An analysis and classification of public information security data sources used in research and practice. Issue 82 (May 2019)
- Record Type:
- Journal Article
- Title:
- An analysis and classification of public information security data sources used in research and practice. Issue 82 (May 2019)
- Main Title:
- An analysis and classification of public information security data sources used in research and practice
- Authors:
- Sauerwein, Clemens
Pekaric, Irdin
Felderer, Michael
Breu, Ruth - Abstract:
- Abstract: In order to counteract today's sophisticated and increasing number of cyber threats the timely acquisition of information regarding vulnerabilities, attacks, threats, countermeasures and risks is crucial. Therefore, employees tasked with information security risk management processes rely on a variety of information security data sources, ranging from inter-organizational threat intelligence sharing platforms to public information security data sources, such as mailing lists or expert blogs. However, research and practice lack a comprehensive overview about these public information security data sources, their characteristics and dependencies. Moreover, comprehensive knowledge about these sources would be beneficial to systematically use and integrate them to information security processes. In this paper, a triangulation study is conducted to identify and analyze public information security data sources. Furthermore, a taxonomy is introduced to classify and compare these data sources based on the following six dimensions: (1) Type of information, (2) Integrability, (3) Timeliness, (4) Originality, (5) Type of Source, and (6) Trustworthiness . In total, 68 public information security data sources were identified and classified. The investigations showed that research and practice rely on a large variety of heterogeneous information security data sources, which makes it more difficult to integrate and use them for information security and risk management processes.
- Is Part Of:
- Computers & security. Issue 82(2019)
- Journal:
- Computers & security
- Issue:
- Issue 82(2019)
- Issue Display:
- Volume 82, Issue 82 (2019)
- Year:
- 2019
- Volume:
- 82
- Issue:
- 82
- Issue Sort Value:
- 2019-0082-0082-0000
- Page Start:
- 140
- Page End:
- 155
- Publication Date:
- 2019-05
- Subjects:
- Cyber threat intelligence sharing -- Cyber security information source -- Taxonomy -- Classification -- Characteristic -- Information security and risk management -- Data format -- Research -- Practice
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2018.12.011 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 9510.xml