Journal of Computing and Security
Volume:10 Issue: 1, Winter and Spring 2023

Today ransomware is a significant security threat to both organizations and humans in the e-commerce and digital era. Poor human security awareness is a critical vulnerability that increases the risk of ransomware attacks. To protect against ransomware, an established and effective strategy is to improve the security awareness of employees and users about ransomware. To implement this strategy, in the first step, it is vital to measure the ransomware awareness of the users and, next, try to enhance the level of awareness through education, training, and knowledge sharing about the attack. To our best knowledge, there does not exist any questionnaire specially designed to assess ransomware awareness. In this paper, a novel questionnaire development process is presented and applied to produce a questionnaire for measuring security awareness about ransomware called RSAM. The Persian version of the questionnaire (RSAM-P) is developed and validated using a sample of 216 participants completing the questionnaire. The reliability and validity testing of the RSAM-P indicate that the questionnaire consisting of 21 questions is effective and reliable in assessing ransomware awareness. Moreover, in this paper, RSAM-E, the English version of the RSAM, is presented.

The released software systems still involve some faults, for which debugging becomes necessary. On the one hand, manual software debugging remains an arduous, time-consuming, and expensive task. On the other hand, effective software debugging is organized around motivated and patient developers. In this paper, a novel approach, namely Gamifault, is provided to make debugging more attractive and enjoyable. Particularly, the objective of Gamifault is to make the developer more curious to proceed debugging, that is fault localization and program repair, enthusiastically. To achieve this objective, the concepts and potentials of gamification are adapted to the typical tasks of software debugging. In particular, Gamifault makes use of an existing fault localization technique to determine the likelihood to each statement may be faulty. Based on the likelihood, the developer then attempts to find the exact fault location and fix the fault. Next, Gamifault reacts to the developer with a gamified success rate. That is, it shows the number of test cases that have been passed on the modified program. This process is repeated until the program passes on every given test case. To evaluate Gamifault, a prototype web-based tool was implemented in Java that targets faulty software programs. Then, 16 developers were asked to employ gamified and non-gamified versions of the tool in their debugging activities on 46 subject programs taken from the Code4Bench suite of programs. Developers could successfully debug 7 and 95 faulty programs using the non-gamified and gamified tools, respectively. In addition, the gamified tool helped developers debug the faulty program in less than two minutes on average. These results suggest that Gamifault offers advantages over existing debugging systems.

Outlier detection in data streams is an essential issue in data processing. Today, due to the massive growth of streaming data generated by the spread of the Internet of Things, outlier detection has become a significant challenge. Much progress has been made in outlier detection based on local outlier detection algorithms, such as density-based local outlier factor algorithms, suitable for static data. The incremental version of these algorithms is used to detect the local outliers in streaming data. However, outlier detection in streaming data faces the challenges of limited memory capacity, high execution time, inaccessibility of all data at one time, and changes in data distribution (increasing and decreasing input rates, uncertainty, etc.). In this paper, we propose a density-based summarization algorithm, which summarizes data, every time the buffer is filled. The proposed algorithm maintains the desired shape of the clusters, with a low computational cost. To this end, larger clusters are selected and the data of their dense areas are reduced so that the shape of the old clusters is not lost. The proposed summarization algorithm reduces execution time and increases precision, recall, and F1 score compared with the evaluated algorithms.

Text mining systems may benefit from the use of automated text generation, especially when dealing with limited datasets and linguistic resources. Most successful text generation approaches are generic rather than aspect-specific, resulting in relatively inaccurate and similar sentences in different aspects. The present study proposes a solution to this problem by extracting aspect knowledge from relevant topics and creating the correct phrase based on the Conditional Generative Adversarial Network (CGAN) for each aspect. The proposed method produces sentences using an auxiliary dataset that cannot be distinguished from genuine sentences by the discriminator. In order to generate an auxiliary dataset, aspect-based information from datasets related to the target concept is extracted. To further improve the accuracy, the generator is encouraged or punished depending on the similarity with the training corpus. Two datasets in English and Persian are used to evaluate the performance of the proposed text generation method. The results show that adding similar aspects to the auxiliary dataset improves the quality of the generated sentences. In addition, encouragement leads to more accurate sentences, while punishment leads to more varied sentences.

Influence maximization is one of the most important topics in the social network analysis field. As all the social networks can be considered signed, explicitly or implicitly, assessing influence maximization in these networks is inevitable. Due to the NP-hard nature of this problem, the category of node-ranking-based solutions is of concern, where, the PageRank algorithm is outstanding. Original PageRank is merely defined based on the trust relationships and it is not applicable in signed social networks. Upon an agreement on the scheme of trust propagation, where trust propagates step by step in the social network, the two main schemes of distrust propagation are: a) distrust propagates step by step throughout the social network, and b) distrust propagates up to one step of the neighborhood. Despite the claims made by related researches that scheme (b) is the dominant behavior compared to (a); available PageRank algorithms are updated to incorporate scheme (a). In this study, a new PageRank-based method, which adopts scheme (b) to model the distrust-based influence propagation in signed social networks, is proposed. Accordingly, the importance of each node is computed considering that every node propagates the received influence from its trusted neighbors to other nodes, while it blocks the received influence from its untrusted neighbors. Assessments run on the three real datasets reveal the superiority of this proposed method over other existing PageRank algorithms in maximizing influence in signed social networks. The outperformance is between 22% to 46% considering all experimental settings in comparison with the most effective benchmark method.