论文部分内容阅读
Abstract: A study developing a United Arab Emirates-based technology adoption model—through primary research, is supported by two pilot studies, field studies, and action research, in E-business. Random samples were 443 Emirati college students, 18 to 25 years old, from a sampling frame of enrolled students, at the Higher Colleges of Technology. Group is targeted by prospective employees by Emirati Federal law for employment industry sectors likely to use deep packet inspection. Six variables: computer self-efficacy, attitudes toward information and communications technology, perceived usefulness of e-commerce, intention to use e-commerce, culture, and Internet filtration were quasi-experimentally tested using the maximum likelihood estimator, robust to non-normality, using confirmatory factor analysis, for an acceptable goodness-of-fit into the UAE Deep Packet Acceptance Model (DPAM). Validity was supported factor loadings ranged from 0.621 to 0.885. The goodness-of-fit values obtained were Normed Chi-Square (2.602), Comparative Fit Index (0.918), Tucker-Lewis Index (0.905), and Root mean Square Error of Approximation (0.060). Reliability using Cronbach’s α was greater than 0.80 for all constructs.
Key words: Culture, deep packet inspection, DPI (deep packet inspection), e-commerce Internet filtration, network security, technology adoption model, trust, UAE (United Arab Emirates).
1. Introduction
The United Arab Emirates (UAE) is strategically located across the Straits of Hormuz from Iran. The UAE is a prosperous Middle Eastern country with a population of about five million, which includes 78% expatriates. The expatriate population has risen along with the development, occurring rapidly in the country. High priorities for the ruling sheiks are control of the country, economic progress, and the integrity of Islam. The largest, wealthiest, and politically most powerful of the seven hereditary sheikdoms or emirates that comprise the UAE is Abu Dhabi. Dubai is the second largest and most populous emirate. Dubai has grown into a major city-state, and become a globalized financial center [1].
The paper is organized as follows: The background of research is explained in Introduction; the research method is explained in the next section; analysis of normality—an important criterion in studies using factor analysis [2] is covered in the third section; finally, the significance of the study is discussed in Conclusions, or final section.
Cyber security threats and cybercrime are serious problems that jeopardize efforts to establish the country as an international business hub [3]. Deep Packet Inspection (DPI) is used to intercept, analyze, and block network traffic, and a technical solution that identifies and protects against security threats, including worms, viruses, and hacking attacks that can create extensive security, financial, and logistical problems for governmental entities, and businesses.
However, using DPI was controversial because it enabled governments and other users to spy on individuals and organizations [4-6]. The main commercial uses for DPI include managing network traffic flow, ensuring quality of service, and conducting targeted behavioral advertising, in which DPI is employed surreptitiously to acquire marketing data and build a profile about each individual customer [7-8].
With computer crime becoming a major problem in the UAE, as evidenced by the increased incidence of cybercrimes and computer system crashes [9], the implementation of DPI technology offers a possible cyber security solution to the crime problem. Deep packet technology allows governments and institutions to protect (supervisory control and data acquisition) SCADA systems in industry and infrastructure, through ability to detect, and filter malware [1, 10-14].
This study aimed to provide a way to examine factors that affected DPI adoption and explain how DPI was a good fit for the UAE. Previous studies had not assessed the tradeoff between the parameters of user privacy and institutional and governmental security needs for the UAE. This study enabled testing of a systems theory model [15] suggested in the literature. The DPAM explained the implementation of DPI in the UAE through the creation of new knowledge directed at a cyber-security technology adoption model as a study outcome.
2. Research Method
The theoretical evidence supported the inclusion of attitudes toward Internet and Communications Technology (ICT) and Computer Self-Efficacy (CSE)[16-19] as well as perceived usefulness of e-commerce and intention to use e-commerce [18, 20-22]. A cultural interpretation of trust as a component of UAE society had support from El-Sheikh [23], Gher [24], Kurzman and Naqvi [25], Hofstede [26], Lewis [27] and Wright[28]. Inclusion of Internet filtration in the model had support from Deibert et al. [29], Etisalat [30], Gher [24], and the Open Net Initiative [31-32]. The basis of investigation was six research questions answered by examining six hypotheses, each framed as a testable hypothesis that inquired whether or not the associated DPI construct belonged in the model (Fig. 1) that explained DPI’s acceptance or not.
Evidence of Internet filtration constructs relevant to defining Internet filtration as a variable for the UAE was in the literature reviewed [30-33]. In November 2009, an expert focus group investigated these constructs and recommended that properly directed persons from the sampling frame review the construct materials and contribute questions for these constructs.
Field study using action research, in September 2010, with Year 3 e-Business Marketing and Consumer Research class, from Fujairah Colleges [34] part of the Higher Colleges of Technology, was used to develop DPI constructs. Three months later with business faculty at an entrepreneurship conference, taking place in Dubai, the action research was replayed again at Higher Colleges of Technology, except in Dubai.
The initial sampling frame for data collection of ordinal data was from Fujairah Colleges [34], Higher Colleges of Technology (HCT) [35-37] students; gathered as original evidence, through a 66-question Internet-based survey. The survey used questions from a previously validated instrument employed by Siddiqui [38] for five of the six variables. The questions that defined Internet filtration as a variable were new and not previously validated. However, provisions made through field studies, and subsequent pilot studies developed reliability and validity for a 24 question version of this instrument.
