A FRAMEWORK FOR QUANTITATIVE CYBER RESILIENCE ASSESSMENT OF NETWORK ARCHITECTURES IN EDUCATIONAL INSTITUTIONS
Abstract
This paper investigates the development and application of an integrated framework for the quantitative assessment of cyber resilience of network architectures in educational institutions. Resilience assessment criteria were identified and mapped to the NIST Cybersecurity Framework to cover key functional areas of cybersecurity, while the ISO 31000 standard was applied to assess disruption scenarios, including cyber-attacks and network infrastructure failures. The PIPRECIA-S method enables precise weighting of criteria based on expert assessments, and the H-SCRM methodology allows quantitative evaluation of network alternatives according to defined criteria and scenarios. The results show that the hybrid cloud-managed network architecture achieves the highest level of cyber resilience, while software-defined networking and traditional LAN architecture achieve lower global resilience index values. Sensitivity analysis confirms the stability of the ranking of alternatives and the robustness of the proposed model. The paper provides practical guidelines for improving network security and decision-making in educational institutions through an integrated approach to risk and resilience management.
References
Afolalu, O., & Tsoeu, M. S. (2025). Cybersecurity in Higher Education Institutions: A Systematic Review of Emerging Trends, Challenges and Solutions. Future Internet, 17(12), 575. https://doi.org/10.3390/fi17120575
AlHidaifi, S. M., Asghar, M. R., & Ansari, I. S. (2024). Towards a cyber resilience quantification framework (CRQF) for IT infrastructure. Computer Networks, 247, 110446. https://doi.org/10.1016/j.comnet.2024.110446
Araujo, M., Machado, B., & Passos, F. (2024). Resilience in the context of cyber security: A review of the fundamental concepts and relevance. Applied Sciences, 14, 2116. https://doi.org/10.3390/app14052116
Avramova, T., Peneva, T., & Ivanov, A. (2025). Overview of Existing Multi-Criteria Decision-Making (MCDM) Methods Used in Industrial Environments. Technologies, 13(10), 444. https://doi.org/10.3390/technologies13100444
Bašić, A., & Viduka, D. (2025). Multi-criteria decision-making in the evaluation of software testing methods. Sinteza 2025 – International Scientific Conference on Information Technology, Computer Science, and Data Science, 150–157. https://doi.org/10.15308/Sinteza-2025-150-157
Bašić, A., Viduka, D., Kraguljac, V., Lavrnić, I., Jevremović, M., Balaban, P., Sajfert, D., Gligorijević, M., & Barzut, S. (2024). Multi-Criteria Decision Analysis of Wireless Technologies in WPANs for IoT-Enabled Smart Buildings in Tourism. Buildings, 14(10), 3275. https://doi.org/10.3390/buildings14103275
Bellini, E., D’Aniello, G., Flammini, F., & Gaeta, R. (2025). Situation awareness for cyber resilience: A review. International Journal of Critical Infrastructure Protection, 49, 100755. https://doi.org/10.1016/j.ijcip.2025.100755
Dong, X., & Xie, Y. (2025). Research on cloud computing network security mechanism and optimization in university education management informatization based on OpenFlow. Systems and Soft Computing, 7, 200225. https://doi.org/10.1016/j.sasc.2025.200225
Gallon, L., Salameh, K., Chbeir, R., Bachir, S., & Aniorté, P. (2024). Educational Cyber–Physical Systems (ECPSs) for University 4.0. Information, 15(12), 790. https://doi.org/10.3390/info15120790
Güntem, O., & Kılıç, Y. (2025). Efficiency and Sustainability in Online Education: An Evaluation of LMS Platforms and University Websites in Northern Cyprus. Sustainability, 17(9), 4166. https://doi.org/10.3390/su17094166
Ibrahim, F. (2024). Importance of cybersecurity in educational institutions. https://doi.org/10.13140/RG.2.2.34745.99681
International Organization for Standardization. (2018). ISO 31000:2018 Risk management — Guidelines. ISO.
