Cyber-attacks have become increasingly prevalent with the widespread integration of technology into various aspects of our lives. The surge in social media platform usage has prompted users to share their firsthand experiences with cyber-attacks. Despite this, previous literature has not extensively investigated individuals' experiences with these attacks. This study aims to comprehensively explore and analyze the content shared by cyber-attack victims in Saudi Arabia, encompassing text, video, and audio formats. The primary objective is to investigate the factors influencing victims' perceptions of the security risks associated with these attacks. Following data collection, preparation, and cleaning, Latent Dirichlet Allocation (LDA) is employed for topic modeling, shedding light on potential factors impacting victims. Sentiment analysis is then utilized to examine the nuanced negative and positive perceptions of individuals. NVivo is deployed for data inspection, facilitating the presentation of insightful inferences. Hierarchical clustering is implemented to explore distinct clusters within the textual dataset. The study's results underscore the critical importance of spreading awareness among individuals regarding the various tactics employed by cyber attackers.

 

Doi: 10.28991/ESJ-2024-08-01-010

Full Text: PDF

COVID-19 Outbreak; Security Attacks; Qualitative Study; Text Mining.

Horng, S. J., Su, M. Y., Chen, Y. H., Kao, T. W., Chen, R. J., Lai, J. L., & Perkasa, C. D. (2011). A novel intrusion detection system based on hierarchical clustering and support vector machines. Expert Systems with Applications, 38(1), 306–313. doi:10.1016/j.eswa.2010.06.066.

Songma, S., Chimphlee, W., Songma, S., Chimphlee, W., Maichalernnukul, K., & Sanguansat, P. (2012). Implementation of Fuzzy c-Means and Outlier Detection for Intrusion Detection with KDD Cup 1999 Data Set. International Journal of Engineering Research and Development, 2(2), 44–48.

Yan, Z., Xue, Y., & Lou, Y. (2021). Risk and protective factors for intuitive and rational judgment of cybersecurity risks in a large sample of K-12 students and teachers. Computers in Human Behavior, 121, 106791. doi:10.1016/j.chb.2021.106791.

Lallie, H. S., Shepherd, L. A., Nurse, J. R. C., Erola, A., Epiphaniou, G., Maple, C., & Bellekens, X. (2021). Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers & Security, 105, 102248. doi:10.1016/j.cose.2021.102248.

Shi, F. (2020). Threat spotlight: Coronavirus-related phishing. Barracuda Networks: Campbell, United States.

Lush, R. (2020). Helping defend against a 30,000% increase in phishing attacks related to COVID-19 scams. CGI, Brussels, Belgium. Available online: https://www.cgi.com/uk/en-gb/blog/cyber-security/helping-defend-against-a-30000-increase-in-phishing-attacks-related-to-covid-19-scams (accessed on January 2024).

Cyberlands.io. (2024). Top-9 Cybersecurity Breaches in Saudi Arabia. Cyberlands.io, Rotterdam, Netherlands. Available online: https://www.cyberlands.io/topsecuritybreachessaudiarabia (accessed on January 2024).

Aljedaani, B., Ahmad, A., Zahedi, M., & Babar, M. A. (2023). End-users’ knowledge and perception about security of clinical mobile health apps: A case study with two Saudi Arabian mHealth providers. Journal of Systems and Software, 195, 111519. doi:10.1016/j.jss.2022.111519.

I.S.B.S. (1996). Computer Fraud & Security: Information Security Breaches Survey, 1996, 4. doi:10.1016/s1361-3723(97)82578-x.

Balapour, A., Nikkhah, H. R., & Sabherwal, R. (2020). Mobile application security: Role of perceived privacy as the predictor of security perceptions. International Journal of Information Management, 52, 102063. doi:10.1016/j.ijinfomgt.2019.102063.

Klobas, J. E., McGill, T., & Wang, X. (2019). How perceived security risk affects intention to use smart home devices: A reasoned action explanation. Computers and Security, 87, 101571. doi:10.1016/j.cose.2019.101571.

Okey, O. D., Udo, E. U., Rosa, R. L., Rodríguez, D. Z., & Kleinschmidt, J. H. (2023). Investigating ChatGPT and cybersecurity: A perspective on topic modeling and sentiment analysis. Computers and Security, 135, 103476. doi:10.1016/j.cose.2023.103476.

Tayouri, D. (2015). The Human Factor in the Social Media Security – Combining Education and Technology to Reduce Social Engineering Risks and Damages. Procedia Manufacturing, 3, 1096–1100. doi:10.1016/j.promfg.2015.07.181.

Khalil, L., & Karam, N. A. (2015). Security Management: Real versus Perceived Risk of Commercial Exploitation of Social Media Personal Data. Procedia Computer Science, 65, 304–313. doi:10.1016/j.procs.2015.09.087.

Beigi, G., Shu, K., Zhang, Y., & Liu, H. (2018). Securing Social Media User Data. Proceedings of the 29th on Hypertext and Social Media. doi:10.1145/3209542.3209552.

