Publications

My publication profiles can also be accessed on Google Scholar, dblp, arXiv, RG.

Featured articles

2024: ‘There was a bit of PTSD every time I walked through the office door’: Ransomware harms and the factors that influence the victim organization’s experience [oup]	2023: Between a rock and a hard (ening) place: Cyber insurance in the ransomware era (C&S) [doi]	2021: Cyber security in the age of covid-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic (C&S) [doi]

2024

Mott, G., Turner, S., Nurse, J.R.C., Pattnaik, N., MacColl, J., Huesch, P., & Sullivan, J. (2024). 'There was a bit of PTSD every time I walked through the office door': Ransomware harms and the factors that influence the victim organization's experience. Journal of Cybersecurity, 10(1). Oxford University Press. [pdf] [doi]
Adriko, R., & Nurse, J.R.C. (2024). Does Cyber Insurance promote Cyber Security Best Practice? An Analysis based on Insurance Application Forms. Digital Threats: Research and Practice. ACM. [pdf] [doi]
Sugiura, L., Button, M., Nurse, J.R.C., Tapley, J., Saglam, R. B., Hawkins, C., Frederick, B., & Blackbourn, D. (2024). The technification of domestic abuse: Methods, tools and criminal justice responses. Criminology & Criminal Justice, SAGE. [pdf] [doi]
Adriko, R., & Nurse, J.R.C. (2024). Cybersecurity, Cyber insurance, and Small-to-Medium-sized Enterprises: A Systematic Review. Information and Computer Security. Emerald. [pdf] [doi]
Zahrah, F., Nurse, J.R.C., & Goldsmith, M. (2024). Unmasking hate in the pandemic: A cross-platform study of the COVID-19 infodemic. Big Data Research, 37, 100481. Elsevier. [pdf] [doi]
Johansmeyer, T., Mott, G., & Nurse, J.R.C. (2024). Cyber Strategy in Practice: The Evolution of US, Russian and Ukrainian National Cyber Security Strategies through the Experience of War. The RUSI Journal, 1-12. [pdf] [doi]
Patterson, C.M., Nurse, J.R.C., & Franqueira, V.N.L. (2024). “I don't think we're there yet”: The practices and challenges of organisational learning from cyber security incidents. Computers & Security, 139, 103699. Elsevier. [pdf] [doi]
Jones, K., Zahrah, F., & Nurse, J.R.C. (2024). Embedding Privacy in Computational Social Science and Artificial Intelligence Research. AAAI International AAAI Conference on Web and Social Media (ICWSM) Workshop Proceedings. AAAI. [pdf] [doi]

2023

Pattnaik, N., Nurse, J.R.C., Turner, S., Mott, G., MacColl, J., Huesch, P., & Sullivan, J. (2023). It's more than just money: The real-world harms from ransomware attacks. In International Symposium on Human Aspects of Information Security and Assurance (pp. 261-274). Cham: Springer Nature Switzerland. [pdf] [doi]
Bada, M., & Nurse, J.R.C. (2023). Exploring Cybercriminal Activities, Behaviors, and Profiles. In Applied Cognitive Science and Technology: Implications of Interactions Between Human Cognition and Technology (pp. 109-120). Singapore: Springer Nature Singapore. [pdf] [doi]
Patterson, C.M., Nurse, J.R.C., & Franqueira, V.N.L. (2023). Learning from cyber security incidents: A systematic review and future research agenda. Computers & Security. Elsevier. [pdf] [doi]
Mott, G., Turner, S., Nurse, J.R.C., MacColl, J., Sullivan, J., Cartwright, A., & Cartwright, E. (2023). Between a rock and a hard (ening) place: Cyber insurance in the ransomware era. Computers & Security. Elsevier. [pdf] [doi]
Bada, M., Furnell, S., Nurse, J.R.C., & Dymydiuk, J. (2023). Supporting Small and Medium-sized Enterprises in using Privacy Enhancing Technologies. 5th International Conference on HCI for Cybersecurity, Privacy and Trust, HCII. Springer. [pdf] [doi]
Mott, G., Nurse, J.R.C., & Baker-Beall, C. (2023). Preparing for future cyber crises: lessons from governance of the coronavirus pandemic. Policy Design and Practice. T&F. [pdf] [doi]
Cartwright, A., Cartwright, E., MacColl, J., Mott, G., Turner, S., Sullivan, J., & Nurse, J.R.C. (2023). How cyber insurance influences the ransomware payment decision: theory and evidence. The Geneva Papers on Risk and Insurance-Issues and Practice. Springer. [pdf] [doi]
Pattnaik, N., Li, S., & Nurse, J.R.C. (2023). Perspectives of non-expert users on cyber security and privacy: An analysis of online discussions on Twitter. Computers & Security (C&S). Elsevier. [pdf] [doi] [arXiv]

