skip to main content
research-article

Analysis of Trending Topics and Text-based Channels of Information Delivery in Cybersecurity

Authors Info & Claims
Published:29 October 2021Publication History
Skip Abstract Section

Abstract

Computer users are generally faced with difficulties in making correct security decisions. While an increasingly fewer number of people are trying or willing to take formal security training, online sources including news, security blogs, and websites are continuously making security knowledge more accessible. Analysis of cybersecurity texts from this grey literature can provide insights into the trending topics and identify current security issues as well as how cyber attacks evolve over time. These in turn can support researchers and practitioners in predicting and preparing for these attacks. Comparing different sources may facilitate the learning process for normal users by creating the patterns of the security knowledge gained from different sources. Prior studies neither systematically analysed the wide range of digital sources nor provided any standardisation in analysing the trending topics from recent security texts. Moreover, existing topic modelling methods are not capable of identifying the cybersecurity concepts completely and the generated topics considerably overlap. To address this issue, we propose a semi-automated classification method to generate comprehensive security categories to analyse trending topics. We further compare the identified 16 security categories across different sources based on their popularity and impact. We have revealed several surprising findings as follows: (1) The impact reflected from cybersecurity texts strongly correlates with the monetary loss caused by cybercrimes, (2) security blogs have produced the context of cybersecurity most intensively, and (3) websites deliver security information without caring about timeliness much.

