Software security: Threats, solutions and challenges
Vol 6, Issue 1, 2023
VIEWS - 578 (Abstract) 253 (PDF)
Abstract
Software security is of great concern as computers have entered almost all walks of life and people at large have become dependent on technology for not only entertainment and communication but for performing tasks involving money and a lot of stake. Software security not only involves securing the software but also user data and communication media. This paper states the several types of security threats that exist since the time networking has evolved, namely, malware, Trojans, viruses, denial of service attacks, and many more. This paper reviews several measures to address these threats. It includes logging, anti-malware, network security methods, and encryption methods. It has been identified that a lot of work has been done to deal with security threats, and it is not only limited to the protection of software but also extends to the protection of data and networks. The existing methods make extensive use of artificial intelligence, and it is identified that there is a need to develop a model that is able to identify known as well as unknown threats. There is a huge scope for research in this area.
Keywords
Full Text:
PDFReferences
1. Negrea PC. A Comprehensive Analysis of High-Impact Cybersecurity Incidents: Case Studies and Implications [Master’s thesis] Babeș–Bolyai University; 2024.
2. Humayun M, Niazi M, Jhanjhi N, et al. Cyber security threats and vulnerabilities: A systematic mapping study. Arabian Journal for Science and Engineering 2020; 45(4): 3171–3189. doi: 10.1007/s13369-019-04319-2
3. Divya S. A survey on various security threats and classification of malware attacks, vulnerabilities and detection techniques. International Journal of Computer Science & Applications (TIJCSA) 2013; 2(04).
4. Kramer S, Bradfield JC. A general definition of malware. Journal in Computer Virology 2009; 6(2): 105–114. doi: 10.1007/s11416-009-0137-1
5. Mirkovic J, Reiher P. A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communication Review 2004; 34(2): 39–53. doi: 10.1145/997150.997156
6. Jain V, Sahu DR, Tomar DS. Session hijacking: Threat analysis and countermeasures. In: Proceedings of 2015 International Conference on Futuristic Trends in Computational Analysis and Knowledge Management; 25–27 February 2015; Greater Noida, India.
7. Orabi M, Mouheb D, Al Aghbari Z, et al. Detection of bots in social media: A systematic review. Information Processing & Management 2020; 57(4): 102250. doi: 10.1016/j.ipm.2020.102250
8. Geer D. Malicious bots threaten network security. Computer 2005; 38(1): 18–20. doi: 10.1109/mc.2005.26
9. Ferrara E, Varol O, Davis C, et al. The rise of social bots. Communications of the ACM 2016; 59(7): 96–104. doi: 10.1145/2818717
10. Koyun A, Al Janabi E. Social engineering attacks. Journal of Multidisciplinary Engineering Science and Technology (JMEST) 2017; 4(6): 7533–7538.
11. Conti M, Dragoni N, Lesyk V. A survey of man in the middle attacks. IEEE Communications Surveys & Tutorials 2016; 18(3): 2027–2051. doi: 10.1109/comst.2016.2548426
12. van der Merwe JR, Zubizarreta X, Lukcin I, et al. Classification of spoofing attack types. In: Proceedings of 2018 European Navigation Conference (ENC); 14–17 May 2018; Gothenburg, Sweden. pp. 91–99. doi: 10.1109/euronav.2018.8433227
13. Hong J. The state of phishing attacks. Communications of the ACM 2012; 55(1): 74–81. doi: 10.1145/2063176.2063197
14. Bhavsar V, Kadlak A, Sharma S. Study on phishing attacks. International Journal of Computer Applications 2018; 182(33): 27–29. doi: 10.5120/ijca2018918286
15. Guan A, Chen CM. A novel verification scheme to resist online password guessing attacks. IEEE Transactions on Dependable and Secure Computing 2022; 19(6): 4285–4293. doi: 10.1109/tdsc.2022.3174576
16. Christodorescu M, Jha S, Seshia SA, et al. Semantics-aware malware detection. In: Proceedings of 2005 IEEE Symposium on Security and Privacy (S&P’05); 8–11 May 2005; Oakland, CA, USA. pp. 32–46. doi: 10.1109/sp.2005.20
17. Ye Y, Li T, Adjeroh D, et al. A survey on malware detection using data mining techniques. ACM Computing Surveys 2017; 50(3): 1–40. doi: 10.1145/3073559
18. Sen S, Aydogan E, Aysan AI. Coevolution of mobile malware and anti-malware. IEEE Transactions on Information Forensics and Security 2018; 13(10): 2563–2574. doi: 10.1109/tifs.2018.2824250
19. Aslan O, Samet R. A comprehensive review on malware detection approaches. IEEE Access 2020; 8: 6249–6271. doi: 10.1109/access.2019.2963724
20. Gaurav A, Gupta BB, Panigrahi PK. A comprehensive survey on machine learning approaches for malware detection in IoT-based enterprise information system. Enterprise Information Systems 2022; 17(3). doi: 10.1080/17517575.2021.2023764
21. Gopinath M, Sethuraman SC. A comprehensive survey on deep learning based malware detection techniques. Computer Science Review 2023; 47: 100529. doi: 10.1016/j.cosrev.2022.100529
22. Mukkamala PP, Rajendran S. A survey on the different firewall technologies. International Journal of Engineering Applied Sciences and Technology 2020; 5(1): 363–365. doi: 10.33564/ijeast.2020.v05i01.059
23. Tudosi AD, Graur A, Balan DG, et al. Design and implementation of a distributed firewall management system for improved security. In: Proceedings of 2023 22nd RoEduNet Conference: Networking in Education and Research (RoEduNet); 21–22 September 2023; Craiova, Romania. pp. 1–6. doi: 10.1109/roedunet60162.2023.10274920
24. Rajkumar B, Arunakranthi G. Evolution for a secured path using NexGen firewalls. In: Proceedings of 2022 OPJU International Technology Conference on Emerging Technologies for Sustainable Development (OTCON); 8–10 February 2023; Raigarh, Chhattisgarh, India. pp. 1–6. doi: 10.1109/otcon56053.2023.10113935
25. Madhloom JK, Noori ZH, Ebis SK, et al. An information security engineering framework for modeling packet filtering firewall using neutrosophic petri nets. Computers 2023; 12(10): 202. doi: 10.3390/computers12100202
26. Marin GA. Network security basics. IEEE Security and Privacy Magazine 2005; 3(6): 68–72. doi: 10.1109/msp.2005.153
27. Guan ZH, Huang F, Guan W. Chaos-based image encryption algorithm. Physics Letters A 2005; 346(1–3): 153–157. doi: 10.1016/j.physleta.2005.08.006
28. Alexan W, Elkandoz M, Mashaly M, et al. Color image encryption through chaos and KAA map. IEEE Access 2023; 11: 11541–11554. doi: 10.1109/access.2023.3242311
29. Buchanan WJ, Li S, Asif R. Lightweight cryptography methods. Journal of Cyber Security Technology 2017; 1(3–4): 187–201. doi: 10.1080/23742917.2017.1384917
30. Hasan H, Ali G, Elmedany W, et al. Lightweight encryption algorithms for Internet of Things: A Review on security and performance aspects. In: Proceedings of 2022 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT); 20–21 November 2022; Sakheer, Bahrain. doi: 10.1109/3ict56508.2022.9990859
DOI: https://doi.org/10.24294/csma.v6i1.3769
Refbacks
- There are currently no refbacks.
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
This site is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.