2022

Pattnaik, N., Li, S., & Nurse, J.R.C. (2022). A Survey of User Perspectives on Security and Privacy in a Home Networking Environment. ACM Computing Surveys (CSUR). ACM. [pdf] [doi] [arXiv]
Panteli, N., Nurse, J.R.C,, Collins, E., & Williams, N. (2022). Trust disruption and preservation in the Covid-19 work from home context. Journal of Workplace Learning. Emerald. [pdf] [doi]
Erola, A., Agrafiotis, I., Nurse, J.R.C., Axon, L., Goldsmith, M., & Creese, S. (2022). A system to calculate cyber-value-at-risk. Computers & Security, 113, 102545. Elsevier. [pdf] [doi]
Belen Sağlam, R., Nurse, J.R.C., & Hodges, D. (2022). An Investigation into the Sensitivity of Personal Information and Implications for Disclosure: A UK Perspective. Frontiers in Computer Science. [pdf] [doi]
Belen Sağlam, R., Nurse, J.R.C., & Hodges, D. (2022). Personal Information: Perceptions, Types and Evolution. Journal of Information Security and Applications. Elsevier. [pdf] [doi]
Jones, K., Nurse, J.R.C., & Li, S. (2022). Are You Robert or RoBERTa? Deceiving Online Authorship Attribution Models Using Neural Text Generators. In Proceedings of the International AAAI Conference on Web and Social Media (Vol. 16, pp. 429-440). [pdf] [doi]
Jones, K., Nurse, J.R.C., & Li, S. (2022). Out of the Shadows: Analyzing Anonymous' Twitter Resurgence during the 2020 Black Lives Matter Protests. In Proceedings of the 16th International AAAI Conference on Web and Social Media. AAAI. [pdf] [arXiv]
Turner, S., Nurse, J.R.C., & Li, S. (2022). "It was hard to find the words": Using an Autoethnographic Diary Study to Understand the Difficulties of Smart Home Cyber Security Practices. In Proceedings of the ACM CHI Conference on Human Factors in Computing Systems. ACM. [pdf] [doi] [arXiv]
Zahrah, F., Nurse, J.R.C., & Goldsmith, M. (2022). A comparison of online hate on Reddit and 4chan: a case study of the 2020 US election. In Proceedings of the 37th ACM/SIGAPP Symposium On Applied Computing (SAC'22). ACM. [pdf] [doi] [arXiv]
Shere, A. R., Nurse, J.R.C., & Martin, A. (2022). Threats to Journalists from the Consumer Internet of Things. In Proceedings of the 2022 International Conference on Cybersecurity, Situational Awareness and Social Media. Proceedings in Complexity, Springer. [pdf]

Jump back to the top

2021

Lallie, H. S., Shepherd, L. A., Nurse, J.R.C., Erola, A., Epiphaniou, G., Maple, C., & Bellekens, X. (2021). Cyber security in the age of covid-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers & Security, 105, 102248. Elsevier. [pdf] [doi] [arXiv]
Uchendu, B., Nurse, J.R.C., Bada, M., & Furnell, S. (2021). Developing a cyber security culture: Current practices and future needs. Computers & Security, 102387. Elsevier. [pdf] [doi] [arXiv]
Jones, K., Nurse, J.R.C., & Li, S. (2021). The Shadowy Lives of Emojis: An Analysis of a Hacktivist Collective's Use of Emojis on Twitter. Workshop Proceedings of the 15th International AAAI Conference on Web and Social Media (ICWSM-21). [pdf] [doi] [arXiv]
Bada, M. & Nurse, J.R.C., (2021) "Profiling the Cybercriminal: A Systematic Review of Research," International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), pp. 1-8, IEEE. [pdf] [doi] [arXiv]
Turner S., Nurse J.R.C., & Li S. (2021) When Googling It Doesn't Work: The Challenge of Finding Security Advice for Smart Home Devices. In: Furnell S., Clarke N. (eds) Human Aspects of Information Security and Assurance. HAISA 2021. IFIP Advances in Information and Communication Technology, vol 613. Springer, Cham. [pdf] [doi] [arXiv]
Jaffray A., Finn C., & Nurse J.R.C. (2021) SherLOCKED: A Detective-Themed Serious Game for Cyber Security Education. In: Furnell S., Clarke N. (eds) Human Aspects of Information Security and Assurance. HAISA 2021. IFIP Advances in Information and Communication Technology, vol 613. Springer, Cham. [pdf] [doi] [arXiv]
Sharma, S., Brennan, J., & Nurse, J.R.C. (2021) StockBabble: A Conversational Financial Agent to support Stock Market Investors. In: the 3rd Conference on Conversational User Interfaces (CUI 2021). ACM. [pdf] [doi] [arXiv]
Nurse J.R.C., Williams N., Collins E., Panteli N., Blythe J., & Koppelman B. (2021) Remote Working Pre- and Post-COVID-19: An Analysis of New Threats and Risks to Security and Privacy. In: Stephanidis C., Antona M., Ntoa S. (eds) HCI International 2021. HCII 2021. Communications in Computer and Information Science, vol 1421. Springer, Cham. [pdf] [doi] [arXiv]
Belen Saglam R., Nurse J.R.C., Hodges D. (2021) Privacy Concerns in Chatbot Interactions: When to Trust and When to Worry. In: Stephanidis C., Antona M., Ntoa S. (eds) HCI International 2021. HCII 2021. Communications in Computer and Information Science, vol 1420. Springer, Cham. [pdf] [doi] [arXiv]
Buckley, O., Nurse, J.R.C., Wyer, N., Dawes, H., Hodges, D., Earl, S., Belen Sağlam, R. (2021) Sharing Secrets with Agents: Improving Sensitive Disclosures Using Chatbots. In: Stephanidis C., Antona M., Ntoa S. (eds) HCI International 2021. HCII 2021. Communications in Computer and Information Science, vol 1420. Springer, Cham. [pdf] [doi]
Nurse, J.R.C. (2021) Cybersecurity Awareness. Encyclopedia of Cryptography, Security and Privacy. Springer. [pdf] [doi] [arXiv]
Ani, U.P., Watson, J.M., Green, B., Craggs, B., & Nurse, J.R.C., (2021) Design Considerations for Building Credible Security Testbeds: Perspectives from Industrial Control System Use Cases, Journal of Cyber Security Technology, 5:2, 71-119. [pdf] [doi]
Radanliev, P., De Roure, D., Van Kleek, M., Ani, U., Burnap, P., Anthi, E., Nurse, J.R.C., Santos, O., Montalvo, R. M. & Maddox L. (2021). Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge. Environment Systems and Decisions, 41(2), 236-247. Springer. [pdf] [doi] [arXiv]

