System Security Assessment using Vulnerability Repositories

Verified

Added on  2023/01/13

|42
|12515
|74
AI Summary
This research aims to identify the system security assessment through the usage of vulnerability repositories. It explores the concept of system security, vulnerabilities present within, and the impact of existing software vulnerabilities on apps and operating systems. The research also analyzes the effectiveness of creating a new tool to reduce the risk of system vulnerability.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Computer Security

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Abstract
System security illustrates the protection of system from unwanted and unauthorised
access. This denotes that system is vulnerable to attack if it is not handled in an effectual manner
and appropriate measures are not being taken. The software applications along with operating
systems are exploitable to vulnerabilities like SQL injection and various others which already
exist. System security illustrates the method which can be utilised by individuals or organisation
for securing their assets. For an instance, firewall is utilised for improvising security. In this rules
are formulated for filtering unwanted intrusions so that they do not get access to the system and
carry out any kind of harmful activities. Thus, there is a need of a tool through whose assistance
these vulnerabilities can be measured and their likeability can be minimised.
Document Page
Table of Contents
Abstract............................................................................................................................................2
Title: System Security Assessment using Vulnerability Repositories.............................................1
Chapter 1: Introduction....................................................................................................................1
Background of the research.........................................................................................................1
Problem statement.......................................................................................................................1
Research aim...............................................................................................................................2
Research Objectives....................................................................................................................2
Research Questions.....................................................................................................................2
Statement of Hypothesis.............................................................................................................2
Rationale of the study.................................................................................................................2
Significance of the study.............................................................................................................3
Route map of research.................................................................................................................3
Chapter 2: Literature Review...........................................................................................................6
Project Plan....................................................................................................................................11
Chapter 3: Research Methodology................................................................................................13
Chapter 4: Findings and Analysis..................................................................................................22
References......................................................................................................................................37
Document Page
Title: System Security Assessment using Vulnerability Repositories
Chapter 1: Introduction
Operating system is liable for controlling access to resources that comprises of sensitive
data. This implies control of access to resources of computer systems that involves data as well
as operating system files. This is referred to as system security (Fu and et. al, 2019). Security
vulnerability illustrates the weakness of an adversary which can be taken advantage off to
compromise with availability, confidentiality along with integrity of resources. As the
technology is evolving, there is enhanced probability to enter within them. The operating system
and software apps have become exploitable to the system vulnerabilities which to leads to
security concerns. Vulnerability denotes weakness that may be exploited via threat actor like
attacker carrying out unauthorised actions in computer system. Basically, it implies cyber
security term that illustrates flaw within system, which leads to creation of open attack. They
signify weakness of computer system that comprises of procedures or anything that leads to
expose information security. For this it is necessary for identification of applications which have
vulnerabilities and can lead to have worst impact on individuals system. This will lead to identify
vulnerability that might be prevented to from attacking as well as having access to data.
Background of the research
Computer vulnerability refers to cyber security term that denotes defect within a system
that makes it prone to attacks. This signifies type of weakness which is present within computer
system or mobile phones that comprises of set of procedures or aspects that lead to aid
information security by which this can be exposed to threat. This can lead individuals to have
various problems like threat of leakage of their private information (Bhatia, Christopher and
Thangapandian, 2020). In case if firm’s network is being exposed or mobile device of any
employee is accessed by intruder then they can have credential information of them which can be
utilised against then. Even identity theft can be used to have access to wide range of data.
Problem statement
Operating system implies software which interacts with hardware as well as aids other
programs to execute. This involves fundamental files or system software that is required by
computers along with mobile phones requires OS to boot up and carry out their functionalities
(Casola and et .al, 2020). Behind this lots of programming is involved in different languages

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
basically, it is Java, C and many more languages which allows firms as well as individuals to
carry out their operations in smooth manner. This leads to certain vulnerabilities that pose threat
to these devices as there is a probability that program might have skipped certain aspects which
makes them vulnerable. This means that there is a need for an application that will lead to
identify these vulnerable apps which will lead to hamper the functionalities of operations or
information stored within them (Chen and et. al, 2020).
Research aim
“To identify the system security assessment through the usage of vulnerability
repositories”
Research Objectives
To identify the concept of system security along with vulnerabilities present within.
To identify the impact of existing software vulnerability upon apps as well as operating
system.
To analyse the effectiveness of creating a new tool in order to reduce the risk of system
vulnerability.
Research Questions
Illustrate concept of system security along with vulnerabilities within them.
Identify the impact of existing software vulnerability upon apps as well as operating
system.
Conduct analysis of effectiveness of creating a new tool in order to reduce the risk of
system vulnerability.
Statement of Hypothesis
H0: New tool for system security will lead to have affirmative reduction of risks associated with
system vulnerabilities.
H1: New tool for system security will not have any influence on reducing risks related with
system vulnerabilities.
Rationale of the study
Technology is evolving and ways individuals and firms are dependent on it which leads
intruders to carry out the attacks in an easy manner (Choudhary and et. al, 2020). To understand
this aspect an instance can be taken into consideration like when individuals download any
Document Page
application they are asked for allowing application to access their contact details, images and
other information. These details might be accessed by third person or intruder to have
unauthenticated access to their requirements. This will have high pessimistic impact on them or
have access to their email and carry out attacks by using their devices as a launching pads as that
they cannot be identified. This makes it crucial to have an alternative to deal with this aspect as it
will have adverse impact on individual whose device is compromised in addition to this there is
high probability that intruder might have details of their login credentials into different
applications or websites which are being used by them (Dorsey and et. al, 2020).
This illustrates that even after peculiar app that is vulnerable is deleted then there is high
probability that attack can take place. So, to deal with such kind of situations it is essential there
is an alternative that will provide an insight into which app is vulnerable and which is not. This
dissertation is based on this concept only in which tool will be formulated that will assist within
detection of vulnerable attacks. For this, it is critical for researcher to take all the aspects in
precise manner and work done by other authors with reference to this as it will furnish a strong
base for carrying out the research.
Significance of the study
This research is carried out on system security as it is critical aspect that has to be
considered. Through this systems can be prevented from getting exploited. Efficacious use of
technology leads to elimination of such aspects but also makes them more prone to different
attacks as individuals are dependent on their devices for certain activities (Dotson and et. al,
2020). Furthermore, they more often download and install different applications without taking
into consideration the repercussions associated with this. This dissertation will provide with tool
that will assist within detecting such kind of applications which will make them prone to attacks.
Overall there will an affirmative impact on the ways people use their devices and have secured
system.
Route map of research
This is crucial aspect within research that assists readers to classify adequate data
associated with each chapter to illustrate what is studied is defined as route map (Eghan and et.
al, 2020). Within this section of dissertation, unlike chapters are contained, they are specified
below with reference to information that will be presented by them.
Document Page
Chapter 1: Introduction: This illustrates overview or introductory overview of aspects
connected with dissertation. This activity involves complete information and base that will
define overview of the topic (Holz and et. al, 2020). Through this chapter, reader can have data
for research aims, objectives, questions related with this along with background of the study.
