乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,26]],"date-time":"2025-04-26T05:28:21Z","timestamp":1745645301498,"version":"3.37.3"},"reference-count":60,"publisher":"MDPI AG","issue":"8","license":[{"start":{"date-parts":[[2021,7,21]],"date-time":"2021-07-21T00:00:00Z","timestamp":1626825600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Future Internet"],"abstract":"Cyber security has made an impact and has challenged Small and Medium Enterprises (SMEs) in their approaches towards how they protect and secure data. With an increase in more wired and wireless connections and devices on SME networks, unpredictable malicious activities and interruptions have risen. Finding the harmony between the advancement of technology and costs has always been a balancing act particularly in convincing the finance directors of these SMEs to invest in capital towards their IT infrastructure. This paper looks at various devices that currently are in the market to detect intrusions and look at how these devices handle prevention strategies for SMEs in their working environment both at home and in the office, in terms of their credibility in handling zero-day attacks against the costs of achieving so. The experiment was set up during the 2020 pandemic referred to as COVID-19 when the world experienced an unprecedented event of large scale. The operational working environment of SMEs reflected the context when the UK went into lockdown. Pre-pandemic would have seen this experiment take full control within an operational office environment; however, COVID-19 times has pushed us into a corner to evaluate every aspect of cybersecurity from the office and keeping the data safe within the home environment. The devices chosen for this experiment were OpenSource such as SNORT and pfSense to detect activities within the home environment, and Cisco, a commercial device, set up within an SME network. All three devices operated in a live environment within the SME network structure with employees being both at home and in the office. All three devices were observed from the rules they displayed, their costs and machine learning techniques integrated within them. The results revealed these aspects to be important in how they identified zero-day attacks. The findings showed that OpenSource devices whilst free to download, required a high level of expertise in personnel to implement and embed machine learning rules into the business solution even for staff working from home. However, when using Cisco, the price reflected the buy-in into this expertise and Cisco\u2019s mainframe network, to give up-to-date information on cyber-attacks. The requirements of the UK General Data Protection Regulations Act (GDPR) were also acknowledged as part of the broader framework of the study. Machine learning techniques such as anomaly-based intrusions did show better detection through a commercially subscription-based model for support from Cisco compared to that of the OpenSource model which required internal expertise in machine learning. A cost model was used to compare the outcome of SMEs\u2019 decision making, in getting the right framework in place in securing their data. In conclusion, finding a balance between IT expertise and costs of products that are able to help SMEs protect and secure their data will benefit the SMEs from using a more intelligent controlled environment with applied machine learning techniques, and not compromising on costs.