Developing an empirical study of how qualified subjects might be selected for IT system security penetration testing
نویسندگان
چکیده
This paper describes a planned program of investigation designed to determine what characteristics are signficant in predicting performance of students used as subjects in IT system penetration testing testbeds. In large part the experimental design replicates an earlier study by Jonsson et al., and extends that study to include factors describing the attacking subjects. In this way the proposed study is expected to be able to verify and further their work by collecting data on a larger population of subjects. Among others we expect to verify their hypothesis that to the stationary nature of the breaking-in process and the intrusion process during the standard attack phase is characterized by exponential distribution. Finally, the proposed study will be also usable for the purpose of evaluation of intrusion detection systems.
منابع مشابه
Risk Analysis and Economic Load Dispatch Evaluation of Network with High Wind Power Penetration
This study based on investigation for integration wind power into conventional power system with its impact on fossil fuel generators and their generation management. Wind power as environmental friendly energy source can reduce the operational cost of the system due to considering no cost for energizing the generator in comparing with fossil fuel generators. However due to unpredictable nature...
متن کاملWhat Is Resilience and How Can It Be Nurtured? A Systematic Review of Empirical Literature on Organizational Resilience
Background Recent health system shocks such as the Ebola outbreak of 2014–2016 and the global financial crisis of 2008 have generated global health interest in the concept of resilience. The concept is however not new, and has been applied to other sectors for a longer period of time. We conducted a review of empirical literature from both the health and other sectors to synthesize evidence on ...
متن کاملMapping of McGraw Cycle to RUP Methodology for Secure Software Developing
Designing a secure software is one of the major phases in developing a robust software. The McGraw life cycle, as one of the well-known software security development approaches, implements different touch points as a collection of software security practices. Each touch point includes explicit instructions for applying security in terms of design, coding, measurement, and maintenance of softwar...
متن کاملDeveloping a Secure Web Application Using OWASP Guidelines
Developing a secure Web application is very difficult task. Therefore developers need a guideline to help them to develop a secure Web application. Guideline can be used as a checklist for developer to achieve minimum standard of secure Web application. This study evaluates how good is OWASP guideline in helping developer to build secure Web application. The developed system is then tested usin...
متن کاملTowards Side-Effects-free Database Penetration Testing
Penetration testing is one of the most traditional and widely used techniques to detect security flaws in systems by conducting simulated-attacks to the target systems. Organizations can develop a tool based on this technique to assess their own security systems or use third party softwares. However, besides its advantages in exploring real security vulnerabilities without false results, this t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Annales UMCS, Informatica
دوره 2 شماره
صفحات -
تاریخ انتشار 2004