Chapter 2: Literature Review: This denotes second chapter of dissertation which
involves study that is being carried out by authors. With reference to this section, wide range of
publications, articles, books and many other sources will be used. They will be accountable to
support reader with opportunities to have all the crucial data related with work done by other
researchers. In this context, various researchers have rendered their opinions and view point with
reference to system security and vulnerabilities associated with this. Along with this, certain
aspects will be depicted that will assist them within having adequate information related with this
as well as identify the gap within work done by them.
Chapter 3: Research Methodology: It is the next chapter or activity within dissertation
that is completely dependent on research methods that have been carried out. Within this
research section, there are diverse methods that involve secondary as well as primary methods
for collecting data. Qualitative or quantitative research, instruments, philosophies along with
various other perspectives connected with this dissertation (HUANG and et. al, 2020). It implies
critical method which is responsible to support researcher through which they can have precise
data associated with system security and vulnerabilities.
Chapter 4: Findings and analysis: This is the next chapter of dissertation that will assist
in interpretation of information or data with reference to the topic. Within this section of
research, frequency table will be illustrated which will help investigator in determination of
decided along with undecided respondents. Along with this, here different tables along with
graphs are utilised which are completely based on response or frequency tables that are attained
via respondents.
Chapter 5: Discussion: It denotes next chapter that will aid investigator to provide
researchers with relevant recognition with reference to primary data. For this, literature review
can be used to examine secondary data that is related with system security (Kelley, Jain and
Turner, 2020). Apart from this, questionnaire will be used to acknowledge the influence of tool
and understanding related with vulnerabilities within system.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Chapter 6: Conclusion and Recommendation: It implies last chapter associated with
the dissertation that will provide adequate data in context of objectives are achieved or not. In
addition to this, it is completely based on research findings along with analysis up to larger
extent. Furthermore, some suggestions will also be to firm on the basis of topic.
Document Page
Chapter 2: Literature Review
It is vital abstract of activities that are being carried out with reference to specified area. This
is accountable to develop landscape for their readers through which complete understanding can
be developed within security system. It will provide learner with adequate data that has been
collected via previous work carried out via researchers. The purpose of carrying out literature
review furnish learner with adequate information in terms of new insight into different
perspectives (Kudjo and et. al, 2020). In this section, data is collected through usage of
secondary sources such as internet, books, articles and many more. It will lead them to have
relevant data and assist within having affirmative outcomes for dissertation. Literature refers to
systematic along with efficacious process that is being utilised by researchers for having in-depth
knowledge associated with this research. The gap has to be identified with disputes in different
studies which are carried out. Through identification of these gaps it will be easy for investigator
to identify adequate research through which gaps can be filled up. With reference to this, each
objective will be acknowledged in sequential manner.
It is critical aspect of dissertation which aims at conducting work within adequate manner
through analysing information associated with this aspect. Therefore, the information that is
available will aid within gaining knowledge related with subject that will allow them to carry out
research within precise way and have valid implications. This section is regarded as base for
carrying out research as this will assist within having effective theoretical perspectives that have
formulated to carry out activities in adequate manner (Lever and Kifayat, 2020). With reference
to this, information is collected through secondary resources which involves past investigations,
journals, newspapers which are based on objectives and aims associated with the research which
illustrates precise framework will be formulated that will lead to have significant knowledge
related with security system and vulnerabilities related with this.
Theme 1
To identify the concept of system security along with vulnerabilities present within.
According to Paul Zandbergen (2020), the protection of data or information along with
property from any kind of corruption, theft or damage while allowing users to access them is
referred to system security. Basically, it implies that developing as well as executing security
countermeasures through which systems can be secured from any kind of unauthorised access
(Li, 2020). There are different security threats which are being experienced while making use of
Document Page
systems, they comprise of data loss, physical damage or the information falls into wrong hand.
As technology is evolving, there comes different ways through which unauthenticated persons
get access to system and make their illegal use (Systems Security: Firewalls, Encryption,
Passwords & Biometrics, 2020). This is denoted by hacking and hackers have formulated distinct
sophisticated ways through which they obtain data from database for having some advantage or
have intent to harm others.
System security illustrates the method which can be utilised by individuals or organisation
for securing their assets. For an instance, firewall is utilised for improvising security. In this rules
are formulated for filtering unwanted intrusions so that they do not get access to the system and
carry out any kind of harmful activities (Mayer, and et. al, 2019). Furthermore, passwords are
being used but if they are not strong then it is not worth using them in case password is
‘sensitive’ then it can be easily broken up through usage of dictionary attacks which implies that
it was of no use. Therefore, it is always suggested to make use of strong password which
comprises of special characters. Still then if sensitive information is present on the system then it
can be encrypted so that if third person get access to system then also they do not have access to
data (Conklin and et. al, 2015). These are some methods which are being used within system
security but still it is difficult to entirely secure the systems.
As per NIST (National Institute of Standards & Technology), vulnerability imply weakness
within the information system, internal controls, security procedures or execution which can be
triggered or exploited through a threat source. There are certain reasons due to which
vulnerability takes place within the system, they are illustrated below:
Complexities: When an application or system is complex then it increases chances of
misconfiguration, flaws or unintended access. In case when something critical, large and
complex system is developed then probability of loopholes increases (Vorobiev and et.
al, 2017).
Familiarity and Connectivity: Common software, code, hardware and operating
systems enhance possibilities that intruder will be able to identify or attain information
related with vulnerabilities present in the system. Along with this, when systems are
having internet connections all the time then they can gain knowledge related with
vulnerabilities.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Operating System flaws: As applications or software have limitations, operating system
also possesses some restrictions. They are insecure as well as render complete control to
individuals that allows in certain viruses as well as malware by executing various
commands.
All these aspects lead to manage vulnerabilities so that unwanted activities can be prevented.
Vulnerability management refers to a cyclical practice for identification, classification,
remediation as well as mitigation of security vulnerability (Tan, 2016). It is essential that they
are detected, assessed and remediated.
Theme 2
To identify the impact of existing software vulnerability upon apps as well as operating
system.
According to Ira Winkler (2020), bugs which are involved within the software are
referred to as software vulnerabilities. Bugs illustrate errors that are present within code which
causes system to take unwanted actions (Software Vulnerability, 2020). Generally, it depicts the
weaknesses that might be exploited by attackers for carrying out unauthorised activities on the
computer system. There are different vulnerabilities which create impact on system like SQL
injection, buffer overflow; OS command injection, integer overflow, uncontrolled format string
and various others. There are different applications which are being used of users. Now the
attackers try to find out the weaknesses present within those apps which are denoted by
vulnerability so that they can write down program through which they can get over that like lock
picks are being utilised to have an entry into physical location of user. This implies that overall
influence will be worst as once hackers get access to device then sensitive information present
within can be accessed by them and misused (Luh and et. al, 2020). Vulnerabilities within an
application or operating system takes place due to some reasons they are as:
Program Errors: The bugs which are present within program code allow a computer
virus to have an access to device as well as have a control of that. An instance can be taken into
consideration like in August 2018 vulnerability was founded by KrebsOnSecurity on the
platform of Fiserv banking. The programming has an error due to which data of individuals can
be attained by incrementing object or parameter named “event number”. This vulnerability
allowed third person to check out transaction related data of other individuals which comprises
of their account details, phone number and e-mail address (Peltier, 2016). Errors or bugs in a
Document Page
program that provides a way through which third person can get access to information that is
stored in software. Intended Features: They imply documented and legitimate ways through which
applications have access to the system. For an example cross-site scripting attacks in
which malicious programs or scripts are injected into web applications. This is being
done to have information about their users.
