Library
|
Your profile |
Security Issues
Reference:
Kostyuchenko K., Mukhachev S.
Assessment of students' awareness in the field of information technology and information security
// Security Issues.
2024. ¹ 2.
P. 9-17.
DOI: 10.25136/2409-7543.2024.2.43491 EDN: JITETB URL: https://en.nbpublish.com/library_read_article.php?id=43491
Assessment of students' awareness in the field of information technology and information security
DOI: 10.25136/2409-7543.2024.2.43491EDN: JITETBReceived: 03-07-2023Published: 12-06-2024Abstract: The article is devoted to the results of studying the state of students' awareness in the field of information technology. The subject of the study is the main elements of information technology and information security. The aspects related to the use of information technologies, the use of information protection methods, and the understanding of the nature of information threats by students in educational institutions of higher education were studied. The object of the study is various educational institutions, including law enforcement. The results of a survey of students for several years are presented. The data obtained on the possession of computer technologies, as well as the negative information impact, are analyzed. Particular attention is paid to the comparison with similar data given in other publications. The main conclusions of the conducted research are that the respondents actively use information technologies in educational work, entertainment, communication, however, at the same time, they are rather poorly aware of information security issues. The younger generation does not fully understand the degree of danger in relation to the information being processed, their own mental and physical health, financial well-being, and in some cases, life. Less than half of the respondents are aware of the requirements of regulatory legal acts in the information sphere, which is why even the most common means of information protection are not used. It follows from the results of the analysis that the level of awareness changes little over time. Keywords: information technologies, information security, cybersecurity, computer security, Internet, information impact, questionnaire, reliability of information, competencies, information warfareThis article is automatically translated. Introduction In the modern world, the information sphere is developing very rapidly – much faster than other spheres. The functionality of computer and telecommunication equipment is expanding and improving qualitatively, new devices and programs are appearing, mobile communication systems are being improved, processing of increasing data is accelerating, and the volume of accumulated data is growing explosively. Information technology is spreading into new areas. If at the dawn of development a computer was used only for mathematical calculations, today it is difficult to name an area where it would not be used: document management, telecommunications, management of complex technical systems, working with big data in various fields (banks, public services), educational process, games and many others. Along with the undoubted positive achievements related to information and telecommunication technologies, the range of problems in the field of information security is also expanding. Various variants of negative information impact are added to the "traditional" security threats (computer viruses, spyware, unauthorized access to data, means of modification and destruction of information): spam, unwanted content, vulgar and aggressive nature of communication in the media, cyberbullying, gamification of consciousness, imposition of criminal behavior, suicidal tendencies, etc. Young people, including students, are particularly susceptible to such an impact [1]. In order to counteract negative phenomena, it is necessary to take into account these negative aspects when developing and teaching training courses on information technology and information security. For this purpose, it is required to know the degree of awareness of students in these issues. Then, based on the analysis of the results obtained, it is necessary, based on the current state and assessment of prospects, to make timely adjustments to educational standards and training programs [2, 3]. Similar studies are systematically conducted in various countries: awareness of computer security issues (cybersecurity, web security) is studied [1, 4-7]; the behavior of adolescents in virtual communication is analyzed [3, 8]; various pedagogical aspects of teaching youth information technologies and maintaining information security are investigated [2, 7, 9]. Therefore, it is interesting to obtain data related to Russian students, compare the results of their analysis with those already published, and assess the prevailing realities.
