Browsing by Author "Kumar, Deepak."

Now showing 1 - 2 of 2

Security testing challenges of web developers in the Lagos, Nigeria IT industry.
(2020) Ajayi, Moyinoluwa Ibukunoluwa.; Kumar, Deepak.; Govender, Irene.
Web applications are instrumental for businesses. Due to the susceptible nature of the internet, which is their main operating environment, many vulnerabilities that compromise web applications are constantly reported. Despite these vulnerabilities, there is a huge pressure on web development teams to build applications to meet business demands. This leads to compromise in the quality and security testing process integrated into the development life cycle. Related studies have revealed that although there are many frameworks and tools to support Security testing, many of these developed frameworks and tools are often poorly adopted and are thus found ineffective. Studies have also revealed that in Nigeria, a huge amount of money is lost annually to software importation from foreign countries due to the low quality of indigenously-developed applications in the Information Technology industry. This study investigates the practice of security testing among web development teams in the Information Technology industry in Lagos in Nigeria, and the factors that affect its actual usage. Three companies were randomly selected for the study, and both quantitative and qualitative research methods were used. A conceptual framework adapted from the technology acceptance model was used to guide the data collection instruments. The quantitative research method involved statistical analysis of eighty-two responses to the closed-ended Likert-type questionnaire. The qualitative research method involved using the data obtained from the interviews conducted with eight industry experts. Findings from the study revealed three basic approaches to security testing used by web development teams in Lagos, Nigeria. Perceived usefulness, perceived ease of use and behavioural intention were significant constructs of the conceptual framework that predict the use of security testing among web developers in Lagos, Nigeria. Factors found to affect the effective usage of security testing techniques were human resources, project constraints, and ethical and compliance factors. To improve the usage of security testing, more awareness, training and technical support are required for development teams. Furthermore, ethical and compliance policies need to be provided by regulatory bodies in the industry to guide the security testing process for teams. Project timelines should also be made flexible to give room for adequate security testing implementation in the Software development life cycle.
The design and development of an AI based digital forensic protocol for first responders.
(2024) Kumar, Deepak.; Subramaniam, Prabhakar Rontala.
In today's society, access to computers and the internet has become indispensable, offering a myriad of opportunities such as online shopping, trading, banking, communication, and social media interaction. However, along with the increasing usage of the internet, there is a corresponding rise in cybercrimes, posing constant threats to organizations. Recent years have witnessed a significant surge in cyber incidents and breaches, exacerbated by emerging technologies like the Fourth Industrial Revolution (4IR) and Artificial Intelligence (AI), as well as the availability of tools such as Crimeware-as-a-Service (CaaS), anonymous technologies like Tor, and the utilization of the Darknet. In response to these challenges, cyber forensic experts and digital investigators must possess the necessary skills and expertise to effectively investigate cybercrimes, analyse electronic evidence found on digital devices, and present findings in a legally acceptable manner. To stay ahead of cybercriminals, digital forensic investigators and first responders must leverage AI and cutting-edge technologies of the 4IR era. This study addresses the evolving cybersecurity landscape by designing an AI-based digital forensic protocol tailored for first responders. Employing a design science research (DSR) methodology, the study develops a novel investigation protocol utilising AI prediction modelling. Additionally, it explores various AI models to create an efficient framework for integrating Machine Learning (ML) and predictive modelling in cybercrime data analysis of a cloud-based dataset. The design and development of Intelligent Digital Evidence Extraction Protocol or I-DEEP, a novel protocol provides a framework to make the process of cybercrime investigation more agile using triaging and quick decision making by predictive analysis. This is accomplished by development and implementation of AI and Machine Learning algorithms.