If vulnerabilities are present within an application or operating system either they are
intended or not then there is higher probability that software is open to attacks via malicious
programs (Manku and Vasanth, 2015). There are certain vulnerabilities within the application
which can hamper the way in which they work as well as data stored in them. Few of them are
specified below along with their impact:
Lack of Binary Protections: This imply source code for applications that is not
obfuscated in any manner which makes it easy for decompiling them, carrying out
reverse engineering as well as read application code clearly without any kind of special
tools. Once this has been decompiled then it will be easy to search app source code for
developers along with encryption keys, tokens and APIs. Around 97% of apps suffer
this problem which makes it probable to decompile apps by making use of APK
Extractor tool which is available for free download (The Mobile App Vulnerability
Epidemic and Its Impact on Global Business, 2020). In case tokens or encryption keys
are identified then it will also become probable to crack or exploit private key
passwords through offline mediums. This enables adversaries with ability to inject
malware within the code to have access to confidential or other information.
Insecure Data Storage: This illustrates data which is being transferred through the
usage of application that was stored insecurely. It can be stored either temporary or
permanent that is outside sandbox or in local file system, external storage or may be
copied into clipboard (Gupta, Agrawal and Yamaguchi, eds., 2016). As per the research
that is conducted imply that around 83% of applications are insecurely stored which
enhance risk of exposure of personal data of users and even their social media handles.
Furthermore, temporary storage also leads insecure access for sensitive information via
other applications.
Document Page
Theme 3
To analyse the effectiveness of creating a new tool in order to reduce the risk of system
vulnerability.
According to Michael Cobb (2020), vulnerability denotes a weakness or flaw which is
present within system security design, procedures, and execution or in the internal controls that
might be trigged intentionally or accidently and results in violation of system security. Intruders
make use of application layer for gaining access into database and network through making use
of legitimate system level accounts (How to prevent application attacks and reduce network
vulnerabilities, 2020). For mitigating such kind of risks and protect database, firewalls are
utilised along with this updates or security patches are used. Like for vulnerabilities like SQL
injection, denial of service and for other 23 such kind of weaknesses Oracle released critical
patch update in 2005.
Though firewall can be used for protecting system from having unwanted access to
application or information present within but when permission is given to peculiar app to get
downloaded and make use of system data then this leads to higher risk as at this instance of time
firewall will not work as access have been given. This implies that some new tools are required
through which this problems can be resolved. Like if any vulnerable application is being
installed in the system then there must be tool that must illustrate how much vulnerable
application is and what worst impact it can create (Fisch, White and Pooch, 2017). For an
instance Trojan horse given complete access to intruder similarly tool must provide exact details
so that system can be protected. The formulated tool will assess the vulnerability in following
ways:
Identify vulnerabilities: The initial step that will be carried out by an application is
analysis of network scans, firewall logs, vulnerability scans and pen test results for
finding out anomalies which will suggest that cyber attack may take edge of
vulnerability.
Verify vulnerabilities: It will aid within deciding whether the vulnerabilities which have
been identified can be exploited as well as classify on the basis severity of exploit. This
will aid to acknowledge the level or extent of harm that will be created by particular
loophole (Maspoli and deSantis, 2015).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Mitigate vulnerabilities: It will assist within deciding countermeasures as well as
measure its effectiveness within the event for identification that whether the patch is
available or not.
Remediate vulnerabilities: The tool which will be developed on finding out any kind of
vulnerabilities will be responsible for updating it so that adequate procedure can be taken
before unauthenticated activities are conducted on devices of individuals (Nickolov,
Schibler and Armijo, 2020).
As cyber attacks are evolving with enhancement in technology, it becomes important to
have tools through which vulnerability management can be carried out. This must be a repetitive
and continuous practice for ensuring that devices or applications are working as per desired
standards. Apart from this, vulnerability scanning, penetration testing and Google hacking are
essential part of tool. Within the tool, vulnerability scanning implies a feature which is being
designed for assessing network, applications or computers for vulnerabilities which are known.
Basically, they are liable for identification and detection of vulnerabilities which takes place due
to misconfiguration or imperfection within network. This can be carried out by making
authenticated and unauthenticated scans (Conklin and et. al, 2015). Penetration testing refers to
practice to test information technology asset for determination of security vulnerabilities which
can be exploited by intruders or third person. Google hacking is defined as process that is
associated with making use of search engine like Microsoft Bing or Google for locating security
vulnerabilities. The tool will make use of this feature so that it can have enhanced search
operations within their queries.
Project Plan
The formal document that is designed with intent to guide the controls as well as implement
project is referred to as project plan. While carrying out research, it is important to identify what
has to be done and clear understanding with respect to that must be formulated in terms of what,
when and why it is needed along with how it can be attained. This implies that there has to be
appropriate knowledge topic (Zhou and et. al, 2019). Researcher need to introduce the topic with
providing its overview, aim and objectives. On the basis of this literature must be reviewed
which will lead to have in-depth knowledge of different aspects related with the topic. Carry out
survey or make use of questionnaire to identify views of different respondents so that precise and
accurate results can be attained. This will lead to draw a conclusion through which understanding
Document Page
can be formulated with respect to tool which has to be developed by which system or application
vulnerabilities can be handled in an efficacious manner (Pejšová and Vaska, 2020).
Document Page
Chapter 3: Research Methodology
The specific techniques or procedures that are used by researchers for determination,
having relevant processing and examine data related with peculiar investigation area are referred
to as research methodology. In dissertation, this section aids readers within analysing validity
along with reliability in an adequate manner (Pozdniakov and et. al, 2020). This chapter will
provide an insight into procedures and methods which can be applied for collecting along with
analysing data in research. Within this dissertation, various methods are utilised such as diverse
instruments to gather data, formulation of research designs, data analysis, sampling techniques
along with many more aspects which can lead to have affirmative impact on overall work. These
are crucial aspects in research methodology that will aid researcher within collection of precise
as well as adequate information associated with system security and vulnerability repositories
associated with the same. Some critical methods have been depicted beneath that have been used
within this study.
