A definition of Information Security Classification in cybersecurity context

Collard, Guillaume; Ducroquet, Stephane; Disson, Eric; Talens, Guilaine

doi:10.1109/rcis.2017.7956520

Cited by 7 publications

(5 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The scholars used existing standards including ISO 27001, NIST, COBIT, and ITIL as a baseline to develop recommendations for creating a framework for such organisations. The problem of outdated standards was explored by [46] proposing new definitions for the information-security classification. The search was limited to publications from 2016 to 2021.…”

Section: Surveys On It Risk Managementmentioning

confidence: 99%

“…One possible direction for future research is to consider technology-enabled automation in these SMEs [6]. Automated risk assessment in those SMEs would allow for a more proactive approach to risk mitigation due to the ability to dynamically monitor cybersecurity threats and vulnerabilities [46]. This approach would be suitable for newer technologies, such as cloud computing, which involves indirect assets harmed only through adverse impacts on other assets.…”

Section: Practical Implicationsmentioning

confidence: 99%

See 1 more Smart Citation

Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach

AL-Dosari,

Fetais

2023

Electronics

View full text Add to dashboard Cite

Information-technology (IT) security standards are regularly updated in a rapidly changing technological world to maintain pace with advanced technologies. This study was motivated by the realization that established IT risk-management frameworks might provide an adequate defence for small- and medium-sized enterprises (SMEs), especially those actively adopting new technologies. We reviewed that a dynamic IT risk-management framework, updated to reflect emerging technological changes, would offer improved security and privacy for SMEs. To evaluate this, we conducted a systematic literature review spanning 2016 to 2021, focusing on IT risk-management research in various application areas. This study revealed that, while established frameworks like NIST have their benefits, they need to be better suited to the unique needs of SMEs due to their high degree of abstractness, vague guidelines, and lack of adaptability to technological advancements. The findings suggest a pressing need to evolve IT risk-management frameworks, particularly by incorporating advanced methods such as system dynamics, machine learning, and technoeconomic and sociotechnological models. These innovative approaches provide a more dynamic, responsive, and holistic approach to risk management, thereby significantly improving the IT security of SMEs. The study’s implications underscore the urgency of developing flexible, dynamic, and technology-informed IT risk-management strategies, offering novel insights into a more practical approach to IT risk management.

show abstract

Section: Surveys On It Risk Managementmentioning

confidence: 99%

Section: Practical Implicationsmentioning

confidence: 99%

Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach

AL-Dosari,

Fetais

2023

Electronics

View full text Add to dashboard Cite

show abstract

“…Cybersecurity is a discipline that has been evolving exponentially over the past decade [9]. It refers to the set of practices to protect the cyberspace environment against suspicious activities that may affect its security principles [10]. Among the security principles, we have the integrity of the data that aims to prevent the alteration of the information by unauthorized persons.…”

Section: A Cybersecuritymentioning

confidence: 99%

A Multiagent and Machine Learning based Hybrid NIDS for Known and Unknown Cyber-attacks

Ouiazzane¹,

Addou²,

Barramou³

2021

IJACSA

View full text Add to dashboard Cite

The objective of this paper is to propose a hybrid Network Intrusion Detection System (NIDS) for the detection of cyber-attacks that may target modern computer networks. Indeed, in the era of technological evolution that the world is currently experiencing, hackers are constantly inventing new attack mechanisms that can bypass traditional security systems. Thus, NIDS are now an essential security brick to be deployed in corporate networks to detect known and zero-day attacks. In this research work, we propose a hybrid NIDS model based on the use of both a signature-based NIDS and an anomaly detection NIDS. The proposed system is based on agent technology, SNORT signature-based NIDS, machine learning techniques and the CICIDS2017 dataset is used for training and evaluation purposes. Thus, the CICIDS2017 dataset has undergone several pre-processing actions, namely, dataset cleaning, and dataset balancing as well as reducing the number of attributes (from 79 to 33 attributes). In addition, a set of machine learning algorithms are used, such as decision tree, random forest, Naive Bayes and multilayer perceptron, and are evaluated using some metrics, such as recall, precision, F-measure and accuracy. The detection methods used give very satisfactory results in terms of modeling benign network traffic and the accuracy reaches 99.9% for some algorithms.

show abstract

“…The definition of security has always been a target of many studies. However, there is absolutely no overall accepted definition of security in the literature, especially in defining security as a general term and in a general sense (Collard et al 2017). Security in its nature is multidimensional, but in practice, it varies (Brooks 2010) depending on the environment and the context that it is in use.…”

Section: Security Concept In the Literaturementioning

confidence: 99%

Smart sovereignty and the security of society 5.0

Aldabbas

View full text Add to dashboard Cite

Writing a successful dissertation is in some way like winning a Formula One race. You need a good car (talent, material, and knowledge), good strategy (clear plan and suitable approach), good team (supervisors and mentors), and fuel (energy to keep going). Except that for the dissertation, I am racing against my weaknesses and the deadline of course. I am very lucky to have many great people around me. Thanks to their help I can finally see the checkered flag. I am deeply grateful to my supervisors Prof. Dr. Stephanie Teufel, Dr. Bernd Teufel, and Prof. Dr. Marino Widmer from the University of Fribourg. Since I started my Master's studies, they have always been very supportive personally and professionally. I would like to express my gratitude for their ongoing support of my Ph.D. studies and research, as well as their patience and inspiration. Their advice was invaluable throughout my research and thesis writing. I would like to thank Dr. Jean-François Emmenegger for enlightening me about the statistical analysis stage of the research. His kindness and patience helped me find the right path after I was lost. Furthermore, I want to express my gratitude to Dr. Reinhard Bürgy, Dr. Toni Hürlimann, Francesca, and Vera for the great year I spent at the Decision Support & Operations Research Group at the University of Fribourg. I want to thank my colleagues from the iimt Kirstin, Yves, Mario, Julia, Virgile, and Melanie for the many memorable years of kindness, collaboration, and support. My sincere thanks also go to my best friends Kinan, Ashraf, Mohammad, Majd, Musaab, Muhsen, and Danilo. Thank you for the years gone and the years to come of selfless friendship.You are brothers to me.Last but not least, my sincere gratefulness goes to my loving wife Irina whose love and care were the fuel that kept me going, to my parents Khiro and Najwa, my siblings Hiba, Abdulrahman, and Zain, to my cousins Anas and Ahmad, to the sunshine of my life Elias, and to my brother Islam who lives on in my heart.There are no words that can express my gratefulness for all these people and their continuous support throughout the entire time of writing this dissertation. Without them, there would simply be no accomplishment. Thank you.comprehensive answer to that question will not appear, but at the very least, an indicator about the development direction will come up.Before elaborating on the matter, it is essential to refer here to the pH indicator, a chemical substance that changes the color of a solution when added. This process can determine the acidity or basicity of the solution. The name "indicator" describes very well the purpose of this substance. It is not a determinant, but it is just an indicator. The new color of the substance will expose the nature of the solution, but not its accurate pH number. So, the indicator's purpose in this dissertation's context is to sense the future understanding of security based on the evolution of security perception throughout the centuries.This area of research is based on security but in an exc...

show abstract

A definition of Information Security Classification in cybersecurity context

Cited by 7 publications

References 4 publications

Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach

Risk-Management Framework and Information-Security Systems for Small and Medium Enterprises (SMEs): A Meta-Analysis Approach

A Multiagent and Machine Learning based Hybrid NIDS for Known and Unknown Cyber-attacks

Smart sovereignty and the security of society 5.0

Contact Info

Product

Resources

About