Cybersecurity in Humanities and Social Sciences A Research Methods Approach 1St Edition Edition Hugo Loiseau Full Chapter PDF

Cybersecurity In Humanities And Social
Sciences: A Research Methods

Approach 1st Edition Edition Hugo
Loiseau
Visit to download the full and correct content document:
https://ebookmass.com/product/cybersecurity-in-humanities-and-social-sciences-a-re
search-methods-approach-1st-edition-edition-hugo-loiseau/
More products digital (pdf, epub, mobi) instant
download maybe you interests ...
Using R For Data Analysis In Social Sciences: A

Research Project-oriented Approach Li
https://ebookmass.com/product/using-r-for-data-analysis-in-
social-sciences-a-research-project-oriented-approach-li/
Social Research Methods 5th Edition Alan Bryman &&

Edward Bell
https://ebookmass.com/product/social-research-methods-5th-
edition-alan-bryman-edward-bell/
Research Methods in Kinesiology and the Health Sciences

First Edition, (Ebook PDF)
https://ebookmass.com/product/research-methods-in-kinesiology-
and-the-health-sciences-first-edition-ebook-pdf/
Artificial Intelligence And Its Discontents: Critiques

From The Social Sciences And Humanities 1st Edition
Ariane Hanemaayer
https://ebookmass.com/product/artificial-intelligence-and-its-
discontents-critiques-from-the-social-sciences-and-
humanities-1st-edition-ariane-hanemaayer/
Research Methods for the Digital Humanities Lewis
Levenberg
https://ebookmass.com/product/research-methods-for-the-digital-
humanities-lewis-levenberg/
Research Methods and Statistics: A Critical Thinking

Approach 5th Edition
https://ebookmass.com/product/research-methods-and-statistics-a-
critical-thinking-approach-5th-edition/
Research Design and Methods: A Process Approach, 11th

Edition Bordens
https://ebookmass.com/product/research-design-and-methods-a-
process-approach-11th-edition-bordens/
Scholarly Virtues in Nineteenth-Century Sciences and

Humanities
https://ebookmass.com/product/scholarly-virtues-in-nineteenth-
century-sciences-and-humanities/
Bryman's Social Research Methods, 6th Edition Clark
https://ebookmass.com/product/brymans-social-research-
methods-6th-edition-clark/
Cybersecurity in Humanities and Social Sciences
Cybersecurity Set
coordinated by
Daniel Ventre
Volume 1
Cybersecurity in Humanities
and Social Sciences
A Research Methods Approach
Edited by
Hugo Loiseau
Daniel Ventre
Hartmut Aden
First published 2020 in Great Britain and the United States by ISTE Ltd and John Wiley & Sons, Inc.
Apart from any fair dealing for the purposes of research or private study, or criticism or review, as
permitted under the Copyright, Designs and Patents Act 1988, this publication may only be reproduced,
stored or transmitted, in any form or by any means, with the prior permission in writing of the publishers,
or in the case of reprographic reproduction in accordance with the terms and licenses issued by the
CLA. Enquiries concerning reproduction outside these terms should be sent to the publishers at the
undermentioned address:
ISTE Ltd John Wiley & Sons, Inc.

27-37 St George’s Road 111 River Street
London SW19 4EU Hoboken, NJ 07030
UK USA
www.iste.co.uk www.wiley.com
© ISTE Ltd 2020

The rights of Hugo Loiseau, Daniel Ventre, Hartmut Aden to be identified as the authors of this work
have been asserted by them in accordance with the Copyright, Designs and Patents Act 1988.
Library of Congress Control Number: 2020935380
British Library Cataloguing-in-Publication Data

A CIP record for this book is available from the British Library
ISBN 978-1-78630-539-8
Contents
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix
Daniel VENTRE, Hugo LOISEAU and Hartmut ADEN
Chapter 1. The “Science” of Cybersecurity in the Human and

Social Sciences: Issues and Reflections . . . . . . . . . . . . . . . . . . . 1
Hugo LOISEAU
1.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2. A method? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.3. Data? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.4. One or more definition(s)? . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
1.5. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
1.6. References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Chapter 2. Definitions, Typologies, Taxonomies and

Ontologies of Cybersecurity. . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Daniel VENTRE
2.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
2.2. Definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.2.1. What is a definition? . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
2.2.2. Usefulness of definitions . . . . . . . . . . . . . . . . . . . . . . . . . 29
2.2.3. Rules for constructing definitions . . . . . . . . . . . . . . . . . . . . 29
2.2.4. Definitions of cybersecurity. . . . . . . . . . . . . . . . . . . . . . . . 32
2.3. Typology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
2.3.1. What is a typology? . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
2.3.2. Usefulness of typologies . . . . . . . . . . . . . . . . . . . . . . . . . . 44
2.3.3. Rules for the construction of typologies . . . . . . . . . . . . . . . . 45
2.3.4. Cybersecurity typologies . . . . . . . . . . . . . . . . . . . . . . . . . 46
vi Cybersecurity in Humanities and Social Sciences
2.4. Taxonomy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
2.4.1. What is a taxonomy? . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
2.4.2. Usefulness of taxonomy . . . . . . . . . . . . . . . . . . . . . . . . . . 49
2.4.3. Rules for the construction of taxonomies . . . . . . . . . . . . . . . . 49
2.4.4. Taxonomies of cybersecurity . . . . . . . . . . . . . . . . . . . . . . . 50
2.5. Ontologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
2.5.1. What is ontology? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
2.5.2. Usefulness of ontologies . . . . . . . . . . . . . . . . . . . . . . . . . . 53
2.5.3. Rules for construction of ontologies . . . . . . . . . . . . . . . . . . . 53
2.5.4. Cybersecurity ontologies . . . . . . . . . . . . . . . . . . . . . . . . . 54
2.6. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
2.7. References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Chapter 3. Cybersecurity and Data Protection – Research

Strategies and Limitations in a Legal and Public Policy Perspective 67
Hartmut ADEN
3.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
3.2. Studying the complex relationship between cybersecurity and
data protection: endangering privacy by combating cybercrime? . . . . . . . 68
3.2.1. Potential tensions between cybersecurity and data protection . . . . 69
3.2.2. Potential synergies between cybersecurity and data protection . . . 72
3.3. Methodological approaches and challenges for the study of
cybersecurity – legal and public policy perspectives . . . . . . . . . . . . . . 74
3.3.1. Legal interpretation and comparison as methodological
approaches to the study of cybersecurity . . . . . . . . . . . . . . . . . . . . 74
3.3.2. Public policy approaches to the study of cybersecurity. . . . . . . . 77
3.3.3. Transdisciplinary synergies between legal and public
policy perspectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
3.4. Conclusion and outlook. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
3.5. References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Chapter 4. Researching State-sponsored Cyber-espionage . . . . . . 85

Joseph FITSANAKIS
4.1. Defining cybersecurity and cyber-espionage . . . . . . . . . . . . . . . . 85
4.2. Taxonomies of cyber-threats . . . . . . . . . . . . . . . . . . . . . . . . . . 87
4.3. The structure of this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . 88
4.4. The significance of state-sponsored cyber-espionage . . . . . . . . . . . 90
4.5. Research themes in state-sponsored cyber-espionage . . . . . . . . . . . 94
4.6. Theorizing state-sponsored cyber-espionage in the social sciences . . . 98
4.7. Research methodologies into state-sponsored cyber-espionage . . . . . 104
Contents vii
4.8. Intellectual precision and objectivity in state-sponsored

cyber-espionage research . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
4.9. Detecting state actors in cyber-espionage research. . . . . . . . . . . . . 110
4.10. Identifying specific state actors in cyber-espionage research . . . . . . 112
4.11. Conclusion: researching a transformational subject . . . . . . . . . . . 116
4.12. References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
Chapter 5. Moving from Uncertainty to Risk: The Case of

Cyber Risk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Michel DACOROGNA and Marie KRATZ
5.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
5.2. The scientific approach to move from uncertainty to risk . . . . . . . . . 124
5.3. Learning about the data: the exploratory phase . . . . . . . . . . . . . . . 126
5.4. Data cleansing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
5.5. Statistical exploration on the various variables of the dataset . . . . . . 130
5.6. Univariate modeling for the relevant variables . . . . . . . . . . . . . . . 134
5.7. Multivariate and dynamic modeling . . . . . . . . . . . . . . . . . . . . . 139
5.7.1. A fast-changing environment: time dependency . . . . . . . . . . . . 140
5.7.2. Causal relations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
5.7.3. Models for prediction . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
5.8. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
5.9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
5.10. References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Chapter 6. Qualitative Document Analysis for Cybersecurity

and Information Warfare Research . . . . . . . . . . . . . . . . . . . . . . . 153
Brett VAN NIEKERK and Trishana RAMLUCKAN
6.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
6.1.1. Previous research . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
6.2. Information warfare and cybersecurity . . . . . . . . . . . . . . . . . . . . 154
6.3. Researching information warfare and cybersecurity . . . . . . . . . . . . 156
6.4. Qualitative research methodologies for information warfare
and cybersecurity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
6.4.1. Clustering of documents . . . . . . . . . . . . . . . . . . . . . . . . . . 159
6.4.2. Clustering of words. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
6.4.3. Word frequencies and word clouds . . . . . . . . . . . . . . . . . . . 159
6.4.4. Text search and word trees . . . . . . . . . . . . . . . . . . . . . . . . 159
6.4.5. Example use cases of qualitative document analysis . . . . . . . . . 160
6.5. An analysis of national cybersecurity strategies . . . . . . . . . . . . . . 161
6.5.1. Selection process for the documents . . . . . . . . . . . . . . . . . . . 161
6.5.2. Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
viii Cybersecurity in Humanities and Social Sciences
6.5.3. Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

6.6. An analysis of the alignment of South Africa’s Cybercrimes Bill
to international legislation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
6.6.1. Background to the documents . . . . . . . . . . . . . . . . . . . . . . 169
6.6.2. Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
6.6.3. Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
6.7. An analysis of the influence of classical military philosophy on
seminal information warfare texts . . . . . . . . . . . . . . . . . . . . . . . . . 176
6.8. Reflections on qualitative document analysis for information
warfare and cybersecurity research . . . . . . . . . . . . . . . . . . . . . . . . 177
6.9. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
6.10. References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Chapter 7. Anti-feminist Cyber-violence as a Risk Factor: Analysis

of Cybersecurity Issues for Feminist Activists in France. . . . . . . . 185
Elena WALDISPUEHL
7.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
7.2. Localization of an online field . . . . . . . . . . . . . . . . . . . . . . . . . 187
7.2.1. Online ethnographic work and empathy . . . . . . . . . . . . . . . . 192
7.2.2. Cybersecurity issues of an online field . . . . . . . . . . . . . . . . . 193
7.3. Online–offline continuum . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
7.4. Continuum between security and insecurity . . . . . . . . . . . . . . . . . 199
7.5. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
7.6. References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
List of Authors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213

Introduction
Why a methodology book?
Before the concept of cybersecurity was introduced, in the 1960s,

computer security was referred to as the “protection of computer programs
and data against unauthorized access” [PAY 83]. In the 1990s, the concept
of “cybersecurity” emerged. This mainly refers to computer protection in its
technical dimension, and some even see it as one of the major challenges for
security policies for the coming decades: “One of the biggest challenges for
strategic leaders in the 21st Century will be cyber security – protecting
computers and the links between them” [JOH 95]. In much of the literature,
“cyber” or “computer” technologies are first and foremost imperfect objects,
which must be repaired to produce security. However, cybersecurity has a
broader remit than computers: the security of cyberspace.
For the past 10 years or so, the human and social sciences (HSS) have been
concerned with cybersecurity. Political [DEI 10, QUI 12, CAV 19], legal
[GRA 04], strategic and economic readings have been proposed. Journals
dedicated to the study of cybersecurity provide human and social science
disciplines with spaces for discussing research from multiple viewpoints.
These include the Journal of Cybersecurity (Oxford University Press)1, the
Journal of Cybersecurity Research (JCR)2, the International Journal of
Cybersecurity Intelligence and Cybercrime (IJCIC)3, the National Journal of
Introduction written by Daniel VENTRE, Hugo LOISEAU and Hartmut ADEN.

1 https://academic.oup.com/cybersecurity/pages/About.
2 https://clutejournals.com/index.php/JCR.
3 https://vc.bridgew.edu/ijcic.
x Cybersecurity in Humanities and Social Sciences
Cyber Security Law4 and the Journal of Intelligence and Cyber Security5, to
name a few. Most of these academic journals have only recently been
founded. Cybersecurity, in any case, is in the process of becoming a fully
fledged subject of research in the human and social sciences, if it has not
already become this. Notwithstanding this observation, research still appears
to be relatively scattered and heterogeneous, with each discipline within HSS
grasping the issues and posing research questions based on its own
approaches, using its own theoretical and methodological apparatus.
Our contribution to this wave of international cybersecurity productions

will be a reflection on methodological aspects in the human and social
sciences for cybersecurity research. This book therefore poses the following
central question: what methods and theoretical tools can mobilize HSS
researchers to address cybersecurity? This methodological dimension
seemed essential to us for several reasons:
– Publications produced in recent years generally pay little attention to
the methodological dimension. Research books and articles naturally address
this methodological dimension in the formal framework of their
development. However, they generally focus on the treatment of the subject
matter of the particular publication. To date, there has been little effort to
offer reflections centered on questions of methods and theories specific to
the human and social sciences.
– The topic of cybersecurity can be confusing at first glance for young
(and sometimes not so young) researchers. The purpose of cybersecurity
seems to require mobilization and mastery of multiple fields of knowledge
(that of the field specific to the HSS researcher, combined with knowledge
of informatics, networks, communication, etc.). It is therefore a question of
gathering knowledge that is essential to the researcher, thus a question of
methodology.
– Once it has been defined, explained and deconstructed, cybersecurity
will quickly appear as a complex object, with multiple components that will
each be objects of research (cybercrime, cyberattacks, cyber threats, cyber
risk, intelligence issues in cyberspace, etc.). Each of these objects may
require specific knowledge, distinct theoretical frameworks and adapted
4 http://stmjournals.com/Journal-of-Cybersecurity-Law.html.
5 https://www.academicapress.com/journals.
Introduction xi
methodologies. The chapters in this book eloquently demonstrate the