Yu, S., Vorobeychik, Y., & Alfeld, S. (2018). Adversarial classification on social networks. arXiv Preprint, arXiv:1801.08159. doi:10.48550/arXiv.1801.08159.

Gong, N. Z., & Liu, B. (2018). Attribute inference attacks in online social networks. ACM Transactions on Privacy and Security, 21(1), 1–30. doi:10.1145/3154793.

Jia, J., Wang, B., Zhang, L., & Gong, N. Z. (2017). AttriInfer. Proceedings of the 26th International Conference on World Wide Web. doi:10.1145/3038912.3052695.

Jia, J., & Gong, N. Z. (2018). AttriGuard: A practical defense against attribute inference attacks via adversarial machine learning. Proceedings of the 27th USENIX Security Symposium, 15-17 August, 208, Baltimore, United States.

Granger, S. (2001). Social engineering fundamentals, part I: hacker tactics. Security Focus, December, 18.

Jakobsson, M., & Myers, S. (2006). Phishing and countermeasures: understanding the increasing problem of electronic identity theft. John Wiley & Sons, Hoboken, United States. doi:10.1002/0470086106.

He, W. (2012). A review of social media security risks and mitigation techniques. Journal of Systems and Information Technology, 14(2), 171–180. doi:10.1108/13287261211232180.

Gallagher, S., & Brandt, A. (2020). Facing down the myriad threats tied to COVID-19. Sophos, Abingdon, United Kingdom. Available online: https://news.sophos.com/en-us/2020/04/14/covidmalware/ (accessed on January 2024).

Valdez, C. R., Walsdorf, A. A., Wagner, K. M., Salgado de Snyder, V. N., Garcia, D., & Villatoro, A. P. (2022). The intersection of immigration policy impacts and COVID‐19 for Latinx young adults. American Journal of Community Psychology, 70(3-4), 420-432. doi:10.1002/ajcp.12617.

Franco, E. G., Lukacs, R., Müller, M. S., Shetler-Jones, P., & Zahidi, S. (2020, May). COVID-19 risks outlook: A preliminary mapping and its implications. World Economic Forum, Cologny, Switzerland.

Kumaran, N., & Lugani, S. (2020). Protecting businesses against cyber threats during COVID-19 and beyond. Google Cloud, 16.

European Union Agency for Law Enforcement Cooperation (EUROPOL). (2020). Pandemic profiteering: how criminals exploit the COVID‐19 crisis. European Union Agency for Law Enforcement Cooperation (EUROPOL), The Hague, Netherlands.

Chen, L., Ye, Y., & Bourlai, T. (2017). Adversarial Machine Learning in Malware Detection: Arms Race between Evasion Attack and Defense. 2017 European Intelligence and Security Informatics Conference (EISIC), Athens, Greece. doi:10.1109/eisic.2017.21.

Yan, Q., Li, Y., Li, T., & Deng, R. (2009). Insights into Malware Detection and Prevention on Mobile Phones. Security Technology, SecTech 2009. Communications in Computer and Information Science, 58. Springer, Berlin, Germany. doi:10.1007/978-3-642-10847-1_30.

La Polla, M., Martinelli, F., & Sgandurra, D. (2013). A survey on security for mobile devices. IEEE Communications Surveys and Tutorials, 15(1), 446–471. doi:10.1109/SURV.2012.013012.00028.

Chiang, H.-S., & Tsaur, W.-J. (2010). Mobile Malware Behavioral Analysis and Preventive Strategy Using Ontology. 2010 IEEE Second International Conference on Social Computing, Minneapolis, United States. doi:10.1109/socialcom.2010.160.

Khan, J., Abbas, H., & Al-Muhtadi, J. (2015). Survey on mobile user’s data privacy threats and defense mechanisms. Procedia Computer Science, 56(1), 376–383. doi:10.1016/j.procs.2015.07.223.

Schultz, E. E. (2006). Where have the worms and viruses gone?-new trends in malware. Computer Fraud & Security, 2006(7), 4–8. doi:10.1016/S1361-3723(06)70398-0.

Bayer, U., Habibi, I., Balzarotti, D., Kirda, E., & Kruegel, C. (2009). A View on Current Malware Behaviors: LEET. Available online: https://www.usenix.org/legacy/event/leet09/tech/full_papers/bayer/bayer_html/ (accessed on May 2023).

Potlapally, N. (2011). Hardware security in practice: Challenges and opportunities. 2011 IEEE International Symposium on Hardware-Oriented Security and Trust, San Diego, United States. doi:10.1109/hst.2011.5955003.

Li, Q., Gao, H., Xu, B., & Jiao, Z. (2008). Hardware Threat: The Challenge of Information Security. 2008 International Symposium on Computer Science and Computational Technology, Shanghai, China. doi:10.1109/iscsct.2008.217.

Chen, X., & Shi, S. (2009). A Literature Review of Privacy Research on Social Network Sites. 2009 International Conference on Multimedia Information Networking and Security, Wuhan, China. doi:10.1109/mines.2009.268.