Jump back to the top

2020

Knight, R., & Nurse, J.R.C. (2020). A Framework for Effective Corporate Communication after Cyber Security Incidents. Computers & Security, 99, Dec. Elsevier. [pdf] [doi] [arXiv] [RG]
Jones, K., Nurse, J.R.C., & Li, S. (2020). Behind the Mask: A Computational Study of Anonymous’ Presence on Twitter. In Proceedings of the 14th International AAAI Conference on Web and Social Media (Vol. 14, pp. 327-338). (Best Paper Honorable Mention) [pdf] [doi] [RG]
Nurse, J.R.C., Axon, L., Erola, A., Agrafiotis, I., Goldsmith, M., & Creese, S. (2020). The Data that Drives Cyber Insurance: A Study into the Underwriting and Claims Processes, in 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). IEEE. [pdf] [doi] [arXiv] [RG]
Stevens, F., Nurse, J.R.C. & Arief, B. (2020) Cyber Stalking, Cyber Harassment and Adult Mental Health: A Systematic Review. In: Cyberpsychology, Behavior, and Social Networking Journal. Mary Ann Liebert, Inc., Pubs. [pdf] [doi] [RG]
Shere, A.R.K. and Nurse, J.R.C. & Flechais, I. (2020) Security should be there by default: Investigating how journalists perceive and respond to risks from the Internet of Things. In: 5th European Workshop on Usable Security (EuroUSEC 2020) at the 2020 IEEE European Symposium on Security and Privacy (EuroS&P). IEEE. [pdf] [doi] [arXiv] [RG]
Belen Sağlam, R., Nurse, J.R.C. (2020) Is your chatbot GDPR compliant? Open issues in agent design. In: 2020 International Conference on Conversational User Interfaces (CUI). ACM. (Honourable Mention Award) [pdf] [doi] [arXiv] [RG]
Zahrah, F., Nurse, J.R.C., Goldsmith, M. (2020) #ISIS vs #ActionCountersTerrorism: A Computational Analysis of Extremist and Counter-extremist Twitter Narratives. In: 2nd Workshop on Attackers and Cyber-Crime Operations (WACCO), at the IEEE European Symposium on Security and Privacy (Euro S&P).IEEE. [pdf] [doi] [arXiv] [RG]
Axon, L., AlAhmadi, B. A., Nurse, J.R.C., Goldsmith, M., & Creese, S. (2020). Data presentation in security operations centres: exploring the potential for sonification to enhance existing practice. Journal of Cybersecurity, 6(1). OUP. [pdf] [doi]
Halgaš, L., Agrafiotis, I., & Nurse, J.R.C. (2019). Catching the Phish: Detecting Phishing Attacks using Recurrent Neural Networks (RNNs). In International Workshop on Information Security Applications (pp. 219-233). Springer, Cham. [pdf] [doi] [arXiv] [RG]
Giasemidis, G., Kaplis, N., Agrafiotis, I., & Nurse, J.R.C., (2018). A semi-supervised approach to message stance classification. IEEE Transactions on Knowledge and Data Engineering, 32(1), 1-11. [pdf] [doi] [arXiv] [RG]
Bada, M., & Nurse, J.R.C. (2020). The social and psychological impact of cyberattacks. In Emerging Cyber Threats and Cognitive Vulnerabilities (pp. 73-92). Academic Press. [pdf] [doi] [arXiv] [RG]
Radanliev, P., De Roure, D., Page, K., Nurse, J.R.C., Mantilla Montalvo, R., Santos, O., & Burnap, P. (2020). Cyber risk at the edge: current and future trends on cyber risk analytics and artificial intelligence in the industrial internet of things and industry 4.0 supply chains. Cybersecurity, 3, 1-21. [pdf] [doi]
Radanliev, P., De Roure, D. C., Nurse, J.R.C., Montalvo, R. M., Cannady, S., Santos, O., & Maple, C. (2020). Future developments in standardisation of cyber risk in the Internet of Things (IoT). SN Applied Sciences, 2(2), 169. [pdf] [doi] [RG]
Ani, U.D., Watson, J. M., Carr, M., Cook, A., & Nurse, J.R.C. (2020). A review of the use and utility of industrial network-based open source simulators: functionality, security, and policy viewpoints. The Journal of Defense Modeling and Simulation. SAGE. [doi]