complexity of the cybersecurity object.
– Moreover, another very important question arises when considering
cybersecurity as being composite and complex: what can or should be the
place of multidisciplinarity or interdisciplinarity in its study? As a discipline,
cybersecurity is under two forms of pressure which are fertile for its
development. The first is, of course, the willingness of researchers who see
themselves as part of this discipline (in terms of knowledge, methods or
techniques) to specialize in order to distinguish the cybersecurity object from
the multitude of objects or dimensions that comprise it in the real world, as
well as the ability to distinguish this field of research from other contiguous
fields such as computer security, data protection and computer engineering.
The second pressure is pushing the discipline to broaden its horizons towards
HSS, since it is now accepted that cybersecurity is also a social
phenomenon. This pressure thus pushes research towards interdisciplinarity
or multidisciplinarity to take account of the human and social dimensions of
cybersecurity.
– Is cybersecurity relevant to all HSS disciplines? This question implies
that the human and social aspects of cybersecurity are potentially
intersectional when the HSS address cybersecurity. In other words, theories,
methods and analytical frameworks as much as variables from psychology,
anthropology, sociology or any other HSS discipline, can contribute in some
way to explaining or understanding the phenomenon of cybersecurity.
Mobilizing these different research tools and methodological heritages
seems beneficial for an integrated analysis of cybersecurity and an
unsuspected wealth of knowledge.
– What benefits does cybersecurity derive from its encounter with the
human and social sciences? The answer to this question is based on what
characterizes the humanities and social sciences and what ultimately
distinguishes them from other sciences. The main distinction lies in their
ability to analyze complex human phenomena both qualitatively and
quantitatively. As a result, a multitude of tools and methodological
approaches exist and make it possible, in particular, to refine cybersecurity
knowledge and to strongly qualify techno-determinism (or “solutionism” as
Morozov calls it [MOR 14]). This dual qualitative and quantitative capacity
enables the HSS to identify issues in cybersecurity in three ways. First of all,
in a macro way where the globality of the cybersecurity phenomenon is
revealed in its structural, systemic and environmental aspects. For example,
xii Cybersecurity in Humanities and Social Sciences
international geopolitics is being transformed by the importance of

cybersecurity in international relations today [DOU 14]. Secondly, in a meso
way, where decision-making processes, the roles of the different institutional
actors and private organizations are highlighted. We need only think of the
formulation of a foreign or defense policy that cannot disregard hybrid
threats in terms of cybersecurity. Finally, in a micro way, where the
uniqueness and particularity of this same cybersecurity phenomenon are
observable in individual behavior or thought, such as the victim of a
phishing campaign, for example.
The contribution of HSS is also evident in its capacity to generate social

debate on cybersecurity issues and to force the discipline to popularize its
basic concepts. The transmission of knowledge and social awareness about
cybersecurity issues is thus facilitated. Finally, it provides a context for
cybersecurity-related problems or risks by giving historical depth to
otherwise impossible to find reflection or debate.
– A final question is, in our opinion, methodologically and theoretically
necessary: is it necessary to mobilize pre-existing theoretical frameworks, or
is it possible to envisage their renewal? The nature of the cybersecurity
object certainly favors multidisciplinarity, but nevertheless creates two
obstacles blocking its analysis. On the one hand, cybersecurity combines a
technical dimension with a human dimension, which makes this a hybrid and
complex research object, as mentioned above. Moreover, few theoretical or
methodological frameworks currently exist to address the full human and
technical dimensions of cybersecurity so as to gain a holistic or integrated
perspective on cybersecurity. On the other hand, the speed of IT
development (technical dimension) and the adoption of new technologies
(human dimension) make existing analytical frameworks quickly obsolete.
These two obstacles must be taken into account in mobilizing existing
theoretical frameworks, as well as, and more importantly, in developing new
comprehensive analytical frameworks. In order to achieve this, a study on
research methods and theoretical tools of the human and social sciences in
the study of cybersecurity seemed necessary to us.
Contributions to the book
The seven chapters of this book offer different perspectives on particular

aspects of cybersecurity and provide some answers to the various questions
outlined above.
Introduction xiii
In his chapter, Hugo Loiseau discusses the scientificity of cybersecurity

studies. This still needs to be defined and demonstrated in the human and
social sciences. Among the abundance of research in cybersecurity, in all
sciences combined, only a few studies are devoted to the methodological and
scientific problems of this emerging discipline. Indeed, in the human and
social sciences, from an epistemological point of view, studies on
cybersecurity require methodological criticism to improve their scientificity
and credibility in relation to computer sciences and engineering. In this
chapter, research methods, access to data and the development of a
cybersecurity discipline in the humanities and social sciences are thus
assessed. The objective of this chapter is to lay the epistemological
foundations for proposing an operationalizable definition of “cybersecurity”
for the human and social sciences.
Daniel Ventre deals specifically with definitions of concepts and ways of

expressing and grasping them. Definition, typology, taxonomy and ontology
(grouped under the acronym DTTO) can be used to express cybersecurity, to
represent it, understand it and draw its domain and its perimeter. The
literature most often postulates that there is no consensus on DTTO. In this
chapter, the author attempts to identify sufficiently strong and significant
trends in each of the approaches to cybersecurity in order to study this
premise.
Hartmut Aden analyzes tensions and synergies between cybersecurity

and data protection from the perspective of legal science and public policy
analysis, with a focus on the transdisciplinary links between the two.
This shows that the combination of legal methods of interpreting norms
emerging in the field of cybersecurity and qualitative and quantitative social
science methods used for public policy analysis can contribute to a better
understanding of the various facets of the tensions and synergies between
cybersecurity and data protection.
Joseph Fitsanakis is interested in the methods, tools and theories that the
researcher can mobilize and the specific obstacles that may be encountered
in studying the challenges of State-sponsored cyber-espionage. He provides
a survey of current research on the subject in the human and social sciences,
focusing on the strategic, tactical and operational dimensions of the
phenomenon. He identifies and discusses the relevant theoretical and
conceptual tools to conduct this research.
xiv Cybersecurity in Humanities and Social Sciences
Marie Kratz and Michel Dacorogna use quantitative methods to study

and understand cybersecurity. Their chapter focuses on methodological
aspects, illustrated by the operation of a database of the French Gendarmerie
Nationale on cybercrime complaints recorded by their offices. Some tools
and methods are described more exhaustively than others, whenever they can
be accessed/understood by non-statisticians or whoever wishes to use them
or at least understand their use.
Brett van Niekerk and Trishana Ramluckan’s chapter illustrates how

qualitative research can be useful for cybersecurity research. It provides an
analysis of cybercrime legislation and national cybersecurity strategies using
the NVivo application. The objective of this chapter is to assess the
relevance of a qualitative literature review for research on information
warfare and/or cybersecurity.
Elena Waldispuehl looks at online anti-feminist violence from two

angles. On the one hand, this chapter discusses the definition and issues of
cybersecurity for feminist activists through their sense of online safety.
On the other hand, it discusses the cybersecurity issues (cyber threats and
prevention measures) that weigh on the researcher, who also identifies as a
feminist in her research practices.
References
[CAV 19] CAVELTY M.D., EGLOFF F.J., “The politics of cybersecurity: Balancing different
roles of the state”, St Antony’s International Review, vol. 15, no. 1, pp. 37–57, 2019.
[DEI 10] DEIBERT R.J., ROHOZINSKI R., “Risking security: Policies and paradoxes of cyberspace
security”, International Political Sociology, vol. 4, no. 1, pp. 15–32, March 2010.
[DOU 14] DOUZET F., “La géopolitique pour comprendre le cyberespace”, Hérodote, vol. 1,
nos 152–153, pp. 3–21, 2014.
[GRA 04] GRADY M.F., PARISI F., “The law and economics of cybersecurity: An introduction”,
George Mason University School of Law, Working Paper Series, Paper 12, 2004.
[JOH 95] JOHNSEN W.T., JOHNSON II D.V., KIEVIT J.O. et al., The Principles of War in the
21st Century: Strategic Considerations, Department of Defense, U.S. Army War College,
Carlisle Barracks, USA, August 1, 1995.
[MOR 14] MOROZOV E., Pour tout résoudre, cliquez ici : l’aberration du solutionnisme
technologique, Limoges, Fyp éditions, 2014.
[PAY 83] PAYTON J., ASBURY A.J., “Computer security”, British Medical Journal, vol. 287,
pp. 965–967, 1983.
1

The “Science” of Cybersecurity
in the Human and Social Sciences:
Issues and Reflections
The scientificity of cybersecurity studies is yet to be demonstrated in the humanities and social
sciences. Among the plethora of cybersecurity research, few studies are devoted to the
methodological and scientific problems of this emerging knowledge. Indeed, from an
epistemological point of view, cybersecurity studies require a methodological critique to improve
their scientificity and credibility in relation to computer science and engineering. In this chapter,
research methods, access to data and the contributions of the human and social sciences to
cybersecurity studies are assessed. The objective of this chapter is to lay the epistemological
foundations for an operationalizable definition of cybersecurity for the human and social
sciences.
1.1. Introduction
How can human and social sciences (HSS) studies in cybersecurity claim
to be scientific? Several answers to this question come to mind, and based on
these, it is necessary to clarify the debate through an epistemological approach
to the contribution of HSS to cybersecurity studies, particularly in terms of
methodology, all within the framework of the empirical–analytical paradigm
and post-positivism, both of which are currently dominant in science.
Indeed, according to the principles of the scientific method advocated by

these paradigms, it is the method used that distinguishes science from non-
science [NØR 08]. In order to make this distinction, the use of epistemology
Chapter written by Hugo LOISEAU.

2 Cybersecurity in Humanities and Social Sciences
is unavoidable. The critical study of science enlightens us about the value

and significance of science and its results. So, what is the scientific value of
human and social sciences studies in cybersecurity?
It could be argued that the HSS perspective on cybersecurity is

peripheral, if not unimportant, to the issues raised by this field. Risks and
threats from cyberspace directly affect national security and public safety
through the deep penetration of computer networks into societies and
their reliance thereon. The first reflex of societies is therefore to
militarize and securitize 1 these issues, and this is what the vast majority
of states throughout the world has done.
It could also be argued that HSS research results are very abstract and ideal
compared to the results of computer science and engineering that propose
concrete software or hardware “solutions” to cybersecurity issues. The
contribution of HSS to cybersecurity would therefore be marginal since it
would not be immediately applicable to urgent technical or technological
problems. What HSS produces in cybersecurity would mobilize too many
resources (social awareness, political will, legislative changes, mental
representations, etc.) to be qualified as useful. Overall, the contribution of HSS
to cybersecurity studies would contribute little to knowledge and its real-world
application. In other words, the explanatory and practical scope of the research
produced in cybersecurity by HSS would be weak.
Moreover, in the cyber field in general, while Saleh and Hachour praise the
merits of a multidisciplinary opening towards cyber-issues in HSS [SAL 12],
Bourdeloie invites the community of HSS researchers to a vast
epistemological effort for the positioning and constructive criticism of cyber-
issues [BOU 14]. There is therefore a need for epistemological reflection on
the place of HSS in cybersecurity studies. Once this need is recognized,
contemporary epistemology teaches us that the social and human sciences
alternate between two references for scientificity, an external one in the natural
sciences and an internal one for HSS [BER 12]. Cybersecurity studies are an
exemplary example of the tension between these two references, which is
revealed in the methodological preferences of researchers. For some, the
causality of cyber phenomena can be demonstrated and explained, which is an
1 Securitization corresponds to the idea of dealing, in political discourse, with an issue

predominantly from the security angle, to the detriment of other angles (social, health, etc.).
The “war on drugs” is a perfect example.
The “Science” of Cybersecurity in the Human and Social Sciences 3
external reference for scientificity where the possibility of issuing general laws
is attainable (positivist approach). Whereas for others, social actors and their
behavior are more relevant scientifically, which is an internal reference for
scientificity within the HSS, and they must be understood in all their
subjectivities (constructivist approach and the related heterogeneity). The
debate is not closed and can be seen in cybersecurity studies.
This rapid diagnosis may seem to show a lack of scientificity in HSS

studies on cybersecurity, as epistemological issues are poorly addressed in the
face of the immediate need for results on issues. A large part of the problem
stems from the inability of HSS in cybersecurity studies to reach a level of
internal scientificity sufficient to be considered scientific by the computer and
engineering sciences, and therefore, by implication, socially credible to the
research community that has developed a body of knowledge based on
the reference of scientificity used by the natural sciences.
In short, there is a lack of reflection on the epistemology of the HSS in

relation to cybersecurity. Yet many research studies and research methods exist
and are published under the name of science without any real epistemological
contribution. Yet again, there is an astonishing similarity between cybersecurity
and the phenomena analyzed by HSS. The nature of cybersecurity and cyber
objects, like the vast majority of the objects of HSS, is characterized by
hybridity, multi-causality, ephemerality, interpretative ambiguity, etc. Taking
these common characteristics into account, we can therefore ask whether it is
possible and even desirable to move from cybersecurity studies (essentially
descriptive and empirical studies) to a science of cybersecurity (nomothetic and
more theoretical studies) in which the HSS would be fully considered as
contributors of research results meeting the principles of the scientific method?
If this is not the case, then what is lacking in HSS to achieve a sufficient level of
consideration both scientifically and socially?
This chapter will address this issue in three parts. The first will address
the central question of the methodology used in the HSS to analyze the
cybersecurity object. The second part will cover the thorny issue of the data
available to the HSS for analyzing cybersecurity. The third part will present
a proposed definition of cybersecurity that can be operationalized for and by
the HSS in order to clarify the nature of the subject matter dealt with by the
HSS. The real purpose of this chapter, beyond epistemological debates, is to
reflect on the ideal framework within which cybersecurity studies in the HSS
could reach the highest levels of scientificity, according to the rules of the art.
1.2. A method?
The humanities and social sciences are characterized by the diversity of

methodological approaches they use for their analyses. The diversity of these
methods corresponds to a necessity: that of the diversity and fragmentation
of their object of research. For the social sciences, this object comes down to
the social relationships that humans have with each other. For the social
sciences together with humanities, the scope of their analyses is even
broader and represents everything that has to do with human beings. These
sciences are also characterized by their disciplinary porosity within their
own sciences, where interdisciplinarity (or multidisciplinarity) is the key to
the validation of knowledge. The political phenomenon can be explained
through the many sub-disciplines of political science, to take just one
example. The same is true for all disciplines in the social sciences. The
humanities are subject to the same interdisciplinarity. This porosity is also
increasingly apparent at the fringes of the HSS. The human causes or
consequences of biological, physical and technological phenomena are
becoming central in the natural, computer and life sciences. We need to only
think of studies on global warming and its anthropogenic causes or of public
health to be convinced of this. In short, in the HSS, there is not a precise core
of well-circumscribed phenomena that would mobilize a community of
researchers towards a growing accumulation of valid knowledge.
HSS have arrived at this diversity through epistemological reflections

that have, throughout the 20th and 21st Centuries, highlighted the
ontological differences of HSS in relation to other sciences. This has resulted
in the development of a whole series of ethical, theoretical, methodological
and etiological reflections on the objects of HSS. These are thus non-
reproducible in time (we speak of the uniqueness of the object), which
prevents the strict application of the experimental method. They are also
very limited in terms of predictability, and, to overcome this limitation, HSS
research turns to comparative analysis and ex post research. They also
correctly develop new criteria of scientificity that form a common epistemic
space, according to Berthelot, and define them as a science in their own right
[BER 12]. In other words, in HSS, a diversity of theories, methods and
paradigms coexist within the same field of knowledge (human and social), to
the benefit of the validity of the knowledge produced by disciplines, research
programs and communities of researchers.
Without entering too much into this epistemological debate, and beyond
the discussion on the very notion of criteria, the issues in HSS concerning
the criteria of scientific validity can be summarized in the relevance of
transposing criteria from the natural sciences to the social sciences (external
reference) and especially how to adjust them to make them consistent with
the specific nature of HSS (internal reference) [KEM 12]. For Proulx,
generativity, i.e. the
“…capacity for qualitative research to stimulate and participate

