Data-Driven Cybersecurity
1Sungkyunkwan University, Seoul, Republic of Korea
2Penn State University, State College, USA
3St. Pölten University of Applied Sciences, Sankt Pölten, Austria
4CSIRO Data61, Queensland, Australia
Data-Driven Cybersecurity
Description
In traditional cybersecurity approaches, data are managed in an ad hoc manner and often manually handled by a few experienced security analysts. However, as an increasing number of cybersecurity threats continuously appear over time, such conventional treatments have encountered limitations in mitigating cybersecurity threats and reducing their risks due to the fact that numerous advanced attacks are created and spread very quickly throughout the Internet. To address this issue, we need to develop more flexible and efficient security mechanisms that can respond to threats and update security rules in order to mitigate them in a timely manner. To develop such security mechanisms, it is inherently required to analyze a massive amount of data generated from various applications and generate proper security rules/policies with minimal human intervention in an automated manner.
To accomplish this goal, researchers are starting to use tools like Artificial Intelligence (AI) and Machine Learning (ML). Many of newly emerging security solutions are already adopting more data-driven approaches. Security Information and Event Management (SIEM) systems are a good example of this trend.
This special issue solicits original contributions dealing with data-driven analysis methods and techniques for cybersecurity solutions. Practical and theoretical papers related to data-driven analysis in cybersecurity are welcome.
Potential topics include but are not limited to the following:
- Data-driven cyber threat and incident analysis
- Data-driven software testing
- Data-driven threat anticipation
- Data-driven security architecture
- Data-driven security incident management or response
- Cybersecurity data analytics and visualization
- AI for cybersecurity