This Epidemiology can be applied to cybersecurity as a novel approach for analysing and detecting cyber threats and their risks. It provides a systematic model for the analysis of likelihood, consequence, management, and prevention measures to examine malicious behaviours like disease. There are a few research studies in discrete cybersecurity risk factors; however, there is a significant research gap on the analysis of collective cyber risk factors and measuring their cyber risk impacts. Effective cybersecurity risk management requires the identification and estimation of the probability of infection, based on a comprehensive range of historical and environmental factors, including human behaviour and technology characteristics. This paper explores how an epidemiological principle can be applied to identify cybersecurity risk factors. These risk factors comprise both human and machine behaviours profiled as risk factors. This paper conducts a preliminary analysis of the relationships between these risk factors utilising Domain Name System (DNS) data sources. The experimental results indicated that the epidemiological principle can effectively examine and estimate cyber risk factors. The proposed principle has a great potential in enhancing new machine learning- enabled intrusion detection solutions by utilising this principle as a risk assessment module of the solutions.
Loading....