in the production of new objects, new perspectives, new
methods of gathering, etc…” [PRO 19 pp. 63–64]
allows the debate to be decided. The generativity of research does not imply
evaluating the value of research only on the basis of fixed, pre-existing and
independent criteria. Instead, generativity proposes assessing the value of
research based on its fertility, in terms of new ideas, new methods or new
data or results generated [PRO 15 pp. 25–27]. In our view, cybersecurity
studies, especially for the HSS, would deserve to be evaluated according to
this generativity criterion, since it is from the diversity of methods, theories
and knowledge relevant to cybersecurity that we can draw conclusions.
This methodological diversity and these epistemological reflections are

therefore a source of intelligibility and credibility for the HSS, as they
demonstrate the added value of these sciences in traditional cybersecurity
studies and their claim to scientificity. As Corbière and Larivière put it:
“In a world of research that is becoming increasingly open and

broad, it is becoming desirable to have an inclusive perspective,
capable of integrating the contributions of various
methodological approaches, while recognizing their own
particularities.” [COR 14 p. 1]
In our view, this is exactly the case for cybersecurity studies, which
benefit from combining their research efforts in a multidisciplinary manner
using a variety of research methods.
In order to grasp the diversity of cyber phenomena, the HSS have

developed an analytical corpus, concepts and representations that make it
possible to theorize cyber-attacks, cyber operations, cybercrime, etc. Efforts
to establish a typology were made very early on by cybersecurity studies in

order to name phenomena taking place in cyberspace and their consequences
in reality [VEN 11]. In this sense, idiographic research or description of the
observed phenomena, the first step in any emerging science, has been
successfully undertaken. Logically, for the HSS, this emergence must first be
descriptive, i.e. identify the cybersecurity object and its social and human
specificity. This stage is already well underway and is producing interesting
results that feed into scientific and political debates.
The methodological threshold that remains to be crossed for HSS

cybersecurity studies, in our opinion, lies in the development and relevant
use of nomothetic methods, such as the comprehensive and explanatory
approach, in order to achieve the theorizing claim of the empirical–analytical
paradigm. The use of these two research approaches thus reduces the tension
between the two sources of scientificity discussed above. The first approach
seeks to understand the cyber behavior of individual and collective social
actors, while the second attempts to identify relevant and valid variables to
form theories to be subjected to empirical verification. The scientific process
then follows a sequence of trial and error to improve research protocols and
knowledge. However, this requires valid data, the creation of a discipline
and the development of a common definitional basis, as discussed below.
The ultimate goal of this phase is to answer with confidence the fundamental
epistemological question: “Do we know whether we know adequately what
we claim to know?” [NØR 08]. In other words, this question allows a critical
look at the scientific value of the methods used in HSS to analyze
cybersecurity.
Figure 1.1 sets out the scientific process that filters observations,
transforms them, in fact, operationalizes them into variables and links them
into hypotheses that can form the basis of theories, which sometimes produce
scientific laws. Cybersecurity studies are, in our opinion, where the dotted line
is located, i.e. in the passage from variables to hypotheses. Of course, the
teleological nature of such a graph must be qualified, as it is only used here to
illustrate what is being said, knowing full well that this process is marked by
major jolts and setbacks. Finally, this graph illustrates the magnitude of labor
ahead for the HSS, in terms of explanatory work to reach a level of external
scientificity equivalent to that of the natural and computer sciences.
Figure 1.1. From observations to scientific laws
From an epistemological point of view, the following stage of this

emergence manifests itself through the development of proven HSS research
methods in cybersecurity. The advantage is that cybersecurity studies can
draw on the vast methodological heritage of the HSS to adapt it to its
purposes. This stage involves a more subjectivist and sociological look,
through the empirico-inductive (comprehensive) approach, to understand the
motivations and behaviors of cybersecurity actors. The major contribution of
the HSS to cybersecurity studies is found in this type of method. Indeed,
they allow the development of concepts and variables with very strong
internal validity, because they are anchored in social reality. This heuristic
phase of observations and reflections precedes a confirmation phase to verify
the validity of the hypotheses put forward [DEK 09].
In this subsequent step2 , the concepts and variables studied are linked
together in cause-and-effect relationships, in order to discover the
explanatory factors and consequences of cybersecurity. Hypothetico-
deductive methods put the different hypotheses in competition with reality
2 In this chapter, for lack of space, we will not deal with the abduction phase, which is
between the heuristic phase and the confirmatory phase.
and are validated, or not, by this test of facts. These hypothetico-deductive

methods also allow, where ethically possible, the deployment of
experimental or quasi-experimental research in the HSS.
One problem remains, however, in applying this range of research

methods. Indeed, how can we distinguish the individual from the community
and vice versa? In other words, how can the agency-structure debate be
resolved 3 with these different methods? The simplest answer is to use
qualitative analyses (for individuals or small groups of individuals)
and quantitative analyses (for communities). Indeed, the phenomena arising
from the vast field of observation of cybersecurity lend themselves
advantageously to quantitative analyses (the number of cyber-attacks over a
given period of time, the extent of the cyber threat, the amount of personal
data leaked, the number of actors involved, etc.) as well as to qualitative
analyses (the nature of the codes developed, whether militarized or not,
the nature of the targets, the nature of the personal data compromised, the
nature of the actors involved, etc.). As long as cybersecurity studies benefit
from a substantial body of valid data and information, it is possible to choose
the right methods, i.e. those adapted to the nature of the object, the state of
the literature and the resources available to the researcher.
This diversity of methods can be envisaged along two fundamental lines,

making it easier to construct a typology of the methods commonly used in
HSS. The first axis corresponds to qualitative and quantitative analyses. These
identify what is quantifiable and present in large numbers. Qualitative
analyses, on the other hand, apprehend what is related to words, the nature of
the phenomena observed and their context. The contribution of the HSS,
particularly with regard to qualitative analyses, is very important, in order to
grasp the role of individuals, their interpretation of the meaning they give to
their actions, as well as the role of institutions and the results of their actions.
For example, in the HSS, a quantitative analysis could estimate the costs of a
cyber-incident to industry or government [ROM 16]. A qualitative study, on
the other hand, would seek to describe the objectives, the processes for
formulating proposals, the roles assigned to each of the actors involved and the
results of the negotiations for the governance of cyberspace within the United
Nations Group of Governmental Experts on Information Security [HEN 19].
3 In other words, what is the predominant variable in explaining or understanding a social

phenomenon? Is it the social actor, the social structure that surrounds it or the fusion of the
two that is predominant?
The second axis distinguishes between hypothetico-deductive approaches

(explanatory approach) and empirico-inductive approaches (comprehensive
approach) and reflects the tension between explaining and understanding
arising from the internal and external references of scientificity in HSS.
These two axes cover the majority of research strategies that can be
implemented in the HSS. They cover both individual and community
interpretive efforts, as well as attempts to discover the causes of phenomena.
Naturally, qualitative analyses are more common in empirico-inductive
research, as they are deployed with individuals or small groups with the aim
of interpreting behaviors. Therefore, in the lower left quadrant of Figure 1.2,
there are many research strategies that can be used to achieve this goal.
Figure 1.2. Quantitative and qualitative approaches and empirico-inductive and

hypothetico-deductive approaches in the human and social sciences
In the opposite quadrant (top right) are the quantitative and hypothetico-
deductive methods used to identify trends and causalities between two
cybersecurity phenomena or between other phenomena and cybersecurity. In
the HSS, these methods mainly use correlational research strategies, discourse
or content analysis and experimental or quasi-experimental research.
Of course, thanks to theoretical and methodological triangulation, taken

in a broad sense, several crossovers, overlaps and convergences between
quadrants or methods are allowed. This corresponds to mixed methods,
located in the center of the graph, which take advantage of the crossover of
qualitative and quantitative methods, analyses and data [PAQ 10].
This graph therefore provides a global picture of the possibilities of

research methods available to the HSS in the study of cybersecurity. This
design offers the advantage of being able to analyze cybersecurity at micro,
meso (with mixed methods) and macro levels, according to the objectives of
explaining or understanding phenomena. It also facilitates the triangulation
of theories and research methods, as it marks out the universe of
methodological possibilities with regard to these objects.
However, a major problem remains in the use of this collection of research

methods. The first relates to the notion of Ceteris paribus sic stantibus, or in
English, “all things otherwise equal”. In other words, cybersecurity studies
must accept the existence of a gap between the analysis of reality at time X
and reality at time X+1, since X is totally different from X+1, as cyberspace
changes very rapidly [KAR 12]. Indeed, the context, the environment, i.e.
cyberspace, is constantly changing, through the introduction of new
technologies, new protocols, the arrival of new players or the transformation
of existing players, or through the nature of the information that circulates, or
through the transformation and ultra-rapid dissemination of information
observed qualitatively by researchers. This has the consequence of very
quickly invalidating any knowledge developed through a scientific process
and makes research very difficult to reproduce. Cyberspace is therefore a very
special field of research that needs to be explored.
The issue at stake is that every effect has a cause4, and cybersecurity and
its study cannot escape this truth. This constraint therefore diminishes the
possibility of achieving a complete and valid knowledge of cyberspace and
cybersecurity for both natural sciences and the HSS. In the face of this
impasse, qualitative and comprehensive research finds all its relevance.
Methodologically speaking, in summary, cybersecurity studies can and

should navigate the four quadrants of the table and continue efforts to
describe cybersecurity-related phenomena. Ideally, these studies would
4 According to the principle ex nihilo nihil fit (nothing comes of nothing).

apply and refine all of these methods to achieve a high level of general
knowledge, within the limits of what is possible, with the aim of providing
scientifically informed recommendations and thus promote the well-being of
humankind, which is the ultimate goal of all science. One challenge remains,
however, that of the validity of the data.
1.3. Data?
The implementation of research methods in all sciences requires access to

information and data relevant to those sciences. This is the empirical basis
on which the theoretical constructions that generally result from application
of the various research methods are built. According to Gauthier and
Bourgeois, in scientific research, researchers must apprehend reality
according to “an integral conception of the facts, on the refusal of the prior
absolute and on the awareness of [their] own limits. [...] It is an objective
quest for knowledge on factual issues” [GAU 16 p. 8].
In this respect, cybersecurity studies, and not only cybersecurity in the

HSS, face two problems. The first is intrinsic to the nature of the object
itself, i.e. the hidden aspect of the actors, their intentions and actions in
cyberspace and, more specifically, in relation to threats to cybersecurity.
The second issue is the privacy of data for cybersecurity studies. These
data are of a private nature (personal data, strategic company information,
national security data, etc.). They come from individuals, from the private
and public sectors, and the vast majority of them are subject to the seal of
confidentiality. Finally, very often, these data are analyzed by private
cybersecurity companies in a contractual framework where the disclosure of
information, which is very often sensitive, is greatly restricted. The quest for
profit, not knowledge, is the main driver of this market, which encourages
the appearance of conflicts of interest. Taken together, these problems delay
or impede improvements in cybersecurity, cyber resilience or post-incident
de-escalation because the victim of the cyber-attack or cyber operation
cannot know exactly what really happened, in the way that researchers do.
However, there is a latent imprecision in the data (and consequently

in the research results), even with large public surveys produced in
a professional manner. For example, Statistics Canada recently conducted a
survey entitled: “Canadian Cyber Security and Cyber Crime Survey” [STA 18]
covering the year 2017.
“The purpose of the Canadian Cyber Security and Crime

Survey is to collect data on the impact of cybercrime on
Canadian businesses, including such aspects as investment in
cyber security measures, cyber security training, the number of
cyber security incidents and the costs associated with
responding to these incidents.” [STA 18]
To this end, Statistics Canada created and submitted a 35-question

questionnaire to the information technology managers or senior managers
responsible for computer and network security in the companies surveyed. The
sample size was 12,597 Canadian companies, and the response rate was 86%.
Among the 35 questions, several dealt with cybersecurity threats and

digital risks related to cybercrime to Canadian businesses of all sizes.
For example, question 22 asked:
“In your opinion, what was the method used to compromise

cybersecurity? Select all that apply.
Incident(s) to disrupt or disfigure the business or its web

presence
Incident(s) to steal personal or financial information
Incident(s) to steal money or to demand payment of a ransom
Incident(s) to steal or improperly use intellectual property or

business data
Incident(s) to access unauthorized or privileged access areas
Incident(s) to monitor and track business activities
Incident(s) without known motive.” [STA 18]
The results generated by this question are misleading. First, asking this
question assumes that the respondent is aware of the intentionality of the
cyber-attacker. However, HSS has long been aware of all the methodological
pitfalls inherent in the intentionality of social actors and the difficulty of
interpretation, due to the contextualization of social action and the
construction of meaning for the actor.
Second, this issue also seems to misunderstand the implications of

obfuscation (or impenetrable code) efforts during cyber-attacks. One of the
main characteristics of a cyber-attack is precisely the inability of the victim to
determine where the attack comes from and who exactly the attacker is. The
latter blurs the tracks and undertakes “counter-forensic” measures in order to
hide their identity, their equipment, their networks and their method. This
measure therefore hampers the observability of cybersecurity phenomena.
Finally, this question considers that the respondent has a complete and
comprehensive view of all cybersecurity incidents in their company,
disregarding the compartmentalization of company information and
activities for security purposes. In sum, the question generates information
and results that can be analyzed, in particular, because of the sample size,
but the validity of these data is weak from a scientific point of view. Of
course, this single question does not form the empirical basis of the entire
study. Nevertheless, a very large number of such questions are found in HSS
cybersecurity investigations. The problem is that this type of data or results
is more about opinion than fact. It is therefore rather risky to build a
scientifically valid analysis on such a low-quality empirical basis, regardless
of the number of questions in the questionnaire.
The question then becomes how to improve the quality and quantity of
authentic data available to researchers. The first path of the solution returns, in
part, to the previous section of this chapter. Indeed, as illustrated in Figure 1.3,
the use of different research methods and the publication of their results will
generate back-and-forth movements between conceptualization and the field.
This back and forth between theory and reality will allow more accurate
identification and counting of these cybersecurity phenomena. As a result,
the empirical base will be broadened, deepened and improved.
In practice, to achieve this, it seems necessary to foster links between

researchers (academic and private), victims of cybercrime, practitioners (public
and private sectors) and governments at all levels in the field of cybersecurity.
This is a second option. There is also a need to facilitate the flow of information
with feedback on awareness-raising and the dissemination of good
cybersecurity practices. To this end, grounded theory seems to be a perfect

example of the contribution of HSS to cybersecurity studies since it aims to:
“inductively generate theorizing about a cultural, social or

psychological phenomenon by progressively conceptualizing
and relating valid qualitative empirical data.” [PAI 96 p. 184]
Figure 1.3. From conceptualization to field, from field to conceptualization
Essentially an empirico-inductive method, grounded theorizing
“[…] allows a provisional formulation to understand the

