Avoidance of Cybersecurity Threats with the Deployment of a Web-Based Blockchain-Enabled Cybersecurity Awareness System

Abstract

Modern information technology (IT) is well developed, and almost everyone uses the features of IT and services within the Internet. However, people are being affected due to cybersecurity threats. People can adhere to the recommended cybersecurity guidelines, rules, adopted standards, and cybercrime preventive measures to largely mitigate these threats. The ignorance of or lack of cybersecurity knowledge also causes a critical problem regarding confidentiality and privacy. It is not possible to fully avoid cybercrimes that often lead to sufficient business losses and spread forbidden themes (disgust, extremism, child porn, etc.). Therefore, to reduce the risk of cybercrimes, a web-based Blockchain-enabled cybersecurity awareness program (WBCA) process is introduced in this paper. The proposed WBCA trains users to improve their security skills. The proposed program helps with understanding the common behaviors of cybercriminals and improves user knowledge of cybersecurity hygiene, best cybersecurity practices, modern cybersecurity vulnerabilities, and trends. Furthermore, the proposed WBCA uses Blockchain technology to protect the program from potential threats. The proposed program is validated and tested using real-world cybersecurity topics with real users and cybersecurity experts. We anticipate that the proposed program can be extended to other domains, such as national or corporate courses, to increase the cybersecurity awareness level of users. A CentOS-based virtual private server is deployed for testing the proposed WBCA to determine its effectiveness. Finally, WBCA is also compared with other state-of-the-art web-based programs designed for cybersecurity awareness.

1. Introduction

With the spread of digitalization and the Internet of Things, information security is increasingly enmeshed in many aspects of our society [1]. Digital information not only offers advantages but also creates security threats. In handling these threats, cybersecurity is of paramount significance because it provides defensive methods to detect the potential intimidations [2]. However, the majority of the defensive methods are not very effective. Additionally, individuals have tunnel vision regarding information security basics, and they do not know much about other ways to consider and improve cybersecurity awareness. Despite the level of spending, public awareness, and readiness in certain fields, most users do not yet think of computer security as anything but a nuisance [3]. Cybercriminals try to access personal and private information that poses a threat to privacy and confidentiality [4]. Cybercrime can be regarded as computer-mediated activities that are either illegal or considered illicit by certain parties, and these activities can be conducted through global networks [5]. Therefore, the main question is whether it is possible to avoid any cybercrime by knowing the basics of cybersecurity in the mainstream. As modern technologies are used everywhere globally and by almost everyone on the Internet, this issue affects all of them. Cybercrime is switching its battleground from desktops to other platforms, including mobile phones, tablet computers, and VoIPs [6]. This includes stealing, such as by capturing everything people type, including passwords, bank accounts, and credit card numbers [7]. Cyber fraud, stealing, phishing, and other malicious behaviors will enrich the terminology of cybercrime in the years ahead [8]. It is not sufficient to only follow the recommended cybersecurity standards, rules, and anti-cybercrime actions to avoid cybercrimes. There are obvious risks caused by this problem, such as large business losses and the dispersion of prohibited themes, such as cultural and racial hate, violence, child porn, and cyberterrorism. Currently, cybercrime has emerged as the biggest threat to the computer information technology (IT) industry that has taken shape [9]. Security is being employed in different organizations to protect their assets, but it does not fully provide safeguards [10]. As an increasing number of users and businesses use emerging technologies, awareness is becoming one of the most predominant issues [11]. Some cybercriminals are interested in gaining financial access, whereas others seek to get consumer information or intellectual property, harm an organization’s reputation, or release a political declaration through “hacktivism” [12]. The question is whether the fight against cybercriminals can be won or lost. The answer is to depend on individuals’ current cybersecurity knowledge about protecting against cybercrimes so that businesses can be more resistant to cybersecurity attacks. Even if law enforcement reduces the rate of cybercrimes, the issue is to avoid them entirely [13]. A lack of structural stability and continuity within an organization may interrupt efforts to efficiently address the issue of online crime [14]. The government has also made considerable efforts to educate consumers regarding the risks of identity crime, especially the forms that occur online [15,16]. Individuals can also be protected from cybercriminals with the advantages of existing laws [17]. However, this disintermediation of the news process runs counter to the construction of the imagery surrounding cybercrime, which originated in the days before the Internet when the mass media was organized more centrally [16]. It is predicted that a 25% increase in identity theft until 2027 will cause a $40.62 billion loss [18]. Figure 1 shows the effect of cybercrime that leads to payment fraud. As mentioned, cybersecurity awareness plays a vital role in fighting against cybercriminals. Thus, in realizing cybersecurity awareness, the following should be considered: (a) determining the various security topics and programs available for cybersecurity training, (b) investigating common mistakes in human behavior, and (c) determining the methods by which cybercriminals act. We are working to address these problems and use these solutions to protect individuals from cybercrimes.

The human factor is one of the major weak points in the information security of any organization. Increasing cybersecurity awareness among people is very important. However, existing methods face several challenging difficulties, such as depending on content that is outdated, not being attractive to people, people forgetting what they learned, being time-consuming, not being consistent, and facing potential security threats. Thus, effective cybersecurity awareness requires more than simply telling the person about what he or she needs to do and not do [19].

Moreover, there is a need for robust and efficient solutions, such as the advanced system model that can assess and increase the users’ cybersecurity awareness levels. The system should be secured. Thus, we propose a blockchain-enabled approach that consists of several program modules to increase the cybersecurity awareness levels of users.

