Abstract
Information security has become a central societal concern over the past two decades. Few studies have examined the information security research domain, and no literature has been found that has applied an objective, quantitative methodology. The central aim of the current research was to quantitatively describe the profile and evolution of the information security specialty. Bibliometric data extracted from 74,021 Scopus research records published from 1965 to 2015 were examined using impact and productivity measures as well as co-word and domain visualization techniques. This scientometric study presents a comprehensive view of the information security specialty from several perspectives (e.g., temporal, seminal papers, institutions, sources, authors). After a long and steady period of growth (1965–2004), an exponential publication output occurred between 2005 and 2010. Among all the countries involved in information security research, the United States and China had the greatest impact, and China has surpassed the United States in terms of productivity. Information security as a specialty is largely populated by publications from the technical fields of computer science and engineering. Several research themes were found throughout the decades (e.g., cryptography and information security management and administration), and emergent research subspecialties appeared in later decades (e.g., intrusion detection, medical data security, steganography, wireless security). This study reduces the complexity of the specialty to controllable terms, supplies objective data for science policy making, identifies the salient bibliographic units, and uncovers growth patterns. It also serves as an information retrieval tool to identify important papers, authors, and institutions.
References
Avižienis, A., Laprie, J. C., Randell, B., & Landwehr, C. (2004). Basic concepts and taxonomy of dependable and secure computing. IEEE Transactions on Dependable and Secure Computing, 1(1), 11–33.
Bajwa, R. S., Yaldram, K., & Rafique, S. (2013). A scientometric assessment of research output in nanoscience and nanotechnology: Pakistan perspective. Scientometrics, 94(1), 333–342.
Barabasi, A. L., & Bonabeau, E. (2003). Scale-free networks. Scientific America, 288, 60–69.
Baskaran, C. (2013). Scientometric analysis of cryptography research output. SRELS Journal of Information Management, 50(4), 413–421.
Batistič, S., & Kaše, R. (2015). The organizational socialization field fragmentation: A bibliometric review. Scientometrics, 104(1), 121–146.
Blažun, H., Kokol, P., & Vošner, J. (2015). Research literature production on nursing competences from 1981 till 2012: A bibliometric snapshot. Nurse Education Today, 35(5), 673–679.
Blyth, A., & Kovacich, G. L. (2006). Information assurance: Securing the information environment (2nd ed.). New York, NY: Springer.
Borgman, C. L., & Furner, J. (2002). Scholarly communication and bibliometrics. Annual Review of Information Science and Technology, 36(1), 2–72.
Botha, R. A., & Gaaingwe, T. G. (2006). Reflecting on 20 SEC conferences. Computers and Security, 25(4), 247–256.
Braun, T., Glänzel, W., & Schubert, A. (2006). A Hirsch-type index for journals. Scientometrics, 69(1), 169–173.
Callon, M., Law, J., & Rip, A. (1986). Mapping the dynamics of science and technology. London: Sage.
Campbell, J. P. (1997). Speaker recognition: A tutorial. Proceedings of the IEEE, 85(9), 1437–1462.
Capaccio, T. (2013, June 10). Pentagon five-year cybersecurity plan seeks 23 billion. Bloomberg. http://www.bloomberg.com/news/2013-06-10/pentagon-five-year-cybersecurity-plan-seeks-23-billion.html. Accessed 10 July, 2015.
Cardona, G., & Sanz, J. P. (2015). Publication analysis of the contact lens field: What are the current topics of interest? Journal of Optometry, 8(1), 33–39.
Cohen, R., Erez, K., Ben-Avraham, D., & Havlin, S. (2001). Breakdown of the Internet under intentional attack. Physical Review Letters, 86(16), 3682.
Corrin, A. (2013, April 10). 2014 budget: DOD budget includes boosts for cyber, future priorities. FCW. http://fcw.com/articles/2013/04/10/dod-budget.aspx. Accessed 10 July, 2015.
Crowley, E. (2003). Information system security curricula development. In Proceedings of the 4th annual conference on information technology curriculum (pp. 249–255). New York, NY: ACM.
Department of Defense. (2010). Joint publication 1-02: Department of defense dictionary of military and associated terms. Washington, DC: Department of Defense.
Dlamini, M., Eloff, M., & Eloff, J. (2009). Information security: The moving target. Computers & Security, 28(3–4), 189–198.
Eom, S. B. (2003). Author co-citation analysis using custom bibliographic databases: An introduction to the SAS approach. Lewiston, NY: Edwin Mellen Press.
Eschenauer, L., & Gligor, V. D. (2002, November). A key-management scheme for distributed sensor networks. Paper presented at the proceedings of the 9th ACM conference on computer and communications security, Washington, DC.
Falagas, M. E., Pitsouni, E. L., Malietzis, G. A., & Pappas, G. (2008). Comparison of PubMed, Scopus, Web of Science, and Google Scholar: Strengths and weaknesses. FASEB Journal, 22(2), 338–342.
