Journal Entry #14
Write a paragraph describing the five most serious violations and why
you think those offenses are serious.
Of the list described by Slynchuk, I believe the five most serious violations are: Illegal searches on the internet, sharing passwords, addresses, or photos of others, using torrent sites, using other peoples internet, and bullying and trolling. Illegal searches on the internet is a serious violation because it generally involves illegal things in real life such as child pornography. Usually you can search these things but you will be flagged and monitored by authorities. Sharing sensitive data such as passwords or even photos without the consent of others not only breaks the trust of that person but can lead to illegal activity such as revenge porn. In the early days of the internet, prior to streaming, torrenting was extremely prevalent because there were no streaming services where a user could view their favorite shows. This allowed people to download a particular item without having to pay. However, this is considered theft and you can be prosecuted (example: napster vs Metallica.) Unauthorized use of someone’s internet could compromise your network security as well as theirs. Not to mention this could slow down their network, possibly leading to issues with that person’s work setup! Picture this like siphoning gas from someone else’s car (they can’t get to work, you are stealing something they paid for.) Lastly, bullying and trolling creates a toxic environment that could cause distress especially for children. Many children have taken their lives due to cyberbullying. These violations break down the good digital community and its important to practice smart internet hygiene!
Journal Entry #12
Read the sample breach letter “SAMPLE DATA BREACH NOTIFICATION” and describe how two different economics theories and two different social sciences theories relate to the letter.
Economic Theory
Rational Choice theory and Keynesian Economic Theory can be related to this letter. Rational choice theory states that individuals make decisions in their best interest. With respect to the letter, the company decided to let customers know about the incident and about what they can do to protect their information. This in turn allows the customer to decide how they would like to proceed in a way that would be most beneficial to them. The Keynesian Economic Theory is the thought that government intervention can stabilize the economy. In this case there was a delay in the notification to the customers which was needed so that the government could stabilize the incident and recover respective evidence.
Social Sciences Theory
Labeling theory and Conformity theory are social science theories that can be applied to this letter. Labeling theory is the theory that how someone identifies and the behavior of an individual may be determined or influenced by terms used to classify them. In the letter the customers are labeled as possible victims of identity theft/fraud. This would make them react to the letter in a way that would most likely protect their assets. Conformity is the act of matching attitudes and behaviors to group norms. In this letter everyone is being addressed at one time, collectively. This in turn may influence them to conform to a particular behavior in response.
Article Review #2
Dawn Weston
November 5, 2023
CYSE 201S_22131
Article Review #2
I reviewed the article entitled “Testing human ability to detect ‘deep fake’ images of human faces.” The topic relates to the principles of the social sciences, specifically cognitive psychology, by addressing how people interact with AI and if their brain can differentiate between what is real and what is fake.
To begin, the article touched on flaws of previous related studies: too small of sample sizes, participant fatigue, issues with training, unknown background of how the studies gathered participants and if they were random, validity of the experiment’s steps, and lack of error statistics.
The researchers felt as though a newer study would be needed to address the flaws of the previous ones. They accomplished this by conducting their own experiment which was three-fold: to determine if people can differentiate between deep fake images and real people, to see if interventions in the study improve accuracy, and determine if the participant’s confidence in their answer aligns with their accuracy.
To conduct the study, researchers used the StyleGAN2 (Style Generative Adversarial Network 2) framework trained on the Flickr FFHQ dataset to generate human faces. The sample size of participants was higher than previous studies at 280. To find participants the Prolific online platform was used and participants received £6/hr. They were given motivation of earning an additional 50% bonus if they scored in the top 50% of all participants. The study consisted of a control and three experimental conditions. In the experimental conditions the participants were trained on deep fake images, given tips on common flaws in AI images, or a combination of both.
Results of the study concluded that though accuracy was better than previous studies, humans are not very proficient at detecting deep fake images, there was no significant improvement in accuracy for those that were given training vs those who were not, and often the confidence they reported was misplaced based.
In conclusion, AI presents benefits as well as challenges in the cyber field. The problems with deep fakes include fraud, forgery, as well as a host of other crimes such as phishing others on dating sites or opening bank accounts with false identities. As these generative programs become better, humans will need to be more aware and develop new tools of identifying them.
Works Cited:
Bray, Sergi D., et al. “Testing Human Ability to Detect ‘Deepfake’ Images of Human Faces.” Journal of Cybersecurity, vol. 9, no. 1, Oxford UP, Jan. 2023, https://academic.oup.com/cybersecurity/article/9/1/tyad011/7205694.
Journal Entry #11
Watch https://www.youtube.com/watch?v=iYtmuHbhmS0. Think about how the description of the cybersecurity analyst job relates to social behaviors. Write a paragraph describing social themes that arise in the presentation.
In the referenced video a woman discussed the role of cybersecurity analyst. The factors described when determining if someone wanted to take this role included: cost of living, job field growth, education, and income.
There is an increased need for cybersecurity analysts as cyberwarfare and technology has progressed. People are becoming more aware of potential threats and the need for cyber security professionals. This means that the job field is in greater demand than ever before.
The education piece is quite interesting when brought up from a social aspect. While there is a greater demand for security professionals, they do not all need to follow the same pipeline. Some folks may enter the field with a college degree while others can earn certifications and show off their experience via uploading their own programs to places such as Github. This allows for a socially diverse group of people in this field There is a potential for high income in this field starting low as 95k a year, depending on location. This allows for entry level personnel to improve their financial situations.
