System Security Assessment: A Study on Vulnerability Repositories
VerifiedAdded on 2023/01/13
|42
|12515
|74
Report
AI Summary
This report provides a comprehensive overview of system security assessment using vulnerability repositories. It begins by introducing the concept of system security, highlighting the vulnerabilities that can compromise system integrity and the importance of protecting systems from unauthorized access. The research aims to identify system security assessment methods through the use of vulnerability repositories, with objectives including understanding system security concepts, analyzing the impact of software vulnerabilities, and evaluating the effectiveness of new tools for risk reduction. The report includes a literature review, a discussion of research methodology, and an analysis of findings related to the use of vulnerability repositories in identifying and mitigating system vulnerabilities. The study also touches upon the rationale and significance of system security in an evolving technological landscape, emphasizing the need for tools to detect and prevent attacks, ultimately aiming to provide insights into securing systems and reducing the risks associated with software vulnerabilities.
Computer Security
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Abstract
System security illustrates the protection of system from unwanted and unauthorised
access. This denotes that system is vulnerable to attack if it is not handled in an effectual manner
and appropriate measures are not being taken. The software applications along with operating
systems are exploitable to vulnerabilities like SQL injection and various others which already
exist. System security illustrates the method which can be utilised by individuals or organisation
for securing their assets. For an instance, firewall is utilised for improvising security. In this rules
are formulated for filtering unwanted intrusions so that they do not get access to the system and
carry out any kind of harmful activities. Thus, there is a need of a tool through whose assistance
these vulnerabilities can be measured and their likeability can be minimised.
System security illustrates the protection of system from unwanted and unauthorised
access. This denotes that system is vulnerable to attack if it is not handled in an effectual manner
and appropriate measures are not being taken. The software applications along with operating
systems are exploitable to vulnerabilities like SQL injection and various others which already
exist. System security illustrates the method which can be utilised by individuals or organisation
for securing their assets. For an instance, firewall is utilised for improvising security. In this rules
are formulated for filtering unwanted intrusions so that they do not get access to the system and
carry out any kind of harmful activities. Thus, there is a need of a tool through whose assistance
these vulnerabilities can be measured and their likeability can be minimised.
Table of Contents
Abstract............................................................................................................................................2
Title: System Security Assessment using Vulnerability Repositories.............................................1
Chapter 1: Introduction....................................................................................................................1
Background of the research.........................................................................................................1
Problem statement.......................................................................................................................1
Research aim...............................................................................................................................2
Research Objectives....................................................................................................................2
Research Questions.....................................................................................................................2
Statement of Hypothesis.............................................................................................................2
Rationale of the study.................................................................................................................2
Significance of the study.............................................................................................................3
Route map of research.................................................................................................................3
Chapter 2: Literature Review...........................................................................................................6
Project Plan....................................................................................................................................11
Chapter 3: Research Methodology................................................................................................13
Chapter 4: Findings and Analysis..................................................................................................22
References......................................................................................................................................37
Abstract............................................................................................................................................2
Title: System Security Assessment using Vulnerability Repositories.............................................1
Chapter 1: Introduction....................................................................................................................1
Background of the research.........................................................................................................1
Problem statement.......................................................................................................................1
Research aim...............................................................................................................................2
Research Objectives....................................................................................................................2
Research Questions.....................................................................................................................2
Statement of Hypothesis.............................................................................................................2
Rationale of the study.................................................................................................................2
Significance of the study.............................................................................................................3
Route map of research.................................................................................................................3
Chapter 2: Literature Review...........................................................................................................6
Project Plan....................................................................................................................................11
Chapter 3: Research Methodology................................................................................................13
Chapter 4: Findings and Analysis..................................................................................................22
References......................................................................................................................................37
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Title: System Security Assessment using Vulnerability Repositories
Chapter 1: Introduction
Operating system is liable for controlling access to resources that comprises of sensitive
data. This implies control of access to resources of computer systems that involves data as well
as operating system files. This is referred to as system security (Fu and et. al, 2019). Security
vulnerability illustrates the weakness of an adversary which can be taken advantage off to
compromise with availability, confidentiality along with integrity of resources. As the
technology is evolving, there is enhanced probability to enter within them. The operating system
and software apps have become exploitable to the system vulnerabilities which to leads to
security concerns. Vulnerability denotes weakness that may be exploited via threat actor like
attacker carrying out unauthorised actions in computer system. Basically, it implies cyber
security term that illustrates flaw within system, which leads to creation of open attack. They
signify weakness of computer system that comprises of procedures or anything that leads to
expose information security. For this it is necessary for identification of applications which have
vulnerabilities and can lead to have worst impact on individuals system. This will lead to identify
vulnerability that might be prevented to from attacking as well as having access to data.