Raji, F., Miri, A., & Davarpanah Jazi, M. (2012). Preserving Privacy in Online Social Networks. Foundations and Practice of Security. FPS 2011. Lecture Notes in Computer Science, 6888, Springer, Berlin, Germany. doi:10.1007/978-3-642-27901-0_1.

Srivastava, A., & Geethakumari, G. (2013). Measuring privacy leaks in Online Social Networks. 2013 International Conference on Advances in Computing, Communications and Informatics (ICACCI), Mysore, India. doi:10.1109/icacci.2013.6637504.

Williams, T., & Betak, J. (2018). A Comparison of LSA and LDA for the Analysis of Railroad Accident Text. Procedia Computer Science, 130, 98–102. doi:10.1016/j.procs.2018.04.017.

Huang, S., Zhang, J., Yang, C., Gu, Q., Li, M., & Wang, W. (2022). The interval grey QFD method for new product development: Integrate with LDA topic model to analyze online reviews. Engineering Applications of Artificial Intelligence, 114, 105213. doi:10.1016/j.engappai.2022.105213.

Wei, X., & Taecharungroj, V. (2022). How to improve learning experience in MOOCs an analysis of online reviews of business courses on Coursera. International Journal of Management Education, 20(3), 100675. doi:10.1016/j.ijme.2022.100675.

Sim, Y., Lee, S. K., & Sutherland, I. (2021). The impact of latent topic valence of online reviews on purchase intention for the accommodation industry. Tourism Management Perspectives, 40, 100903. doi:10.1016/j.tmp.2021.100903.

Alzahrani, S. S. (2022). Data Mining Regarding Cyberbullying in the Arabic Language on Instagram Using KNIME and Orange Tools. Engineering, Technology & Applied Science Research, 12(5), 9364–9371. doi:10.48084/etasr.5184.

Thummala, V., & Hiremath, R. B. (2022). Green aviation in India: Airline’s implementation for achieving sustainability. Cleaner and Responsible Consumption, 7, 100082. doi:10.1016/j.clrc.2022.100082.

Nowell, L. S., Norris, J. M., White, D. E., & Moules, N. J. (2017). Thematic Analysis: Striving to Meet the Trustworthiness Criteria. International Journal of Qualitative Methods, 16(1), 1609406917733847. doi:10.1177/1609406917733847.

Paulus, T., Woods, M., Atkins, D. P., & Macklin, R. (2017). The discourse of QDAS: reporting practices of ATLAS.ti and NVivo users with implications for best practices. International Journal of Social Research Methodology, 20(1), 35–47. doi:10.1080/13645579.2015.1102454.

Claps, G. G., Berntsson Svensson, R., & Aurum, A. (2015). On the journey to continuous deployment: Technical and social challenges along the way. Information and Software Technology, 57(1), 21–31. doi:10.1016/j.infsof.2014.07.009.

Yin, R. K. (2013). Validity and generalization in future case study evaluations. Evaluation, 19(3), 321–332. doi:10.1177/1356389013497081.

Sabzi, M., Kamarei, M., Haghighi, T. R., & Mahe, Y. (2020). Analysis and Design of X-Band LNA Using Parallel Technique. 2020 28th Iranian Conference on Electrical Engineering (ICEE), Tabriz, Iran. doi:10.1109/icee50131.2020.9260604.

Abbasi, S. olah, Nejatian, S., Parvin, H., Rezaie, V., & Bagherifard, K. (2019). Clustering ensemble selection considering quality and diversity. Artificial Intelligence Review, 52(2), 1311–1340. doi:10.1007/s10462-018-9642-2.

Hu, X., Li, Y., Chen, G., Zhao, Z., & Qu, X. (2022). Identification of balance recovery patterns after slips using hierarchical cluster analysis. Journal of Biomechanics, 143, 111281. doi:10.1016/j.jbiomech.2022.111281.

Fatouros, G., Soldatos, J., Kouroumali, K., Makridis, G., & Kyriazis, D. (2023). Transforming sentiment analysis in the financial domain with ChatGPT. Machine Learning with Applications, 14, 100508. doi:10.1016/j.mlwa.2023.100508.

Md Suhaimin, M. S., Ahmad Hijazi, M. H., Moung, E. G., Nohuddin, P. N. E., Chua, S., & Coenen, F. (2023). Social media sentiment analysis and opinion mining in public security: Taxonomy, trend analysis, issues and future directions. Journal of King Saud University - Computer and Information Sciences, 35(9), 101776. doi:10.1016/j.jksuci.2023.101776.

Chen, Y., Han, D., & Zhou, X. (2023). Mining the emotional information in the audio of earnings conference calls: A deep learning approach for sentiment analysis of securities analysts’ follow-up behavior. International Review of Financial Analysis, 88, 102704. doi:10.1016/j.irfa.2023.102704.

McGuire, M., & Dowling, S. (2013). Cybercrime: A review of the evidence. Summary of key findings and implications. Home Office Research Report, 75, 1-35.