Patterns of Mobile Awareness and Security Practices: A Clustering Analysis on College Faculty and Students
Maricris M. Usita
*
College of Arts, Sciences, and Technology, Occidental Mindoro State College, Philippines.
*Author to whom correspondence should be addressed.
Abstract
Cyber malware attacks, coupled with a lack of digital learning skills, can create significant issues in educational spheres where digitalization is in its infancy. This research integrates Educational Data Mining (EDM) methodologies to address the lack of actionable, predictive analytics in these environments. This research must (1) determine the malware awareness level and the demographic characteristics of the students and staff, (2) determine the malware awareness and the corresponding defensive strategies, (3) utilize cluster analysis in the detection of trends relative to protection and awareness, and (4) identify and describe the significant deficiencies in malware awareness and in the respective countermeasures. Using Google Colab and Python, survey data were cleaned and preprocessed, and a K-Means clustering analysis was performed, with 180 faculty and 188 students as respondents in the study. The analysis initially showed three different profiles in cybersecurity awareness: one cluster showed high awareness of traditional malware, while social engineering was less known, a second cluster had high knowledge of phishing, smishing, and vishing, accompanied by negative security; and a third cluster showed equilibrium in awareness but a lack of enacted security. The ANOVA test showed significant differences across all variables of malware awareness and security practices (p < .05), especially for social engineering threats, which were the highest. There were also significant gaps in the use of basic security practices, such as antivirus software, safe browsing, and keeping systems updated, indicating a lack of alignment between knowledge and practice. The results show significant gaps in defending against cyberattacks, as well as strong practices within the educational industry. This research elaborates on the need for the design of specific, targeted, revised training programs that address the specific goals of the SDGs for Quality Education, Industry Innovation, and Infrastructure. The silos of personalized adaptive responses and the flows of information regarding emerging threats must tap into educators' and learners' potential to amplify Digital Resilience.
Keywords: Clustering, cybersecurity, demographics, educational data mining, malware awareness, pattern, security practices