complexity of the phenomenon both at the conceptual level and
at the empirical level of its situational settings. The method is a
constant and progressive back and forth between data collected
in the field and a theorization process.” [MÉL 13 p. 436]
The use of this method seems promising for the study of cybersecurity in
HSS, particularly in terms of the generation of evidence that can be used
scientifically or politically, and therefore has high added value [MAU 19].
However, in order to do so, research needs a structure that can ensure its
scientific production and scientific reproduction. This third way of solution
is seen through the development of an academic discipline. According to
Lévy and Lussault, a discipline is an:
“[…] institutional division of a body of knowledge that delimits

a field in which the production of academic knowledge and the
reproduction of the professional body of ‘scholars’ are carried
out. By extension, a teachable school subject, defined by
specific objects, methods and exercises.” [LEV 13 pp. 283 –284]
In the light of this definition, it is possible to see that, for the moment, the
discipline of cybersecurity in HSS is merging into something less precise,
such as Digital Humanities or Internet Studies. To our knowledge, there is
currently no multidisciplinary humanities or social science academic
discipline dedicated solely to the study of cybersecurity. There is no doctoral
program from these two fields that ensures the replication of a faculty or
research community dedicated to creating cybersecurity research programs.
There is also no systematic production of research or publication of research
results that would form a substantial body of scientific publications by the
HSS, for the HSS and other sciences, from a basic research perspective, as
well as for the practice communities concerned with cybersecurity, from an
applied research perspective. These three findings, therefore, have a major
impact on the generation of available and valid data published in serious
scientific journals or disseminated in meta-databases that are accessible to
HSS practitioners (such as the ICPSR database5, for example).
Of course, the birth of a discipline is never clearly decided in reality,

especially in HSS. Cybersecurity is no exception to this observation since, in
general, the academic community has lagged behind practices in the field
and the private sector in this area. The impact is even greater for HSS, as the
need to understand the human dimension of cybersecurity is increasingly
pressing. HSS scholars may claim to contribute to knowledge in this field
and must generate data and research results to study cybersecurity. Through
the application of the methods and theories that populate its field of
knowledge, HSS is therefore legitimate and credible in its contributions to
the description, understanding and explanation of cybersecurity. Are
individual initiatives and initial ad hoc collaborations leading to the birth of
a cybersecurity discipline for HSS? This is desirable for both scientific and
practical reasons. But is this feasible in the short or medium term? The
question remains open.
5 See: https://www.icpsr.umich.edu/icpsrweb/.
In summary, for cybersecurity studies in general to become more

scientifically sound, they need authentic, available and public data. To do
this, the capacity for heuristic research from the public sector (universities,
governments, etc.) must be increased in quality and quantity, to eliminate the
current imprecision of available data and their privatization. Ideally, HSS
cybersecurity researchers, organized in academic disciplines, could draw
data with confidence from large international databases maintained by public
non-profit organizations (e.g. public universities) and research communities
from HSS research programs. These valid data not only promote the
emergence of new methods or new research but also help to clarify the
purpose of cybersecurity in the HSS.
1.4. One or more definition(s)?
The subject of cybersecurity in the HSS remains a mystery and therefore

poses a problem of definiton: what is cybersecurity for the HSS? In practical
terms, therefore, ontologically speaking, what is cybersecurity for the HSS?
Answering this ontological question means identifying the object (or objects)
by describing its components, and thus following the logic of the scientific
process prescribed above. Discerning the object to be analyzed from the
multitude of social and other phenomena empowers the research community
to apply the different research methods at their disposal on a common and
partly consensual basis.
A simple answer to the question would see cybersecurity as security in

cyberspace. This first answer, which is too simple, is difficult to
operationalize because empirically it does not discriminate between the
essential elements upon which the analysis is based. In other words, it leaves
significant imprecision about what security is and what cyberspace is.
Moreover, this response overlooks the growing intertwining of cyberspace
and societies where offline and online relationships have become
interdependent. This is what Graham and Dutton call cyberization [GRA 14].
Finally, this first answer abandons the human aspects of cybersecurity, in
favor of the technical and computer aspects, since security in cyberspace
primarily and pragmatically means the security of computer networks.
In fact, a more accurate answer would be that there is not one

cybersecurity object exclusive to the HSS or exclusive to computer sciences,
but rather a multitude of objects more or less close to the notion of
cybersecurity, which must be interpreted in the light of multidisciplinarity.

The different chapters of this book clearly demonstrate this diversity. The
legal and political aspects of cybersecurity, cyberspace espionage, Internet
surveillance, cyberviolence, insurance in the cyber and cyberwarfare are
treated as objects of cybersecurity in their own right, despite their great
diversity or empirical disparity. In fact, these objects “exist” both in the
virtual (cyberspace) and in the real world, and are likely to be dealt with
through a descriptive approach. Their causes and consequences are human
actions mediated by networked computers, which could be analyzed using a
hypothetico-deductive approach. Finally, they would be based on a
subjective projection of the individual and the community in cyberspace that
can be explored through an empirico-inductive approach.
A fertile tension nevertheless persists between the more technical fields

(such as computer science or computer engineering) and the fields stemming
from the “humanities” (sociology, political science, international relations,
etc.), which proceed with different scientific methods and criteria, as has
been demonstrated. Far from hindering the development of cybersecurity
studies, these differences can be reconciled, in particular, around the
definition of the very object on the basis of these fields of knowledge:
cybersecurity. Inevitably, this complicates the definition of the object since it
broadens, but unites, the possible field of investigation of this protean object.
How then can this complexity be accounted for to make it intelligible in a
definition? First of all, the technical and human aspects that characterize the
duality of cybersecurity must be accounted for. Figure 1.4 shows this
intelligible division of the cybersecurity object. The objective is to reconcile
methodological (hypothetico-deductive and empirico-inductive) and
epistemological (external and internal epistemological references) tensions
in the diversity of cybersecurity objects arising from its main technical and
human dimensions.
Cybersecurity, according to a definition that accounts for the human

being, is interpreted as “a state of greater or lesser computer, software,
network, individual and societal security” [LOI 16 p. 250]. “It is based on a
holistic, layered conception of cyberspace that includes the different layers
that make it up: physical, software, informational and human” [DUP 17].
The advantage of this definition is that it approaches cybersecurity as a state
variable, not as an objective, intention or policy. It is therefore a state of
greater or lesser cybersecurity at a specific time and which fluctuates, i.e. its
state at time X is different from its state at time X+1. Based on valid data,
this state is empirically observable, as is its opposite, cyber-insecurity. It can

therefore be analyzed both through the scientific method in the sense used by
natural science and through the more interpretative methods of HSS.
Figure 1.4. Human-centered definition of cybersecurity
Moreover, as with the research methods outlined above, the issue of

quantity versus quality remains important to consider, as it is clearly
manifested in the real world. For this reason, it seems appropriate to include
in the proposed definition the more individual (or micro) aspects of the more
collective (macro) aspects, in order to be able to adequately reflect the reality
that cybersecurity covers. In this broad definition of cybersecurity, the
human and technical dimensions lend themselves advantageously to it, as
they are more precise in terms of the objects to be processed. Finally, this
definition takes account of the online–offline continuum, which is
transversal in its four dimensions, as shown in Figure 1.5.
This figure should be read in relation to Figure 1.2. More precisely,

regardless of idiographic research, these two figures harmonize in the sense
that their quadrants correspond. Thus, the human dimension of cybersecurity
(on the left-hand side of the figure) is more amenable to analysis using
empirico-inductive methods. The technical dimension on the right-hand
side of the figure is more suitable for hypothetico-deductive research.
Collective phenomena affecting cybersecurity (the top of the figure) involve
quantitative analyses, whereas qualitative research is more suited to
individual phenomena or small groups of individuals. Thus, the quadrant in

the lower left corner of the figure corresponds to the fundamental
contribution of the HSS to cybersecurity studies, since these human and
individual phenomena can be analyzed by comprehensive and qualitative
methods. They provide an account of the reality of cybersecurity through
human experience and human interaction with or in cyberspace in the light
of the co-construction of knowledge and the interpretability of these
interactions and experiences. This makes it easier to observe and interpret
small-scale cybersecurity phenomena.
Figure 1.5. A broad definition of cybersecurity
In contrast (top right of the figure), technical and collective phenomena

are best analyzed using hypothetico-deductive and quantitative methods.
They use statistical approaches to describe and explain collective phenomena
and identify trends or variables. This makes it possible to measure and
observe cybersecurity phenomena on a large scale.
At the center of the figure is the online/offline continuum, which involves

triangulation of collection tools and information sources, triangulation of
theories and methods and triangulation of researchers or research teams using
mixed methods [ROT 08 pp. 892–894]. The study of this continuum and the
phenomena or objects associated with it [ARU 15] using mixed methods allows
us to conceptualize the contribution of multidisciplinarity to the complete
analysis of cybersecurity and thus also allows us to cross a new threshold of
scientificity. Indeed, the use of mixed methods reveals the possible subjectivity
of the researcher and their influence on the object of research within the
framework of a probable reality, in order to stimulate methodological and
epistemological reflection in cybersecurity studies [COR 14].
In summary, if one adds the definition of cybersecurity initially presented

to the methodological considerations just mentioned, this gives a workable
definition of cybersecurity with a high threshold of scientificity. In this
respect, we can therefore define cybersecurity as a state of greater or lesser
computer, software, network, individual and societal security that can be
analyzed according to different approaches and methods that capture the
individual uniqueness and collective plurality of the phenomenon, as well as
the cross-cutting impact upon it of the online/offline continuum.
1.5. Conclusion
This chapter is the outline of an epistemological reflection on the

scientific contribution of the HSS to cybersecurity studies. Much remains to
be written on this vast subject at a time of strong and pressing social,
governmental and scientific demand for a better understanding of
cybersecurity. In order to set the scene for the debate, it is necessary to
return to the central question of the chapter: in what way and how can the
HSS contribute scientifically to the study of cybersecurity? In order to raise
their scientific threshold, they can do so first of all by using the diversity of
proven research methods available to them. They can also contribute by
generating valid and publicly available data. Finally, they can do so by
means of an ontological reflection on the object or objects of cybersecurity.
Thus, this chapter has provided a broad definition of cybersecurity that is
combined with the diversity of methods invoked and the need to generate
valid data. The epistemological markers submitted in this chapter are quite
ambitious, but they seem right to increase the scientificity of HSS in
cybersecurity studies.
HSS research has been able to demonstrate, over the course of its history
and through its methods, its usefulness in deepening our understanding of
complex processes or phenomena, such as those arising from cybersecurity.
They are also able to discover relevant variables that have not yet been
identified, such as human, psychological or contextual variables. They are
beneficial to the exploration of social phenomena when public policy,
common sense and practice fail to provide satisfactory results. HSS
complement and even complete the unthought-of, and then nuance the
determinism arising from the natural sciences, and this is particularly true in
cybersecurity. Finally, such research is capable of generating knowledge
when investigations cannot be carried out experimentally for practical or
ethical reasons [MAR 89]. All of these elements, assessed against the
criterion of generativity, are very favorable for giving credibility to the study
of cybersecurity by the HSS.
Moreover, the epistemological reflection in this chapter, as well as the

methods and constraints outlined, demonstrate the advantages of an extensive
definition of cybersecurity, which favors the construction of general
knowledge that is scientifically or theoretically relevant, i.e. anchored in
reality and having positive repercussions for actors in reality [BER 12].
It is an intellectual work in progress that needs to be critically evaluated.

Questions also remain about the duality between subjectivity and objectivity,
as well as about the principles and practices of research ethics that must be
developed to address the purposes of the broad definition of cybersecurity
proposed in this chapter.
1.6. References
[ARU 15] ARUNESH S., NGUYEN T.H., KAR D. et al., “From physical security to
cybersecurity”, Journal of Cybersecurity, vol. 1, no. 1, pp. 19–35, 2015.
[BER 12] BERTHELOT J.-M. (ed.), Épistémologie des sciences sociales, Presses Universitaires
de France, Paris, 2012.
[BOU 14] BOURDELOIE H., “Ce que le numérique fait aux sciences humaines et sociales :
épistémologie, méthodes et outils en questions”, Tic & société, vol. 7, no. 2, pp. 19–34,
2014.
[COR 14] CORBIÈRE M., LARIVIÈRE N. (eds), Méthodes qualitatives, quantitatives et mixtes :
dans la recherche en sciences humaines, sociales et de la santé, Presses de l’Université
du Québec, Quebec, 2014.
[DEK 09] DE KETELE J.-M., ROEGIERS X., Méthodologie du recueil d’informations :

fondements des méthodes d’observation, de questionnaire, d’interview et d’étude de
documents, 4th ed., De Boeck, Brussels, 2009.
[DES 97] DESLAURIERS J.-P., KÉRISIT M., “Le devis de recherche qualitative”, in POUPART J.
et al. (eds), La recherche qualitative : enjeux épistémologiques et méthodologiques,
Gaëtan Morin, Cowansville, 1997.
[DUP 17] DUPÉRÉ S., “Les différentes couches composant le cyberespace”, in LOISEAU H.,
WALDISPUEHL E. (eds), Cyberespace et science politique : de la méthode au terrain, du
virtuel au réel, Presses de l’Université du Québec, Quebec, 2017.
[GAU 16] GAUTHIER B., BOURGEOIS I. (eds), Recherche sociale : de la problématique à la
collecte des données, 6th ed., Presses de l’Université du Québec, Quebec, 2016.
[GRA 14] GRAHAM M., DUTTON W.H. (eds), Society and the Internet: How Networks of
Information and Communication are Changing Our Lives, Oxford University Press,
Oxford, 2014.
[HEN 19] HENRIKSEN A., “The end of the road for the UN GGE process: The future
regulation of cyberspace”, Journal of Cybersecurity, vol. 5, no. 1, pp. 1–9, 2019.
[KAR 12] KARPF D., “Social science research methods in internet time”, Information,
Communication & Society, vol. 15, no. 5, pp. 639–661, 2012.
[KEM 12] KEMP S.J., “Constructivist criteria for organising and designing educational
research: How might an educational research inquiry be judged from a constructivist
perspective?”, Constructivist Foundations, vol. 8, no. 1, pp. 118–125, 2012.
[LEV 13] LÉVY J., LUSSAULT M., Dictionnaire de la géographie et de l’espace des sociétés,
Belin, Paris, 2013.
[LOI 16] LOISEAU H., “L’humain, grand oublié du phénomène cyber? Pistes de réflexion pour
la cybersécurité”, in GARON R. (ed.), Penser la guerre au futur, Presses de l’Université
Laval, Quebec, 2016.
[MAR 89] MARSHALL C., ROSSMAN G.B., Designing Qualitative Research, Sage, Newbury
Park, 1989.
[MAU 19] MAUNIER S., “Données probantes : quel rôle pour la recherche qualitative?”,
Recherches qualitatives, vol. 38, no. 1, pp. 71–87, 2019.
[MÉL 13] MÉLIANI V., “Choisir l’analyse par théorisation ancrée : illustration des apports et des
limites de la méthode”, Recherches Qualitatives – Hors Série, no. 15, pp. 435–452, 2013.
[NØR 08] NØRGAARD A.S., “Political science: Witchcraft or craftsmanship? Standards for
good research”, World Political Science Review, vol. 4, no. 1, article 5, 2008.
[PAI 96] PAILLÉ P., “L’échantillonnage théorique. Induction analytique. Qualitative par
théorisation (analyse). Vérification des implications théoriques”, in MUCCHIELLI A. (ed.),
Dictionnaire des méthodes qualitatives en sciences humaines et sociales, Armand Colin,
Paris, 1996.
[PAQ 10] PAQUAY L., CRAHAY M., DE KETELE J.-M. (eds), L’analyse qualitative en
éducation, 2nd ed., De Boeck, Brussels, 2010.
[PRO 15] PROULX J., “Mathematics education research as study”, For the Learning of
Mathematics, vol. 35, no. 3, pp. 25–27, 2015.
[PRO 19] PROULX J., “Recherches qualitatives et validités scientifiques”, Recherches
qualitatives, vol. 38, no. 1, pp. 53–70, 2019.
[ROI 70] ROIG C., “La théorie générale des systèmes et ses perspectives de développement
dans les sciences sociales”, Revue française de sociologie, XI-XII, special edition, pp. 47–97,
1970–1971.
[ROM 16] ROMANOSKY S., “Examining the costs and causes of cyber incidents”, Journal of
Cybersecurity, vol. 2, no. 2, pp. 121–135, 2016.
[ROT 08] ROTHBAUER P.M., “Triangulation”, in GIVEN L.M. (ed.), The Sage Encyclopedia of
Qualitative Research Methods, Sage Publications, Los Angeles, 2008.
[SAL 12] SALEH I., HACHOUR H., “Le numérique comme catalyseur épistémologique”, Revue
française des sciences de l’information et de la communication, no. 1, 2012.
[STA 18] STATISTIQUE CANADA, Enquête canadienne sur la cybersécurité et le cybercrime,
15 October 2018, available at: https://www.statcan.gc.ca/fra/enquete/entreprise/5244.
[VEN 11] VENTRE D., Cyberattaque et cyberdéfense, Hermes-Lavoisier, Paris, 2011.
2