Background of the research
Computer vulnerability refers to cyber security term that denotes defect within a system
that makes it prone to attacks. This signifies type of weakness which is present within computer
system or mobile phones that comprises of set of procedures or aspects that lead to aid
information security by which this can be exposed to threat. This can lead individuals to have
various problems like threat of leakage of their private information (Bhatia, Christopher and
Thangapandian, 2020). In case if firm’s network is being exposed or mobile device of any
employee is accessed by intruder then they can have credential information of them which can be
utilised against then. Even identity theft can be used to have access to wide range of data.
Problem statement
Operating system implies software which interacts with hardware as well as aids other
programs to execute. This involves fundamental files or system software that is required by
computers along with mobile phones requires OS to boot up and carry out their functionalities
(Casola and et .al, 2020). Behind this lots of programming is involved in different languages
Chapter 1: Introduction
Operating system is liable for controlling access to resources that comprises of sensitive
data. This implies control of access to resources of computer systems that involves data as well
as operating system files. This is referred to as system security (Fu and et. al, 2019). Security
vulnerability illustrates the weakness of an adversary which can be taken advantage off to
compromise with availability, confidentiality along with integrity of resources. As the
technology is evolving, there is enhanced probability to enter within them. The operating system
and software apps have become exploitable to the system vulnerabilities which to leads to
security concerns. Vulnerability denotes weakness that may be exploited via threat actor like
attacker carrying out unauthorised actions in computer system. Basically, it implies cyber
security term that illustrates flaw within system, which leads to creation of open attack. They
signify weakness of computer system that comprises of procedures or anything that leads to
expose information security. For this it is necessary for identification of applications which have
vulnerabilities and can lead to have worst impact on individuals system. This will lead to identify
vulnerability that might be prevented to from attacking as well as having access to data.
Background of the research
Computer vulnerability refers to cyber security term that denotes defect within a system
that makes it prone to attacks. This signifies type of weakness which is present within computer
system or mobile phones that comprises of set of procedures or aspects that lead to aid
information security by which this can be exposed to threat. This can lead individuals to have
various problems like threat of leakage of their private information (Bhatia, Christopher and
Thangapandian, 2020). In case if firm’s network is being exposed or mobile device of any
employee is accessed by intruder then they can have credential information of them which can be
utilised against then. Even identity theft can be used to have access to wide range of data.
Problem statement
Operating system implies software which interacts with hardware as well as aids other
programs to execute. This involves fundamental files or system software that is required by
computers along with mobile phones requires OS to boot up and carry out their functionalities
(Casola and et .al, 2020). Behind this lots of programming is involved in different languages
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
basically, it is Java, C and many more languages which allows firms as well as individuals to
carry out their operations in smooth manner. This leads to certain vulnerabilities that pose threat
to these devices as there is a probability that program might have skipped certain aspects which
makes them vulnerable. This means that there is a need for an application that will lead to
identify these vulnerable apps which will lead to hamper the functionalities of operations or
information stored within them (Chen and et. al, 2020).
Research aim
“To identify the system security assessment through the usage of vulnerability
repositories”
Research Objectives
To identify the concept of system security along with vulnerabilities present within.
To identify the impact of existing software vulnerability upon apps as well as operating
system.
