Ammar Alazab, Michael Hobbs, Jemal Abawajy, Ansam Khraisat and Mamoun Alazab
The purpose of this paper is to mitigate vulnerabilities in web applications, security detection and prevention are the most important mechanisms for security. However, most…
Abstract
Purpose
The purpose of this paper is to mitigate vulnerabilities in web applications, security detection and prevention are the most important mechanisms for security. However, most existing research focuses on how to prevent an attack at the web application layer, with less work dedicated to setting up a response action if a possible attack happened.
Design/methodology/approach
A combination of a Signature-based Intrusion Detection System (SIDS) and an Anomaly-based Intrusion Detection System (AIDS), namely, the Intelligent Intrusion Detection and Prevention System (IIDPS).
Findings
After evaluating the new system, a better result was generated in line with detection efficiency and the false alarm rate. This demonstrates the value of direct response action in an intrusion detection system.
Research limitations/implications
Data limitation.
Originality/value
The contributions of this paper are to first address the problem of web application vulnerabilities. Second, to propose a combination of an SIDS and an AIDS, namely, the IIDPS. Third, this paper presents a novel approach by connecting the IIDPS with a response action using fuzzy logic. Fourth, use the risk assessment to determine an appropriate response action against each attack event. Combining the system provides a better performance for the Intrusion Detection System, and makes the detection and prevention more effective.
Details
Keywords
Salah Alhyari, Moutaz Alazab, Sitalakshmi Venkatraman, Mamoun Alazab and Ammar Alazab
The purpose of this paper is to emphasise on a balance between quantitative and qualitative measures, and examine the use of Balanced Scorecard to evaluate and estimate the…
Abstract
Purpose
The purpose of this paper is to emphasise on a balance between quantitative and qualitative measures, and examine the use of Balanced Scorecard to evaluate and estimate the performance of information and communication technologies (ICT) in delivering valuable e‐government services through the internet.
Design/methodology/approach
This study tests the hypotheses of e‐government effectiveness using Balanced Scorecard technique by incorporating qualitative measures within a quantitative research methodology with data collected by means of a survey questionnaire. The survey sample of 383 stakeholders includes common customers, employees of e‐government, and employees from the IT sector. The survey data were analysed to test the hypothesis in measuring e‐government effectiveness from Balanced Scorecard's four dimensions: customer perspective, financial perspective, internal business process perspective, and innovation and learning perspective.
Findings
The results show that the Balanced Scorecard factors fit very well with monitoring and measuring the performance of e‐government in Jordan, and also in evaluating their success in IT project investments.
Originality/value
This study attempts to address this gap in the literature and would benefit future studies in applying Balanced Scorecard for performance evaluation of various IT projects that are gaining huge investments from governments and organisations.