Methods and materials The following methods were used in the performance of the work: the study of materials from scientific publications on the problem, observation, questioning, theoretical analysis. This study is a logical continuation of previous work: – study of students' computer literacy and their use of various information and security technologies in public and private higher educational institutions in Yekaterinburg in 2006 (a survey of 593 students of various specialties was conducted); – study of the processes of information impact on cadets and students (correspondence courses) of the University of the Ministry of Internal Affairs of Russia in 2015 (a survey of 190 students was conducted). The study continued in 2019-2022 on the basis of one of the technical universities of the Urals. The aim is to determine the quantitative characteristics of competencies related to various aspects of the use of information technology and information security. The survey was carried out anonymously. The collection of materials is implemented in two stages. At the first stage, 360 first-year students (technical specialties, full-time education) took part in a continuous survey. Additionally, at the second stage, a random selection method was used to conduct a sample survey of 22 3rd year students and 30 correspondence students. The questionnaire used questions from previous research questionnaires and some others specially designed. The questionnaires included two sets of questions, as well as information about the age and specialty in which the student is studying. The first block contained questions concerning the use of information technology by the interviewed students. Respondents were asked to assess their level of knowledge of information technology in general; the level of knowledge of office computer programs; satisfaction with the operating systems and individual application programs used; the need to study some new programs; the level of proficiency in mobile technologies. The second block contained questions on the topic of information security. The questions were formulated as follows. "How much time a day do you spend on the Internet, apart from studying (in hours)?" "Do you play computer games (if so, how much (in hours)?" "Evaluate: what is the reliability of information on the Internet (%)?" "Rate: what is your knowledge of information security (%)?" "Do you think that an informational (psychological, informational-psychological) war is going on against you?" "Do you consider your personal data to be protected?" "Do you use an antivirus program? If so, which one?" "Do you comply with the requirements of regulatory legal acts in the information sphere?" "What information influences have recently influenced your views, actions, and studies?" "Do you know how to counteract the negative results of information influence?"
Results The material collected as a result of the survey was processed using standard statistical methods. The average age of the respondents was 18 years old. 38% of respondents are girls. Students rated their level of information technology proficiency at 65%, and mobile technology at 87%. The level of knowledge of individual programs of the popular Microsoft Office suite is shown in Figure 1. 1% of respondents are engaged in programming, but 5% want to study programming more deeply, and 9% want to study database management systems. Fig. 1. Data on students' assessment of the level of knowledge of individual programs of the popular Microsoft Office suite (in percent)
The other most significant results of questionnaire processing are summarized in Table 1 and are clearly shown in Fig. 2 and 3.
Table 1. The main results of the student survey
Fig. 2. Data on students' compliance with the requirements of regulatory legal acts in the field of information technology and information security
Fig. 3. Structure of students' information sources
Discussion The analysis of the data obtained and their comparison with similar studies allow us to formulate the following conclusions. 1. Students spend a lot of time on the computer – on average more than 6 hours a day (data obtained before the limitations associated with the COVID pandemic). Of these, about 2 hours are spent playing computer games. From the results of the survey, it can be seen that girls play computer games much less (2-3% of respondents) than boys. Therefore, the real value of time spent on computer games exceeds 4 hours. This is a serious problem, as such a long time devoted to games has a negative impact on the physical health of young people. In some situations, criminal behavior may manifest itself, as well as mental abnormalities [2, 10]. With distance learning, the problem associated with excessive computer usage is only getting worse. 2. The main source of information is the Internet and social networks (54% of respondents). And this is despite the fact that the reliability of information on the Internet by the respondents themselves is estimated at only 58%, and by experts it is estimated even lower – 15-25%. Indeed, many researchers cite numerous facts of the appearance of fake news, the spread of disinformation, manipulation in social networks and other sources of the digital space [11, 12]. These values are quite consistent with the data obtained earlier in the survey of cadets and students of the law enforcement university. 3. Recent graduates of educational institutions are rather poorly informed about information security issues (only 44%). Only 23% of respondents believe that an information war is going on against them personally. Approximately the same number of students acknowledge the existence of information warfare, but do not attribute this fact to themselves. This is a long-standing problem of the formation of a common safety culture, mainly related to the shortcomings of teaching historical and socio-political disciplines. It should be noted that the respondents do not identify the concept of "information security" and "computer security", despite the observed confusion of these concepts in the vast majority of mass media and other sources. It is conventionally believed that the topic of computer security is only about half of the total topic of information security. 4. Only about half of the students comply with the requirements of normative legal acts in the information sphere (to one degree or another), and about a quarter are not aware of the legal aspects and their implementation or do not think about it. 5. The consequence of ignorance and, in part, non-compliance with regulatory legal acts (legal nihilism) is that almost a quarter of the respondents do not use antivirus programs, i.e. they do not protect their computer information in any way. Perhaps there is also the usual reluctance to spend money (due to limited resources). It seems that the same statements are true for other computer security topics. 6. Only about half of the respondents surveyed replied that they know how to counteract the negative results of information exposure. However, it is difficult to agree with this figure, because it seems to be overstated (maybe due to a misunderstanding of the complexity of the topic). Sources of negative information influence exist in large numbers, often in an implicit form. These are tools of information and psychological warfare: active disinformation, extremist appeals, unverified news, rumors, gossip, malicious cartoons, demotivators, etc. Such information has an extremely negative effect on a person's consciousness, his worldview, and, consequently, his behavior and specific actions. The result can be various phobias, attachments, addictions, various disorders, inadequate needs, etc. You need to be able to defend yourself from this. For comparison, only about 15% of cadets and law enforcement university students who participated in the survey earlier showed that they were taking at least some specific measures to reduce negative information impacts and minimize their consequences. And this is despite the fact that planned educational and psychological work is being carried out with law enforcement officers. But there are still not enough clear appropriate methods (primarily psychological ones).
