Two Case Studies in Using Chatbots for Security Training

  • Stewart Kowalski
  • Katarina Pavlovska
  • Mikael Goldstein
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 406)


This paper discusses the result of two case studies performed in a large international company to test the use of chatbots for internal security training. The first study targeted 26 end users in the company while the second study examined 80 security specialists. From a quantitative analytical perspective there does not appears to be any significant findings when chatbots are used for security training. However there does appear to be qualitative data that suggest that the attitudes of the respondents appear to be more positive to security when chatbots are used than with the current traditional e-learning security training courses at the company.


Security Awareness Training Chatbots 


  1. 1.
    Kowalski, S., Nässla, H., Karlsson, J., Karlsson, V.: The Manual is the Message: An Experiment with Paper Based and Web Based IT Security Manuals. In: Proceedings of WISE 1999, Stockholm (1999)Google Scholar
  2. 2.
    Kowalski, S., Mozuraite-Araby, R., Walentowicz, S.: Using Chatbots for Security Training of ICT Users. In: World Wide Research Forum 20th Conference Ottawa, Canada (April 2007)Google Scholar
  3. 3.
    Pavlovska, K.: Using Using chatbots to maintain knowledge about ISO/IEC 27001:2005 at Ericsson. Master’s thesis, Department of Computer and Systems Sciences (2008) Google Scholar
  4. 4.
    European Network and Information Security Agency, Information Security Awareness Initiatives: Current Practice and the Measurement of Success (July 2007 ) Google Scholar
  5. 5.
    Nielsen, J.: User education is not the answer to security problems, (accessed: 2009)
  6. 6.
    Srikwan, S., Jakobsson, M.: Using cartoons to teach Internet Security (2007), (accessed 2008)
  7. 7.
    Jagatic, T.N., Johnson, M., Jakobsson, M., Menczer, F.: Social Phishing. Communications of the ACM 50(10), 96–100 (2007)CrossRefGoogle Scholar
  8. 8.
    Kumaraguru, P., Rhee, Y., Acquisti, A., Cranor, L., Hong, J., Nunge, E.: Protecting People from Phishing: The Design and Evaluation of an Embedded Training Email System. In: Conference on Human Factors in Computing Systems archive. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, San Jose, California, USA, pp. 905–914 (2007)Google Scholar
  9. 9.
    Weizenbaum, J.: ELIZA - A Computer Program For the Study of Natural Language Communication Between Man And Machine. Communication of the ACM 9(1), 36–45 (1966)CrossRefGoogle Scholar
  10. 10., (accessed on April 24, 2009)
  11. 11.
  12. 12.
    Knill, O., Carlsson, J., Chi, A., Lezama, M.: An artificial intelligence experiment in college math education (2004), (accessed on April 24, 2009)
  13. 13.
    Webber, G.M.: Data representation and algorithms for biomedical informatics applications. PhD thesis, Harvard University (2005)Google Scholar
  14. 14.
    Voth, D.: Practical agents help out. IEEE Intelligent Systems 20(2), 4–6 (2005)CrossRefGoogle Scholar
  15. 15.
  16. 16.
    ANNA, (accessed on April 24, 2009)
  17. 17.
    Jiyou, J.: CSIEC (Computer Simulator in Educational Communication): An Intelligent Web-Based Teaching System for Foreign Language Learning. In: Proceedings of the IEEE International Conference Advanced Learning Technologies, vol. (30), pp. 690–692 (2004)Google Scholar
  18. 18.
    Näckros, K.: Game Based Instruction within IT Security Education. Department of Computer and Systems Sciences, Stockholm University Royal Institute of Technology, Stockholm (2001)Google Scholar
  19. 19.
    Ahmed, P.K., Lim, K.K., Loh, A.Y.E.: Learning, Through Knowledge Management. Butterworth-Heinemann (2002)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2013

Authors and Affiliations

  • Stewart Kowalski
    • 1
  • Katarina Pavlovska
    • 1
  • Mikael Goldstein
    • 2
  1. 1.SecLab, Department of Computer and Systems SciencesStockholm University/Royal Institute of Technology StockholmSweden
  2. 2.migoliStockholmSweden

Personalised recommendations