Embed Size (px)
Citation preview
1
Panita Wannapiroon, Ph.D.Assistant Professor
Preecha PangsubanPh.D. Candidate
Prachyanun Nilsook, Ph.D.Associate Professor
Division of Information and Communication Technology for Education, Faculty of Technical Education, King Mongkut's University of Technology North Bangkok, Thailand.
Systems Analysis of Risk Assessment for Moodle Learning
in a LAMP Environment from Log Files
2
INTRODUCTION
•Moodle is the most popular open source e-Learning.
•It has higher capabilities of learner tools, support tools and technical specifications tools than the other softwares.
•Many researches showed that the Moodle not without risk.•Moodle had higher number of vulnerabilities compared to its commercial (Joh, 2013).
•Unfortunately, it has not been systematically tested for vulnerabilities and weaknesses (Martinez et al., 2013).
3
INTRODUCTION (2)
•Commonly, Log file is used primarily for troubleshooting problems.
•Log file contains information related to many different types of events occurring within networks and systems (Kent, K., 2006).
•Log file analysis is statistical algorithms to determine incident severity and then assigns a threat score based on asset value.
•The risk assessment of Moodle was evaluated by log file analysis approach.
4
INTRODUCTION (3)•The ISO/IEC27005:2011 is chosen in order to achieve the best risk assessment results.
•For this research focuses on Moodle in a LAMP environment.
•A LAMP environment is composed of Linux, Apache, MySQL and PHP scripting languages.
•Thus, our research was to analyze and assess the system for assessing the risk of Moodle in a LAMP environment from log files.
5
•To analyze the composition of systems of risk assessment for Moodle learning in a LAMP environment from log files.
•To evaluate the suitability of the compositions of system of risk assessment for Moodle learning in a LAMP environment from log files.
OBJECTIVES
6
•Population of study is experts in the field of IS analysis and design and IT risk management.
•Sample groups are 5 experts in the field of IS analysis and design and IT risk management.
Population and sample group
RESEARCH SCOPE
7
•Independent variable is systems of risk assessment for Moodle learning in a LAMP environment from log files.
•Dependent variable is the compositions’ suitability of systems of risk assessment for Moodle learning in a LAMP environment from log files.
Variables used in the research
RESEARCH SCOPE (2)
8
•The first phase: Analysis of the composition of the system.1. Studying, analyzing and synthesizing of research
papers.2. Analyzing the components of the system.3. Designing system components.4. Presenting the system components to the advisors.5. Create tools for evaluating the suitability of the system.
RESEARCH METHODOLOGY
9
•The second phase: The evaluation of the compositions’ suitability.1. Five experts to determine and evaluate the suitability
of such a system.2. Improving the system’s components.3. Presenting analyzed compositions of the system.4. Analyzing the results of the evaluation
RESEARCH METHODOLOGY(2)
10
RESULTS
•The research findings are presented as follows: Section one: The composition of system.
Section two: The results of the evaluation.
11
RESULTS (2)
The composition of system
12
The results of the evaluation• The evaluation of the composition’s suitability by
the 5 experts. • Focusing on the principles and concepts of system.
RESULTS (3)
13
The results of the evaluation (cont.)
RESULTS (4)
14
The results of the evaluation (cont.)
RESULTS (5)
15
The results of the evaluation (cont.)
RESULTS (6)
16
•The composition of the systems can be described as follows:
1. Central log file
2. Log file analysis
3. Risk assessment
DISCUSSION AND CONCLUSIONS
17
•The suitability average level is at highest level •Myers, J. and colleague. (2009) who suggested that the best practices of log management should be considered for possible usefulness in detecting insider threats.
•The composition of the system derived from the analysis can be improved and real usage.
DISCUSSION AND CONCLUSIONS (2)
