Impact and Research Challenges of Penetrating Testing and Vulnerability Assessment on Network Threat

Fatima, Areej; Khan, Tahir Abbas; Abdellatif, Tamer Mohamed; Zulfiqar, Sidra; Asif, Muhammad; Safi, Waseem; Hamadi, Hussam Al; Al-Kassem, Amer Hani

doi:10.1109/icbats57792.2023.10111168

Cited by 13 publications

(10 citation statements)

References 57 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It includes practices such as input validation [79], output encoding [80], and proper handling of user input to prevent common attack vectors such as injection attacks or cross-site scripting [81]. [83] to identify weaknesses and potential entry points for attackers. Security testing helps organizations identify vulnerabilities before deployment and validate the effectiveness of security measures [84].…”

Section: B Secure Software Developmentmentioning

confidence: 99%

See 1 more Smart Citation

Securing the Internet of Things in Artificial Intelligence Era: A Comprehensive Survey

Humayun,

Tariq,

Alfayad

et al. 2024

IEEE Access

View full text Add to dashboard Cite

The Internet of Things (IoT) has revolutionized various domains, enabling interconnected devices to communicate and exchange data. The integration of Artificial Intelligence (AI) in IoT systems further enhances their capabilities and potential benefits. Unfortunately, in the era of AI, ensuring the privacy and security of the IoT faces novel and specific challenges. IoT security is imperative, necessitating comprehensive strategies, including comprehension of IoT security challenges, implementation of AI methodologies, adoption of resilient security frameworks, and handling of privacy and ethical concerns to construct dependable and secure IoT systems. It is vital to note that the term 'security' encompasses a more comprehensive view than cyberattacks alone. Therefore, with an emphasis on securing against cyberattacks, this comprehensive survey also includes physical security threats on the IoT. It investigates the complexities and solutions for IoT systems, placing particular emphasis on AI-based security techniques. The paper undertakes a categorization of the challenges associated with ensuring IoT security, investigates the utilization of AI in IoT security, presents security frameworks and strategies, underscores privacy and ethical considerations, and provides insights derived from practical case studies. Furthermore, the survey sheds light on emerging trends concerning IoT security in the AI era. This survey provides significant contributions to the understanding of establishing dependable and secure IoT systems through an exhaustive examination of the present condition of IoT security and the ramifications of AI on it.

show abstract

Section: B Secure Software Developmentmentioning

confidence: 99%

“…• Enhanced protection against various attack vectors • Comprehensive approach to IoT security • Strong foundation for device security [26], [79], [80], [83]…”

Section: Ref Security Framework and Approachesmentioning

confidence: 99%

Securing the Internet of Things in Artificial Intelligence Era: A Comprehensive Survey

Humayun,

Tariq,

Alfayad

et al. 2024

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Automated scanners [30] simplify the process of identifying vulnerabilities in mobile applications. They scan the app's code or runtime environment and report potential security issues.…”

Section: Automated Scannersmentioning

confidence: 99%

Enhancing Mobile Security through Comprehensive Penetration Testing

Roshanaei

2024

JIS

View full text Add to dashboard Cite

In today's era, where mobile devices have become an integral part of our daily lives, ensuring the security of mobile applications has become increasingly crucial. Mobile penetration testing, a specialized subfield within the realm of cybersecurity, plays a vital role in safeguarding mobile ecosystems against the ever-evolving landscape of threats. The ubiquity of mobile devices has made them a prime target for cybercriminals, and the data and functionality accessed through mobile applications make them valuable assets to protect. Mobile penetration testing is designed to identify vulnerabilities, weaknesses, and potential exploits within mobile applications and the devices themselves. Unlike traditional penetration testing, which often focuses on network and server security, mobile penetration testing zeroes in on the unique challenges posed by mobile platforms. Mobile penetration testing, a specialized field within cybersecurity, is an essential tool in the Cybersecurity specialists' toolkit to protect mobile ecosystems from emerging threats. This article introduces mobile penetration testing, emphasizing its significance, including comprehensive learning labs for Android and iOS platforms, and highlighting how it distinctly differs from traditional penetration testing methodologies.

show abstract

“…The attacker must be able to gather information about the victim, gain their trust, exploit that trust, and then obtain the desired information or resources. The Mitnick framework is based on direct communication, involving using social engineering tactics to directly interact with the victim and manipulate their behavior (Fatima et al, 2023).…”

Section: Kevin Mitnick Frameworkmentioning

confidence: 99%

“…The Enhance Mitnick Framework of Social Engineering with the Ontological Model is a conceptual structure that outlines the core elements of social engineering attacks and provides an organized way of identifying and combating such attacks. The framework is based on the work of Kevin Mitnick, a renowned expert in field of social engineering (Fatima et al, 2023).…”

Section: Enhanced Kevin Mitnick Frameworkmentioning

confidence: 99%

A comprehensive survey on social engineering-based attacks on social networks

Naz,

Sarwar,

Kaleem

et al. 2024

Int. j. adv. appl. sci.

View full text Add to dashboard Cite

Threats based on social engineering in social networks are becoming a more common problem. Social engineering is a type of attack that relies on trickery and exploiting human psychology to gain access to confidential information or resources. It involves deceptive techniques like phishing, pretexting, and baiting, tricking individuals into revealing sensitive information or performing specific actions. These tactics can lead to unauthorized access to user accounts, identity theft, or the distribution of harmful content. This study offers a detailed review of threats related to social engineering on social networks. It explores various social engineering attacks, the methods used to execute these threats, and measures that can be adopted to minimize the risk of becoming a victim. The research aimed to develop a new, broad classification of social engineering attacks and strategies for responding to them. It also examines the challenges that social engineering poses to algorithms on social media platforms and highlights the need for more research. The study concludes by pointing out the shortcomings of current approaches and suggesting future research directions, stressing the importance of standardized protective measures and increasing awareness among potential victims. This thorough examination improves our understanding of social engineering attacks and encourages the development of innovative solutions and ethical practices, contributing to a more secure digital environment.

show abstract

Impact and Research Challenges of Penetrating Testing and Vulnerability Assessment on Network Threat

Cited by 13 publications

References 57 publications

Securing the Internet of Things in Artificial Intelligence Era: A Comprehensive Survey

Securing the Internet of Things in Artificial Intelligence Era: A Comprehensive Survey

Enhancing Mobile Security through Comprehensive Penetration Testing

A comprehensive survey on social engineering-based attacks on social networks

Contact Info

Product

Resources

About