Forrest, S., Hofmeyr, S., Somayaji, A., & Longstaff, T. (1996, May). A sense of self for Unix processes. In 1996 IEEE symposium on security and privacy (pp. 120–128). New York, NY: IEEE.
Foster, I., Kesselman, C., Tsudik, G., & Tuecke, S. (1998). A security architecture for computational grids. In Proceedings of the 5th ACM conference on computer and communications security (pp. 83–92). New York, NY: ACM.
Fuchs, L., Pernul, G., & Sandhu, R. (2011). Roles in information security—A survey and classification of the research area. Computers & Security, 30(8), 748–769.
Garfield, E. (1955). Citation indexes for science: A New dimension in documentation through association of ideas. Science, 122(3159), 108–111.
Goyal, V., Pandey, O., Sahai, A., & Waters, B. (2006). Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on computer and communications security (pp. 89–98). New York, NY: ACM.
Hammonds, G. L. (1993). Confidentiality, integrity, assured service: Tying security all together. In Proceedings on the 1991–1993 workshop on new security paradigms (pp. 48–52). New York, NY: ACM.
Hirsch, J. E. (2005). An index to quantify an individual’s scientific research output. Proceedings of the National Academy of Sciences of the United States of America, 102(46), 16569–16572.
Hofmeyr, S. A., Forrest, S., & Somayaji, A. (1998). Intrusion detection using sequences of system calls. Journal of Computer Security, 6(3), 151–180.
International Monetary Fund. (2015, April). IMF world economic outlook [Data file]. Retrieved 10 July, 2015 from http://www.imf.org/external/pubs/ft/weo/2015/01/weodata/index.aspx.
Jacsó, P. (2009). The h-index for countries in Web of Science and Scopus. Online Information Review, 33(4), 831–837.
Kaiser, R. (2015). The birth of cyberwar. Political Geography, 46(2015), 11–20.
Kulkarni, A. V., Aziz, B., Shams, I., & Busse, J. W. (2009). Comparison of citations in the Web of Science, Scopus, and Google Scholar for articles published in general medical journals. Journal of the American Medical Association, 302(10), 1092–1096.
Lee, W. H. (2008). How to identify emerging research fields using scientometrics: An example in the field of Information Security. Scientometrics, 76(3), 503–525.
Lee, J., Kraus, K. L., & Couldwell, W. T. (2009). Use of the h index in neurosurgery: Clinical article. Journal of Neurosurgery, 111(2), 387–392.
Liu, D., Ning, P., & Li, R. (2005). Establishing pairwise keys in distributed sensor networks. ACM Transactions on Information and System Security (TISSEC), 8(1), 41–77.
Liu, Z., Yin, Y., Liu, W., & Dunford, M. (2015). Visualizing the intellectual structure and evolution of innovation systems research: A bibliometric analysis. Scientometrics, 103(1), 135–158.
Lord, K. M., & Sharp, T. (2011). America’s cyber future: Security and prosperity in the information age (Vol. I). Washington, DC: Center for a New American Security.
Maconachy, V. W., Schou, C. D., Ragsdale, D., & Welch, D. (2001, June). A model for information assurance: An integrated approach. Paper presented at the proceedings of the 2001 IEEE workshop on information assurance and security, West Point, NY.
Merton, R. K. (1968). The Matthew effect in science. Science, 159(3810), 56–63.
Meushaw, R. (2012). Developing a blueprint for a science of cyber security. Guest Editor’s Column. The Next Wave, 19(2), 1.
Meyer, F., Paarmann, D., D’Souza, M., Olson, R., Glass, E. M., Kubal, M., et al. (2008). The metagenomics RAST server—A public resource for the automatic phylogenetic and functional analysis of metagenomes. BMC Bioinformatics, 9(1), 386.
Morris, S. A., & Martens, B. (2008). Mapping research specialties. Annual Review of the American Society for Information Science and Technology, 42(1), 213–295.
Moya-Anegon, F., Chinchilla-Rodriquez, Z., Vargas-Quesada, B., Corera-Alvarez, E., Munoz-Fernandez, F. J., Gonalez-Molina, A., et al. (2007). Coverage analysis of scopus: A metric approach. Scientometrics, 73(1), 57–58.
Office of Management and Budget. (2013). Fiscal year 2012 report to Congress on the implementation of the Federal Information Security Management Act of 2002. Washington, DC: Office of Management and Budget.
Oree, W. L. (2013). Analysis of the Unites States Computer Emergency Readiness Team’s (U.S. CERT) Einstein III intrusion detection system, and its impact on privacy (Master’s thesis). Naval Postgraduate School, Monterey, CA.
Pastor-Satorras, R., & Vespignani, A. (2001). Epidemic spreading in scale-free networks. Physical Review Letters, 86(14), 3200.
