Author:
Rosmansyah Yusep,Ritonga Mora Hertanto,Hardi Ariq Bani
Abstract
The electronic-examination (e-exam) system is not only transforming the paper-based examination to the electronic-based examination. The e-exam system has a big security challenge that must be resolved to guarantee the trust of its users. This paper aims at analyzing security challenges of an e-exam system and proposing a solution using Attack and Defense Tree methods. The attack tree scheme was defined by risk assessment methods. The attack tree was evaluated by penetration test experiments against a server running the e-exam application. A proposed defense tree scheme against the identified attack tree was presented as the main contribution of this research. This contribution can be used as a guideline to plan similar e-exam systems and can be served as a starting point for future research towards a comprehensive attack-defense tree of the secure e-exam system.
Publisher
International Association of Online Engineering (IAOE)
Subject
General Engineering,Education
Cited by
4 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献