Research design: All the activities within this dissertation is entirely based upon research
design which will provide assistance to researcher for identification of influence that will be
created by making use of system security and vulnerabilities associated with the same. Research
design is critical part within the research methodology which is isolated in three sections,
exploratory, experimental and descriptive. This involves major kind of research design but with
reference to this study, descriptive designs will be used by researcher (Ranganath and Mitra,
2020). It assists within specific research topic and by applying this, a precise and relevant
implication can also be achieved within trenchant way. This enables within examination of non-
quantified concerns. Along with this, exploratory and experimental designs are other research
designs which cannot be regarded as adequate for this study.
Types of study: Research methods are divided in different categories, they involve
quantitative along with qualitative methodologies. Quantitative research illustrates
determination, inferring as well as depiction of issues by specified numbers. Generally, this
involves outcomes with reference to numerical values. Qualitative research is based on feelings,
sounds, words, emotions and many more aspects which are non-quantifiable as well as non-
numerical values (Rea-Guaman and et. al, 2020). Both such kinds of studies are critical but they
are liable for conducting enquiry with reference to influence on functionalities through the usage
of system security along with vulnerabilities. With reference to this study, quantitative kind of

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
research will be used investigator in this. The reason behind this is that it will assist within
gathering statistical data associated with this subject or with reference to the topic. This will
assist them to have adequate range of edge such as clear independent, higher levels for
reliability, minimised personal judgement, specified research problems, dependent variables and
many other perspectives associated with this. These are the major rationales to utilise
quantitative investigation while carrying out this research (Sachidananda, Bhairav and Elovici,
2020). On the other hand, qualitative research methods are being utilised for examining that
adequate results that will not be apt for conducting this research. The cause behind this is that
through this it will enable researcher to have wide range of information or data that is being
accumulated and this cannot be analysed in an adequate way. The other major explanation
behind this is that through usage of quantitative research methods, there are distinct drawbacks,
this involves that they are peculiar, replicable, generalisable as well as there are many other
perspectives associated with this. These are primary reason that quantitative research methods
are not used within this.
Sources of data collection: It is the other major section that is involved in research
methodology and is critical for investigators. This comprises of two major resources for
collection of data, this involves primary as well as secondary sources. For gathering primary
information related with minimisation of impact of vulnerabilities on functionalities of individual
for this questionnaire will be utilised (Scholz and et. al, 2020). On the other hand, for collection
of secondary information associated with inspection of different sources can be utilised, they are
publication research, magazines, articles, books and many other sources which involves
relevance of the study. Therefore, both primary and secondary sources of research are critical for
investigator to collect information associated with influence on functions and functionalities
conducted by individuals.
Research approach: This is the other major section that is included within research
methodology and is entirely based on data collection and analysis for the same. For accumulation
of data, two approaches are utilised, they include two approaches. This involves qualitative and
quantitative aspects. For gathering data in context of system security and vulnerability repository
quantitative research will be executed (Shahab and et. al, 2020). The purpose behind this is that
through the usage of this approach researcher can accumulate numerical data but this does not
require more resources for investigator for making comparison between qualitative approaches.
Document Page
For conducting data analysis, there exist mainly two approaches they comprises inductive along
with deductive. For carrying out analysis of information associated with system security as well
as vulnerability repositories, deductive approach can be used. In addition to this, both
quantitative as well as deductive approach for research is being used. Both of these aspects are
critical for investigator in accumulation as well as carrying out analysis for having precise
information with reference to subject (Vassilev and et.al, 2020). Along with this, deductive
approach is completely based on quantitative approaches with reference to research. Both of
them aids within collection along with carrying out analysis of precise information in this topic.
With reference to this study, deductive approach is based on quantitative approach for
accumulating data. It is critical for investigator to utilise questionnaire for doing this.
Research philosophy: This relevant and critical area of methodologies that will aid
investigator within having adequate inference. In addition to this, there exist two major research
philosophies that are denoted by positivism as well as interpretivism. The quantitative methods
are liable for utilising philosophy but interpretivism is used in context of qualitative
philosophies. With reference to this research, positivism philosophy can be used as it will lead
them to furnish relevant support for researchers for collecting information by utilisation of
questionnaire through which relevant and significant inference can be drawn in (Walker and et.
al, 2020). But the major restriction associated with interpretivism is that this is a subjective in
nature and there are many other reasons for not making use of this such as this is not
generalisable, certain research imposition, low reliabilities, will not be representative and many
more perspectives are there. Therefore, positivism implies kind of philosophy where research is
critical and valuable for investigator as it will furnish assistance for gathering quantitative
information. In addition to this, ample numbers of resources are not required with reference to
this.
Research Strategy: It is critical aspect that is associated with research methodology that leads to
have precise strategies associated with scrutiny of processes that aids within carrying out
investigation. There are different research strategies that comprises of aspects such as surveys,
action research, experiments, grounded theory, ethnography, case studies, archival research and
many more crucial perspectives (Wu and et. al, 2020). It illustrates critical strategies related with
research as it will furnish investigator with adequate set of data associated with particular
research area. For gathering or collecting data in context of security system and vulnerabilities,
Document Page
market survey strategies are implemented. This will assist within furnishing effectual collection
of valid and reliable information from distinct respondents. It will render enhanced benefits to
researchers such as minimised risk portfolio, address requirements of employees, handle
competition and many more associated aspects. This implies that market survey acts as critical
and useful strategy through which analysis can be conducted (Bhatia, Christopher and
Thangapandian, 2020).
Research instruments, procedures or techniques: This aspect is related with collection
of data. There are wide ranges of techniques which are being used with reference to this aspect.
This involves interview, focus group, observation, etc. These are crucial instruments which are
being used for gathering of data in context of system vulnerabilities. For this questionnaire is
used. It is essential along with valuable instrument that can be utilised for collecting information
that furnish support for investigator through which precise and valid data can be collected
(Casola and et .al, 2020). There are various reasons behind utilisation of questionnaire within
then or when investigation is carried out such as repetitive information, anonymity, validity,
uniformity, easy method, wide coverage, flexibility, adequate preliminary tool and various other
aspects. These are the major aspects related with the questionnaire which are critical for
investigator while collection of valid as well as accurate information associated with system
security and related vulnerabilities will be used.
