Back
 JIS  Vol.11 No.4 , October 2020
Using Linear Regression Analysis and Defense in Depth to Protect Networks during the Global Corona Pandemic
Abstract: The purpose of this research was to determine whether the Linear Regression Analysis can be effectively applied to the prioritization of defense-in-depth security tools and procedures to reduce cyber threats during the Global Corona Virus Pandemic. The way this was determined or methods used in this study consisted of scanning 20 peer reviewed Cybersecurity Articles from prominent Cybersecurity Journals for a list of defense in depth measures (tools and procedures) and the threats that those measures were designed to reduce. The methods further involved using the Likert Scale Model to create an ordinal ranking of the measures and threats. The defense in depth tools and procedures were then compared to see whether the Likert scale and Linear Regression Analysis could be effectively applied to prioritize and combine the measures to reduce pandemic related cyber threats. The results of this research reject the H0 null hypothesis that Linear Regression Analysis does not affect the relationship between the prioritization and combining of defense in depth tools and procedures (independent variables) and pandemic related cyber threats (dependent variables).
Cite this paper: Alexander, R. (2020) Using Linear Regression Analysis and Defense in Depth to Protect Networks during the Global Corona Pandemic. Journal of Information Security, 11, 261-291. doi: 10.4236/jis.2020.114017.
References

[1]   Zou, Y.L., Zhu, J., Wang, X.B. and Hanzo, L. (2016) A Survey on Wireless Security: Technical Challenges, Recent Advances, and Future Trends. Proceedings of the IEEE, 104, 1727-1765.

[2]   Ewing, C. (2010) Engineering Defense-in-Depth Cybersecurity for the Modern Substation. Proceedings of the 12th Annual Western Power Delivery Automation Conference, Spokane.

[3]   Carey, M.J. and Paulsen, G.B. (2017) System and Method for Simulating Network Security Threats and Assessing Network Security. US Patent Application No. 14/837,033.

[4]   Choi, M.K., Robles, R.J., Hong, C.H. and Kim, T.H. (2008) Wireless network security: Vulnerabilities, Threats and Countermeasures. International Journal of Multimedia and Ubiquitous Engineering, 3, 77-86.

[5]   Fabro, M. (2007) Control Systems Cyber Security: Defense-in-Depth Strategies (No. INL/CON-07-12804). Idaho National Laboratory (INL), Idaho Falls.

[6]   Cleghorn, L. (2013) Network Defense Methodology: A Comparison of Defense in Depth and Defense in Breadth. Journal of Information Security, 4, 144-149.
https://doi.org/10.4236/jis.2013.43017

[7]   Rathore, S., Sharma, P.K., Loia, V., Jeong, Y.S. and Park, J.H. (2017) Social Network Security: Issues, Challenges, Threats, and Solutions. Information Sciences, 421, 43-69. https://doi.org/10.1016/j.ins.2017.08.063

[8]   Goztepe, K., Kilic, R. and Kayaalp, A. (2014) Cyber Defense in Depth: Designing Cyber Security Agency Organization for Turkey. Journal of Naval Science and Engineering, 10, 1-24.

[9]   Weisberg, S. (2005) Applied Linear Regression. John Wiley & Sons, Hoboken.
https://doi.org/10.1002/0471704091

[10]   Groat, S., Tront, J. and Marchany, R. (2012) Advancing the Defense in Depth Model. 2012 7th International Conference on System of Systems Engineering (SoSE), Genova, 16-19 July 2012, 285-290.
https://doi.org/10.1109/SYSoSE.2012.6384127

[11]   Naseem, I., Togneri, R. and Bennamoun, M. (2010) Linear Regression for Face Recognition. IEEE Transactions on Pattern Analysis and Machine Intelligence, 32, 2106-2112. https://doi.org/10.1109/TPAMI.2010.128

[12]   Meier, K.J., Favero, N. and Zhu, L. (2015) Performance Gaps and Managerial Decisions: A Bayesian Decision Theory of Managerial Action. Journal of Public Administration Research and Theory, 25, 1221-1246.
https://doi.org/10.1093/jopart/muu054

[13]   Zou, K.H., Tuncali, K. and Silverman, S.G. (2003) Correlation and Simple Linear Regression. Radiology, 227, 617-628.
https://doi.org/10.1148/radiol.2273011499

[14]   Haddawy, P. (1999) An Overview of Some Recent Developments in Bayesian Problem-Solving Techniques. AI Magazine, 20, 11.

