Penetration testing automation assessment method based on rule tree

Zhao, Jianming; Shang, Wenli; Wan, Ming; Zeng, Peng

doi:10.1109/cyber.2015.7288225

Cited by 7 publications

(4 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…T. AlSadhan and J.S. Park in paper [7] discussed the principles of and requirements for Information Security Continuous Monitoring (ISCM) and Risk Manangement in support of cyber defenses, real-world challenges.…”

Section: Literature Reviewmentioning

confidence: 99%

See 1 more Smart Citation

An Ontology of Cyber Security Automation

Brahma¹,

Kalita²

2023

Data Science and Intelligent Computing Techniques

View full text Add to dashboard Cite

Automation has been a major challenge for many industries (from small to large scale) in the fight against rising cyber threats. Many tools and techniques has been developed to fight against the rising security threats. Cyber criminals carry out a broad range of cyber attacks with various tactics and tactics against organizations and individuals in order to compromise and breach organization’s network, data and the three aspects of it i.e Confidentiality, Integrity and Availability. Nowadays, organizations need a specific plan that focuses on cyber security retention. The Corona Virus Disease-2019 pandemic has created new challenges for businesses as they adapt to an operating model in which working from home has become the ‘new normal’. Companies are accelerating their digital transformation and the cyber security aspect is an important and a major upkeep challenge.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

“…Under this, various tools comes which helps in fighting against any unwanted activities which can occur in due course of time. Common tools in cyber security are Security Incident and Event Management (SIEM), anti-virus, anti-malware [7], [14] .…”

Section: Mechanismmentioning

confidence: 99%

An Ontology of Cyber Security Automation

Brahma¹,

Kalita²

2023

Data Science and Intelligent Computing Techniques

View full text Add to dashboard Cite

show abstract

“…Penetration testing is prevalent in all software security practices [23], [24] and was defined as the art of finding an open door in 2002 [25]. Penetration testing is a postdeployment vulnerability assessment task that is conducted as an isolated test process in a manual and even ad hoc manner [26]- [29]. Penetration testing is used as a testing methodology to overcome security issues and fit with requirements for mobile, cloud, and web applications [18], [30].…”

Section: Applications Use Cloudmentioning

confidence: 99%

“…Penetration testing is a postdeployment vulnerability assessment task that is conducted as an isolated test process in a manual and even ad hoc fashion [26]- [29]. This testing consists of finding an open door or bugs in the implementation of computer systems [25] that are installed to compromise the system security by attempting to attack the system and exploit its vulnerabilities [67].…”

Section: A Rq1: What Is the Significance Of Performing Penetration Testing Of The MCC Application?mentioning

confidence: 99%

Systematic Literature Review on Penetration Testing for Mobile Cloud Computing Applications

et al. 2019

View full text Add to dashboard Cite

Mobile cloud computing (MCC) enables mobile devices to exploit seamless cloud services via offloading, and has numerous advantages and increased security and complexity. Penetration testing of mobile applications has become more complex and expensive due to several parameters, such as the platform, device heterogeneity, context event types, and offloading. Numerous studies have been published in the MCC domain, whereas few studies have addressed the common issues and challenges of MCC testing. However, current studies do not address MCC and penetration testing. Therefore, revisiting MCC and penetration testing domains is essential to overcoming the inherent complexity and reducing costs. Motivated by the importance of revisiting these domains, this paper pursues two objectives: to provide a comprehensive systematic literature review (SLR) of the MCC, security and penetration testing domains and to establish the requirements for penetration testing of MCC applications. This paper has systematically reviewed previous penetration testing models and techniques based on the requirements in Kitchenham's SLR guidelines. The SLR outcome has indicated the following deficiencies: the offloading parameter is disregarded; studies that address mobile, cloud, and web vulnerabilities are lacking; and a MCC application penetration testing model has not been addressed by current studies. In particular, offloading and mobile state management are two new and vital requirements that have not been addressed to reveal hidden security vulnerabilities, facilitate mutual trust, and enable developers to build more secure MCC applications. Beneficial review results that can contribute to future research are presented.INDEX TERMS Mobile cloud computing, penetration testing, offloading, mobile testing, cloud testing.

show abstract

Fuzz Test Case Generation for Penetration Testing in Mobile Cloud Computing Applications

Al‐Ahmad

Kahtan

2018

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

Penetration testing automation assessment method based on rule tree

Cited by 7 publications

References 6 publications

An Ontology of Cyber Security Automation

An Ontology of Cyber Security Automation

Systematic Literature Review on Penetration Testing for Mobile Cloud Computing Applications

Fuzz Test Case Generation for Penetration Testing in Mobile Cloud Computing Applications

Contact Info

Product

Resources

About