Sampling frame for the primary study was the entire 17 campus system of Higher Colleges of Technology[35-37]. A stratified-random sample that exceeded size n = 400 [39] was proposed. To test these variables, purposively random sampled data of n = 527, was collected from a total population of N ≈ 19,370, exceeding the n = 239, minimum number of participants, determined by a power analysis. After listwise deletion of incomplete surveys there were N = 443 usable samples. Calculated factor loadings from exploratory factor analysis (EFA) are given in Table 1 and associated reliabilities given in Table 2.
The HCT students as a group are targeted by industry and UAE law for employment in DPI-utilizing sectors [40]. Principal component factor analysis applied first using the SPSS 18/PASW 18 statistics platform, helped to determine model specification[41-42]. After producing a re-specified model, and conducting a second pilot test, an exploratory factor analysis was used to pre-validate the model, and establish factor loadings. The results were later verified using the robust to non-normality maximum likelihood estimator (MLM) applied through with no rotation and freely loading of factors as determined by eigenvalues greater than 1.0 [2]. The factor loading for the CFA are shown in Table 3.
Thus EFA was followed by primary data collection and analysis, by Confirmatory Factor Analysis (CFA) in order to develop the most parsimonious outcome [2, 9, 43]. The final analysis used the CFA results shown in Table 3, an assessment of univariate normality and multivariate normality, with correlation coefficients, and goodness-of-fit, outputted from applying MLM using Mplus 5.0 with the Satorra-Bentler correction factor for non-normality, as the primary means of determining if the data fit the model [2, 44].
Fig. 1 Deep packet acceptance model (DPAM).
Table 1 Primary data maximum likelihood EFA.
3. Analysis of Normality
While the maximum likelihood estimator is robust for non-normality [2], a normal distribution of data collected is an important criterion for factor analysis. Tests of univariate and multivariate normality were conducted prior to moving into hypothesis testing. The univariate Kolmogorov-Smirnov (K-S) and Shapiro-Wilk(S-W) tests for normality on the six variables in the DPAM model is presented in Table 4, and neither of the variables were normally distributed, by K-S or S-W measures [41, 44]. While, a visual estimation of boxplots indicated that constructs were roughly normal, the calculated distribution was not normal, because of the observed significance of p < 0.05 on all variable measures [41, 44].
In addition to univariate tests, the data were examined for multivariate normality. When the 24 variables were analyzed collectively, approximately 62.5% exceed the significance standard of p < 0.05. The data exhibited significant deviations from a multivariate normal distribution. The multivariate skewness of the data was significantly different from that of a multivariate normal distribution (χ2(24) = 178.58, p < 0.001, according to Srivastava’s test)[45-46]. The same occurred with multivariate kurtosis, according to Mardia’s test (b2p = 18.66, p < 0.001)[47-48]. Normality testing thus confirmed that, contrary to the results of the visual inspection, data was not fitting a univariate or multivariate normality distribution.
Table 2 Reliability statistics for instruments.
Table 3 CFA factor loadings.
4. Conclusions
This study was a quasi-experimental, quantitative method investigation of cyber behavior—acceptance DPI technology. The method approximated the pattern-matching design described by Trochim [49], whereby, the theoretical expectation of each of six research questions were tested as a hypothesis against the observed pattern. Quantitative support for the model provided a means of understanding whether certain attitudes and characteristics of the Emirati nationals favor the implementation of DPI. Subsequent research proposed by the principal investigator will sample industry practitioners in the UAE, and later the GCC countries, thus through triangulation, test DPAM further.
By leveraging incremental changes into the study through the inclusion of the Internet filtration variable to create a DPI-specific instrument, an evolutionary epistemology was developed [50]. This evolution from existing work is a hallmark of what Kuhn [51] termed“normal science”, potentially building to an eventual tipping point or paradigm shift. In contrast, Lakatos[52], in an earlier critique of Kuhn, commented that the research philosophy advocated by Kuhn [51] served to promote long-term existence for established paradigms such as Davis’s [18] technology acceptance model(TAM). With TAM already having substantial support in the scientific community and serving as the hard core of the research enterprise, the negative heuristic of attacks on the core would be deflected to the positive heuristic, which is the protective outer-belt of new work surrounding the core theory, in this case DPAM[52].
Table 4 Tests for univariate normality.
Table 5 Correlation coefficients—latent constructs.
Table 6 Evaluation of fit of DPAM.
Analysis supporting validity of DPAM (Fig. 1) is through indirect means—correlation coefficients of latent factors, shown in Table 5 and evaluation of fit in Table 6. Employing DPI technology in firewalls at the ISP, and enterprise level, Ref. [54] was one possible solution in the fight against cyber-crime. Most large companies use F5 local traffic managers (LTMs) and global traffic managers (GTMs) in between all HTTP servers. It goes like this: Internet->GTM->LTM-> Apache HTTP Server->LTM-> Weblogic Server hosting web pages->LTM->Enterprise Service BUS->LTM->Apache Server->Weblogic Server hosting Web Services->Database [55].