<\/jats:p>","DOI":"10.3390\/fi13080186","type":"journal-article","created":{"date-parts":[[2021,7,21]],"date-time":"2021-07-21T15:53:23Z","timestamp":1626882803000},"page":"186","source":"Crossref","is-referenced-by-count":23,"title":["Cost Benefits of Using Machine Learning Features in NIDS for Cyber Security in UK Small Medium Enterprises (SME)"],"prefix":"10.3390","volume":"13","author":[{"given":"Nisha","family":"Rawindaran","sequence":"first","affiliation":[{"name":"Cardiff School of Technologies, Cardiff Metropolitan University, Cardiff CF5 2XJ, Wales, UK"},{"name":"Aytel Systems Ltd., Cardiff CF3 2PU, Wales, UK"},{"name":"KESS2, Knowledge Economy Skills Scholarships, Supported by European Social Funds (ESF), Bangor University, Bangor, Gwynedd LL57 2DG, Wales, UK"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9936-5311","authenticated-orcid":false,"given":"Ambikesh","family":"Jayal","sequence":"additional","affiliation":[{"name":"Cardiff School of Technologies, Cardiff Metropolitan University, Cardiff CF5 2XJ, Wales, UK"}]},{"given":"Edmond","family":"Prakash","sequence":"additional","affiliation":[{"name":"Cardiff School of Technologies, Cardiff Metropolitan University, Cardiff CF5 2XJ, Wales, UK"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7593-6661","authenticated-orcid":false,"given":"Chaminda","family":"Hewage","sequence":"additional","affiliation":[{"name":"Cardiff School of Technologies, Cardiff Metropolitan University, Cardiff CF5 2XJ, Wales, UK"}]}],"member":"1968","published-online":{"date-parts":[[2021,7,21]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"25","DOI":"10.1016\/j.jnca.2017.02.009","article-title":"A survey of intrusion detection in Internet of Things","volume":"84","author":"Miani","year":"2017","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1002\/isaf.1336","article-title":"\u2019Big Data\u2019, the \u2018Internet of Things\u2019, and the \u2018Internet of Signs\u2019","volume":"20","year":"2013","journal-title":"Intell. Syst. Account. Financ. Manag."},{"key":"ref_3","unstructured":"Gartner (2020, October 16). Available online: https:\/\/www.gartner.com\/en\/information-technology\/glossary\/big-data."},{"key":"ref_4","unstructured":"Cox, M., and Ellsworth, D. (2020, January 15). Managing Big Data for Scientific Visualization; ACM Siggraph: 1997. Available online: https:\/\/www.researchgate.net\/profile\/David-Ellsworth-2\/publication\/238704525_Managing_big_data_for_scientific_visualization\/links\/54ad79d20cf2213c5fe4081a\/Managing-big-data-for-scientific-visualization.pdf."},{"key":"ref_5","unstructured":"Ashton, K. (2020, January 15). That \u2018Internet of Things\u2019 Thing. Available online: http:\/\/www.rfidjournal.com\/article\/view\/4986."},{"key":"ref_6","unstructured":"Hernandez, P. (2020, January 15). App Employs Context for Big Dataanalytics Efficiency, Enterprise Apps Today, 18 September 2012. Available online: http:\/\/www.enterpriseappstoday.com\/businessintelligence\/app-employs-context-for-big-data-analyticsefficiency.html."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"20","DOI":"10.1145\/2331042.2331051","article-title":"Big privacy: Protecting confidentiality in big data","volume":"19","author":"Machanavajjhala","year":"2012","journal-title":"XRDS Crossroads ACM Mag. Stud."},{"key":"ref_8","unstructured":"Iman, R.N., Asmiyanto, T., and Inamullah, M.H. (2020). Users\u2019 Awareness of Personal Information on Social Media: Case on Undergraduate Students of Universitas Indonesia. Libr. Philos. Pract., 4473. Available online: \/\/core.ac.uk\/download\/pdf\/345183285.pdf."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Sardi, A., Rizzi, A., Sorano, E., and Guerrieri, A. (2020). Cyber Risk in Health Facilities: A Systematic Literature Review. Sustainability, 12.","DOI":"10.3390\/su12177002"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Dunham, K., and Melnick, J. (2008). Malicious Bots: Aninside Look into the Cyber-Criminal Underground of the Internet, CRC Press.","DOI":"10.1201\/9781420069068"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Gallaher, M.P., Link, A.N., and Rousers, B. (2008). Cybersecurity: Economic Strategies and Public Policy Alternatives, Edward Elgar Publishing.","DOI":"10.4337\/9781781008140"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"140","DOI":"10.3390\/jcp1010008","article-title":"Sharing Machine Learning Models as Indicators of Compromise for Cyber Threat Intelligence","volume":"1","author":"Preuveneers","year":"2021","journal-title":"J. Cybersecur. Priv."