1.1. Research Problem

The very extensive and difficult problem at hand is a lack of knowledge regarding information security basics, and its significance will become increasingly relevant as new technologies are developed. For instance, in the future, people will use modern technologies, and in parallel, the need for full protection of these technologies will grow. All global businesses, including large corporations and companies, will bring innovations to life. However, this is insufficient. Moreover, if the world needs good specialists for the development of these technologies (and there are very few), there will be an even greater need for cybersecurity specialists (especially those who protect the masses in such ways).

1.2. Research Importance

It is very important not only to know the basics of cybersecurity, but also to see the whole picture of cybercrime so as not to become another victim of cybercriminals. The point is that most types of cybercrime require an organization with execution as well as profitability [20]. In other words, knowledge is light, and ignorance is darkness. This problem also concerns information security. The varying attack types in existence illustrate how it is difficult to put any single exact, meaningful label on the size of the problem [21].

1.3. Possible Research Solutions

To reduce the risk of cybercrimes, the possible solutions to this problem are as follows:

• The study of common mistakes individuals make, which lead to them becoming the victims of cybercriminals, and taking advantage of these experiences;
• The development of a web-based program that will test for the common behaviors of cybercriminals;
• Monitoring the impact of cybercrime and giving a new view of cybercrimes by using the advantages of much cybersecurity information;
• The creation of more cybersecurity seminars and training programs about the cybercrime world and cybersecurity hygiene;
• The analysis and usage of advice from cybersecurity professionals and modern cybersecurity trends to prevent cybercrimes.

However, the most feasible solution from an efficiency perspective is to train users with the developed web-based program, which tests their cyber awareness levels. This should be implemented as a Linux-based web server, which holds a program that determines the cybersecurity awareness of the users. Additionally, there should be deployed Blockchain technology to protect the program from potential threats.

1.4. Research Contributions and Assessment

The contributions of this work, which are motivated by the above challenges, are summarized as follows:

• The developed web-based program helps many people test and improve their cybersecurity awareness levels.
• The developed web-based program is guaranteed to determine the cybersecurity bottlenecks of the tested users.
• The program results can be analyzed to train the tested users on advanced cybersecurity topics to preserve their high cybersecurity awareness.
• Blockchain technology is used to protect the WBCA program from any potential malicious threats. As a result, only legitimate users can successfully be entertained.

The WBCA program is designed and developed on the Java platform to assess these contributions. It is tested on the CentOS-based virtual private server in Almaty, Kazakhstan. The proposed WBCA program consists of four modules to test the users’ knowledge: (a) an initial knowledge check, (b) a lower cybersecurity awareness module, (c) an advanced knowledge-check module, and (d) a high cybersecurity awareness module. Furthermore, the WBCA program is secured using blockchain technology because the features of blockchain technology only allow legitimate users to access the program and block illegitimate users when they try to access the program.

1.5. Research Structure

The remainder of the paper is organized as follows. Section 2 presents the features of the existing literature. Section 3 presents the state-of-the-art system model. Section 4 presents the proposed cybersecurity awareness process. Section 5 presents the experimental results and provides the discussion of the results. Finally, the conclusion of the paper is presented in Section 6.

2. Related Work

In this section, the main characteristics of current approaches are deliberately discussed. The existing approaches can be categorized into general detection/prevention approaches and approaches based on emerging technologies, such as blockchain and artificial intelligence. The following Section 2.1 surveys the general detection/prevention approaches, whereas the approaches that utilize emerging technologies are surveyed in Section 2.2.

2.1. General Detection/Prevention Approaches

Nowadays, individuals employ various cybersecurity techniques to ensure that they are protected in cyberspace. One effective piece of technology utilized to mitigate cybercrimes is the point-of-sale device [22]. It protects individuals against malicious codes that trace Internet movements and enable attackers to obtain everything they type, including credit card information, bank account numbers, and passwords. Although this approach can protect individuals from malicious software, this advantage can only be applied locally on personal computers. Moreover, the software is not free; individuals must pay to use it.

A solution called “law enforcement strike back” was proposed by Dreyfuss [23]. This solution recommends that law enforcement officials utilize “electronic sanctions” to act in response to cybercrime activities, such as spreading different types of malware, worms, viruses, hacking techniques, and denial-of-service attempts. Despite the advantages that this proposed method has to offer to decrease the cybercrime rate, there is still a small issue regarding the details that this solution provides. The author did not cover certain cybersecurity issues and actions to precisely prevent/mitigate cybercrimes.

Eskandari et al. [24] proposed an effective web browser-based method to protect users against malicious code. This solution is a decent attempt to provide security at the browser level. For instance, this technique can block malicious ActiveX code, Java, and JavaScript activities. Furthermore, there is a built-in capability to enable predefined selection of low, medium low, medium, or high security levels. Furthermore, most malicious web attacks can be detected through monitoring all the browsing activities. Nevertheless, this method does not address the technology utilized to recognize these attacks. Moreover, it cannot identify zero-day attacks, which creates a vulnerability for web browsers.

Pessim and Marcio [21] concentrated on scaling the types of varying cyberattacks. The main aim of this study was to expand the scale of issues linked to both the community and the cybercrimes. However, this kind of solution comes with a price, as scaling causes difficulty in resolving issues. Burlison et al. [25] introduced a theoretical resolution known as “the development of user education and victim support”. Their solution involves technical staff who are responsible for deleting malicious phishing information after observing the suspicious activities. This support does not accurately measure the entire affected rate.

Cascavilla et al. [26] introduced a method to mitigate the risk of being targeted. This method combats cybercrimes utilizing various businesses’ countermeasures. The authors introduced some prevention rules and corporate-level rules to combat cybercrimes. This approach enforces specific business countermeasures that might only be customizable to certain organizations or regions; thus, it lacks a worldwide scale.

