Artificial Intelligence for Cybersecurity: A Systematic Mapping of Literature

Due to the ever-increasing complexities in cybercrimes, there is the need for cybersecurity methods to be more robust and intelligent. This will make defense mechanisms to be capable of making real-time decisions that can effectively respond to sophisticated attacks. To support this, both researchers and practitioners need to be familiar with current methods of ensuring cybersecurity (CyberSec). In particular, the use of artificial intelligence for combating cybercrimes. However, there is lack of summaries on artificial intelligent methods for combating cybercrimes. To address this knowledge gap, this study sampled 131 articles from two main scholarly databases (ACM digital library and IEEE Xplore). Using a systematic mapping, the articles were analyzed using quantitative and qualitative methods. It was observed that artificial intelligent methods have made remarkable contributions to combating cybercrimes with significant improvement in intrusion detection systems. It was also observed that there is a reduction in computational complexity, model training times and false alarms. However, there is a significant skewness within the domain. Most studies have focused on intrusion detection and prevention systems, and the most dominant technique used was support vector machines. The findings also revealed that majority of the studies were published in two journal outlets. It is therefore suggested that to enhance research in artificial intelligence for CyberSec, researchers need to adopt newer techniques and also publish in other related outlets.


I. INTRODUCTION
The rapid evolution of information and communication technologies, including the Internet has bred positive implications to organizations and social lives. The Internet provides a platform that facilitates communication and networking. It supports knowledge sharing [1] and social interaction [2] which are important ingredients for human development. Amidst all the benefits, it has a dark side. Its increase in reliance on third party and/or cloud-based data storage and applications, make it extremely difficult for organizations to provide ''total'' security to their information systems.
For instance, current cloud infrastructure is characterized by a three-layer architecture. Each layer is arguably at risk from a range of vulnerabilities introduced either by The associate editor coordinating the review of this manuscript and approving it for publication was Tallha Akram . programmers or service providers. The disparate handling of data makes crimes such as cybertheft and cyber-fraud more complex to track within cyberspaces [3]. More worryingly, ubiquitous distributed computing eliminates the importance of geographical boundaries, and this also makes it possible for criminal activities to originate from any part of the World [4]. Hence, organizations are increasingly challenged by a wide range of cyber-attacks [5], [6]. These attacks are characterized by a high level of sophistication that calls for the need of adopting Artificial Intelligence (AI) or intelligent agents to combat them.
Accordingly, cyber defense mechanisms must be i) increasingly intelligent, ii) more flexible, and iii) robust enough to detect a variety of threats and mitigate against them. To achieve these requirements, organizations are adopting AI techniques to effectively monitor and combat cyber-attacks and cybercrimes. This, in addition, calls for the need for researchers and practitioners to be familiar with current state of the art on the use of AI methods for cyber safety. Although some existing studies have summarized and discussed issues impacting cybersecurity (CyberSec), to the best of our knowledge none has, in a systematic manner, focused on AI applications in CyberSec. Thus, this paper aims to systematically review existing studies on the use of AI techniques for combating cyber-attacks.
The next section provides a brief background on how AIs are used in combating CyberSec issues. This is followed by a discussion on existing related works and the current knowledge gap. The method used for conducting the study, the findings, discussions and conclusions are also presented.