Definitions, Typologies, Taxonomies
and Ontologies of Cybersecurity
2.1. Introduction
On the national and international scene, cybersecurity is nowadays

described as a major issue. Faced with the ever-increasing volume and
seriousness of security incidents in cyberspace, states have equipped
themselves with legal and technological instruments enabling them to
organize the necessary responses. By legal means, they have not only
designed the framework for sanctions but have also given the security forces
the means to act. These means have been implemented since the 1970s. And
even if, at that time, we were not talking about “cyberspace” or
“cybercrime”, but about “computer crime”, or “computer-related crime”, the
challenges were no less great. This need for protection, anticipation and
reaction was essential. The story has not changed much since then. Society
as a whole, its economy, its citizens, its businesses, its critical
infrastructures, its administration and its government, are exposed to cyber-
attacks whose power or intensity level is such that it can disrupt their
functioning and balance. The State is probably the major actor in
coordinating the fight against these threats – which are propagated by
networks – because it requires comprehensive action and the involvement of
many actors which must be simultaneously legal, technical, political, public
and private, national and international.
Chapter written by Daniel VENTRE.

Although the concept of “cybersecurity” is now at the heart of national

security and defense policies, its definition still raises some problems today.
Formulations of definitions are multiplying. To grasp the full meaning and
scope of this concept, typologies, taxonomies and ontologies are also
constructed. However, the concept seems to elude these latter just as much,
allowing a very large number of possibilities – perhaps too many. This is the
impression conveyed by recurrent observation of a lack of consensus on
definitions, typologies, taxonomies, ontologies (which we shall refer to in
the rest of this chapter as DTTOs); i.e. on how to express the ideas contained
in concepts and the relationships between them. DTTOs are essential tools
that can be mobilized by different actors (academic researchers, industry,
state administrations, etc.) to try to master concepts. All these actors use
them and reformulate them according to their own cultures, knowledge,
vocabularies and objectives. There is therefore a natural accumulation of
definitions of cyberspace, cybersecurity, and notions or concepts derived
from it. The same can be said for typologies, taxonomies and ontologies.
Our chapter discusses the frequent assertion that “no one definition – or
typology, taxonomy, ontology – exists” for cybersecurity.
There are several reasons for this phenomenon. The objects, too complex
and designating evolutionary phenomena, remain elusive. The composite
nature of the concepts does not make them any easier to understand: here,
we are faced with terms comprising a “cyber” prefix, subject to
interpretation, itself associated with equally complex concepts (such as the
notion of security, defense, space, domain, crime, etc.). Difficulties mount
up. The lack of consensus may reflect the transversal nature of cyberspace,
which occupies practically all sectors of activity and therefore calls for
diverse representations or expressions of phenomena.
The lack of consensus is in itself a significant issue, because of the

negative effects it may have. First of all, it may prevent dialogue, penalize
communication between decision-makers, engineers, different disciplines,
professions, both nationally and internationally, and could even lead to
disagreement or misinterpretation. Think of meetings between national
cybersecurity officials who are unable to agree on a common definition of
national cybersecurity. Lack of consensus would then be a brake on
efficiency. There can be no large-scale coordinated fight without sharing, at
the very least, a common definition of the phenomenon to be fought against
[LAS 14]. How can we understand each other, get along, discuss, negotiate,
Definitions, Typologies, Taxonomies and Ontologies of Cybersecurity 27
if we do not agree on common definitions? This lack of consensus would

block the production of information and statistical data on the phenomena: in
the absence of a shared definition of cybersecurity, it is difficult, for
example, to compare expenditure on it (What should be counted? What is
cybersecurity spending?) or to assess the extent and evolution of the
phenomena. It would also be a hindrance for researchers to formulate global
theories [SHA 10]. At the strategic level, particularly in the field of defense,
the lack of convergence on the definition of an act of cyberwar poses the risk
of an escalation of inter-state tensions [LIN 17].
On the other hand, the mere fact of reaching consensual DTTOs would
remove many obstacles, ensuring a solid basis for dialogue, mutual
understanding during negotiations, pooling of resources and definition of
global security policies. However, consensus in the understanding of
concepts does not guarantee the effectiveness of cybersecurity policies, nor
does consensus on such policies.
In this chapter, we will analyze the DTTOs of cybersecurity, in order to

try to highlight the absence, or on the contrary the existence, of strong
convergences. Can it really be said that there is no consensus? We will
examine these instruments one by one, which are definitions, typologies,
taxonomies and ontologies, their theoretical modes of construction and their
applications to the concept of cybersecurity. We will compare approaches
and isolate some observations that we believe are significant, in terms of
how cybersecurity is understood and addressed. In our view, there are a few
major trends that we believe are necessary, enough to speak of consensus or
to lay the foundations for it.
2.2. Definition
2.2.1. What is a definition?
We will retain the following formulation of a definition:
“To define, in the scientific sense of the word, is to condense a

concept into a short and precise formula. This formula,
however, is not easily found. There is a great distance […]
between feeling or conceiving and defining or expressing,
especially when it comes to a large set of ideas and facts. It may
very well be, and indeed it frequently happens, that the object of
any branch of human knowledge is clearly and equally

conceived by all those who cultivate it, and yet each of them
expresses it in a different way. It is possible […] that an idea
can be defined in the mind without having its exact definition in
language […] a definition can never express the total internal
essence of the concept, which is why science is a process of
continuous renewal to arrive at a definition in accordance with
the nature of the cognoscible, and it enters the states of our
intellectual activity through intermediate stages…” [CAR 81]
The author of these words recalls the primary purpose of a definition

(to condense), its form (precision and conciseness), the difficulty of the
exercise and its limits. While the definition should be precise, it can
nevertheless be multiple. A definition is therefore never definitive, unique. It
is also the result of choices, expressing a concept from a particular angle.
A definition is not descriptive:
“The material for our judgments consists of individual

representations and general ideas. Representations are
described; ideas are defined. To describe is to determine
the constituency of an individual; to define is to determine the
constituency of an idea.” [LIA 73]
According to the online dictionary of the Centre National de Ressources

Textuelles et Lexicales (CNRTL)1, “to describe” consists of “representing in
detail, in writing or orally, certain apparent features of an animate or
inanimate being”2, while “definition”, on the contrary, aims to determine the
distinctive characteristics of a being3. The “apparent” features of description
are in contrast to the “characteristic” features of definition. Examples include
descriptions of organizations’ cybersecurity policies (descriptive criteria are
applied) [AIC 17], descriptions of continuity plans to deal with an attack
[CIG 18] and descriptions of cybercrime incidents [BHA 17] and cyber
threats (descriptions based on factual data such as dates, volume of attacks,
costs, geography, victims, evolution in time and space, modus operandi, etc.)
[ENI 18].
1 https://www.cnrtl.fr.
2 https://www.cnrtl.fr/definition/décrire.
3 https://www.cnrtl.fr/definition/définition.
A definition will answer the question “what is (cybersecurity)?” while a

description will answer the question “how” (How is cybersecurity organized
or how does it work? How do attacks impact/affect society, systems, actions,
etc.?) and will call for developments of a factual nature.
2.2.2. Usefulness of definitions
A definition has several functions. It serves to enlighten, to clarify,

to remove ambiguities, to explain and to create a space for common discourse:
“This is the great utility of defining names, to make it clear what they are
about, so as not to argue unnecessarily over words, which one hears
one way and the other hears the other way, as is so often done, even in
ordinary discourse” [BAR 77]. “When writers are trying to explain an
unfamiliar idea, they rely on definitions. All definitions attempt to explain or
clarify a term” [NRO 19].
It associates a sequence of words with a single term that contains them

all: “Often you can only get a distinct idea of a thing by using many words
to describe it, and it would be unwise, especially in science books, to
repeat this great sequence of words over and over again. That is why, having
made the thing understood by all these words, one attaches to a single word
the idea one has conceived, and this word takes the place of all the others”
[BAR 77]. “A definition links a denomination to its conceptual content”
[VEZ 09].
Making a definition is consubstantial with the creation of knowledge:

“Socrates reminds us […] that the precondition for any thought, and
therefore, a fortiori, for any action, is the search for the definition of the
object under discussion. Definition is not an ancillary process but the
essence of knowledge. To know is to know how to define what it’s all about”
[COU 15].
2.2.3. Rules for constructing definitions
There are several categories of definitions, which differ in particular in

their composition. Some of these categories are listed in Table 2.1.
Definition Category
Answer the question: “What is an X?” The definition then
takes the form: X is a kind of Y (here, we designate the
genus, the general class to which X belongs) which has the
Aristotelian characteristics a, b, c… (we identify what differentiates X
from the other elements belonging to Y).
This is also called an inclusive, logical or hyperonymic
definition. [DES 01]
Conceptual definition “consists of a statement comprising a
basic or inclusive term and propositions explaining the
Conceptual
semantic features (differentiating and essential) of a notion.”
[LAR 96]
A constructive definition “tends to create a new concept by
Constructive
the very act of definition.” [KER 02]
A type of definition that combines formal and informal
Extended
definition. [NRO 19]
“A definition which tends to reflect a concept ‘given in
advance’ […] and which pre-exists […] the operation of
Explanatory
definition itself” [KER 02]. Opposite of constructive
definition.
Type of definition found in dictionaries, glossaries, chapters,
manuals. It is formal because it has a particular form, made
Formal
up of 3 constituent elements: the term, the grammatical
category (verb, noun, adjective, etc.) and the definition (see
paragraph below on the formalism of definitions). [NRO 19]
Hyperspecific When the number of features goes beyond what is
(encyclopaedic) necessary. Includes superfluous elements.
Hypospecific When the number of characteristics stated is insufficient.
One that explains ideas or terms with the use of synonyms
Informal or antonyms. [NRO 19] Composed of a synonymous
paraphrase.
“Seeks to describe the meaning(s) (signified) of a lexical
Lexicographic
unit.” [VEZ 09]
Reserved for compound or derivative words and defines
Morphosemantic
only the affix or compositional link. [DES 01]
Negative Defines a word by indicating what it is not.
“Nominal definitions only allow us to designate an object by
Nominal
its characters, to distinguish one object from others. They
are traditionally opposed to real definitions, which deal with

the nature, the objective reality of things themselves.”4
Operational Describes what you need to do to…
Operatorial or by function Describes the unfolding of a phenomenon, a process.
By understanding Listing all the characters.
By extension Listing all the forms.
Explain how things were formed. Example: “…is obtained
By generation
by rotating…”
Formed in two parts: the “inclusion”, which designates the
general genus or category to which the object to be defined
By inclusion
belongs, and the specific features of the object
distinguishing it from other objects of the category.
Partial Definition of the type “X is a part of…” or “X is a set of…”
By example/by extension Giving examples.
“Consists of a definition, either lexical or conceptual,
Referential followed by a development in the form of a description
including the ancillary features of the concept.” [LAR 96]
That which answers the (Socratic) question “What is…?”5 It
Socratic takes a moral, philosophical and aesthetic stance, not on the
terms but on the essence of things [WER 08].
Indicates how the term will be used by the proposer of the
definition, or how it should be used by others. The
Stipulative
distinction between lexical and stipulative definitions can be
difficult to make [HAN 06].
“The aim is to describe and state a concept (or notion)
designated by a term […] and to characterize it in relation to
Terminological
other concepts within an organized system (called a
conceptual system).” [VEZ 09]
Table 2.1. Some types of definitions
This long, yet non-exhaustive list illustrates the complexity and diversity
of the categories of definitions that can be used to express concepts. These
various forms of definitions can sometimes be combined, intermingled
(a definition can, for example, be both partial and operational or operative at
the same time). The online dictionary of the Centre National de Ressources
4 https://www.cnrtl.fr/definition/nominal.
5 https://faculty.washington.edu/smcohen/320/socdef.htm.
Textuelles et Lexicales (CNRTL)6 recalls the essential features of a

“definition”. The dominant idea, the CNRTL tells us, “is that of a boundary
or set of lines that circumscribe an object”. A definition must precisely
determine the limits of an object, the distinctive features of a being, the
content of a concept. It “puts in equivalence a being to be defined, with a set
of attributes that determine its essential characteristics”. A definition is
generally composed of three parts [HAN 06]:
– the “definiendum”: the term to be defined, the definite;

– a connector (defining connective);
– the “definians”: what defines, what defines it.
Several categories of definitions retain this tripartite structure. For Mal