Stakeholders, through applied research, now have a greater understanding of intention to use DPI in the UAE, and market needs, motivated by DPAM, a cyber-security acceptance model. Recommendations are extension of the model to the cyber-security practitioner community, exploration of the role of inter-firm alliance processes, in fighting cybercrime, identification of superior cyber-security business models, and recognition of culture as a limitation of the study.
References
[1] Euromonitor International, Market research United Arab Emirates, Euromonitor Global Market Information Database, 2009.
[2] T.A. Brown, Confirmatory factor Analysis for Applied Research, The Guilford Press, New York, 2006.
[3] J. Mortleman, IT Security: From Cottage Industry to Organised Crime, August 16, 2009, available online at: http://www.ameinfo.com/206157.html.
[4] Deep packet inspection and privacy, 2009, available online at: http://epic.org/privacy/dpi/.
[5] A. Hanff, A Critical Evaluation of the 2006/2007 Trials of Phorm Inc. Technology by BT PLC. No Deep Packet Inspection, 2008, available online at: https://nodpi.org/documents/phorm_paper.pdf.
[6] A. Hanff, No Deep Packet Inspection—A Review 2009[Web log post], December 31, 2009, available online at: https://nodpi.org/2009/12.
[7] Center for Democracy & Technology, Keeping the Internet open innovative and free, 2008, available online at: http://www.cdt.org/.
[8] E. Nakashima, M. Lebling, Lawmakers Probe Web Tracking: Panel Examining Ad Technology for Privacy Concerns, Washington Post, July 17, 2008, available online at: http://www.washingtonpost.com/wp-dyn/conte nt/article/2008/07/16/AR2008071602378.html?wpisrc=ne wsletter.
[9] R. Agarwal, W. Selen, Dynamic capability building in service value networks for achieving service innovation, Decision Sciences 40 (2009) 431-450.
[10] Allot Communications, Digging Deeper into Deep Packet Inspection (DPI) [White Paper], 2007, available online at: http://www.getadvanced.net/learning/whitepapers/networ kmanagement/Deep%20Packet%20Inspection_White_Pa per.pdf.
[11] Fidelis Security Systems, See It, Study It, Stop It [White Paper], 2011, available online at: http://www.fidelissecurity.com/files/files/whitepapers/Fid elisWP-MindtheGap.pdf.
[12] J. Kassner, Deep Packet Inspection: What You Should Know, 2008, available online at: http://resources.zdnet.co.uk/articles/features/0,100000200 0,39454822,00.htm.
[13] P. Lawson, Re: Bell Canada/Bell Sympatico Use of Deep Packet Inspection: PIPEDA Complaint, Canadian Internet Policy and Public Interest Clinic, 2008, available online at: http://www.cippic.ca/uploads/Bell-DPI-PIPEDAcomplain t_09May08.pdf.
[14] F. Yu, High Speed Deep Packet Inspection with Hardware Support, Doctoral Dissertation, University of California, Berkeley, 2007, available online at: http://www.eecs.berkeley.edu/Pubs/TechRpts/2006/EECS-2006-156.pdf.
[15] S.A. Cavaleri, Systems thinking for knowledge, World Futures: The Journal of General Evolution 61 (2005) 378-396, available online at: http://www.tandf.co.uk/journals/titles/02604027.asp.
[16] A. Bandura, Self-efficacy mechanism in human agency, American Psychologist 37 (1982) 122-147.
[17] R. Compeau, A. Higgins, Computer self-efficacy: Development of a measure and initial test, MIS Quarterly 19 (1995) 189-212.
[18] F. Davis, Perceived usefulness, perceived ease of use, and user acceptance of information technology, MIS Quarterly 13 (1989) 319-339.
[19] M. Jawahar, B. Elango, The effects of attitudes, goal setting and self-efficacy on end user performance, Journal of End User Computing 13 (2) (2001) 40-45, available online at: http://www.igi-global.com/Bookstore/Article.aspx?TitleI d=3737.
[20] L. Fawwaz, A single site case study to examine the efficacy of the accreditation process and standards on post-secondary distance learning programs in the United Arab Emirates, Doctoral Dissertation, available from Dissertations & Theses: Full Text Database, Publication No. AAT 3315177, 2008.
[21] M. Hsu, C. Chiu, Internet self-efficacy and electronic service acceptance, Decision Support Systems 38 (2004) 369-381.
[22] J. Jiang, M.K. Hus, G. Klein, B. Lin, E-commerce use behavior model: An empirical study, Human Systems Management 19 (2000) 265-277, available online at: http://www.iospress.nl/loadtop/load.php?isbn=01672533.
[23] S. El-Sheikh, The moral economy of classical Islam: A fiqhiconomic model, The Muslim World 98 (1) (2008) 114-144.
[24] L.A. Gher, Patterns in communication: Prospects and concerns, in: Y.R. Kamalipour (Ed.), Global Communications, Wadsworth-Thomson Learning, Belmont, CA, 2002, pp. 247-263.
[25] C. Kurzman, I. Naqvi, The Islamists Are Not Coming, Foreign Policy, 2010, available online at: http://www.foreignpolicy.com/articles/2010/01/04/the_isl amists_are_not_coming.