II. BACKGROUND LITERATURE A. ARTIFICIAL INTELLIGENCE FOR CYBERSECURITY
Information and communication technology researchers agree that information security (InfoSec) is of primary importance [7]. Consequently, a number of studies have attempted to address this by adopting improved techniques and technological artifacts; including the use of malware detectors, intrusion detection and prevention systems (IDPS), sophisticated firewall setups and data encryption algorithms. Although some studies have argued that InfoSec issues can be effectively managed by focusing on human behavior [10], others have argued that focusing on human behavior alone is not sufficient [3]. For example, the quantum of information handled by most organizations necessitates considerable automation [12]. Hence, there is the need for an appropriate balance between humans, technology and policy management in organizational security activities.
Conventional CyberSec prevention technologies use fix algorithms and physical devices (such as sensors and detectors), thus they are ineffective at containing new cyberspace threats [10]. For instance, the first generation of antivirus systems were designed to identify viruses by scanning its bit signature. The fundamental assumption of this concept is that a virus has the same structure and bit pattern in all instances. These signatures and algorithms are therefore fixed. Although the catalog of signatures is updated on a daily basis (or whenever the device is connected to the Internet), the sophistication and regular release of vast malware make this approach ineffective. However, the introduction of signature-less approaches that are capable of detecting and mitigating malware attacks using newer methods such as behavioral detections and AIs have been argued to be more effective [12], [13].
This suggests that advancement in AI applications have made it possible to design relatively effective and efficient systems that automatically identify and prevent malicious activities within cyberspaces [3]. They have been adopted to support existing technological methods as they provide effective standards and mechanisms to better control and prevent cyber-attacks [14]. Despite all the benefits AI provides, the rapid evolution of approaches makes it extremely difficult for researchers to identify the most efficient technique and its impact on cyberspace security. There is no ambiguity that the general perception amongst InfoSec and CyberSec researchers and practitioners suggest that AI has improved organizational information security, yet to the best of our knowledge, these claims are speculative and have not been empirically substantiated. Most existing studies have either demonstrated how their innovation outperform a selection of existing methods or surveyed a sample of systems and assess their performance in comparison to theirs. In all cases, the level of selection biases is relatively high. Accordingly, there is the need for an aggregated literature that provide summaries on issues, challenges and future research directions within the domain.

B. RELATED WORK
As mentioned earlier, existing studies have attempted to review literature on CyberSec. For instance, Al-Mhiqani et al [15] reviewed cases and incidents in cyber-physical systems by describing a range of security breaches and provided solutions for curtailing such breaches. Although their study provides meaningful insights to researchers, it failed to address issues regarding AI advances in the domain. It is limited and did not present discussions on techniques and algorithms that are dominating the domain Li [16] provided a summary of how AI has been used to combat cyber-attacks. However, the study was arguably not systematic: the method used for selecting literature was not defined, and disputably open to researcher bias. Furthermore, Li [16] failed to provide discussions concerning the patterns and trends impacting the performance of existing algorithms.
Other researchers focused their reviews in specific domains, maintaining that CyberSec research is biased towards intrusion detection and industrial control systems [19] Lun et al. [20], for instance, identified, classified and analyzed cyber-physical security systems and concluded that majority of CyberSec studies focus on approaches that detect and protect power grids. Leszczyna [21] reviewed standards of CyberSec requirements for smart grids and augmented existing studies by providing evidence to consolidate and compare current standards. Coventry and Branley [22] and Kruse et al. [23] reviewed patterns of attacks within healthcare cyberspace, and identified that information theft and ransomware attacks were increasingly prevalent within healthcare institutions. They concluded that systems and measures for ensuring CyberSec within the healthcare industries are deficient Dilek et al. [3] reviewed AI applications and techniques for combating cybercrime, yet their study cannot claim to be 'systematic' when critically compared with systematic review guidelines as proposed by Kitchenham and Charters [18]. Specifically, they failed to detail the methods adopted for study selection (i.e. inclusion and exclusion criteria, search terms and phrases), the databases which were queried, and the data extraction method used. In addition, although they reported and explained existing AI methods that are used in combating cybercrimes, they failed to provide an overview of research trends in the domain.
Although the studies discussed above is not an exhaustive list of all literature relating to cybersecurity review research, a search from academic electronic libraries for systematic review studies on cybersecurity failed to provide studies that summarizes trends for AI methods in cybersecurity. Yet, information on publication trends, dominant AI methods and its impact on cybersecurity is crucial. This is because, such information will provide the knowledge gaps and potential opportunities or prospects in the domain: this is pertinent for researchers and practitioners. This, therefore, makes it imperative to conduct investigations in the domain using a systematic approach. It is however emphasized that, although systematic reviews do not guarantee bias-free literature investigations, it reduces biasness and also provides auditable findings.

