Evaluating the quantity of incident-related information in an open Cyber security dataset

Benjamin Aziz, John Lee, Gulsum Akkuzu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

66 Downloads (Pure)

Abstract

Data-driven security has become essential in many organisations in their attempt to tackle Cyber security incidents. However, whilst the dominant approach to data-driven security remains through the mining of private and internal data, there is an increasing trend towards more open data through the sharing of Cyber security information and experience over public and community platforms. However, some questions remain over the quality and quantity of such open data. In this paper, we present the results of a recent case study that considers how feasible it is to answer a common question in Cyber security incident investigations, namely that "in an incident, who did what to which asset or victim, and with what result and impact", for one such open Cyber security database.
Original languageEnglish
Title of host publicationBusiness Information Systems Workshops. BIS 2019
EditorsWitold Abramowicz, Rafael Corchuelo
PublisherSpringer
Pages531-542
Number of pages12
ISBN (Electronic)978-3-030-36691-9
ISBN (Print)978-3-030-36690-2
DOIs
Publication statusPublished - 17 Dec 2019
Event2nd Workshop on Quality of Open Data - Seville, Spain
Duration: 26 Jun 201928 Jun 2019
http://bis.ue.poznan.pl/bis2019/qod/

Publication series

Name Lecture Notes in Business Information Processing
PublisherSpringer
Volume373
ISSN (Print)1865-1348

Workshop

Workshop2nd Workshop on Quality of Open Data
Abbreviated titleQOD 2019
Country/TerritorySpain
CitySeville
Period26/06/1928/06/19
Internet address

Keywords

  • Cyber Security Incidents
  • Quantity of Information
  • Open Datasets

Fingerprint

Dive into the research topics of 'Evaluating the quantity of incident-related information in an open Cyber security dataset'. Together they form a unique fingerprint.

Cite this