Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook,...
-
Upload
audra-stokes -
Category
Documents
-
view
221 -
download
0
Transcript of Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook,...
![Page 1: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/1.jpg)
1
Panita Wannapiroon, Ph.D.Assistant Professor
Preecha PangsubanPh.D. Candidate
Prachyanun Nilsook, Ph.D.Associate Professor
Division of Information and Communication Technology for Education, Faculty of Technical Education, King Mongkut's University of Technology North Bangkok, Thailand.
Systems Analysis of Risk Assessment for Moodle Learning
in a LAMP Environment from Log Files
![Page 2: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/2.jpg)
2
INTRODUCTION
•Moodle is the most popular open source e-Learning.
•It has higher capabilities of learner tools, support tools and technical specifications tools than the other softwares.
•Many researches showed that the Moodle not without risk.•Moodle had higher number of vulnerabilities compared to its commercial (Joh, 2013).
•Unfortunately, it has not been systematically tested for vulnerabilities and weaknesses (Martinez et al., 2013).
![Page 3: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/3.jpg)
3
INTRODUCTION (2)
•Commonly, Log file is used primarily for troubleshooting problems.
•Log file contains information related to many different types of events occurring within networks and systems (Kent, K., 2006).
•Log file analysis is statistical algorithms to determine incident severity and then assigns a threat score based on asset value.
•The risk assessment of Moodle was evaluated by log file analysis approach.
![Page 4: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/4.jpg)
4
INTRODUCTION (3)•The ISO/IEC27005:2011 is chosen in order to achieve the best risk assessment results.
•For this research focuses on Moodle in a LAMP environment.
•A LAMP environment is composed of Linux, Apache, MySQL and PHP scripting languages.
•Thus, our research was to analyze and assess the system for assessing the risk of Moodle in a LAMP environment from log files.
![Page 5: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/5.jpg)
5
•To analyze the composition of systems of risk assessment for Moodle learning in a LAMP environment from log files.
•To evaluate the suitability of the compositions of system of risk assessment for Moodle learning in a LAMP environment from log files.
OBJECTIVES
![Page 6: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/6.jpg)
6
•Population of study is experts in the field of IS analysis and design and IT risk management.
•Sample groups are 5 experts in the field of IS analysis and design and IT risk management.
Population and sample group
RESEARCH SCOPE
![Page 7: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/7.jpg)
7
•Independent variable is systems of risk assessment for Moodle learning in a LAMP environment from log files.
•Dependent variable is the compositions’ suitability of systems of risk assessment for Moodle learning in a LAMP environment from log files.
Variables used in the research
RESEARCH SCOPE (2)
![Page 8: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/8.jpg)
8
•The first phase: Analysis of the composition of the system.1. Studying, analyzing and synthesizing of research
papers.2. Analyzing the components of the system.3. Designing system components.4. Presenting the system components to the advisors.5. Create tools for evaluating the suitability of the system.
RESEARCH METHODOLOGY
![Page 9: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/9.jpg)
9
•The second phase: The evaluation of the compositions’ suitability.1. Five experts to determine and evaluate the suitability
of such a system.2. Improving the system’s components.3. Presenting analyzed compositions of the system.4. Analyzing the results of the evaluation
RESEARCH METHODOLOGY(2)
![Page 10: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/10.jpg)
10
RESULTS
•The research findings are presented as follows: Section one: The composition of system.
Section two: The results of the evaluation.
![Page 11: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/11.jpg)
11
RESULTS (2)
The composition of system
![Page 12: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/12.jpg)
12
The results of the evaluation• The evaluation of the composition’s suitability by
the 5 experts. • Focusing on the principles and concepts of system.
RESULTS (3)
![Page 13: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/13.jpg)
13
The results of the evaluation (cont.)
RESULTS (4)
![Page 14: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/14.jpg)
14
The results of the evaluation (cont.)
RESULTS (5)
![Page 15: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/15.jpg)
15
The results of the evaluation (cont.)
RESULTS (6)
![Page 16: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/16.jpg)
16
•The composition of the systems can be described as follows:
1. Central log file
2. Log file analysis
3. Risk assessment
DISCUSSION AND CONCLUSIONS
![Page 17: Panita Wannapiroon, Ph.D. Assistant Professor Preecha Pangsuban Ph.D. Candidate Prachyanun Nilsook, Ph.D. Associate Professor Division of Information and.](https://reader030.fdocuments.us/reader030/viewer/2022032806/56649efb5503460f94c0e434/html5/thumbnails/17.jpg)
17
•The suitability average level is at highest level •Myers, J. and colleague. (2009) who suggested that the best practices of log management should be considered for possible usefulness in detecting insider threats.
•The composition of the system derived from the analysis can be improved and real usage.
DISCUSSION AND CONCLUSIONS (2)