Info: Zenodo’s user support line is staffed on regular business days between Dec 23 and Jan 5. Response times may be slightly longer than normal.

Published September 1, 2021 | Version v1
Journal article Open

Vulnerability and risk assessment for operating system (OS) with framework STRIDE: comparison between VulnOS and Vulnix

  • 1. Department of Information System, School of Industrial Engineering, Telkom University, Indonesia

Description

The rapid development of information technology has made security become extremely. Apart from easy access, there are also threats to vulnerabilities, with the number of cyber-attacks in 2019 showed a total of 1,494,281 around the world issued by the national cyber and crypto agency (BSSN) honeynet project. Thus, vulnerability analysis should be conducted to prepare worst case scenario by anticipating with proper strategy for responding the attacks. Actually, vulnerability is a system or design weakness that is used when an intruder executes commands, accesses unauthorized data, and carries out denial of service attacks. The study was performed using the AlienVault software as the vulnerability assessment. The results were analysed by the formula of risk estimation equal to the number of vulnerability found related to the threat. Meanwhile, threat is obtained from analysis of sample walkthroughs, as a reference for frequent exploitation. The risk estimation result indicate the 73 (seventy three) for the highest score of 5 (five) type risks identified while later on, it is used for re-analyzing based on the spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of prvilege (STRIDE) framework that indicated the network function does not accommodate the existing types of risk namely spoofing.

Files

44 25237.pdf

Files (558.3 kB)

Name Size Download all
md5:563e96ed9fee15ee5efd3f61dd0f0cc5
558.3 kB Preview Download