[26] G. Hofstede, Itim International, Geert Hofstede Cultural Dimensions, 2009, available online at: http://www.geert-h ofstede.com/hofstede_arab_world.shtml.
[27] B. Lewis, A historical overview: Islam and liberal democracy, Journal of Democracy 7 (2) (1996) 52-63.
[28] R. Wright, Two visions of reformation (Islam and liberal democracy), Journal of Democracy 7 (2) (1996) 64-75, available online at: http://www.journalofdemocracy.org/ articles/toc/tocapr96.html.
[29] R. Deibert, J.G. Palfrey, R. Rohozinski, J.L. Zittrain, Access Denied: The Practice and Policy of Global Internet Filtering, MIT Press, Cambridge, MA, 2008, available online at: http://opennet.net/accessdenied.
[30] Etisalat, 2009a, Etisalat Announces 3rd Quarter Results, available online at: http://www.etisalat.ae/index.jsp?lang=en&type=content& currentid=10c8e15c0b56a010VgnVCM1000000a0a0a0a____&contentid=a71d34daea50d110VgnVCM1000000c2 4a8c0RCRD&parentid=fa58800d1f52a010VgnVCM100 0000a0a0a0a____.
[31] Open Net Initiative, 2009a, Blocked Content, available online at: http://www.etisalat.ae/assets/document/blockco ntent.pdf.
[32] Open Net Initiative, 2009b, Internet Filtering in the United Arab Emirates, available online at: http://opennet.net/sites/opennet.net/files/ONI_UAE_2009.pdf.
[33] Etisalat, 2009a, Blocked Content, available online at: http://www.etisalat.ae/assets/document/blockcontent.pdf.
[34] Fujairah Colleges, Welcome to HCT-Fujairah, 2011, available online at: http://fjw.hct.ac.ae/index.html.
[35] Higher Colleges of Technology, HCT Strategic Plan Summary, 2009, available online at: http://www.hct.ac.ae/PDFs/HCTStrategicPlanSummary2 008_2012.pdf?p=App.
[36] Higher Colleges of Technology, 2011a, Enrollments by College Academic Year 2010-2011, available online at:http://www.hct.ac.ae/factbook/reports/enrollments/HCTFactbook-Enrollments-By-College.pdf.
[37] Higher Colleges of Technology, 2011b, HCT, available online at: https://www.hct.ac.ae/.
[38] H.N. Siddiqui, Investigation of intention to use e-commerce in the Arab countries: A comparison of self-efficacy, usefulness, culture, gender, and socioeconomic status in Saudi Arabia and the United Arab Emirates, Doctoral Dissertation, available from Dissertations & Theses: Full Text Database, Publication No. AAT 3315103, 2008.
[39] J. Zhang, Multivariate Data Analysis Using SSPS—Scribd, 2009, available online at: http://www.scribd.com/doc/11485761/Multivariate-DataAnalysis-Using-SPSS.
[40] UAE Federal e-Government Portal, 2006, Emiratisation, available online at: http://www.government.ae/gov/en/res/citizen/emp/emirati sation.jsp.
[41] A. Field, Discovering Statistics Using SPSS, 3rd ed., London, Sage Publications, England, 2009.
[42] L.K. Muthén, B. Muthén, Mplus User’s Guide, 3rd ed., Muthén & Muthén, Los Angeles, CA, 2004.
[43] A. Aydinli, W. Selen, T. Sen, An artificial neural network model for interface preference, in: Research Symposium in Business and Economics, American University of Sharjah, UAE, February 2010, available online at: http://www.aus.edu/conferences/symp_sbm/mis.php.
[44] D.G. Garson, Structural Equation Modeling: Statnotes, 2009, available online at: http://faculty.chass.ncsu.edu/garson/PA765/structur.htm.
[45] M.S. Srivastava, A measure of skewness and kurtosis and a graphical method for assessing multivariate normality, Statistics & Probability Letters 2 (1984) 263-267.
[46] M.S. Srivastava, T.K. Hui, On assessing multivariate normality based on Shapiro-Wilk W statistic, Statistics & Probability Letters 5 (1987) 15-18.
[47] K.V. Mardia, Applications of some measures of multivariate skewness and kurtosis in testing normality and robustness studies, Sankhya: Series B 36 (2) (1974) 115-128, available online at: http://www.jstor.org/stable/25051892.
[48] K.V. Mardia, K. Foster, Omnibus tests of multinormality based on skewness and kurtosis, Communications in Statistics: Theory and Methods 12 (1983) 207-221.
[49] W.M.K. Trochim, Research Methods Knowledge Base, Web Center for Social Research Methods, 2006, available online at: http://www.socialresearchmethods.net/kb/ contents.php.
[50] W.M.K. Trochim, J.P. Donnelly, The Research Methods Knowledge Base, 3rd ed., Cengage Learning, Mason, OH, 2008.
[51] T.S. Kuhn, The Structure of Scientific Revolutions, 3rd ed., The University of Chicago Press, Chicago, IL, 1996.
[52] I. Lakatos, Falsification and the methodology of scientific research programmes, in: I. Lakatos, A. Musgrave (Eds.), Criticism and the Growth of Knowledge, London, England: Cambridge University Press, 1970, Vol. 1965, pp. 91-196.