Tsakalidis and Kostas [27] believe that profitability and organizations are the major factors behind the presence of cybercrime. Therefore, they think concentrating on these aspects would effectively prevent cybercrime. Other potential aspects that motivate cybercrimes were not discussed.

Newhouse et al. [20] recommended sticking to the suggestions provided in the NIST cybersecurity framework to mitigate cybercrimes. This framework assists companies and government institutions in recognizing, coordinating, and assessing cybersecurity risks. The NIST recommends that organizations should realize that with the revolution in information security and technological innovation, people must continue to keep up to date on developments, and key online security measures must also be made, implemented, maintained, and continuously developed. This framework is decent because it can help deploy cybersecurity management schemes to protect against or mitigate cybersecurity violation attempts. The main issue with this framework is the lack of providing technical methods to avoid cybercrimes.

George and Dorothy [12] suggested a solution to diminish “hacktivism”. The authors believe the motivations of cybercriminals can be summarized as financial gain, obtaining consumer information or intellectual property, destruction of an institution’s reputation, or using “hacktivism” to express a political statement. However, other local factors were not considered by the authors.

Senarak [28] analyzed cybercrime evolution. The author found that cybercrime will cause organizations to open an increasing number of jobs in the upcoming five years. It is a valuable idea to gather information to help researchers/industries to develop effective solutions to prevent these cybercrimes. However, the authors did not provide practical ways to prevent these attacks.

Individual awareness regarding various malicious behaviors is of paramount importance. Cybercrime behaviors, such as phishing, scamming, and malicious activities, will enhance the cybercrime concept in the years to come [29]. However, not all malicious behaviors have been covered in this article.

2.2. Approaches Based on Emerging Technologies

The authors of [30] proposed a deep learning-based solution to detect cybersecurity threats. The authors proved the effectiveness of their approach using experimental analysis. The proposed solution achieved promising results. However, similar approaches must be tested in real environments to prove their effectiveness.

The BLOCkchain-Based Platform for Healthcare Information Exchange (BlocHIE) was introduced in [31]. The security requirements (privacy and authentication in particular) were evaluated by analyzing healthcare data extracted from different sources. Based on the evaluation, the authors implemented a pair of loosely coupled blockchains to process heterogeneous healthcare data. The privacy and authentication requirements were further fulfilled by integrating on-chain verification and off-chain storage. To enhance the system fairness among users and the throughput, the authors also proposed two packing algorithms. This platform is a useful solution because it can provide both privacy and authenticity. However, the system throughput and fairness might decrease the effectiveness of the platform.

The fairness-based transaction packing algorithm was introduced in [32]. Based on theoretical analysis, the authors deduced that fairness is somehow associated with the sum of waiting times of chosen transactions. Thus, a mini-heap-based optimal algorithm was presented, and the time complexity of this algorithm was analyzed to prove its effectiveness. The proposed algorithm achieved superior results compared to existing solutions in terms of both transaction response time and fairness.

Jiang et al. [33] proposed a protocol utilizing a bloom filter and a multi-keyword search. The proposed solution is efficient and enhances privacy preservation. To carry out a multi-keyword search process, the bloom filter is used to choose a low-frequency keyword in order to be utilized to filter the database. This procedure would decrease the computational complexity because the algorithm chooses a low-frequency keyword, meaning most of the data will be excluded. Moreover, the authors proposed a technique known as pseudorandom tags to perform each search process in a single round

3. System Model

This section presents a system scenario for calculating the information security awareness of users on the Internet and in network spaces. First, before we define the system model’s components, we should know that cybercrime is a crime committed on the Internet, on networks, or even against stationary computers. The cybersecurity awareness web program is significant software among the growing information security trends. To prove the limitations of the lack of cybersecurity basics, the system model consists of four parts:

• An initial knowledge-check
• A lower cybersecurity awareness module
• An advanced knowledge check
• A high cybersecurity awareness module

The initial knowledge check module checks the information security basics known by the user. The lower cybersecurity awareness module is responsible for identifying the low awareness of the user and giving appropriate feedback for the user’s bottlenecks. The advanced knowledge check module assesses the advanced information security basics possessed by the user. The high cybersecurity awareness module also identifies the high awareness of the user and gives appropriate feedback for the current user’s bottlenecks.

These four parts work consecutively through logical examinations and result retrievals, as shown through the blocks and arrows in the dataflow diagram depicted in Figure 2. First, it is necessary to ensure that the user has good knowledge of information security, and the program initially checks the current knowledge. If the user does not have this knowledge, then the situation is classified as “poor awareness” and the result is provided as “low cybersecurity awareness”. The next step is to check if the tested user has good knowledge. If the result is positive, the aggregation concludes that the user has excellent information security awareness (high cybersecurity awareness). Therefore, using this system model, we can determine the user’s cybersecurity awareness level. The system model realizes the need for increasing the cybersecurity awareness of users. If this model is implemented in the real world, the risks of cybercrimes can be minimized as users become more aware of information security basics. The use of a cybersecurity awareness web program not only ensures a high cybersecurity awareness level while testing users but also improves cybersecurity training efficiency.

4. Proposed Blockchain-Enabled Cybersecurity Awareness Process

This section shows the mechanism of how user knowledge is calculated in the field of information security in detail. The proposed WBCA consists of following processes.