III. REVIEW METHODOLOGY
To ensure a rigorous and auditable review, a comprehensive review protocol was developed. Review protocols reduce researcher's biasness and provide a framework that guides the review process. This study adopted an existing systematic review method used in software engineering research as proposed by Kitchenham and Charters [18]. The main review process, consists of three phases, i.e. planning, conducting and documenting phases. The protocol detailed the rationale for the study, defined the review questions, search strategy, databases, inclusion and exclusion criteria, data extraction and synthesis. Figure 1 is a diagrammatic presentation of the review process grouped into the three main phases, as suggested by Kitchenham and Charters [18].
As suggested by Brereton et al. [24], review questions were formulated during the planning stage to elicit the study goals, which in turn formed the foundation of the study. The Goal-Question-Metric approach (see Table 1) [25] was adopted. This approach has been demonstrated by Lun et al. [20] to be effective for eliciting objectives of systematic reviews.
Within CyberSec domain, questions concerning the most used AI methods and its effectiveness, directions of current and future research among others remain unanswered. Accordingly, this study seeks to explore existing studies in the domain to address these knowledge gaps. Table 2 is a list of review questions, which this study addressed and the rationale or motivation for posing the questions.
The search terms, keywords, databases, search engines, and the scope (time frame) were all considered and defined. The inclusion and exclusion criteria were also defined. To reduce biasness, a review protocol was developed separately by four members of the research team (i.e. one principal reviewer, two secondary reviewers, and a research methodologist).
In all instances, the members performed preliminary searches to select the most appropriate databases and keywords. The individual protocols were amalgamated to address the study's need, and the combined protocol was redefined and reviewed by the fifth member (the advisor). The agreed protocol was sent to an external reviewer with CyberSec expertise for comments and amendments. After subsequent corrections, the final protocol was developed.
The keywords or phrases considered appropriate were made up of two categories; i.e. those relating to intelligence systems (Artificial intelligence, Machine learning and Deep learning) and those relating to security (Cybersecurity, information security, internet security and network security). The words from both categories were combined to form search phrases including Artificial intelligence and/or Cybersecurity, Machine learning and/or Cybersecurity, Deep learning and/or Cybersecurity, Artificial intelligence and/or information security, Machine learning and/or information security, Deep learning and/or information security, Artificial intelligence and/or internet security, Machine learning and/or internet security, Deep learning and/or internet security, Artificial intelligence and/or network security, Machine learning and/or network security, Deep learning and/or network security. The search timeframe was limited to studies published from 2008 to 2018: this allows consideration of the research patterns over a substantial period of time. Institute of Electrical and Electronics Engineers (IEEE) and Association for Computing Machinery (ACM) digital libraries were deemed the most appropriate databases for the review, since the preliminary search indicated that other scholarly databases have limited related studies in the domain. Arguably, IEEE and ACM scholarly databases are considered as the two main computer science research databases.
The search produced a total of 1145 studies. Eight hundred and fifty-seven (857) studies were from IEEE research database and the remainder (277) was from ACM Digital Library. All studies were subjected to the inclusion and exclusion criteria. Only peer-reviewed journal articles were selected. Tutorials, short papers, conference proceedings, etc. were excluded. This ensured that all selected studies had undergone consistent revision and/or had been peer-reviewed by more than one external stakeholders as being of good quality. Studies that did not suggest within the title, that its content is related to the application of AI in an area of CyberSec were discarded. Next, studies with abstracts that did not discuss an AI application for CyberSec were discarded. This reduced biasness and researcher subjectivity in the selection process.
In total, 131 studies were selected. Data were extracted from the selected studies, and 3 members of the team (i.e. the principal and secondary reviewers) performed data extraction separately. All members met and discussed their findings in order to address any disparity between analysis. Studies that produced contradictory classifications were resolved in a group meeting attended by all members of the team. A resolution was driven by the other two members (i.e. the advisor and the research methodologist) who assessed the articles. If required, a vote was taken by team members to support or refute any final decision.
During the data extraction process, the relevant information needed were recorded from all the selected primary studies (131 articles) to answer the review questions stated in table 2. The resultant information was tabulated to find trends and patterns in the selected studies. The extracted data was analyzed and summarized. VOLUME 8, 2020

IV. REVIEW RESULTS
Information regarding the year of publication, the corresponding author's address and country and the publication outlet, were recorded. In addition, for each article the AI method used, and the type of security application discussed was recorded. Studies that discussed improvement of existing approaches were also analyzed and summarized. Below is a discussion on the findings from the study.