Shield [SHI 04], formal definitions in mathematics have such a structure.
The example from [SHI 04] provides the following definition of “triangle”:
“A triangle is a closed plane shape with three straight sides.” The three parts
of the definition are as follows:
– the item (the subject, the theme, the object): which is the idea or
concept to be defined (here “triangle”);
– the class: which identifies the set or group to which the object belongs
(here, “closed plane shape”);
– characteristics: are the elements that distinguish the object from all
other objects in the class (“with three straight sides”).
2.2.4. Definitions of cybersecurity
Several studies have proposed a comparative study of the various

definitions of cybersecurity available. We refer the reader to the ENISA study
published in 2015 [ENI 15], to the article by Samantha A. Adams of the same
year [ADA 15], as well as to the 2017 article by Daniel Schatz, Rabih
Bashroush and Julie Wall [SCH 17]. Other documents provide compilations of
cybersecurity-related definitions without comparative analysis (Tim Maurer
and Robert Morgus, 2014 [MAU 14]). We have grouped together (Table 2.2)
6 https://www.cnrtl.fr/definition/définition.
Another random document with
no related content on Scribd:
— ja ulkomailla, tuottaen seikkailevalla elämällään paljon huolta
äidilleen ja Anghel-enolle, joka seurasi mielenkiinnolla
sisarenpoikansa vaiheita.
Suuri alkoholisti oli koettanut usein päästä keskusteluun tuon

kiihkokiertolaisen kanssa, joka yritti kaikkea eikä pysähtynyt
mihinkään, mutta ei ollut siinä onnistunut. Adrien näyttäytyi ja katosi
jälleen kuin haamu. Tällä kertaa tuli kutsu oikeaan aikaan. Dimi oli
tullut rattaineen noutamaan häntä jo varhain aamulla. Hänen oli
täytynyt suostua.
Niin, suostua. Hän ei suinkaan lähtenyt kevein sydämin tuon kovia

kokeneen miehen luo. Hänen pelkonsa oli valtavampi kuin
pääsiäisiltana, veljesten »sovintoiltana». Hänestä tuntui siltä, kuin
olisi hänet kutsuttu oikeuden eteen, joka tuomitsi hänet syylliseksi.
»Hänen täytyy viheltää saadakseen ryyppynsä!» Hän pysähtyi,

muistaessaan tämän yksityisseikan, joka oli hänen mielestään enon
kurjuuden huippukohta.
Märehtien ajatuksiaan ja etenkin kysymystä, miksi sairas

välttämättä tahtoi nähdä ja puhutella häntä, hän huomasi yht'äkkiä
olevansa kylän toisessa laidassa, sadan askeleen päässä talosta,
joka joskus oli ollut kapakka. Silloin hän hidastutti käyntiään ja
tarkasteli seutua, mielenliikutuksen salvatessa hänen hengitystään.
Hänen uteliaat katseensa etsivät ennenkaikkea tuota kummaa,
lapsekasta sairaanhoitajaa ja Kerberosta, joka oleili aina ulkosalla.
Hän tähysteli lyhytnäköisillä silmillään talon ympäristöä. Siellä ei
liikkunut ketään. Etäällä, Galatziin vievällä maantiellä huutelivat
ajajat toisilleen, ja lukemattomat korpit lentää vaapottelivat kehässä
lyijynharmaan taivaan alla, tehden aution seudun vieläkin
synkemmäksi.
*****
Adrien lähestyi taloa kuin syyllinen tai varas. Hän huomasi, että
kapakan katto oli osittain korjattu uudella ruokilla. Iso vaja, joka,
ennen oli antanut suojaa matkamiesten hevosille, oli poissa. Sen
paikalla oli nyt vain kostunut, maan tasalle painunut olkikasa. Talo
itse oli laskehtinut matalammaksi entisestään, ovi ja molemmat
ikkunat olivat kallistuneet vinoon, menetettyään pystysuoran
asentonsa. Mitä ikkunaruutuihin tulee, olivat ne vieläkin likaisemmat
kuin tuon kauniin, palaneen talon ikkunat, jotka Anghel-eno kerran oli
rikkonut.
»Täällä tekee siis kuolemaa mies, joka rakasti niin suuresti

siisteyttä!» ajatteli Adrien.
Kun lasta ei näkynyt missään, suuntasi Adrien askeleensa ovelle.

Samassa tuo kummallinen vartia kohosi olkikasan takaa, huitoen
kepillään ja lasketellen virtanaan käsittämättömiä sanoja, mikä oli
kuin selkäänsä saaneen koiran ulinaa. Adrien jäi rauhallisena
seisomaan tämän vähemmän tavallisen ilmiön eteen. Verhonaan
polviin saakka ulottuva risainen liivi, seisoen siinä pitkäkoipisena
kuin haikara, paljain, loan peittämin jaloin, tämä poikanen jaksoi
vaivoin kannattaa ohuen ja ikäänkuin venyneen kaulansa varassa
suunnatonta, kurpitsan muotoista päätään, joka heilahteli
lakkaamatta hänen olkapäillään. Hän herätti Adrienissa vain
ihmettelyä.
»Tahdon tavata enoa», sanoi hän, täynnä inhoa.
Vastaukseksi tuo epäsikiö sulki häneltä tien ja kohotti keppinsä

lyöntiin, mutta nähdessään vieraan pysyvän paikoillaan hän avasi
oven, pujahti sisään ja salpasi sen sisäpuolelta.
Adrien huomasi olkitukon, joka oli seinässä olevan reiän suulla,
veti sen pois ja kuunteli. Sisältä kuului yhtämittainen, kirkuva,
eläimellinen ääntely, mutta Anghelin ääntä ei eroittanut lainkaan.
Viimein ovi narahti, ja tuo outo olento kutsui nuoren miehen

sisään, ojentaen käsivarttaan tavalla, joka oli naurettava ja samalla
surullinen.
Adrien oli entisessä kapakassa, joka oli nyt vain polttopuiksi

tarkoitettujen kuivien oksien säilytyspaikkana. Aikoinaan kiiltävä,
tamminen myymäläpöytä oli liitoksistaan hajonneena työnnetty
erääseen nurkkaan, jossa myöskin näkyi pulloja, maljakoita ja
korvallisia laseja. Taivas katseli sisään ruokokaton suuresta
halkeamasta. Viinikellarin katto oli pudonnut sisään ja ilmassa tuntui
homeen haju. Sateet ja lumet olivat muuttaneet liejuvelliksi aikoinaan
kovaksi poljetun maan. Nämä mykät esineet puhuivat niin äänekästä
surun kieltä, että Adrien seisoi kuin naulittuna paikoillaan. Tämä
tuhoutuneesta elämästä kertoileva näky jääti hänen sydäntään, ja
hän ajatteli:
»Ja tämä on vain esimakua!»
Voittaen voimakkaan pakenemishalun hän työnsi auki sairaan

huoneeseen vievän oven.
Häntä vastaan tulvahti kauhea ruumiin ja lian löyhkä. Hän sulki

kirvelevät silmänsä, mutta ehti sitä ennen nähdä selän, kiiltävän
päälaen, joka muistutti pullistunutta rakkoa sekä luisen käsivarren,
joka riippui ryysyisen vuoteen laidalta.
Adrien lyyhistyi tämän luurankomaisen käden yli ja painoi otsansa

sitä vasten. Käsi oli jäinen.
Sairas ei hievahtanutkaan.
*****
»Nouse ylös… Adrien… ja nosta minua».
Adrienia puistatti. Ääni ei ollut ihmisen, ei Anghelin miehinen ääni,

vaan muistutti eniten tuberkuloosiin kuolevan lapsen vikinää.
Hän nousi ja jäi nöyränä, hattu kädessä, seisomaan keskelle

huonetta, kasvot käännettyinä sairaaseen. Tuo mies ei ollut Anghel-
eno, vaan vanhus, jolla oli muumion kasvot, suunnattoman suuret,
loistavat, luonnottomat silmät, jotka katselivat kuopistaan kuin kuilun
pohjalta, pitkä, veitsenteräksi ohentunut nenä, kuivettuneet huulet ja
ammottava suu. Valkea hiuskiehkura kiersi niskaa korvasta toiseen.
Parta, joka aikoinaan oli ollut kihara ja kiiltävän musta, oli nyt vain
savunharmaa, takkuinen villakuontalo. Luurankomaiset käsivarret,
jotka pistivät esiin likaisen liivin hihoista, oli kaikki, mitä näkyi
peittojen, säkkien ja risaisten ghebain muodostamasta ryysykasasta.
Siinä koko Anghel-eno… — — —
»Istu… tuonne… tuolille. Inhoatko minua?…»
»En, eno, olen onneton nähdessäni sinut tuollaisena».
»Sinä olet onneton… Miksi?… Enhän minäkään ole onneton».
»Mutta sinähän kärsit varmaankin kauheasti».
»Erehdyt, Adrien… En kärsi enää. Vain pääni elää; mitä muuhun

tulee… en tiedä siitä mitään. Muu… on mennyttä. Mutta pää!… Mikä
ihmeellinen laitos!»
Hän oli hetken vaiti, katsellen tiukasti sisarenpoikaansa, ja sanoi
sitten täynnä vakaumusta:
»Minun piti kuolla jo kolme päivää sitten… sillä minulla ei enää

ollut mitään ajateltavaa, kun Jeremias tulikin illalla kertomaan
minulle, että sinä olit kotimatkalla… Ja silloin maltoin mieleni ja jäin
odottamaan».
»Eno! Mitä sanotkaan? Kuolemaa ei voi pidättää, kun se tulee,

eikä se myöskään tule, milloin halutaan. Vai aioitko itse lopettaa
päiväsi?»
»Niin, niin», myönteli Anghel hyväntahtoisesti, »minäkin tunnen

tuon luonnon lain. Mutta sanohan, Adrien, sinä, joka olet lukenut niin
paljon kaunista kirjoistasi, oletko varma siitä, että maailma on jo
kaiken oppinut?»
»Oi, ei!» huudahti Adrien, »on vielä paljon opittavaa!»
»Hyvä… Ja tässä saat Anghel-enoltasi yhden opin lisää: ajatus on

yhtä voimakas kuin kuolema. Se ei sitä voita, mutta se voi kiusoitella
sitä».
Nuori mies arveli sairaan olevan sekaisin, ja kuunteli häntä vain

kohteliaisuudesta. Hän näki hänen paljaalla päälaellaan joka
suunnalle haarautuvia arpeutuneita viiruja, jotka olivat peräisin
tuosta kauheasta murhayrityksestä, jonka uhriksi hän oli joutunut
omassa myymälässään.
»Sinä katselet ruhjottua päätäni», sanoi Anghel. »No niin,

miehelle, jonka ajatuksen voima on heikko, olisi siinä ollut kylliksi
kuolla kahdestikin, sillä ajatuksesta riippuu kuolema. Kun tuho
lähestyy, nousevat voimakkaat aivot vastarintaan, taistelevat, käyvät
sotaa kuolemaa vastaan ja pitävät joissakin tilanteissa kuolinhetkeä
loitolla, viivästyttävät sitä. Niinpä minäkin tuona päivänä, jolloin
vuodatin vertani, olin tietoinen siitä, että tainnostila oli
vastustamattomasti tulossa, uhaten uuvuttaa minut uneen. Ja vaikka
näennäisesti olinkin tainnoksissa, pitivät aivoni puoliaan, ymmärsin
kaikki, mitä lääkärit sanoivat enkä hetkeksikään antanut
olemattomuuden saada ylivaltaa. Se olisi saattanut käydä ikuiseksi!
Ajatukseni riippuivat lakkaamatta elämässä».
*****
Anghel keskeytti hetkeksi puheensa vetäistäkseen henkeä.

Adrienista tuntui siltä, kuin olisi hän katsellut palsamoitua faraota
Kairon Bulac-museossa, faraota, joka ei enää räpäyttänyt
selkoselälleen jääneitä silmiään. Kasvojen luusto näkyi selvään
liikkuvan, kuivettuneen, kuultavan nahan läpi, joka peitti niitä kuin
ohut pergamentti, uhaten repeytyä vähimmästäkin liikkeestä.
Ja kas, seinänpuolinen, piilossa ollut käsi kohosi hitaasti ja vei

suulle tinapillin, joka oli kiinnitetty nuoranpätkällä pikkusormeen.
Vakavana Anghel-eno puhalsi muutaman lyhyen vihellyksen. Saattoi
hyvin huomata, ettei ilma tullut keuhkoista, vaan yksinkertaisesti
suusta. Käsivarsi lepäsi rintaa peittävällä säkillä. Synkkinä
ammottavat silmät tuijottivat Adrieniin kiihkeästi, kuin tahtoen naulita
hänet seinään.
»Eno», sanoi Adrien silloin, nousten seisomaan, »haluatko

jotakin?»
»Pysy paikoillasi! Et osaa palvella minua».

Nyt lennähti ovi auki kuin tuulen työntämänä, ja raju sairaanhoitaja
syöksähti sisään. Isäntä ja palvelija katsoivat muutaman sekunnin
toisiaan, sitten viimemainittu otti sängyn jalkopäästä viinapullon,
täytti pienen lasin ja tyhjensi sen sairaan suuhun. Tämän tehtyään
hän katosi jälleen!
Adrien oli katsellut näytelmää äänettömänä. Hän odotti enoltaan

selitystä. Viimemainittu jatkoi hellittämättä samaa ajatuksenjuoksua,
sanoen:
»Näen sinun kuuntelevan epäuskoisena ja kohteliaana puheitani.