Perez, L.C., Cooper, S., Hawthorne, E. K., Wetzel, S., Brynieisson, A., Gokce, G., et al. (2011, June). Information assurance in two- and four-year institutions. Paper presented at the proceedings of the 16th annual conference on innovation and technology in computer science education—Working group reports, New York, NY.
Pinto, M. (2015). Viewing and exploring the subject area of information literacy assessment in higher education (2000–2011). Scientometrics, 102(1), 227–245.
Price, D. J. S. (1963). Little science, big science. New York, NY: Columbia University Press.
Price, D. J. S. (1965). Networks of scientific papers. Science, 149(3683), 510–515.
Price, D. J. S. (1978). Toward a model for scientific indicators. In E. Yehuda, J. Lederberg, R. K. Merton, A. Thackray, & H. Zuckerman (Eds.), Toward a metric of science: The advent of scientific indicators (pp. 69–96). New York, NY: Wiley.
Ratnasingham, S., & Hebert, P. D. (2007). BOLD: The barcode of life data system. Molecular Ecology Notes, 7(3), 355–364.
Reid, E. F., & Chen, H. (2007). Mapping the contemporary terrorism research domain. International Journal of Human-Computer Studies, 65(1), 42–56.
Rorissa, A., & Yuan, X. (2012). Visualizing and mapping the intellectual structure of information retrieval. Information Processing and Management, 48(1), 120–135.
Sabelfeld, A., & Myers, A. C. (2003). Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1), 5–19.
Sanz-Casado, E., Garcia-Zorita, J. C., Serrano-Lopez, A. E., Larsen, B., & Ingwersen, P. (2013). Renewable energy research 1995–2009: A case study of wind power research in EU, Spain, and Germany and Denmark. Scientometrics, 95(1), 197–224.
Sedighi, M. (2015). Using of co-word analysis method in mapping of the structure of scientific fields (case study: The field of informetrics). Journal of Information Processing and Management, 30(2), 373–396.
Siponen, M. T., & Oinas-Kukkonen, H. (2007). A review of information security issues and respective research contributions. SIGMIS Database, 38(1), 60–80.
Solms, B. (2001). Information security—A multidimensional discipline. Computers & Security, 20(6), 504–508.
Solms, R., & Niekerk, J. (2013). From information security to cyber security. Computers and Security, 38(October), 97–102.
Straub, D. W. (1989). Validating instruments in MIS research. MIS Quarterly, 13(2), 147–169.
Tabah, A. N. (1999). Literature dynamics: Studies on growth, diffusion, and epidemics. Annual Review of Information Science and Technology, 34, 249–286.
Van Eck, N. J., & Waltman, L. (2007). VOS: A new method for visualizing similarities between objects. Berlin: Springer.
Van Eck, N. J., & Waltman, L. (2010). Software survey: VOSviewer, a computer program for bibliometric mapping. Scientometrics, 84(2), 523–538.
Van Raan, A., & Tijssen, R. (1993). The neural net of neural network research: An exercise in bibliometric mapping. Scientometrics, 26(1), 169–192.
Vaughn, R. B., Dampier, D. A., & Warkentin, M. B. (2004). Building an information education program. In Proceedings of the first annual conference on information security curriculum development (pp. 41–45). New York, NY: ACM.
Vogel, R. (2012). The visible colleges of management and organization studies: A bibliometric analysis of academic journals. Organization Studies, 33(8), 1015–1043.
Waaijer, C. J., & Palmblad, M. (2015). Bibliometric mapping: Eight decades of analytical chemistry, with special focus on the use of mass spectrometry. Analytical Chemistry, 87(9), 4588–4596.
White, H. D., & McCain, K. W. (1998). Visualizing a discipline: An author co-citation analysis of information science, 1972–1995. Journal of the American Society for Information Science, 49(4), 327–355.
Whitman, M. E., & Mattord, H. J. (2009). Principles of information security (3rd ed.). Boston, MA: Thomson Course Technology.
Zhao, G., & Pietikainen, M. (2007). Dynamic texture recognition using local binary patterns with an application to facial expressions. IEEE Transactions on Pattern Analysis and Machine Intelligence, 29(6), 915–928.
Zhao, D., & Strotmann, A. (2015). Analysis and visualization of citation networks. New York, NY: Morgan & Claypool.
Author information
Authors and Affiliations
Corresponding author
Appendix
Appendix
See Table 6.
Rights and permissions
About this article
Cite this article
Olijnyk, N.V. A quantitative examination of the intellectual profile and evolution of information security from 1965 to 2015. Scientometrics 105, 883–904 (2015). https://doi.org/10.1007/s11192-015-1708-1
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11192-015-1708-1
Keywords
- Co-word analysis
- Computer security
- Cyber security
- Information assurance
- Network security
- Specialty development