To analyse the effectiveness of creating a new tool in order to reduce the risk of system
vulnerability.
Research Questions
Illustrate concept of system security along with vulnerabilities within them.
Identify the impact of existing software vulnerability upon apps as well as operating
system.
Conduct analysis of effectiveness of creating a new tool in order to reduce the risk of
system vulnerability.
Statement of Hypothesis
H0: New tool for system security will lead to have affirmative reduction of risks associated with
system vulnerabilities.
H1: New tool for system security will not have any influence on reducing risks related with
system vulnerabilities.
Rationale of the study
Technology is evolving and ways individuals and firms are dependent on it which leads
intruders to carry out the attacks in an easy manner (Choudhary and et. al, 2020). To understand
this aspect an instance can be taken into consideration like when individuals download any
carry out their operations in smooth manner. This leads to certain vulnerabilities that pose threat
to these devices as there is a probability that program might have skipped certain aspects which
makes them vulnerable. This means that there is a need for an application that will lead to
identify these vulnerable apps which will lead to hamper the functionalities of operations or
information stored within them (Chen and et. al, 2020).
Research aim
“To identify the system security assessment through the usage of vulnerability
repositories”
Research Objectives
To identify the concept of system security along with vulnerabilities present within.
To identify the impact of existing software vulnerability upon apps as well as operating
system.
To analyse the effectiveness of creating a new tool in order to reduce the risk of system
vulnerability.
Research Questions
Illustrate concept of system security along with vulnerabilities within them.
Identify the impact of existing software vulnerability upon apps as well as operating
system.
Conduct analysis of effectiveness of creating a new tool in order to reduce the risk of
system vulnerability.
Statement of Hypothesis
H0: New tool for system security will lead to have affirmative reduction of risks associated with
system vulnerabilities.
H1: New tool for system security will not have any influence on reducing risks related with
system vulnerabilities.
Rationale of the study
Technology is evolving and ways individuals and firms are dependent on it which leads
intruders to carry out the attacks in an easy manner (Choudhary and et. al, 2020). To understand
this aspect an instance can be taken into consideration like when individuals download any
application they are asked for allowing application to access their contact details, images and
other information. These details might be accessed by third person or intruder to have
unauthenticated access to their requirements. This will have high pessimistic impact on them or
have access to their email and carry out attacks by using their devices as a launching pads as that
they cannot be identified. This makes it crucial to have an alternative to deal with this aspect as it
will have adverse impact on individual whose device is compromised in addition to this there is
high probability that intruder might have details of their login credentials into different
applications or websites which are being used by them (Dorsey and et. al, 2020).
This illustrates that even after peculiar app that is vulnerable is deleted then there is high
probability that attack can take place. So, to deal with such kind of situations it is essential there
is an alternative that will provide an insight into which app is vulnerable and which is not. This
dissertation is based on this concept only in which tool will be formulated that will assist within
detection of vulnerable attacks. For this, it is critical for researcher to take all the aspects in
precise manner and work done by other authors with reference to this as it will furnish a strong
base for carrying out the research.
Significance of the study
This research is carried out on system security as it is critical aspect that has to be
considered. Through this systems can be prevented from getting exploited. Efficacious use of
technology leads to elimination of such aspects but also makes them more prone to different
attacks as individuals are dependent on their devices for certain activities (Dotson and et. al,
2020). Furthermore, they more often download and install different applications without taking
into consideration the repercussions associated with this. This dissertation will provide with tool
that will assist within detecting such kind of applications which will make them prone to attacks.
Overall there will an affirmative impact on the ways people use their devices and have secured
system.
Route map of research
This is crucial aspect within research that assists readers to classify adequate data
associated with each chapter to illustrate what is studied is defined as route map (Eghan and et.
al, 2020). Within this section of dissertation, unlike chapters are contained, they are specified
below with reference to information that will be presented by them.
other information. These details might be accessed by third person or intruder to have
unauthenticated access to their requirements. This will have high pessimistic impact on them or
have access to their email and carry out attacks by using their devices as a launching pads as that
they cannot be identified. This makes it crucial to have an alternative to deal with this aspect as it
will have adverse impact on individual whose device is compromised in addition to this there is
high probability that intruder might have details of their login credentials into different
applications or websites which are being used by them (Dorsey and et. al, 2020).
