Utilizing Association Rule Mining to Understand Phishing Risk Awareness Levels of Thai University Academic Staff
Article Sidebar
Main Article Content
Abstract
This study explores the phishing risk awareness levels among academic staff at Thai universities, employing association rule mining (ARM) to identify critical factors influencing high and low levels of awareness. Targeting a diverse group of 400 academic staff members, the research utilized a structured questionnaire comprising demographic information, direct and indirect experiences with phishing, and perceptions of phishing. In association rules (), a lift value of 1 indicates independence between X and Y, while values greater than 1 or less than 1 indicate positive or negative correlation, respectively. The findings revealed several critical findings: despite being able to define phishing, many individuals do not perceive it as a significant threat; moderate internet skills are not necessarily indicative of high phishing awareness; and direct experiences with phishing do not always correlate with an increased awareness of its potential impact. These results highlight a disconnect between knowledge and perceived risk and suggest that existing internet skills and experiences are insufficient for cultivating a robust understanding of phishing risks. The study underscores the necessity for targeted educational interventions specifically designed to address the varied needs of university staff, enhancing their ability to recognize and respond to cybersecurity threats effectively.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
All authors need to complete copyright transfer to Journal of Applied Informatics and Technology prior to publication. For more details click this link: https://ph01.tci-thaijo.org/index.php/jait/copyrightlicense
References
Abroshan, H., Devos, J., Poels, G., & Laermans, E. (2021). Phishing Happens Beyond Technology: The effects of human behaviors and demographics on each step of a phishing process. IEEE Access, 9, 44928–44949. https://doi.org/10.1109/access.2021.3066383
Alabdan, R. (2020). Phishing attacks survey: Types, vectors, and technical approaches. Future Internet, 12(10), 168. https://doi.org/10.3390/fi12100168
Aleroud, A., & Zhou, L. (2017). Phishing environments, techniques, and countermeasures: A survey. Computers & Security, 68, 160–196. https://doi.org/10.1016/j.cose.2017.04.006
Alharbi, T., & Tassaddiq, A. (2021). Assessment of cybersecurity awareness among students of Majmaah University. Big Data and Cognitive Computing, 5(2), 23. https://doi.org/10.3390/bdcc5020023
APA Dictionary of Psychology. (n.d.). APA Dictionary of Psychology. Retrieved December 17, 2023, from https://dictionary.apa.org/
Broadhurst, R., Skinner, K., Sifniotis, N., & Matamoros-Macias, B. (2018). Cybercrime risks in a university student community. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.3176319
Chavas, J.-P. (2004). The measurement of risk. Risk Analysis in Theory and Practice, 5–19. https://doi.org/10.1016/b978-012170621-0.50001-8
Dam, K. H. T., Given-Wilson, T., Legay, A., & Veroneze, R. (2022). Packer classification based on association rule mining. Applied Soft Computing, 127, 109373. https://doi.org/10.1016/j.asoc.2022.109373
Fister, I., Fister, I., Fister, D., Podgorelec, V., & Salcedo-Sanz, S. (2023). A comprehensive review of visualization methods for association rule mining: Taxonomy, challenges, open problems and future ideas. Expert Systems with Applications, 233, 120901. https://doi.org/10.1016/j.eswa.2023.120901
Gu, Y. (2023). Exploring the application of teaching evaluation models incorporating association rules and weighted naive Bayesian algorithms. Intelligent Systems with Applications, 20, 200297. https://doi.org/10.1016/j.iswa.2023.200297
Hillman, D., Harel, Y., & Toch, E. (2023). Evaluating organizational phishing awareness training on an enterprise scale. Computers & Security, 132, 103364. https://doi.org/10.1016/j.cose.2023.103364
Jeeva, S. C., & Rajsingh, E. B. (2016). Intelligent phishing url detection using association rule mining. Human-Centric Computing and Information Sciences, 6(1). https://doi.org/10.1186/s13673-016-0064-3
Kenneth, A., Hayashi, B. B., Lionardi, J., Richie, S., Achmad, S., Junior, F. A., & Nadia. (2023). Phishing attack awareness among college students. 2023 3rd International Conference on Electronic and Electrical Engineering and Intelligent System (ICE3IS), 344–348. https://doi.org/10.1109/ice3is59323.2023.10335412
Lou, P., Lu, G., Jiang, X., Xiao, Z., Hu, J., & Yan, J. (2020). Cyber intrusion detection through association rule mining on multi-source logs. Applied Intelligence, 51(6), 4043–4057. https://doi.org/10.1007/s10489-020-02007-5
Nam, T. (2019). Understanding the gap between perceived threats to and preparedness for cybersecurity. Technology in Society, 58, 101122. https://doi.org/10.1016/j.techsoc.2019.03.005
Parsons, K., Butavicius, M., Delfabbro, P., & Lillie, M. (2019). Predicting susceptibility to social influence in phishing emails. International Journal of Human-Computer Studies, 128, 17–26. https://doi.org/10.1016/j.ijhcs.2019.02.007
Silva, J., Varela, N., Borrero López, L. A., & Rojas Millán, R. H. (2019). Association rules extraction for customer segmentation in the SMEs sector using the apriori algorithm. Procedia Computer Science, 151, 1207–1212. https://doi.org/10.1016/j.procs.2019.04.173
Tripathi, D., Nigam, B., & Edla, D. R. (2017). A novel web fraud detection technique using association rule mining. Procedia Computer Science, 115, 274–281. https://doi.org/10.1016/j.procs.2017.09.135