Questionnaire
Q1. Do you about vulnerabilities?
a) Yes
b) No
Q2. What you think, vulnerability means?
a) Weakness that might be exploited by third person
b) Unauthorised access to system
c) System without strong password
d) All of the above
Q3. What benefits are attained by intruder or hacker by system vulnerabilities?
a) Access of private documents of person
b) Unauthorised usage of device
c) Carry out identity theft

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
d) All of the above
Q4. Is there any kind of impact created by vulnerabilities on system or mobile phones?
a) Positive
b) Negative
Q5. Which phase related with hacking carry out actual attack on system or a network?
a) Reconnaissance
b) Scanning
c) Maintaining access
d) Gaining access
Q6) What are the common vulnerabilities which exist within the system?
a) New installed application
b) Weak passwords
c) All of the above
d) None of the above
Q7) Do you know about system security
a) Yes
b) No
Q8. According to you, what do think system security is?
a) Protection of information
b) Preventing unauthorised access
c) Maintaining confidentiality, availability and integrity of data
d) Access controls
e) All of the above
Q9. Is it important to ensure system security?
a) Yes
b) No
Q10. The practice along with precautions that are taken up for protection of valuable data from any
kind of unauthorised access, disclosure, recording or destruction is referred to as?
a) Network security
b) System security
c) Information security
Document Page
d) Database security
Q11) What does trap door means within a program?
a) The security hole that is inserted within the programming within the system for using it
later
b) Security hole within the network
c) Kind of antivirus
d) None of the above
Q12. Which of the following illustrated below are not attack but vulnerabilities for caarying out
malicious activities?
a) Denial of service
b) Memory access violation
c) Port scanning
d) Dumpster diving
Q13) How system security can be attained?
a) Through usage of strong passwords
b) By not downloading applications from unauthorised vendors
c) Updating system in continuous manner
d) Having antivirus in devices
e) All of the above
Q14) Is there requirement for dealing with system security concept with reference to
vulnerabilities?
a) Yes, as it is difficult to recognise what app is vulnerable
b) No, strong passwords are enough
c) Automatic detection of malicious software must be provided
a) Regular system updates will serve the purpose
Q 15. Provide any recommendations for system security by exploitation of vulnerabilities that are
present within the system so that overall pessimistic impact can be minimised.
Time horizon: There are two types of time horizons that are used within dissertation
depending upon kind of topic, they comprises of longitudinal and cross sectional. The latter i.e.
cross sectional study is limited with particular time frame. On the other hand, longitudinal study
Document Page
depicts repetitive way for meticulous duration (Chen and et. al, 2020). Within this dissertation,
cross sectional time horizon is being used by which this study can be conducted in peculiar time
frame. With reference to this, Gantt chart is utilised by investigator as a time horizon. This chart
makes use of distinct activities that assist investigator to determine starting along with closing
dates for the dissertation.
Sampling techniques: Sample within research denotes introduction of items, individuals
or objects that are being used by researchers from huge population through which measurements
can be carried out. There are two techniques that are being used for sampling, this contains
probability and non-probability (Choudhary and et. al, 2020). In case of probability sampling,
subjects of larger population have a correspondent variation that will be agreed as a
representative sample. With reference to non-probability sampling this is not dependent on
subjective or prejudiced estimations of investigator. Within this dissertation for having a
convenience, non-probability sampling is being utilised by researcher. The rationale behind its
usage is convenience sampling approach which is liable for furnishing simple and essential
approach for identifying potential participants while conducting primary study. There exist
distinct basis to opt for convenience sampling as this is an trenchant kind of non-probability
sampling such as availability of data, saves cost and precious time involved within, valuable for
navigation of studies along with this there are many more aspects associated with this.
Convenience sampling is considered as an advantageous as it will render researcher to select
sample from ample of population. Thereby, through usage of this sampling, 50 respondents will
be chosen. It will be a random selection but only those who have smart phones or systems
(laptop or computers) will be considered as they are the only one who faced problems while
working on the devices (Dorsey and et. al, 2020). Basically, investigator will make use of
quantitative data or information that utilises statistics for making out testing hypothesis. Along
with this, there are certain types of random sampling which involves cluster, multistage, simple,
stratified random and many others. They are not precise in context of this dissertation therefore,
non-probability sampling will be utilised in this case.
Method of data analysis: This is other major part that is involved within research
methodology that will assist investigator in having analysis related with quantitative information
related with influence of system security by making use of vulnerability repositories. Data
analysis is based on both qualitative along with quantitative analysis of data. In context of

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
qualitative analysis for data number of techniques comprises of furnishing assistance to analyse
data related with assistance for carrying out specific study as it includes grounded theory,
framework analysis, content analysis, discourse analysis as well as various other related
perspectives (Dotson and et. al, 2020). They are critical but as per current research it is based on
quantitative methods as well as distinct techniques for analysis. This involves gap analysis, cross
tabulation, trend analysis, content analysis, MaxDiff and many others. These are regarded core
technologies for having quantitative data analysis. According to this dissertation, content
analysis has been conducted in which emphasis is on measurement as well as counting of data
that is being illustrated by making use of questionnaire. This methodology is associated with data
analysis, with respect to this unlike themes are being developed to deal with each question that is
liable for supporting research to carry out analysis of information or data which is associated
with system security (Eghan and et. al, 2020).
Research Ethics: This is initiated as an initiative for making professional moral rule as
well as furnishes adequate code of conduct in context of accumulation, analysis, coverage and
their publishing within specific area for study. This comprises of different range of research
ethics they are: honesty, responsible publication, carefulness and honesty. This also involves
intellectual property rights through which confidentiality along with objectivity can be
maintained. These depicts crucial research ethics to which researcher must adhere to as this
provides assistance for collection of primary data and have a competitive edge for each activity
related with research in an ethical manner (Holz and et. al, 2020). With reference to this, it has to
be ensured that research ethics in primary investigation must be extensively followed through
which significant and robust research outcomes can be attained. Primal research ethics are being
used while working with this research; this involves confidentiality, informed consent and
anonymity. With respect to informed consent, researcher needs to formulate relevant
understanding associated with research objectives and aims for their participants which will
allow them within selecting in or out which are involved within carrying out primary research.
Apart from this, in case of anonymity, information of participants will be considered which is not
related with any type of primary research implications (HUANG and et. al, 2020). On the other
hand, via usage of confidentiality, results of research are only being shared or interacted with
individuals who have certain stakes within the results as well as are major aspect within the
research that comprises of specific capacity.
Document Page
Research Limitation: The primary restriction of this research is associated with time
period that needed for accomplishing research activities as well as capability of researcher that
involves wide sample size related with primary study (Kelley, Jain and Turner, 2020). For
completing this research, investigator is constrained related with timing guidelines associated
with timing for concluding the research. Along with this, there are certain boundaries within
research such as development of research aims and objectives, implementing methods for data
collection, lack of relevant data related with research area, scope of discussion and many others.
They denote major restrictions that are being acknowledged by researcher when this research is
being carried out.
Precise unders Research reliability and validity: This is significant part within the
research methodology that assist researcher in recognising research reliability along with validity
(Kudjo and et. al, 2020). The reliability of research is based on executing test instruments or
techniques (in this case questionnaire). This instrument will assist investigator to acknowledge
opinions of participants or respondents associated with recent research area. Questionnaire is
critical technique that is being used by investigator as it is accountable for furnishing support to
them by providing reliable data related with impact of system security on individuals. The
questionnaire is taken as essential asset in validation as it is accountable for rendering
compelling data associated with distinct aspects of system security and ways in which it impacts
individuals or organisation on the whole (Lever and Kifayat, 2020). Therefore, questionnaire is
relevant test instrument that will support researcher in gathering reliable and valid information
with reference to present study.
Document Page
Chapter 4: Findings and Analysis
This section completely depends on questionnaire, that is liable for furnishing researcher
with support through which information can be collected and analysis for the same can be
conducted with reference to system security through utilisation of vulnerabilities that exist.
