Human Aspects

As the use of Web applications has increased, malicious content and cyber attacks are rapidly increasing in both their frequency and their sophistication. For unwary users and their organizations, social media sites such as Tumblr, Facebook, MySpace, Twitter, and LinkedIn pose a variety of serious security risks and threats. Recent studies show that social media sites are more in use for delivering malware than were previously popular methods of email delivery. Because of this, many organizations are looking for ways to implement effective security policies.

Adolescents have fully embraced social networks for socializing and communicating. However, cyberbullying has become widely recognized as a serious social problem, especially for adolescents using social networks. Also, cyberbullying techniques change rapidly. Perpetrators can use the camera-capacity of their mobile devices to bully others through making and distributing harmful pictures or videos of their victims via mobile social networks.

The explosion in data gathering has greatly exacerbated existing privacy issues in computing systems and created new ones due to the increase in the scale and the scope of available data as well as the advances in the capabilities of computational data analysis. Software professionals typically have no formal training or education on sociotechnical aspects of privacy. As a result, addressing privacy issues raised by a system is frequently an afterthought and/or a matter of compliance-check during the late phases of the system development lifecycle.

To better articulate privacy as a dynamic and dialectic phenomenon in a Web 2.0 world, this project proposes a set of basic empirical research activities to investigate three aspects of privacy in online social networks: conceptualization, intervention, and awareness.

A safe and productive society increasingly depends on a safe and trustworthy cyberspace. However, extensive research has repeatedly shown that the human factor is often the weakest part in cyberspace, and that users of information systems are often exposed to great risks when they respond to credible-looking emails. Thus, spear phishing attacks - which attempt to get personal or confidential information from users through well-targeted deceptive emails - represent a particularly severe security threat.