Академический Документы
Профессиональный Документы
Культура Документы
Email address
rufaig6@gmail.com (R. Y. Zakari), najibabdulrazak15@gmail.com (N. Abdulraza)
*
Corresponding author
Received: November 8, 2015; Accepted: November 18, 2015; Published: June 24, 2016
Abstract
Nowadays, numerous journals and conferences have published articles related to computer security, indicating many
researchers interest. Therefore, the goal of this paper is to review the works that were published in journals, a classification
topic of computer security, and explore each features of classification. This paper is based on literature review of computer
security from 2010 to 2012 using a keyword index and article title search. The classification is developed based on the broad
topics of computer security, database security and software security. The articles are recognized based on the classification
topic. This allows researcher’s to extract several lessons that are important for the implementation of computer security.
Keywords
Classification, Computer Security, Literature Review, Keyword, Articles
The aim of the research is to review the works that were 2.2. Data Sources and Procedures to Extract
published in journal, a classification topics of computer Articles
security. The objectives of the research are as follows:
1 To classify and summarize research relevant for The papers were selected according to the procedures
computer security. shown in Fig.1. The data sources of this research were
2 To derive suggestions for computer security researchers secondary sources comprises of journal article on computer
based on the literature review. securities from 2010-2012. The articles were selected as
How can enormous data, information and knowledge follows: first of all the articles were searched using one
having different format be of suitable service to the user? online database. Almost 200 journals were subjected to this
What are the designed patterns of computer security? research. Only journals that have the words (s) “security” in
The literature search was based on the search of three the title or in their abstracts were selected. Although this
descriptors: network security, database security and software research was not exhaustive, it serves as a better
security understanding of computer security search. Many articles
were excluded because they did not have the word of
computer security in the titles and abstracts. Next, the articles
2. Procedures were carefully reviewed to select those that considered
A total of 111 articles from 2000 to 2012 were obtained computer security as the core part.one hundred and eleven
and reviewed. Articles were found via computerized search articles remained because the remaining articles did not meet
of the topic areas. The search was narrowed using computer the second selection criteria.
security. A detail illustration of methodology for extracting
articles is followed
and the other that publish only one article or no more than
three related to computer security are omitted. Computer and
security is closely connected to computer security, therefore
journals which published articles relevant to computer
security.as table 4.1 shows computer and security published
the most articles on computer security (13 articles, 12%).
network security and computer communication published 10
articles (9%) and 8 articles (7%) respectively. Distribution of
article according to the journal shown that various journals
have published articles relevant to computer security
The article by journal are categorized in table 3, the above Classification criteria References
table shows the number of articles , percentage of subject, Network security
and percentage of all subject, while tables 4, 5 and 6 Authentication biometric [26], [44], [45]
represent all references of computer security articles. The PKI [19][5][3]
network security has the highest percentage of computer
VPN [71]
security articles (80 articles 72%) in network security the
[18], [51], [49], [14], [53], [101],
categories are divided into six (6) subjects. Most of the smart card
[80]
articles are related to intrusion detection (29 articles), access encryption [61], [33], [47]
control (14 articles) and authentication’’ (articles). [99], [73], [11], [67], [91], [33],
Authentication is divided into 6 categories namely smart card Access control
[102], [22], [12], [24], [31]
(10 articles), biometric (3 articles), V.P.N (1 articles), P.K.I Firewall [30], [60], [27], [75],
(7 articles), encryption (6 articles), firewall (10 articles) [15], [55], [35], [67], [22], [65], [4],
The second highest percentage of computer Security [43], [58],[33], [47]
IDS
articles is software security (19 articles, 10.8%), which has [8], [6], [50], [16], [79], [28], [42],
four categories. The touch point (5 articles) are composed of [23], [20], [37], [56],
architecture analysis (3 articles)
Table 5. References of software security.
Table 3. Classification of articles by subjects.
