Ammar Alazab, Michael Hobbs, Jemal Abawajy, Ansam Khraisat and Mamoun Alazab
The purpose of this paper is to mitigate vulnerabilities in web applications, security detection and prevention are the most important mechanisms for security. However, most…
Abstract
Purpose
The purpose of this paper is to mitigate vulnerabilities in web applications, security detection and prevention are the most important mechanisms for security. However, most existing research focuses on how to prevent an attack at the web application layer, with less work dedicated to setting up a response action if a possible attack happened.
Design/methodology/approach
A combination of a Signature-based Intrusion Detection System (SIDS) and an Anomaly-based Intrusion Detection System (AIDS), namely, the Intelligent Intrusion Detection and Prevention System (IIDPS).
Findings
After evaluating the new system, a better result was generated in line with detection efficiency and the false alarm rate. This demonstrates the value of direct response action in an intrusion detection system.
Research limitations/implications
Data limitation.
Originality/value
The contributions of this paper are to first address the problem of web application vulnerabilities. Second, to propose a combination of an SIDS and an AIDS, namely, the IIDPS. Third, this paper presents a novel approach by connecting the IIDPS with a response action using fuzzy logic. Fourth, use the risk assessment to determine an appropriate response action against each attack event. Combining the system provides a better performance for the Intrusion Detection System, and makes the detection and prevention more effective.
Details
Keywords
Salah Alhyari, Moutaz Alazab, Sitalakshmi Venkatraman, Mamoun Alazab and Ammar Alazab
The purpose of this paper is to emphasise on a balance between quantitative and qualitative measures, and examine the use of Balanced Scorecard to evaluate and estimate the…
Abstract
Purpose
The purpose of this paper is to emphasise on a balance between quantitative and qualitative measures, and examine the use of Balanced Scorecard to evaluate and estimate the performance of information and communication technologies (ICT) in delivering valuable e‐government services through the internet.
Design/methodology/approach
This study tests the hypotheses of e‐government effectiveness using Balanced Scorecard technique by incorporating qualitative measures within a quantitative research methodology with data collected by means of a survey questionnaire. The survey sample of 383 stakeholders includes common customers, employees of e‐government, and employees from the IT sector. The survey data were analysed to test the hypothesis in measuring e‐government effectiveness from Balanced Scorecard's four dimensions: customer perspective, financial perspective, internal business process perspective, and innovation and learning perspective.
Findings
The results show that the Balanced Scorecard factors fit very well with monitoring and measuring the performance of e‐government in Jordan, and also in evaluating their success in IT project investments.
Originality/value
This study attempts to address this gap in the literature and would benefit future studies in applying Balanced Scorecard for performance evaluation of various IT projects that are gaining huge investments from governments and organisations.
Details
Keywords
XinYing Chew, Raed Alharbi, Khai Wah Khaw and Alhamzah Alnoor
The study is interested in knowing “the role of the organizational structure as a mediating variable of the relationship between the information technology and organizational…
Abstract
Purpose
The study is interested in knowing “the role of the organizational structure as a mediating variable of the relationship between the information technology and organizational communication”.
Design/methodology/approach
The study was conducted in several service companies, and the study adopted the questionnaire as a basic tool for the data collection on the practical side, as 267 opinions were surveyed, in addition to conducting personal interviews, and the normal distribution of data was tested, analyzing, describing and diagnosing study variables, testing correlations and determining direct effects.
Findings
Findings show that there is no direct and significant statistical impact of information technology on organizational communications. Whereas there was a positive, direct and statistically significant impact of information technology on the organizational structure. There was also a positive, direct and statistically significant effect of the organizational structure on organizational communication.
Research limitations/implications
This paper is restricted to the role of the organizational structure as a mediating variable of the relationship between the influence of information technology on organizational communication.
Practical implications
As part of the practical implication, the paper suggests the need to increase support and attention to the importance of information technology in service organizations in order to increase coordination and organizational communication and achieve a high ability to explore and exploit ideas.
Originality/value
Apart from the fact that several companies were engaged, the organizational structures of these companies were engaged too to examine the impacts of Information technology (ICT) on organizational communication.