Jump back to the top

2019

Williams, M., Nurse, J.R.C. and Creese, S., “Smartwatch games: Encouraging privacy-protective behaviour in a longitudinal study”, in Computers in Human Behavior, 2019. Elsevier. [pdf] [doi] [arXiv] [RG]
Williams, M., Nurse, J.R.C., & Creese, S. “(Smart)Watch Out! encouraging privacy-protective behavior through interactive games”. International Journal of Human-Computer Studies, 2019, 132, 121-137. [pdf] [doi] [RG]
Bada, M. and Nurse, J.R.C., “Developing cybersecurity education and awareness programmes for small and medium-sized enterprises (SMEs)”, in the Information and Computer Security Journal, 2019. [pdf] [doi][arXiv][RG]
Nouh, M., Nurse, J.R.C. and Goldsmith, M., “Understanding the Radical Mind: Identifying Signals to Detect Extremist Content on Twitter”, in proceedings of the 17th IEEE International Conference on Intelligence and Security Informatics (ISI 2019). IEEE. [pdf] [doi] [arXiv][RG]
Buckley, O. and Nurse, J.R.C., “The Language of Biometrics: Analysing Public Perceptions”, in the Journal of Information Security and Applications (JISA), volume 47, 2019. Elsevier. [pdf][doi] [arXiv] [RG].
Nouh, M., Nurse, J.R.C., Webb, H. and Goldsmith, M. “Cybercrime Investigators are Users Too! Understanding the Socio-Technical Challenges Faced by Law Enforcement”, in proceedings of the Workshop on Usable Security (USEC) at Network and Distributed System Security Symposium (NDSS 2019). Internet Society. (Distinguished Poster Presentation Award at NDSS)[pdf] [doi] [arXiv] [RG]
Webb, H., Nurse, J.R.C., Bezuidenhout, L. and Jirotka, M., “Lab Hackathons to Overcome Laboratory Equipment Shortages in Africa: Opportunities and Challenges” in proceedings of the ACM CHI Conference on Human Factors in Computing Systems Extended Abstracts, 2019. ACM. [pdf] [doi] [arXiv] [RG]
Akinrolabu, O., Nurse, J.R.C., Martin, A., & New, S. “Cyber risk assessment in cloud provider environments: Current models and future needs”. Computers & Security, 2019, 87. [pdf] [doi] [RG]
Ani, U. D., Watson, J. D. M., Nurse, J.R.C., Cook, A., & Maple, C., “A review of critical infrastructure protection approaches: Improving security through responsiveness to the dynamic modelling landscape”. In Living in the Internet of Things (IoT 2019) (pp. 1-15). IET. [pdf] [doi] [arXiv] [RG]

Jump back to the top

2018

Agrafiotis, I, Nurse, J.R.C., Goldsmith, M. Creese, S. and Upton, D. “A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate”, in the Journal of Cybersecurity, volume 4, issue 1, 2018. Oxford University Press. DOI: . [pdf] [doi]
Axon, L., Alahmadi, B., Nurse, J.R.C., Goldsmith, M., and Creese, S., “Sonification in Security Operations Centres: What do Security Practitioners Think?”, in proceedings of the Workshop on Usable Security (USEC) at the Network and Distributed System Security Symposium (NDSS 2018). ((Best Paper Award() [pdf] [arXiv] [RG]
Kingston, C., Nurse, J.R.C., Agrafiotis, I and Milich, A., “Using semantic clustering to support situation awareness on Twitter: The case of World Views”, in the Human-centric Computing and Information Sciences Journal (HCIS), 2018. Springer. [pdf] [doi] [arXiv]
Sirur, S., Nurse, J.R.C. and Webb, H., “Are we there yet? Understanding the challenges faced in complying with the General Data Protection Regulation (GDPR)”, in proceedings of the International Workshop on Multimedia Privacy and Security (MPS) at the 25th ACM Conference on Computer and Communications Security (CCS 2018). ACM. [pdf] [doi] [arXiv] [RG]
Nurse, J.R.C., Radanliev, P., Creese, S. and De Roure, D., “If you can’t understand it, you can’t properly assess it! The reality of assessing security risks in Internet of Things systems”, in proceedings of the PETRAS Conference: Cybersecurity of the IoT, 2018. IET. DOI: 10.1049/cp.2018.0001. [pdf] [doi] [arXiv] [RG]
Sturgess, J., Nurse, J.R.C. and Zhao, J., “A Capability-oriented Approach to Assessing Privacy Risk in Smart Home Ecosystems”, in proceedings of the PETRAS Conference: Cybersecurity of the IoT, 2018. IET. [pdf] [doi] [RG]
Radanliev, P., De Roure, D., Nurse, J.R.C., Nicolescu, R., Huth, M., Cannady, C. and Montalvo, R.M., “Integration of Cyber Security Frameworks, Models and Approaches for building Design Principles for the Internet-of-Things in Industry 4.0”, in proceedings of the PETRAS Conference: Cybersecurity of the IoT, 2018. IET. [pdf] [doi] [RG]
Happa, J., Nurse, J.R.C., Goldsmith, M., Creese, S. and Williams, R., “An Ethics Framework for Research into Heterogeneous Systems”, in proceedings of the PETRAS Conference: Cybersecurity of the IoT, 2018. IET. [pdf] [doi] [RG]
Nurse, J.R.C., “Cybercrime and you: How criminals attack and the human factors that make such attacks successful” Oxford Handbook of Cyberpsychology, 2nd edition. 2018. Oxford, Oxford University Press. [pdf] [doi] [arXiv] [RG
Nurse, J.R.C. and Bada, M., “The Group Element of Cybercrime: Types, Dynamics and Criminal Operations” Oxford Handbook of Cyberpsychology, 2nd edition. 2018. Oxford, Oxford University Press. [pdf] [doi] [arXiv] [RG]
Taylor, P., Allpress, S., Carr, M., Lupu, E., Norton, J., Smith, L., Blackstock, J., Boyes, H., Hudson-Smith, A., Brass, I., Chizari, H., Cooper, R., Coulton, P., Craggs, B.,Davies, N., De Roure, D., Elsden, M., Huth, M., Lindley, J., Maple, C., Mittelstadt, B., Nicolescu, R., Nurse, J.R.C., Procter, R., Radanliev, P., Rashid, A., Sgandurra, D., Skatova, A., Taddeo, M., Tanczer, L., Vieira-Steiner, R., Watson, J.D.M., Wachter, S., Wakenshaw, S., Carvalho, G., Thompson, R.J., Westbury, P.S. “Internet of Things: Realising the Potential of a Trusted Smart World”. 2018. Royal Academy of Engineering: London. [pdf]

