Information Security - Essay Example

Introduction It has been tackled in the previous paper the various types of and mechanisms behind every attack, giving special attention to the probable modes by which these attacks can occur. More specifically, it was presented in the review of literature how to diagnose and confirm the occurrence of cyber attacks, with discussions on the methods to hi-jack computer defenses and introduce viruses. In addition, principles of gaming related to cyber attacks, focusing on anomalous information associated to games and malicious programs resulting to software malfunctions were also reviewed. Although a voluminous amount of information which talks about cyber attacks has already been presented, there exist several lapses involving properly recognizing security defense weaknesses and how perpetrators breach computer security. Hence, the purpose of this paper is to address the aforementioned topics, which were not discussed in the previous work. Apart from reviewing security bypass strategies, a study design and possible ways to analyze future data will also be addressed. In the context of computers, the security of data will be difficult to manage if the criteria for proper management will not be converted to something that is measurable. Thus, the quantitative aspects cannot be overlooked because these will allow the researchers to better assess the strength of the system to put off any form of security breach to the system or its capability to hold off cyber attacks. This paper starts off with a brief review of the different research method designs: qualitative, quantitative, or both, and an explanation of the importance of each design over the other. After which, the research questions will be presented, followed by a detailed description of how the research design will be implemented including the inherent limitations and validity issues of the chosen design. Prior to discussing the process of data collection, the functions of the researcher will be briefly tackled. Thereafter, an explanation why the mixed method design was chosen over the other approaches will be provided, wherein the validity and quality of the data that will be retrieved using the said methodology will be established. Moreover, the ways of managing the collected data will also be described. A discussion of the mixed method design, in the context of holistic perspectives will follow, which will be used as a guide to analyze the retrieved data. Method Selection It has been well established that the preconceived notions of the researchers over which research design to use, how data should be collected, and how it should be managed, analyzed, and interpreted are considered as the inherent foundation of the selected research method (Chen and Hirshcheim, 2004). There are three main research designs used in conducting an investigative study: qualitative, quantitative, or mixed. According to Chen and Hirshcheim (2004), the need to secure valid evidence through the use of apt approaches is important to reinforce such notions. The importance of research design, as a principle and as a means to execute a research project cannot be overemphasized. This design, in the context of research, incorporates basic assumptions related to the type of research to be undertaken, and the corresponding data collection, management, and analysis this specific type of research requires. Hence, choosing the appropriate study design is a prerequisite to conducting a good research. One cannot expect to gain good results if the research is not well- planned from the very beginning. The purpose of this chapter is to define the chosen method of the study. Necessary information about the primary research perspective and its setting will also be covered. In addition, the objectives and goals of the study will also be presented, with special attention on how to achieve each objective and how to analyze the data corresponding to that specific objective. This section will also tackle how the device will be developed, the quality of the instrument, assessment scheme to measure the reliability of the data that will be collected, its analysis and interpretation. Theoretical Method of Inquiry The utility of theories as a research tool varies depending on the type of inquiry, whether its qualitative, quantitative, or possessing elements of both. For instance, theoretical principles can help a researcher gain various insights, views, and perspectives on a particular topic, similar to using a lens, when applied to qualitative experimental designs. When used in quantitative research, theories can facilitate the understanding of the relationships and associations among the experimental variables. Creswel (2007) defines quantitative research as a "numerical conversion of observed phenomenon and the manipulation of these numerical data to further understand, describe, and explain these natural phenomena". On the other hand, qualitaraive research calls for a theoretical lens in order to explain a particular behavior elicited by an individual or groups of individuals in relation to social or human issues (Creswel, 2007). In fact, several studies reported that qualitative research is more appropriate to use when the study of interest involves describing a certain phenomenon since there is no need to identify experimental variables, theories dont have to explain the relationships among the observed events, and the researcher is only limited to providing a detailed account of the selected topic (Creswell, 2007; Singleton & Straight, 2005; Strauss and Corbin, 1990). Meanwhile, the mixed method, as defined by Patton (1990) is an approach which combines the perspectives gained from qualitative and quantitaive method to come up with a viable solution for a problem. Needless to say, the mixed method consists of both qualitative and quantitative elements of study design, which includes collection, management, analysis, and interpretation of the quantitative and qualitative data (Patton, 1990). It is quite apparent that understanding of the mixed method requires understanding of the qualitative and quantitative methods first. Also known as inductive method, qualitative research method involves formulating generalizations, explanations, theories, concepts, among others, from the results obtained in the study. This type of approach gives emphasis on finding meanings behind experiences, views, behaviors, beliefs, perceptions, and other non- quantifiable traits of individuals or group of individuals. Hence, qualitative research, according to Denzin and Lincoln (2005), is a "situated activity that locates