• Counter Sorting Process
• Cybersecurity Awareness Assessment Process
• Blockchain-Enabled Susceptibility Detection Process

4.1. Counter Sorting Process

The proposed main components are used to calculate accurate results from the user’s replies, sort them, and arrange them so that the efficiency for each topic can be viewed. Each step defines the degree of aptitude that the user shows during testing on the web server. For this algorithm, we used the counting sort algorithm as a baseline sorting method to check the input entries of each user to assess their knowledge of cybersecurity. The counter sort approach is an efficient process for sorting an array of elements, each with a non-negative integer key mapped to the elements by some alphabet-to-numeric conversion scheme. It is a stable sorting technique that is used to sort objects according to keys that are small numbers. It counts the number of keys whose key values match. This sorting method is effective when the difference between different keys is not large; otherwise, it can increase the complexity of the space. Thus, its time complexity is given by

$$T_c=O(n+r)$$

(1)

where $T_c$ is the time complexity, $O(n+r)$ is the time function for measuring performance, n is the number of elements, and r is an element’s degree.

At the same time, its spatial complexity is identical:

$$S_c=O(n+r)$$

(2)

where $S_c$ is the space complexity.

The sorting process maps M the following input/output pairs:

$$M_{\left(I\right)}=\sum _{i=0}^{n-1}i\left\{A_{\left[0\right]}+A_{[n+1]}+\dots +A_{[n-1]}\right\}$$

(3)

where A is an array to be summed, and $M_{\left(I\right)}$ is the input mapping.

The process outputs a sorted permutation of A, called B, such that

$$M_{\left(O\right)}=\sum _{i=0}^{n+1}i\left\{B_{\left[0\right]}+B_{[n-1]}+\dots +B_{[n+1]}\right\}$$

(4)

where B is a sorted permutation of array A, and $M_{\left(O\right)}$ is the output mapping.

4.2. Cybersecurity Awareness Assessment Process

It comprises of a function with variables, and the function itself is based on the checking process for defining cybersecurity awareness. The function gives a positive output if and only if the following condition is true: The current cybersecurity knowledge is related to the good knowledge given by

$$F\left(x\right)=\forall x(x\in G_k\widehat{}x\notin B_k)$$

(5)

where x is the current cybersecurity knowledge, $G_k$ is the good cybersecurity knowledge, and $B_k$ is the bad cybersecurity knowledge.

In Algorithm 1, the process of defining cybersecurity awareness is shown.

Algorithm 1 Cybersecurity awareness assessment process

Input:$C_K,B_K,G_k$ in Output: $G_{k}or{B}_K$ out 1: Initialization:$\{C_K$: Current knowledge; $B_K$: Bad knowledge; $G_k$: Good knowledge; $A_l$: Low cybersecurity awareness; $A_h$: High cybersecurity awareness;} 2: Check$C_K\in B_K$ 3: if$C_K\in B_K$then 4:  Show $A_l$ 5:  Check $C_K\in G_K$ 6: end if 7: if$C_K\in G_K$then 8:  Show $A_h$ 9: end if 10: if$C_K!\in B_{K}and{C}_K!\in G_k$then 11:  Show $A_l$ 12: end if

In Algorithm 1, the cybersecurity awareness definition process is explained. In step 1, the variables are initialized to determine the process. At the beginning of the algorithm, the input and output processes are give to evaluating cybersecurity knowledge, respectively. Step 2 makes an initial check to see if the current cybersecurity knowledge is bad. Consequently, in step 4, the program shows the result as low knowledge. Next, steps 5–7 check if the current cybersecurity knowledge is good. Therefore, in steps 8–10, if the current cybersecurity knowledge is good, then the program outputs “high knowledge”. Finally, in step 11, the program determines whether the current information security basics are defined as neither good nor bad; it generally outputs this result as low knowledge by default. Using the results, it can be concluded that if the program outputs bad knowledge, it shows that the tested user has low cybersecurity awareness. Otherwise, the user has high cybersecurity awareness.

Let us define the cybercrime rate $C_r$ of the user that can be calculated as it relates to current knowledge:

$$C_r=C_k\times 100\%$$

(6)

Next, the overall cybercrime risk is used to assess the user’s risk of being the victim of a cybercrime, which can be calculated by

$$R_c=\frac{C_r+G_k}{B_k}$$

(7)

where $R_c$ is the overall cybercrime risk of the user.

On the other hand, the cybercrime delta between good cybersecurity knowledge and bad cybersecurity knowledge is shown in the following equation:

$$C_d=\frac{1}{G_k-B_k}$$

(8)

To calculate the inverse proportion of Equation (6), which is necessary to find the correct current knowledge, the equation is

$$However,C_k=\frac{C_r}{100\%}$$

(9)

Consequently, Equation (9) is simplified in this way, which is helpful for using only the current knowledge dependency:

$$R_c=\frac{C_k(G_k+1)}{B_k\times 100\%}$$

(10)

Based on the essential steps explained in the Algorithm 2, it is necessary to use the modus ponens of the cybersecurity awareness level. Therefore, the formula is as follows:

$$S_r=G_k\times 100\%$$

(11)

where $S_r$ denotes a successful result of the program’s test.

In other words, if the results are positive, then the user has high cybersecurity awareness:

$$F\left(S_r\right)=\forall x\left((x\in G_k)\widehat{}(x\in S_r)\right)$$

(12)

Theorem 1.

Suppose first that the user obtains good results from a web-based program. Consequently, the user has a good cybersecurity awareness $G_k$. Therefore, if the user has high cybersecurity awareness, then the risk of being the victim of cybercrimes is low $R_l$.

Proof. 

