A dynamic security model for addressing hacking risk factors

Saad Abdullah Alsunbul, Phu Dung Le, Jan Newmarch, Jefferson Tan

    Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

    Abstract

    Communication technologies have a significant influence on the business industry. Exchanging information, storing and retrieving data, and cutting communication costs are prime reasons for relying heavily on these technologies. However, these technologies are significantly affected by hacking. Due to neglecting the behaviour of hackers during the initial design stage of common security solutions, including firewalls, Intrusion Detection Systems, Intrusion Detection and Prevention Systems, Honeypot and Honeynet, successful hacking attempts still exist. This paper aims to investigate pre-hacking steps (footprinting, scanning, and enumeration) and to highlight the risk factors that are not considered during the development of current security solutions. These risk factors are the common causes of the failures of current security solutions against many hacking attempts. Moreover, this paper proposes a dynamic security model to guide security researchers towards proposing security countermeasures that address these risk factors, which eventually lead to minimising hacking risks.

    Original languageEnglish
    Title of host publicationProceedings of the 25th International Conference on Information Systems Development, ISD 2016
    Subtitle of host publicationAugust 24-26, 2016, Katowice, Poland
    EditorsJerzy Gołuchowski, Małgorzata Pańkowska
    PublisherAssociation for Information Systems
    Pages586-594
    Number of pages9
    ISBN (Electronic)9788378753070
    Publication statusPublished - 2016
    EventInternational Conference on Information Systems Development 2016 - University of Economics in Katowice, Katowice, Poland
    Duration: 24 Aug 201626 Aug 2016
    Conference number: 25th
    http://aisel.aisnet.org/isd2014/proceedings2016/ (AIS Conference Proceedings)

    Conference

    ConferenceInternational Conference on Information Systems Development 2016
    Abbreviated titleISD 2016
    Country/TerritoryPoland
    CityKatowice
    Period24/08/1626/08/16
    Internet address

    Keywords

    • Dynamic security model
    • Enumeration
    • Footprinting
    • Hacking techniques
    • Pre-hacking steps
    • Scanning

    Cite this