Security Challenges Review in Agile and DevOps Practices

Full text

Security Challenges Review in Agile and DevOps
Practices
1
st
Suha Afaneh
Department of Cybersecurity
Zarqa University
Zarka, Jordan
s.afaneh@zu.edu.jo
2
nd
Mohammad Rasmi Al-
Mousa
Department of Cybersecurity
Zarqa University
Zarqa, Jordan
mmousa@zu.edu.jo
3
rd
Hilal Shrif Al-hamid
Software Engineering
Zarqa University
Zarqa, Jordan
20229161@zu.edu.jo
4
th
Bara'h Suliman AL-Awasa
Department of Cybersecurity
Zarqa University
Zarka, Jordan
b.awasa@zu.edu.jo
5
th
Mohammad Alia
Cybersecurity department
Al-zaytoonah University of
Amman, Jordan
dr.m.alia@zuj.edu.jo
6
th
Hani Almimi
Cybersecurity department
Al-zaytoonah University of
Amman, Jordan
Hani.Mimi@zuj.edu.jo
7
th
Ahmad A Alkhatib
Cybersecurity department
Al-zaytoonah University of
Amman, Jordan
ahmad.alkhatib@zuj.edu.jo
Abstract— Agile and DevOps methodologies are becoming
increasingly popular in software development, as they offer
many benefits to software development teams and the
organizations they work for. Agile methods depend on speed in
development, repetition, and an increase in focus on the main
characteristics and functions of the system. The DevOps
approach aims at continuous integration, continuous delivery,
continuous improvement, and faster feedback. Security is a
critical component of Agile and DevOps methodologies.
Integrating security into the development process from the
outset can help to reduce the risk of security vulnerabilities,
improve collaboration between development and security
teams, enable rapid response to security incidents, increase
automation, and ensure compliance with regulatory
requirements. In conclusion, security has challenges in agile and
DevOps approaches, so this paper discusses the most important
challenges of combining ensuring security and continuous
development.
Keywords— agile, DevOps, Software engineering, security
engineering, methodologies
I. INTRODUCTION
The need for safe software is rising, and software
development companies are struggling to keep up [1, 2, 3].
Value-driven software development procedures, which are
fundamentally risk-based approaches, are perceived as
missing the potential to generate safe software. Software
security is the responsibility of entities outside the
development teams [4, 5], however, it should be part of them.
Engineering methodologies are fundamental to the design
and execution of software security and are essential to the
process of developing software. Integration of security
engineering procedures and activities with software
development methodologies has a long and well-established
history. The advent of incremental and iterative software
development techniques led to concerns that the previous,
non-agile security processes and the new agile techniques
were inherently incompatible. The perception of agile security
is still impacted by this distrust. To dispel and investigate this
misconception [6, 7, 8, 9, 10, 11, 12].
Here are some of the key reasons why using agile and
DevOps methodology can be important for software
development:
• Faster Time-to-Market: Agile and DevOps
methodologies emphasize continuous delivery and
deployment, enabling software development teams to
release software faster and more frequently. This can
help organizations get their products to market faster,
gain a competitive edge, and respond to customer
needs and feedback more quickly.
• Improved Quality: Both Agile and DevOps
methodologies put a strong emphasis on testing and
quality assurance, which can help prevent bugs and
issues from occurring in the software. This can help
improve the quality of the final product, reduce the
need for rework, and increase customer satisfaction.
• Greater Flexibility: Agile and DevOps methodologies
are designed to be flexible and adaptable to change,
which can be particularly important in fast-paced,
dynamic environments. This can help software
development teams respond quickly to changing
requirements or customer needs, without sacrificing
quality or efficiency.
• Increased Collaboration: Agile and DevOps
methodologies encourage collaboration and
communication between team members, as well as
with other stakeholders such as customers or business
leaders. This can help improve the overall
effectiveness of the development process, ensure that
everyone is on the same page, and reduce
misunderstandings or delays.
• Better Visibility: Agile and DevOps methodologies
typically provide better visibility into the development
process, including progress, status, and any potential
roadblocks or issues. This can help managers and other
stakeholders stay informed, make better decisions, and
provide support or guidance as needed.
Overall, the use of Agile and DevOps methodologies in
software development can help teams deliver higher-quality
software faster and more efficiently, while also fostering
collaboration, flexibility, and visibility throughout the
development process.
Agile security is a method that incorporates security into
the process of developing agile software as illustrated in Fig.