A. PUBLICATION TRENDS
It was evident from the results (see Figure 2) that the number of research publications on AI methods for ensuring cybersecurity have increased considerably in recent years.  The findings indicated that publications were also skewed among publishing houses/outlets. Out of the 131 journal articles studied, 32 of the articles were published in IEEE Access Journal and 26 were published at IEEE Transactions on Information Forensics and Security Journal. These two outlets accounted for 45% (59 publications of the total number. See figure 3 for the chart of publication distribution according to publication outlets). The chart indicates outlets with more than 2 publications. The next publication outlet that recorded the most articles was the IEEE Transactions on Industrial Informatics and IEEE transaction on Network and Service Management. They both recorded five studies. The rest of the publishing outlets recorded either three or less studies.
Similarly, research in the domain was observed to be skewed geographically. The addresses of corresponding authors revealed that majority of the studies originated from countries in Asia. A total of 68 articles out of the 131 (i.e. 52%) originated from Asia. South America and Africa recorded one publication each. In terms of countries, China recorded the highest publication followed by the United States of America. See figure 4 for the distribution of articles studied in terms of country of origin.  Table 3. Fourteen studies did not explicitly specify the algorithm used for implementing the security measure. The most used algorithm was SVM (24 studies) followed by CNN (14). ANN was used in 10 studies, whereas Random forest, K-means and Decision trees were recorded in 9, 8 and 7 studies respectively.
For convenience and simplicity, domains of application were grouped into six: (i) intrusion detection and prevention systems (IDPS), (ii) traffic classification systems, (iii) imaging and captcha, (iv) Encryption and certification, (v) Denialof-service attack, and (vi) malware, virus, phishing, etc.
The study revealed that intrusion detection and prevention systems (IPDS) have attracted more research attention compared to other domains. Thirty-eight studies (i.e. 41%) addressed issues relating to IDPS (see table 4), followed  Studies that focused on power systems security assessment, covert channels, security games, fingerprint liveness detection, biometric verification (including facial verification), malicious webpages, cyberbullying, false data injection, online deception review, information risk assessment, iris recognition were all classified as others, since they were not identified in more than 2 studies. The total number of studies that fell under this category was 47 (i.e. 36%). To understand how various algorithms have been used for different areas of application, the various methods were mapped to different domains of application. The results indicated that IDPS and malware, virus, phishing, etc. mostly adopt ensemble techniques (i.e. uses a combination of two or more AI algorithms). It was also observed that studies that focused on Encryption & Certification, DoS, and Imaging and Captcha do not prefer ensemble methods.

C. IMPACT OF AI METHODS ON CYBERSECURITY
The most significant contribution of AI in the domain is the improvement in false alarm rates for IDPS. All studies on IDPS reported improvement in false alert rates. For instance, Aminanto et al. [26] explained that their approach to IDPS recorded a remarkable false alarm rate of values around 0.012%, which is the current lowest value for impersonation attack detection.
Computational complexity was identified as a key challenge in IDPS. Almost all studies that sought to address issues on IDPS identified it as a challenge. It can be inferred that this challenge has been inherited from generic AI methods VOLUME 8, 2020 (particularly relating to issues in machine learning). This is because computational complexity is one of the most challenging issues in machine learning algorithms [27], [28]. It impacts computational speed and adversely affects the performance of applications. Yet, a number of studies reported some form of reduction in computational complexities. The use of genetic algorithm-based feature selection is effective for reducing computational complexities in IDPS. This was demonstrated by studies conducted by Ahmed et al. [29]. With regard to network intrusion, the ability to detect new traffic patterns and anomalies using ensembles was identified to be one of the most effective methods. In addition, higher IDPS accuracies, with lower rates of false positives and lower energy consumption were observed.
Other contributions include the successful detection of both known and unknown Controller Area Network (CAN) attacks by Wang et al. [31]. The review revealed that AI methods have provided effective ways of detecting malicious users. The use of clickstream models, which does not require prior knowledge or assumptions of user categories was observed to be effective for capturing unexpected or previously known behaviors.
Currently, systems are capable of detecting malicious accounts through identification and coloring of similar clickstreams. Improved correctness of certification classifications, using ANN was demonstrated by Dong et al. [32]. Again, an improvement in accuracy, and computational efficiency for image privacy protection, is currently possible using deep CNN [33] and SVM [34]. Better image manipulation detection algorithms have been developed by Bayar and Stamm [35], and Cui et al. [37]. They improved manipulation detection and malware image detection results respectively using CNN. In addition, Ben Neria et al. [38] have improved malicious webpage detection using spectral clustering.

