Software vulnerabilities in TensorFlow-based deep learning applications

Filus, Katarzyna; Domańska, Joanna

doi:10.1016/j.cose.2022.102948

Cited by 14 publications

(2 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Though they are still under development, AI-powered authentication solutions are becoming more widespread. AI could be employed to identify and take advantage of these systems' flaws to access users' accounts [135], [139], [140]. • Online banking system attacks could be automated using ML.…”

Section: ) Artificial Intelligence Challengementioning

confidence: 99%

Online Banking User Authentication Methods: A Systematic Literature Review

Karim,

Khashan,

Kanaker

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Online banking has become increasingly popular in recent years, making it a target for cyberattacks. Banks have implemented various user authentication methods to protect their customers' online accounts. This paper reviews the state-of-the-art user authentication methods used in online banking and potential cyber threats. This paper starts by exploring different user authentication methods, such as knowledge-based authentication (KBA), biometrics-based authentication (BBA), possession-based authentication (PBA), and other methods. The advantages and disadvantages of each user authentication method are then discussed. Furthermore, the paper discusses the various cyber threats that can compromise user authentication for online banking systems, such as malware attacks, social engineering, phishing attacks, man-in-the-middle (MiTM) attacks, denial of service (DoS) attacks, session hijacking, weak passwords, keyloggers, SQL injection, and replay attacks. Also, the paper explores the user authentication methods used by popular banks, which can provide insights into best practices for safeguarding online banking accounts and future user authentication methods in online banking and cyber threats. It states that the increasing use of BBA, two-factor authentication (2FA), and multi-factor authentication (MFA) will help improve the security of online banking systems. However, the paper also warns that new cyber challenges will emerge, and banks need to be vigilant in protecting their customers' online banking accounts.

show abstract

Section: ) Artificial Intelligence Challengementioning

confidence: 99%

Online Banking User Authentication Methods: A Systematic Literature Review

Karim,

Khashan,

Kanaker

et al. 2024

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Addressing published vulnerabilities without understanding enterprise risk may result in a significant amount of time and effort devoted to vulnerabilities that may not be pertinent to the enterprise (Erola et al , 2022, NVD, Filus and Domańska, 2023; Johnson et al , 2016; Beattie et al , 2002). With the intensity and frequency of ERP attacks increasing over the last decade (Erola et al , 2022; Halbouni et al , 2022), the risk to the organization as these systems control and track the operations of the company (Chaudhry et al , 2012) has also increased considerably.…”

Section: Introductionmentioning

confidence: 99%

Lost in the middle – a pragmatic approach for ERP managers to prioritize known vulnerabilities by applying classification and regression trees (CART)

Mathieu,

Turovlin

2023

ICS

View full text Add to dashboard Cite

Purpose Cyber risk has significantly increased over the past twenty years. In many organizations, data and operations are managed through a complex technology stack underpinned by an Enterprise Resource Planning (ERP) system such as systemanalyse programmentwicklung (SAP). The ERP environment by itself can be overwhelming for a typical ERP Manager, coupled with increasing cybersecurity issues that arise creating periods of intense time pressure, stress and workload, increasing risk to the organization. This paper aims to identify a pragmatic approach to prioritize vulnerabilities for the ERP Manager. Design/methodology/approach Applying attention-based theory, a pragmatic approach is developed to prioritize an organization’s response to the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) vulnerabilities using a Classification and Regression Tree (CART). Findings The application of classification and regression tree (CART) to the National Institute of Standards and Technology’s National Vulnerability Database identifies prioritization unavailable within the NIST’s categorization. Practical implications The ERP Manager is a role between technology, functionality, centralized control and organization data. Without CART, vulnerabilities are left to a reactive approach, subject to overwhelming situations due to intense time pressure, stress and workload. Originality/value To the best of the authors’ knowledge, this work is original and has not been published elsewhere, nor is it currently under consideration for publication elsewhere. CART has previously not been applied to the prioritizing cybersecurity vulnerabilities.

show abstract