This illustrates that even after peculiar app that is vulnerable is deleted then there is high
probability that attack can take place. So, to deal with such kind of situations it is essential there
is an alternative that will provide an insight into which app is vulnerable and which is not. This
dissertation is based on this concept only in which tool will be formulated that will assist within
detection of vulnerable attacks. For this, it is critical for researcher to take all the aspects in
precise manner and work done by other authors with reference to this as it will furnish a strong
base for carrying out the research.
Significance of the study
This research is carried out on system security as it is critical aspect that has to be
considered. Through this systems can be prevented from getting exploited. Efficacious use of
technology leads to elimination of such aspects but also makes them more prone to different
attacks as individuals are dependent on their devices for certain activities (Dotson and et. al,
2020). Furthermore, they more often download and install different applications without taking
into consideration the repercussions associated with this. This dissertation will provide with tool
that will assist within detecting such kind of applications which will make them prone to attacks.
Overall there will an affirmative impact on the ways people use their devices and have secured
system.
Route map of research
This is crucial aspect within research that assists readers to classify adequate data
associated with each chapter to illustrate what is studied is defined as route map (Eghan and et.
al, 2020). Within this section of dissertation, unlike chapters are contained, they are specified
below with reference to information that will be presented by them.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Chapter 1: Introduction: This illustrates overview or introductory overview of aspects
connected with dissertation. This activity involves complete information and base that will
define overview of the topic (Holz and et. al, 2020). Through this chapter, reader can have data
for research aims, objectives, questions related with this along with background of the study.
Chapter 2: Literature Review: This denotes second chapter of dissertation which
involves study that is being carried out by authors. With reference to this section, wide range of
publications, articles, books and many other sources will be used. They will be accountable to
support reader with opportunities to have all the crucial data related with work done by other
researchers. In this context, various researchers have rendered their opinions and view point with
reference to system security and vulnerabilities associated with this. Along with this, certain
aspects will be depicted that will assist them within having adequate information related with this
as well as identify the gap within work done by them.
Chapter 3: Research Methodology: It is the next chapter or activity within dissertation
that is completely dependent on research methods that have been carried out. Within this
research section, there are diverse methods that involve secondary as well as primary methods
for collecting data. Qualitative or quantitative research, instruments, philosophies along with
various other perspectives connected with this dissertation (HUANG and et. al, 2020). It implies
critical method which is responsible to support researcher through which they can have precise
data associated with system security and vulnerabilities.
Chapter 4: Findings and analysis: This is the next chapter of dissertation that will assist
in interpretation of information or data with reference to the topic. Within this section of
research, frequency table will be illustrated which will help investigator in determination of
decided along with undecided respondents. Along with this, here different tables along with
graphs are utilised which are completely based on response or frequency tables that are attained
via respondents.
Chapter 5: Discussion: It denotes next chapter that will aid investigator to provide
researchers with relevant recognition with reference to primary data. For this, literature review
can be used to examine secondary data that is related with system security (Kelley, Jain and
Turner, 2020). Apart from this, questionnaire will be used to acknowledge the influence of tool
and understanding related with vulnerabilities within system.
connected with dissertation. This activity involves complete information and base that will
define overview of the topic (Holz and et. al, 2020). Through this chapter, reader can have data
for research aims, objectives, questions related with this along with background of the study.
Chapter 2: Literature Review: This denotes second chapter of dissertation which
involves study that is being carried out by authors. With reference to this section, wide range of
publications, articles, books and many other sources will be used. They will be accountable to
support reader with opportunities to have all the crucial data related with work done by other
researchers. In this context, various researchers have rendered their opinions and view point with
reference to system security and vulnerabilities associated with this. Along with this, certain
aspects will be depicted that will assist them within having adequate information related with this
as well as identify the gap within work done by them.
