MODELING THREAT TREES THROUGH STRIDE MODEL CONCEPT FOR THE BANKING SECTOR
Abstract
A rapidly expanding industry in India is the banking sector. Online banking has given a lot of benefits for banking from anywhere and everywhere concept. But, this has brought threats and attacks along with it. This article works on the creation of threat trees to keep a check on the threats. The details of these can be incorporated during the requirement and design phase. The creation of threat trees proves beneficial to the programmers to keep the preventive measure ready in advance during design and implementation, and trace the vulnerabilities to reduce the cost for corrections.
Keyword : Security, Vulnerabilities, e-banking, privacy, online banking portals, threat modelling.
This work is licensed under a Creative Commons Attribution 4.0 International License.
References
[1] D. Popescul (2011) The Confidentiality – Integrity – Accessibility Triad into the Knowledge Security. A Reassessment from the Point of View of the Knowledge Contribution to Innovation, Proceedings of The 16th International Business Information Management Association Conference (Innovation and Knowledge Management, A Global Competitive Advantage, Kuala Lumpur, Malaysia, Editor Khalid S. Soliman, ISBN: 978-0-9821489-5-2, Pp. 1338-1345. [2] Andrea Bendovschi (2015) Cyber – attacks – Trends, patterns and security countermeasures, 7th International Conference on Financial Criminology, Wadham College, Oxford, United Kingdom. Procedia Economics and Finance, Elsevier Vol.28, Pp. 24 – 31. [3] M.Uma, G.Padmavathi (2013) A survey on various cyber- attacks and their classification, Department of Computer Science, Avinashilingam Deemed University for Women, Coimbatore. International Journal of cyber security, Vol.15, No. 5, Pp. 390 – 396. [4] P. Mary Jayanthi, A. Mansurali et.al (2020) Significance of Fraud analytics in Indian Banking sectors, Journal of critical reviews Vol. 7, No. 4. [5] M. Bhasin (2007) Mitigating cyber threats to banking industry, The Chartered Accountant, Vol. 50 No.10. Pp. 1618 – 1624. [6] M. L. Bhasin (2015) Menace of frauds in the Indian Banking Industry. An empirical study, SSRN Electronic Journal Vol.4 No.12, Pp.1-13, Banking & Insurance e-Journal, Malaysia. [7] S.V. Ramana, G. Krishna (2017) A study on the impact of fraud in the Indian Banking sector. International Journal of Academic Research and Development, Vol.2 No. 6, Pp. 544, 547. [8] S. Kundu, N. Rao (2014) Reasons of Banking Fraud – A case of Indian Public Sector Banks. International Journal of Information systems, Management Research and Development (IJISMRD), Vol. 4 No. 1, Pp. 11 – 24. [9] M.J.Prem,M.Karnan (2014) Business Intelligence Hybrid Metaheuristics Techniques, International Journal of Business Intelligence Research (IJBIR) Vol.5 No.1, Pp. 64 – 70. [10] J.K. Yego (2016) The impact of Fraud in the banking industry. A case of Standard Chartered Bank (Doctoral Dissertation). United States Internal University – Africa. [11] L.K. Pani, S.Swain, S.Swain (2014) FDI in Indian Banks and foreign banks in India – Study of the recent changes and the implications, International Journal of Management IT and engineering, Vol. 4 No.3, Pp. 247 – 253. [12] Aaron M. French (2012) A case study on E-Banking security- when security becomes too sophisticated for the user to access their information, Journal of Internet Banking and Commerce, Vol.17, No.2,South Korea. [13] K. Tuma, G. Caliki, R. Scandariato (2018) Threat analysis of software systems: A systematic Literature review, Journal of Systems and Software, Volume 144, Elsevier Pages 175 – 294, Department of Computer Science and Engineering, University of Technology, Vasaparken Gothenburg, Sweden. [14] M. Ashish, Shaji (2020) Cybersecurity in Digital Banking. Threats challenges and Solution, Finance Business, enterslice.com. [15] A.Mustafa et.al (2019) E-Banking Fraud Detection: A Short Review, International Journal of Innovation, Creativity and Change, Vol.6, No.8, International Business School, University Technology Malaysia, Kuala Lumpur, Malaysia. [16] M. Mannan, P.C.V.Oorchot (2008) Security and Usability: The Gap in Real – World Online Banking. Carleton University, Ottawa, Ontario, Canada. [17] F.F. Council (2001) Authentication in an internet Banking Environment, Arlington: Federal Financial Institutions Examination Council. [18] K. Eriksson, K. Kerem, D. Nilsson (2008) The adoption of commercial innovations in the former Central and Eastern European markets. The case of internet banking in Estonia. International Journal of Bank Marketing, Vol.26, No. 3, Pp. 154-69. [19] Sayar, Ceren, Wolf Simon (2007) Internet banking market performance: Turkey versus the UK. International Journal of Bank Marketing, Vol. 25 No. 3, Pp.122-141. [20] Amato-McCoy (2005) Creating virtual value, Bank Systems and Technology, Vol.1 No.22. [21] E. Danial (1999) Provision of electronic Banking in UK and the republic of Ireland. International Journal of Bank Marketing, Vol.17 No. 2, Pp. 72-82. [22] D. Chou and A.Y.Chou (2006) A Guide to the Internet Revolution in Banking. Information Systems Management, Vol. 17 No.2, Pp. 47-53. [23] E. Garbarino, Strahilevitz, (2004), Gender differences in the perceived risk of buying online and the effects of receiving a site recommendation, Journal of Business Research, Elsevier, Vol. 57 No.7, Pp.768-775. [24] T.B. Joewono et al (2017), Influence of Personal Banking Behaviour on the Usage of the Electronic Card for Toll Road Payment, Transportation Research Procedia, Vol. 25, Pp. 4454-4471, Elsevier.