First, let us define the second instance of the theorem; thus, the following formula defines the high cybersecurity awareness as being inversely proportional to the risk of being a victim:

$$G_k=\frac{1}{R_l}$$

(13)

Consequently, we have two separate instances as follows. This is helpful for defining the bounds of the estimated program results:   

$${(G_k+S_r)}^u=\sum _{k=0}^n\left(\genfrac{}{}{0pt}{}{k}{u}\right){\left(\frac{1}{R_l}\right)}^k{G}_k^{u-k}$$

(14)

where u is the upper bound and k is the lower bound. Now, let us use the relative formula of good results and the sine equation for the first and second instances, which in turn should be used to check further graph data:

$$S_r=\frac{1}{R_l}\times \pi$$

(15)

$$sin\left(S_r\right)=2\pi \times sin\frac{1}{2}\left(R_l\right)$$

(16)

As a result, Equation (15) squared together with the first instance is inversely proportional to low cybercrime risk ($\pi$ is constant and removed from the formula), and the following equation is helpful for estimating the program results twice:

$$S_r^2=\frac{1}{R_l^2}$$

(17)

Consequently, combining the equations of $S_r$ and the sine of $S_r$ make the sine-based view of the estimated results more accurate:

$$sin(\frac{1}{R_l}\times \pi )=2\pi \times sin\frac{1}{2}\left(R_l\right)$$

(18)

Therefore, it is mathematically proven that if the user has good program results, then the risk of being the victim of cybercrimes is lower.   □

Corollary 1.

If the user has bad results from the web-based program, then their risk of being the victim of cybercrimes is high.

Good cybersecurity basics are now substituted by poor cybersecurity basics. Therefore, we have the corresponding cosine version of the equation:

$$cos(\frac{1}{R_l}\times \pi )=2\pi \times cos\frac{1}{2}\left(R_l\right)$$

(19)

Theorem 2.

If the user has high cybersecurity awareness $H_s$, then the user has a low chance of being the victim of cybercrimes $L_c$. However, the user has a high chance of being a victim of cybercrimes. Therefore, the user’s cybersecurity awareness is low.

Proof 

First, the given instances of this theorem are shown below, which demonstrate that if there is any current knowledge, it belongs to the high awareness category:

$$F\left(L_c\right)=\forall C_k(C_k\in H_s)$$

(20)

where $H_s$ is the user’s high cybersecurity awareness and $L_c$ denotes a low chance of being the victim of cybercrimes.

Next, assuming that the user has high cybersecurity awareness, let us integrate this assumption with Equation (20):

$${\int }_0^{L_c}{H}_s^{2}d{H}_s=\frac{L_c^3}{3}$$

(21)

Now let us use the conjunction of Equation (15) with the negation of $H_s$, which describes an integral part of high awareness between low chances and ordinary chances:

$$A\left(H_s\right)={\int }_c^{L_c}\left(H_s\right)d{H}_s$$

(22)

Next, let us define the mean of the low risk and low chance situations through the integration of the function of $H_s$:

$$A\left(H_s\right)={\int }_0^{R_l+L_c}f\left(H_s\right)d{H}_s=\frac{{(R_l+L_c)}^2}{2}$$

(23)

Finally, the conditional equations of the negation of $H_s$ and its cosine function are obtained, so we have the functional result of the integral parts:

$$f\left(H_s\right)=\frac{A(H_s+L_c)-A\left(x\right)}{x}$$

(24)

As a result, the user has a high chance of being the victim of cybercrimes, and the user has low cybersecurity awareness. The theorem is proven.   □

Property 1.

Cyber awareness Nondualism—the cyber awareness score result is always a positive or negative number.

For instance, if the final score of the web program shows bad cybersecurity knowledge, the output is a negative number. Otherwise, the program gives a positive number instead.

$$F\left(R_p\right)=\exists x\left((x\in G_k)\widehat{}(x\in B_k)\right)$$

(25)

where $R_p$ is the web program result.

In conclusion, we observe that the results of the proposed WBCA deduce only two results: good cybersecurity knowledge or bad cybersecurity knowledge.

4.3. Blockchain-Enabled Susceptibility Detection Process

The Blockchain activates the distributed ledger by replacing the existing centralized ledger structure. It provides security using hash encryption and a public key cryptographic algorithm. Our proposed WBCA is deployed on the cloud. Therefore, it is a possibility that it is exposed due to the vulnerability of the cloud and have threats launched on the WBCA server by the attacker. The attacker can generate similar cybersecurity tasks using the same digital signature because double occurrence is possible. The attacker can make it realty if it has a robust hashing capability and generated a longer private chain as compared to public key cryptography to perform such events. The probability of the susceptibility detection $P_{sd}$ is given by

$$P_{sd}={\left(\frac{x}{y},1\right)}^{max(y+1,0)}\left\{\begin{array}{cc}1\hfill & \mathrm{if}\gamma <0,x>y\hfill \\ {\left(\frac{x}{y}\right)}^{y+1}\hfill & \mathrm{if}\gamma \ge 0,x\le y\hfill \end{array}\right.$$

where $x,y$ are hash parameters of the legitimate user and attacker, respectively. $\gamma$ is the number of the blocks used by the WBCA program that provides an edge over the attacker.

If $\gamma$ turns positive, then the proposed WBCA program is capable of sending the blocks and overtaking the illegitimate users. The Blockchain-enabled susceptibility detection model for WBCA is shown in Figure 3. The WBCA server can transmit the data using Blockchain-enabled technology to restrict the potential threats encountered by the attacker. The Blockchain susceptibility detection process is explained in Algorithm 2.