[53] R.B. Kline, Principles and Practice of Structural Equation Modeling, 3rd. ed., The Guilford Press, New York, NY, 2011.
[54] A.M. Matwyshyn, D. Slaughter-Defoe, C. Paya, Information Security: Why Cybercriminals Are Smiling, Arabic Knowledge@Wharton, March 18, 2010, available online at: http://knowledge.wharton.upenn.edu/arabic/article.cfm?ar ticleid=2415.
[55] F5 Networks Inc., IT Agility That Drives Your Business Forward, 2012, available online at: http://www.f5.com/.
Key words: Culture, deep packet inspection, DPI (deep packet inspection), e-commerce Internet filtration, network security, technology adoption model, trust, UAE (United Arab Emirates).
1. Introduction
The United Arab Emirates (UAE) is strategically located across the Straits of Hormuz from Iran. The UAE is a prosperous Middle Eastern country with a population of about five million, which includes 78% expatriates. The expatriate population has risen along with the development, occurring rapidly in the country. High priorities for the ruling sheiks are control of the country, economic progress, and the integrity of Islam. The largest, wealthiest, and politically most powerful of the seven hereditary sheikdoms or emirates that comprise the UAE is Abu Dhabi. Dubai is the second largest and most populous emirate. Dubai has grown into a major city-state, and become a globalized financial center [1].
The paper is organized as follows: The background of research is explained in Introduction; the research method is explained in the next section; analysis of normality—an important criterion in studies using factor analysis [2] is covered in the third section; finally, the significance of the study is discussed in Conclusions, or final section.
Cyber security threats and cybercrime are serious problems that jeopardize efforts to establish the country as an international business hub [3]. Deep Packet Inspection (DPI) is used to intercept, analyze, and block network traffic, and a technical solution that identifies and protects against security threats, including worms, viruses, and hacking attacks that can create extensive security, financial, and logistical problems for governmental entities, and businesses.
However, using DPI was controversial because it enabled governments and other users to spy on individuals and organizations [4-6]. The main commercial uses for DPI include managing network traffic flow, ensuring quality of service, and conducting targeted behavioral advertising, in which DPI is employed surreptitiously to acquire marketing data and build a profile about each individual customer [7-8].
With computer crime becoming a major problem in the UAE, as evidenced by the increased incidence of cybercrimes and computer system crashes [9], the implementation of DPI technology offers a possible cyber security solution to the crime problem. Deep packet technology allows governments and institutions to protect (supervisory control and data acquisition) SCADA systems in industry and infrastructure, through ability to detect, and filter malware [1, 10-14].
This study aimed to provide a way to examine factors that affected DPI adoption and explain how DPI was a good fit for the UAE. Previous studies had not assessed the tradeoff between the parameters of user privacy and institutional and governmental security needs for the UAE. This study enabled testing of a systems theory model [15] suggested in the literature. The DPAM explained the implementation of DPI in the UAE through the creation of new knowledge directed at a cyber-security technology adoption model as a study outcome.
2. Research Method
The theoretical evidence supported the inclusion of attitudes toward Internet and Communications Technology (ICT) and Computer Self-Efficacy (CSE)[16-19] as well as perceived usefulness of e-commerce and intention to use e-commerce [18, 20-22]. A cultural interpretation of trust as a component of UAE society had support from El-Sheikh [23], Gher [24], Kurzman and Naqvi [25], Hofstede [26], Lewis [27] and Wright[28]. Inclusion of Internet filtration in the model had support from Deibert et al. [29], Etisalat [30], Gher [24], and the Open Net Initiative [31-32]. The basis of investigation was six research questions answered by examining six hypotheses, each framed as a testable hypothesis that inquired whether or not the associated DPI construct belonged in the model (Fig. 1) that explained DPI’s acceptance or not.
Evidence of Internet filtration constructs relevant to defining Internet filtration as a variable for the UAE was in the literature reviewed [30-33]. In November 2009, an expert focus group investigated these constructs and recommended that properly directed persons from the sampling frame review the construct materials and contribute questions for these constructs.
Field study using action research, in September 2010, with Year 3 e-Business Marketing and Consumer Research class, from Fujairah Colleges [34] part of the Higher Colleges of Technology, was used to develop DPI constructs. Three months later with business faculty at an entrepreneurship conference, taking place in Dubai, the action research was replayed again at Higher Colleges of Technology, except in Dubai.
The initial sampling frame for data collection of ordinal data was from Fujairah Colleges [34], Higher Colleges of Technology (HCT) [35-37] students; gathered as original evidence, through a 66-question Internet-based survey. The survey used questions from a previously validated instrument employed by Siddiqui [38] for five of the six variables. The questions that defined Internet filtration as a variable were new and not previously validated. However, provisions made through field studies, and subsequent pilot studies developed reliability and validity for a 24 question version of this instrument.
Sampling frame for the primary study was the entire 17 campus system of Higher Colleges of Technology[35-37]. A stratified-random sample that exceeded size n = 400 [39] was proposed. To test these variables, purposively random sampled data of n = 527, was collected from a total population of N ≈ 19,370, exceeding the n = 239, minimum number of participants, determined by a power analysis. After listwise deletion of incomplete surveys there were N = 443 usable samples. Calculated factor loadings from exploratory factor analysis (EFA) are given in Table 1 and associated reliabilities given in Table 2.
