A dynamic security model for addressing hacking risk factors

Saad Abdullah Alsunbul, Phu Dung Le, Jan Newmarch, Jefferson Tan

    Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

    Abstract

    Communication technologies have a significant influence on the business industry. Exchanging information, storing and retrieving data, and cutting communication costs are prime reasons for relying heavily on these technologies. However, these technologies are significantly affected by hacking. Due to neglecting the behaviour of hackers during the initial design stage of common security solutions, including firewalls, Intrusion Detection Systems, Intrusion Detection and Prevention Systems, Honeypot and Honeynet, successful hacking attempts still exist. This paper aims to investigate pre-hacking steps (footprinting, scanning, and enumeration) and to highlight the risk factors that are not considered during the development of current security solutions. These risk factors are the common causes of the failures of current security solutions against many hacking attempts. Moreover, this paper proposes a dynamic security model to guide security researchers towards proposing security countermeasures that address these risk factors, which eventually lead to minimising hacking risks.

    Original languageEnglish
    Title of host publicationProceedings of the 25th International Conference on Information Systems Development, ISD 2016
    Subtitle of host publicationAugust 24-26, 2016, Katowice, Poland
    EditorsJerzy Gołuchowski, Małgorzata Pańkowska
    PublisherAssociation for Information Systems
    Pages586-594
    Number of pages9
    ISBN (Electronic)9788378753070
    Publication statusPublished - 2016
    EventInternational Conference on Information Systems Development 2016 - University of Economics in Katowice, Katowice, Poland
    Duration: 24 Aug 201626 Aug 2016
    Conference number: 25th
    http://aisel.aisnet.org/isd2014/proceedings2016/ (AIS Conference Proceedings)

    Conference

    ConferenceInternational Conference on Information Systems Development 2016
    Abbreviated titleISD 2016
    CountryPoland
    CityKatowice
    Period24/08/1626/08/16
    Internet address

    Keywords

    • Dynamic security model
    • Enumeration
    • Footprinting
    • Hacking techniques
    • Pre-hacking steps
    • Scanning

    Cite this

    Alsunbul, S. A., Le, P. D., Newmarch, J., & Tan, J. (2016). A dynamic security model for addressing hacking risk factors. In J. Gołuchowski, & M. Pańkowska (Eds.), Proceedings of the 25th International Conference on Information Systems Development, ISD 2016: August 24-26, 2016, Katowice, Poland (pp. 586-594). Association for Information Systems.
    Alsunbul, Saad Abdullah ; Le, Phu Dung ; Newmarch, Jan ; Tan, Jefferson. / A dynamic security model for addressing hacking risk factors. Proceedings of the 25th International Conference on Information Systems Development, ISD 2016: August 24-26, 2016, Katowice, Poland. editor / Jerzy Gołuchowski ; Małgorzata Pańkowska. Association for Information Systems, 2016. pp. 586-594
    @inproceedings{0f59c3c7a0874b90b7028db94da7cd21,
    title = "A dynamic security model for addressing hacking risk factors",
    abstract = "Communication technologies have a significant influence on the business industry. Exchanging information, storing and retrieving data, and cutting communication costs are prime reasons for relying heavily on these technologies. However, these technologies are significantly affected by hacking. Due to neglecting the behaviour of hackers during the initial design stage of common security solutions, including firewalls, Intrusion Detection Systems, Intrusion Detection and Prevention Systems, Honeypot and Honeynet, successful hacking attempts still exist. This paper aims to investigate pre-hacking steps (footprinting, scanning, and enumeration) and to highlight the risk factors that are not considered during the development of current security solutions. These risk factors are the common causes of the failures of current security solutions against many hacking attempts. Moreover, this paper proposes a dynamic security model to guide security researchers towards proposing security countermeasures that address these risk factors, which eventually lead to minimising hacking risks.",
    keywords = "Dynamic security model, Enumeration, Footprinting, Hacking techniques, Pre-hacking steps, Scanning",
    author = "Alsunbul, {Saad Abdullah} and Le, {Phu Dung} and Jan Newmarch and Jefferson Tan",
    year = "2016",
    language = "English",
    pages = "586--594",
    editor = "Gołuchowski, {Jerzy } and Pańkowska, {Małgorzata }",
    booktitle = "Proceedings of the 25th International Conference on Information Systems Development, ISD 2016",
    publisher = "Association for Information Systems",
    address = "United States",