Jump back to the top

2017

Williams, M., Nurse, J.R.C., and Creese, S., “Privacy is the boring bit: User Perceptions and Behaviour in the Internet-of-Things”, in proceedings of the 15th International Conference on Privacy, Security and Trust (PST), 2017. IEEE. DOI: [doi]
Nurse, J.R.C. and Buckley, O., “Behind the Scenes: A Cross-country Study into Third-party Website referencing and the Online Advertising Ecosystem”, in the Journal of Human-centric Computing and Information Sciences (HCIS), 2017. Springer. DOI: [doi]
Aktypi, A., Nurse, J.R.C., and Goldsmith, M., “Unwinding Ariadne’s Identity Thread: Privacy Risks with Fitness Trackers and Online Social Networks”, in proceedings of the Workshop on Multimedia Privacy and Security at 24th ACM Conference on Computer and Communication Security (CCS 2017). ACM. DOI: [doi]
Nurse, J.R.C., Creese, S., and De Roure, D., “Security Risk Assessment in Internet of Things Systems”, in IEEE IT Professional, October, 2017. IEEE. DOI: [doi]
Woods, D., Agrafiotis, I., Nurse, J.R.C., and Creese, S., “Mapping the Coverage of Security Controls in Cyber Insurance Proposal Forms”, in the Journal of Internet Services and Applications, 2017. Springer. DOI: [doi]
Nurse, J.R.C., Agrafiotis, I., Erola, A., Bada, M., Roberts, T., Williams, M., Goldsmith, M. and Creese, S., “An Assessment of the Security and Transparency Procedural Components of the Estonian Internet Voting System”, in proceedings of the International Conference on Human Aspects of Information Security, Privacy and Trust (HAS), and the 19th International Conference on Human-Computer Interaction (HCI 2017). Springer. DOI: [doi]
Kritzinger E., Bada M., Nurse J.R.C., “A Study into the Cybersecurity Awareness Initiatives for School Learners in South Africa and the UK”, in: Bishop M., Futcher L., Miloslavskaya N., Theocharidou M. (eds) Information Security Education for a Global Digital Society. WISE 2017. IFIP Advances in Information and Communication Technology, volume 503. 2017. Springer. DOI: [doi]
Nurse, J.R.C. and Bertino, E., “Insider Threat Solutions - Moving from Concept to Reality”, in the Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, volume 8, number 1, pages 1-3, 2017.
Axon, L., Nurse, J.R.C., Goldsmith, M. and Creese, S., “A Formalised Approach to Designing Sonification Systems for Network-Security Monitoring”, in the International Journal On Advances in Security, volume 10, numbers 1&2, 2017.
Williams, M., Yao, K. and Nurse, J.R.C., “ToARist: An Augmented Reality Tourism App created through User-Centred Design”, in proceedings of the 31th British Human-Computer Interaction Conference (British HCI 2017). BCS eWiC. DOI: [doi]

