George R. S. Weir

The threats of social networking: Old wine in new bottles?

Despite the many potential benefits to its users, social networking appears to provide a rich setting for criminal activities and other misdeeds. In this paper we consider whether the risks of social networking are unique and novel to this context. Having considered the nature and range of applications to which social networks may be applied, we conclude that there are no exploits or fundamental threats inherent to the social networking setting. Rather, the risks and associated threats treat this communicative and social context as an enabler for existing, long established and well-recognised exploits and activities.

Second-Language Help for Windows Applications

This paper describes an approach to the second-language problem for user-support in the context of existing MS-Windows applications. We outline a methodology for deriving foci for support, and present guidelines for the addition of second-language enhancements. Finally, we detail our procedure for implementing such help facilities with examples of enhanced Chinese and Greek second-language support.

It's not Greek to me: terminology and the second language problem

Compares terminology in three different word-processor packages, in their English and Greek language varieties. Offers solutions to problems of the diversity of tanslations and localisation.

Principles for Dialogue Design in Man-Machine Systems

Abstract The interaction between man and machine is normally thought of in terms of information display and control actions, considered separately and referring to elementary actions rather than complete tasks. An alternative is to consider the operator as engaged in a continuous dialogue with the machine, hence describing the interaction as coherent dialogue sequences based on the exchange of information across the interface. Advances in AI and cognitive engineering makes it possible to implement such an approach, as described in this paper.

Hiding the hidden message: approaches to textual steganography

Textual steganography is a means of concealing an encoded message within text. The appeal in such a system is its potential for hiding the fact that encoding is taking place. The failure to hide the presence of encoding is a form of information leakage and an inherent risk since it suggests that there is important or valuable information in transit. This is considered a major limitation of existing cryptographic techniques as applied to secure information transfer. In this paper, we describe an experimental system that we have developed as a test bed for textual steganography. This system allows us to explore the application of part of speech tagging, word sense disambiguation and synonym replacement as component strategies for textual steganography.

Balancing the threat of personal technology in the workplace

Employees are increasingly equipped with personal technology designed to provide entertainment, communications and potential business applications. On the one hand, this explosion of personal devices assists the workplace by enhancing mobility, portability and storage capacity. On the other hand, the uncontrolled use of such devices carries the threat of data leakage, data theft, virus and other malware introduction. This paper describes the risks of such personal storage devices in a business context and considers a series of possible responses to the inherent threat of personal technology in the workplace.

The rigours of on-line student assessment-lessons from e-commerce

Moving to Web-based student assessment is a natural progression from current deployment of Web-based delivery of teaching materials. This paper notes similarities in requirements between network-based student assessment and network-based e-commerce. The parallels are instructive since they indicate the stringent technical demands that must be met by both contexts if confidence is to be assured. Furthermore, we argue that the student assessment context faces more severe constraints than the e-commerce scenario. The paper concludes with proposed techniques that move toward the required levels of assurance, and indicates that adequate on-line student assessment is a loftier goal than secure e-commerce.

Learning from a plan-based interface

The use of plan recognition in the user interface is presented as a basis for a learning environment within which students can assimilate the range of possible actions and objectives afforded by a target application. Support in the form of “present whereabouts” and “possible progressions” enable students to learn by doing. When combined with a facility for exploratory learning, this helps avoid the onerous air of a “teaching situation”.

User characteristics that influence judgment of social engineering attacks in social networks

Social engineering is a growing source of information security concern. Exploits appear to evolve, with increasing levels of sophistication, in order to target multiple victims. Despite increased concern with this risk, there has been little research activity focused upon social engineering in the potentially rich hunting ground of social networks. In this setting, factors that influence users’ proficiency in threat detection need to be understood if we are to build a profile of susceptible users, develop suitable advice and training programs, and generally help address this issue for those individuals most likely to become targets of social engineering in social networks. To this end, the present study proposes and validates a user-centric framework based on four perspectives: socio-psychological, habitual, socio-emotional, and perceptual. Previous research tends to rely on selected aspects of these perspectives and has not combined them into a single model for a more cohesive understanding of user’s susceptibility.

Understanding Android Security

This paper details a survey of Android users in an attempt to shed light on how users perceive the risks associated with app permissions and in-built adware. A series of questions was presented in a Web survey, with results suggesting interesting differences between males and females in installation behaviour and attitudes toward security.