Algorithm 2 Blockchain susceptibility detection process of defining the user’s vulnerability

Input:$C_U,I_U,R_U$ in Output: $C_{p}or{C}_r$ out 1: Initialization:$\{C_U$: Current user; $C_p$: Cybercrime prone; $C_r$: Cybercrime resistant; $I_U$: Insecure user; $R_U$: Reliable user;} 2: Check$C_U\in I_U$ 3: if$C_U\in I_U$then 4:  Show $C_P$ 5: end if 6: if$C_U\in R_U$then 7:  Show $C_r$ 8: end if 9: if $C_U!\in R_U$then 10:  Show $C_p$ 11: end if

Algorithm 2 shows the process of defining the user’s cybercrime proneness. In step 1, the variables are initialized to determine the process. The input and output processes are given at the beginning of the algorithm, respectively. Steps 2–3 check if the current user is insecure or reliable. If he/she is insecure, then in steps 4–5, the program outputs that the user is cybercrime prone. Next, step 6 checks if the user is reliable, then in steps 7–8, the web program outputs that the user is cybercrime resistant. Finally, in steps 10–11, if the current user is defined neither as insecure nor reliable, the program outputs the result as an insecure user by default.

Corollary 2.

If the user has a high chance of being a victim of attacker, then the user has low cybersecurity protection measures. The given chances tend to the maximum. Therefore, the cybersecurity protection is low.

Now, we have an integral function to assess the integral of low chances between high chances and ordinary chances:

$$B\left(L_s\right)={\int }_c^{H_c}{L}_{s}d{L}_s$$

(26)

where $H_c$ is a high chance of being a cybercrime victim and $L_s$ represents low cybersecurity awareness. Therefore, the conditional function is the same as for the conditional equation, which again shows the functional result of the integral parts:

$$f\left(L_s\right)=\frac{B(Ls+H_c)-B\left(x\right)}{x}$$

(27)

Property 2.

Cyber awareness Non-idealism—the user’s cybersecurity threat detection capability level always tends toward an idealistic result but never reaches it. For example, suppose that the user has 100% cybersecurity threat detection capability. However, as cutting-edge technologies are developed, the person must always observe the new cybersecurity trends.

$$F\left(C_{td}\right)=\nexists x\left(x\in (C_a\times 100\%)\right)$$

(28)

where $C_{td}$ is the cybersecurity threat detection capability level.

Based on the Properties 1 and 2, a hypothesis is introduced.

Hypothesis 1.

If $C_{td}+R_p=S$, where S is the overall security level; $x,y$, and z are natural numbers; and $x,y$, and $z>2$; then $C_{td},R_p$, and S possess the common security criteria.

Proof. 

To prove the hypothesis, let us introduce the entropy dependency of the input variables:

$$H\left(S^z\right)=H\left(C_a^x\right)+H\left(R_p^y\right)$$

(29)

where $H\left(S^z\right)$ is the entropy of the security level, $H\left(C_a^x\right)$ is the entropy of the cybersecurity threat detection capability level, and $H\left(R_p^y\right)$ is the entropy of the web program result. □

This equation helps us obtain the hypothetical entropy results of the given variables.

As $H\left(S\right)$ is the logarithm of S and other entropies are the logarithms of their variables, Equation (29) gives the logarithmic form of these entropies:

$$lo{g}_2{S}^z=lo{g}_2{C}_a^x+lo{g}_2{R}_p^y$$

(30)

Now let us write the same equation in a shorter form:

$$lo{g}_2{S}^z=lo{g}_2{C}_a^x\times R_p^y$$

(31)

This gives the simplified form of Equation (31). Consequently, let us simplify the equation; we see that using this simplest form, the overall security level consists of two factors: the cybersecurity threat detection capability level and the program results given by

$$S^z=C_a^x\times R_p^x$$

(32)

Next, we have a system that gives the two dependency forms of the overall security level. From these systems, providing that $x,y,$ and $z>2$, we have a trivial solution, and the system $S^z$ has only a single state:

$$\left\{\begin{array}{c}{S}^z=C_a^x\times R_p^y\hfill \\ S^z=C_a^x+R_p^y\hfill \end{array}\right.$$

(33)

Now, let us introduce the common security criteria for the calculations to define the mean factor of the cybercrime rate of Blockchain-enabled susceptibility given by

$$D=C_a^x\times R_p^y+S^z$$

(34)

where D denotes the common security criteria.

In addition to system (34), this formula achieves the summary of the overall security level plus its two independent factors.

Therefore, the common security criterion of $S^z$ is $D_{S^z}=D_{C_a^x}+1$, i.e., the criteria coefficients of $C_a^x$, $S^z$ also differ by 1:

$$\left\{\begin{array}{c}{R}_p^y\times D_{S^z}^y=S^z\hfill \\ R_p^y\times D_{C_a}^y=C_a^x\hfill \end{array}\right.$$

(35)

where $D_{S^z}^y$ denotes the common security criteria of $S^z$ and $D_{C_a}^y$ represents the common security criteria of $C_a^x$.

Now, we have proven the hypothesis, as this system finally shows that for each set of $C_a$, $R_p$, and S, the common security criteria of Blockchain technology is achieved.

Corollary 3.

For $D=0$, the above equation has several solutions.

For example, as they are natural numbers, the various solutions can be shown in the following equation:

$$D_{C_a^x}^y=a_1\left({(D_{S^z}+1)}^y-R_p^y\right)+1$$

(36)

That is, for $D=0$, the equation indeed derives various solutions from the cybersecurity criterion for each set of $C_a$, $R_p$, and S, so they have common security criteria.

Property 3.

Cyber awareness integrity—The user’s overall security level consists of the user’s susceptibility detection level and the positive or negative results obtained from the Blockchain technology. This property can be written as

$$D_{c_a^x}^y=a_1\left({(D_{S^z}+1)}^y-R_p^y\right)+1$$

(37)

Therefore, the overall security level is the sum of the cybersecurity susceptibility detection level and the performance of the proposed WBCA program.

5. Experimental Results

This section demonstrates the experimental results regarding the experimental setup, performance metrics, and finally result discussion.