D. FUTURE DIRECTIONS OF AI METHODS IN CYBERSECURITY
Research directions in AI applications for cyber security were recorded to be broad and diverging since 2008. This divergence can be attributed to the larger spectrum of areas of application. As explained earlier, challenges in cyber issues continue to evolve. This makes it a challenge for studies to focus on a specific domain. Studies within similar areas of applications are currently experimenting with different AI techniques and machine learning algorithms. From table 4, algorithms that were classified as ''other'' formed 36% of the sampled studies. These are algorithms that were identified to have been used in less than two applications. Hence, it can be inferred that researchers are adopting newer, and perhaps more innovative techniques. Accordingly, future studies may opt for novel techniques from other domains. However, it must be emphasized that the need for applications to be computationally efficient, reduce computational complexity and improve performance accuracy are key issues that majority of researchers in the domain advocate for. Particularly, in IDPS the need for improvement in algorithms in complex systems by reducing model training time was observed to be paramount. Also, advocacy on proactive measures towards CyberSec is dominant. Other issues such as the ability to generalize intrusion detection models, the development of self-tuning methods for automated network anomaly detections and advocacy for a significant reduction in detection times were observed in most of the studies. Next is a discussion of the implications of the findings from this study.

A. RESEARCH TRENDS
The skewness in publication trends is visible in the various forms of the analysis (i.e. publication vendors, year of publication, areas of applications and algorithms used). In particular, two outlets dominated publications. This suggests a critical issue that needs to be addressed. Although there are a number of good publication outlets that seek to discuss issues concerning CyberSec and AI, they were not adequately represented in this study. It is intriguing to observe that IEEE Access had 31 studies published between 2017 and 2018, yet IEEE Access started publishing papers in 2013. This raises questions as to why some outlets are failing to attract studies from researchers in the domain: especially outlets that started publishing in this area but are no longer seemingly attractive/support researcher contributions. This trend also suggests the need for other related outlets to consider issues in the domain. Perhaps a call for a special issue in a related journal to draw researchers' attention to the relevance of the matter in their outlet. Again, no outlet was identified with sole interest in AI application for CyberSec. All identified outlets publishing AI and CyberSec issues were multidisciplinary journals. Considering the relevance of the domain with respect to the current advancement in quantum computing and its implications on CyberSec, there is the need for an intensified focus on AI for cybersecurity research.
It can be argued that IDPS is currently the major challenge in CyberSec. Accordingly, majority of the studies geared towards addressing challenges associated with IDPS. This supports Franke and Brynielsson's [19] assertion but refutes that of Lun et al. [20]. Issues on IDPS are vast as they span across physical human intrusion to virtual attacks. In addition, it is associated with other CyberSec issues since most attackers start their attack processes by intruding into systems. Hence, addressing issues on intrusion will reduce a myriad of CyberSec issues.
A considerable number of the studies analyzed focused on malware, phishing and virus-related issues. This finding supports Arshad et al. [43] argument that there is an increase in the number of malware attacks; especially on Android devices. Accordingly, the study found a number of malware detection solutions that were designed for Android devices. Out of 14 applications that were designed for malware detection, eight (8) focused on android devices. Denial of Service attack was one of the least favored areas of interest. This raises some concerns, considering that studies have argued that DoS has devastating effects on Information Technology systems [44]. These findings, however contradict earlier studies [20] that argued that majority of CyberSec studies focus on approaches that detect information theft and ransomware attacks [23]. Also, even though some researchers have argued that DoS attacks is one of the frightening CyberSec issues that needs attention [45], the study showed that the use of AI methods for addressing DoS issues is currently one of the areas that is attracting less attention.