The HCT students as a group are targeted by industry and UAE law for employment in DPI-utilizing sectors [40]. Principal component factor analysis applied first using the SPSS 18/PASW 18 statistics platform, helped to determine model specification[41-42]. After producing a re-specified model, and conducting a second pilot test, an exploratory factor analysis was used to pre-validate the model, and establish factor loadings. The results were later verified using the robust to non-normality maximum likelihood estimator (MLM) applied through with no rotation and freely loading of factors as determined by eigenvalues greater than 1.0 [2]. The factor loading for the CFA are shown in Table 3.
Thus EFA was followed by primary data collection and analysis, by Confirmatory Factor Analysis (CFA) in order to develop the most parsimonious outcome [2, 9, 43]. The final analysis used the CFA results shown in Table 3, an assessment of univariate normality and multivariate normality, with correlation coefficients, and goodness-of-fit, outputted from applying MLM using Mplus 5.0 with the Satorra-Bentler correction factor for non-normality, as the primary means of determining if the data fit the model [2, 44].
Fig. 1 Deep packet acceptance model (DPAM).
Table 1 Primary data maximum likelihood EFA.
3. Analysis of Normality
While the maximum likelihood estimator is robust for non-normality [2], a normal distribution of data collected is an important criterion for factor analysis. Tests of univariate and multivariate normality were conducted prior to moving into hypothesis testing. The univariate Kolmogorov-Smirnov (K-S) and Shapiro-Wilk(S-W) tests for normality on the six variables in the DPAM model is presented in Table 4, and neither of the variables were normally distributed, by K-S or S-W measures [41, 44]. While, a visual estimation of boxplots indicated that constructs were roughly normal, the calculated distribution was not normal, because of the observed significance of p < 0.05 on all variable measures [41, 44].
In addition to univariate tests, the data were examined for multivariate normality. When the 24 variables were analyzed collectively, approximately 62.5% exceed the significance standard of p < 0.05. The data exhibited significant deviations from a multivariate normal distribution. The multivariate skewness of the data was significantly different from that of a multivariate normal distribution (χ2(24) = 178.58, p < 0.001, according to Srivastava’s test)[45-46]. The same occurred with multivariate kurtosis, according to Mardia’s test (b2p = 18.66, p < 0.001)[47-48]. Normality testing thus confirmed that, contrary to the results of the visual inspection, data was not fitting a univariate or multivariate normality distribution.
Table 2 Reliability statistics for instruments.
Table 3 CFA factor loadings.
4. Conclusions
This study was a quasi-experimental, quantitative method investigation of cyber behavior—acceptance DPI technology. The method approximated the pattern-matching design described by Trochim [49], whereby, the theoretical expectation of each of six research questions were tested as a hypothesis against the observed pattern. Quantitative support for the model provided a means of understanding whether certain attitudes and characteristics of the Emirati nationals favor the implementation of DPI. Subsequent research proposed by the principal investigator will sample industry practitioners in the UAE, and later the GCC countries, thus through triangulation, test DPAM further.
By leveraging incremental changes into the study through the inclusion of the Internet filtration variable to create a DPI-specific instrument, an evolutionary epistemology was developed [50]. This evolution from existing work is a hallmark of what Kuhn [51] termed“normal science”, potentially building to an eventual tipping point or paradigm shift. In contrast, Lakatos[52], in an earlier critique of Kuhn, commented that the research philosophy advocated by Kuhn [51] served to promote long-term existence for established paradigms such as Davis’s [18] technology acceptance model(TAM). With TAM already having substantial support in the scientific community and serving as the hard core of the research enterprise, the negative heuristic of attacks on the core would be deflected to the positive heuristic, which is the protective outer-belt of new work surrounding the core theory, in this case DPAM[52].
Table 4 Tests for univariate normality.
Table 5 Correlation coefficients—latent constructs.
Table 6 Evaluation of fit of DPAM.
Analysis supporting validity of DPAM (Fig. 1) is through indirect means—correlation coefficients of latent factors, shown in Table 5 and evaluation of fit in Table 6. Employing DPI technology in firewalls at the ISP, and enterprise level, Ref. [54] was one possible solution in the fight against cyber-crime. Most large companies use F5 local traffic managers (LTMs) and global traffic managers (GTMs) in between all HTTP servers. It goes like this: Internet->GTM->LTM-> Apache HTTP Server->LTM-> Weblogic Server hosting web pages->LTM->Enterprise Service BUS->LTM->Apache Server->Weblogic Server hosting Web Services->Database [55].
Stakeholders, through applied research, now have a greater understanding of intention to use DPI in the UAE, and market needs, motivated by DPAM, a cyber-security acceptance model. Recommendations are extension of the model to the cyber-security practitioner community, exploration of the role of inter-firm alliance processes, in fighting cybercrime, identification of superior cyber-security business models, and recognition of culture as a limitation of the study.
References
[1] Euromonitor International, Market research United Arab Emirates, Euromonitor Global Market Information Database, 2009.
[2] T.A. Brown, Confirmatory factor Analysis for Applied Research, The Guilford Press, New York, 2006.