},{"key":"ref_13","first-page":"87","article-title":"Ransomware: A research and a personal case study of dealing with this nasty malware","volume":"14","author":"Ali","year":"2017","journal-title":"Issues Inf. Sci. Inf. Technol."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"James, D., and Philip, M. (2012, January 3\u20136). A novel anti-phishing framework based on visual cryptography. Proceedings of the 2012 International Conference on Pousersr, Signals, Controls and Computation, Thrissur, India.","DOI":"10.1109\/EPSCICON.2012.6175228"},{"key":"ref_15","unstructured":"McGuire, M., and Dowling, S. (2020, October 16). Cyber-Crime: A Review of the Evidence. Summary of Key Findings and Implications. Available online: https:\/\/www.bl.uk\/britishlibrary\/~\/media\/bl\/global\/social-welfare\/pdfs\/non-secure\/c\/y\/b\/cyber-crime-a-review-of-the-evidence-chapter-1-cyberdependent-crimes.pdf."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"31","DOI":"10.19101\/IJACR.2016.623006","article-title":"Cybersecurity: Risks, vulnerabilities, and countermeasures to prevent social engineering attacks","volume":"6","author":"Conteh","year":"2016","journal-title":"Int. J. Adv. Comput. Res."},{"key":"ref_17","unstructured":"(2021, January 15). Patrick McCarthy, Patrick McCarthy 2017. Available online: magazineGrid.com."},{"key":"ref_18","unstructured":"(2020, October 16). General Data Protection Regulations (GDPR). Available online: https:\/\/ico.org.uk\/for-organisations\/guide-to-dataprotection\/guide-to-the-general-data-protectionregulation-gdpr\/."},{"key":"ref_19","unstructured":"EasyJet (2020, October 16). Available online: https:\/\/www.bbc.co.uk\/news\/technology-52722626."},{"key":"ref_20","unstructured":"NHS (2020, October 16). Available online: https:\/\/www.bbc.co.uk\/news\/health-39899646."},{"key":"ref_21","unstructured":"Fruhlinger, J. (2020, October 16). Top Cybersecurity Facts, Figures and Statistics. Available online: https:\/\/www.csoonline.com\/article\/3153707\/topcybersecurity-facts-figures-and-statistics.html."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Finnerty, K., Fullick, S., Motha, H., Shah, J.N., Button, M., and Wang, V. (2019). Cyber Security Breaches Survey 2019, Department for Digital, Culture, Media & Sport.","DOI":"10.1016\/S1353-4858(19)30044-3"},{"key":"ref_23","unstructured":"Rawindaran, N., Prakash, E., and Jayal, A. (2020). Management Information Systems and Cyber Security in Government, Public and Private Institutions: Comparison of Developing and Developed Countries, Cardiff Metropolitan University. Available online: https:\/\/figshare.cardiffmet.ac.uk\/AMI2020."},{"key":"ref_24","unstructured":"(2020, October 20). Global Market Insight. Available online: https:\/\/www.globenewswire.com\/newsrelease\/2019\/03\/26\/1767329\/0\/en\/Intrusion-Detection-Prevention-System-Market-to-hit-8bn-by-2025-Global-Market-Insights-Inc.html."},{"key":"ref_25","first-page":"171","article-title":"The open-source definition","volume":"1","author":"Perens","year":"1999","journal-title":"Open Sources Voices Open-Source Revolut."},{"key":"ref_26","unstructured":"ZDNet (2020, March 01). Available online: https:\/\/www.zdnet.com\/article\/its-an-open-source-world-78-percent-of-companies-run-open-source-software\/#:~:text=The%20good%20news%20is%20that,%2C%2078%20percent%2C%20of%20businesses.&text=This%20statistic%20has%20nearly%20doubled,business%20or%20their%20IT%20environments."},{"key":"ref_27","unstructured":"Anderson, J.P. (1980). Computer Security Threat Monitoring and Surveillance, James P Anderson Co.. Technical Report."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1145\/66093.66095","article-title":"The Internet Worm Program: An Analysis","volume":"19","author":"Spafford","year":"1989","journal-title":"ACM Comput. Commun. Rev."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1016\/j.cose.2008.08.003","article-title":"Anomaly-based network intrusion detection: Techniques, systems, and challenges","volume":"28","year":"2009","journal-title":"Comput. Secur."