Classification criteria References
Classification Number Percentage of Percentage of all Software Security
criteria of articles subjects (%) subjects (%)
Touchpoints architecture analysis [104], [62], [107], [105], [46]
Network security 80 100 72.0
Intrusion Code review [54]
29 32.3 26.1
detection Security testing [72], [106]
Access control 14 17.5 12.6
Intelligence
Firewall 10 12.7 9.0
Encryption 6 7.5 5.4 Attack models [9],
Authentication 21 26.3 18.9 Security features & design [109]
Biometric 3 3.8 2.7 Requirement practices [21], [57]
Smart card 10 12.5 9.0
Deployment
P.K.I 7 8.8 6.3
Configuration management and [40], [88]
V.P.N 1 1.3 0.9
vulnerability
Database security 12 100 10.8
Software environment [109], [1],[3]
Auditing 2 16.7 1.8
Multilevel 2 16.7 1.8 Penetration testing [109]
Inference 2 16.7 1.8
Database Table 6. References of database security.
1 8.3 0.9
vulnerability
Access control 5 41.7 4.5 Classification criteria References
Software security 19 100 17.1 Database security Access control [38], [39], [73], [19]
Touchpoint 8 42.1 7.2 Database inference [71], [4]
Code review 5 5.3 0.9
Auditing [7], [87]
Security 2 10.5 1.8
Architecture Database vulnerability [95]
5 26.3 4.5
analysis Multilevel security [6]
Intelligence 5 26.3 4.5
Attack models 2 10.5 1.8 In the below network security has the highest percentage of
Security features
1 5.3 0.9 computer security articles, in which the most explored subject
& design
Requirement is the intrusion detection. This represents that the computer
2 10.5 1.8 securities studies are in develop stage and much research have
practices
Deployment 6 31.6 5.4 been conducted in this area. The fewest of computer security
Penetration articles are related to database security. Fig 5 shows the
2 10.5 1.8
testing number of articles by year and classification frame work.
Software
environment
3 15.9 2.7 Article of network security have increased in 2010 but
Configuration decrease in 2012; in 2010 article of software security have the
1 5.3 0.9
management highest number of articles but the articles reduced in 2011, and
Total 111 100 increase in 2012; database security have the least number of
articles which increase in 2012 from 2011
International Journal of Computer Science and Control Engineering 2016; 4(2): 6-13 10
[25] Furnell, S. Mac Security: An Apple that can't be bitten? Computers and Security,30(6-7), 353-375.
Network Security, 7-11, 2011.
[43] Jose M. Bande Serrano, J. H. (2012, 3 15). String alignment
[26] Gaurav Bhatnagar, Q. J. (2010). Biometric Template Security pre-detection using unique subsequences for FPGA based
based on Watermarking. Procedia Computer Science, 227- network intrusion detection. Computer Communications,
235. 35(6), 720-728.
[27] Gold, S. (2011, 2). The future of the firewall. Network [44] Kashif Iqbal, M. O. (2012, 6). Content based image retrieval
Security, 2011(2), 13-15. approach for biometric security using colour, texture and
shape features controlled by fuzzy heuristics. Journal of
[28] Soliman, N. A. (2012, 11). A comparative performance Computer and System science ,78(4), 1258-1277.
evaluation of intrusion detection techniques for hierarchical
wireless sensor networks. H.H. Soliman, Noha A. Hikal, [45] Konstantin Stoychev Tsvetkov, T. G. (2012). An Alternative
Nehal A. Sakr, 13(3), 225-238. Approach and Attempt to Come Up with a Standard for
Biometric User Authentication in a Network Based
[29] Hamelin, M. (2010, 6). Preventing firewall meltdowns. Environment. Procedia - Social and Behavioral Science,
Network security, 2010(6), 15-16. 47,74-78.
[30] Hamelin, M. (2011, 2). Preparing for a firewall audit. Network [46] Lawrence Chung, M. N. (2012,3). Novel approaches in the
security, 2011(2), 18-19. desugn and implementation of system/ software architecture.
Journal of systems and software,85(3) 459-462.
