Call for Paper - January 2023 Edition
IJCA solicits original research papers for the January 2023 Edition. Last date of manuscript submission is December 20, 2022. Read More

Measurement of Security Dangers in University Network

Print
PDF
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Year of Publication: 2016
Authors:
Umesh Kumar Singh, Chanchala Joshi, Neha Gaud
10.5120/ijca2016911584

Umesh Kumar Singh, Chanchala Joshi and Neha Gaud. Measurement of Security Dangers in University Network. International Journal of Computer Applications 155(1):6-10, December 2016. BibTeX

@article{10.5120/ijca2016911584,
	author = {Umesh Kumar Singh and Chanchala Joshi and Neha Gaud},
	title = {Measurement of Security Dangers in University Network},
	journal = {International Journal of Computer Applications},
	issue_date = {December 2016},
	volume = {155},
	number = {1},
	month = {Dec},
	year = {2016},
	issn = {0975-8887},
	pages = {6-10},
	numpages = {5},
	url = {http://www.ijcaonline.org/archives/volume155/number1/26567-2016911584},
	doi = {10.5120/ijca2016911584},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}
}

Abstract

Today’s universities are on the forefront of technological advancement which makes University’s computing environment particularly vulnerable because in contrast to hacking targets like banks and others, college and university computing environments are often large open networks. This paper assessed the security threats evolve specifically in University’s information technology environment; and proposes risk management framework for University computing environment, to guide security and risk executives through the process of network security management. The proposed model lower the risk of security breach by supporting three phase activities; the first phase identified the threats and vulnerabilities in order to know the weak point in educational environment, the second phase focuses on the highest risk which means it prioritize what matters most and create actionable remediation plan, the third phase of risk assessment model recognizes the vulnerability management compliance requirement in order to improve organization’s security position. The proposed framework can be applied to any higher educational organization or University’s IT environments; it enables Universities to stay a step ahead of security threats and also to get more value from their security budget, by focusing on critical assets that are truly at risk

References

  1. Cisco Adaptive Threat Defense for Education Networks, whitepaper, Available : http://www.cisco.com/c/dam/en_us/solutions/industries/docs/higher_CampusSecure_defense_WP.pdf
  2. C. Alberts, and A. Dorofee, “An Introduction to the OCTAVE Method. Software Engineering Institute”, Carnegie Mellon University, USA, 2010.
  3. C. Joshi and U. Singh, “A Review on Taxonomies of Attacks and Vulnerability in Computer and Network System”. International Journal of Advanced Research in Computer Science and Software Engineering (IJRCSSE) Volume 5, Issue 1, January 2015, pp 742-747.
  4. C. Joshi C. and U. Singh, “ADMIT- A Five Dimensional Approach towards Standardization of Network and Computer Attack Taxonomies”. International Journal of Computer Application (IJCA, 0975 – 8887), Volume 100, Issue 5, August 2014, pp 30-36.
  5. B. Dixon, “Understanding the FAIR Risk Assessment”, Nebraska CERT Conference 2009.
  6. Guide for Applying the Risk Management Framework to Federal Information Systems, U.S. Department of Commerce, February 2010.
  7. Prioritizing Information Security Risks with Threat Agent Risk Assessment, whitepaper, February 2010.
  8. C. Joshi and U. Singh, “Analysis of Vulnerability Scanners in Quest of Current Information Security Landscape” International Journal of Computer Application (IJCA, 0975 – 8887), Volume 145 No 2, July 2016, pp. 1-7.
  9. C. Joshi, and U. K Singh, “Performance Evaluation of Web Application Security Scanners for More Effective Defense” International Journal of Scientific and Research Publications (IJSRP), Volume 6, Issue 6, June 2016, ISSN 2250-3153, pp 660-667.
  10. CVSS v3.0 specification document, Available: https://www.first.org/cvss/specification-document.
  11. P. Mell, K. Scarfone, and S. Romanosky, “CVSS: A complete Guide to the Common Vulnerability Scoring System Version 2.0”, Forum of Incident Response and Security Teams (FIRST), 2007.
  12. R. Marchany, “Higher Education: Open and Secure”, A SANS Analyst Survey, June 2014.
  13. Overview of Vulnerability Scanners, whitepaper, Available: http://www.infosec.gov.hk/english/technical/files/vulnerability.pdf.
  14. U. K. Singh and C. Joshi, “A Framework for Security Risk Level Measures Using CVSS for Vulnerability Categories”, accepted in ICCCNS 2016: 18th International Conference on Computer Communications and Networks Security.
  15. U. K. Singh and C. Joshi, “Quantitative Security Risk Evaluation using CVSS Metrics by Estimation of Frequency and Maturity of Exploit”, The World Congress on Engineering and Computer Science (WCECS 2016) San Francisco, USA.

Keywords

CVSS; security risk; security threats; university campus network; vulnerability