A study of network security using penetration testing

Shanmugapriya, R.

doi:10.1109/icices.2013.6508375

Cited by 8 publications

(4 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Xiong et al [83] proposed a web penetration framework using the grey-box approach which could be incorporated in SDLC but it does not help in securing android application during design and development. Denis et al [24] explained different methods, tools and techniques of penetration testing and performed tests on smartphones. The attack results showed that 14.6% issues were due to the lack of application security hardening.…”

Section: Ii-background and Related Workmentioning

confidence: 99%

“…This type of hacking is considered legal because vulnerabilities are reported to the owner of the system so that improvements can be made to the system from a security point of view [40]. Deficiencies in the system network and applications can help the hackers in entering the system where they can damage the system [24]. The security and reliability (sr) of the application is dependent and directly proportional to the expertise (e) of the tester (sr ∝ e).…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Penetration Frameworks and Development Issues in Secure Mobile Application Development: A Systematic Literature Review

Haq

Khan

2021

IEEE Access

View full text Add to dashboard Cite

The invention of smartphones has opened a new market for mobile application development. Amateur android app developers often do not possess knowledge of the latest android vulnerabilities and thus create applications with attack surface that hackers exploit. In this literature review, many available frameworks and techniques have been analyzed using ISO/IEC 25010 software quality model and identified challenges that android developers face in designing a secure application for android. This paper also presents a comprehensive survey of different penetration tools, evaluated by using criteria such as code analysis, code review, vulnerability analysis, vulnerability exploit, payload and whether these can be used in vulnerability modeling during the design phase. Our study effectively identifies the issues and gaps which can further help develop a framework/tool for designing a penetration secure mobile application by embedding all the vulnerabilities during the design phase using an android vulnerability repository.

show abstract

Section: Ii-background and Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Penetration Frameworks and Development Issues in Secure Mobile Application Development: A Systematic Literature Review

Haq

Khan

2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Once inside, the social engineer will influence the victim to accept an infected CD or USB drive. This infection might cause the victim's machine to steal the password (Shanmugapriya, 2013), files from the local computer, or becomes part of a botnet. In the next section, different SE attacks strategies and theories will be explored.…”

Section: Attack Approachesmentioning

confidence: 99%

“…In this process, the attacker will attempt to tailgate; by pretending to be a technician and persuade the victim to insert a USB drive with an infected keylogger. The social engineer makes the victim believe that the keylogger is some trusted application and makes him insert it (Shanmugapriya, 2013). The result of this option will lead to the Armament phase to prepare the attack payload and proceed forward in attack phases.…”

Section: The Practical Implementation Of Conceptual Attack Modelmentioning

confidence: 99%

The Impact of Social Engineer Attack Phases on Improved Security Countermeasures

Karadsheh

Alryalat

Alqatawna

et al. 2021

International Journal of Digital Crime and Forensics

View full text Add to dashboard Cite

The objective of this paper is to examine a model to identify Social Engineer Attack Phases to improve the security countermeasures by Social-Engineer Involvement. A questionnaire was developed and distributed to a sample of 243 respondents who were actively engaged in 3 Jordanian telecommunication companies. All hypotheses were tested using (PLS-SEM). The results of the study indicate that Social Engineer Attack Phases (Identification the potential target, Target Recognition, Decision approach, and Execution) have a partially mediate and significant impact on improving the security countermeasures by Social-Engineer Involvement. On the other hand, the Social Engineer Attack Phases (Information Aggregations, Analysis and Interpretation, Armament, and Influencing) have a fully mediate and significant impact on improving the security countermeasures by Social-Engineer Involvement. The findings of this study help to provide deep insight to help security professionals prepare better and implement the right and appropriate countermeasures, whether technical or soft measures.

show abstract

Security Analysis on Android Application Through Penetration Testing

Katoch,

Garg

2023

Lecture Notes in Networks and Systems

View full text Add to dashboard Cite

A study of network security using penetration testing

Cited by 8 publications

References 9 publications

Penetration Frameworks and Development Issues in Secure Mobile Application Development: A Systematic Literature Review

Penetration Frameworks and Development Issues in Secure Mobile Application Development: A Systematic Literature Review

The Impact of Social Engineer Attack Phases on Improved Security Countermeasures

Security Analysis on Android Application Through Penetration Testing

Contact Info

Product

Resources

About