Chapter 3: Research Methodology: It is the next chapter or activity within dissertation
that is completely dependent on research methods that have been carried out. Within this
research section, there are diverse methods that involve secondary as well as primary methods
for collecting data. Qualitative or quantitative research, instruments, philosophies along with
various other perspectives connected with this dissertation (HUANG and et. al, 2020). It implies
critical method which is responsible to support researcher through which they can have precise
data associated with system security and vulnerabilities.
Chapter 4: Findings and analysis: This is the next chapter of dissertation that will assist
in interpretation of information or data with reference to the topic. Within this section of
research, frequency table will be illustrated which will help investigator in determination of
decided along with undecided respondents. Along with this, here different tables along with
graphs are utilised which are completely based on response or frequency tables that are attained
via respondents.
Chapter 5: Discussion: It denotes next chapter that will aid investigator to provide
researchers with relevant recognition with reference to primary data. For this, literature review
can be used to examine secondary data that is related with system security (Kelley, Jain and
Turner, 2020). Apart from this, questionnaire will be used to acknowledge the influence of tool
and understanding related with vulnerabilities within system.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Chapter 6: Conclusion and Recommendation: It implies last chapter associated with
the dissertation that will provide adequate data in context of objectives are achieved or not. In
addition to this, it is completely based on research findings along with analysis up to larger
extent. Furthermore, some suggestions will also be to firm on the basis of topic.
the dissertation that will provide adequate data in context of objectives are achieved or not. In
addition to this, it is completely based on research findings along with analysis up to larger
extent. Furthermore, some suggestions will also be to firm on the basis of topic.
Chapter 2: Literature Review
It is vital abstract of activities that are being carried out with reference to specified area. This
is accountable to develop landscape for their readers through which complete understanding can
be developed within security system. It will provide learner with adequate data that has been
collected via previous work carried out via researchers. The purpose of carrying out literature
review furnish learner with adequate information in terms of new insight into different
perspectives (Kudjo and et. al, 2020). In this section, data is collected through usage of
secondary sources such as internet, books, articles and many more. It will lead them to have
relevant data and assist within having affirmative outcomes for dissertation. Literature refers to
systematic along with efficacious process that is being utilised by researchers for having in-depth
knowledge associated with this research. The gap has to be identified with disputes in different
studies which are carried out. Through identification of these gaps it will be easy for investigator
to identify adequate research through which gaps can be filled up. With reference to this, each
objective will be acknowledged in sequential manner.
It is critical aspect of dissertation which aims at conducting work within adequate manner
through analysing information associated with this aspect. Therefore, the information that is
available will aid within gaining knowledge related with subject that will allow them to carry out
research within precise way and have valid implications. This section is regarded as base for
carrying out research as this will assist within having effective theoretical perspectives that have
formulated to carry out activities in adequate manner (Lever and Kifayat, 2020). With reference
to this, information is collected through secondary resources which involves past investigations,
journals, newspapers which are based on objectives and aims associated with the research which
illustrates precise framework will be formulated that will lead to have significant knowledge
related with security system and vulnerabilities related with this.
Theme 1
To identify the concept of system security along with vulnerabilities present within.
According to Paul Zandbergen (2020), the protection of data or information along with
property from any kind of corruption, theft or damage while allowing users to access them is
referred to system security. Basically, it implies that developing as well as executing security
countermeasures through which systems can be secured from any kind of unauthorised access
(Li, 2020). There are different security threats which are being experienced while making use of
It is vital abstract of activities that are being carried out with reference to specified area. This
is accountable to develop landscape for their readers through which complete understanding can
be developed within security system. It will provide learner with adequate data that has been
collected via previous work carried out via researchers. The purpose of carrying out literature
review furnish learner with adequate information in terms of new insight into different
perspectives (Kudjo and et. al, 2020). In this section, data is collected through usage of
secondary sources such as internet, books, articles and many more. It will lead them to have
relevant data and assist within having affirmative outcomes for dissertation. Literature refers to
systematic along with efficacious process that is being utilised by researchers for having in-depth
knowledge associated with this research. The gap has to be identified with disputes in different
studies which are carried out. Through identification of these gaps it will be easy for investigator
to identify adequate research through which gaps can be filled up. With reference to this, each
objective will be acknowledged in sequential manner.