[31] Haodong Wang, Q. L. (2011, 5). Achieving distributed user
access control in sensor networks. Ad Hoc Networks,10(3), [47] Lei Zhang, Q. W. -F. -N. (2011, 10 27). Assymmetric group
272-283. key agreement protocol for open networks and its application
to broadcast encryption. Computer Networks, 55(15), 3246-
[32] Hataichanok Unphon, Y. D. (2011, 10). Software architecture 3255.
awareness in long term software product evolution. Journal of
System and Software , 83(11), 2211-2226. [48] Lo- Yao Yeh, Y. -C. C. -L. (2011, 3 15). PAACP: A portable
privacy-preserving authentication and access control protocol
[33] He XU, S.-P. W.-c.-q. (2011, 10). Efficient P2P-based mutual in vehicle ad hoc networks. Computer Communication, 34(3)
authentication protocol for RFID system security of EPC 447-456.
network using asymmetric encryption algorithm. The journal
of china Universities of Posts and Telecommunication , 18(1), [49] Luigi Catuogno, R. G. (2012). smartK: Smart cards in
40-47. operating systems at kernal level. Information Security
Technical Report, Available online.
[34] Hongchao Wang, H.Z.-Y.-C. (2010, 6). A universe access
control method based on host identifiers for future internet." [50] Mrutyunjaya Panda, A. A. (2012). A Hybrid Intelligent
Computers & Mathematics with Application Volume, 60(2), Approach for Network Intrusion Detection. Procedia
176-186. Engineering, 30, 1-9.
[35] Hugo Gascon, A. O. (2011, 9). Analysis of update delays in [51] Muhammad Khurram Khan, S.-K. K. (2011, 3 15).
signature based network intrusion detection system,Computers Cryptanalysis and security enhancement of a more efficient &
& Security 30(18), 613-624. secure dynamic ID based remote user authentication.
Computer Communication 34(3), 305-309.
[36] Interfaces, C. S (2011, 1). SecurOntology: A semantic web
access control framework. Angel Garcia-Crespo, Juan Miguel [52] N. K. Sreelaja, G. V. (2010, 10). Ant colony optimization
Gomez-Berbis, Ricardo Colomo-Palacios, Giner Alor- based approach for efficient packet filtering in firewall.
Hernandez , 33(1), 42-49. Applied Soft Computing , 10(4), 1222-1236.
[37] Ioanna Kantzavelou, S. K. (2010, 11). A game based intrusion [53] N. K. Sreelaja, G. V. (2012, 9). Stream cipher for binary
detection mechanism to confront internet attackers. Computers image encryption using Ant Colony Optimization based key
& Security, 29(8), 859-874. generation. Applied Soft Computing, 12(9), 2879-2895.
[38] Jenny Abramov, A. S. (2012, 9). Evaluation of the Pattern [54] Nahid Shahmehri, A. M. (2012, 9). An advanced approach for
based method for Secure Development (PbSD): A controlled modelling and detection software vulnerabilities. Information
experiment. Information and Software Technology, 54(9), Software Technology 54(9), 997-1013.
1029-1043.
[55] L. V. Ning Weng, L. V. (2011, 6 1). Deep packet pre-filtering
[39] Jenny Abramov, O. A. (2012, 5). A methodology for and finite state encoding for adaptive intrusion detection
integrating access control policies within database system," Computer Networks, 55(8), 1648-1661.
development. Computer & Security, 31(3), 299-314.
[56] Nitesh B. Guinde, S. G. (2010, 10). Efficient hardware support
[40] Jing Dong, T. P. (2011, 3). Automated Verification of security for pattern matching in network intrusion detection. Computer
pattern composition. Information and Software Technology, & Security, 29(7), 756-769.
52(3), 274-295.
[57] P. Salini, S. K. (2012, 11). Survey and analysis on Security
[41] Joan Arnedo-Moreno, J.H.-J. (2010, 1). JTXA resource access Requirement Engineering. Computer & Electrical
control by means of advertisement encryption. Future Engineering, 38(6). 1785-1797.
Generation Computer System, 26(1), 21-28.