Along with this, here content analysis is being done for findings and having analysis of
quantitative data that is related with impact of vulnerabilities towards system security and its
prevention to minimise the agnostic influence created by this. In this section various graphs and
tables will be used which are accountable for rendering precise support with reference to further
investigation.
Theme 1: Awareness of Vulnerability
Q1. Do you about vulnerabilities? Frequency
a) Yes 20
b) No 10
Interpretation: Vulnerability is a huge concept about which people know and some do
not know. Thus, it is essential that people must have relevant knowledge about this concept. As
per 20 respondents, they think vulnerability are loopholes which are present within the system or
software so thatin case any kind of problems occurs then it can be resolved by that. But these
loopholes are being uilised by intruders for carrying out maicious activities or any kind of system
attacks for having access to information. On the other hand, as per 10 respondents they do not
know about the term. This means that they are more vulnerablr or prone to attacks as they do not

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
know about this so it is obvious that they can install or download any application or open up any
email link they have. This smakes it easy for intruders to get into their system and carry out
mlicious attacks by making use of identity theft or any other.
Theme2: Concept of vulnerability
Q2. What you think, vulnerability means? Frequency
a) Weakness that might be exploited by third person 7
b) Unauthorised access to system 7
c) System without strong password 5
d) All of the above 11
Interpretation: Vulnerability denotes flaw within code as well as design that leads to
creation of probable attack vectors by which third person or intruder can access and run code for
accessing memory of system. It denotes error or weakness which is present within device or
system when it is exploited then it leads to compromise integrity, confidentiality and availability
of data that is stored within them via elevation of privileges, unauthorised access and denial of
services. Individuals makes use of tool or code for having advantage of vulnerabilities are
referred to as exploit. Different people have distinct opinions related with this, as per 11
Document Page
respondent vulnerability implies weakness that can eb exploited by intruder, unauthorised access
system and device that do not have strong password can be easily attacked. Unauthenticated
access takes place du to the fact that weak passwords are being used and system is updated when
patches are released, this leads to increased probabilities for attacks. Thus, it is crucial that these
three aspects are being taken into consideration by individuals while making use of any device.
Theme 3: Advantage to hackers through usage of vulnerabilities in system
Q3. What benefits are attained by intruder or hacker by system vulnerabilities? Frequency
a) Access of private documents of person 5
b) Unauthorised usage of device 7
c) Carry out identity theft 3
d) All of the above 15
Interpretation: Basically,
into systems of individuals. The reason behind this can be anything to have their perosnal or
private information, have their credentials details, access to emails or even account deyails. This
can be also done to carry out identity theft or making its use like a launching pad for carrying out
attacks. Different respondents have distinct view points with refernce to benefits that will be
achieved by hackers through usage of vulnerabilities. As per 5 respondents hackers make use of
these vulnerabilities to have access to their private information for may be blackmailing them or
earning money similar to WannaCry attack. According to 7 respondents, intruders gets the
Document Page
unauthorised access to device that will enable them to completely do whatever they want within
the device. As per 3 respondents, it is done for carrying out identity theft through which they
pretends to be the user of of device and conduct malicious activities. According to 15
respondents, they think that these all the are benefits for which they conduct malicious activities.
Theme 4: Influence of Vulnerability
Q4. Is there any kind of impact created by vulnerabilities on system or mobile
phones?
Frequency
a) Positive 12
b) Negative 18
Interpretation: It is clear that vulnerability leads to creation of negative impact on
individuals as illustrated by its definition. But the crucial aspect related with this is that what
respondents think about this. As per 12 individuals, they think that there is a positive impact
created by this. The reason behind this is that it enables individuals basically software developers
to create patches, if any error is found then enter into a system through that and update it. So it
acts as an entry for them to manipulate or enhance the capabilities of peculiar device. As per 18
respondents, the overall impact of will be negative as if it is exploited by intruder or hacker then
the information accessed by them can be utilised for carrying out malicious activities or consider
it as a launching pad to exploit other person at their name or their identity. This will have adverse
impact on individual when their personal information will be accessed by anonymous person.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Theme 5: Phases associated with hacking
Q5. Which phase related with hacking carry out actual attack on system or a
network?
Frequency
a) Reconnaissance 3
b) Scanning 4
c) Maintaining access 3
d) Gaining access 20
Interpretation: There are the different aspects associated with hacking that are being
used by hacker through which they can carry out malicious or harmful activities like attacks such
as phising, hacking, trojan horse, zombie attack and many more are there. Depending upon there
requirements they make use of distinct attacs through which they can be successful in their
targets. As per 20 respondents, for carrying out hacking or attacking a mobile device or system,
the essential aspect is to gain access into a device. The normal method is making use of hit and
trial method for breaking the password of device through which access can eb attined. There are
other methods also like shoulder surfing, brute force attack and many more. Even vulnerabilities
which are created for identification of any bugs or enhancing its features, intruder makes use of
these to exploit the device for gaining access within them.
Theme 6: Most common vulnerabilities present in the system
Q6) What are the common vulnerabilities which exist within the system? Frequency
Document Page
a) New installed application 7
b) Weak passwords 7
c) All of the above 13
d) None of the above 3
Interpretation: The developer carefully design vulnerabilities in such a way that intruder
or hacker do not get access or identify those within the device. So, they tends to utilise different
ways through which they can usse use mobile phone or system of the person. According to 7
respondents the new applications that are being installed y individuals are major threat. The
reason behind this is that it is not easy to identify whether it is given by authenticated developer
or not. Furthermore, mostly people download applications which seems appealing to them and
are also aware about vulnerabilities or what they are downoading within their devices. 7
respondents feel that weak passwords is major vulnerability that is present within the system as
when date of birth or names are used as a passowrd then they can be easily cracked by making
use of dictionary attack, brute force attack. As per 13 respondents these both are the major
vulnerabilities that are being created by individuals themselves despite knowing the fact that they
can lead to pessimistic impact.
Theme 7: Awareness of system security
Document Page
Q7) Do you know about system security Frequency
a) Yes 17
b) No 13
Interpretation: System security is an emerging concept and is evolving ata continuous
pace so that people do mot geet exploited to certain attacks. But the major disdavantage is that
maximum of individuals are not aware about the fact that what impact they can have if there
devices are not secured or have adequate tool through wwhich this can be attained. They
normally download any random application that seems pleasing to them depsite of the fact that it
might have some hidden vulnerabilities that can exploit their system or a device. The above
graph clearly illustrate this aspect, as per 13 respondents they don’t know about system security
which depicts that they can easily fall into a trap. For an instanec they can download any
application for which link is sent by a mail, give their credentila or use them to login within the
site or any other major aspect that can exploit their devices. 17 respondents have knowledge
about system security and for this they make use of strong passwords as well as ensure thatthey
do not click on any random application which can lead to distinct problems for them or their
devices prone to attacks.