En siitä loukkaudu: on vaikea ymmärtää sellaista, jota ei ole kokenut.
Kuulehan siis… Kolmeen vuoteen en ole noussut jaloilleni tältä
vuoteelta. Kolme talvea, kolme kevättä, yhtä monta kesää ja syksyä
olen selälläni maaten katsellut mustunutta kattoa. Tämä on kaikkein
voimakkaimmin eletty ajanjakso elämässäni. Kokonaiseen vuoteen
olen tuskin syönyt tai nukkunut, ja nyt puolena vuotena en lainkaan:
ei leivän murua, ei unen hiventä. Mutta minä juon, juon viinaa.
Päivisin lapsi kaataa sen kurkkuuni, kuten juuri näit. Jotta en
menehtyisi öisin eikä minun tarvitsisi herättää poloista raukkaa, imen
alkoholilla kostutettua sientä, jonka näet tuolla pöydällä. Aamuun
mennessä ovat huuleni imeneet sen kuivaksi, polttaneet sen».
Adrien peitti käsin kasvonsa ja huudahti:
»Eno, kuinka kauheaa on elämäsi!»
»Sanoitko kauheaa, poikaseni? Kauheaako? Ehkä … Mutta se on

johdonmukaista, kohtaloni mukaista… Ajoin takaa täydellistä onnea,
helppohintaista onnea, turhamaisen ja ylpeän lihan tyydyttämistä…
Ja sen saavuttamiseksi taistelin kiihkeästi. Taisteltuani
kaksikymmentä vuotta sain omakseni kauniin naisen, joka nukahti
syödessään; komean talon, joka paloi poroksi kuin olkihökkeli;
karjaa, joka katosi teille tietymättömille; lapsia, jotka kuolivat pois;
rahaa, joka houkutteli kimppuuni murhamiehet, ja puhtaan paidan,
joka on likainen seuraavana päivänä. Kaikki tämä vain tämän
ruumiin vuoksi, joka on irtautunut päästäni, joka on minulle yhtä
vieras kuin sitä peittävät rievut, tämän mätänevän ruumiin vuoksi,
joka on vain haaska! Elin kokonaisen ihmisiän, neljännesvuosisadan,
tämän ruumiin orjana, jota tahtoisin nähdä korppien raatelevan,
niinkuin madot kalvavat sitä nyt, enkä hetkeäkään huomannut, että
minulla oli pää, aivot, valo, johon mätä ja madot eivät pysty…»
*****
Sairas oli ponnistuksesta uupuneena kauan vaiti. Adrien saattoi

tuskin sietää hänen katsettaan, joka näytti kuin syyttävän häntä
jostakin. Ja niin olikin.
»Adrien», sanoi eno, »olen kutsunut sinut luokseni, saadakseni

sanoa sinulle, että olen sinuun tyytymätön!»
Tämä puhuttelu, joka oli kuin piiskan isku, sai Adrienin

hätkähtämään ja hän huudahti:
»Tyytymätönkö minuun? Ja miksi, eno?»
»Siksi, että olet nautiskelija! Siksi, että unohdat valon, joka sinulla
on päässäsi, ja muinaiset sanani! Tällainen on sallittu tuhansille ja
tuhansille vähäpätöisille olennoille, jollainen minäkin olen, mutta ei
sinulle, Adrien, ymmärrätkö? Ei sinulle, jonka aivot ovat tunteneet
valon varhaisimmasta lapsuudesta saakka. Muistatko, kuinka sinä
viisitoistavuotiaana — jolloin huvitellaan paperileijoilla — tulit Anghel-
enon siistiin ja viihtyisään kapakkaan, kertoillaksesi hänelle
tähtitieteestä ja antaaksesi ihailla itseäsi? Muistatko, kuinka hartaina
minä ja työmieheni ahmimme jokaisen taivaallisen viisauden sanan,
joka tuli huuliltasi. Ah! Tuo menneisyys! Näen sen edessäni kuin
eilispäivän. Ulkona lunta ja tuulten temmellystä… Kapakassa
miellyttävää lämmintä, pakinoivia, työtätekeviä miehiä, elämisen
iloa… Leikkasin savustetusta kinkusta suuria kimpaleita,
punnitsematta, laskematta, kitsastelematta, ja kaadoin viiniä
anteliain käsin, kuullen sydämeni ääntä… Syötiin, juotiin, ylistettiin
Jumalaa ja kuunneltiin, kuinka sinä kaadoit kumoon hänen
rakennuksiaan, moninkertaistutit maailmoita, mittasit tähdet ja teit
pilaa pappien typeryydestä!… Ha! ha!… Se miellytti minua!
Työmiehiänikin se miellytti. Joku joukosta huudahti: 'Kuka on tuo
poika, joka puhuu kuin kirja?' — 'Sehän on sisarenpoikani, tuhat
tulimmaista!' minä vastasin, ylpeänä sinusta, ja itsestänikin, vaikka
en mitään tietänyt. 'Hän on vanhimman sisareni ainoa poika,
sisareni, jonka vertaista hempukkaa ei ollut toista, kun hän oli
kaksikymmenvuotias!'…»
Ja tarttuen suureen viinikulhoon minä täytin omasta aloitteestani

puolikkaanmitat, jotka olivat jälleen kuivat kuin kesäauringon
paahtama maa… — — —
»Mutta seis! Pois, pois luotani, te julmat muistot! Ja sinä, Adrien,

sisarenpoikani, kuuntele minua, tottele minua! Älä toivo mitään, älä
odota mitään elämältä, joka lyö murskaksi ihmisen, turmelee ruumiin
ja saa meidät unohtamaan pään. Mitä tarkoittaa tuo pöyhistely, johon
antaudut? Tuo mitan mukaan tehty puku? Tuo vaatelias irtokaulus?
Nuo kiiltävät kalvosimet? Mitä? Ovatko tuollaiset hepenet tarpeen
nuorelle miehelle, joka tuntee taivaallisen valon ja jolle Anghel-enon
turma ei ole tietymätön?»
Täynnä kunnioitusta Adrien antoi päänsä painua. Hänellä oli
kielellään päteviä vastaväitteitä, mutta hän ei rohjennut tuoda niitä
esiin. Ihmetellessään ääneti enonsa ankaruutta, tämä vei jälleen
pillin kuihtuneille huulilleen ja alkoi kärsivällisesti ja hitaasti, ja tuon
tuostakin henkeään vetäen, kutsua yltiöpäistä palvelijaansa, joka heti
saapuikin, täytti lasin, nakkasi sen sisällön isäntänsä kurkkuun, ja
meni menojaan käsivarsiaan ja päätään heilutellen.
»Kolme vuotta sitten tuli korviini niljainen juttu», jatkoi Anghel-eno.

»Seurustelit hurjastelevien nuorukaisten kanssa, jotka eivät olleet
arvoisiasi, ja menit eräänä iltana Brailassa tanssiaisiin, missä panit
erään nuoren tytön pään pyörälle. Vietit yön tytön luona. Seuraavana
päivänä houkuttelet hänet mukaasi Bukarestiin. Kaksi viikkoa
myöhemmin sinut tuodaan poliisivoimalla tutkintotuomarin eteen.
Kuukautta myöhemmin sinut viimein tuomitaan kaksiviikkoiseen
häpeälliseen vankeuteen 'alaikäisen ryöstämisestä'.»
Adrien punastui korviaan myöten ja sanoi:
»En minä häntä 'ryöstänyt', eno. Tyttöhupakko nousi vaunuihin

omasta tahdostaan, eikä se ollut hänen ensimäinen matkansa.
Ilveilyn uhriksi jouduin minä… Muuten olisinkin lain mukaan saanut
kolme vuotta vankilaa».
»Ehkä… Mutta sinä tiesit, ettei alaikäisellä ole 'tahtoa', ja että hän
on vanhempiensa valvonnan alainen?»
»Kukaan ei mahtane mennä pyytämään vanhemmilta lupaa saada

maata yönsä heidän tyttärensä kanssa».
»Se on selvää! Mutta ei myöskään ole maattava tytön luona, joka

lähettää sinut seuraavana päivänä vankilaan».
Eno odotti vastausta. Adrien vaikeni. Edellinen jatkoi:
»Enkä moiti sinua vain tästä. Tiedän, että äitisi sairastui häpeästä
tämän seikkailusi jälkeen. Tytön vanhemmat tulivat hänen luokseen,
vaatien avioliittoa. Ja sillävälin kuin sinä maleksit Bukarestissa, syyti
koko kaupunginosa solvauksia irstailevan pojan äidille. Sinä välitit
tuosta kaikesta niin vähän, että pulaan jouduttuasi kirjoitit äidillesi,
pyytäen rahaa. Tuskin sairaudesta toipuneena hänen täytyi
kyyristäytyä pesualtaan ääreen, saadakseen kokoon rahaa sinun
hätäsi lieventämiseksi… Jos tämä on mielestäsi pojan rakkautta, niin
kumarran. Mutta tässä ei ole kaikki, minulla on tarkat tiedot, kuten
näet… Sinun pidättämisesi pakoitti äidin kokoamaan kimsunsa ja
kamsunsa ja muuttamaan keskellä talvea toiseen kaupunginosaan,
missä sai maksaa paljon kalliimman vuokran. Päästyäsi viimein
vankilasta sinä kunnostauduit jälleen, sekaannuit
työväenliikkeeseen, sinut pidätettiin ja sait raippoja kuin hevosvaras.
Seuraukset: kuukausi parantolassa, häilyvä terveys ja tekosyy
matkustaa Egyptiin, missä olet nääntyä nälkään ja muistat äitiäsi.
Ah! Adrien, mitä sinulta puuttuu enemmän: sydäntäkö vai älyä?
Tuohon aikaan tuli sisar-parkani käymään luonani. Heikkona kuin
haamu hän tuli ensi kertaa eläessään pyytämään minulta rahaa,
lähettääkseen pojalleen… En säälinyt sinua, vaan häntä, tuota
marttyyriä, ja avasin hänelle kukkaroni».
*****
Adrien purskahti itkuun, heittäytyi polvilleen löyhkäävän vuoteen

viereen, tarttui enonsa luiseen ja kylmään käteen ja suuteli sitä
kiihkeästi, huutaen:
»Anteeksi!… Anteeksi!… Olen kurja!»

»Hyvä on. Sinä kadut. Ja katumusta seuraa parannus. Koeta
tehdä parannus, ja minä annan sinulle anteeksi jo nyt, ja olet jälleen
minun Adrienini, minun sisarenpoikani, Anghel-enon henkevä poika,
enon, jonka näet makaavan tällä kurjalla vuoteella siksi, että hän
erehtyi tavoittelemaan liian kaunista naista, liian kukoistavaa taloa,
liian puhdasta paitaa. Mutta riittäköön jo!»
»Eno, mitä minun sitten on tehtävä?» sopersi nuori mies, kuivaten

kyyneleitään ja istuutuen entiselle paikalleen. Anghel kohotti
vaivalloisesti luurankomaista käsivarttaan kuin lausuakseen
kirouksen:
»Sinun on käännyttävä pois kaikesta, mikä sinua mairittelee,

voitettava ylpeät halut, vaiennettava lihan ääni, joka jäytää meitä
kuin mato, antauduttava koko sieluinesi hengen palvelukseen, joka
on ainoa tukemme hädässä. Siinä kaikki, mitä minulla on sinulle
sanottavaa…»
»Mutta, eno», uskalsi Adrien huomauttaa, »sinähän inhoat tänään

kaikkea, mitä eilen rakastit…»
»Aivan niin… Kaikki se, mitä eilen rakastin, on saattanut minut

siihen, missä näet minut tänään…»
»Mutta täytyyhän rakastaa sitä, mistä on nautintoa: kaunista

naista, kukoistavaa kotia ja puhdasta paitaa. Intohimomme vaativat
sitä ja aistimme huutavat sitä».
»Tuo on totta vain näennäisesti, Adrien!… Vain näennäisesti!…

Intohimot ja aistit aiheuttavat myrskyn, joka ei ole oikeassa
suhteessa niiden onnellistuttamiskykyyn».
»Sydämen myrsky…»
»Sydämemme on pahantekijä!» huusi kuoleva, ponnistaen

viimeiset voimansa. Hänen äänessään ei enää ollut inhimillistä
sointua, se tuli vinkuen nenästä. Tätä lausetta seurasi pitkä
äänettömyys. Seinään päin kääntynyt pää jäykistyi liikkumattomaksi,
samoin käsivarret. Adrien luuli, että hänen enonsa siinä tuokiossa
vetäisi viimeisen henkäyksensä.
Ei. Anghel-eno ajatteli yhä. Hän kääntyi jälleen Adrieniin päin ja

tarkasteli häntä, ja hänen katseestaan kuvastui kauhu, joka
paremmin kuin sanat ilmaisi hänen aivojensa surullisen taistelun.
Hellittämättä katsettaan Adrienista Anghel vihelsi voimakkaasti,
voimakkaasti ja kiirehtimättä, kuin osoittaakseen sisarenpojalleen,
että hän kiusoitteli kuolemaa.
Poika tuli sisään juoksujalkaa, eno nieli annoksensa, nuolaisi

valkoisia huuliaan ja hymyili, saatuaan jälleen voiton
olemattomuudesta…
*****
»Sydän! Sydän! Adrien… Itkekäämme sitä! Tuota nyrkinkokoista

lihapalaa, joka ei lakkaa lyömästä. Tuota naurista, tuota palleroista
artisokkaa, joka kätkee itseensä iäisyyden, joka saa ikuisen
liikkumiskyvyn sinä hetkenä, jolloin se joutuu naisen lämpimään
kohtuun, jolloin se varmastikaan ei ole neulankärkeä suurempi; joka
kasvaa ja lyö; joka ailahtelee, riemuitsee, kärsii ja lyö pysähtymättä
synnyinhetkestään kuolemaansa saakka. Kas niin!… Olkaamme
oikeamielisiä tuota poloista pahantekijää kohtaan! Se tuottaa meille
tosin paljon pahaa, mutta se tekee sen anteliaisuuttaan. Ah! Taasen
muistoja!… Siunatut muistot!… Olkoon menneeksi… Eläkäämme
vielä hetkinen kauheassa menneisyydessä!… — — —
»Jollei kyynelteni lähde jo olisi kuivunut, itkisin mielelläni sen

nuorukaisen vuoksi, mikä olin kaksikymmenvuotiaana… Kiipesin
siihen aikaan kohti onneni kukkulaa, ja kuohuva vereni pani minut
elämään sataa elämää yht'aikaa. Mikään ympärilläni ei ollut minulle
vierasta, yhtävähän ilo kuin surukaan. Anghel-eno oli mukana niin
häissä kuin kiistassakin. Minä se tyhjensin ensimäisen ja viimeisen
viinilasin ja minä niinikään olin viimeinen tappelussa! Sillä —
kaikkivoipa Jumala! — on suloista kuulla ohimoittensa jyskyttävän
'Kristuksen veren' voimasta, samoinkuin on suloista iskeä
pilantekijää, joka nauraa hohottaa päin naamaasi. Ja tiedetäänhän,
että 'Herramme veri' usein juhlatilaisuuksissamme sekoittuu meidän
kuolevaisten vereen.
»Samoin kävi tuona joulunakin, josta aion kertoa sinulle…
»Luulisin sinun hiukan muistavankin sitä, sillä olit kuusivuotias ja

olit näkemässä tuota ottelua… — — —
»Millaisia olivatkaan entisajan suuret kirkkojuhlat!… Totisesti on

ihminen surkea nauta!… Elämä koettelee häntä, muuttaa perin
hänen tunteensa ja turmelee hänen sielunsa paljon helpommin kuin
eläinten, jotka pysyvät samanlaisina ajasta aikaan.
»Kun vertaa nuoruusaikani hurjia miehiä nykypäivien rujoihin, voisi

heitä täydellä syyllä sanoa jalopeuroiksi. Heidän joukossaan oli
heikkojakin, mutta sellaisista ei kukaan välittänyt, sellaisia ei otettu
lukuun. Kun jossakin Petroin, Cazassun tai Nazirun kapakassa
mainittiin kylämme nimi, johtuivat läsnäolijoiden mieleen heti
muutamat miehet: ensinnäkin Jeremias, urhoollisista urhoollisin,
sitten… kautta kunniani, niin, Anghel!… Sitten muistettiin ystävääni
Nikolaita, Vladimiria, Pitkää Costaa ja monia muita vähemmän
kuuluisia, koko tuota falangia, joka oli yhtä voittamaton työssä kuin
pidoissakin, huvittelussa kuin tappelussakin!… Mutta nyt…
»He!… Adrien… sylkäise minun puolestani, sillä minä en enää

jaksa sylkäistä! Nyt on olemassa vain kääpiöitä, jotka pelkäävät
omaa varjoaan ja antavat vaimojensa piestä itseään!…»
*****
»Tuon joulun aattona, joka oli remuava ja dramaattinen yht'aikaa,

minä lähetin kotiin kymmenen dekalitran viinitynnyrin, kuusi suurta
leipää ja yhtä monta porsasta hapankaalissa paistettavaksi.
»Sinun mielestäsi siinä oli liikaa niille kahdelletoista suulle, joiden

