Abstract
E-commerce plays a significant role to grow its business globally by satisfying the modern consumer’s expectations. Without the help of Operating System (OS), e-commerce applications cannot be operated as well as broadcasted on the web. It is evident after analyzing this study that web administrators of the business are sometimes being careless, in some cases unaware about the risk of cyber-attack due the lack of vulnerability research on their OS. Therefore, a good number of the e-commerce applications are faced different type of OS exploitations through different types of attack e.g. denial of service, bypass, DECOVF, etc. that breaches the OS’s confidentiality, integrity and availability. In this paper, we analyzed 140 e-commerce sites servers’ information and its related 1138 vulnerabilities information to examine the risks and risky versions of the OS in e-commerce business. The probabilities of vulnerability are calculated using Orange 3 and feature selection operation has been performed using Weka through IBM statistical tool SPSS. This study identifies few versions of Ubuntu that are found in critical status in terms of risk position.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Rosaci, D., Sarnè, G.: Multi-agent technology and ontologies to support personalization in B2C e-commerce. Electron. Commer. Res. Appl. 13, 13–23 (2014)
Gerber, M., Solms, R.V.: From risk analysis to security requirements. Comput. Secur. 20, 577–584 (2001)
Wang, W., Lu, N.: Security risk analysis and security technology research of government public data center. In: 2018 IEEE International Conference on Energy Internet (ICEI) (2018)
Xiao, G., Zheng, Z., Yin, B., Trivedi, K.S., Du, X., Cai, K.: Experience report: fault triggers in Linux operating system: from evolution perspective. In: 2017 IEEE 28th International Symposium on Software Reliability Engineering (ISSRE) (2017)
Ngai, E., Wat, F.: A literature review and classification of electronic commerce research. Inf. Manag. 39, 415–429 (2002)
Ahmed, G., Khan, M.N.A., Bashir, M.S.: A Linux-based IDPS using Snort. Comput. Fraud Secur. 2015, 13–18 (2015)
Mouli, V.R., Jevitha, K.: Web services attacks and security - a systematic literature review. Procedia Comput. Sci. 93, 870–877 (2016)
Kang, J., Joe, I.: Security vulnerability analysis of Wi-Fi connection hijacking on the Linux-based robot operating system for drone systems. In: Park, J.H., Shen, H., Sung, Y., Tian, H. (eds.) PDCAT 2018. CCIS, vol. 931, pp. 473–482. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-5907-1_49
Gorbenko, A., Romanovsky, A., Tarasyuk, O., Biloborodov, O.: From analyzing operating system vulnerabilities to designing multiversion intrusion-tolerant architectures. IEEE Trans. Reliab. 69, 22–39 (2020)
Latif, R.M.A., Umer, M., Tariq, T., Farhan, M., Rizwan, O., Ali, G.: A smart methodology for analyzing secure e-banking and e-commerce websites. In: 2019 16th International Bhurban Conference on Applied Sciences and Technology (IBCAST) (2019)
Coelho, N.M., Peixoto, M., Cruz-Cunha, M.M.: Prototype of a paranoid mobile operating system distribution. In: 2019 7th International Symposium on Digital Forensics and Security (ISDFS) (2019)
Awoleye, O.M., Ojuloge, B., Ilori, M.O.: Web application vulnerability assessment and policy direction towards a secure smart government. Gov. Inf. Q. 31, S118–S125 (2014)
Barkatullah, A.H., Djumadi, : Does self-regulation provide legal protection and security to e-commerce consumers? Electron. Commer. Res. Appl. 30, 94–101 (2018)
Song, B., Yan, W., Zhang, T.: Cross-border e-commerce commodity risk assessment using text mining and fuzzy rule-based reasoning. Adv. Eng. Inform. 40, 69–80 (2019)
Song, J., Hu, G., Xu, Q.: Operating system security and host vulnerability evaluation. In: 2009 International Conference on Management and Service Science (2009)