REFERENCES

  1. [1] Abu Md Sahrom, Selamat Siti Rahayu, Ariffin Aswami, and Yusof Robiah. 2018. Cyber threat intelligence–issue and challenges. Indones. J. Electr. Eng. Comput. Sci. 10, 1 (2018), 371379.Google ScholarGoogle ScholarCross RefCross Ref
  2. [2] Abu-Salma Ruba, Redmiles Elissa M., Ur Blase, and Wei Miranda. 2018. Exploring user mental models of end-to-end encrypted communication tools. In Proceedings of the 8th USENIX Workshop on Free and Open Communications on the Internet (FOCI’18).Google ScholarGoogle Scholar
  3. [3] Acquisti Alessandro and Grossklags Jens. 2005. Privacy and rationality in individual decision making. IEEE Secur. Priv. 3, 1 (2005), 2633. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. [4] Akhawe Devdatta and Felt Adrienne Porter. 2013. Alice in warningland: A large-scale field study of browser security warning effectiveness. In Proceedings of the 22nd USENIX Security Symposium (USENIX Security’13). 257272. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. [5] Belot Henry and Borys ABC News Stephanie. cited May 2020. Ransomware Attack Still Looms in Australia as Government Warns WannaCry Threat Not Over. Retrieved from https://www.abc.net.au/news/2017-05-15/ransomware-attack-to-hit-victims-in-australia-government-says/8526346.Google ScholarGoogle Scholar
  6. [6] Ben-Asher Noam and Gonzalez Cleotilde. 2015. Effects of cyber security knowledge on attack detection. Comput. Hum. Behav. 48 (2015), 5161. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. [7] Bender Ralf and Lange Stefan. 2001. Adjusting for multiple testing—when and how? J. Clin. Epidemiol. 54, 4 (2001), 343349.Google ScholarGoogle ScholarCross RefCross Ref
  8. [8] Blei David M. and D. Lafferty John. 2009. Topic models. In Text Mining. Chapman and Hall/CRC, 101124.Google ScholarGoogle Scholar
  9. [9] Blei David M., Ng Andrew Y., and Jordan Michael I.. 2003. Latent dirichlet allocation. J. Mach. Learn. Res. 3, (Jan.2003), 9931022. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. [10] Blythe John M., Sombatruang Nissy, and Johnson Shane D.. 2019. What security features and crime prevention advice is communicated in consumer IoT device manuals and support pages? J. Cybersecur. 5, 1 (2019), tyz005.Google ScholarGoogle ScholarCross RefCross Ref
  11. [11] Boker Steven M., Rotondo Jennifer L., Xu Minquan, and King Kadijah. 2002. Windowed cross-correlation and peak picking for the analysis of variability in the association between behavioral time series. Psychol. Methods 7, 3 (2002), 338.Google ScholarGoogle ScholarCross RefCross Ref
  12. [12] Burger Eric W., Goodman Michael D., Kampanakis Panos, and Zhu Kevin A.. 2014. Taxonomy model for cyber threat intelligence information exchange technologies. In Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security. 5160. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. [13] Chambers Nathanael, Fry Ben, and McMasters James. 2018. Detecting denial-of-service attacks from social media text: Applying nlp to computer security. In Proceedings of the 2018 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, Volume 1 (Long Papers). 16261635.Google ScholarGoogle ScholarCross RefCross Ref
  14. [14] Chen Tianying, Hammer Jessica, and Dabbish Laura. 2019. Self-efficacy-based game design to encourage security behavior online. In Extended Abstracts of the CHI Conference on Human Factors in Computing Systems. 16. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. [15] Choi Hyo Shin, Lee Won Sang, and Sohn So Young. 2017. Analyzing research trends in personal information privacy using topic modeling. Comput. Secur. 67 (2017), 244253. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. [16] Cohen Jacob. 1960. A coefficient of agreement for nominal scales. Educ. Psychol. Meas. 20, 1 (1960), 3746.Google ScholarGoogle ScholarCross RefCross Ref
  17. [17] Cram Damien and Daille Béatrice. 2016. Terminology extraction with term variant detection. In Proceedings of ACL’16 System Demonstrations. 1318.Google ScholarGoogle ScholarCross RefCross Ref
  18. [18] Crossler Robert E. and Bélanger France. 2017. The mobile privacy-security knowledge gap model: Understanding behaviors. In Proceedings of theHawaii International Conference on System Sciences.Google ScholarGoogle Scholar
  19. [19] CybSafe. Human error to blame for 9 in 10 UK cyber data breaches in 2019. Retrieved February 2020 from https://www.cybsafe.com/press-releases/human-error-to-blame-for-9-in-10-uk-cyber-data-breaches-in-2019/.Google ScholarGoogle Scholar