piti kokoontua pöydän ympärille. Ehkä sinun aikaisillesi
kalvetustautisille, jotka voivat pahoin kolmannesta suupalasta ja
päihtyvät puolesta viinilasista. Meille… Hauska leikki!…
»Näen silmieni edessä Stefanin, papin, joka osasi ulkoa raamatun

ja neljä evankeliumia ja joka kuoli viime vuonna… Tuohon aikaan,
kuusikymmenvuotiaana, hänellä oli simpanssin hampaat ja kukon
miehuus. 'Rovastinna', hänen vaimonsa — leveälanteinen nainen,
jonka kasvot olivat punaiset kuin pioni — odotteli kahdeksattatoista
lastaan, muut seitsemäntoista olivat elossa ja voivat hyvin. Ah!
Olisitpa nähnyt tämän 'jumalaisen' parin leu'at heti asianomaisen
pöytäsiunauksen tapahduttua, joka suoritettiin lyhyesti ja nopeasti,
sillä vesi kihosi papin kielelle… Hänen leukansa murensivat kylkiä,
luita ja rustoja kuin ne olisivat olleet auringonkukan siemeniä, ja
hänen kunnianarvoisa partansa kieppui rinnalla kuin käynnissä
olevan myllyn ratas…
»Äitini, joka istui papin vieressä, — tietoisena päivän pyhyydestä
ja hurskaana sormenpäitä myöten — taisteli urheasti
ruokalautasensa ääressä… Äkkipikainen ja ovela Dimi-veli valitsi
taitavasti parhaat palat itselleen. Jeremias nieleskeli kaiken
valikoimatta ja pureskelematta, sillävälin kuin Pitkä-Costa — pitkä
raajoilta kuten sanoiltakin — ojenteli loputtomia käsivarsiaan
ylt'ympäri pöytää, kahmaisi kaikkea, puhui vähän ja antoi toisten
puhua, täyttääkseen heidän suunsa tyhjällä».
»Onhan luvallista olla ahmatti, Stefan-isä?»
»Luvallista, poikani, luvallista».
»Eihän se ole syntiä?»
»Ei ole syntiä se, mitä suuhun pistetään, vaan se, mitä suusta
tulee…»
»Kertokaa meille kohtaus Herran ehtoollisesta…»
»Aivan heti…»
»Kuusi miestä ja kuusi naista istui pöydän pitkillä sivuilla. Pöydän

päässä, kasvot itäänpäin, istui isä-Stefan, kohoten kuin jättiläinen yli
seuran. Oltiin onnettomia siitä, että lukumäärämme oli kolmetoista,
'pirun luku', mutta lohduttauduimme lisäämällä seuraan kääpiön, joka
täytti sarkkamme, iloisen ja teräväpäisen ukkelin, joka vaivoin jaksoi
kierrättää pöydän ympäri suunnattoman suurta savikulhoa.
»Kun suut oli saatu tyhjiksi, kääntyi mieli huviin ja kurkut

viinikarahveihin. Kuohuva viini virtasi jokena ja jutut sen mukana.
Sitten Dimi otti ihmeellisiin sormiinsa pitkän paimenhuilunsa, ja kas,
kaikki olivat jaloillaan, pappi mukaanluettuna. Ja nyt alkoi tanssin
leiske astioiden ja maljojen peittämän pöydän ympärillä.
Huudahdukset ja jalkojen töminä vapisuttivat koko taloa. Kasvot
hikikarpaloissa pappi ja hänen vaimonsa lopettivat viimein tanssin,
näyttääkseen esimerkkiä kohtuuden noudattamisessa. Ja juhlaa
jatkettiin entistä ehommin…»
*****
»Mutta minulle ei tuo ilta merkinnyt vain juhlimista. Jotakin tärkeää

oli tekeillä, ja kaikki olivat siitä selvillä. Lisäksi tämä seikka kiihdytti
mieliä ja jakoi läsnäolijat kahteen, melkein tasaväkiseen
puolueeseen.
»Oli kysymyksessä äitisi uudelleen naittaminen, ja minä kannatin

ystävääni Nikolaita, joka myöskin oli saapuvilla, ja oli melko varakas
talonpoika ja lapseton leskimies. Jeremias ja Costa olivat läsnä
tukeakseen hänen pyrkimyksiään ja avustaakseen minua. Mutta
äitisi ei ollut aivan vapaa. Aikoja sitten oli Dimi, tuo veljellinen
vekkuli, kaikessa hiljaisuudessa asettanut vaaliin oman suosikkinsa,
joka niinikään oli nimeltään Nikolai, muuten perin miellyttävä mies,
kalakauppias Brailasta, joka ansaitsi hyvin ja eli huolettomasti. Paitsi
Dimiä, kannatti hänen ehdokkuuttaan saksalainen serkkumme
Tudor, jota kaikki pelkäsivät hänen villin luontonsa ja
herkulesmaisten voimiensa vuoksi. Tudor ja hänen Nikolainsa olivat
kuin veljekset.
»Ja näin me istuimme pöydässä vastakkain vannoutuneina

kilpailijoina, neljä minun puolellani ja kolme Tudorin, mutta Tudor
vastasikin helposti kahta kaikkein voimakkainta miestä. Äitisi istui
heidän puolellaan, mutta en tiedä, missä määrin heidän Nikolainsa
miellytti häntä, enkä sitäkään, millainen heidän suhteensa oli.
Kuitenkin tiedettiin, että hänen oli vaikeassa asemassaan usein
täytynyt alistua ottamaan vastaan antimia, joita kalakauppias
lakkaamatta tuhlaili hänelle.
»Ja mikä kummallinen olento olikaan tuo sisarparkani!…

Kolmikymmenvuotiaana hän oli kaunis kuin vastikään naimisiin
mennyt tyttö, luonteeltaan miellyttävä ja iloinen ja osasi laulaa ja
tanssia viehkeästi, mutta kävi töykeäksi ja turmeli hauskimmankin
seuran mielialan, niinpian kuin tuli kyseeseen hänen uudelleen
naittamisensa. Ja tämä kaikki vain sinun tähtesi: ajatellessaan, että
uusi aviomies saattaisi olla tyly sinua kohtaan, hän muuttui villiksi
kuin naarasleijona. Sinun kauttasi hänet joko saavutti tai menetti, ja
sinusta tuli kompastuskivi tuonakin iltana.
»Ystäväni Nikolai rakasti sinua ja tuli usein luoksemme vain

leikkiäkseen kanssasi. Te olitte toverukset, ja se oli valtti meidän
hyväksemme. Tuona jouluiltana Nikolai toi sinulle makeisia
vuoteeseen, missä nukuit ja havahduit aina sen mukaan, kuinka
huoneessa meluttiin. Tämä miellytti äitiäsi ja kiihdytti toisen
mustasukkaisuutta, joka tietämättä, miten lopettaisi leikin, veti
taskustaan kultarahan ja heitti sen sinulle, sanoen:
»Kas noin, Adrien, tuolla saat ostaa koko kilon makeisia!»
»Niinpä niin… mutta ne hajuavat kalalta!…» vastasi ystäväni,

vihjaten hänen ammattiinsa, jota nuoret tytöt inhosivat.
»Se hajuaa kuitenkin paremmalta kuin lantatunkio!» vastasi

edellinen, taputtaen talonpoikaa selkään.
»Nämä sapekkaat sanat putoilivat puoliyön maissa, kun viini yksin

oli vastuussa puheista. Tudorin kiukku kuohahti helposti. Ja
peloittavinta oli, ettei hän ollut lainkaan humalassa.
Vakuuttautuakseni hänen tilastaan minä pistin taitavasti jalkani
eteen, kun hän nousi lähteäkseen ulos: hän ei kaatunut». — — —
Anghelin henkeä salpasi. Kertominen uuvutti häntä. Hän vaikeni

äkkiä. Hänen kasvonsa eivät ilmaisseet enemmän mielenliikutusta
kuin väsymystäkään. Sama jähmettyneisyys, samat kaameina
ammottavat silmät. Ja taas hän vihelsi elämänsä pidentäjää ja sai
viinatilkan. Sitten hän jatkoi reippaammin:
»Kun nyt mietin ja tutkistelen rauhassa ihmiselämän intohimoja,

kysyn itseltäni, emmekö sittenkin ole vain marionetteja paholaisen
käsissä, joka pitelee nuoran päästä ja tanssittaa meitä mielensä
mukaan. Sillä jos meillä tuona iltana olisi ollut järki hiukankin
paikoillaan, olisi meidän täytynyt nähdä, että äidilläsi oli yhtä vähän
halua mennä naimisiin kuin hirttää itsensä. Mutta viini ja
sydäntemme rajuus veivät meistä voiton, ja sana sanalta kävi
selvemmäksi, ettei enää ollutkaan kysymys jonkun naittamisesta,
vaan että haluttiin yksinkertaisesti vain iskeä yhteen, iskeä sokeina
ja kuuroina.
»Äitisi puolestaan — jolle tuotti pirullista huvia kiihoittaa miehet

toisiaan vastaan, ja jonka vuoksi moni hänen nuoruudessaan oli
puhkaisuttanut päänsä — avusti niin hyvin paholaista, että veremme
syttyi tuleen, ja tuo tuli oli vähällä tuhota hänetkin. Tuntien
kalakauppiaan mustasukkaisuuden hän kylvi hämminkiä molempien
Nikolaiden mieliin laulamalla erästä tunnettua laulunpätkää, jossa
nimi Nikolai toistui joka säkeen lopussa:
»Ai, ai, ai, suutele mua, Nikolai!…
»Niin, suutele mua, Nikolai, mutta kumpi heistä?… Ja kun kukin

pani parastaan jouduttaakseen kahakkaa, kiusoitteli minun Nikolaini
kaimaansa, vilkutti silmää ja polki pöydän alla äitiäsi jalalle. Tudor
ulvoi:
»Lempo vie!… pian räjähtää!…»
»Niin, serkku!», huudahdin minä. »Räjähtääpä totisesti!»
»Äitini nousi paikoiltaan. Ollen järjestelevinään pöytää hän kokosi

kaikki veitset ulottuviltamme, mutta huomatessaan, että Tudorilla
yksin oli kauhea puukko vyöllä, hän pyysi sitä häneltä, sanoen:
»Tudor! Lapseni!… Anna minulle puukkosi!»
»Ylpeänä Tudor veti puukon tupesta ja heitti sen oveen. Vanhus

nouti sen sieltä. Sitten hän toi vihkivettä, siroitteli sitä huoneeseen,
poltti suitsutusta ja rukoili:»
»Kaikkivaltias Jumala! Aja pois saastuttaja tästä huoneesta, jossa

se heiluttaa häntäänsä ja villitsee mielet!… Herra, karkoita se kauas
erämaahan!… Armahda meitä syntisiä, Poikasi nimessä, joka on
syntynyt meille tänään!»
Ja kääntyen äitisi puoleen hän sanoi rukoilevasti:
»Lähde täältä, tyttäreni!… Mene kohentamaan tulta liedellä… Ja

rukoile… Sillä sinä olet syynä pahaan, niinkuin Eva oli syynä
kuoleman syntiin…»
»Kaikki miehet vastustivat 'pahan poistumista'». Jeremias lauleli:
»Anta-kaa — mei-dän — pi-tää kau-nis — pahen-nuk-sem-me! Mi-

tä — oli-si-vat — mie-het il-man — kau-nis-ta — pa-hen-nus-ta?»
Äiti sanoi itku kurkussa:

Cybersecurity in Humanities and Social Sciences A Research Methods Approach 1St Edition Edition Hugo Loiseau Full Chapter PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cybersecurity in Humanities and Social Sciences A Research Methods Approach 1St Edition Edition Hugo Loiseau Full Chapter PDF

Uploaded by

Copyright:

Available Formats

Cybersecurity In Humanities And Social

Sciences: A Research Methods

Using R For Data Analysis In Social Sciences: A

Social Research Methods 5th Edition Alan Bryman &&

Research Methods in Kinesiology and the Health Sciences

Artificial Intelligence And Its Discontents: Critiques

Research Methods and Statistics: A Critical Thinking

Research Design and Methods: A Process Approach, 11th

Scholarly Virtues in Nineteenth-Century Sciences and

Bryman's Social Research Methods, 6th Edition Clark

A Research Methods Approach

ISTE Ltd John Wiley & Sons, Inc.

© ISTE Ltd 2020

Library of Congress Control Number: 2020935380

British Library Cataloguing-in-Publication Data

Chapter 1. The “Science” of Cybersecurity in the Human and

Chapter 2. Definitions, Typologies, Taxonomies and

Chapter 3. Cybersecurity and Data Protection – Research

Chapter 4. Researching State-sponsored Cyber-espionage . . . . . . 85

4.8. Intellectual precision and objectivity in state-sponsored

Chapter 5. Moving from Uncertainty to Risk: The Case of

Chapter 6. Qualitative Document Analysis for Cybersecurity

6.5.3. Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

Chapter 7. Anti-feminist Cyber-violence as a Risk Factor: Analysis

List of Authors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211

Why a methodology book?

Before the concept of cybersecurity was introduced, in the 1960s,

Introduction written by Daniel VENTRE, Hugo LOISEAU and Hartmut ADEN.

Our contribution to this wave of international cybersecurity productions

methodologies. The chapters in this book eloquently demonstrate the

international geopolitics is being transformed by the importance of

The contribution of HSS is also evident in its capacity to generate social

Contributions to the book

The seven chapters of this book offer different perspectives on particular

In his chapter, Hugo Loiseau discusses the scientificity of cybersecurity

Daniel Ventre deals specifically with definitions of concepts and ways of

Hartmut Aden analyzes tensions and synergies between cybersecurity

Marie Kratz and Michel Dacorogna use quantitative methods to study

Brett van Niekerk and Trishana Ramluckan’s chapter illustrates how

Elena Waldispuehl looks at online anti-feminist violence from two

Indeed, according to the principles of the scientific method advocated by

Chapter written by Hugo LOISEAU.

is unavoidable. The critical study of science enlightens us about the value

It could be argued that the HSS perspective on cybersecurity is

1 Securitization corresponds to the idea of dealing, in political discourse, with an issue

This rapid diagnosis may seem to show a lack of scientificity in HSS

In short, there is a lack of reflection on the epistemology of the HSS in

The humanities and social sciences are characterized by the diversity of

HSS have arrived at this diversity through epistemological reflections

“…capacity for qualitative research to stimulate and participate

This methodological diversity and these epistemological reflections are

“In a world of research that is becoming increasingly open and

In order to grasp the diversity of cyber phenomena, the HSS have

to establish a typology were made very early on by cybersecurity studies in

The methodological threshold that remains to be crossed for HSS

Figure 1.1. From observations to scientific laws

From an epistemological point of view, the following stage of this

and are validated, or not, by this test of facts. These hypothetico-deductive

One problem remains, however, in applying this range of research

This diversity of methods can be envisaged along two fundamental lines,

3 In other words, what is the predominant variable in explaining or understanding a social

The second axis distinguishes between hypothetico-deductive approaches

Figure 1.2. Quantitative and qualitative approaches and empirico-inductive and