    }

    Alsunbul, SA, Le, PD, Newmarch, J & Tan, J 2016, A dynamic security model for addressing hacking risk factors. in J Gołuchowski & M Pańkowska (eds), Proceedings of the 25th International Conference on Information Systems Development, ISD 2016: August 24-26, 2016, Katowice, Poland. Association for Information Systems, pp. 586-594, International Conference on Information Systems Development 2016, Katowice, Poland, 24/08/16.

    A dynamic security model for addressing hacking risk factors. / Alsunbul, Saad Abdullah; Le, Phu Dung; Newmarch, Jan; Tan, Jefferson.

    Proceedings of the 25th International Conference on Information Systems Development, ISD 2016: August 24-26, 2016, Katowice, Poland. ed. / Jerzy Gołuchowski; Małgorzata Pańkowska. Association for Information Systems, 2016. p. 586-594.

    Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

    TY - GEN

    T1 - A dynamic security model for addressing hacking risk factors

    AU - Alsunbul, Saad Abdullah

    AU - Le, Phu Dung

    AU - Newmarch, Jan

    AU - Tan, Jefferson

    PY - 2016

    Y1 - 2016

    N2 - Communication technologies have a significant influence on the business industry. Exchanging information, storing and retrieving data, and cutting communication costs are prime reasons for relying heavily on these technologies. However, these technologies are significantly affected by hacking. Due to neglecting the behaviour of hackers during the initial design stage of common security solutions, including firewalls, Intrusion Detection Systems, Intrusion Detection and Prevention Systems, Honeypot and Honeynet, successful hacking attempts still exist. This paper aims to investigate pre-hacking steps (footprinting, scanning, and enumeration) and to highlight the risk factors that are not considered during the development of current security solutions. These risk factors are the common causes of the failures of current security solutions against many hacking attempts. Moreover, this paper proposes a dynamic security model to guide security researchers towards proposing security countermeasures that address these risk factors, which eventually lead to minimising hacking risks.

    AB - Communication technologies have a significant influence on the business industry. Exchanging information, storing and retrieving data, and cutting communication costs are prime reasons for relying heavily on these technologies. However, these technologies are significantly affected by hacking. Due to neglecting the behaviour of hackers during the initial design stage of common security solutions, including firewalls, Intrusion Detection Systems, Intrusion Detection and Prevention Systems, Honeypot and Honeynet, successful hacking attempts still exist. This paper aims to investigate pre-hacking steps (footprinting, scanning, and enumeration) and to highlight the risk factors that are not considered during the development of current security solutions. These risk factors are the common causes of the failures of current security solutions against many hacking attempts. Moreover, this paper proposes a dynamic security model to guide security researchers towards proposing security countermeasures that address these risk factors, which eventually lead to minimising hacking risks.

    KW - Dynamic security model

    KW - Enumeration

    KW - Footprinting

    KW - Hacking techniques

    KW - Pre-hacking steps

    KW - Scanning

    UR - http://www.scopus.com/inward/record.url?scp=84995923593&partnerID=8YFLogxK

    M3 - Conference Paper

    SP - 586

    EP - 594

    BT - Proceedings of the 25th International Conference on Information Systems Development, ISD 2016

    A2 - Gołuchowski, Jerzy

    A2 - Pańkowska, Małgorzata

    PB - Association for Information Systems

    ER -

    Alsunbul SA, Le PD, Newmarch J, Tan J. A dynamic security model for addressing hacking risk factors. In Gołuchowski J, Pańkowska M, editors, Proceedings of the 25th International Conference on Information Systems Development, ISD 2016: August 24-26, 2016, Katowice, Poland. Association for Information Systems. 2016. p. 586-594