[58] Pedro Casas, J. M. (2012, 4). Unsupervised Network Intrusion
[42] Jonathan J. DAvis, A. J. (2011, 9). Data processing for Detection System: Detecting the Unknown without
anomaly based network intrusion detection: A review. knowledge. Computer Communications, 35(7), 772-783.
International Journal of Computer Science and Control Engineering 2016; 4(2): 6-13 12
[59] Pengcheng Zhang, H. M. (2011). A classification and [76] Yang Cao, C. H. (2011, 10). Secure Method for Software
comparism of model checking software architecture Upgrades for Implantable Medical Devices. Tsinghua Science
techniques. Journal of System and Softeware, 723-744. & Technology, 5(5), 517-525.
[60] R. Madhusudhan, M. R. (2011, 7). Dynamic ID based remote [77] Yanrong Shi, Y. H. (2011). CA Prototype System of Campus
user password authentication schemes using smart cards: A Network Based on PKI. Procedia Engineering , 3684-3688.
review. Journal of Network and Computer Applications 55(4),
1235-1248. [78] Yu-Chi Huang, K. L. P. -Y. (2012, 3). A history based cost
cognizant test case prioritization technique in regression
[61] Richard Macfarlane, W. B. (2012, 3). Formal security policy testing. Journal of System and Software, 85(3) 626-637.
implementation in network firewalls. Computers and Security
31(2), 253-270. [79] Yuk Ying, N. W. (2012, 9). A hybrid network intrusion
detection system using simplified swarm optimization (SSO).
[62] Rick Kazman, M. G. (2012, 7). Scaling up software Applied Soft Computing, 12(9), 3014-3022.
architecture analysis. Journal of Systems and Software,85(7),
1511-1519. [80] Zhang Lima, M. H. (2011). The security Email based on
Smart Card. Physics Procedia 33, 1634-1639.
[63] Robin B. Matthews, M. R. (2012, 12 24). Adapting crops and
cropping systems to future climates to ensure food security: [81] "On the versatility of radial basis function neural networks: A
The role of crop modelling. Global Food Security, Available case study in the field of intrusion detection," Information
online. Science, pp. 2421-2439, 2010, 6 15.
[64] Sanaz Rahimi, M. Z. (2012, 12). Analysis of the security of [82] "Sender access and data distribution control for inter domain
VPN configuration in industrial control environment. multicast groups," Computer networks, pp. 1646-1671, 2010,
International Journal of Critical Infrastructure Protection, 6.
5(1). 3-13, 2012, 3.
[83] "Reputation based role assignment for role based access
[65] Sergio Pastrana, A. M. -L. (2012, 12). Evaluation of control in wireless sensors networks," computer
classification algorithms for intrusion detection in MANETS. communication, pp. 281-294, 2011, 3 15.
Knowledge Based System, 36 217-225.
[84] "Software flaws set to double," Network security, p. 20, 2011.
[66] Sevil Sen, J. A. (2011, 10 7). Evolutionary computation
technique for intrusion detection in mobile ad hoc networks. [85] "Web security under threat," Network seurity , pp. 1-2, 2011,
Sevil Sen, John A. Clark, 25(15), 3441-3457. 10.
[67] Shigen Shen, Y. L. (2011, 9). Signaling game based strategy of [86] "Next generation firewalls: security with performance,"
intrusion detection in wireless sensor networks. Computers & Network security , 2012, 12.
Mathematics with Application, 62(2), 2404-2416. [87] Liang Fu Lu, "A new concentric-circle visualization of multi-
[68] Stere Preda, F. C.- B. -A. (2011, 6). Dynamic deployment of dimensional data and its application in network security,"
context aware access control policies for constrained security Journal of Visual Languages & Computing, vol. 21, no. 4, pp.
devices. Journal of Systems and Software, 84(7), 1144-1159. 194-208, 2010.
