Research Strategy (Framework)
A research strategy defines a structured and systematic approach that guides the design, development, and evaluation processes of the project to ensure efficiency, consistency, and high-quality outcomes.
In the context of this project, the strategy is essential for developing a community-driven honeypot management platform. It helps organize the development lifecycle into clear, iterative, and manageable phases that support continuous improvement and adaptability.
Software development methodologies are commonly based on the Software Development Life Cycle (SDLC), which provides a structured framework consisting of several key stages, including planning, requirements analysis, system design, implementation, testing, deployment, and maintenance. These stages ensure that the final system aligns with user requirements while maintaining quality, scalability, and time efficiency.
The SDLC can be implemented through different development models such as Waterfall, Spiral, Incremental, RAD, and Agile. Each model has its own strengths and limitations depending on project requirements, complexity, and flexibility needs.
The Waterfall model, for example, is suitable for systems with well-defined and stable requirements; however, it lacks flexibility in handling evolving requirements. In contrast, this project involves dynamic requirements driven by continuous security threats, evolving attack patterns, and user-driven feature enhancements.
Therefore, rigid models such as Waterfall are not suitable for this project due to their limited adaptability. Instead, an Agile-based methodology is more appropriate, as it supports iterative development, continuous feedback, and incremental improvements.
Among Agile frameworks such as Scrum, Kanban, Lean, and Extreme Programming (XP), Scrum has been selected for this project due to its structured yet flexible nature.
Scrum divides the development process into short, time-boxed iterations known as sprints. Each sprint delivers a functional increment of the system, enabling continuous improvement of features such as attack logging, vulnerability modules, dashboard visualization, IOC categorization, and community-based intelligence sharing.
Scrum also enhances transparency and collaboration through defined roles and ceremonies, including the Product Owner, Scrum Master, sprint planning, daily stand-ups, sprint reviews, and retrospectives.
This approach aligns well with the evolving nature of cybersecurity threats, allowing the system to adapt continuously to new attack techniques and user requirements.
Therefore, a Scrum-based Agile methodology is adopted as the core development framework for this project, ensuring a flexible, scalable, and user-centered development process that evolves alongside the cybersecurity landscape.
Figure 1.4: Scrum Process
The Scrum framework is illustrated as an iterative cycle consisting of short sprints (typically 1–4 weeks). Each sprint begins with sprint planning, where tasks are selected from the product backlog to form the sprint backlog. Daily stand-up meetings are conducted to track progress and resolve issues under the coordination of the Scrum Master.
At the end of each sprint, a sprint review is conducted to evaluate completed features such as attack analysis modules, honeypot configurations, and dashboard enhancements. This is followed by a sprint retrospective, which focuses on improving development processes and system performance for future iterations.
Scrum Framework Diagram
Figure 1.4: Scrum Agile Process used in system development.