B. AI METHODS AND TECHNIQUES
As observed, support vector machine is the most preferred algorithm for intrusion detection and preventive systems. This supports arguments by Peker [46] that it is a robust algorithm for classification. From the study, the application of SVM grew exponentially between 2013 and 2018. SVMs are capable of solving problems with small samples that are nonlinear and also support high dimensionality. They have become known to be a state-of-the-art algorithm for IDPS.
The study also confirmed suggestions that ensemble techniques are effective for addressing IDPS [39], [40], malware, virus, and phishing [41], [42] as most studies adopted this technique. However, ensembles are less used in Encryption & Certification, DoS, and Imaging and Captcha. Thus, there is the need for investigations to ascertain why ensembles are not preferred in Encryption & Certification, DoS, and Imaging and Captcha, especially considering its success in other cybersecurity issues as observed.
It was also observed that, algorithms that were preferred previously are becoming unpopular. For instance, AdaBoost (one of the early used algorithms) is becoming unpopular (see table 3). Hence, although AdaBoost is considered to be a robust algorithm [47], it is not gaining attention in cybersecurity issues. Other AI algorithms and techniques were not considerably present in the studies reviewed. Artificial neural network and its related algorithms, for example, have not been adequately explored for addressing cybersecurity issues. Yet, existing studies in machine learning have argued that ANN and its related methods are effective [48], [49]. This calls for investigations into the prospects of ANN in cybersecurity issues.

C. SECURING THE CYBERSPACE
AI applications for CyberSec have been generally successful. Notable contributions have been made on combating cybercrime: predominantly issues linked to IDPS. Newer systems demonstrated improvements over previous systems: with impacts on a range of issues including energy efficiency, improved accuracy in predictions, reduction in computational complexities, reduced computational speed and a reduction in model training times.
The domain, however, faces a number of challenges. The divergent nature of current research suggests a promising future, yet some threats that need addressing. A significant number of the studies sampled did not state clearly the algorithm used or the domain of application. This does not demonstrate a lack of focus on specific matters, but rather propositions of generic methods. CyberSec issues are mostly domain-specific, hence the provision of generic solutions may be neither adequate nor effective. Also, the variety of algorithms (almost 50) identified, suggests that researchers are not accepting newer methods that are being introduced. Even though it can be argued that these newer methods do not outperform existing ones (hence less patronage), it is necessary for researchers to investigate and improve them. The spectrum of security issues is broad; thus, it is imperative to consider newer algorithms to address newer challenges. So, there is the need to investigate the reasons for not adopting these techniques and how researchers may be persuaded to incorporate new AI approaches?
Again, although some researchers have argued that the use of single classifiers or algorithms are not effective in CyberSec issues and thus proposed the use of ensemble and hybrid methods [50], this study reveals that these methods are not preferred. Ensemble techniques such as AdaBoost are used less frequently. Accordingly, there is the need to develop interest and attention in the use of hybrid and ensemble classifiers to improve existing CyberSec measures.