Conclusions As a result of the conducted research, interesting results were obtained that allow us to judge the awareness of students in various aspects of information technology, their application and information security. Despite the rather long time period that has passed since the first survey, the main features that are revealed as a result of the survey in the student environment change slightly. The result is quite interesting, as everything is changing rapidly: the technical level of information technology, the degree of development of technical and software tools, educational programs of educational institutions. It is possible, apparently, to conclude about the presence (and, possibly, the predominance) of conservative psychological factors affecting the state of the studied subject area. The results of the study allow us to judge the state of students' awareness in the field of information technology and information security. Quantitative indicators characterizing the possession of information technologies and methods of information security, characterizing the main sources of information in the student environment, attitude to the regulatory and legal regulation of the field studied in the work are obtained. The identified features should be used in the preparation and improvement of curricula and work programs regulating the educational process. References
1. Chusavitina, G.N., & Zerkina, N.N., & Makashova, V.N. (2018). Special aspects of future teachers' training in ensuring information security sphere for university students. Perspektivy Nauki i Obrazovania 35(5), 259-266.
2. Kurzayeva L.V., & Chusavitina, G.N. (2013). On the Question of Requirements Formation to the Personal Information Security Competences in the System of Higher Education. Fundamental Researches, 8, 1203-1207. 3. Chusavitina G.N., & Musiychuk M.V. (2017). Pedagogical aspects of the problem of counteraction to threats on the Internet. Mir Nauki, 6, 1-14. 4. Arutyunov V.V. (2013) About Internet resources for users. Bulletin of the MFJA, 1, 79-84. 5. Chan, R.Y.-Y., Ho, K.M., Jia, S., Yan, X., & Yu, X. (2017). Facebook and information security education: What can we know from social network analyses on Hong Kong engineering students? Proceedings of 2016 IEEE International Conference on Teaching, Assessment and Learning for Engineering, TALE 2016. 6. Alharbi, T., & Tassaddiq, A. (2021). Assessment of cybersecurity awareness among students of Majmaah University. Big Data and Cognitive Computing 5(2), 23. 7. Cruz, T., & Simões, P. (2020). Fostering cybersecurity awareness among computing science undergraduate students motivating by example. European Conference on Information Warfare and Security, ECCWS 2020. June, pp. 72-81. 8. Nowrin, S., & Bawden, D. (2018). Information security behaviour of smartphone users: An empirical study on the students of university of Dhaka, Bangladesh. Information and Learning Science 119(7-8), 444-455. 9. Wu, T., Tien, K.-Y., Hsu, W.-C., & Wen, F.-H. (2021). Assessing the effects of gamification on enhancing information security awareness knowledge. Applied Sciences (Switzerland) 11(19), 9266. 10. Makarenko, T.D., Smirnov, A.M., Santashov, A.L., Mironov, A.V., & Nekrasov, V.N. (2018). On the differentiation of responsibility for the organization of binary options using «exchange terminals» in the context of preventing underage crime and gambling. Russian journal of criminology 12(6), 856-864. 11. Hilary, I.O., & Dumebi, O.-O. (2021). Social media as a tool for misinformation and disinformation management. Linguistics and Culture Review, 5, 496-505. 12. Caramancion, K.M. (2020). An exploration of disinformation as a cybersecurity threat. Proceedings-3rd International Conference on Information and Computer Technologies, ICICT 2020 9092330, pp. 440-444.
Peer Review
Peer reviewers' evaluations remain confidential and are not disclosed to the public. Only external reviews, authorized for publication by the article's author(s), are made public. Typically, these final reviews are conducted after the manuscript's revision. Adhering to our double-blind review policy, the reviewer's identity is kept confidential.
|