the observer in the world. It consists of a set of interpretive, material practices that make the world visible…”. From the vantage point of this study, qualitaive research is helpful in identifying the means and strategies by which attackers breach the computers security protection. By using a qualitative approach, it is possible to determine which method, tool, or strategy is the most effective in undermining the systems defenses. It is also possible to establish the relationship between the systems capacity to withstand security breaches and the type of security attack. However, it must be noted that it is not possible for researchers to completely disregard their experiences, perceptions, and biases when using this method, which might affect the credibility and validity of the data. Another way of looking at qualitative research is to define it as a "form of systematic empirical inquiry into meaning" (Shank, 2002). This definition is perhaps the most concise and apt description of what qualitative research is. If we dissect the definition provided by Shank (2002), the term systematic means that there is a step-by-step way of doing things; the term empirical, on the other hand, means that the research questions are anchored on reality; and the phrase inquiry into meaning epitomizes the primary objective of qualitative research, that is, to find meaning into different phenomena. This definition is actually consistent with the one provided by Denzin and Lincoln (2000). According to these authors, "qualitative researchers study things in their natural settings, attempting to make sense of, or to interpret, phenomena in terms of the meanings peoplebring to them" (Denzin and Lincoln, 2000). Although it is true that both quantitative and qualitative approaches can be used to study the specifics of cyber security, each approach tackles the problem differently from each other. According to Everet and Louis (1981), studies involving "inquiry from the inside" are better executed using qualitative research design, while studies involving "inquiry from the outside" are better approached using quantitative designs. If we carefully inspect this statement by Everet and Louis (1981), it can be inferred that the primary purpose of using qualitative research is to shed light to any social problem. However, the utility of qualitative design should not be confined to such functions alone. In fact, some investigators use it to strengthen and compliment the information from quantitative data and can even allow researches to forumulate various hypotheses. Hence, real utility of qualitative study design occurs in a gamut of functions. In fact, the delineation between quantitative and qualitative approaches may sometimes become in distinct. Again, in the context of information security, numeric data can be presented in a qualitative manner. In other words, quantitative data can be transformed to something that are descriptive in nature. For instance, a certain range of values will signifiy medium, low, or high vulnerability to security breach, with low values indicating zero or no risk, and so on. In this case, the numerical information are converted to come up with rankings or categories in order to simplify and facilitate data interpretation. In the language of security metrics, the quantitative values representing each ranking may be significant from each other. Yet in some, this difference does not hold any statistical importance. For instance, the values corresponding to security rankings determined through the analysis of the evaluators will not matter in the final data interpretation because the order or ranking remains the same. Thus, the qualitative scales of measurement such as ratios, intervals, categories, among others are also applicable in the field of information security, According to Borg et al (1989), quantitative research aims to provide a numeric description of certain phenomena and demonstrate associations and causality among the observed events through numbers and figures. Because it plays around with numbers, equations, and quantitative models, quantitative methods make it possible to predict the occurrence of events with less margin of error. On top of that, quantitative approaches strive to optimize the reproducibility, objectivity, and generalizability of the observed events because individual biases related to the researchers’ personal experiences, perceptions, and opinions are minimized. Research tools commonly employed in this kind of approach are surveys and tests for data gathering, and statistical models to analyze data. Incorporating the principles of statistics to analyze data makes it easier to test research hypothesis. Moreoever, quantitative research follows the logic of deduction. This means that conclusions and inferences made from the subset of the population being studied is applicable to the entire population. In fact, Lincoln and Guba (1985) described quantitative designs as a simplistic approach of interpreting observed events because it assumes that the characteristics and circumstances of the sampled population are also true for the entire population. Given (2008) defines quantitative research as an organized way of asking questions and finding answers via mathematical, statistical, or numerical approaches. Specifically, for the purpose of this paper, quantitative design aims to illustrate hypothesis testing by looking at the relationship among the different variables, which can be quantified through certain tools. The numerical data that are collected will then be subjected to a statistical analysis. Similar to qualitative approaches, quantitative research also seeks to satisfy certain assumptions in hypothesis testing such as, but not limited to reproducibility and generalizability of the obtained results, and minimizing sampling errors. In this study, quantitative analysis will be employed in order to facilitate the understanding of how these events occur and see the magnitude and frequency of occurrences. A numerical approach, in the context of this study, will also provide insigths on the statistic of the problem and hence, will hopefully allow the conceptualization and development of solutions addresssing the observed problems. Specifically, this study seeks to identify if the skills of cyber security controlling significantly differs between tne attacker and defender. The data related to this objective are collected and recorded in an organized manner. After which, the entries are typed into a computer database to facilitate the handling and management of the data. By comparing the skills between the attacker and