Have a personal or library account? Click to login
Data Sharing and Use in Cybersecurity Research Cover

Data Sharing and Use in Cybersecurity Research

Data Science Journal
Volume 23 (2024): Issue 1
By: Inna Kouper and  Stacy Stone  
Open Access
|Jan 2024

References

  1. 1Abbott, RG, McClain, J, Anderson, B, Nauer, K, Silva, A and Forsythe, C. 2015. Log analysis of cyber security training exercises. Procedia Manufacturing, 3: 50885094. DOI: 10.1016/j.promfg.2015.07.523
    Back to article
  2. 2Arzberger, P, Schroeder, P, Beaulieu, A, Bowker, GC, Casey, K, Laaksonen, L, Moorman, D, Uhlir, PF and Wouters, P. 2006. Promoting access to public research data for scientific, economic, and social development. Data Science Journal, 3: 135152. DOI: 10.2481/dsj.3.135
    Back to article
  3. 3Atapour-Abarghouei, A, McGough, AS and Wall, DS. 2020. Resolving the cybersecurity data sharing paradox to scale up cybersecurity via a co-production approach towards data sharing. In: 2020 IEEE International Conference on Big Data (Big Data). pp. 38673876. DOI: 10.1109/BigData50022.2020.9378014
    Back to article
  4. 4Azhar, M, Bhatia, S, Gagne, G, Kari, C, Maguire, J, Mountrouidou, X, Tudor, L, Vosen, D and Yuen, TT. 2019. Securing the human: Broadening diversity in cybersecurity. In: Proceedings of the 2019 ACM Conference on Innovation and Technology in Computer Science Education. New York, NY, USA: ACM. pp. 251252. DOI: 10.1145/3304221.3325537
    Back to article
  5. 5Baker, K and Millerand, F. 2012. Infrastructuring ecology: Challenges in achieving data sharing. In: Parker, J, Vermeulen, N and Penders, B (eds.), Collaboration in the New Life Sciences. Ashgate. pp. 111138.
    Back to article
  6. 6Balenson, D, Tinnel, L and Benzel, T. 2015. Cybersecurity experimentation of the future (CEF): Catalyzing a new generation of experimental cybersecurity research. SRI International and USC Information Sciences Institute. Available at https://cef.cyberexperimentation.org/application/files/2616/2160/7871/CEF_Final_Report_Bound_20150922.pdf
    Back to article
  7. 7Balenson, D, Tinnel, LS and Kouper, I. 2020. Panel discussion and audience dialogue: Sharing artifacts and data for cybersecurity experimentation. Available at https://www.usenix.org/conference/cset20/panel [Last accessed 11 August 2020].
    Back to article
  8. 8Bechhofer, S, De Roure, D, Gamble, M, Goble, C and Buchan, I. 2010. Research objects: Towards exchange and reuse of digital knowledge. Nature Precedings, (ERIM Project Document erim1rep091103ab12). DOI: 10.1038/npre.2010.4626
    Back to article
  9. 9Berman, F, Wilkinson, R and Wood, J. 2014. Building global infrastructure for data sharing and exchange through the research data alliance. D-Lib Magazine, 20(1/2): 14. DOI: 10.1045/january2014-berman
    Back to article
  10. 10Blackfire Technology, Inc. 2019. Impact CyberTrust. Available at https://www.impactcybertrust.org/ [Last accessed 3 February 2022].
    Back to article
  11. 11Brown, C, Cowperthwaite, A, Hijazi, A and Somayaji, A. 2009. Analysis of the 1999 DARPA/Lincoln Laboratory IDS evaluation data with NetADHICT. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications. pp. 17. DOI: 10.1109/CISDA.2009.5356522
    Back to article
  12. 12Brynielsson, J, Franke, U, Tariq, MA and Varga, S. 2016. Using cyber defense exercises to obtain additional data for attacker profiling. In: 2016 IEEE Conference on Intelligence and Security Informatics (ISI). pp. 3742. DOI: 10.1109/ISI.2016.7745440
    Back to article
  13. 13Camp, LJ, Cranor, L, Feamster, N, Feigenbaum, J, Forrest, S, Kotz, D, Lee, W, Savage, S, Smith, S, Spafford, E and Stolfo, S. 2009. Data for cybersecurity research: Process and “Wish List.” Available at https://www.researchgate.net/publication/255960171_Data_for_Cybersecurity_Research_Process_and_Wish_List.