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Scarfone, K., and Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS), National Institute of Standards and Technology. Recommendations of the National Institute of Standards and Technology.","DOI":"10.6028\/NIST.SP.800-94"},{"key":"ref_31","unstructured":"Cisco (2020, January 15). Available online: https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/security\/firepousersr\/620\/configuration\/guide\/fpmc-config-guidev62\/working_with_intrusion_events.html."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"1985","DOI":"10.1007\/s12652-018-0800-9","article-title":"Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment","volume":"10","author":"Bhushan","year":"2019","journal-title":"J. Ambient Intell. Humaniz. Comput."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Howser, G. (2020). The OSI Seven Layer Model. Computer Networks and the Internet, Springer.","DOI":"10.1007\/978-3-030-34496-2"},{"key":"ref_34","first-page":"84","article-title":"Research on intrusion detection and response: A survey","volume":"1","author":"Kabiri","year":"2005","journal-title":"IJ Netw. Secur."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"2641","DOI":"10.1109\/65.283931","article-title":"Network intrusion detection","volume":"8","author":"Mukherjee","year":"1994","journal-title":"IEEE Netw."},{"key":"ref_36","unstructured":"Innella, P., and McMillan, O. (2020, October 16). An Introduction to Intrusion Detection Systems. Available online: www.symantec.com\/connect\/articles\/introduction-ids."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"1803","DOI":"10.1109\/TNSM.2020.3014929","article-title":"Multi-stage optimized machine learning framework for network intrusion detection","volume":"18","author":"Injadat","year":"2020","journal-title":"IEEE Trans. Netw. Serv. Manag."},{"key":"ref_38","unstructured":"Brown, R.J., Hewage, C., and Jayal, A. (2020, January 15). \u201cBreaking and Entering\u201d: Evaluation of the Use of Machine Learning for Code Breaking. Available online: https:\/\/www.researchgate.net\/profile\/Chaminda_Hewage\/publication\/327655930_BREAKING_AND_ENTERING_EVALUATION_OF_THE_USE_OF_MACHINE_LEARNING_FOR_CODE_BREAKING\/links\/5b9c04cc92851ca9ed0a9be8\/BREAKING-AND-ENTERING-EVALUATION-OF-THE-USE-OF-MACHINE-LEARNING-FOR-CODE-BREAKING."},{"key":"ref_39","unstructured":"Hewage, C., Jayal, A., Jenkins, G., and Brown, R.J. (2020, January 15). A Learned Polyalphabetic Decryption Cipher. Available online: https:\/\/www.researchgate.net\/publication\/330244560_A_Learned_Polyalphabetic_Decryption_Cipher."},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Belgrana, F.Z., Benamrane, N., Hamaida, M.A., Chaabani, A.M., and Taleb-Ahmed, A. (2021, January 27\u201328). January 2021. Network Intrusion Detection System Using Neural Network and Condensed Nearest Neighbors with Selection of NSL-KDD Influencing Features. Proceedings of the 2020 IEEE International Conference on Internet of Things and Intelligence System (IoTaIS), Bali, Indonesia.","DOI":"10.1109\/IoTaIS50849.2021.9359689"},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"104216","DOI":"10.1016\/j.engappai.2021.104216","article-title":"Supervised feature selection techniques in network intrusion detection: A critical review","volume":"101","author":"Galatro","year":"2021","journal-title":"Eng. Appl. Artif. Intell."},{"key":"ref_42","unstructured":"(2020, January 15). Machine Learning in Cyber Security Domain\u20147: IDS\/IPS with ML. Available online: https:\/\/www.normshield.com\/machinelearning-in-cyber-security-domain-7-idsips-with-ml\/."},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"1569","DOI":"10.1016\/j.comcom.2004.07.002","article-title":"Anomaly detection methods in wired networks: A survey and taxonomy","volume":"27","year":"2004","journal-title":"Comput. Commun."},{"key":"ref_44","unstructured":"Denning, D.E., and Neumann, P.G. (1985). Requirements, and Model for IDES\u2014A Real-Time Intrusion Detection System, Computer Science Laboratory, SRI International. Technical Report 83F83-01-00."