VI. RESEARCH VALIDITY, LIMITATION AND CONCLUSION
This paper has presented an overview of existing research on the application of AI for cybersecurity. To the best of our knowledge, it is the first systematic review that considered the entire span of AI activities and its implications in CyberSec.
As in all studies, the need to validate the methods used is paramount. The first threat impacting the validity of this study is the possible omission of papers in the selection process and biasness in the data extraction process. Two scholarly databases were considered. However, there are a number of databases that may have related studies. Thus, the findings of the study cannot be generalized. Yet, it provides an indication of patterns in the domain, particularly considering that the initial search demonstrated that IEEE and ACM digital libraries contain a vast majority of papers required. In addition, to ensure that biasness in selection was minimized, Kitchenham and Charter's [18] guidelines were applied. The search phrases, databases, and scope of the review were performed by multiple individuals. Furthermore, the protocol was reviewed by an external reviewer with expertise in CyberSec to eliminate biases. To reduce the number of omitted articles, two categories of search keywords relating to intelligence systems and security were considered to facilitate a concise research scope.
Although the use of journal articles for the review process may present some biasness, it ensured that the studies selected are of good quality and have been peer-reviewed. This ensured that studies selected for this investigation are of good quality: this is paramount. Even though the omission of conference proceedings may present some biasness, the ability to identify quality conference proceedings (particularly those that are peer-reviewed) from the vast number of available proceedings is a challenge. Quality assessments on VOLUME 8, 2020 conference proceedings are based on researcher's assessment of paper quality and this would have introduced additional biases.
In conclusion, the study suggests that the application of AI in the CyberSec domain has been promising with IDPS showing improvement. AI has facilitated a reduction in computational complexity and reduced model training times. It was also observed that there is a considerable skewness within the domain. Moreover, researchers have focused on fewer algorithms and as such newer algorithms are not popular. This stands as both a challenge and also an opportunity for researchers.
It is believed that AI applications will continue to offer opportunities for cybersecurity. However, research must never stand still, and researchers need to start adopting and adapting new approaches and publish more widely.
[S10] Z. Dong, K. Kane, and L. J. Camp, ''Detection of Rogue Certificates from Trusted Certificate Authorities FELIX NTI KORANTENG received the Bachelor of Science degree in computer science from the Kwame Nkrumah University of Science and Technology, Ghana, and the Master of Science degree in management information systems from the Ghana Institute of Management and Public Administration. He is currently a Researcher and a Lecturer Assistant with the University of Education, Winneba. His research interest includes persuasive technologies. He is particularly interested in persuasive systems that aim to entertain as well as educate. He is also concerned with issues of information and cyber security, human-computer interaction, social media sentiment analysis, and information and knowledge management. His current research interests include social networking sites and knowledge sharing in academic environments.
EMMANUEL NYARKO OBENG received the B.Sc. degree in computer science from the University of Ghana.
He was a Teaching Assistant with the Department of Computer Science, University of Ghana. He is currently an Associate with KPMG, Ghana. As a Consultant, his works focus on helping clients create and sustain value by establishing strategies to change, grow, adapt, shape and respond to disruptive forces, turning their technology vision into reality, optimizing their operations and streamlining support functions, converting their data into insight, transforming risk into a strategic advantage, embedding governance, risk and compliance throughout their organization, supply chain and business ecosystems and mitigating threats to their operations, and IT systems and business. He is also involved in the implementation of the control requirements of the following stan- NANA ASSYNE received the bachelor's degree in business information technology from the Haaga-Helia University of Applied Sciences, Finland, and the Master of Science degree in information technology from the Lappeenranta University of Technology, Finland. He is currently pursuing the Ph.D. degree in computer science with the Faculty of Information Technology, University of Jyväskylä, Finland. He also holds a Professional Certificate in pedagogical studies in vocational teacher education with the Haaga-Helia University of Applied Sciences. He has over five years teaching experience in software engineering courses at the university level and supervising thesis, including supervising thesis at the Haaga-Helia University of Applied Sciences. Meanwhile, he is a Faculty Member of Ghana Institute Management and Public Administration (GIMPA), Ghana. Prior to working at GIMPA, he worked with the Haaga-Helia University of Applied Sciences, as a Student/Teacher Assistant, with nSense Oy, Finland, as a Software Developer, and with the Sekondi-Takoradi Metropolitan Assembly, Ghana, as the Head of the MIS Unit.
ABIGAIL WIAFE received the B.Sc. degree in computer science from Valley View University, Ghana, in 2007, and the M.Sc. degree in business technology consulting from the University of Reading, Reading, U.K., in 2012. She is currently pursuing the Ph.D. degree with the School of Computing, University of Eastern Finland, Finland. She is also a Lecturer with the Faculty of Computing and Information System (FoCIS), Ghana Technology University College. Her current research interests include affective music composition, genetic algorithms, machine learning, and music recommendation. STEPHEN R. GULLIVER received the B.Eng. degree (Hons.) in microelectronics, the M.Sc. degree in distributed information systems, and the Ph. D. degree, in 1999, 2001, and 2004, respec-tively. He worked with the Human Factors Integration Defence Technology Centre (HFI DTC), before getting a job as a Lecturer at Brunel University, from 2005 to 2008. He joined the Henley Business School, University of Reading, in 2008, as a Lecturer and in 2014 was promoted to the role of an Associate Professor. Since 2005, his teaching and research (in the U.K. and abroad) has linked to the area of pervasive informatics. His research interests include multimedia and information assimilation, e-learning and education systems, usability and human factors, technology acceptance, persuasion systems, health systems, and systems conflict and failure.