[3] J. Mortleman, IT Security: From Cottage Industry to Organised Crime, August 16, 2009, available online at: http://www.ameinfo.com/206157.html.
[4] Deep packet inspection and privacy, 2009, available online at: http://epic.org/privacy/dpi/.
[5] A. Hanff, A Critical Evaluation of the 2006/2007 Trials of Phorm Inc. Technology by BT PLC. No Deep Packet Inspection, 2008, available online at: https://nodpi.org/documents/phorm_paper.pdf.
[6] A. Hanff, No Deep Packet Inspection—A Review 2009[Web log post], December 31, 2009, available online at: https://nodpi.org/2009/12.
[7] Center for Democracy & Technology, Keeping the Internet open innovative and free, 2008, available online at: http://www.cdt.org/.
[8] E. Nakashima, M. Lebling, Lawmakers Probe Web Tracking: Panel Examining Ad Technology for Privacy Concerns, Washington Post, July 17, 2008, available online at: http://www.washingtonpost.com/wp-dyn/conte nt/article/2008/07/16/AR2008071602378.html?wpisrc=ne wsletter.
[9] R. Agarwal, W. Selen, Dynamic capability building in service value networks for achieving service innovation, Decision Sciences 40 (2009) 431-450.
[10] Allot Communications, Digging Deeper into Deep Packet Inspection (DPI) [White Paper], 2007, available online at: http://www.getadvanced.net/learning/whitepapers/networ kmanagement/Deep%20Packet%20Inspection_White_Pa per.pdf.
[11] Fidelis Security Systems, See It, Study It, Stop It [White Paper], 2011, available online at: http://www.fidelissecurity.com/files/files/whitepapers/Fid elisWP-MindtheGap.pdf.
[12] J. Kassner, Deep Packet Inspection: What You Should Know, 2008, available online at: http://resources.zdnet.co.uk/articles/features/0,100000200 0,39454822,00.htm.
[13] P. Lawson, Re: Bell Canada/Bell Sympatico Use of Deep Packet Inspection: PIPEDA Complaint, Canadian Internet Policy and Public Interest Clinic, 2008, available online at: http://www.cippic.ca/uploads/Bell-DPI-PIPEDAcomplain t_09May08.pdf.
[14] F. Yu, High Speed Deep Packet Inspection with Hardware Support, Doctoral Dissertation, University of California, Berkeley, 2007, available online at: http://www.eecs.berkeley.edu/Pubs/TechRpts/2006/EECS-2006-156.pdf.
[15] S.A. Cavaleri, Systems thinking for knowledge, World Futures: The Journal of General Evolution 61 (2005) 378-396, available online at: http://www.tandf.co.uk/journals/titles/02604027.asp.
[16] A. Bandura, Self-efficacy mechanism in human agency, American Psychologist 37 (1982) 122-147.
[17] R. Compeau, A. Higgins, Computer self-efficacy: Development of a measure and initial test, MIS Quarterly 19 (1995) 189-212.
[18] F. Davis, Perceived usefulness, perceived ease of use, and user acceptance of information technology, MIS Quarterly 13 (1989) 319-339.
[19] M. Jawahar, B. Elango, The effects of attitudes, goal setting and self-efficacy on end user performance, Journal of End User Computing 13 (2) (2001) 40-45, available online at: http://www.igi-global.com/Bookstore/Article.aspx?TitleI d=3737.
[20] L. Fawwaz, A single site case study to examine the efficacy of the accreditation process and standards on post-secondary distance learning programs in the United Arab Emirates, Doctoral Dissertation, available from Dissertations & Theses: Full Text Database, Publication No. AAT 3315177, 2008.
[21] M. Hsu, C. Chiu, Internet self-efficacy and electronic service acceptance, Decision Support Systems 38 (2004) 369-381.
[22] J. Jiang, M.K. Hus, G. Klein, B. Lin, E-commerce use behavior model: An empirical study, Human Systems Management 19 (2000) 265-277, available online at: http://www.iospress.nl/loadtop/load.php?isbn=01672533.
[23] S. El-Sheikh, The moral economy of classical Islam: A fiqhiconomic model, The Muslim World 98 (1) (2008) 114-144.
[24] L.A. Gher, Patterns in communication: Prospects and concerns, in: Y.R. Kamalipour (Ed.), Global Communications, Wadsworth-Thomson Learning, Belmont, CA, 2002, pp. 247-263.
[25] C. Kurzman, I. Naqvi, The Islamists Are Not Coming, Foreign Policy, 2010, available online at: http://www.foreignpolicy.com/articles/2010/01/04/the_isl amists_are_not_coming.
[26] G. Hofstede, Itim International, Geert Hofstede Cultural Dimensions, 2009, available online at: http://www.geert-h ofstede.com/hofstede_arab_world.shtml.
[27] B. Lewis, A historical overview: Islam and liberal democracy, Journal of Democracy 7 (2) (1996) 52-63.
[28] R. Wright, Two visions of reformation (Islam and liberal democracy), Journal of Democracy 7 (2) (1996) 64-75, available online at: http://www.journalofdemocracy.org/ articles/toc/tocapr96.html.