[15]   Schneier, B. (2006) Security in the Cloud. Blog Post.
http://www.schneier.com/blog/archives/2006/02/security_in_the.html

[16]   Lu, Z., Lu, X., Wang, W.Y. and Wang, C. (2010) Review and Evaluation of Security Threats on the Communication Networks in the Smart Grid. 2010—Milcom 2010 Military Communications Conference, San Jose, 31 October-3 November 2010, 1830-1835. https://doi.org/10.4304/jnw.4.7.552-564

[17]   Nilsson, D.K. and Larson, U. (2009) A Defense-in-Depth Approach to Securing the Wireless Vehicle Infrastructure. Journal of Networks, 4, 552-564.

[18]   Bass, T. and Robichaux, R. (2001) Defense-in-Depth Revisited: Qualitative Risk Analysis Methodology for Complex Network-Centric Operations. 2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No. 01CH37277), 1, 64-70.

[19]   El-Khameesy, N. and Mohamed, H.A.R. (2013) A Proposed Model for Datacenter in Depth Defense to Enhance Continual Security. International Journal of Information Technology and Computer Science, 5, 55-67.
https://doi.org/10.5815/ijitcs.2013.04.07

[20]   Mixia, L., Qiuyu, Z., Hong, Z. and Dongmei, Y. (2008) Network Security Situation Assessment Based on Data Fusion. 1st International Workshop on Knowledge Discovery and Data Mining (WKDD 2008), Adelaide, 23-24 January 2008, 542-545.
https://doi.org/10.1109/WKDD.2008.35

[21]   Conti, G. and Abdullah, K. (2004) Passive Visual Fingerprinting of Network Attack Tools. Proceedings of the 2004 ACM Workshop on Visualization and data mining for Computer Security, Washington DC, October 2004, 45-54.
https://doi.org/10.1145/1029208.1029216

[22]   Kaur, T., Malhotra, V. and Singh, D. (2014) Comparison of Network Security Tools-Firewall, Intrusion Detection System and Honeypot. International Journal of Enhanced Research in Science Technology and Engineering, 3, 200-204.

[23]   Kou, G., Lu, Y., Peng, Y. and Shi, Y. (2012) Evaluation of Classification Algorithms Using MCDM and Rank Correlation. International Journal of Information Technology & Decision Making, 11, 197-225.
https://doi.org/10.1142/S0219622012500095

[24]   Liou, J.J. and Tzeng, G.H. (2012) Comments on “Multiple Criteria Decision Making (MCDM) Methods in Economics: An Overview”. Technological and Economic Development of Economy, 18, 672-695.
https://doi.org/10.3846/20294913.2012.753489

[25]   Mohammadi, S., Ataei, M., Khaloo Kakaie, R. and Mirzaghorbanali, A. (2018) Prediction of the Main Caving Span in Longwall Mining Using Fuzzy MCDM Technique and Statistical Method. Journal of Mining and Environment, 9, 717-726.

[26]   Cooper, C.R. and Schindler, P.S. (2008) Business Research Methods. 10th Edition, McGraw-Hill, Boston.

[27]   National Commission for the Protection of Human Subjects (1979) Belmont Report: Ethical Principles and Guidelines for the Protection of Human Subjects of Research. Department of Health and Welfare, Washington DC.

[28]   Chen, P., Desmet, L. and Huygens, C. (2014) A Study on Advanced Persistent Threats. In: De Decker, B. and Zúquete, A., Eds., Communications and Multimedia Security, CMS 2014, Lecture Notes in Computer Science, Springer, Berlin, 63-72.

[29]   Dictionary, M.W. (2015) An Encyclopedia Britannica Company.
http://www.merriam-webster.com/dictionary

[30]   Singh, A. and Bora, M.S. (2013) Cyber Threats and Security for Wireless Devices. JECET, 2, 277-284.
https://doi.org/10.2139/ssrn.3419703

[31]   Rouse, M. (2007) Defense in Depth.
http://searchsecurity.techtarget.com/definition/defense-in-depth

[32]   Cobb, M. (2014) Firewall.
http://searchsecurity.techtarget.com/definition/firewall

[33]   Cole, B. (2014) Intrusion Detection System.
http://searchcompliance.techtarget.com/definition/intrusion-detection-systems-IDS

[34]   Mallik, A., Ahsan, A., Shahadat, M. and Tsou, J. (2019) Man-in-the-Middle-Attack: Understanding in Simple Words. International Journal of Data and Network Science, 3, 77-92. https://doi.org/10.5267/j.ijdns.2019.1.001

[35]   Merriam-Webster. (n.d.) Public-Key. In Merriam-Webster.com Dictionary.
https://www.merriam-webster.com/dictionary/public-key

[36]   Pavlyushchik, M.A. (2014) System and Method for Detecting Malicious Code Executed by Virtual Machine. US Patent No. 8713631. U.S. Patent and Trademark Office, Washington DC.

 
 
Top