It is critical aspect of dissertation which aims at conducting work within adequate manner
through analysing information associated with this aspect. Therefore, the information that is
available will aid within gaining knowledge related with subject that will allow them to carry out
research within precise way and have valid implications. This section is regarded as base for
carrying out research as this will assist within having effective theoretical perspectives that have
formulated to carry out activities in adequate manner (Lever and Kifayat, 2020). With reference
to this, information is collected through secondary resources which involves past investigations,
journals, newspapers which are based on objectives and aims associated with the research which
illustrates precise framework will be formulated that will lead to have significant knowledge
related with security system and vulnerabilities related with this.
Theme 1
To identify the concept of system security along with vulnerabilities present within.
According to Paul Zandbergen (2020), the protection of data or information along with
property from any kind of corruption, theft or damage while allowing users to access them is
referred to system security. Basically, it implies that developing as well as executing security
countermeasures through which systems can be secured from any kind of unauthorised access
(Li, 2020). There are different security threats which are being experienced while making use of
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
systems, they comprise of data loss, physical damage or the information falls into wrong hand.
As technology is evolving, there comes different ways through which unauthenticated persons
get access to system and make their illegal use (Systems Security: Firewalls, Encryption,
Passwords & Biometrics, 2020). This is denoted by hacking and hackers have formulated distinct
sophisticated ways through which they obtain data from database for having some advantage or
have intent to harm others.
System security illustrates the method which can be utilised by individuals or organisation
for securing their assets. For an instance, firewall is utilised for improvising security. In this rules
are formulated for filtering unwanted intrusions so that they do not get access to the system and
carry out any kind of harmful activities (Mayer, and et. al, 2019). Furthermore, passwords are
being used but if they are not strong then it is not worth using them in case password is
‘sensitive’ then it can be easily broken up through usage of dictionary attacks which implies that
it was of no use. Therefore, it is always suggested to make use of strong password which
comprises of special characters. Still then if sensitive information is present on the system then it
can be encrypted so that if third person get access to system then also they do not have access to
data (Conklin and et. al, 2015). These are some methods which are being used within system
security but still it is difficult to entirely secure the systems.
As per NIST (National Institute of Standards & Technology), vulnerability imply weakness
within the information system, internal controls, security procedures or execution which can be
triggered or exploited through a threat source. There are certain reasons due to which
vulnerability takes place within the system, they are illustrated below:
Complexities: When an application or system is complex then it increases chances of
misconfiguration, flaws or unintended access. In case when something critical, large and
complex system is developed then probability of loopholes increases (Vorobiev and et.
al, 2017).
Familiarity and Connectivity: Common software, code, hardware and operating
systems enhance possibilities that intruder will be able to identify or attain information
related with vulnerabilities present in the system. Along with this, when systems are
having internet connections all the time then they can gain knowledge related with
vulnerabilities.
As technology is evolving, there comes different ways through which unauthenticated persons
get access to system and make their illegal use (Systems Security: Firewalls, Encryption,
Passwords & Biometrics, 2020). This is denoted by hacking and hackers have formulated distinct
sophisticated ways through which they obtain data from database for having some advantage or
have intent to harm others.
System security illustrates the method which can be utilised by individuals or organisation
for securing their assets. For an instance, firewall is utilised for improvising security. In this rules
are formulated for filtering unwanted intrusions so that they do not get access to the system and
carry out any kind of harmful activities (Mayer, and et. al, 2019). Furthermore, passwords are
being used but if they are not strong then it is not worth using them in case password is
‘sensitive’ then it can be easily broken up through usage of dictionary attacks which implies that
it was of no use. Therefore, it is always suggested to make use of strong password which
comprises of special characters. Still then if sensitive information is present on the system then it
can be encrypted so that if third person get access to system then also they do not have access to
data (Conklin and et. al, 2015). These are some methods which are being used within system
security but still it is difficult to entirely secure the systems.