  20. [20] Das Sauvik, Kim Tiffany Hyun-Jin, Dabbish Laura A, and Hong Jason I.. 2014. The effect of social influence on security sensitivity. In Proceedings of the 10th Symposium On Usable Privacy and Security (SOUPS’14). 143157. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. [21] Das Sauvik, Kramer Adam D. I., Dabbish Laura A., and Hong Jason I.. 2014. Increasing security sensitivity with social proof: A large-scale experimental confirmation. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 739749. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. [22] Das Sauvik, Lo Joanne, Dabbish Laura, and Hong Jason I.. 2018. Breaking! a typology of security and privacy news and how it’s shared. In Proceedings of the CHI Conference on Human Factors in Computing Systems. 112. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. [23] Evans Mark, Maglaras Leandros A., He Ying, and Janicke Helge. 2016. Human behaviour as an aspect of cybersecurity assurance. Secur. Commun. Netw. 9, 17 (2016), 46674679. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. [24] Fagan Michael and Khan Mohammad Maifi Hasan. 2016. Why do they do what they do?: A study of what motivates users to (not) follow computer security advice. In Proceedings of the 12th Symposium on Usable Privacy and Security (SOUPS’16). 5975. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. [25] Fagan Michael and Khan Maifi Mohammad Hasan. 2018. To follow or not to follow: A study of user motivations around cybersecurity advice. IEEE Internet Comput. 22, 5 (2018), 2534.Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. [26] Fennell Chris and Wash Rick. 2019. Do stories help people adopt two-factor authentication? Studies 1, 2 (2019), 3.Google ScholarGoogle Scholar
  27. [27] Forget Alain, Pearman Sarah, Thomas Jeremy, Acquisti Alessandro, Christin Nicolas, Cranor Lorrie Faith, Egelman Serge, Harbach Marian, and Telang Rahul. 2016. Do or do not, there is no try: User engagement may not improve security outcomes. In Proceedings of the 12th Symposium on Usable Privacy and Security (SOUPS’16). 97111. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. [28] CCSIR Cyber Security Research Center from Romania. cited Feb 2020. The Impact of cybersecurity over the Last 5 Years. Retrieved from https://def.camp/impact-cybersecurity-five-years/.Google ScholarGoogle Scholar
  29. [29] Fujita Masahiro, Yamada Mako, Arimura Shiori, Ikeya Yuki, and Nishigaki Masakatsu. 2015. An attempt to memorize strong passwords while playing games. In Proceedings of the 18th International Conference on Network-Based Information Systems. IEEE, 264268. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. [30] Golla Maximilian, Wei Miranda, Hainline Juliette, Filipe Lydia, Dürmuth Markus, Redmiles Elissa, and Ur Blase. 2018. “What was that site doing with my facebook password?” Designing password-reuse notifications. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 15491566. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. [31] Guo Hui, Kafalı Özgür, Jeukeng Anne-Liz, Williams Laurie, and Singh Munindar P. 2020. Çorba: Crowdsourcing to obtain requirements from regulations and breaches. Empir. Softw. Eng. 25, 1 (2020), 532561.Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. [32] Hadlington Lee. 2017. Human factors in cybersecurity; examining the link between Internet addiction, impulsivity, attitudes towards cybersecurity, and risky cybersecurity behaviours. Heliyon 3, 7 (2017), e00346.Google ScholarGoogle ScholarCross RefCross Ref
  33. [33] Haering Marlo, Stanik Christoph, and Maalej Walid. 2021. Automatically matching bug reports with related app reviews. In Proceedings of the IEEE/ACM 43rd International Conference on Software Engineering (ICSE’21). IEEE, 970981. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. [34] Hu Hang and Wang Gang. 2018. End-to-end measurements of email spoofing attacks. In Proceedings of the 27th USENIX Security Symposium (USENIX Security’18). 10951112. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. [35] Hu Jiajun, Sun Xiaobing, Lo David, and Li Bin. 2015. Modeling the evolution of development topics using dynamic topic models. In Proceedings of the IEEE 22nd International Conference on Software Analysis, Evolution, and Reengineering (SANER’15). IEEE, 312.Google ScholarGoogle ScholarCross RefCross Ref
  36. [36] Hussain Md. and Mahmud Ishtiak. 2019. pyMannKendall: A python package for non parametric mann kendall family of trend tests. J. Open Source Softw. 4, 39 (25 7 2019), 1556. https://doi.org/10.21105/joss.01556Google ScholarGoogle ScholarCross RefCross Ref
  37. [37] Ion Iulia, Reeder Rob, and Consolvo Sunny. 2015. “... no one can hack my mind”: Comparing expert and non-expert security practices. In Proceedings of the 11th Symposium On Usable Privacy and Security (SOUPS’15). 327346. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. [38] Jang-Jaccard Julian and Nepal Surya. 2014. A survey of emerging threats in cybersecurity. J. Comput. Syst. Sci. 80, 5 (2014), 973993.Google ScholarGoogle ScholarCross RefCross Ref