Mchugh, J., Fithen, W., Arbaugh, W.: Windows of vulnerability: a case study analysis. Computer 33, 52–59 (2000)
Ghosh, A.K., Swaminatha, T.M.: Software security and privacy risks in mobile e-commerce. Commun. ACM 44, 51–57 (2001)
Pradhan, P.L.: A literature survey on risk assessment for Unix operating system. Int. J. Adv. Pervasive Ubiquit. Comput. 11, 13–32 (2019)
Huang, A.: A risk detection system of e-commerce: researches based on soft information extracted by affective computing web texts. Electron. Commer. Res. 18(1), 143–157 (2017). https://doi.org/10.1007/s10660-017-9262-y
Lee, S., Davis, L.: Learning from experience: operating system vulnerability trends. IT Prof. 5, 17–24 (2003)
Zhang, Y., Deng, X., Wei, D., Deng, Y.: Assessment of e-commerce security using AHP and evidential reasoning. Expert Syst. Appl. 39, 3611–3623 (2012)
Rouyendegh, B.D., Topuz, K., Dag, A., Oztekin, A.: An AHP-IFT integrated model for performance evaluation of e-commerce web sites. Inf. Syst. Front. 21(6), 1345–1355 (2018). https://doi.org/10.1007/s10796-018-9825-z
Abdullah, L., Ramli, R., Bakodah, H., Othman, M.: Developing a causal relationship among factors of e-commerce: a decision making approach. J. King Saud Univ. - Comput. Inf. Sci. (2019)
Sun, P., Yang, S., Lai, Z., Li, D., Yao, A.: Function-call network reliability of kernel in android operating system. In: 2019 IEEE International Symposium on Circuits and Systems (ISCAS) (2019)
Tambunan, B., Sihombing, H., Doloksaribu, A., Muda, I.: The effect of security transactions, easy of use, and the risk perception of interest online buying on the e-commerce Tokopedia site (Study on Tokopedia.id site users in Medan city). In: IOP Conference Series: Materials Science and Engineering, vol. 420, p. 012118 (2018)
Wang, Y., Herrando, C.: Does privacy assurance on social commerce sites matter to millennials? Int. J. Inf. Manag. 44, 164–177 (2019)
Chun, S.-H.: E-commerce liability and security breaches in mobile payment for e-business sustainability. Sustainability 11, 715 (2019)
The 18 Biggest Data Breaches of the 21st Century. https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html
The Top 10 Linux Kernel Vulnerabilities. https://resources.whitesourcesoftware.com/blog-whitesource/top-10-linux-kernel-vulnerabilities
Current CVSS Score Distribution For All Vulnerabilities. https://www.cvedetails.com/
e-Commerce Association of Bangladesh. http://e-cab.net/
IP Location Finder. https://www.iplocation.net/
The Big (Unstructured) Data Problem. https://www.forbes.com/sites/forbestechcouncil/2017/06/05/the-big-unstructured-data-problem/#3c80e827493a
Ko, S.J., Lee, J.H.: User preference mining through collaborative filtering and content based filtering in recommender system. In: Bauknecht, K., Tjoa, A.M., Quirchmayr, G. (eds.) EC-Web 2002. LNCS, vol. 2455, pp. 244–253. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45705-4_26
Bahassine, S., Madani, A., Al-Sarem, M., Kissi, M.: Feature selection using an improved Chi-square for Arabic text classification. J. King Saud Univ. - Comput. Inf. Sci. 32, 225–231 (2020)
Acknowledgment
The author of this paper would like to acknowledge Cyber Security Center, DIU for the support to execute the study. Also appreciate the authorities of the organizations who have given us the permission to conduct the examination on their websites.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Royel, R.I., Sharif, M.H., Risha, R., Bhuiyan, T., Hassan, M.M., Hassan, M.S. (2020). A Risk Based Analysis on Linux Hosted E-Commerce Sites in Bangladesh. In: Bhuiyan, T., Rahman, M.M., Ali, M.A. (eds) Cyber Security and Computer Science. ICONCS 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 325. Springer, Cham. https://doi.org/10.1007/978-3-030-52856-0_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-52856-0_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-52855-3
Online ISBN: 978-3-030-52856-0
eBook Packages: Computer ScienceComputer Science (R0)