Journal Entry #10
Read this and write a journal entry summarizing your response to the article on social cybersecurity
https://www.armyupress.army.mil/Journals/Military-Review/English-Edition-Archives/Mar-Apr-2019/117-Cybersecurity/b/
As technology has advanced so has cyberwarfare. Russia has been at the forefront of this advancement. We’ve seen it as early as 2003 but most effectively between 2016 and 2018. They have been able to successfully manipulate information and networks by use of misdirection, hashtag latching, smoke screening, and thread jacking. 20 years ago if someone heard the term ‘thread jacking’ they would think it meant stealing sewing supplies! But, today it means co-opting a conversation and turning it into something else- usually done on twitter or reddit. A growing number of bots are also used to push particular narratives and propaganda. This means that warfare is more covert than ever and there is more of an effort needed in the cyber realm to mitigate these forces.
Journal Entry #9
Complete the Social Media Disorder Scale. How did you score? What do you think about the items in the scale? Why do you think that different patterns are found across the world?
I took the Social Media Disorder questionnaire and scored (what I believe to be) low with a score of 3/9. I honestly think this scale would only be good if there is a person with quit an obvious problem. I feel like the questions were too broad and should be refined a bit. A question such as “In the past year have you tried to spend less time on social media, but failed?”. Of course I answered yes to this, if you are below the age of 45 then most people, I’m sure, would answer yes. ‘ve definitely thought “i’m going to go to bed early tonight” and then ended up on twitter longer than I wanted. So I didn’t really try that hard and it wasn’t that important to go to bed early at that time. The question should expand more and ask “how often do you try and get off social media and fail” and then “how has this affected your life.” Then I think you’d get a more accurate reading of if a person has a disorder or not.
There would definitely be different patterns found around the world based on income and availability of social media/internet, and population. Folks in North Korea would have completely different answers than those in Japan vs Brazil vs Ukraine.
Journal Entry #8
Watch video on Hacker rating Hacking scenes and write about how do you think the media influences our understanding about cybersecurity?
I believe that media is extremely influential on how people understand cybersecurity. The movie Hackers was touched on a little bit in this video and it influenced me deeply. I watched Hackers when I was a kid and i was obsessed. After watching it, I then went online to read anything i could about Hacking- including the “Hacker’s manifesto.” I associated hacking with just being a smart person that could get “into hard to reach” places in a computer. There is a scene at the end of Hackers where the characters are hacking into a system while out in public and on their screens are things such as a cookie monster eating files. I thought for probably about 10 years that it was a legitimate scene and that all hacking looked similar. I didn’t know it could be as simple as trying different passwords over and over until you are allowed into a particular account. As described by the woman in this youtube video, Hackers was the first movie that made me want to get into the IT field. Honestly i’m a bit sad it isn’t exactly like the movie!
Journal Entry #7
Review the following ten photos through a cybersecurity human systems integration framework. Create a meme explaining what is going on in the individual’s or individuals’ mind(s).
Image 1: Working on my annual cyber security training.
https://unsplash.com/photos/mfB1B1s4sMc
Image 2: “This training is Purr-fect!”
https://unsplash.com/photos/gySMaocSdqs
Image 3: Successfully connected to “Public Starbucks Wifi”
https://unsplash.com/photos/ICTKcvnXx_8
Image 4: “I get all the best access points from here.”
https://unsplash.com/photos/Z3ownETsdNQ
Image 5: Explaining to my co-workers why cybersecurity is important!
https://unsplash.com/photos/5QgIuuBxKwM
Image 6: “Yes! I successfully changed my password!”
https://unsplash.com/photos/R6dSBkz32B8
Image 7: “Tracking down my next target”
https://unsplash.com/photos/BXiLSwwvqrY
Image 8: Diligent users only!
https://commons.wikimedia.org/wiki/File:Computer_user_icon.svg
Image 9: “Now we will be learning about why its important to change your password!”
https://commons.wikimedia.org/wiki/File:Summer_school_GLAM_giorno_1_1.jpg
Image 10: “Letting the world know what I’m up to”
https://commons.wikimedia.org/wiki/File:CellPhone_(16491636068).jpg
.jpg){kind=link}
Explain how your memes relate to Human Systems Integration.
These meme’s relate to the human systems integration framework because they all allude to things a user could be doing to improve their cyber experience. By completing annual cyber training at work they are also ensuring that they take those same fundamentals home with them and apply them. People should be aware of connecting to public wifi, there could be a man on a roof who set that AP up and is stealing your data (image 4)! They also speak to what people put on the internet, if you are putting your whereabouts on social media, people are going to use that info to try and gather as much data on you as they can to try and exploit your accounts.
Journal Entry #6
Fake vs. Real Websites:
From my experience, fake websites are fairly obvious to find. Though there seems to be two different types of fake sites: those that are trying to replicate another, more popular, site and those that are indeed original sites, but the only objective is to steal your information. The goal of these sites is the same though: to gather as much data as they can about the user. When I was about 10, Myspace was a big target for cyber criminals. Sites would popup resembling the exact myspace login page but the link was a letter or two off from the real site. They would send out an email telling you to change your password, you’d click the link to this fake site, enter in your login info as if to sign in, and boom, now they have your info. Other sites popular during the myspace days were sites you could go to that had html written out so you could customize your page. All you had to do was copy the code and insert it onto your myspace page. Because of this customization- fraudulent sites popped up, these sites weren’t as easy to decipher. However, a few things made it obvious: extreme popups that made it very difficult to navigate the page, requirements to download a browser extension, and excessive spelling errors. Its easy to make one or two spelling mistakes, however, fraudulent sites tend to have an overwhelming amount.