A dynamic security model for addressing hacking risk factors

Abstract

Communication technologies have a significant influence on the business industry. Exchanging information, storing and retrieving data, and cutting communication costs are prime reasons for relying heavily on these technologies. However, these technologies are significantly affected by hacking. Due to neglecting the behaviour of hackers during the initial design stage of common security solutions, including firewalls, Intrusion Detection Systems, Intrusion Detection and Prevention Systems, Honeypot and Honeynet, successful hacking attempts still exist. This paper aims to investigate pre-hacking steps (footprinting, scanning, and enumeration) and to highlight the risk factors that are not considered during the development of current security solutions. These risk factors are the common causes of the failures of current security solutions against many hacking attempts. Moreover, this paper proposes a dynamic security model to guide security researchers towards proposing security countermeasures that address these risk factors, which eventually lead to minimising hacking risks.