Jump back to the top

2016

Williams, M., Nurse, J.R.C. and Creese, S., “Privacy Salience: Taxonomies and Research Opportunities”, in Privacy and Identity Management – Facing Up To Next Steps, IFIP Advances in Information and Communication Technology. 2016. Springer. DOI: [doi]
Eggenschwiler, J., Agrafiotis, I. and Nurse, J.R.C., “Insider Threat Response and Recovery Strategies in Financial Services Firms”, in the Computer Fraud & Security Journal, November issue, 2016. Elsevier. DOI: [doi]
Giasemidis, G., Singleton, C., Agrafiotis, I., Nurse, J.R.C., Pilgrim A. and Willis, C., “Determining the veracity of rumours on Twitter”, in proceedings of the 8th International Conference on Social Informatics (SocInfo 2016). DOI: [doi]
Rashid, T., Agrafiotis, I. and Nurse, J.R.C., “A New Take on Detecting Insider Threats: Exploring the use of Hidden Markov Models”, in proceedings of the 8th International Workshop on Managing Insider Security Threats (MIST 2016) In Conjunction with ACM Conference on Computer and Communications Security (CCS 2016). DOI: [doi] (Best Paper Award)
Nurse, J.R.C., Erola, A., Gibson-Robinson, T., Goldsmith, M. and Creese, S., “Analytics for Characterising and Measuring the Naturalness of Online Personae”, in the Security Informatics Journal, volume 5, number 3, 2016. Springer. DOI: [doi]
Williams, M. and Nurse, J.R.C., “Perspectives on Privacy in the use of Online Systems”, in proceedings of the 30th British Human-Computer Interaction Conference (British HCI 2016). BCS eWiC.
Williams, M., Nurse, J.R.C. and Creese, S., “The Perfect Storm: The Privacy Paradox and the Internet-of-Things”, in proceedings of the International Workshop on Challenges in Information Security and Privacy Management (ISPM), associated with the 11th International Conference on Availability, Reliability and Security (ARES 2016). IEEE. DOI: [doi]
Williams, M., Axon, L., Nurse, J.R.C. and Creese, S., “Future Challenges for Security and Privacy”, in proceedings of the 2nd International Forum on Research and Technologies for Society and Industry (RTSI 2016). IEEE. DOI: [doi]
Nouh, M., Nurse, J.R.C. and Goldsmith, M., “Towards Designing a Multipurpose Cybercrime Intelligence Framework”, in proceedings of the European Intelligence and Security Informatics Conference (EISIC 2016). IEEE. DOI: [doi]
Axon, L., Creese, S., Goldsmith, M. and Nurse, J.R.C., “Reflecting on the Use of Sonification for Network Monitoring”, in proceedings of the 10th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2016). (Best Paper Award)
Janse van Rensburg, A., Nurse, J.R.C. and Goldsmith, M., “Attacker-Parametrised Attack Graphs”, in proceedings of the 10th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2016).
Iuga, C., Nurse, J.R.C. and Erola, A., “Baiting the Hook: Factors Impacting Susceptibility to Phishing Attacks”, in the Journal of Human-centric Computing and Information Sciences (HCIS), 2016. Springer. DOI: [doi]
Everett, R., Nurse, J.R.C. and Erola, A., “The Anatomy of Online Deception: What Makes Automated Text Convincing?”, in proceedings of the 31st ACM/SIGAPP Symposium on Applied Computing (SAC 2016). ACM. DOI: [doi]
Williams, M. and Nurse, J.R.C., “Optional Data Disclosure and the Online Privacy Paradox: A UK Perspective”, in proceedings of the International Conference on Human Aspects of Information Security, Privacy and Trust (HAS), and the 18th International Conference on Human-Computer Interaction (HCI 2016). Springer. DOI: [doi]
Nurse, J.R.C., Atamli, A. and Martin, A., “Towards a Usable Framework for Modelling Security and Privacy Risks in the Smart Home”, in proceedings of the International Conference on Human Aspects of Information Security, Privacy and Trust (HAS), and the 18th International Conference on Human-Computer Interaction (HCI 2016). Springer. DOI: [doi]
Kammuller, F., Nurse, J.R.C. and Probst, C.W., “Attack Tree Analysis for Insider Threats on the Internet-of-Things using Isabelle”, in proceedings of the International Conference on Human Aspects of Information Security, Privacy and Trust (HAS), and the 18th International Conference on Human-Computer Interaction (HCI 2016). Springer. DOI: [doi]
Eze, C., Nurse, J.R.C. and Happa, J., “Using Visualizations to Enhance Users’ Understanding of App Activities on Android Devices”, in the Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), volume 7, number 1, pages 39-57, 2016.

Jump back to the top

2015

Farnan O.J. and Nurse J.R.C., “Exploring a Controls-Based Assessment of Infrastructure Vulnerability”, in: Risks and Security of Internet and Systems. CRiSIS 2015. Lambrinoudakis C., Gabillon A. (eds). Lecture Notes in Computer Science, volume 9572. Springer. DOI: [doi]
Happa, J., Fairclough, G., Nurse, J.R.C., Agrafiotis, I., Goldsmith, M. and Creese, S., “A Pragmatic System-Failure Assessment and Response Model”, in proceedings of the 2nd International Conference on Information Systems Security and Privacy (ICISSP 2016). INSTICC. DOI: [doi]
Nurse, J.R.C., Agrafiotis, I., Goldsmith, M., Creese, S. and Lamberts, K., “Tag Clouds with a twist: Using tag clouds coloured by information’s trustworthiness to support situation awareness”, in the Journal of Trust Management, volume 2, number 10, 2015. Springer. DOI: [doi]
Nurse, J.R.C., Erola, A., Agrafiotis, I., Goldsmith, M. and Creese, S., “Smart Insiders: Exploring the Threat from Insiders using the Internet-of-Things”, in proceedings of the International Workshop on Secure Internet of Things (SIoT 2015), associated with the 20th European Symposium on Research in Computer Security (ESORICS 2015). IEEE. DOI: [doi]
Nouh, M. and Nurse, J.R.C., “Identifying Key-Players in Online Activist Groups on the Facebook Social Network”, in proceedings of the International Workshop on Intelligence and Security Informatics (ISI 2015), in the IEEE International Conference on Data Mining (ICDM 2015). IEEE. DOI: [doi]
Nurse, J.R.C., Goldsmith, M., Creese, S. and Lamberts, K., “Technology and Information Trust for Supporting Risky Decisions based on Social-Media Content”, in proceedings of the 15th IEEE International Conference on Computer and Information Technology (CIT 2015). IEEE. DOI: [doi]
Phillips, E., Nurse, J.R.C., Goldsmith, M., and Creese, S., “Extracting Social Structure from Metadata on Dark Web Forums”, in proceedings of the International Conference on Social Media Technologies, Communication, and Informatics (SOTICS 2015). (Best Paper Award)
Wu, T. and Nurse, J.R.C., “Exploring the use of PLC Debugging Tools for Digital Forensic Investigations on SCADA Systems”, in proceedings of the 10th International Conference on Systematic Approaches to Digital Forensic Engineering (SADFE 2015). JDFSL.
Devlin, M., Nurse, J.R.C., Hodges, D., Goldsmith, M. and Creese, S., “Predicting Graphical Passwords”, in proceedings of the International Conference on Human Aspects of Information Security, Privacy and Trust (HAS), and the 17th International Conference on Human-Computer Interaction (HCI 2015). Springer. DOI: [doi]
Agrafiotis, I., Nurse, J.R.C., Buckley, O., Legg, P.A., Creese, S., and Goldsmith, M., “Identifying Attack Patterns for Insider-Threat Detection”, in the Computer Fraud & Security Journal, issue 7, 2015. Elsevier. DOI: [doi]
Nurse, J.R.C., “Exploring the Risks to Identity Security and Privacy in Cyberspace”. In the XRDS: Crossroads ACM Magazine, volume 21, number 3, pages 42-47, 2015. ACM. DOI: [doi]
Alahmadi, B.A. Legg, P.A. and Nurse, J.R.C., “Using Internet Activity Profiling for Insider-Threat Detection”, in proceedings of the 12th International Workshop on Security in Information Systems (WOSIS 2015). INSTICC. DOI: [doi]
Nurse, J.R.C., Erola, A., Goldsmith, M. and Creese, S., “Investigating the Leakage of Sensitive Personal and Organisational Information in Email Headers”, in the Journal of Internet Services and Information Security, volume 5, number 1, pages 70-84, 2015.
Bada, M., Sasse, A. M. and Nurse, J.R.C., “Cyber Security Awareness Campaigns: Why do they fail to change behaviour?”, in proceedings of the International Conference on Cyber Security for Sustainable Society (CSSS 2015). SSN+.
Phillips, E., Nurse, J.R.C., Goldsmith, M. and Creese, S., “Applying Social Network Analysis to Security”, in proceedings of the International Conference on Cyber Security for Sustainable Society (CSSS 2015). SSN+.
Nurse, J.R.C., Agrafiotis, I., Goldsmith, M., Creese, S., Lamberts, K., Price, D. and Jones, G., “Information Trustworthiness as a Solution to the Misinformation Problems in Social Media”, in proceedings of the International Conference on Cyber Security for Sustainable Society (CSSS 2015). SSN+.