As per NIST (National Institute of Standards & Technology), vulnerability imply weakness
within the information system, internal controls, security procedures or execution which can be
triggered or exploited through a threat source. There are certain reasons due to which
vulnerability takes place within the system, they are illustrated below:
Complexities: When an application or system is complex then it increases chances of
misconfiguration, flaws or unintended access. In case when something critical, large and
complex system is developed then probability of loopholes increases (Vorobiev and et.
al, 2017).
Familiarity and Connectivity: Common software, code, hardware and operating
systems enhance possibilities that intruder will be able to identify or attain information
related with vulnerabilities present in the system. Along with this, when systems are
having internet connections all the time then they can gain knowledge related with
vulnerabilities.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Operating System flaws: As applications or software have limitations, operating system
also possesses some restrictions. They are insecure as well as render complete control to
individuals that allows in certain viruses as well as malware by executing various
commands.
All these aspects lead to manage vulnerabilities so that unwanted activities can be prevented.
Vulnerability management refers to a cyclical practice for identification, classification,
remediation as well as mitigation of security vulnerability (Tan, 2016). It is essential that they
are detected, assessed and remediated.
Theme 2
To identify the impact of existing software vulnerability upon apps as well as operating
system.
According to Ira Winkler (2020), bugs which are involved within the software are
referred to as software vulnerabilities. Bugs illustrate errors that are present within code which
causes system to take unwanted actions (Software Vulnerability, 2020). Generally, it depicts the
weaknesses that might be exploited by attackers for carrying out unauthorised activities on the
computer system. There are different vulnerabilities which create impact on system like SQL
injection, buffer overflow; OS command injection, integer overflow, uncontrolled format string
and various others. There are different applications which are being used of users. Now the
attackers try to find out the weaknesses present within those apps which are denoted by
vulnerability so that they can write down program through which they can get over that like lock
picks are being utilised to have an entry into physical location of user. This implies that overall
influence will be worst as once hackers get access to device then sensitive information present
within can be accessed by them and misused (Luh and et. al, 2020). Vulnerabilities within an
application or operating system takes place due to some reasons they are as:
Program Errors: The bugs which are present within program code allow a computer
virus to have an access to device as well as have a control of that. An instance can be taken into
consideration like in August 2018 vulnerability was founded by KrebsOnSecurity on the
platform of Fiserv banking. The programming has an error due to which data of individuals can
be attained by incrementing object or parameter named “event number”. This vulnerability
allowed third person to check out transaction related data of other individuals which comprises
of their account details, phone number and e-mail address (Peltier, 2016). Errors or bugs in a
also possesses some restrictions. They are insecure as well as render complete control to
individuals that allows in certain viruses as well as malware by executing various
commands.
All these aspects lead to manage vulnerabilities so that unwanted activities can be prevented.
Vulnerability management refers to a cyclical practice for identification, classification,
remediation as well as mitigation of security vulnerability (Tan, 2016). It is essential that they
are detected, assessed and remediated.
Theme 2
To identify the impact of existing software vulnerability upon apps as well as operating
system.