[29] R. Deibert, J.G. Palfrey, R. Rohozinski, J.L. Zittrain, Access Denied: The Practice and Policy of Global Internet Filtering, MIT Press, Cambridge, MA, 2008, available online at: http://opennet.net/accessdenied.
[30] Etisalat, 2009a, Etisalat Announces 3rd Quarter Results, available online at: http://www.etisalat.ae/index.jsp?lang=en&type=content& currentid=10c8e15c0b56a010VgnVCM1000000a0a0a0a____&contentid=a71d34daea50d110VgnVCM1000000c2 4a8c0RCRD&parentid=fa58800d1f52a010VgnVCM100 0000a0a0a0a____.
[31] Open Net Initiative, 2009a, Blocked Content, available online at: http://www.etisalat.ae/assets/document/blockco ntent.pdf.
[32] Open Net Initiative, 2009b, Internet Filtering in the United Arab Emirates, available online at: http://opennet.net/sites/opennet.net/files/ONI_UAE_2009.pdf.
[33] Etisalat, 2009a, Blocked Content, available online at: http://www.etisalat.ae/assets/document/blockcontent.pdf.
[34] Fujairah Colleges, Welcome to HCT-Fujairah, 2011, available online at: http://fjw.hct.ac.ae/index.html.
[35] Higher Colleges of Technology, HCT Strategic Plan Summary, 2009, available online at: http://www.hct.ac.ae/PDFs/HCTStrategicPlanSummary2 008_2012.pdf?p=App.
[36] Higher Colleges of Technology, 2011a, Enrollments by College Academic Year 2010-2011, available online at:http://www.hct.ac.ae/factbook/reports/enrollments/HCTFactbook-Enrollments-By-College.pdf.
[37] Higher Colleges of Technology, 2011b, HCT, available online at: https://www.hct.ac.ae/.
[38] H.N. Siddiqui, Investigation of intention to use e-commerce in the Arab countries: A comparison of self-efficacy, usefulness, culture, gender, and socioeconomic status in Saudi Arabia and the United Arab Emirates, Doctoral Dissertation, available from Dissertations & Theses: Full Text Database, Publication No. AAT 3315103, 2008.
[39] J. Zhang, Multivariate Data Analysis Using SSPS—Scribd, 2009, available online at: http://www.scribd.com/doc/11485761/Multivariate-DataAnalysis-Using-SPSS.
[40] UAE Federal e-Government Portal, 2006, Emiratisation, available online at: http://www.government.ae/gov/en/res/citizen/emp/emirati sation.jsp.
[41] A. Field, Discovering Statistics Using SPSS, 3rd ed., London, Sage Publications, England, 2009.
[42] L.K. Muthén, B. Muthén, Mplus User’s Guide, 3rd ed., Muthén & Muthén, Los Angeles, CA, 2004.
[43] A. Aydinli, W. Selen, T. Sen, An artificial neural network model for interface preference, in: Research Symposium in Business and Economics, American University of Sharjah, UAE, February 2010, available online at: http://www.aus.edu/conferences/symp_sbm/mis.php.
[44] D.G. Garson, Structural Equation Modeling: Statnotes, 2009, available online at: http://faculty.chass.ncsu.edu/garson/PA765/structur.htm.
[45] M.S. Srivastava, A measure of skewness and kurtosis and a graphical method for assessing multivariate normality, Statistics & Probability Letters 2 (1984) 263-267.
[46] M.S. Srivastava, T.K. Hui, On assessing multivariate normality based on Shapiro-Wilk W statistic, Statistics & Probability Letters 5 (1987) 15-18.
[47] K.V. Mardia, Applications of some measures of multivariate skewness and kurtosis in testing normality and robustness studies, Sankhya: Series B 36 (2) (1974) 115-128, available online at: http://www.jstor.org/stable/25051892.
[48] K.V. Mardia, K. Foster, Omnibus tests of multinormality based on skewness and kurtosis, Communications in Statistics: Theory and Methods 12 (1983) 207-221.
[49] W.M.K. Trochim, Research Methods Knowledge Base, Web Center for Social Research Methods, 2006, available online at: http://www.socialresearchmethods.net/kb/ contents.php.
[50] W.M.K. Trochim, J.P. Donnelly, The Research Methods Knowledge Base, 3rd ed., Cengage Learning, Mason, OH, 2008.
[51] T.S. Kuhn, The Structure of Scientific Revolutions, 3rd ed., The University of Chicago Press, Chicago, IL, 1996.
[52] I. Lakatos, Falsification and the methodology of scientific research programmes, in: I. Lakatos, A. Musgrave (Eds.), Criticism and the Growth of Knowledge, London, England: Cambridge University Press, 1970, Vol. 1965, pp. 91-196.
[53] R.B. Kline, Principles and Practice of Structural Equation Modeling, 3rd. ed., The Guilford Press, New York, NY, 2011.
[54] A.M. Matwyshyn, D. Slaughter-Defoe, C. Paya, Information Security: Why Cybercriminals Are Smiling, Arabic Knowledge@Wharton, March 18, 2010, available online at: http://knowledge.wharton.upenn.edu/arabic/article.cfm?ar ticleid=2415.
[55] F5 Networks Inc., IT Agility That Drives Your Business Forward, 2012, available online at: http://www.f5.com/.