FRAMEWORK DEVELOPMENT OF CYBERSECURITY IN A VIRTUALIZATION ENVIRONMENT Research Article
Article Sidebar
Main Article Content
Abstract
This research aimed to: 1) design a cybersecurity framework suitable for small and medium-sized enterprises (SMEs) by integrating the NIST Cybersecurity Framework (CSF) 2.0, Zero Trust principles, and the Defense-in-Depth concept; 2) develop and deploy a prototype system using open-source tools within a Proxmox VE environment; and 3) evaluate the effectiveness of the proposed framework in terms of technical performance and expert judgment.The sample group consisted of five experts from multidisciplinary fields related to cybersecurity. The research instruments included pfSense, Wazuh, OpenVAS, Nmap, Proxmox Backup Server (PBS), and a framework suitability assessment form. Data were analyzed using mean and standard deviation.
The results indicated that: 1) the framework developed under the Design Science Research (DSR) approach comprised core components aligned with all six functions of NIST CSF 2.0—Govern, Identify, Protect, Detect, Respond, and Recover—and successfully integrated all five open-source tools into the operational workflow; 2) expert evaluation demonstrated that the framework achieved a high to very high level of appropriateness, with an overall mean score of 4.76 out of 5.00, covering all six core functions of NIST CSF 2.0, where policies and standard operating procedures (SOPs) received the highest score (4.84), followed by operational forms (4.80) and runbooks (4.64); and 3) prototype system testing confirmed practical effectiveness, showing a significant reduction in system vulnerabilities, timely threat detection and response, and successful achievement of the defined Recovery Time Objective (RTO). These results reflect the effectiveness and applicability of the proposed framework for SMEs and indicate its potential for further development toward automated cybersecurity response systems in the future.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
This article is published and copyrighted by the Science and Technology Journal. South East Bangkok College
References
IBM, “IBM X-Force 2025 Threat Intelligence Index,” 2024. [Online]. Available: https://www.ibm.com/reports/threat-intelligence
L. Chen, Y. Zhang, H. Li, and J. Wang, “A comparative analysis of cybersecurity frameworks for critical infrastructure protection,” J. Cybersecurity Privacy, vol. 4, no. 2, pp. 205–220, 2024.
D. Kumar and V. Gupta, “Improving cybersecurity of medical systems by applying the NIST framework,” Health Informatics J., vol. 29, no. 2, pp. 150–161, 2023.
E. Babushkin, “Automation of testing of operating system backup and recovery,” M.S. thesis, Czech Technical Univ. Prague, Prague, Czech Republic, 2023.
B. Dordevic, V. Timcenko, N. Kraljevic, and N. Jovicic, “Performance comparison of KVM and Proxmox type-1 hypervisors,” in Proc. 30th Telecommun. Forum (TELFOR), 2022, pp. 1–4, doi: 10.1109/TELFOR56187.2022.9983666.
B. Dordevic, N. Kraljević, V. Timčenko, and N. Jovičić, “Performance comparison of KVM and Proxmox,” Int. J. Adv. Comput. Sci. Appl., vol. 15, no. 1, pp. 35–44, 2024.
Cybersecurity and Infrastructure Security Agency, “ESXiArgs ransomware virtual machine recovery guidance,” Feb. 8, 2023. [Online]. Available: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-039a
European Union Agency for Cybersecurity, “ENISA Threat Landscape 2024,” 2024. [Online]. Available: https://www.enisa.europa.eu/publications/enisa-threat-landscape-2024
J. Manzoor, A. Waleed, A. F. Jamali, and A. Masood, “Cybersecurity on a budget: Evaluating security and performance of open-source SIEM solutions for SMEs,” PLOS ONE, vol. 19, no. 3, Art. no. e0301183, 2024, doi: 10.1371/journal.pone.0301183.
A. Alkhalifah, “Evaluating security and performance of open-source SIEM solutions for SMEs,” J. Inf. Secur. Appl., vol. 65, pp. 103–116, 2022.
Proxmox Server Solutions GmbH, “Proxmox Virtual Environment Administration Guide,” ver. 8.3.1, 2024. [Online]. Available: https://www.proxmox.com
Proxmox Server Solutions GmbH, “Proxmox VE Datasheet,” ver. 8.3, 2024. [Online]. Available: https://www.proxmox.com
A. Simpalingabo, “Comparison of Proxmox and OpenNebula as cyber range platforms,” Cyber Defence Lab, Tech. Rep., 2024.
P. Martinez and S. Garg, “Vulnerability management using open-source tools,” J. Inf. Syst. Secur., vol. 18, no. 1, pp. 55–68, 2022.
