Supporting students' knowledge and skills in information technology security through a security portal

Ciftci, Nilay Pancar
Delialioğlu, Ömer
This study aims to investigate the initial perceived knowledge and skills of high school students in information technology (IT) security and the effect of an online security support tool, the Security Portal (SP), on students' perceived knowledge and skills in IT security. The SP is a website designed and developed as an extracurricular learning tool to improve high school students' knowledge and skills in IT security. An exploratory research design with descriptive and inferential statistical analysis was conducted to answer the research questions. The data were collected from the participants through the Perceived Knowledge and Skills in IT Security questionnaire, administered as pre-test and post-test before and after using the SP. The results of the study indicated that the majority of students were not aware about their schools' IT security policies and rules. Similarly, students had limited knowledge of the rules for using IT devices at their homes. Students' perceived knowledge and skills in (i) virus infection, (ii) awareness about IT crimes and unlicensed products, (iii) security settings of operating systems, (iv) Windows firewall and defender, (v) security settings of Android OS except adding owner information (vi) security issues related to e-mails, except risk associated with opening e-mails from unknown senders, (vii) security issues of web browsers and SNSs except security and privacy settings of SNSs, could be improved by using such tools.


Increasing trustworthiness of security critical applications using trusted computing
Uzunay, Yusuf; Baykal, Nazife; Bıçakcı, Kemal; Department of Information Systems (2014)
In this thesis work, we aim to increase the trustworthiness of security critical applications by utilizing trusted computing technologies. We focus on two case applications; authentication proxy systems and e-voting systems. Our first case application is authentication proxy systems which store users’ sensitive credentials and submit them to the servers of the service providers on their behalf. To increase the trustworthiness of authentication proxy systems, we propose Trust-in-the-Middle a trusted platform...
A study of an online cyber identity course designed on the basis of thecommunity of inquiry model
Sancar, Raziye; Atal Demirbacak, Deniz; Kuşcu, Ebru; Barutçu Yıldırım, Kadriye Funda (2023-1-01)
The current study examines whether an online cyber identity course, which was based on the community of inquiry model, significantly affected the self-efficacy perception of school counselor candidates (SCC) in terms of technology integration. Forty-four SCC, selected using the criterion sampling method, participated in a mixed-method design study by taking a one-week online cyber identity course. The online version of the Computer Technology Integration Survey (CTIS) was used as a pre and post-test measure...
A Decision Support System for Optimal Selection of Enterprise Information Security Preventative Actions
Sonmez, Ferda Ozdemir; Günel Kılıç, Banu (2021-09-01)
Types and complexity of information security related vulnerabilities are growing rapidly and present numerous challenges to the enterprises. One of the key challenges is to identify the optimal set of precautions with limited budget. Despite the fact that majority of enterprises have a budget constraint for installing and maintaining the protection systems, the majority of the previous work only focus on prioritization of security targets and do not consider the preventative actions and budget constraints. ...
Attack tree based information technology security metric integrating enterprise objectives with vulnerabilities
Karabey, Buğra; Baykal, Nazife; Department of Information Systems (2011)
Security is one of the key concerns in the domain of Information Technology systems. Maintaining the confidentiality, integrity and availability of such systems, mandates a rigorous prior analysis of the security risks that confront these systems. In order to analyze, mitigate and recover from these risks a metrics based methodology is essential in prioritizing the response strategies to these risks and also this approach is required for resource allocation schedules to mitigate such risks. In addition to t...
Analysis of Password Attacks From The Perspective Of The Attacker By Multiple Honeypots
Aydın, Kıvanç; Acartürk, Cengiz; Department of Cybersecurity (2021-8-19)
Authentication is vital for secure operation of ICT systems. Since the past several decades, alternative solutions have been developed for authentication, such as biometric authentication methods, aiming at replacing passwords. Nevertheless, their success has been limited as evidenced by intensive use of passwords. Today, an average user uses dozens of different passwords in daily practice. The frequent use of passwords in authentication also leads to a close interest of attackers due to rapid the expansion...
Citation Formats
N. P. Ciftci and Ö. Delialioğlu, “Supporting students’ knowledge and skills in information technology security through a security portal,” INFORMATION DEVELOPMENT, pp. 1417–1427, 2016, Accessed: 00, 2020. [Online]. Available: