An Analysis and Classification of Public Information Security Data Sources used in Research and Practice
2019 (English)In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 82, p. 140-155Article in journal (Refereed) Published
Abstract [en]
In order to counteract today’s sophisticated and increasing number of cyber threats the timely acquisition of information regarding vulnerabilities, attacks, threats, countermeasures and risks is crucial. Therefore, employees tasked with information security risk management processes rely on a variety of information security data sources, ranging from inter-organizational threat intelligence sharing platforms to public information security data sources, such as mailing lists or expert blogs. However, research and practice lack a comprehensive overview about these public information security data sources, their characteristics and dependencies. Moreover, comprehensive knowledge about these sources would be beneficial to systematically use and integrate them to information security processes. In this paper, a triangulation study is conducted to identify and analyze public information security data sources. Furthermore, a taxonomy is introduced to classify and compare these data sources based on the following six dimensions: (1) Type of information, (2) Integrability, (3) Timeliness, (4) Originality, (5) Type of Source,and (6) Trustworthiness. In total, 68 public information security data sources were identified and classified. The investigations showed that research and practice rely on a large variety of heterogeneous information security data sources, which makes it more difficult to integrate and use them for information security and risk management processes.
Place, publisher, year, edition, pages
Elsevier, 2019. Vol. 82, p. 140-155
Keywords [en]
Cyber Threat Intelligence Sharing, Cyber Security Information Source, Taxonomy, Classification, Characteristic, Information Security and Risk Management, Data Format, Research, Practice
National Category
Software Engineering
Identifiers
URN: urn:nbn:se:bth-17447DOI: 10.1016/j.cose.2018.12.011ISI: 000459525800009OAI: oai:DiVA.org:bth-17447DiVA, id: diva2:1274646
2019-01-022019-01-022019-03-21Bibliographically approved