IJISC
  • Indexed in

  • Latest News

    July 1, 2024
    Volume 13, Issue 1 of the International Journal of Information Security and Cybercrime was published
    December 27, 2023
    Volume 12, Issue 2 of the International Journal of Information Security and Cybercrime was published
    June 28, 2023
    Volume 12, Issue 1 of the International Journal of Information Security and Cybercrime was published
  • --- More News ---
  • Popular Articles

  • Vulnerabilities of Information Systems


    Author(s): BRUMĂ, Ovidiu-Vasile

    Quick view | Full article | Citations | Views: 324


    Author(s) keywords: , ,


    Reference keywords: ,


    Abstract:

    Vulnerability of Information Systems is a major concern these days in all spheres of financial, government and even private sectors. There have been limited attempts in addressing the people who use the computers though they are the greatest loophole in information systems security. Even though most of the organizations have realized the value of information and the part it plays in the success of the business, yet only a few take adequate measures in ensuring the security of their information, preventing unauthorized access, securing data from intrusion and unapproved disclosures etc. This paper examines and addresses the threats end-users pose to systems security and provides solutions for two of the most dangerous vulnerabilities: Buffer Overflow, SQL Injection.



    References:

    [1]. M. Rouse, "TechTarget," [Online]. Available: https://whatis.techtarget.com/definition/vulnerability. [Accessed 30 November 2019].
    [2]. S. Mohanty, "DZone," [Online]. Available: https://dzone.com/articles/5-important-software-vulnerability-and-attacks-tha. [Accessed 05 December 2019].
    [3]. Veracode, "WHAT IS A BUFFER OVERFLOW?," [Online]. Available: https://www.veracode.com/security/buffer-overflow. [Accessed 05 December 2019].
    [4]. MITRE, CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), [Online]. Available: https://cwe.mitre.org/data/definitions/89.html. [Accessed 30 November 2019].
    [5]. Portswigger. [Online]. Available: https://portswigger.net/web-security/sql-injection. [Accessed 06 December 2019].
    [6]. P. Rubens, [Online]. Available: https://www.esecurityplanet.com/threats/how-to-prevent-sql-injection-attacks.html. [Accessed 06 December 2019].



    Additional Information

    Article Title: Vulnerabilities of Information Systems
    Author(s): BRUMĂ, Ovidiu-Vasile
    Date of Publication: 2020-06-22
    Publication: International Journal of Information Security and Cybercrime
    ISSN: 2285-9225 e-ISSN: 2286-0096
    Digital Object Identifier: 10.19107/IJISC.2020.01.01
    Issue: Volume 9, Issue 1, Year 2020
    Section: Advances in Information Security Research
    Page Range: 9-14 (6 pages)



    Copyright ©2012-2024
    The International Journal of Information Security and Cybercrime (IJISC)

    All rights reserved
    The International Journal of Information Security and Cybercrime is a trademark of the Romanian Association for Information Security Assurance (RAISA).
    No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from RAISA. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Romanian Association for Information Security Assurance, if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.