Cybersecurity vulnerabilities and solutions in Ethiopian university websites

IF 8.6 2区 计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS
Ali Yimam Eshetu, Endris Abdu Mohammed, Ayodeji Olalekan Salau
{"title":"Cybersecurity vulnerabilities and solutions in Ethiopian university websites","authors":"Ali Yimam Eshetu, Endris Abdu Mohammed, Ayodeji Olalekan Salau","doi":"10.1186/s40537-024-00980-z","DOIUrl":null,"url":null,"abstract":"<p>This study investigates the causes and countermeasures of cybercrime vulnerabilities, specifically focusing on selected 16 Ethiopian university websites. This study uses a cybersecurity awareness survey, and automated vulnerability assessment and penetration testing (VAPT) technique tools, namely, Nmap, Nessus, and Vega, to identify potential security threats and vulnerabilities. The assessment was performed according to the ISO/IEC 27001 series of standards, ensuring a comprehensive and globally recognized approach to information security. The results of this study provide valuable insights into the current state of cybersecurity in Ethiopian universities and reveals a range of issues, from outdated software and poor password management to a lack of encryption and inadequate access control. Vega vulnerability assessment reports 11,286 total findings, and Nessus identified a total of 1749 vulnerabilities across all the websites of the institutions examined. Based on these findings, the study proposes counteractive measures tailored to the specific needs of each identified defect. These recommendations aim to strengthen the security posture of the university websites, thereby protecting sensitive data and maintaining the trust of students, staff, and other stakeholders. The study emphasizes the need for proactive cybersecurity measures in the realm of higher education and presents a strategic plan for universities to improve their digital security.</p>","PeriodicalId":15158,"journal":{"name":"Journal of Big Data","volume":"9 1","pages":""},"PeriodicalIF":8.6000,"publicationDate":"2024-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Big Data","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1186/s40537-024-00980-z","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0

Abstract

This study investigates the causes and countermeasures of cybercrime vulnerabilities, specifically focusing on selected 16 Ethiopian university websites. This study uses a cybersecurity awareness survey, and automated vulnerability assessment and penetration testing (VAPT) technique tools, namely, Nmap, Nessus, and Vega, to identify potential security threats and vulnerabilities. The assessment was performed according to the ISO/IEC 27001 series of standards, ensuring a comprehensive and globally recognized approach to information security. The results of this study provide valuable insights into the current state of cybersecurity in Ethiopian universities and reveals a range of issues, from outdated software and poor password management to a lack of encryption and inadequate access control. Vega vulnerability assessment reports 11,286 total findings, and Nessus identified a total of 1749 vulnerabilities across all the websites of the institutions examined. Based on these findings, the study proposes counteractive measures tailored to the specific needs of each identified defect. These recommendations aim to strengthen the security posture of the university websites, thereby protecting sensitive data and maintaining the trust of students, staff, and other stakeholders. The study emphasizes the need for proactive cybersecurity measures in the realm of higher education and presents a strategic plan for universities to improve their digital security.

Abstract Image

埃塞俄比亚大学网站的网络安全漏洞和解决方案
本研究调查了网络犯罪漏洞的原因和对策,特别关注选定的 16 个埃塞俄比亚大学网站。本研究使用网络安全意识调查以及自动漏洞评估和渗透测试(VAPT)技术工具,即 Nmap、Nessus 和 Vega,来识别潜在的安全威胁和漏洞。评估是根据 ISO/IEC 27001 系列标准进行的,以确保采用全球公认的全面信息安全方法。这项研究的结果为了解埃塞俄比亚大学的网络安全现状提供了有价值的见解,并揭示了从软件过时、密码管理不善到缺乏加密和访问控制不足等一系列问题。Vega 漏洞评估报告共发现 11286 个漏洞,Nessus 在受检机构的所有网站上共发现 1749 个漏洞。根据这些发现,研究针对每个已发现缺陷的具体需求提出了应对措施。这些建议旨在加强大学网站的安全态势,从而保护敏感数据,维护学生、教职员工和其他利益相关者的信任。本研究强调了在高等教育领域采取积极主动的网络安全措施的必要性,并提出了大学提高数字安全的战略计划。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Journal of Big Data
Journal of Big Data Computer Science-Information Systems
CiteScore
17.80
自引率
3.70%
发文量
105
审稿时长
13 weeks
期刊介绍: The Journal of Big Data publishes high-quality, scholarly research papers, methodologies, and case studies covering a broad spectrum of topics, from big data analytics to data-intensive computing and all applications of big data research. It addresses challenges facing big data today and in the future, including data capture and storage, search, sharing, analytics, technologies, visualization, architectures, data mining, machine learning, cloud computing, distributed systems, and scalable storage. The journal serves as a seminal source of innovative material for academic researchers and practitioners alike.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信