Final Draft Thesis

RESEARCH DESIGN 1

RESEARCH DESIGN 7

“Advanced Techniques for Cybercrime Analysis: Identifying and Mitigating Emerging Threats”

American Military University

Research Design

Background

Mixed research is an approach that combines quantitative and qualitative research methods in a single study. It is becoming increasingly popular in cybersecurity research, as it allows researchers to gather numerical data and qualitative insights from individuals or groups to provide a more comprehensive understanding of a particular issue (Hafsa, 2019). This approach can be particularly useful in cybersecurity research because it allows researchers to identify the technical aspects of a security threat and the human factors involved in the threat. This can help design more effective security strategies that consider the different ways that users interact with technology and the security threats they face.

In mixed research studies for the cybersecurity field and experts in the area, the quantitative component often involves collecting data through surveys, questionnaires, or data analysis. For example, researchers may collect data on the frequency and severity of security breaches, the types of attacks that occur most often, or the financial impact of cybercrime. The study's qualitative component may involve interviews with key stakeholders, such as cybersecurity professionals, managers, or employees, to gain a more nuanced understanding of the issues involved. By analyzing both the quantitative and qualitative data, researchers can better understand the complexities of cybersecurity issues and how to address them best (Dawadi et al., 2021). Ultimately, mixed research in cybersecurity can help organizations to develop more effective security strategies that address the multiple facets of security threats. This study will use a mixed research design involving quantitative and qualitative research methods. The study will involve the following steps:

Identification and operationalization of variables:

A critical stage in any research, including mixed-method cybersecurity research, is identifying and operationalising variables. In research, variables are the theories or events under investigation. The variables in cybersecurity research are frequently connected to the various facets of cybersecurity, including threats, vulnerabilities, controls, and impacts. A thorough literature analysis is the first stage in finding the variables. This will reveal what knowledge is already known in the field, including the pertinent theories, concepts, and empirical research. This will make pinpointing the essential factors related to the research question and the study's goals more accessible.

The next step after identifying the variables is to operationalize them, which entails describing and measuring them in a fashion that allows for statistical quantification and analysis (Dawadi et al., 2021). This entails creating a set of metrics for cybersecurity research that can capture the various characteristics of the variables. For instance, the number of security incidents reported, the number of training sessions attended, or the degree of cybersecurity risk awareness could all be considered metrics for the variable "cybersecurity awareness." Similar to the previous example, if the variable is "cybersecurity controls," the measurements may be the quantity of firewalls installed, how frequently security upgrades are made, or the quantity of access control policies in use. The operationalization of variables is crucial because it enables the researcher to gather data that can be statistically examined and guarantees that the data is pertinent to the study's goals and research question.

Sampling plan:

The researcher may employ a purposive sampling strategy to pick 10 IT managers with relevant experience in addressing cybercrime. Participants are chosen for their expertise and familiarity with the research topic (in this case, cyber security, and cybercrime). Researchers can also consider finding potential volunteers through word-of-mouth recommendations from industry insiders or through online resources like LinkedIn that facilitate precise keyword searches among professionals with certain skill sets. If a researcher finds a pool of people who could be interested in participating in a study, they can approach them personally to gauge their interest (Dawadi et al., 2021). Purposive sampling is the most relevant technique for the research because the participants targeted from organizations have significant tasks to address. The best way is to choose the professionals after seeking their approval from their bosses to participate in the study.

Justification of case studies used:

The mixed-methods approach used in the cybersecurity research study is well-justified as it allows for a more comprehensive understanding of the studied topic. Using qualitative and quantitative strategies, the research can gain insights from different perspectives and data sources, resulting in a more holistic view of the issue (Hafsa, 2019). In addition, using in-depth interviews with subject matter experts and surveys of cybercrime-affected businesses ensures that the study has a broad and diverse sample of participants.

Data collection/sources:

The mixed-methods study on cybersecurity will use both primary and secondary sources to compile its data set. Ten IT managers with firsthand expertise in cybercrime will be interviewed in-depth to provide the bulk of the study's key data. Purposeful sampling will be utilized to select the IT managers, who will then be interviewed using a semi-structured questionnaire designed to elicit their thoughts and opinions on cutting-edge methods for detecting and counteracting new forms of cybercrime (Dawadi et al., 2021). With the participants' permission, their interviews will be videotaped, and later, the transcripts will be examined using thematic analysis to draw out common threads and insights. Secondary data will also be acquired by conducting surveys with cybercrime victims' companies. The surveys will be made available through various internet mediums and will include inquiries into the effects of cybercrime on organizations and the methods already in use to counteract them. Descriptive statistics will be used to examine the survey results for recurring themes and clusters (Dawadi et al., 2021). Comprehensive literature and other publicly available documents relating to cybersecurity, such as reports from cybersecurity corporations, government agencies, and academic journals, will be reviewed to identify the secondary data sources.

Many measures will be taken to ensure the validity and trustworthiness of the data. First, a subset of companies will serve as "pilots" for the survey questions to ensure their clarity and readability. Secondly, researchers with expertise in qualitative data-gathering methodologies will be the ones to conduct the interviews. Third, interviewers will check and double-check the transcripts to ensure their answers are recorded correctly (Dawadi et al., 2021). The data analysis methods will then be peer-reviewed by several researchers to guarantee the uniformity and trustworthiness of the findings. A section will be devoted to discussing the study's biases and limitations.

Analysis procedures:

In terms of analysis procedures, the study uses both quantitative and qualitative methods to analyze the data. Qualitative data is analyzed through content analysis, while quantitative data is analyzed using statistical analysis. The analysis process involves identifying patterns, themes, and trends from the data collected to develop insights into the topic of the study (Hafsa, 2019). Several methods, including network analysis, statistical analysis, and content analysis, will then be applied to the compiled data from both primary and secondary sources (Gyamfi & Jurcut, 2022). These methods will be applied to the data to analyze it and draw conclusions.

Limitations of study and bias discussion:

It is important to note that this study has some limitations, including the small sample size of IT managers who were interviewed. This means that the findings may be representative of only some of the population of IT managers, and caution should be taken when generalizing the results (Dawadi et al., 2021). In addition, there may be biases in the data collection process, such as social desirability bias in the survey responses or researcher bias in the interview process. When interpreting the study's results, these limitations and potential biases should be considered.

References

Gyamfi, E., & Jurcut, A. (2022). Intrusion detection in internet of things systems: A review on Design Approaches Leveraging Multi-Access Edge Computing, machine learning, and datasets. Sensors, 22(10), 3744. https://doi.org/10.3390/s22103744

Dawadi, S., Shrestha, S. & Giri, R. (2021). Mixed-Methods Research: A Discussion on its Types, Challenges, and Criticisms. Journal of Studies in Education. 2. 25-36.

Hafsa, N. E. (2019). Mixed Methods Research: An Overview for Beginner Researchers. Retrievedfrom:https://www.researchgate.net/publication/338751170_Mixed_Methods_Research_An_Overview_for_Beginner_Researchers