China
Africa
Explore chapters and articles related to this topic
Nonfunctional Testing
Published in William E. Lewis, David Dobbs, Gunasekaran Veerapillai, Software Testing and Continuous Quality Improvement, 2017
William E. Lewis, David Dobbs, Gunasekaran Veerapillai
Penetration testing is security testing in which evaluators attempt to circumvent the security features of a system on the basis of their understanding of the system design and implementation. It is important to determine how vulnerable an organization’s network is and the level of damage that can occur if the network is compromised. A penetration test can be designed to simulate an inside or an outside attack. If both internal and external testing is to be performed, the external testing usually occurs first. With external penetration testing, firewalls usually limit the amount and types of traffic that are allowed into the internal network from external sources. Depending on what protocols are allowed through, initial attacks are generally focused on commonly used and allowed application protocols such as FTP, HTTP, or SMTP and POP.
Technical debt as an indicator of software security risk: a machine learning approach for software development enterprises
Published in Enterprise Information Systems, 2022
Miltiadis Siavvas, Dimitrios Tsoukalas, Marija Jankovic, Dionysios Kehagias, Dimitrios Tzovaras
As far as the class-level analysis is concerned, we have shown that TD indicators can potentially discriminate between vulnerable and clean classes, and predict the existence of vulnerabilities in software classes with sufficient level of accuracy. In other words, TD indicators could be used to build prediction models able to highlight security hotspots, i.e. software classes that are likely to contain vulnerabilities. This information is very useful for both the developers and project managers of a software application under development. In fact, this information could be leveraged for better planning their testing and fortification efforts, by allocating limited test resources to high-risk areas (i.e. potentially vulnerable classes). For instance, the testing and refactoring activities could start from those classes that are more likely to contain vulnerabilities. In addition, more exhaustive security testing could be applied to the classes that are marked as vulnerable, in order to increase the possibility of identifying and eventually fixing an underlying vulnerability, and eventually leading to more secure software.
Assessing smart light enabled cyber-physical attack paths on urban infrastructures and services
Published in Connection Science, 2022
Ioannis Stellios, Kostas Mokos, Panayiotis Kotzanikolaou
Mitigation strategies on the aforementioned risks can vary significantly among installation domains. Smart lighting systems installed in critical environments (e.g. within a corporation's data center, in a crowded public infrastructure) must undergo an extensive security testing in hardware, networks, I/O interfaces and application/cloud API services prior to installation to any secure environment whereas security assessments must be repeated at regular intervals. In Table 13, we present several security controls with the attack vector(s) that they mitigate as well as the corresponding network, hardware and software layer(s) in which they can be applied.
Mapping the Cybersecurity Research: A Scientometric Analysis of Indian Publications
Published in Journal of Computer Information Systems, 2023
B. Elango, S. Matilda, M. Martina Jose Mary, M. Arul Pugazhendhi
In 2011–2017 (Figure 12a), red cluster represents the cyber-attack detection and protection techniques including intrusion detection system, anomaly detection, static analyses and machine learning, and blue cluster mainly focuses on security testing (vulnerability testing) such as vulnerability assessment and penetration testing in information security that protect the confidential data from adversary.49 Only few publications have discussed these topics because security testing was a disappearing technology (see Figure 11a).