  39. [39] Johnson Joseph. IC3: Total Damage Caused by Reported Cyber Crime 2001–2020. Retrieved April 2020 from https://www.statista.com/statistics/267132/total-damage-caused-by-by-cyber-crime-in-the-us/.Google ScholarGoogle Scholar
  40. [40] Kafalı Özgür, Jones Jasmine, Petruso Megan, Williams Laurie, and Singh Munindar P. 2017. How good is a security policy against real breaches? A HIPAA case study. In Proceedings of the IEEE/ACM 39th International Conference on Software Engineering (ICSE’17). IEEE, 530540. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. [41] Dilanian Ken. Los Angeles Times. Cyber-attacks a Bigger Threat Than Al Qaeda, Officials Say. Retrieved April 2020 from https://www.latimes.com/world/la-xpm-2013-mar-12-la-fg-worldwide-threats-20130313-story.html.Google ScholarGoogle Scholar
  42. [42] Krombholz Katharina, Mayer Wilfried, Schmiedecker Martin, and Weippl Edgar. 2017. “I have no idea what i’m doing”—On the usability of deploying HTTPS. In Proceedings of the USENIX Security Symposium (USENIX Security’17). 13391356. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. [43] Li Xiaozhou, Zhang Boyang, Zhang Zheying, and Stefanidis Kostas. 2020. A sentiment-statistical approach for identifying problematic mobile app updates based on user reviews. Information 11, 3 (2020), 152.Google ScholarGoogle ScholarCross RefCross Ref
  44. [44] Liao Xiaojing, Yuan Kan, Wang XiaoFeng, Li Zhou, Xing Luyi, and Beyah Raheem. 2016. Acing the IOC game: Toward automatic discovery and analysis of open-source cyber threat intelligence. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’16). ACM, 755766. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. [45] Mei Shike and Zhu Xiaojin. 2015. The security of latent dirichlet allocation. In Artificial Intelligence and Statistics. 681689.Google ScholarGoogle Scholar
  46. [46] Ryan Ellen Nakashima, Missy, and DeYoung Karen. The Washington Post. Obama Administration Announces Measures to Punish Russia for 2016 Election Interference. Retrieved May 2020 from https://www.washingtonpost.com/world/national-security/obama-administration-announces-measures-to-punish-russia-for-2016-election-interference/2016/12/29/311db9d6-cdde-11e6-a87f-b917067331bb_story.html.Google ScholarGoogle Scholar
  47. [47] Murukannaiah Pradeep K., Dabral Chinmaya, Sheshadri Karthik, Sharma Esha, and Staddon Jessica. 2017. Learning a privacy incidents database. In Proceedings of the Hot Topics in Science of Security: Symposium and Bootcamp. 3544. Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. [48] Narasimhamurthy Anand. 2005. Theoretical bounds of majority voting performance for a binary classification problem. IEEE Trans. Pattern Anal. Mach. Intell. 27, 12 (2005), 19881995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. [49] Nicholson James, Coventry Lynne, and Briggs Pamela. 2019. “If it’s important it will be a headline”: Cybersecurity information seeking in older adults. In Proceedings of the CHI Conference on Human Factors in Computing Systems. 111. Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. [50] Nthala Norbert and Flechais Ivan. 2018. Informal support networks: An investigation into home data security practices. In Proceedings of the 14th Symposium on Usable Privacy and Security (SOUPS’18). 6382. Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. [51] Park Sungrae, Lee Wonsung, and Moon Il-Chul. 2015. Efficient extraction of domain specific sentiment lexicon with active learning. Pattern Recogn. Lett. 56 (2015), 3844. Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. [52] Pazienza Maria Teresa, Pennacchiotti Marco, and Zanzotto Fabio Massimo. 2005. Terminology extraction: An analysis of linguistic and statistical approaches. In Knowledge Mining. Springer, 255279.Google ScholarGoogle Scholar
  53. [53] Petelka Justin, Zou Yixin, and Schaub Florian. 2019. Put your warning where your link is: Improving and evaluating email phishing warnings. In Proceedings of the CHI Conference on Human Factors in Computing Systems. 115. Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. [54] Rader Emilee and Wash Rick. 2015. Identifying patterns in informal sources of security information. J. Cybersecur. 1, 1 (2015), 121144.Google ScholarGoogle Scholar
