Embed Size (px)
DESCRIPTION
Students’ Perceived Ethical Severity of e-Learning Security Attacks. By: Yair Levy, Ph.D. Nova Southeastern University Graduate School of Computer and Information Sciences and Michelle M. Ramim , Ph.D. Nova Southeastern University Huizenga School of Business and Entrepreneurship. - PowerPoint PPT Presentation
Citation preview
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 1
Students’ Perceived Ethical Severity of Students’ Perceived Ethical Severity of
e-Learning Security Attackse-Learning Security AttacksBy:Yair Levy, Ph.D.Yair Levy, Ph.D.Nova Southeastern UniversityGraduate School of Computer and Information Sciences
andMichelle M. Ramim, Ph.D.Michelle M. Ramim, Ph.D.Nova Southeastern UniversityHuizenga School of Business and Entrepreneurship
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 2
OutlineOutline
• Introduction
• Objective
• Theoretical background
• Methodology and sample
• Results
• Conclusions
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 3
IntroductionIntroduction
• Growing use e-learning beyond higher education• Career technical education• Medical education• Corporate and military training• K–12 education
• 96% of 2-year and 4-year public higher education institutions provide some form of e-learning courses (U.S. Department of education, 2009)
• Challenge- provide a secured and accountable e-learning environment
• Valid authentication of users is a perpetual challenge amongst organizations
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 4
Introduction (Cont.)Introduction (Cont.)
• Strategic efforts to reduce cyber-security treats (Obama calls for cyber czar, 2009)
• A surge in incidents of unethical behavior reported in the U.S. news media (Cyberspace threats and Vulnerabilities, US Cert-gov)
• Cyber-security incidents have climbed sharply, particularly after 9/11/2001– NIMDA warm, Code Red
• Only small percentage of such sophisticated attacks are reported to the public
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 5
Introduction (Cont.)Introduction (Cont.)
• A need for a strategy to increase awareness and reduce cyber-security treats (EDUCAUSE)
• Majority hackers were found to be below the age of 30 (Harris, 2004)
• Nowadays, students are more technology savvy and may explore unethical actions under stress, including cyber attacks
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 6
ObjectivesObjectives
• Investigate users’ perceptions about unethical behaviors, specifically e-learning security attacks
• Some evidence from literature indicating that gender, age, and academic rank may have implications on ethical severity (Cronan et
al., 2006; Ramim, 2007)
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 7
Theoretical BackgroundTheoretical Background
• Ethical behavior is gender dependent (Cronan et
al., 2006; Dorantes, Hewitt, & Goles, 2006; Kreie & Cronan, 1998)
– Males appear to be less ethically driven– Females appear to be more ethically driven
• Age and academic rank were also found to show differences related to perceptions about ethical behaviors (Kreie & Cronan, 1998)
• Very little research has been done about such differences in the context of e-learning cyber-security attacks
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 8
FocusFocus
• Investigate students’ perceptions about the severity level of key e-learning security attacks
• Create awareness about e-learning security
• If students perceive the severity of key e-learning security attacks (eLSAs) to be low, then they might be more likely to engage or seek help in engaging on their behalf in such unethical behavior
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 9
Methodology and SampleMethodology and Sample
• Five key security attacks were investigated:– Attack to the server– Intercepting e-mails (reading, altering, blocking,
and/or deleting e-mails sent to someone else) – Unauthorized file sharing– Unauthorized access– Spoofing attack (impersonating as someone else to
falsify data)
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 10
Methodology and Sample (Cont.)Methodology and Sample (Cont.)
Table 1: The five e-learning security attacks
The scale:
Item # Item Description
eLSA1 Initiating a cyber-attack on the e-learning server via the Internet and causing it to be unavailable
eLSA2 Intercepting e-mails (reading and/or altering e-mails sent to someone else) eLSA3 Unauthorized file sharing during e-learning exams eLSA4 Unauthorized access to e-learning network resources eLSA5 Spoofing attacks by students who impersonate their peers to falsify data
1 2 3 4 5Ethical Somewhat
unethicalSlightly
unethicalUnethical Very
unethical
Student is: <-- Less ethical More ethical -->
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 11
Methodology and Sample (Cont.)Methodology and Sample (Cont.)
• 1,100 students attending online courses, both at the undergraduate and graduate level during Fall 2006 to Fall 2009
• 519 responses, represents about 47% response rate
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 12
Methodology and Sample (Cont.)Methodology and Sample (Cont.)