Jump back to the top

2014

Buckley, O., Nurse, J.R.C., Legg, P.A., Goldsmith, M., and Creese, S., “Reflecting on the Ability of Enterprise Security Policy to Address Accidental Insider Threat”, in proceedings of the International Workshop on Socio-Technical Aspects in Security and Trust (STAST 2014), associated with the 27th IEEE Computer Security Foundations Symposium (CSF 2014). IEEE. DOI: [doi]
Nurse, J.R.C., Pumphrey, J., Gibson-Robinson, T., Goldsmith, M., and Creese, S., “Inferring Social Relationships from Technology-Level Device Connections”, in proceedings of the 12th International Conference on Privacy, Security and Trust (PST 2014). IEEE. DOI: [doi]
Nurse, J.R.C., Buckley, O., Legg, P.A., Goldsmith, M., Creese, S., Wright, G. and Whitty, M., “Understanding Insider Threat: A Framework for Characterising Attacks”, in proceedings of the IEEE Security and Privacy Workshops (SPW 2014), associated with the 35th IEEE Symposium on Security and Privacy (SP 2014). IEEE. DOI: [doi]
Nurse, J.R.C., Agrafiotis, I., Creese, S., Goldsmith, M. and Lamberts, K., “Two Sides of the Coin: Measuring and Communicating the Trustworthiness of Online Information”, in the Journal of Trust Management, volume 1, number 5, 2014. Springer. DOI: [doi]
Nurse, J.R.C., Legg, P.A., Buckley, O., Agrafiotis, I., Wright, G., Whitty, M., Upton, D., Goldsmith, M. and Creese, S., “A Critical Reflection on the Threat from Human Insiders – Its Nature, Industry Perceptions, and Detection Approaches”, in proceedings of the International Conference on Human Aspects of Information Security, Privacy and Trust (HAS), and the 16th International Conference on Human-Computer Interaction (HCI 2014). Springer. DOI: [doi]

Jump back to the top

2013

Creese, S., Gibson-Robinson, T., Goldsmith, M., Hodges, D., Kim, D., Love, O., Nurse, J.R.C., Pike, B. and Scholtz, J., “Tools for Understanding Identity”, in proceedings of the 13th Annual IEEE Conference on Technologies for Homeland Security (HST 2013). IEEE. DOI: [doi]
Legg, P.A., Moffat, N., Nurse, J.R.C., Happa, J., Agrafiotis, I., Goldsmith, M. and Creese, S., “Towards a Conceptual Model and Reasoning Structure for Insider Threat Detection”, in Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, volume 4, number 4, pages 20-37, 2013
Nurse, J.R.C., Agrafiotis, I., Creese, S., Goldsmith, M., and Lamberts, K., “Building Confidence in Information-Trustworthiness Metrics for Decision Support”, in proceedings of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2013). IEEE. DOI: [doi]
Nurse, J.R.C., Agrafiotis, I., Creese, S., Goldsmith, M., and Lamberts, K., “Communicating Trustworthiness using Radar Graphs: A Detailed Look”, in proceedings of the 11th International Conference on Privacy, Security and Trust (PST 2013). IEEE. DOI: [doi]
Nurse, J.R.C., Creese, S., and Goldsmith, M., “Supporting Human Decision-Making Online using Trust Metrics”, in proceedings of the International Conference on Human Aspects of Information Security, Privacy and Trust (HAS 2013), and the 15th International Conference on Human-Computer Interaction 2013 (HCI 2013). Springer. DOI: [doi]