  55. [55] Rader Emilee, Wash Rick, and Brooks Brandon. 2012. Stories as informal lessons about security. In Proceedings of the 8th Symposium on Usable Privacy and Security. 117. Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. [56] Redmiles Elissa M., Kross Sean, and Mazurek Michelle L.. 2016. How i learned to be secure: A census-representative survey of security advice sources and behavior. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 666677. Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. [57] Redmiles Elissa M., Kross Sean, and Mazurek Michelle L.. 2017. Where is the digital divide? A survey of security, privacy, and socioeconomics. In Proceedings of the CHI Conference on Human Factors in Computing Systems. 931936. Google ScholarGoogle ScholarDigital LibraryDigital Library
  58. [58] Redmiles Elissa M., Malone Amelia R., and Mazurek Michelle L.. 2016. I think they’re trying to tell me something: Advice sources and selection for digital security. In Proceedings of the IEEE Symposium on Security and Privacy (SP). IEEE, 272288.Google ScholarGoogle ScholarCross RefCross Ref
  59. [59] Redmiles Elissa M., Mazurek Michelle L., and Dickerson John P.. 2018. Dancing pigs or externalities? Measuring the rationality of security decisions. In Proceedings of the ACM Conference on Economics and Computation. 215232. Google ScholarGoogle ScholarDigital LibraryDigital Library
  60. [60] Redmiles Elissa M., Morales Miraida, Maszkiewicz Lisa, Stevens Rock, Liu Everest, Kuchhal Dhruv, and Mazurek Michelle L.. 2018. First steps toward measuring the readability of security advice. In Proceedings of the IEEE Security & Privacy Workshop on Technology and Consumer Protection (ConPro’18).Google ScholarGoogle Scholar
  61. [61] Reeder Robert W., Ion Iulia, and Consolvo Sunny. 2017. 152 simple steps to stay safe online: Security advice for non-tech-savvy users. IEEE Secur. Priv. 15, 5 (2017), 5564.Google ScholarGoogle ScholarDigital LibraryDigital Library
  62. [62] Řehůřek Radim and Sojka Petr. 2010. Software framework for topic modelling with large corpora. In Proceedings of the LREC Workshop on New Challenges for NLP Frameworks. ELRA, 4550. http://is.muni.cz/publication/884893/en.Google ScholarGoogle Scholar
  63. [63] Richardson Leonard. 2007. Beautiful soup documentation. Dosegljivo: https://www.crummy.com/software/BeautifulSoup/bs4/doc/. [Dostopano: 7. 7. 2018] (2007).Google ScholarGoogle Scholar
  64. [64] Röder Michael, Both Andreas, and Hinneburg Alexander. 2015. Exploring the space of topic coherence measures. In Proceedings of the WSDM’15. ACM, 399408. Google ScholarGoogle ScholarDigital LibraryDigital Library
  65. [65] Rothstein Hannah R. and Hopewell Sally. 2009. Grey literature. Handb. Res. Synth. Meta-anal. 2 (2009), 103125.Google ScholarGoogle Scholar
  66. [66] Safa Nader Sohrabi and Solms Rossouw Von. 2016. An information security knowledge sharing model in organizations. Comput. Hum. Behav. 57 (2016), 442451. Google ScholarGoogle ScholarDigital LibraryDigital Library
  67. [67] Sauerwein Clemens, Pekaric Irdin, Felderer Michael, and Breu Ruth. 2019. An analysis and classification of public information security data sources used in research and practice. Comput. Secur. 82 (2019), 140155.Google ScholarGoogle ScholarCross RefCross Ref
  68. [68] Schechter Stuart and Bonneau Joseph. 2015. Learning assigned secrets for unlocking mobile devices. In Proceedings of the 11th Symposium On Usable Privacy and Security (SOUPS’15). 277295. Google ScholarGoogle ScholarDigital LibraryDigital Library
  69. [69] Schultz Tyler. If Your Employees Aren’t Learning from Your Security Training, Are You Really Teaching? Retrieved February 2020 from https://www.infosecinstitute.com/blog/if-your-employees-arent-learning-from-your-security-training-are-you-really-teaching/.Google ScholarGoogle Scholar
  70. [70] Sheshadri Karthik, Ajmeri Nirav, and Staddon Jessica. 2017. No (privacy) news is good news: An analysis of New York times and guardian privacy news from 2010–2016. In Proceedings of the 15th Annual Conference on Privacy, Security and Trust (PST’17). IEEE, 15915909.Google ScholarGoogle ScholarCross RefCross Ref
  71. [71] Shillair Ruth and Meng Jingbo. 2017. Multiple sources for security: Seeking online safety information and their influence on coping self-efficacy and protection behavior habits. In Proceedings of the 50th Hawaii International Conference on System Sciences.Google ScholarGoogle ScholarCross RefCross Ref
  72. [72] Skopik Florian, Settanni Giuseppe, and Fiedler Roman. 2016. A problem shared is a problem halved: A survey on the dimensions of collective cyber defense through security information sharing. Comput. Secur. 60 (2016), 154176. Google ScholarGoogle ScholarDigital LibraryDigital Library
  73. [73] Spencer Donna. 2009. Card Sorting: Designing Usable Categories. Rosenfeld Media.Google ScholarGoogle Scholar
  74. [74] Stevens Rock, Votipka Daniel, Redmiles Elissa M., Ahern Colin, Sweeney Patrick, and Mazurek Michelle L.. 2018. The battle for new york: A case study of applied digital threat modeling at the enterprise level. In Proceedings of the 27th USENIX Security Symposium (USENIX Security’18). 621637. Google ScholarGoogle ScholarDigital LibraryDigital Library
