Abstract
Cybersecurity research is gaining a lot of importance in recent times. Bibliometric analysis of cyber security research showed major areas and their overlapping. Due to overlapping research areas with allied areas like system engineering, networking, computer science, information technology, management science, etc., the impact of cyber security research is often hard to gauge. This chapter aims to present the research dimension of cyber security as a number of use cases and an attempt to connect the researcher to understand research areas of cyber security and its complexities through use cases to make them visualize the problem better. In this chapter, the following use cases are presented and analyzed: the role of social media in cyber security issues, how traditional network-based attacks influence the IoT environment, the dynamics of malware and its impact on AI-based detection systems, and security in embedded systems.
TopIntroduction
The exponential growth in the number of incidents in cyberspace has become a concern for every individual. Organizations are investigating enormous resources to tackle the menace of cyber-attack; however, they are still not foolproof. The economics of cyber security is a very interesting domain for researchers to study the causal relationship of heterogonous factors. One of the dominating factors that the attackers exploit cyberspace is financial gain. The variety of cybercrimes can be seen as a product line with different values to be realized if seen from the context of consumerism. It is also interesting to observe that the nature of cyber incidents is changing and evolving from simple logic based to malicious code to tricking human minds. The sophistication of attacks is increasing over time and becoming more and more complicated (Li & Liu, 2021).
Cyber security has become the top priority for the organization, governments and other stakeholders. The rough estimates show that the market reached 173.5 billion in 2022 (Markets and Markets, 2023). Protecting information in cyberspace is highly challenging. The data leakage alone was USD 4.35 million in 2022 (IBM Security, 2022). Ransomware attacks have become a revenue generation industry for many involved in such businesses, with a whopping $ 14 billion in the 2022 global market size (Searchlogistics, 2023). Some industries vulnerable to ransomware attacks are the health sector, financial institutions, ICT companies, etc.
Similarly, if we look at the attacks landscape in the critical infrastructure sector, the highly sophisticated malware targets ways to penetrate the system without getting detected. Another threat that is quite a concern is the insider threat, and therefore critical infrastructure companies are using techniques like design in privacy to handle it. Another attack vector surfacing in the threat landscape is using social engineering techniques to exploit information systems. Attackers are using tricks and techniques to compromise the human decision-making process and compromising information systems. Social engineering-based attacks have become quite popular, and countries with significant populations are the most affected.
Cyber security as a field of research is trending. Researchers are trying to explore directly, indirectly and associative areas of research in the domain of cyber security as the potential domain of research which is scientific and has a future potential. Cybersecurity research is categorized as fundamental research, mainly cryptography. However, this research domain is relatively essential but limited in its way, and researchers are looking more into the applied side of cyber security. Applied cyber security requires much of experimental and validation aspects. Researchers must also find a robust framework for validating the outcome in real-time. There is also a lot of interdisciplinary research. This category of cyber security research is linked with overlapping areas, e.g., computer vision is used in cyber security space, and natural language processing (NLP) is applied in securing cyberspace. Similarly, digital signal processing is used in biometric systems. The fundamental point of differentiation is that the application of the research is in the domain of cyber security, but the scientific model is being adopted from other fields of research.
Key Terms in this Chapter
Network Security: It refers to the tools and techniques used to protect the interconnected devices forming part of the information and communication system.
Hate Speech Detection: It refers to tools and techniques used in detecting hateful content being uploaded, circulated and used for malicious use in social media. Hate Speech refers to content with a negative orientation targeted to some group, individuals, society or government.
Malware Detection: It refers to tools and techniques used in the detection of malicious code that can potentially harm the systems.
Social media: It refers to an online platform that facilitates the network of individuals with some common interest, community building, interactions and sharing of information.
Artificial Intelligence (AI): It refers to a system that has the capability of making inferences based on the learning of the system.
Fake News Detection: It refers to tools and techniques used in the detection of information which is not true, genuine or has any reality.
Internet of Things (IoT): It refers to a branch of ubiquitous computing that facilitates interconnected devices capable of sensing, processing and transmitting data.
Machine Learning (ML): It refers to the concept of training the machine with a given dataset to automate the system's decision-making and imitate the ways humans learn.
Distributed Denial of Service Attack (DDoD): It refers to tools and techniques used to detect attacks on the network, systems, applications and others that can exhaust the system by flooding it with different methods, leaving the system unavailable for legitimate services and requests.
Cyber Crime: It refers to activities that can potentially cause harm to systems, applications, networks and other devices forming information and communication system.