    Back to article
  14. 14Campbell, HA, Micheli-Campbell, MA and Udyawer, V. 2019. Early career researchers embrace data sharing. Trends in Ecology & Evolution, 34(2): 9598. DOI: 10.1016/j.tree.2018.11.010
    Back to article
  15. 15Cavelty, MD. 2018. Cybersecurity research meets science and technology studies. Politics and Governance, 6(2): 2230. DOI: 10.17645/pag.v6i2.1385
    Back to article
  16. 16Chawinga, WD and Zinn, S. 2019. Global perspectives of research data sharing: A systematic literature review. Library & Information Science Research, 41(2): 109122. DOI: 10.1016/j.lisr.2019.04.004
    Back to article
  17. 17Choucri, N, Madnick, S and Koupke, P. 2018. Institutions for cybersecurity: International responses and data sharing initiatives. The MIT Press. DOI: 10.7551/mitpress/11636.003.0003
    Back to article
  18. 18Craigen, D, Diakun-Thibault, N and Purse, R. 2014. Defining cybersecurity. Technology Innovation Management Review, 4(10): 1321. DOI: 10.22215/timreview/835
    Back to article
  19. 19Cybersecurity. 2009. Cybersecurity Glossary. Available at https://niccs.cisa.gov/about-niccs/cybersecurity-glossary#C [Last accessed 22 July 2021].
    Back to article
  20. 20Douglass, K, Allard, S, Tenopir, C, Wu, L and Frame, M. 2013. Managing scientific data as public assets: Data sharing practices and policies among full-time government employees. Journal of the Association for Information Science and Technology, 65(2): 215429. DOI: 10.1002/asi.22988
    Back to article
  21. 21Dumitraş, T. 2018. Worldwide Intelligence Network Environment (WINE). Available at http://users.umiacs.umd.edu/~tdumitra/blog/old/worldwide-intelligence-network-environment/ [Last accessed 29 June 2022].
    Back to article
  22. 22Dumitraş, T and Shou, D. 2011. Toward a standard benchmark for computer security research: The worldwide intelligence network environment (WINE). In: Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security. New York, NY, USA: Association for Computing Machinery. pp. 8996. DOI: 10.1145/1978672.1978683
    Back to article
  23. 23Fisk, G, Ardi, C, Pickett, N, Heidemann, J, Fisk, M and Papadopoulos, C. 2015. Privacy principles for sharing cyber security data. In: 2015 IEEE Security and Privacy Workshops. pp. 193197. DOI: 10.1109/SPW.2015.23
    Back to article
  24. 24Fontugne, R, Borgnat, P, Abry, P and Fukuda, K. 2010. MAWILab: Combining diverse anomaly detectors for automated anomaly labeling and performance benchmarking. In: Proceedings of the 6th International Conference. New York, NY, USA: ACM. DOI: 10.1145/1921168.1921179
    Back to article
  25. 25Gormley, CJ and Gormley, SJ. 2012. Data hoarding and information clutter: The impact on cost, life span of data, effectiveness, sharing, productivity, and knowledge management culture. Issues in Information Systems, 13(2): 9095.
    Back to article
  26. 26Hrynaszkiewicz, I, Harney, J and Cadwallader, L. 2021. A survey of researchers’ needs and priorities for data sharing. Data Science Journal, 20(1): 31. DOI: 10.5334/dsj-2021-031
    Back to article
  27. 27Hui, P, Bruce, J, Fink, G, Gregory, M, Best, D, McGrath, L and Endert, A. 2010. Towards efficient collaboration in cyber security. In: 2010 International Symposium on Collaborative Technologies and Systems. IEEE Computer Society. pp. 489498. DOI: 10.1109/CTS.2010.5478473
    Back to article
  28. 28Information Centre of Excellence for Tech Innovation (ISCX). 2007. Datasets. Available at http://www.iscx.ca/datasets/ [Last accessed 3 February 2022].
    Back to article
  29. 29InfraGuard. 2018. Available at https://www.infragard.org/ [Last accessed 3 February 2022].