5.1. Experimental Setup

The proposed WBCA uses a web server installed on a CentOS-based Linux distribution. To achieve the stated goals, a CentOS-based virtual private server is deployed and tested in Almaty, Kazakhstan, where the program consistency, quality ratio, user response time, solution efficiency, and threat avoidance capacity are monitored and calculated during testing process. The proposed WBCA is compared with the existing the state-of-the-art methods: Framework competence development and assessment(FCDA) [34], Integration of self-determination and flow (ISF) [35], modified total interpretive structural model (M-TISM) [36], Cybersecurity knowledge and skills(CKS) [37], and Cyber security awareness (CSA) [38].

These data are also calculated for the three most popular cybersecurity threats (email phishing, weak passwords, and virus). The minimal characteristics for the server hardware are Linux CentOS 7 x64 as the operating system, an Intel(R) Core (TM) i3-6100H with a frequency of 2.3 GHz and a cache size of 8192 kilobytes as the two-core processor, 4096 MB of random access memory, and a minimum of 50 gigabytes of hard disk space for collecting data. The required program component is Java SDK version 1.8.271u, and a monitor with a screen resolution of at least $920\times 1080$ is used to conduct the proper experiments. These necessary characteristics for the web server are summarized in

Table 1. Components of the web server.

Components	Version/The Name of the System
Personal computer	x64
Operating system	Linux CentOS 7
Java version	1.8.271u
Recommended screen resolution	$920\times 1080$
Processor	Intel(R) Core (TM) i3-6100H
Maker	Intel Xeon
RAM	4096 MB
Video memory	16 MB
Hard drive	50 GB (/dev/sda1)
CPU	2.300 GHz
Cache size	8192 KB

.

5.2. Performance Metrics

We determine the performance of the proposed WBCA and compared with the state-of-the-art contending programs. Therefore, the following parameters are used for conducting the experiments:

• Consistency
• Quality Ratio
• User Response Time
• Solution Efficiency
• Threat Avoidance Capacity

5.2.1. Consistency

The program consistency refers to the guarantee that the program follows the required rules to provide the stable outcomes. The user’s basic cybersecurity awareness consistency is calculated using the following equation:

$$C=\frac{C_a}{T_a}\times 100\%$$

(38)

where C is the cybersecurity awareness consistency, $C_a$ is the number of correct answers, and $T_a$ is the total number of answers.

The data in Figure 4 demonstrate the correlation between the number of answered questions using the proposed WBCA and its comparison with other programs. The result demonstrates the consistency and versus the time users take to solve the test questions. The calculated data used to define the cybersecurity awareness consistency levels of the tested users are depicted in Figure 4a, which illustrates the best cybersecurity topic (with 85% knowledge) demonstrates that our proposed WBCA produces 99.76% consistency; whereas the contending programs show 97.4–98.75% consistency. The CKS yields 97.4% consistency that is less than other contending programs.

5.2.2. Quality Ratio

Quality ratio refers to a quantitative factor that controls how efficiently the program uses its parameters to produce high performance. The users who pass the tests on the basic cybersecurity topics are further tested on advanced cybersecurity themes. However, in these calculations, we use the following equation of the quality ratio:

$$Q=\frac{N_t}{T}\times 100\%$$

(39)

where Q is the quality ratio, $N_t$ is the total number of steps used to solve advanced tasks, and T is the total time required to solve these tasks.

This ratio shows the final cybersecurity awareness levels of the tested users. Consequently, we analyze the correlation between the time and the quality ratio. The result demonstrates in Figure 4b that the proposed WBCA has a 99.97% quality ratio, whereas the contending programs have a 98.08–99.38% quality ratio. N-TISM has a lower quality ratio. The main reason for not completing tasks is that the contending programs are affected due to malicious threats compared to the proposed WBCA program.

5.2.3. User Response Time

It refers to an important measurement indicator that demonstrates how much time the user gets for the task completion. It is the time that is required to complete the given cybersecurity tasks. Two different experiments are conducted. In the first experiment, time is measured for the basic cybersecurity tasks. In the second experiment, time is measured for the advanced tasks. Therefore, the basic task is calculated as

$$C_{bt}=\frac{n_u}{t_w}\times 100\%$$

(40)

where $C_{bt}$ is the correlation between the number of users and time wasted when solving basic cybersecurity tasks, $n_u$ is the number of users, and $t_w$ is the time wasted when solving basic cybersecurity tasks.

Based on the result, we determine that a maximum of 90 users complete their basic cybersecurity tasks in 29.58 min with the proposed WBCA program, whereas M-TISM, ISF, FDCA, CSA, and CKS help the users to complete their tasks in 39.58, 37.31, 35.01, 32.41, and 49.59 min, respectively. In the second experiment, the proposed WBCA program takes 33.01 min to help the 90 users to complete their advanced cybersecurity tasks, while the contending programs M-TISM, ISF, FDCA, CSA, and CKS support the users to finish their advanced cybersecurity tasks in 42.05, 45.01, 51.09, 39.03, and 57.23, respectively.

5.2.4. Solution Efficiency

Two experiments have been conducted to determine the solution efficiency. In the first experiment, the solution efficiency of the basic cybersecurity tasks is determined. In the second experiment, the solution efficiency of the advanced cybersecurity tasks is identified. The solution efficiency of the basic tasks is calculated as

$$S_{eb}=\frac{t_b}{n_b}\times 100\%$$

(41)

where $S_{eb}$ is the solution efficiency of the basic tasks, $n_b$ is the number of basic cybersecurity tasks, and $t_b$ is the wasted time to solve these basic cybersecurity tasks.