According to Ira Winkler (2020), bugs which are involved within the software are
referred to as software vulnerabilities. Bugs illustrate errors that are present within code which
causes system to take unwanted actions (Software Vulnerability, 2020). Generally, it depicts the
weaknesses that might be exploited by attackers for carrying out unauthorised activities on the
computer system. There are different vulnerabilities which create impact on system like SQL
injection, buffer overflow; OS command injection, integer overflow, uncontrolled format string
and various others. There are different applications which are being used of users. Now the
attackers try to find out the weaknesses present within those apps which are denoted by
vulnerability so that they can write down program through which they can get over that like lock
picks are being utilised to have an entry into physical location of user. This implies that overall
influence will be worst as once hackers get access to device then sensitive information present
within can be accessed by them and misused (Luh and et. al, 2020). Vulnerabilities within an
application or operating system takes place due to some reasons they are as:
Program Errors: The bugs which are present within program code allow a computer
virus to have an access to device as well as have a control of that. An instance can be taken into
consideration like in August 2018 vulnerability was founded by KrebsOnSecurity on the
platform of Fiserv banking. The programming has an error due to which data of individuals can
be attained by incrementing object or parameter named “event number”. This vulnerability
allowed third person to check out transaction related data of other individuals which comprises
of their account details, phone number and e-mail address (Peltier, 2016). Errors or bugs in a
program that provides a way through which third person can get access to information that is
stored in software. Intended Features: They imply documented and legitimate ways through which
applications have access to the system. For an example cross-site scripting attacks in
which malicious programs or scripts are injected into web applications. This is being
done to have information about their users.
If vulnerabilities are present within an application or operating system either they are
intended or not then there is higher probability that software is open to attacks via malicious
programs (Manku and Vasanth, 2015). There are certain vulnerabilities within the application
which can hamper the way in which they work as well as data stored in them. Few of them are
specified below along with their impact:
Lack of Binary Protections: This imply source code for applications that is not
obfuscated in any manner which makes it easy for decompiling them, carrying out
reverse engineering as well as read application code clearly without any kind of special
tools. Once this has been decompiled then it will be easy to search app source code for
developers along with encryption keys, tokens and APIs. Around 97% of apps suffer
this problem which makes it probable to decompile apps by making use of APK
Extractor tool which is available for free download (The Mobile App Vulnerability
Epidemic and Its Impact on Global Business, 2020). In case tokens or encryption keys
are identified then it will also become probable to crack or exploit private key
passwords through offline mediums. This enables adversaries with ability to inject
malware within the code to have access to confidential or other information.
Insecure Data Storage: This illustrates data which is being transferred through the
usage of application that was stored insecurely. It can be stored either temporary or
permanent that is outside sandbox or in local file system, external storage or may be
copied into clipboard (Gupta, Agrawal and Yamaguchi, eds., 2016). As per the research
that is conducted imply that around 83% of applications are insecurely stored which
enhance risk of exposure of personal data of users and even their social media handles.
Furthermore, temporary storage also leads insecure access for sensitive information via
other applications.
stored in software. Intended Features: They imply documented and legitimate ways through which
applications have access to the system. For an example cross-site scripting attacks in
which malicious programs or scripts are injected into web applications. This is being
done to have information about their users.
If vulnerabilities are present within an application or operating system either they are
intended or not then there is higher probability that software is open to attacks via malicious
programs (Manku and Vasanth, 2015). There are certain vulnerabilities within the application
which can hamper the way in which they work as well as data stored in them. Few of them are
specified below along with their impact:
Lack of Binary Protections: This imply source code for applications that is not
obfuscated in any manner which makes it easy for decompiling them, carrying out
reverse engineering as well as read application code clearly without any kind of special
tools. Once this has been decompiled then it will be easy to search app source code for
developers along with encryption keys, tokens and APIs. Around 97% of apps suffer
this problem which makes it probable to decompile apps by making use of APK
Extractor tool which is available for free download (The Mobile App Vulnerability
Epidemic and Its Impact on Global Business, 2020). In case tokens or encryption keys
are identified then it will also become probable to crack or exploit private key
passwords through offline mediums. This enables adversaries with ability to inject
malware within the code to have access to confidential or other information.
Insecure Data Storage: This illustrates data which is being transferred through the
usage of application that was stored insecurely. It can be stored either temporary or
permanent that is outside sandbox or in local file system, external storage or may be
copied into clipboard (Gupta, Agrawal and Yamaguchi, eds., 2016). As per the research
that is conducted imply that around 83% of applications are insecurely stored which
enhance risk of exposure of personal data of users and even their social media handles.
Furthermore, temporary storage also leads insecure access for sensitive information via
other applications.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 42
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.