    Back to article
  30. 30Ives, ZG, Green, TJ, Karvounarakis, G, Taylor, NE, Tannen, V, Talukdar, PP, Jacob, M and Pereira, F. 2008. The ORCHESTRA Collaborative Data Sharing System. ACM SIGMOD Record, 37(3): 2632. DOI: 10.1145/1462571.1462577
    Back to article
  31. 31Kashef, R, Freunek, M, Schwartzentruber, J, Samavi, R, Bulgurcu, B, Khan, AJ and Santos, M. 2023. Bridging the bubbles: Connecting academia and industry in cybersecurity research. [Preprint]. DOI: 10.32920/24132645.v1
    Back to article
  32. 32Kemmerer, RA. 2003. Cybersecurity. In: Proceedings of the 25th International Conference on Software Engineering. pp. 705715. DOI: 10.1109/ICSE.2003.1201257
    Back to article
  33. 33Larivière, V, Ni, C, Gingras, Y, Cronin, B and Sugimoto, CR. 2013. Bibliometrics: Global gender disparities in science. Nature, 504(7479): 211213. DOI: 10.1038/504211a
    Back to article
  34. 34Li, Z and Oprea, A. 2016. Operational security log analytics for enterprise breach detection. In: 2016 IEEE Cybersecurity Development (SecDev). pp. 1522. DOI: 10.1109/SecDev.2016.015
    Back to article
  35. 35Linger, R, Goldrich, L, Bishop, M and Dark, M. 2017. Agile research for cybersecurity: creating authoritative, actionable knowledge when speed matters. In: Proceedings of the 50th Hawaii International Conference on System Sciences. DOI: 10.24251/HICSS.2017.723
    Back to article
  36. 36Maciá-Fernández, G, Camacho, J, Magán-Carrión, R, García-Teodoro, P and Therón, R. 2018. UGR’16: A new dataset for the evaluation of cyclostationarity-based network IDSs. Computers and Security, 73: 411424. DOI: 10.1016/j.cose.2017.11.004
    Back to article
  37. 37Mahoney, MV and Chan, PK. 2003. An analysis of the 1999 DARPA/Lincoln Laboratory evaluation data for network anomaly detection. In: Vigna Giovanni and Kruegel, C and Erland, J (eds.), Recent Advances in Intrusion Detection. Berlin, Heidelberg: Springer Berlin Heidelberg. pp. 220237. DOI: 10.1007/978-3-540-45248-5_13
    Back to article
  38. 38Mathew, AJ and Cheshire, C. 2018. A fragmented whole: Cooperation and learning in the practice of information security. UC Berkeley and Packet Clearing House. Available at https://www.pch.net/resources/Papers/A_Fragmented_Whole/.
    Back to article
  39. 39Maxson Jones, K, Ankeny, RA and Cook-Deegan, R. 2018. The Bermuda Triangle: The pragmatics, policies, and principles for data sharing in the history of the Human Genome Project. Journal of the History of Biology, 51(4): 693805. DOI: 10.1007/s10739-018-9538-7
    Back to article
  40. 40McHugh, J. 2000. Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Transactions on Information and System Security, 3(4): 262294. DOI: 10.1145/382912.382923
    Back to article
  41. 41MIT Lincoln Laboratory. 2016. Cyber Grand Challenge – Datasets. Available at https://www.ll.mit.edu/r-d/datasets/cyber-grand-challenge-datasets [Last accessed 3 February 2022].
    Back to article
  42. 42Moore, T, Kenneally, E, Collett, M and Thapa, P. 2019. Valuing cybersecurity research datasets (SSRN Scholarly Paper No. ID 3469364). Available at https://papers.ssrn.com/abstract=3469364 [Last accessed 22 July 2021].
    Back to article
  43. 43Moustafa, N and Slay, J. 2015. UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS). pp. 16. DOI: 10.1109/MilCIS.2015.7348942
    Back to article
  44. 44Munaiah, N, Pelletier, J, Su, S-H, Yang, S and Meneely, A. 2019. A cybersecurity dataset derived from the national collegiate penetration testing competition. In: 2019 Hawaii International Conference on System Sciences. Available at https://www.rit.edu/academicaffairs/facultyscholarship/submit/download_file.php?id=128537 [Last accessed 6 June 2023].