[69] Tae Kyou Park, H. S. K. (2012). Fine grained log Audition [88] M. Patrick, E. R. and J. W., "Trust considerations on attitudes
based on secure OS, user command and SQL query. Procedia towards online purchasing: The moderating effect of privacy
Engineering, 50, 381-387. and security concerns," Journal of Business Research, vol. 63,
no. 9-10, pp. 1018-1024, 2010.
[70] Tien Ho Chen, H. C. H. K. (2011, 4). Security enhancement
on an improvement on two remote user authentication [89] J. B. and L. W., "A sound and complete model-generation
schemes using smart cards. Future Generation Computer procedure for consistent and confidentiality-preserving
Systems, 27(4) 377- 380. databases," Theoretical Computer Science, vol. 420, no. 31,
pp. 4044-4072, 2011.
[71] Tyrone S. Toland, C. F. (2010, 2). The inference problem:
maintening maximal available in the presence of database [90] P. f. a. f. audit, "Preparing for a firewall audit," Network
updates. Computers and Security, 29(1) 88-103. Security, vol. 2011, no. 2, pp. 18-19, 2011.
[72] Vishal Midha, A. B. (2012, 12). Governance practice and [91] F. Malecki, "Next-generation firewalls: security with
software maintenance: A study of open source projects. performance," Network Security,, vol. 2012, no. 12, pp. 19-20,
Decision Support Systems, 5(1) 23-32. 2012.
[73] Walter V. Sujansky, S. A. (2010, 10). A method to implement [92] C.-S. C. and S. J.-H. Y., "A novel three-tiered visualization
fine-grained access control for personal health record through approach for firewall rule validation," Journal of Visual
standard relational database queries. Journal of Biomedical Languages & Computing, vol. 6, no. 22, pp. 401-414, 2011.
Information, 43(5), S46-S50. [93] Yen-Cheng Chen, Lo-Yao Yeh, "PAACP: A portable privacy-
[74] William M. Fitzgerald, S. N. (2011, 1). Aligning Semantic preserving authentication and access control protocol in
Web application with networks access controls. Computer vehicular ad hoc networks," Computer Communications, vol.
Standards & Interfaces, 33(1), 24-34. 34, no. 3, pp. 447-456, 2011.
[75] Wu,Q.- X. (2012). The Research and Application of Firewall [94] Jonathan J. A. DAvis, "Data processing for anomaly based
based on Netfilter. Physics Procedia, 25, 1231-1235. network intrusion detection: A review," Computers and
security, pp. 353-375, 2011, 9.
13 Rufai Yusuf Zakari and Najib Abdulraza: Computer Security: A Literature Review and Classification
[95] J. H. Jose M. Bande Serrano, "String alignment pre-detection [99] Lei Zhang, Qianlong Wu, Chun-Ying Huang, "Assymmetric
using unique subsequences for FPGA based network intrusion group key agreement protocol for open networks and its
detection," Computer communication, pp. 720-728, 2012, 3 application to broadcast encryption," Computer networks, pp.
15. 3246-3255, 2011, 10 27.
[96] M. O. Kashif Iqbal, "Content based image retrieval approach [100] Yen-Cheng Chen, Lo-Yao Yeh, "A portable privacy preserving
for biometric security using colour, texture and shape features authentication and access control protocol in vehicle ad hoc
controlled by fuzzy heuristics," Journal of computer and networks," computer communication, pp. 447-456, 2011, 3 15.
system science , pp. 1258-1277, 2012, 6.
[101] R. G. Luigi Catuogno, "Smart cards in operating systems at
[97] T. G. Konstantin Stoychev Tsvetkov, "An alternative approach kernal level," Information security technical report, Available
and attempt to come up with a standard for biometric user online , 2012.
Authentication in a network based environment," Social and
Behavioral Science, pp. 74-78, 2012. [102] A. A. Mrutyunjaya Panda, "A Hybrid Intelligent approach for
network intrusion detection," Procedia Engineering, pp. 1-9,
[98] M. N. Lawrence Chung, "Novel approaches in the desugn and 2012.
implementation of system/ software architecture," Journal of
systems and software, pp. 459-462, 2012, 3.