defender, it is possible to establish the relationship between the efficiency of the perpetrators over the strength of the security defense. Mixed Methods While there are some who argue over which research design is better i.e. quantitative or qualitative approach, there are some who combined both techniques and come up with a strategy called mixed method. These researchers took upon themselves to address the weaknesses and inherent limitations of each method by complimenting it with the other approach, bridging the difference between quantitative and qualitative designs in the process. Teddlie and Tashakkori (2009) believed that the mixed method emerged from the multi- trait, multi method approached proposed by Campbell and Fiske in 1959. Although the history of mixed methods can be traced back to the late 1950s, many social scientists still consider this approach relatively new. In fact, it was not until the early 1990s when this technique was acknowledge and eventually used in different studies (Tashakkori, 2009). It is true that the combination of quantitative and qualitative techniques gave way to the emergence of mixed methods, there is more to this combination than what meets the eye, especially in terms of traditional practices related to quantitative methods. . According to Johnson and Onwuegbuzie (2004),“Mixed,… (pp. 17–18).n It can be inferred from this definition that putting together the various characteristics of qualitative and quantitative methods into a single approach is potentially advantageous and complex at the same time. In fact, mixed methods have three identified functions as reported by Caracelli and Greene (1997) which include the following: to determine the congruence of the various data obtained from different tools; to confirm the validity of findings gathered from one method to another method; and to illustrate the ways by which a result from one method can influence the results of other methods. While there are researchers who avidly support and promote the use of mixed methods, not all social scientists though agree with what this combined approach appears to project (Denzin, 2006; Smith &Hodkinson, 2005). In fact, some researchers even believe that there is more to mixed method than just the combination of quantitative and qualitative principles. Implementing mixed methods in a study requires satisfying certain assumptions present in both quantitative and qualitative research designs. Hence, mixed methods appear to be more than the sum of its parts. It is definitely more than gathering and analyzing two different sets of data. What is unique about the mixed method is that both approaches have to be intimately integrated with each other and should be implemented in tandem in order to improve the quality of the study to a degree that cannot be achieved either by quantitative or qualitative design alone (Creswell & Plano Clark, 2007). The mixed method works under the assumption that the insights and perspectives gained from both approaches in unison exceed that when only one of the two approaches is used. Hence, it is logical to say that the combination of both strategies allows researchers to gather better quality information and strong evidences to support or debunk a particular hypothesis. In addition, the mixed method enables one to answer research questions which quantitative or qualitative approach alone fails to answer. Creswell (2012) stated that although it is possible to carry over the weakness of both strategies when combined into a single approach, the combined strength of the two techniques is enough to offset these weaknesses. In this study, the mixed approach provides a means to collect and analyze data from various types of studies. However, just like the individual research approach, the combined approach also requires philosophical assumptions in order to provide direction to the collection and analysis of data. For this study, the use of mixed method over quantitative or qualitative approach alone is based on the ground that mixed research method allows investigators to study various types of dara gathered through different strategies and methods. More importantly, the combined method offers the possibility to offset the innate limitations of each method by using the strength of the other method, not to mention the additional insights and perspectives that can be gained from the two techniques, that is not possible when only one approach is employed. Mixed research falls in- between the quantitative research and qualitative research, with the mixed approach attempting to respectfully the wisdom of both of these viewpoints. Setting and Sample The place where the data collection was done refers to the setting of the study. Since this study aims to evaluate the various methods of security hi-jacking, the tools used by attackers to breach system security, and the principles behind the attacks, the data will be collected from previously done reports and documents. Specifically, the materials from which the data will be extracted include primary research studies about cyber security systems, reports from computer networks, IT companies, and government agencies with large computer databases, among others. The data that will be collected from the said materials will only be limited to publicly accessible data published from year 1990 up to year 2012. Moreover, the database of Association of Information Technology Professionals (AITP) will be used primarily due to the richness and widely diverse information that can be collected from this source. In fact, many studies have also used (AITP) to search and gather information related to network security. The (AITP) houses a wide range of information encompassing those that can be generated for, local area network (LAN), Wide Area Network (WAN), microchips, and mainframe systems, among many others. In fact, AITP appears to be the most appropriate database to use in this study because of the huge number of IT professionals that provide inputs into its collection. AITP provides good texhnical information on the association among security threats, risks, a means to prevent network security attacks. In this study my endeavors is to prevail over the limitations and present novel insights into cyber security practices in several aspects.As every method of data collection has drawback, there are several advantages and problems involving the use of available data (Singleton & Straits, 2010). In cases where past events need to be examined again, using pre-collected data appears to be the only viable option for the researcher. To avoid the shortcomingsof the findings and