Theme 8: Concept of system security
Q8. According to you, what do think system security is? Frequency

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
a) Protection of information 5
b) Preventing unauthorised access 3
c) Maintaining confidentiality, availability and integrity of data 4
d) Access controls 3
e) All of the above 15
Interpretation: InfoSec (information system security) is defined as methologies and
processes which are involved within keeping information available, confidential along with this
ensure theeir integrity. This implies access control that is liable for preventing unauthorised
personnel from accesing or entering system. As per 5 respondents, system security dentoes
protecting information stored within device from getting accessed by third person. According to
15 respondents syetm security involves access controls, prevention from unauthorised access,
protection of information, maintenace of confidentiality, integrity and avaialbaility are involved
within system security. Access control is liable for restrictingaccess to certain services. An
example can eb taken like when any application is intalled it asks for permission to access
contact details and gallery. If at this instance it is denied then probably vulnerability can be
restricted or access to personal imformation can be limited.
Theme 9: Whether system security is significant
Q9. Is it important to ensure system security? Frequency
Document Page
a) Yes 17
b) No 13
Interpretation: System security is a mandatory concept that must be followed by
organisation while making use of internet as it the major source through which devices are being
attacked. Thus, the smart device users like smartphones or computers needs to take into
consideration this aspect so that they are not attacked by attacks such as WannaCry, ransomware
or nay other. As per 17 respondents, this is crucial to make sure that there are adequate tools or
methods or precautions are being taken through which they can secure their devices. This can eb
attaiend by avoiding clicking on unauthenticated links either sent by email or given source while
making sue of internet. In addition to this, URL must be verified while entering the credentials
details so thatit is not a phishing page and third person do not have access to the login details. In
addition to this, there are 13 respondents who think that their devices or information stored
within them is secured and do not think that they neec to worry or make extra effort for attaining
system security.
Theme 10: Define system security
Q10. The practice along with precautions that are taken up for protection of
valuable data from any kind of unauthorised access, disclosure, recording or
destruction is referred to as?
Frequency
Document Page
a) Network security 4
b) System security 11
c) Physical security 6
d) Database security 9
Interpretation: System security is defined as control for accessing resourcess of
computer system generally operating sytem files and data. The objective of this is to protect
information along with any kind of theft or any other kind of damage. There is misconception
related with system security as according to 9 respondents protection of valuable data from any
kind of harm is reffered to as databse but there is difference in between these two terms. System
security protects the entire device whatever it contains o the other hand database security
emphasise on the information that is stored within the database. 6 respondents interprets the
concept of system ssecurity with physical secuiryt and 4 with network security respectively.
There is a thin line between these terms that has to be acknowledged. Physical security implies
like mobile phone is stolen. Network security dentoes protecting an individual while they are
making use internet from any kind of malicious attacks.
Theme 11: Define trap door
Q11) What does trap door means within a program? Frequency
a) The security hole that is inserted within the programming within the 11

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
system for using it later
b) Security hole within the network 8
c) Kind of antivirus 9
d) None of the above 2
Interpretation: Trap door illustrates the loophole which is left by developer for ensuring
that they can use it later for carrying out updates or add new features or even if any kind of
problems occur then they can be resolved easily. As per 9 respndents it is a antivirus but they are
completely out of the boxas these both concepts are not related with each other. 8 respondents
depicts it as a security hole which exist within network. This is significant up to some extant but
not completely it is not a security hole instead if intruder gets to know about this then it will lead
to exploit their information. According to 11 respondents, trap door indicate, the security hole
that is being added within the programming system so that it can be used at latter instance of
time as per desired requirements.
Theme 12: Vulnerabilities used
Q12. Which of the following illustrated below are not attack but vulnerabilities
for carrying out malicious activities?
Frequency
a) Denial of service 8
b) Memory access violation 8
Document Page
c) Port scanning 11
d) Dumpster diving 3
Interpretation: There are different kind of vulnerabilities that are being used but
vulnerabilities and attacks are both different aspects. For an instance 8 respondents think that
denial of service is a ulnerability but it is an attack that is used for preventing user from having
access to peculiar service. The memory access violation is vulnerability as in this certain IT
policies and frameworks are voilated for getting in within the system. According to 11
respondents, port scanning vulnerability is mostly used in order to identify the port which is
vulnerable and enter within the system through its usage.
Theme 13: Attainment of system security
Q13) How system security can be attained? Frequency
a) Through usage of strong passwords 5
b) By not downloading applications from unauthorised vendors 3
c) Updating system in continuous manner 5
d) Having antivirus in devices 4
e) All of the above 13
Document Page
Interpretation: It is essential that individual must try to ensure that thhey can attain
security of devices they are using. 5 respondents think that by making use of strong passwords
such as alphanumeric they can ensure that there devices cannot be exloited easily. 3 respondents
feel that, they not download application from unauthorised vendors as theere is probability that
theere may be vulnerabilities that might give access to them to theeir entire devices. According
to 5 and 4 respondents, system must be updated in regular manner along with this antivirus must
be installed as it will eliminate the incoming vulnerabilities and preventing system from getting
exploited. Furthermore, 13 respondents feel that all these can be taken to ensure that sytem can
be secured from outsider impact.
Theme 14: Need to acknowledge system security via vulnerabilities
Q14) Is there requirement for dealing with system security concept with
reference to vulnerabilities?
Frequency
a) Yes, as it is difficult to recognise what app is vulnerable 9
b) No, strong passwords are enough 4
c) Automatic detection of malicious software must be provided 12
d) Regular system updates will serve the purpose 5

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Interpretation: The above aspects clearly depicts the imapct and what respnondents think
but it is crucial to identify what can eb dine throuh which the impact or application that are
vulnerable can be identified. As per 9 respondents they are not able to identify applications
which are vulnerable to certain attacks. 4 individuals feel that strong passwords will serve the
purpose to protect their devices from any kind of attack. According to 5 respondents, there is a
continuous need for carrying out system updates as patches are being provided for securing deice
from getting exploited but this is only identified when any attack has already been occurred
within the device. As per 12 respondents, there is a need for a software or an application that will
assist within detecting application which are vulnerable and will lead to creation of negative
impact on their devices.
Q15. Provide any recommendations for system security by exploitation of vulnerabilities that are
present within the system so that overall pessimistic impact can be minimised.
Interpretation: System security is a critical aspect and to identify the impact it is
necessary to understand the concept of vulnerability to minimise the impact. Various measures
are being taken so that intruder does not get access to device so vulnerabilities within
applications are being used for doing so. It is recommended that a tool or a software must be
designed so that when any application is to be downloaded then it can be easily identified
Document Page
whether it is vulnerable or not. This will lead to protect device from giving unauthorised and
unauthenticated access to device of an individual.
Document Page
References
Books & Journals
Bhatia, A., Christopher, S. and Thangapandian, W., American Megatrends Inc, 2020. Auto
detection mechanism of vulnerabilities for security updates. U.S. Patent Application
16/171,541.
Casola, V. and et .al, 2020. A Novel Security-by-Design Methodology: Modeling and Assessing
Security with a Quantitative Approach. Systems and Software, 1(1), pp.1-13.
