A majority of African Internet users do not have access to the Internet. The lack of infrastructure in rural areas affects Internet usage. Since costs are high and the bandwidth low, these factors encourage users to access the Internet using shared resources. This is an efficient solution to access the Internet. However users might not be aware of the security threats that exist on using shared resources. Many companies provide security solutions to automatically protect resources on the network and security awareness training to users. This ensures that users are aware of the security threats and provide methods to mitigate them. These measures are useful in a corporate environment where funds exist to enable these security solutions. Public platforms, for example Internet Cafes and schools, allows multiple users to access the Internet using shared resources. This implies that multiple people will use the same computer to perform required tasks. Numerous security threats exist within the Internet sphere that could affect users utilizing shared resources these include but are not limited to viruses, keyloggers and phishing attacks. This shared environment could provide a platform that promotes the spread of virus infections. Users using these platforms should be made aware of these threats and monitor the effectiveness of the security awareness campaign. This paper proposes a system used to address these issues from a single platform. The Shared Public Security Awareness (SPSA) system is an automated virtualized system used to determine the current security awareness levels of users on a shared platform accessing the Internet. The system uses virtual machines to provide users with access to the Internet, assess the security awareness levels of the users, determines if any web browser components were infected by web based malware during browsing sessions, provides users with access to security related material affecting the users and provide reports on online behaviour. This paper evaluates the proposed SPSA system as a mechanism to conduct a security awareness campaign in a shared resource environment while providing a capability to analyze the online behaviour of users that affects the security of this environment.
Reference:
Labuschagne, WA and Eloff, M. Towards an automated security awareness system in a virtualized environment. Proceedings of the 11th European Conference on Information Warfare and Security, The Institute Ecole Supérieure en Informatique, Electronique et Automatique, Laval, France, 5-6 July 2012
Labuschagne, W., & Eloff, M. (2012). Towards an automated security awareness system in a virtualized environment. Academic Conferences Limited. http://hdl.handle.net/10204/6024
Labuschagne, WA, and M Eloff. "Towards an automated security awareness system in a virtualized environment." (2012): http://hdl.handle.net/10204/6024
Labuschagne W, Eloff M, Towards an automated security awareness system in a virtualized environment; Academic Conferences Limited; 2012. http://hdl.handle.net/10204/6024 .
Proceedings of the 11th European Conference on Information Warfare and Security, The Institute Ecole Supérieure en Informatique, Electronique et Automatique, Laval, France, 5-6 July 2012
Author:Dlamini, Moses T; Eloff, JHP; Eloff, MMDate:2009Information security has evolved from addressing minor and harmless security breaches to managing those with a huge impact on organisations’ economic growth. This paper investigates the evolution of information security; where it came from, ...Read more
Author:Dlamini, IZ; Taute, B; Radebe, JDate:May 2011Cyber security is a GLOBAL issue. The rest of the world needs Africa to be aware and ready. Furthermore, Africa can only be aware and ready if it is internally organised and collaborates effectively with the rest of the world. The African ...Read more
Author:Dlamini, Moses T; Eloff, MM; Eloff, JHP; Hone, KDate:Jul 2009The entire business landscape finds itself on the verge of a recession because of ongoing global economic turmoil. Thus, there is a heightened need to minimise and mitigate business risk and scrutinise information spending while ensuring ...Read more