IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v13y2021i8p186-d598444.html
   My bibliography  Save this article

Cost Benefits of Using Machine Learning Features in NIDS for Cyber Security in UK Small Medium Enterprises (SME)

Author

Listed:
  • Nisha Rawindaran

    (Cardiff School of Technologies, Cardiff Metropolitan University, Cardiff CF5 2XJ, Wales, UK
    Aytel Systems Ltd., Cardiff CF3 2PU, Wales, UK
    KESS2, Knowledge Economy Skills Scholarships, Supported by European Social Funds (ESF), Bangor University, Bangor, Gwynedd LL57 2DG, Wales, UK)

  • Ambikesh Jayal

    (Cardiff School of Technologies, Cardiff Metropolitan University, Cardiff CF5 2XJ, Wales, UK)

  • Edmond Prakash

    (Cardiff School of Technologies, Cardiff Metropolitan University, Cardiff CF5 2XJ, Wales, UK)

  • Chaminda Hewage

    (Cardiff School of Technologies, Cardiff Metropolitan University, Cardiff CF5 2XJ, Wales, UK)

Abstract

Cyber security has made an impact and has challenged Small and Medium Enterprises (SMEs) in their approaches towards how they protect and secure data. With an increase in more wired and wireless connections and devices on SME networks, unpredictable malicious activities and interruptions have risen. Finding the harmony between the advancement of technology and costs has always been a balancing act particularly in convincing the finance directors of these SMEs to invest in capital towards their IT infrastructure. This paper looks at various devices that currently are in the market to detect intrusions and look at how these devices handle prevention strategies for SMEs in their working environment both at home and in the office, in terms of their credibility in handling zero-day attacks against the costs of achieving so. The experiment was set up during the 2020 pandemic referred to as COVID-19 when the world experienced an unprecedented event of large scale. The operational working environment of SMEs reflected the context when the UK went into lockdown. Pre-pandemic would have seen this experiment take full control within an operational office environment; however, COVID-19 times has pushed us into a corner to evaluate every aspect of cybersecurity from the office and keeping the data safe within the home environment. The devices chosen for this experiment were OpenSource such as SNORT and pfSense to detect activities within the home environment, and Cisco, a commercial device, set up within an SME network. All three devices operated in a live environment within the SME network structure with employees being both at home and in the office. All three devices were observed from the rules they displayed, their costs and machine learning techniques integrated within them. The results revealed these aspects to be important in how they identified zero-day attacks. The findings showed that OpenSource devices whilst free to download, required a high level of expertise in personnel to implement and embed machine learning rules into the business solution even for staff working from home. However, when using Cisco, the price reflected the buy-in into this expertise and Cisco’s mainframe network, to give up-to-date information on cyber-attacks. The requirements of the UK General Data Protection Regulations Act (GDPR) were also acknowledged as part of the broader framework of the study. Machine learning techniques such as anomaly-based intrusions did show better detection through a commercially subscription-based model for support from Cisco compared to that of the OpenSource model which required internal expertise in machine learning. A cost model was used to compare the outcome of SMEs’ decision making, in getting the right framework in place in securing their data. In conclusion, finding a balance between IT expertise and costs of products that are able to help SMEs protect and secure their data will benefit the SMEs from using a more intelligent controlled environment with applied machine learning techniques, and not compromising on costs.

Suggested Citation

  • Nisha Rawindaran & Ambikesh Jayal & Edmond Prakash & Chaminda Hewage, 2021. "Cost Benefits of Using Machine Learning Features in NIDS for Cyber Security in UK Small Medium Enterprises (SME)," Future Internet, MDPI, vol. 13(8), pages 1-36, July.
  • Handle: RePEc:gam:jftint:v:13:y:2021:i:8:p:186-:d:598444
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/13/8/186/pdf
    Download Restriction: no

    File URL: https://www.mdpi.com/1999-5903/13/8/186/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Alberto Sardi & Alessandro Rizzi & Enrico Sorano & Anna Guerrieri, 2020. "Cyber Risk in Health Facilities: A Systematic Literature Review," Sustainability, MDPI, vol. 12(17), pages 1-16, August.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Basile, L.J. & Carbonara, N. & Panniello, U. & Pellegrino, R., 2024. "The role of big data analytics in improving the quality of healthcare services in the Italian context: The mediating role of risk management," Technovation, Elsevier, vol. 133(C).
    2. Petratos, Pythagoras N., 2021. "Misinformation, disinformation, and fake news: Cyber risks to business," Business Horizons, Elsevier, vol. 64(6), pages 763-774.
    3. Frida Betto & Alberto Sardi & Patrizia Garengo & Enrico Sorano, 2022. "The Evolution of Balanced Scorecard in Healthcare: A Systematic Review of Its Design, Implementation, Use, and Review," IJERPH, MDPI, vol. 19(16), pages 1-22, August.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:13:y:2021:i:8:p:186-:d:598444. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.