},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"222","DOI":"10.1109\/TSE.1987.232894","article-title":"An intrusion-detection model","volume":"13","author":"Denning","year":"1987","journal-title":"IEEE Trans. Softw. Eng."},{"key":"ref_46","unstructured":"(2020, January 15). SNORT WEBSITE Reference. Available online: https:\/\/www.snort.org\/."},{"key":"ref_47","first-page":"2395","article-title":"A Review paper on pfSense\u2014An Open-source firewall introducing with different capabilities customization","volume":"3","author":"Patel","year":"2017","journal-title":"IJARIIE"},{"key":"ref_48","first-page":"23","article-title":"A short survey of intrusion detection systems","volume":"58","year":"2007","journal-title":"Probl. Eng. Cybern. Robot."},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"Lee, J., Pak, J., and Lee, M. (2020, January 21\u201323). October. Network Intrusion Detection System using Feature Extraction based on Deep Sparse Autoencoder. Proceedings of the 2020 International Conference on Information and Communication Technology Convergence (ICTC), Jeju Island, Korea.","DOI":"10.1109\/ICTC49870.2020.9289253"},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"113580","DOI":"10.1016\/j.dss.2021.113580","article-title":"A dynamic simulation approach to support the evaluation of cyber risks and security investments in SMEs","volume":"147","author":"Armenia","year":"2021","journal-title":"Decis. Support Syst."},{"key":"ref_51","first-page":"511","article-title":"Exploring Cybersecurity Ecosystem in the Middle East: Towards an SME Recommender System","volume":"10","author":"Ahmed","year":"2021","journal-title":"J. Cyber Secur. Mobil."},{"key":"ref_52","unstructured":"Mansfield, M. (2021, July 21). Cyber Security Statistics: Numbers Small Businesses Need to Know. Available online: https:\/\/smallbiztrends.com\/2017\/01\/cyber-security-statistics-small-business.html."},{"key":"ref_53","unstructured":"Kothari, C.R. (2004). Research Methodology: Methods and Techniques, New Age International."},{"key":"ref_54","unstructured":"Cisco (2020, January 15). Available online: https:\/\/www.cisco.com\/c\/en\/us\/products\/collateral\/security\/asa-5500-series-next-generationfirewalls\/datasheet-c78-733916.html."},{"key":"ref_55","unstructured":"Cisco (2020, January 15). Available online: https:\/\/blogs.cisco.com\/security\/anomaly-vsvulnerability-detection-using-cisco-ips."},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"277","DOI":"10.1108\/09685221011079199","article-title":"A survey of intrusion detection and prevention systems","volume":"18","author":"Patel","year":"2010","journal-title":"Inf. Manag. Comput. Secur."},{"key":"ref_57","first-page":"229","article-title":"Snort: Lightweight intrusion detection for networks","volume":"99","author":"Roesch","year":"1999","journal-title":"Lisa"},{"key":"ref_58","unstructured":"(2020, March 20). Steve Gantz. Available online: https:\/\/www.youtube.com\/watch?v=RwWM0srLSg0."},{"key":"ref_59","unstructured":"S\u00f6nmez, F.\u00d6., and G\u00fcnel, B. (2018, January 3\u20134). Evaluation of Security Information and Event Management Systems for Custom Security Visualization Generation. Proceedings of the 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT), Ankara, Turkey."},{"key":"ref_60","unstructured":"(1997). Algorithms in C: Fundamentals, Data Structures, Sorting, Searching, Robert Sedgewick, Addison-Wesely Publishing Company, Melbourne Wesley Cummings."}],"container-title":["Future Internet"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-5903\/13\/8\/186\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,15]],"date-time":"2024-07-15T20:39:00Z","timestamp":1721075940000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-5903\/13\/8\/186"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,7,21]]},"references-count":60,"journal-issue":{"issue":"8","published-online":{"date-parts":[[2021,8]]}},"alternative-id":["fi13080186"],"URL":"https:\/\/doi.org\/10.3390\/fi13080186","relation":{},"ISSN":["1999-5903"],"issn-type":[{"type":"electronic","value":"1999-5903"}],"subject":[],"published":{"date-parts":[[2021,7,21]]}}}