to maintain the reliability and validity, this research will double checkthe data sources and compares the integrity of the available data. It has been recognized by many investigators that using questionnaires is an easy and fast method of collecting information. However, the design of the questionnaire, which includes the questions to be asked, is rather one of the difficult aspects of this sampling method. In addition, because surveys using questionnaires are very popular, many people seem to take them for granted, resulting in poor response rate. Hence, the use of questionnaires for this research was not considered. It is true though, that identifying which data to include in the study needs to be addressed clearly. However, the issue of which sources to use such as the security professionals where the surveys were conducted is not entirely an impossible task. For instance, a wide rage of data can be provided by the CSI/FBI survey, as indicated by the CSI/FBI (2008) report. However, caution must still be exercised because these agencies omit reports in some instances; especially those information which they deem would affect customer trust. It must be noted that information regarding network security compromise affects the credibility of these agencies, and hence, potential client investments (Glover, Liddle, Prawitt, 2001). For the purpose of this study, a pre-collected available data will be gathered using mixed method research design. The sampling will be random in order to ensure that the probability of all possible cyber attacks will have an equal chance of being sampled and analyzed. Unit of Analysis: The unit of analysis refers to the parameters, which may be objects or events, that the study is looking into (Singleton &Straits, 2010). Hence, the unit of analysis is an indispensable aspect of any research study. In fact, identifying and defining the appropriate unit of analysis is among the first steps in analyzing data (Trochim, 2006). In this study, the chosen unit of analysis is cyber attack, providing emphasis on the forms, methods, and tools used in cyber attacks. The strengths of different security systems to withstand cyber attacks and the measures to prevent future attacks will also be included. The significance of choosing this unit of analysis is that the information that will be gathered from this study will hopefully provide various agencies an idea of the susceptibility and strength of their network security against various forms of attacks. Social scientists’ ultimate objective is to make sense of the social world by understanding inter-relation among events and phenomena (Singleton &Straits, 2010) to provide a metric with which to compare attacker’s and defender’s tools. The objective of this method is to provide a baseline tool that will allow different organizations to have an idea about predetermined levels of cyber security efficiency by manipulating their countermeasure arsenal. Instrument Design and Development The procedures that will be used throughout the conduct of this study are described in detail in order to ensure the reproducibility of the research by other investigators for whatever purpose it may serve them. Strategies in order to improve the efficiency of an instrument to collect a particular type of data will be developed. One specific strategy that the author finds interesting is to employ a classification scheme for incidents that is short and concise in order to minimize the chances of the query from being misinterpreted. In addition, the terminologies that will be used throughout the study will also be clearly defined to avoid confusion. As mentioned earlier, an appropriate instrument will be developed for the purpose of this research. The ultimate goal of this instrument is to be able to identify the various forms of cyber attacks and the associated counter measures of each type. However, the process of intrument development will occur in several stages. Whitmen (2004) and Loch et al (1992) proposed that for network security attacks, a theory approach must be utilized to formulate measures of attack prevention. The grounded theory approach, according to the aforementioned authors allows investigators to better comprehend the principles and mechanisms of the attacks. It has been reported that realibility is among the most significant parameters to measure the quality and consistency of tests, as well as validity. However, establishing the validity of tests appears to be more difficult than it sounds, since identifying errors during any phase of the study is quite difficult. Hence, a systematic approach in data collection will be used in order to ensure the realibility and validity of the results. Even so, certain difficulties regarding the identification of the kind of cyber attack and which part or parts of the system has been targeted will most likely be encountered. In fact, the patterns and trends in cyber security threats also difficult to measure. In spite of the complexity, this study follows a scientific technique to validate these findings. Data Analysis Strategy: For the qualitative aspect of the analysis, the qualitative data, which will be collected from previous studies, incident reports, and the like, will be clustered into different categories and will be described in greater detail. For the quantitative aspect of the analysis, the numeric data, which will be gathered from private and public documents and related sources, will be statistically analyzed using certain statistical tools. Meanwhile, for instrument development, the data analysis will follow two steps. Initially, a qualitative analysis will be employed using an appropriate software in order to formulate assumptions about the attacks. PLS, which requires a technique specific to the analysis of relationships among variables will be used. The inherent problems brought about by the non-recursive relationships will also be tackled before discussing the results and interpretation of data. This non-recursive relationship refers to the sequence of events which include the cyber attack, followed by the systems security defense against the attack, and finally a change in threats. Ideally, a longitudinal data is necessary to analyze these types of relationships. However, since longitudinal data are quite difficult to gather because of problems involving resource availability and the potential threats to the validity of results that this approach brings, a cross-sectional data will be used instead. Furthermore, there is actually no guidelines available that clearly describes the proper way of collecting longitudinal data. Read More