Chen, J. and et. al, 2020. An Automatic Software Vulnerability Classification Framework Using
Term Frequency-Inverse Gravity Moment and Feature Selection. Journal of Systems and
Software, p.110616.
Choudhary, S. and et. al, 2020. Proposed Data Structure for Storage of Metrics Values: Misuse
Case Oriented Quality Requirements (MCOQR) Framework Perspective. In Performance
Management of Integrated Systems and its Applications in Software Engineering (pp.
211-215). Springer, Singapore.
Conklin, W.A. and et. al, 2015. Principles of computer security. McGraw-Hill Education Group.
Dorsey, L.C. and et. al, 2020. Self healing databases for predictive risk analytics in safety-critical
systems. Journal of Loss Prevention in the Process Industries, 63, p.104014.
Dotson, J. and et. al, Whistic Inc, 2020. Methods and systems of assessing and managing
information security risks in a computer system. U.S. Patent 10,592,675.
Eghan, E.E. and et. al, 2020. The missing link–A semantic web based approach for integrating
screencasts with security advisories. Information and Software Technology, 117,
p.106197.
Fisch, E. A., White, G. B. and Pooch, U.W., 2017. Computer system and network security. CRC
press.
Fu and et. al, 2019. Research on joint optimal dispatching method for hybrid power system
considering system security. Applied energy, 238, pp.147-163.
Gupta, B., Agrawal, D.P. and Yamaguchi, S. eds., 2016. Handbook of research on modern
cryptographic solutions for computer and cyber security. IGI global.
Holz, E.A. and et. al, International Business Machines Corp, 2020. Amalgamating code
vulnerabilities across projects. U.S. Patent 10,621,361.
HUANG, T. And et. al, 2020. CHALLENGES AND NECES CHALLENGES AND
NECESSITIES OF VULNERABILITY VULNERABILITY ASSESSMENT
ASSESSMENT FOR POWER SYSTEMS POWER SYSTEMS POWER SYSTEMS
INFRASTRUCTU INFRASTRUCTU INFRASTRUCTURES.
Kelley, S.H., Jain, A.S.C. and Turner, S., Airwatch LLC, 2020. Detecting vulnerabilities in
managed client devices. U.S. Patent Application 16/600,986.
Kudjo, P.K. and et. al, 2020. The effect of Bellwether analysis on software vulnerability severity
prediction models. Software Quality Journal, pp.1-34.
Lever, K.E. and Kifayat, K., 2020. Identifying and mitigating security risks for secure and robust
NGI networks. Sustainable Cities and Society, p.102098.
Li, D., Assured Enterprises Inc, 2020. Method and system for identification of security
vulnerabilities. U.S. Patent 10,528,745.
Luh, R. and et. al, 2020. PenQuest: a gamified attacker/defender meta model for cyber security
assessment and education. Journal of Computer Virology and Hacking
Techniques, 16(1), pp.19-61.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Manku, S. and Vasanth, K., 2015. Blowfish encryption algorithm for information security. ARPN
journal of engineering and applied sciences, 10(10), pp.4717-4719.
Maspoli, G. and deSantis, A., UNISDR Scientific and Technical Advisory Group Case Studies
2015| The use of Geographic Information Systems for Environmental Impact
Assessments in Mine Action.
Mayer, and et. al, 2019. An integrated conceptual model for information system security risk
management supported by enterprise architecture management. Software & Systems
Modeling, 18(3), pp.2285-2312.
Nickolov, P., Schibler, R. and Armijo, B., Datagrid Systems Inc, 2020. Techniques for
evaluating server system reliability, vulnerability and component compatibility using
crowdsourced server and vulnerability data. U.S. Patent 10,608,911.
Pejšová, P. and Vaska, M., Audit DRAMBORA for Trustworthy Repositories.
Peltier, T. R., 2016. Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. Auerbach Publications.
Pozdniakov, K. and et. al, 2020. Smart Computer Security Audit: Reinforcement Learning with a
Deep Neural Network Approximator.
Ranganath, V.P. and Mitra, J., 2020. Are free android app security analysis tools effective in
detecting known vulnerabilities?. Empirical Software Engineering, 25(1), pp.178-219.
Rea-Guaman, A.M. and et. al, 2020. AVARCIBER: a framework for assessing cybersecurity
risks. Cluster Computing, pp.1-17.
Sachidananda, V., Bhairav, S. and Elovici, Y., 2020, March. OVER: overhauling vulnerability
detection for iot through an adaptable and automated static analysis framework.
In Proceedings of the 35th Annual ACM Symposium on Applied Computing (pp. 729-
738).
Scholz, R.W. and et. al, 2020. Organizational vulnerability of digital threats: A first validation of
an assessment method. European Journal of Operational Research, 282(2), pp.627-643.
Shahab, A. and et. al, 2020. An automated approach to fix buffer overflows. International
Journal of Electrical and Computer Engineering, 10(4), p.3777.
Tan, Y., 2016. Artificial immune system: applications in computer security. John Wiley & Sons.
Vassilev, V. And et.al, 2020, February. Intelligence graphs for threat intelligence and security
policy validation of cyber systems. In Proc. Int. Conf. on Artificial Intelligence and
Applications (ICAIA2020). Advances in Intelligent Systems and Computing, Springer.
Vorobiev, E. G. and et. al, 2017, May. Analysis of computer security incidents using fuzzy logic.
In 2017 XX IEEE International Conference on Soft Computing and Measurements
(SCM) (pp. 369-371). IEEE.
Walker, A. and et. al, 2020. On Automated Role-Based Access Control Assessment in Enterprise
Systems. In Information Science and Applications (pp. 375-385). Springer, Singapore.
Wu, X. And et. al, 2020. CVE-assisted large-scale security bug report dataset construction
method. Journal of Systems and Software, 160, p.110456.
Zhou and et. al, 2019, January. A Construction Method of Security Mechanism Requirement for
Wireless Access System Based on CC Standard. In 2019 International Conference on
Intelligent Transportation, Big Data & Smart City (ICITBS) (pp. 369-372). IEEE.
Online
Document Page
Systems Security: Firewalls, Encryption, Passwords & Biometrics. 2020. [Online]. Available
through: <https://study.com/academy/lesson/systems-security-firewalls-encryption-
passwords-biometrics.html>.
Software Vulnerability. 2020. [Online]. Available through:
<https://www.sciencedirect.com/topics/computer-science/software-vulnerability>.
How to prevent application attacks and reduce network vulnerabilities. 2020. [Online]. Available
through: <https://searchsecurity.techtarget.com/answer/How-to-prevent-application-
attacks-and-reduce-network-vulnerabilities>.
The Mobile App Vulnerability Epidemic and Its Impact on Global Business. 2020. [Online].
Available through: <https://www.arxan.com/arxan-blog/mobile-app-vulnerability-
business-impact>.
What is a Vulnerability?. 2020. [Online]. Available through:
<https://www.upguard.com/blog/vulnerability>.
1 out of 42
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]