  75. [75] Sunshine Joshua, Egelman Serge, Almuhimedi Hazim, Atri Neha, and Cranor Lorrie Faith. 2009. Crying wolf: An empirical study of ssl warning effectiveness. In Proceedings of the USENIX Security Symposium. 399416. Google ScholarGoogle ScholarDigital LibraryDigital Library
  76. [76] Tounsi Wiem and Rais Helmi. 2018. A survey on technical threat intelligence in the age of sophisticated cyber attacks. Comput. Secur. 72 (2018), 212233. Google ScholarGoogle ScholarDigital LibraryDigital Library
  77. [77] Wan Zhiyuan, Xia Xin, and Hassan Ahmed E. 2019. What is discussed about blockchain? A case study on the use of balanced LDA and the reference architecture of a domain to capture online discussions about blockchain platforms across the stack exchange communities. IEEE Trans. Softw. Eng. (2019).Google ScholarGoogle ScholarCross RefCross Ref
  78. [78] Wash Rick. 2010. Folk models of home computer security. In Proceedings of the 6th Symposium on Usable Privacy and Security. 116. Google ScholarGoogle ScholarDigital LibraryDigital Library
  79. [79] Alex Wen Zikai, Lin Zhiqiu, Chen Rowena, and Andersen Erik. 2019. What. hack: engaging anti-phishing training through a role-playing phishing simulation game. In Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems. 112. Google ScholarGoogle ScholarDigital LibraryDigital Library
  80. [80] Wu Tingmin, Zhang Rongjunchen, Ma Wanlun, Wen Sheng, Xia Xin, Paris Cecile, Nepal Surya, and Xiang Yang. 2020. What risk? I don’t understand: An empirical study on users’ understanding of the terms used in security texts. In Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (ASIA CCS’20). Association for Computing Machinery, New York, NY, 248262. Google ScholarGoogle ScholarDigital LibraryDigital Library
  81. [81] Xia Xin, Shihab Emad, Kamei Yasutaka, Lo David, and Wang Xinyu. 2016. Predicting crashing releases of mobile applications. In Proceedings of the 10th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement. 110. Google ScholarGoogle ScholarDigital LibraryDigital Library
  82. [82] Xu Maochao, Schweitzer Kristin M., Bateman Raymond M., and Xu Shouhuai. 2018. Modeling and predicting cyber hacking breaches. IEEE Trans. Inf. Forens. Secur. 13, 11 (2018), 28562871.Google ScholarGoogle ScholarCross RefCross Ref
  83. [83] Yang Xin-Li, Lo David, Xia Xin, Wan Zhi-Yuan, and Sun Jian-Ling. 2016. What security questions do developers ask? A large-scale study of Stack Overflow posts. J. Comput. Sci. Technol. 31, 5 (2016), 910924.Google ScholarGoogle ScholarCross RefCross Ref
  84. [84] Zou Yixin, Danino Shawn, Sun Kaiwen, and Schaub Florian. 2019. YouMight’be affected: An empirical analysis of readability and usability issues in data breach notifications. In Proceedings of the CHI Conference on Human Factors in Computing Systems. 114. Google ScholarGoogle ScholarDigital LibraryDigital Library
  85. [85] Zou Yixin, Mhaidli Abraham H., McCall Austin, and Schaub Florian. 2018. “I’ve got nothing to lose”: Consumers’ risk perceptions and protective actions after the equifax data breach. In Proceedings of the 14th Symposium on Usable Privacy and Security (SOUPS’18). 197216. Google ScholarGoogle ScholarDigital LibraryDigital Library
  86. [86] Zou Yixin and Schaub Florian. 2019. Beyond mandatory: Making data breach notifications useful for consumers. IEEE Secur. Priv. 17, 2 (2019), 6772.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Analysis of Trending Topics and Text-based Channels of Information Delivery in Cybersecurity

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM Transactions on Internet Technology
      ACM Transactions on Internet Technology  Volume 22, Issue 2
      May 2022
      582 pages
      ISSN:1533-5399
      EISSN:1557-6051
      DOI:10.1145/3490674
      • Editor:
      • Ling Liu
      Issue’s Table of Contents

      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 29 October 2021
      • Accepted: 1 August 2021
      • Revised: 1 June 2021
      • Received: 1 February 2021
      Published in toit Volume 22, Issue 2

      Permissions

      Request permissions about this article.

      Request Permissions

      Check for updates

      Qualifiers

      • research-article
      • Refereed
    • Article Metrics

      • Downloads (Last 12 months)207
      • Downloads (Last 6 weeks)12

      Other Metrics

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Full Text

    View this article in Full Text.

    View Full Text

    HTML Format

    View this article in HTML Format .

    View HTML Format
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!