos Verlag, Berlin, Germany, pp 9–39
Vickers P (2016) Sonification and music, music and sonification. The Routledge Companion to Sounding Art. Routledge, London, pp 135–144
Guillaume A (2011) Intelligent auditory alarms. In: Hermann T, Hunt A, Neuhoff JG (eds) The Sonification Handbook. Logos Verlag, Berlin, Germany, pp 493–508
Aldana Blanco AL, Grautoff S, Hermann T (2020) ECG sonification to support the diagnosis and monitoring of myocardial infarction. J Multimodal User Interfaces 14(2):207–218
Hermann T, Drees JM, Ritter H(2003) Broadcasting auditory weather reports – a pilot project. In Brazil E, Shinn- Cunningham B (eds) Proceedings of the 2003 International Conference on Auditory Display. Boston University Publications Production Department, Boston, pp. 208–211
Brewster SA (1998) Using non-speech sounds to provide navigation cues. ACM Trans Computer-Human Interact 5:224–259. https://doi.org/10.1145/292834.292839
Ma X, Fellbaum C, Cook PR(2010) SoundNet: Investigating a language composed of environmental sounds. In: CHI 2010: Proceedings of the SIGCHI Conference on Huma Factors in Computing Systems. ACM, pp. 1945–1954. https://doi.org/10.1145/1753326.1753620
Gaver WW, Smith RB, O’Shea T(1991) Effective sounds in complex systems: The arkola simulation. In: Proceedings of CHI. ACM, New York, pp. 85–90
Ziemer T, Schultheis H (2019) Psychoacoustic auditory display for navigation: an auditory assistance system for spatial orientation tasks. J Multimodal User Interfaces 13(3):205–218
Skulimowski P, Owczarek M, Radecki A, Bujacz M, Rzeszotarski D, Strumillo P (2019) Interactive sonification of U-depth images in a navigation aid for the visually impaired. J Multimodal User Interfaces 13(3):219–230
El-Shimy D, Grond F, Olmos A, Cooperstock JR (2012) Eyes-free environmental awareness for navigation. J Multimodal User Interfaces 5(3):131–141
Newbold J, Gold NE, Bianchi-Berthouze N (2020) Movement sonification expectancy model: leveraging musical expectancy theory to create movement-altering sonifications. J Multimodal User Interfaces 14(2):153–166
Horsak, B., Dlapka, R., Iber, M., Gorgas, A. M., Kiselka, A., Gradl, C., … Doppler,J. (2016). SONIGait: a wireless instrumented insole device for real-time sonification of gait. Journal on Multimodal User Interfaces, 10(3), 195–206
Stahl B, Thoshkahna B (2016) Design and evaluation of the effectiveness of a sonification technique for real time heart-rate data. J Multimodal User Interfaces 10(3):207–219
Dubus G (2012) Evaluation of four models for the sonification of elite rowing. J Multimodal User Interfaces 5(3):143–156
Lorenzoni V, Van den Berghe P, Maes PJ, De Bie T, De Clercq D, Leman M (2019) Design and validation of an auditory biofeedback system for modification of running parameters. J Multimodal User Interfaces 13(3):167–180
Frid E, Moll J, Bresin R, Sallnäs Pysander EL (2019) Haptic feedback combined with movement sonification using a friction sound improves task performance in a virtual throwing task. J Multimodal User Interfaces 13(4):279–290
Datta P, Namin AS, Jones KS, Hewett R (2021) Warning users about cyber threats through sounds. SN Appl Sci 3(7):1–21
Bartsch S, Volkamer M, Theuerling H, Karayumak F(2013) Contextualized web warnings and how they cause distrust. In: Huth M, Asokan N, Capkun S, Flechais I, Coles-Kemp L (eds) International Conference on Trust and Trustworthy Computing, Springer, Berlin, Heidelberg, pp. 205–222. https://doi.org/10.1007/978-3-642-38908-5_16
Kauer M, Pfeiffer T, Volkamer M, Theuerling H, Bruder R (2012) It is not about the design – it is about the content! Making warnings more efficient by communicating risks appropriately. GI-Edition – Lecture Notes in Informatics
Dodel M, Mesch G (2017) Cyber-victimization preventive behavior: a health belief model approach. Comput Hum Behav 68:359–367. https://doi.org/10.1016/j.chb.2016.11.044
Ng B, Kankanhalli A, Xu Y (2009) Studying users’ computer security behavior: a health belief perspective. Decis Support Syst 46:815–825. https://doi.org/10.1016/j.dss.2008.11.010
Narwal B, Mohapatra AK, Usmani KA (2019) Towards a taxonomy of cyber threats against target applications. J Stat Manage Syst 22:301–325. https://doi.org/10.1080/09720510.2019.1580907
Federal Bureau of Investigation (2021) The Cyber Threat. https://www.fbi.gov/investigate/cyber. Accessed 3 March 2021
Federal Bureau of Investigation (2021) Ransomware. https://www.fbi.gov/scams-and-safety/common-scams-and-crimes/ransomware. Accessed 3 March 2021
Bartsch S, Volkamer M (2013) Effectively communicate risks for diverse users: A mental-models approach for individualized security interventions. Informatik 2013 – informatic angepasst an Mensch, Organisation und Umwelt. Boon, Gesellschaft Fur Informatik e.V., pp 1971–1984
Optimal Workshop Ltd (2021) https://www.optimalworkshop.com
Jaccard P (1912) The distribution of the flora in the alpine zone. New Phytol 11:37–50. https://doi.org/10.1111/j.1469-8137.1912.tb05611.x
Kaufman L, Rousseeuw PJ (2009) Finding groups in data: An introduction to cluster analysis. John Wiley & Sons, Hoboken
MacQueen J(1967) Some methods for classification and analysis of multivariate observations. In: Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability, pp. 281–297
Rousseeuw PJ (1987) Silhouettes: a graphical aid to the interpretation and validation of cluster analysis. J Comput Appl Math 20:53–65. https://doi.org/10.1016/0377-0427(87)90125-7
Sawilowsky SS (2003) You think you’ve got trivials? J Mod Appl Stat Methods 2:218–225. https://doi.org/10.22237/jmasm/1051748460
Likert R (1932) A technique for the measurement of attitudes. Archives of Psychology 140:1–55
Johnson JA (2005) Ascertaining the validity of individual protocols from web-based personality inventories. J Res Personality 39:103–129. https://doi.org/10.1016/j.jrp.2004.09.009
Kuwano S, Namba S, Schick A et al (2007) Subjective impression of auditory danger signals in different countries. Acoust Sci & Tech 28:360–362. https://doi.org/10.1250/ast.28.360
Wash R, Rader E(2015) Too much knowledge? Security beliefs and protective behaviors among United States Internet Users. In: SOUPS. The USENIX Association, pp. 309–325
Roddy S, Bridges B (2020) Mapping for meaning: the embodied sonification listening model and its implications for the mapping problem in sonic information design. J Multimodal User Interfaces 14(2):143–151
Tordini F, Bregman AS, Cooperstock JR (2016) Prioritizing foreground selection of natural chirp sounds by tempo and spectral centroid. J Multimodal User Interfaces 10(3):221–234