An Analysis of Security Patch Lifecycle Using Google Trend Tool

Kuo, C.‐C. Jay; Ruan, He-Ming; Chen, Shih-Jen; Lei, Chin-Laung

doi:10.1109/asiajcis.2012.12

Cited by 6 publications

(2 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Rech [15] used GT data to analyze the attention that products received and the cause-effect relation among a few factors in software engineering. Kuo et al [16] demonstrated the lifecycles of internet security systems had the same pattern including four stages: zero day, publicity, cooldown and silence with different scales. The author discovered that GT data showed a interesting correlation with the lifecycle and claimed the reason was that when the vulnerability attracted a lot attention, the risk became large and the lifecycle turned to the decay stages.…”

Section: Related Workmentioning

confidence: 99%

Evaluating the impact of health awareness events on Google search frequency

Hao

Liu

2019

Preventive Medicine Reports

View full text Add to dashboard Cite

Over two hundred health awareness events take place in the United States in order to educate the public about various diseases. It would be informative and instructive for the organizations to know the impact of these events, although such information could be difficult to measure. We investigated whether 46 selected events attract the public attention by increasing the search frequencies of certain keywords. Internet search data from 2004 to 2017 were downloaded from Google Trend (GT). Three statistical methods including Transfer Function Noise modeling, Wilcoxon Rank Sum test, and Binomial inference were conducted. Our study showed that 10 health awareness events resulted in increased search frequencies in the event months, and 28 events did not, with the rest being classified as unclear.

show abstract

Section: Related Workmentioning

confidence: 99%

Evaluating the impact of health awareness events on Google search frequency

Hao

Liu

2019

Preventive Medicine Reports

View full text Add to dashboard Cite

show abstract

“…The open ports and their associated applications, OS signatures, and shared network resources all can lead to the vulnerabilities already identified at the national database (Zhang, Caragea, & Ou, 2011), antivirus vendor websites, and hacker community public portals such as the Open Source Vulnerability Database (Kuo, Ruan, Chen, & Lei, 2012). Students learn how to identify these vulnerabilities using online information and special tools and frameworks such as Metasploit (Remirez-Silv & Dacier, 2007).…”

Section: Topic 1: Identify Vulnerabilitiesmentioning

confidence: 99%

Penetration Testing Curriculum Development in Practice

2015

JITE:IIP

View full text Add to dashboard Cite

As both the frequency and the severity of network breaches have increased in recent years, it is essential that cybersecurity is incorporated into the core of business operations. Evidence from the U.S. Bureau of Labor Statistics (Bureau of Labor Statistics, 2012) indicates that there is, and will continue to be, a severe shortage of cybersecurity professionals nationwide throughout the next decade. To fill this job shortage we need a workforce with strong hands-on experience in the latest technologies and software tools to catch up with the rapid evolution of network technologies. It is vital that the IT professionals possess up-to-date technical skills and think and act one step ahead of the cyber criminals who are constantly probing and exploring system vulnerabilities. There is no perfect security mechanism that can defeat all the cyber-attacks; the traditional defensive security mechanism will eventually fail to the pervasive zero-day attacks. However, there are steps to follow to reduce an organization's vulnerability to cyber-attacks and to mitigate damages.Active security tests of the network from a cyber-criminal's perspective can identify system vulnerabilities that may lead to future breaches. "If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. But if you know the enemy and know yourself, you need not fear the result of hundred battles" (Sun, 2013). Penetration testing is a discipline within cybersecurity that focuses on identifying and exploiting the vulnerabilities of a network, eventually obtaining access to the critical business information. The pentesters, the security professionals who perform penetration testing, or ethical hackers, break the triad of information security -Confidentiality, Integrity, and Accountability (CIA) -as if they were a cyber-criminal. The purpose of ethical hacking or penetration testing is to know what the "enemy" can do and then generate a report for the management team to aid in strengthening the system, never to cause any real damages. This paper introduces the development of a penetration testing curriculum as a core class in an undergraduate cybersecurity track in Information Technology. The teaching modules are developed based on the professional penetration testing life cycle. The concepts taught in the class are enforced by hands-on lab exercises. This paper also shares the resources that are available to institutions looking for teaching materials and grant opportunities to support efforts when creating a similar curriculum in cybersecurity.

show abstract