Open Access iconOpen Access

ARTICLE

crossmark

Classification of Cybersecurity Threats, Vulnerabilities and Countermeasures in Database Systems

by Mohammed Amin Almaiah1,*, Leen Mohammad Saqr1, Leen Ahmad Al-Rawwash1, Layan Ahmed Altellawi1, Romel Al-Ali2,*, Omar Almomani3

1 King Abdullah the II IT School, University of Jordan, Amman, 11942, Jordan
2 The National Research Center for Giftedness and Creativity, King Faisal University, Al-Ahsa, 31982, Saudi Arabia
3 Department of Networks and Cybersecurity, Al-Ahliyya Amman University, Amman, 19328, Jordan

* Corresponding Authors: Mohammed Amin Almaiah. Email: email; Romel Al-Ali. Email: email

(This article belongs to the Special Issue: Blockchain in Cybersecurity Threats and Cyber-Risk Assessment)

Computers, Materials & Continua 2024, 81(2), 3189-3220. https://doi.org/10.32604/cmc.2024.057673

Abstract

Database systems have consistently been prime targets for cyber-attacks and threats due to the critical nature of the data they store. Despite the increasing reliance on database management systems, this field continues to face numerous cyber-attacks. Database management systems serve as the foundation of any information system or application. Any cyber-attack can result in significant damage to the database system and loss of sensitive data. Consequently, cyber risk classifications and assessments play a crucial role in risk management and establish an essential framework for identifying and responding to cyber threats. Risk assessment aids in understanding the impact of cyber threats and developing appropriate security controls to mitigate risks. The primary objective of this study is to conduct a comprehensive analysis of cyber risks in database management systems, including classifying threats, vulnerabilities, impacts, and countermeasures. This classification helps to identify suitable security controls to mitigate cyber risks for each type of threat. Additionally, this research aims to explore technical countermeasures to protect database systems from cyber threats. This study employs the content analysis method to collect, analyze, and classify data in terms of types of threats, vulnerabilities, and countermeasures. The results indicate that SQL injection attacks and Denial of Service (DoS) attacks were the most prevalent technical threats in database systems, each accounting for 9% of incidents. Vulnerable audit trails, intrusion attempts, and ransomware attacks were classified as the second level of technical threats in database systems, comprising 7% and 5% of incidents, respectively. Furthermore, the findings reveal that insider threats were the most common non-technical threats in database systems, accounting for 5% of incidents. Moreover, the results indicate that weak authentication, unpatched databases, weak audit trails, and multiple usage of an account were the most common technical vulnerabilities in database systems, each accounting for 9% of vulnerabilities. Additionally, software bugs, insecure coding practices, weak security controls, insecure networks, password misuse, weak encryption practices, and weak data masking were classified as the second level of security vulnerabilities in database systems, each accounting for 4% of vulnerabilities. The findings from this work can assist organizations in understanding the types of cyber threats and developing robust strategies against cyber-attacks.

Keywords


Cite This Article

APA Style
Almaiah, M.A., Saqr, L.M., Al-Rawwash, L.A., Altellawi, L.A., Al-Ali, R. et al. (2024). Classification of cybersecurity threats, vulnerabilities and countermeasures in database systems. Computers, Materials & Continua, 81(2), 3189-3220. https://doi.org/10.32604/cmc.2024.057673
Vancouver Style
Almaiah MA, Saqr LM, Al-Rawwash LA, Altellawi LA, Al-Ali R, Almomani O. Classification of cybersecurity threats, vulnerabilities and countermeasures in database systems. Comput Mater Contin. 2024;81(2):3189-3220 https://doi.org/10.32604/cmc.2024.057673
IEEE Style
M. A. Almaiah, L. M. Saqr, L. A. Al-Rawwash, L. A. Altellawi, R. Al-Ali, and O. Almomani, “Classification of Cybersecurity Threats, Vulnerabilities and Countermeasures in Database Systems,” Comput. Mater. Contin., vol. 81, no. 2, pp. 3189-3220, 2024. https://doi.org/10.32604/cmc.2024.057673



cc Copyright © 2024 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 412

    View

  • 161

    Download

  • 0

    Like

Share Link