Figure 4c shows the solution efficiency of the proposed WBCA and contending state-of-the-art programs. The results demonstrate that the solution efficiency of the proposed WBCA is found to be 100%, while the solution efficiency of the contending program is 98.06–99.65%. Based on the result, we conclude that the proposed WBCA program is working efficiently. On the other hand, the contending programs reduce the solution efficiency. The CKS program is highly affected as compared to other contending programs. When we conduct the second experiment with the advanced cybersecurity tasks, the performance of the proposed WBCA is slightly reduced despite the fact that it gets 99.34%, which is much higher than contending programs depicted in Figure 5a. Based on the results, we observed that the contending programs show a lower solution efficiency of 95.48–98.12%. The CKS is again producing lower solution efficiency.

Therefore, the solution efficiency of the advanced tasks is calculated as

$$S_{ea}=\frac{t_a}{n_a}\times 100\%$$

(42)

where $S_{ea}$ is the solution efficiency of the advanced tasks, $n_a$ is the number of advanced cybersecurity tasks, and $t_a$ is the time wasted when solving these advanced cybersecurity tasks.

5.2.5. Threat Avoidance Capacity

The program can eliminate the malicious activities and exposures that negatively affect the performance of the program. Here, different scenarios are generated to determine the threat avoidance effectiveness of the proposed WBCA and competing programs. In Figure 6a, a maximum of 900 different types of threats (Denial of Service, Man-in-the-Middle, Malware, Phishing, and spam) have been generated. The result demonstrates that the proposed WBCA has a 99.32% threat avoidance capacity, whereas the contending programs have 95.52–97.72% threat avoidance capacity. ISF shows the lower 95.52% threat avoidance capacity as compared to other contending programs.

When the number of threats is maximized up to 1800, the threat avoidance capacity of the proposed WBCA is not highly affected. Despite the increase in the number of threats, the proposed WBCA shows 99.11% threat avoidance capacity. On the other hand, the contending programs are highly affected by maximizing the number of threats. The contending programs show the threat avoidance capacity of 93.81–95.04% depicted in Figure 6b. The main reason for getting the higher threat avoidance capacity is to use Blockchain technology that greatly reduces the potential threats.

5.3. Result Discussion

The proposed WBCA program consists of several program modules. The first module is responsible for defining the primary cybersecurity awareness outcome. The second module is responsible for deriving the result of the initial check, which ensures the information security knowledge of the user. As the simple counting sort algorithm is used for verification, the program does not require significant resources, and the user does not need a powerful technique to use it. Moreover, the proposed WBCA program uses Blockchain technology to avoid any potential threat. The proposed WBCA shows higher performance than competing programs (M-TISM, ISF, FDCA, CSA, and CKS) from the perspective of consistency, quality ratio, user response time, solution efficiency, and threat avoidance capacity shown in

Table 2. Comparative Analysis of the proposed WBCA and contending programs: (M-TISM, ISF, FDCA, CSA, and CKS).

Programs	Consistency	Quality Ratio	User Response Time in Minutes (Basic Task)	User Response Time in Minutes (Advanced Task)	Efficiency (Basic Task)	Efficiency (Advanced Task)	Threat Avoidance (900 Threats)	Threat Avoidance (1800 Threats)
M-TISM	98.0%	98.08%	39.58	42.05	99.26%	97.01%	96.06%	95.04%
ISF	98.75%	98.61%	37.31	45.01	99.65%	98.12%	95.52%	98.17%
FDCA	98.17%	99.38%	37.31	51.09	98.88%	97.85%	97.72%	93.81%
CSA	98.37%	98.39%	32.41	39.03	98.52%	96.11%	96.92%	96.16%
CKS	97.4%	98.78%	49.59	57.23	98.06%	95.48%	96.92%	95.54%
WBCA	99.76%	99.97%	29.58	33.01	100 %	99.34%	99.32%	99.11%

. The proposed WBCA makes it possible to easily determine what level of information security awareness a person has. Regardless of the result, the program hints at the shortcomings of the user in terms of the testing errors and gives recommendations for studying the relevant information security topics. Additionally, a big plus for the user is that the program is free, has an open license, and will always be available for download and further use. If there are sudden problems while using this program, the user can always leave feedback through the developer’s email. However, it is worth noting a couple of disadvantages regarding this program. This program only checks the basic information security awareness level of the user. At the moment, the program is not intended for advanced information security awareness testing. However, this drawback is insignificant, and in the future, people can always add an extended database of advanced questions to it. In the end, we can say that an effective program has been created to identify the current level of information security awareness possessed by any individual.

6. Conclusions

This paper introduces a novel WBCA program for promoting high cybersecurity awareness among users. The proposed WBCA works via three modules. The user is tested on common cybersecurity questions and tasks, such as email phishing and weak password policies, and then the program checks if the user has good basic knowledge by making tests regarding advanced cybersecurity topics. The advantage of the proposed WBCA program is the strong check for current cybersecurity trends in the usual process of user behavior. This helps to determine if the person is sufficiently cybercrime resistant. The effectiveness of the proposed WBCA is tested on different metrics (consistency, quality ratio, user response time, solution efficiency, and threat avoidance capacity) and compared to the state-of-the-art programs. The comparative analysis with several topics regarding typical cybercriminal attacks on the users is performed. The proposed WBCA shows higher consistency, quality ratio, user response time, solution efficiency, and threat avoidance capacity than the contending programs (M-TISM, ISF, FDCA, CSA, and CKS). Based on the results, it is proved that WBCA is a good choice for testing if the current information security basics are sufficient to ensure that the person will minimize the risk of being a cybercrime victim. In the future, we will conduct advanced information security awareness testing. Additionally, we will also add an extended database of advanced questions to it.