    Back to article
  45. 45Nelson, B. 2009. Data sharing: Empty archives. Nature, 461(7261): 160163. DOI: 10.1038/461160a
    Back to article
  46. 46Pala, A and Zhuang, J. 2019. Information sharing in cybersecurity: A review. Decision Analysis, 16(3): 172196. DOI: 10.1287/deca.2018.0387
    Back to article
  47. 47Peacock, D and Irons, A. 2017. Gender inequality in cybersecurity: Exploring the gender gap in opportunities and progression. International Journal of Gender, Science and Technology, 9(1): 2544.
    Back to article
  48. 48Plale, BA, Dickson, E, Kouper, I, Liyanage, S, Ma, Y, McDonald, RH, Walsh, JA and Withana, S. 2019. Safe open science for restricted data. Data and Information Management, 3(1): 5060. DOI: 10.2478/dim-2019-0005
    Back to article
  49. 49Poirier, L and Costelloe-Kuehn, B. 2019. Data sharing at scale: A heuristic for affirming data cultures. Data Science Journal, 18(1): 48. DOI: 10.5334/dsj-2019-048
    Back to article
  50. 50Poster, WR. 2018. Cybersecurity needs women. Nature, 555(7698): 577580. DOI: 10.1038/d41586-018-03327-w
    Back to article
  51. 51Ross, MB, Glennon, BM, Murciano-Goroff, R, Berkes, EG, Weinberg, BA and Lane, JI. 2022. Women are credited less in science than men. Nature, 608(7921): 135145. DOI: 10.1038/s41586-022-04966-w
    Back to article
  52. 52San Diego Supercomputer Center. 2020. Center for Applied Internet Data Analysis (CAIDA). CAIDA. Available at https://www.caida.org/ [Last accessed 29 June 2022].
    Back to article
  53. 53Sarker, IH, Kayes, ASM, Badsha, S, Alqahtani, H, Watters, P and Ng, A. 2020. Cybersecurity data science: An overview from machine learning perspective. Journal of Big Data, 7(1): 41. DOI: 10.1186/s40537-020-00318-5
    Back to article
  54. 54Sauerwein, C, Pekaric, I, Felderer, M and Breu, R. 2019. An analysis and classification of public information security data sources used in research and practice. Computers & Security, 82: 140155. DOI: 10.1016/j.cose.2018.12.011
    Back to article
  55. 55Scheper, C, Cantor, S and Maughan, D. 2011. PREDICT: A trusted framework for sharing data for cyber security research. In: Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security BADGERS ’11. pp. 105106. DOI: 10.1145/1978672.1978686
    Back to article
  56. 56Sebastian, G. 2022. Could incorporating cybersecurity reporting into SOX have prevented most data breaches at U.S. publicly traded companies? An exploratory study. International Cybersecurity Law Review, 3(2): 367383. DOI: 10.1365/s43439-022-00062-x
    Back to article
  57. 57Serrano, O, Dandurand, L and Brown, S. 2014. On the design of a cyber security data sharing system. In: Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security – WISCS ’14. pp. 6169. DOI: 10.1145/2663876.2663882
    Back to article
  58. 58Shiravi, A, Shiravi, H, Tavallaee, M and Ghorbani, AA. 2012. Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Computers & Security, 31(3): 357374. DOI: 10.1016/j.cose.2011.12.012
    Back to article
  59. 59Shou, D. 2012. Ethical considerations of sharing data for cybersecurity research. In: Danezis, G, Dietrich, S and Sako, K (eds.), Financial Cryptography and Data Security. Berlin, Heidelberg: Springer Berlin Heidelberg. pp. 169177. DOI: 10.1007/978-3-642-29889-9_15
    Back to article
  60. 60Shumba, R, Ferguson-Boucher, K, Sweedyk, E, Taylor, C, Franklin, G, Turner, C, Sande, C, Acholonu, G, Bace, R and Hall, L. 2013. Cybersecurity, women, and minorities: Findings and recommendations from a preliminary investigation. In: Proceedings of the ITiCSE Working Group Reports Conference on Innovation and Technology in Computer Science Education-Working Group Reports. New York, NY, USA: ACM. pp. 114. DOI: 10.1145/2543882.2543883
    Back to article