Jump back to the top

2012

Hodges, D., Nurse, J.R.C., Goldsmith, M., and Creese, S., “Identity Attribution across Cyberspace and the Natural Space”, in proceedings of the International Crime and Intelligence Analysis Conference (ICIAC 2012).
Creese, S., Goldsmith, M., Nurse, J.R.C., and Phillips, E., “A Data-Reachability Model for Elucidating Privacy and Security Risks Related to the Use of Online Social Networks”, in proceedings of the 11th IEEE International Conference on Trust‚ Security and Privacy in Computing and Communications (TrustCom 2012). IEEE. DOI: [doi]
Nurse, J.R.C., Creese, S., Goldsmith, M. and Lamberts, K., “Using Information Trustworthiness Advice in Decision-Making”, in proceedings of the International Workshop on Socio-Technical Aspects in Security and Trust (STAST 2012), associated with the 25th IEEE Computer Security Foundations Symposium (CSF 2012). IEEE. DOI: [doi]
Nurse, J.R.C. and Sinclair J.E., “Towards a Model to Support the Reconciliation of Security Actions across Enterprises”, in proceedings of the International Workshop on Socio−Technical Aspects in Security and Trust (STAST 2012), associated with the 25th IEEE Computer Security Foundations Symposium (CSF 2012). IEEE. DOI: [doi]
Nurse, J.R.C., Creese, S., Goldsmith, M., Craddock R., and Jones, G., “An Initial Usability Evaluation of the Secure Situation Awareness System”, in proceedings of the 9th International Conference on Information Systems for Crisis Response and Management (ISCRAM 2012). ISCRAM Press.

Jump back to the top

2011

Nurse, J.R.C., Creese, S., Goldsmith, M. and Lamberts, K., “Trustworthy and Effective Communication of Cybersecurity Risks: A Review”, in proceedings of the International Workshop on Socio-Technical Aspects in Security and Trust (STAST 2011), associated with the 5th International Conference on Network and System Security (NSS 2011). IEEE. DOI: [doi]
Nurse, J.R.C., Creese, S., Goldsmith, M. and Lamberts, K., “Guidelines for Usable Cybersecurity: Past and Present”, in proceedings of the International Workshop on Cyberspace Safety and Security (CSS) associated with the 5th International Conference on Network and System Security (NSS 2011). IEEE. DOI: [doi]
Yang, S., Joy, M. and Nurse, J.R.C., “Experiences on Sharing e-Learning Resources using Service Technologies”, in proceedings of the 14th IASTED International Conference on Computers and Advanced Technology in Education (CATE 2011). ACTA. DOI: [doi]
Nurse, J.R.C. and Sinclair J.E., “A Case Study Analysis of an E-Business Security Negotiations Support Tool”, in Electrical Engineering and Applied Computing, in Lecture Notes in Electrical Engineering, volume 90, pages 209-220. Springer, 2011. DOI: [doi]
Nurse, J.R.C., Rahman, S.S., Creese, S., Goldsmith, M. and Lamberts, K., “Information Quality and Trustworthiness: A Topical State-of-the-Art Review”, in proceedings of the International Conference on Computer Applications and Network Security (ICCANS 2011). IEEE.
Nurse, J.R.C. and Sinclair J.E., “An Evaluation of BOF4WSS and the Security Negotiations Model and Tool used to Support it”, in International Journal on Advances in Security, volume 3, number 3&4, pages 184-201, 2011.

Jump back to the top

2010

Nurse, J.R.C. and Sinclair J.E., “A Thorough Evaluation of the Compatibility of an E-Business Security Negotiations Support Tool”, in IAENG International Journal of Computer Science, volume 37, issue 4, pages 376-387, 2010.
Nurse, J.R.C. and Sinclair, J.E., “Evaluating the Compatibility of a Tool to Support e-Businesses’ Security Negotiations”, in proceedings of the International Conference of Information Security and Internet Engineering, under World Congress on Engineering (WCE) 2010, volume 1, pages 438-443. International Association of Engineers, 2010. IAENG. (Best Student Paper Award)
Nurse, J.R.C. and Sinclair, J.E., “A Solution Model and Tool for Supporting the Negotiation of Security Decisions in e-Business Collaborations”, in proceedings of the 5th International Conference on Internet and Web Applications and Services (ICIW 2010). IEEE. (Best Paper Award). DOI: [doi]
Ishaya, T. and Nurse, J.R.C., “Cross-enterprise Policy Model for e-Business Web Services Security”, in D. Weerasinghe, editor, Information Security and Digital Forensics, volume 41 of Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, pages 163-171. Springer, Heidelberg, 2010. DOI: [doi]

Jump back to the top

2009

Nurse, J.R.C. and Sinclair, J.E., “Securing e-Businesses that use Web Services - A Guided Tour through BOF4WSS”, in International Journal on Advances in Internet Technology, volume 2, number 4, pages 253-276, 2009.
Nurse, J.R.C. and Sinclair, J.E., “Supporting the Comparison of Business-level Security Requirements within Cross-enterprise Service Development”, in W. Abramowicz, editor, Business Information Systems, volume 21 of Lecture Notes in Business Information Processing, pages 61-72. Springer, Heidelberg, 2009. DOI: [doi]
Nurse, J.R.C. and Sinclair, J.E., “BOF4WSS: A Business-Oriented Framework for Enhancing Web Services Security for e-Business”, in proceedings of the 4th International Conference on Internet and Web Applications and Services (ICIW 2009). IEEE. (Best Paper Award). DOI: [doi]

Jump back to the top