-
Future developments in standardisation of cyber risk in the Internet of Things (IoT)
Authors:
Petar Radanliev,
David C De Roure,
Jason RC Nurse,
Rafael Mantilla Montalvo,
Stacy Cannady,
Omar Santos,
Peter Burnap,
Carsten Maple
Abstract:
In this research article, we explore the use of a design process for adapting existing cyber risk assessment standards to allow the calculation of economic impact from IoT cyber risk. The paper presents a new model that includes a design process with new risk assessment vectors, specific for IoT cyber risk. To design new risk assessment vectors for IoT, the study applied a range of methodologies,…
▽ More
In this research article, we explore the use of a design process for adapting existing cyber risk assessment standards to allow the calculation of economic impact from IoT cyber risk. The paper presents a new model that includes a design process with new risk assessment vectors, specific for IoT cyber risk. To design new risk assessment vectors for IoT, the study applied a range of methodologies, including literature review, empirical study and comparative study, followed by theoretical analysis and grounded theory. An epistemological framework emerges from applying the constructivist grounded theory methodology to draw on knowledge from existing cyber risk frameworks, models and methodologies. This framework presents the current gaps in cyber risk standards and policies, and defines the design principles of future cyber risk impact assessment. The core contribution of the article therefore, being the presentation of a new model for impact assessment of IoT cyber risk.
△ Less
Submitted 29 April, 2020; v1 submitted 11 March, 2019;
originally announced March 2019.
-
Future developments in cyber risk assessment for the internet of things
Authors:
Petar Radanliev,
David Charles De Roure,
Razvan Nicolescu,
Michael Huth,
Rafael Mantilla Montalvo,
Stacy Cannady,
Peter Burnap
Abstract:
This article is focused on the economic impact assessment of Internet of Things (IoT) and its associated cyber risks vectors and vertices - a reinterpretation of IoT verticals. We adapt to IoT both the Cyber Value at Risk model, a well-established model for measuring the maximum possible loss over a given time period, and the MicroMort model, a widely used model for predicting uncertainty through…
▽ More
This article is focused on the economic impact assessment of Internet of Things (IoT) and its associated cyber risks vectors and vertices - a reinterpretation of IoT verticals. We adapt to IoT both the Cyber Value at Risk model, a well-established model for measuring the maximum possible loss over a given time period, and the MicroMort model, a widely used model for predicting uncertainty through units of mortality risk. The resulting new IoT MicroMort for calculating IoT risk is tested and validated with real data from the BullGuard's IoT Scanner - over 310,000 scans - and the Garner report on IoT connected devices. Two calculations are developed, the current state of IoT cyber risk and the future forecasts of IoT cyber risk. Our work therefore advances the efforts of integrating cyber risk impact assessments and offer a better understanding of economic impact assessment for IoT cyber risk.
△ Less
Submitted 13 September, 2018;
originally announced September 2018.
-
Exploiting Synergy Between Ontologies and Recommender Systems
Authors:
Stuart E. Middleton,
Harith Alani,
David C. De Roure
Abstract:
Recommender systems learn about user preferences over time, automatically finding things of similar interest. This reduces the burden of creating explicit queries. Recommender systems do, however, suffer from cold-start problems where no initial information is available early on upon which to base recommendations. Semantic knowledge structures, such as ontologies, can provide valuable domain kno…
▽ More
Recommender systems learn about user preferences over time, automatically finding things of similar interest. This reduces the burden of creating explicit queries. Recommender systems do, however, suffer from cold-start problems where no initial information is available early on upon which to base recommendations. Semantic knowledge structures, such as ontologies, can provide valuable domain knowledge and user information. However, acquiring such knowledge and kee** it up to date is not a trivial task and user interests are particularly difficult to acquire and maintain. This paper investigates the synergy between a web-based research paper recommender system and an ontology containing information automatically extracted from departmental databases available on the web. The ontology is used to address the recommender systems cold-start problem. The recommender system addresses the ontology's interest-acquisition problem. An empirical evaluation of this approach is conducted and the performance of the integrated systems measured.
△ Less
Submitted 8 April, 2002;
originally announced April 2002.
-
Capturing Knowledge of User Preferences: ontologies on recommender systems
Authors:
S. E. Middleton,
D. C. De Roure,
N. R. Shadbolt
Abstract:
Tools for filtering the World Wide Web exist, but they are hampered by the difficulty of capturing user preferences in such a dynamic environment. We explore the acquisition of user profiles by unobtrusive monitoring of browsing behaviour and application of supervised machine-learning techniques coupled with an ontological representation to extract user preferences. A multi-class approach to pap…
▽ More
Tools for filtering the World Wide Web exist, but they are hampered by the difficulty of capturing user preferences in such a dynamic environment. We explore the acquisition of user profiles by unobtrusive monitoring of browsing behaviour and application of supervised machine-learning techniques coupled with an ontological representation to extract user preferences. A multi-class approach to paper classification is used, allowing the paper topic taxonomy to be utilised during profile construction. The Quickstep recommender system is presented and two empirical studies evaluate it in a real work setting, measuring the effectiveness of using a hierarchical topic ontology compared with an extendable flat list.
△ Less
Submitted 8 March, 2002;
originally announced March 2002.