  61. 61Sommer, R and Paxson, V. 2010. Outside the closed world: On using machine learning for network intrusion detection. In: 2010 IEEE Symposium on Security and Privacy. pp. 305316. DOI: 10.1109/SP.2010.25
    Back to article
  62. 62Sommestad, T and Hallberg, J. 2012. Cyber security exercises and competitions as a platform for cyber security experiments. In: Jøsang, A and Carlsson, B (eds.), Secure IT Systems. Berlin, Heidelberg: Springer Berlin Heidelberg. pp. 4760. DOI: 10.1007/978-3-642-34210-3_4
    Back to article
  63. 63Sperotto, A, Sadre, R, van Vliet, F and Pras, A. 2009. A labeled data set for flow-based intrusion detection. In: Nunzi, G, Scoglio, C and Li, X (eds.), IP Operations and Management. Berlin, Heidelberg: Springer Berlin Heidelberg. pp. 3950. DOI: 10.1007/978-3-642-04968-2_4
    Back to article
  64. 64Su, X, Johnson, J and Bozeman, B. 2015. Gender diversity strategy in academic departments: exploring organizational determinants. Higher Education, 69(5): 839858. DOI: 10.1007/s10734-014-9808-z
    Back to article
  65. 65Sun, N, Zhang, J, Rimba, P, Gao, S, Zhang, LY and Xiang, Y. 2019. Data-driven cybersecurity incident prediction: A survey. IEEE Communications Surveys & Tutorials, 21(2): 17441772. DOI: 10.1109/COMST.2018.2885561
    Back to article
  66. 66Tavallaee, M, Bagheri, E, Lu, W and Ghorbani, AA. 2009. A detailed analysis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications. pp. 16. DOI: 10.1109/CISDA.2009.5356528
    Back to article
  67. 67Tenopir, C, Allard, S, Douglass, K, Aydinoglu, A U, Wu, L, Read, E, Manoff, M and Frame, M. 2011. Data sharing by scientists: Practices and perceptions. PLoS ONE, 6(6). DOI: 10.1371/journal.pone.0021101
    Back to article
  68. 68Tuma, K and Van Der Lee, R. 2022. The role of diversity in cybersecurity risk analysis: An experimental plan. In: Proceedings of the Third Workshop on Gender Equality, Diversity, and Inclusion in Software Engineering. New York, NY, USA: ACM. pp. 1218. DOI: 10.1145/3524501.3527595
    Back to article
  69. 69University of California Irvine. 1999. KDD Cup 1999 Data. Available at https://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html [Last accessed 3 February 2022].
    Back to article
  70. 70US Department of Homeland Security. 2022. Cyber Information Sharing and Collaboration Program (CISCP). Available at https://www.cisa.gov/ciscp [Last accessed 3 February 2022].
    Back to article
  71. 71Walton, S, Wheeler, PR, Zhang, Y (Ian) and Zhao, X (Ray). 2021. An integrative review and analysis of cybersecurity research: Current state and future directions. Journal of Information Systems, 35(1): 155186. DOI: 10.2308/ISYS-19-033
    Back to article
  72. 72Yanakiev, Y. 2020. A governance model of a collaborative networked organization for cybersecurity research. Information & Security, 46(1): 7998. DOI: 10.11610/isij.4606
    Back to article
  73. 73Zheng, M, Robbins, H, Chai, Z, Thapa, P and Moore, T. 2018. Cybersecurity research datasets: Taxonomy and empirical analysis. In: 11th USENIX Workshop on Cyber Security Experimentation and Test CSET-18. Available at https://www.usenix.org/system/files/conference/cset18/cset18-paper-zheng.pdf [Last accessed 22 July 2021].
    Back to article
DOI: https://doi.org/10.5334/dsj-2024-003 | Journal eISSN: 1683-1470
Journal RSS Feed
Language: English
Submitted on: Jun 20, 2023
Accepted on: Dec 15, 2023
Published on: Jan 19, 2024
Published by: Ubiquity Press
In partnership with: Paradigm Publishing Services
Publication frequency: 1 issue per year
Keywords:
data sharing,
cybersecurity research,
open data,
cyberinfrastructure

© 2024 Inna Kouper, Stacy Stone, published by Ubiquity Press
This work is licensed under the Creative Commons Attribution 4.0 License.

Previous articleVolume 23 (2024): Issue 1Next article