Jauković Jocić, K., Karabasević, D., & Jocić, G. (2020). The use of the PIPRECIA method for assessing the quality of e-learning materials. Ekonomika, 66, 37–45. https://doi.org/10.5937/ekonomika2003037J
Jawaid, S. A. (2023). Cyber security threats to educational institutes: A growing concern for the new era of cybersecurity. International Journal of Data Science and Big Data Analytics, 2, 11–17. https://doi.org/10.51483/IJDSBDA.2.2.2022.11-17
Kiryakova, G. (2017). Application of cloud services in education. Trakia Journal of Science, 15(4), 277–284. https://doi.org/10.15547/tjs.2017.04.001
Lallie, H. S., Thompson, A., Titis, E., & Stephens, P. (2025). Analysing Cyber Attacks and Cyber Security Vulnerabilities in the University Sector. Computers, 14(2), 49. https://doi.org/10.3390/computers14020049
Li, Y., & Liu, Q. (2021). A comprehensive review study of cyber-attacks and cyber security: Emerging trends and recent developments. Energy Reports, 7, 8176–8186. https://doi.org/10.1016/j.egyr.2021.08.126
Liu, T., Luo, Y. T., Pang, P. C.-I., & Kan, H. Y. (2025). Exploring the Impact of Information and Communication Technology on Educational Administration: A Systematic Scoping Review. Education Sciences, 15(9), 1114. https://doi.org/10.3390/educsci15091114
Madanchian, M., & Taherdoost, H. (2025). Applications of Multi-Criteria Decision Making in Information Systems for Strategic and Operational Decisions. Computers, 14(6), 208. https://doi.org/10.3390/computers14060208
Marinović, M., Viduka, D., Lavrnić, I., Stojčetović, B., Skulić, A., Bašić, A., Balaban, P., & Rastovac, D. (2025). An Intelligent Multi-Criteria Decision Approach for Selecting the Optimal Operating System for Educational Environments. Electronics, 14(3), 514. https://doi.org/10.3390/electronics14030514
National Institute of Standards and Technology. (2024). The NIST Cybersecurity Framework (CSF) 2.0. U.S. Department of Commerce. https://www.nist.gov/cyberframework
Olowo, B., Ahamefula, N., & Chukwu, B. (2026). Digital school management system in the 21st century education: Necessary, not a luxury. Federal University Gusau Faculty of Education Journal, 6, 338–346. https://doi.org/10.64348/zije.2026284
Pacheco, A., Yupanqui, R., Mogrovejo, D., Garay, J., & Uribe-Hernández, Y. (2025). Impact of digitization on educational management: Results of the introduction of a learning management system in a traditional school context. Computers in Human Behavior Reports, 17, 100592. https://doi.org/10.1016/j.chbr.2025.100592
Park, C., Son, M., Kim, J., Kim, B., Ahn, Y., & Kwon, N. (2025). TOPSIS and AHP-Based Multi-Criteria Decision-Making Approach for Evaluating Redevelopment in Old Residential Projects. Sustainability, 17(15), 7072. https://doi.org/10.3390/su17157072
Popović, S., Viduka, D., Bašić, A., Dimić, V., Djukic, D., Nikolić, V., & Stokić, A. (2025). Optimization of Artificial Intelligence Algorithm Selection: PIPRECIA-S Model and Multi-Criteria Analysis. Electronics, 14(3), 562. https://doi.org/10.3390/electronics14030562
Rathnayaka, B., Robert, D., Adikariwattage, V., Siriwardana, C., Meegahapola, L., Setunge, S., & Amaratunga, D. (2024). A unified framework for evaluating the resilience of critical infrastructure: Delphi survey approach. International Journal of Disaster Risk Reduction, 110, 104598. https://doi.org/10.1016/j.ijdrr.2024.104598
Rezvani, S. M. H. S., Silva, M. J. F., & de Almeida, N. M. (2024). Urban resilience index for critical infrastructure: A scenario-based approach to disaster risk reduction in road networks. Sustainability, 16, 4143. https://doi.org/10.3390/su16104143
Salas Riega, J., Riega, Y., Soto, M., & Salas-Riega, J. (2025). Cybersecurity and the NIST framework: A systematic review of its implementation and effectiveness against cyber threats. International Journal of Advanced Computer Science and Applications, 16. https://doi.org/10.14569/IJACSA.2025.0160672
Shetelia, N., Apshay, F., Telep, O., Ahiy, Y., & Maslov, V. (2024). The role of information communications in the educational environment of higher education institutions. Journal of Educational Technology Development and Exchange, 17(1), 188–204. https://doi.org/10.18785/jetde.1701.11
Singh, K., Chatterjee, S., Mariani, M., & Wamba, S. F. (2025). Cybersecurity resilience and innovation ecosystems for sustainable business excellence: Examining the dramatic changes in the macroeconomic business environment. Technovation, 143, 103219. https://doi.org/10.1016/j.technovation.2025.103219
Stanujkić, D., Karabasević, D., Popović, G., & Sava, C. (2021). Simplified pivot pairwise relative criteria importance assessment (PIPRECIA-S) method. Romanian Journal of Economic Forecasting, 24(4), 141–154.
Taherdoost, H., & Madanchian, M. (2023). Multi-Criteria Decision Making (MCDM) Methods and Concepts. Encyclopedia, 3(1), 77-87. https://doi.org/10.3390/encyclopedia3010006
Tariq, R., Casillas-Muñoz, F., Hassan, S., & Ramírez-Montoya, M.-S. (2025). Synergy of Internet of Things and education: Cyber-physical systems contributing towards remote laboratories, improved learning, and school management. https://doi.org/10.6084/m9.figshare.24927696
Theilig, K., Vollmer, M., Lang, W., & Albus, J. (2025). Multi-criteria decision-making for energy building renovation: Comparing exterior wall structures with the AHP, ANP, utility analysis, and TOPSIS. Building and Environment, 280, 113075. https://doi.org/10.1016/j.buildenv.2025.113075
Veljić, A., Viduka, D., Ilić, L., Karabasevic, D., Šijan, A., & Papić, M. (2025). Sustainable Decision-Making in Higher Education: An AHP-NWA Framework for Evaluating Learning Management Systems. Sustainability, 17(22), 10130. https://doi.org/10.3390/su172210130
Wibowo, B., Ibrahim, N., Yuswanto, A., & Hidayat, T. (2025). Cyber resilience to digital threats for education institutions 4.0. International Journal of Management Science and Application, 4, 35–45. https://doi.org/10.58291/ijmsa.v4i1.370