Journal of Cyber Security and Risk Auditing

Applying risk analysis for determining threats and countermeasures in workstation domain

by 

Rama Soliman Mousa ;

Rami Shehab

PDF logoPDF

Published: 2025/01/25

Abstract

The main purpose of this research is to perform a comprehensive analysis of cyber risks in workstation domain, including classifying threats, vulnerabilities, impacts, and countermeasures. This classification helps to identify suitable security controls to mitigate cyber risks for each type of attack. Additionally, this study aims to explore the main vulnerabilities based on the type of attack in workstation domain. This study employs the content analysis technique to collect, analyze, and classify data in terms of types of threats, vulnerabilities, and countermeasures. The methodology comprises four primary steps: (1) identifying key components, (2) threat identification, (3) vulnerability identification, and (4) countermeasure identification. The findings indicate that malware attacks and man in middle attacks were the most prevalent attacks in workstation domain, each accounting for 27% and 25% of incidents. The results found that unpatched software and weak access controls were classified as the most critical threats in the workstation domain, comprising 21% and 20% of incidents, respectively. The results also indicated that encryption methods, access controls mechanisms and firewall malware protection are the most significant and effective countermeasures for protecting the workstation domain environment. The findings of this study provides valuable recommendations for academic research in classifying the different types of cyber threats and understanding the significant security controls against cyber-attacks in workstation domain.

Keywords

Workstation DomainCyber threatsVulnerabilitiesCountermeasuresRisk Management

How to Cite the Article

Mousa, R. S., & Shehab, R. (2025). Applying risk analysis for determining threats and countermeasures in workstation domain. Journal of Cyber Security and Risk Auditing, 2025(1), 12–21. https://doi.org/10.63180/jcsra.thestap.2025.1.2

References

  1. Omolara, A. E., Alabdulatif, A., Abiodun, O. I., Alawida, M., Alabdulatif, A., & Arshad, H. (2022). The internet of things security: A survey encompassing unexplored areas and new insights. Computers & Security, 112, 102494.
  2. Mohanta, B. K., Jena, D., Satapathy, U., & Patnaik, S. (2020). Survey on IoT security: Challenges and solution using machine learning, artificial intelligence and blockchain technology. Internet of Things, 11, 100227.
  3. Rana, M., Mamun, Q., & Islam, R. (2022). Lightweight cryptography in IoT networks: A survey. Future Generation Computer Systems, 129, 77-89.
  4. Ravi, N., & Shalinie, S. M. (2020). Learning-driven detection and mitigation of DDoS attack in IoT via SDN-cloud architecture. IEEE Internet of Things Journal, 7(4), 3559-3570.
  5. Lee, E., Seo, Y. D., Oh, S. R., & Kim, Y. G. (2021). A Survey on Standards for Interoperability and Security in the Internet of Things. IEEE Communications Surveys & Tutorials, 23(2), 1020-1047.
  6. Mohanta, B. K., Jena, D., Ramasubbareddy, S., Daneshmand, M., & Gandomi, A. H. (2020). Addressing security and privacy issues of IoT using blockchain technology. IEEE Internet of Things Journal, 8(2), 881-888.
  7. Grammatikis, P. I. R., Sarigiannidis, P. G., & Moscholios, I. D. (2019). Securing the Internet of Things: Challenges, threats and solutions. Internet of Things, 5, 41-70.
  8. Kumar, R. L., Khan, F., Kadry, S., & Rho, S. (2022). A survey on blockchain for industrial internet of things. Alexandria Engineering Journal, 61(8), 6001-6022.
  9. Rao, P. M., & Deebak, B. D. (2023). Security and privacy issues in smart cities/industries: technologies, applications, and challenges. Journal of Ambient Intelligence and Humanized Computing, 14(8), 10517-10553.
  10. Sharma, P., Jain, S., Gupta, S., & Chamola, V. (2021). Role of machine learning and deep learning in securing 5G-driven industrial IoT applications. Ad Hoc Networks, 123, 102685.
  11. Santhosh Kumar, S. V. N., Selvi, M., & Kannan, A. (2023). A Comprehensive Survey on Machine Learning‐Based Intrusion Detection Systems for Secure Communication in Internet of Things. Computational Intelligence and Neuroscience, 2023(1), 8981988.
  12. Younan, M., Houssein, E. H., Elhoseny, M., & Ali, A. A. (2020). Challenges and recommended technologies for the industrial internet of things: A comprehensive review. Measurement, 151, 107198.
  13. Yugha, R., & Chithra, S. (2020). A survey on technologies and security protocols: Reference for future generation IoT. Journal of Network and Computer Applications, 169, 102763.
  14. Nikou, S. (2019). Factors driving the adoption of smart home technology: An empirical assessment. Telematics and Informatics, 45, 101283.
  15. Ande, R., Adebisi, B., Hammoudeh, M., & Saleem, J. (2020). Internet of Things: Evolution and technologies from a security perspective. Sustainable Cities and Society, 54, 101728.
  16. Hajiheidari, S., Wakil, K., Badri, M., & Navimipour, N. J. (2019). Intrusion detection systems in the Internet of things: A comprehensive investigation. Computer Networks, 160, 165-191.
  17. Manzoor, A., Braeken, A., Kanhere, S. S., Ylianttila, M., & Liyanage, M. (2021). Proxy re-encryption enabled secure and anonymous IoT data sharing platform based on blockchain. Journal of Network and Computer Applications, 176, 102917.
  18. Zhu, Q., Loke, S. W., Trujillo-Rasua, R., Jiang, F., & Xiang, Y. (2019). Applications of distributed ledger technologies to the internet of things: A survey. ACM computing surveys (CSUR), 52(6), 1-34.
  19. Haghi, M., Neubert, S., Geissler, A., Fleischer, H., Stoll, N., Stoll, R., & Thurow, K. (2020). A flexible and pervasive IoT-based healthcare platform for physiological and environmental parameters monitoring. IEEE Internet of Things Journal, 7(6), 5628-5647.
  20. NV, R. K., & E, B. (2022). Detection and monitoring of the asymptotic COVID-19 patients using IoT devices and sensors. International Journal of Pervasive Computing and Communications, 18(4), 407-418.
  21. Shahin, M., Maghanaki, M., Hosseinzadeh, A., & Chen, F. F. (2024). Advancing network security in industrial IoT: a deep dive into AI-enabled intrusion detection systems. Advanced Engineering Informatics, 62, 102685.
  22. Zhang, J., Li, L., Lin, G., Fang, D., Tai, Y., & Huang, J. (2020). Cyber resilience in healthcare digital twin on lung cancer. IEEE access, 8, 201900-201913.
  23. Shirvanimoghaddam, M., Shirvanimoghaddam, K., Abolhasani, M. M., Farhangi, M., Barsari, V. Z., Liu, H., ... & Naebe, M. (2019). Towards a green and self-powered Internet of Things using piezoelectric energy harvesting. Ieee Access, 7, 94533-94556.
  24. Rao, P. M., & Deebak, B. D. (2023). A comprehensive survey on authentication and secure key management in internet of things: Challenges, countermeasures, and future directions. Ad Hoc Networks, 146, 103159.