Table 2. Descriptive Statistics of Study Participants (N=519)
Item Frequency Percentage (%)GenderMale 251 48.4%Female 268 51.6%Age18 or under 2 0.4%19-24 221 42.6%25-29 150 28.9%30-34 61 11.8%35-39 24 4.6%40-44 26 5.0%45-54 30 5.8%55-59 4 0.8%60 or older 1 0.2%
Age18 or under 2 0.4%19-24 221 42.6%25-29 150 28.9%30-34 61 11.8%35-39 24 4.6%40-44 26 5.0%45-54 30 5.8%55-59 4 0.8%60 or older 1 0.2%What degree program are you currently enrolled in?Undergraduate 261 50.3%Graduate 258 49.7%
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 13
Four Research QuestionsFour Research Questions
RQ1: How severe do students perceive e-learning security attacks?
RQ2: Are there significant differences between males males and femalesand females on their perceived ethical severity of e-learning security attacks?
RQ3: Are there significant differences between undergraduate and graduate undergraduate and graduate students on their perceived ethical severity of e-learning security attacks?
RQ4: Are there significant differences between students’ age groups students’ age groups on their perceived ethical severity of e-learning security attacks?
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 14
ResultsResults
• Majority of the students appears to self-report their perceptions as ethically driven across all five e-learning security attacks
• The overall percentage of students reported, either ‘4’ (unethical) and ‘5’ (very unethical) when asked to rate their ethical severity about the five e-learning security attacks, was very high (90% on average) with:– Highest: (eLSA2) Intercepting e-mails @ 95%
– Lowest: (eLSA3) Unauthorized file sharing @ 85%
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 15
Results (Cont.)Results (Cont.)
• Majority of the students appear to understand the ethical severity of these e-learning security attacks
• A small percentage (3.3% on average), reported either ‘1’ (ethical) and ‘2’ (somewhat ethical) when asked to rate their ethical severity about the five e-learning security attacks – Highest: (eLSA3) Unauthorized file sharing @ ~6%– Lowest: (eLSA2) Intercepting e-mails @ ~2%
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 16
Results (Cont.)Results (Cont.)
• Significant (p<0.005) gender differences gender differences exist only for eLSA3 Unauthorized file sharing
• Overall across all five items (eLSA1- eLSA5), the results indicated that in regards to perceived ethical severity of e-learning security attacks males find these attacks less severe than females
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 17
Results (Cont.)Results (Cont.)
• Significant (p<0.001) age level age level differences differences exist only for eLSA1 (Initiating a cyber-attack on the e-learning server)
• Overall across all five items (eLSA1- eLSA5), the results indicated that graduate students appear to report these e-learning security attacks slightly higher (more severe) than undergraduate students
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 18
Results (Cont.)Results (Cont.)
• Significant age level differences age level differences for all items with eLSA1, eLSA3, eLSA5 (p<0.001), eLSA2 (p<0.01), and eLSA5 (p=0.01)
• Overall across all five items (eLSA1- eLSA5), the results indicated in regards to perceived ethical severity of e-learning security attacks, there is an increase trend where the older the student is, the more severe s/he ranks the attacks
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 19
ConclusionsConclusions
• A sample of 519 students attending e-learning courses in the U.S.
• Majority (~90%) of the students appear to self-report their perceptions as ethically driven across all the five e-learning security attacks
• It appears that the majority of the students do understand the ethical severity of these e-learning security attacks
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 20
Conclusions (Cont.)Conclusions (Cont.)
• Small percentage (3.3%) of the students reported specific security attacks to be ethical– file sharing scored the highest (~6%)
• In general, males find security attacks less severe than females
• It appears that males are more risk takers• Females tend to be risk averse than males• Undergraduate students appear to perceive
attacks only slightly less severe than graduate students
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 21
Conclusions (Cont.)Conclusions (Cont.)
• The older the student is, the more severe s/he ranks the attacks – i.e. more ethical
• Young male students, appear to find the e-learning security attacks significantly less ethically severe or not severe at all
• Younger students entering technical educational programs also learn how to conduct some of these exact security attacks – need for additional research!
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 22
Thank you!Thank you!
• Questions/comments?
• Thank you all for attending!
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 23
Michelle M. Ramim, Ph.D. Part-time ProfessorNova Southeastern UniversityHuizenga School of Business and Entrepreneurship The DeSantis Building3301 College AvenueFt. Lauderdale, FL 33314
E-mail: [email protected]: http://www.nova.edu/~ramim/
Contact Information - MichelleContact Information - Michelle
2010 - Dr. Yair Levy & Dr. Michelle Ramim – Chais 2010, Israel – February 10, 2010. 24
Yair Levy, Ph.D. Associate ProfessorNova Southeastern UniversityGraduate School of Computer and Information SciencesThe DeSantis Building - Room 40583301 College AvenueFort Lauderdale, FL 33314Tel.: 954-262-2006 Fax: 954-262-3915
E-mail: [email protected]
Site: http://scis.nova.edu/~levyy/
Contact Information - YairContact Information - Yair