N. Shivananjappa and R. Creutzburg, “Vulnerability management using open-source tools,” Electron. Imaging, vol. 36, no. 3, Art. no. 326-1–326-8, 2024, doi: 10.2352/EI.2024.36.3.MOBMU-326.
A. M. Grad, “Nonprofit cybersecurity: NIST CSF 2.0 as exemplar of the zero-trust model,” M.S. thesis, Univ. New Hampshire, Durham, NH, USA, 2024.
National Institute of Standards and Technology, “The NIST Cybersecurity Framework (CSF) 2.0,” 2024, doi: 10.6028/NIST.CSWP.29.
M. Parmar and A. Miles, “Cyber security frameworks (CSFs): An assessment between the NIST CSF v2.0 and EU standards,” in Proc. 2024 Security for Space Systems (3S), Noordwijk, Netherlands, 2024, pp. 1–7, doi: 10.23919/3S60530.2024.10592293.
R. S. Perdana et al., “Security and risk assessment of academic information systems using the NIST framework: A case study,” in Proc. 16th Int. Conf. Telecommun. Syst., Serv., Appl. (TSSA), 2022, pp. 1–5, doi: 10.1109/TSSA56819.2022.10063890.
A. Patel and M. Schmidt, “Implementing zero trust in hybrid cloud environments,” IEEE Trans. Cloud Comput., vol. 12, no. 1, pp. 112–125, Jan. 2024.
M. Kyryk et al., “Disaster recovery solution for on-premises infrastructure using Proxmox Backup Server,” in Proc. IEEE 5th Int. Conf. Adv. Inf. Commun. Technol. (AICT), 2023, pp. 77–81, doi: 10.1109/AICT61584.2023.10452418.
Proxmox Server Solutions GmbH, “Proxmox Backup Server Documentation,” ver. 3.3.0-1, 2024. [Online]. Available: https://www.proxmox.com
Proxmox Server Solutions GmbH, “Proxmox VE Ceph Benchmark,” Dec. 11, 2023. [Online]. Available: https://www.proxmox.com
Proxmox Server Solutions GmbH, “Proxmox Backup Server Datasheet,” ver. 3.3, 2024. [Online]. Available: https://www.proxmox.com
A. A. Febriansyah and A. Prapanca, “Simulation of high-availability server implementation using Ceph on Proxmox,” J. Informatics Comput. Sci. (JINACS), vol. 6, no. 1, pp. 131–136, 2024, doi: 10.26740/jinacs.v6n01.p131-136.
H. S. Abdullah, “Evaluation of open-source web application vulnerability scanners,” Acad. J. Nawroz Univ., vol. 9, no. 1, p. 47, 2020, doi: 10.25007/ajnu.v9n1a532.
R. Pandey and S. Sharma, “Comparative study of open-source firewalls,” Int. J. Comput. Netw. Inf. Secur., vol. 13, no. 6, pp. 1–12, 2021.
Netgate, “pfSense Documentation,” Sep. 19, 2025. [Online]. Available: https://docs.netgate.com/manuals/pfsense/en/latest/the-pfsense-documentation.pdf
Greenbone Networks, “Greenbone OpenVAS: Background and concepts,” 2024. [Online]. Available: https://greenbone.github.io/docs/latest/background.html
M. R. Islam and R. Rafique, “Wazuh SIEM for cybersecurity and threat mitigation in apparel industries,” Int. J. Eng. Mater. Manuf., vol. 9, no. 4, pp. 136–144, 2024, doi: 10.26776/ijemm.09.04.2024.02.
A.-M. Udroiu, M. Dumitrache, and I. Sandu, “Open-source tools for the cybersecurity of an integrated information system,” in Proc. 14th Int. Conf. Electron., Comput. Artif. Intell. (ECAI), pp. 1–6, 2022.
J.-Y. Seo et al., “Real-time threat detection and prevention with Suricata, iptables, OSSEC, and the Elastic Stack,” J. Appl. Comput. Knowl., vol. 31, no. 2, pp. 1–8, 2024.
A. R. Hevner, S. T. March, J. Park, and S. Ram, “Design science in information systems research,” MIS Q., vol. 28, no. 1, pp. 75–105, 2004, doi: 10.2307/25148625.