1. The following are some typical difficulties and obstacles
that may appear while adopting:
• A lack of comprehension or support from the
development teams: Agile security requires integrating
security into the agile development process, which some
team members may find new or undesirable. Getting team
buy-in and making sure everyone is committed to
following the process can be difficult.
• Limited resources: During the early phases of
deployment, agile security might necessitate a large time
and resource commitment. Teams who are already
overworked or companies with inadequate resources may
find it difficult to handle this.
• Integration of security testing into the development
process is challenging: If not correctly integrated, security
testing can be time-consuming and may cause delays in
the development process. It can be difficult to strike a
balance between the necessity of extensive testing and the
urgency of moving swiftly and providing value to
consumers.
• Lack of visibility: Continuous testing and monitoring are
part of agile
security
, which can be challenging to
manage if there is no easy method to monitor progress and
spot possible problems.
• Resistance to change: Some team members may find it
challenging to adjust to
the
considerable change in how
agile security needs development teams to operate.
Getting everyone on board and making sure the procedure
is followed consistently may be difficult.
Fig. 1. Security in the Agile Lifecycle [13].
The DevOps (
development and operations teams
) approach
is considered as extension of Agile,
in which developers and
operations work collaboratively to release software. It focuses
on automation and automated testing.
While integrating security into DevOps can help improve
the overall security posture of an organization [14, 15, 16], as
shown in Fig. 2, there can be several challenges to adopting
security with DevOps:
• Cultural differences: Development and security teams
often have different priorities and objectives, which
can lead to a lack of understanding and communication
between them. Security may be perceived as slowing
down the development process, while development
may prioritize speed over security. Bridging these
cultural differences requires a concerted effort from
both teams and a commitment to shared goals.
• Complexity: As organizations adopt more complex
architectures and infrastructures, it can be challenging
to integrate security into every step of the DevOps
pipeline. Ensuring that security measures are built into
every aspect of the development process requires
careful planning and coordination.
• Tooling: Traditional security tools may not be well-
suited for the fast-paced, automated world of DevOps.
Finding the right tools and ensuring that they are
integrated
into the DevOps pipeline can be a challenge.
• Compliance: Organizations must comply with various
regulations and standards, which can make it difficult
to integrate security into DevOps without
compromising compliance. Ensuring that security
measures meet compliance requirements requires
careful planning and coordination.
• Lack of expertise: Many organizations may not have
the necessary security expertise to effectively integrate
security into DevOps. This can lead to gaps in security
coverage or the adoption of inadequate security
measures. Investing in training and education for both
development and security teams can help address this
challenge.
Fig. 2. Integrating Security with DevOps [17].
In summary, integrating security into DevOps can be
challenging, but it is essential for organizations that want to
improve their security posture and deliver high-quality
software at a faster pace. Overcoming these challenges
requires a commitment to collaboration, communication, and
continuous improvement.
Moreover, if a comparison is made between Agile and
DevOps, it will be found that Agile is concerned with software
development; While DevOps focuses on improving the supply
process in order to improve development and delivery results.
The previously mentioned challenges in the process of
creating secure software led to the major research problem:
How can software security engineering tasks be linked
with agile and DevOps practices?
By determining and comprehending the root causes of
these issues, trying to discover solutions, and offering advice,
this question is first taken into consideration.
II. BACKGROUND
Agile Methodologies are a group of iterative and
incremental software development methods. development.
The four fundamental characteristics that all agile
methodologies must have are adaptive planning, iterative &

evolutionary development, a rapid and flexible reaction to
change, and communication promotion [8, 9]. Its main
objectives are to follow the dictum "Light but sufficient," and
to be communication- and people-focused. Given that it is said
to as a lightweight technique, it is better suitable for the
development of smaller projects [10].
DevOps is a software development approach that
emphasizes collaboration and communication between
development and operations teams to streamline software
delivery and improve the overall quality of the software.
DevOps involves a set of practices, tools, and cultural
philosophies that enable teams to work together more
effectively. Some key principles of DevOps include
continuous integration and continuous delivery (CI/CD),
automation, monitoring and feedback loops, and the use of
agile and lean methodologies [15, 16].
Software Security Engineering (SSE) introduces several
system engineering practices and activities into the software
development process. In academia, the core of software
engineering, a branch of computer science, sometimes
excludes unquantifiable factors like "user" and "operating
environment" [17]. However, it is evident in reality that
software engineering and system engineering must collaborate
in order to accomplish the goals of software engineering,
which include producing functional software in a sustainable
way [5]. Because mainstream software development
methodologies are so value-focused, they struggle to meet
non-functional needs [11]. Non-functional or qualitative
requirements often refer to how the system should behave or
address issues with the design, operating environment,
scalability, etc. while functional requirements specify what the
system should accomplish [19, 20, 21, 22]. Most organizations
develop their IT system based on new techniques according to
the cybersecurity effects on different types of networks and
devices [23...29].
III. RESEARCH DESCRIPTION
Agile development methodologies have grown in
popularity in recent years, in part because of their capacity to
provide quick and adaptable responses to shifting project
needs. However, putting in place strong security measures is
a challenge that agile development teams frequently face. This
frequently results from a lack of understanding or assistance
from the development team. Agile development teams may
have security issues for a number of reasons. Lack of
comprehension or information on the significance of security
in the growth process is one factor. Agile development teams
frequently place a higher priority on the speedy delivery of
new features and functionality than security. This may result
in a disregard for security best practices and the introduction
of vulnerabilities.
In addition to these technological and resource-related
difficulties, cultural factors may also make agile development
teams less inclined to support security. In certain instances,
there may be a culture inside the company that does not
prioritize security due to a lack of knowledge or understanding
of the value of security. Because of this, it may be challenging
for development teams to promote security precautions and
may deter them from raising concerns about potential
vulnerabilities.
Limited resources: It may be difficult for teams that are
already overworked or for businesses that lack the resources
to handle the added burden and complexity brought on by
agile security. Due to the fact that adopting agile security
frequently necessitates the purchase of new tools and
technologies as well as staff training in their usage, this might
be particularly true for enterprises with limited financial
resources. Despite these difficulties, firms with minimal
resources can successfully adopt agile security by using a
number of tactics. Focusing on the fundamentals of agile
security rather than attempting to apply every facet of the
technique at once is a crucial strategy. Organizations may
create a strong foundation for agile security while minimizing
the effect on resources by identifying and resolving the most
urgent security issues first.
A key step in assuring the security and integrity of
software systems is to incorporate security testing into the
development process. It may be a difficult undertaking,
though, since it necessitates through knowledge of security
flaws and a willingness to devote time and money to testing.
We will examine the advantages and drawbacks of including
security testing in the development process and offer solutions
to these issues. The fact that security testing takes up a large
amount of time and money is one of the key obstacles to
incorporating it into the development process. Security testing
is sometimes viewed as an extra expense that could not
immediately pay for itself. The long-term advantages of
security testing, however, significantly surpass the early
expenses. Organizations may avoid costly breaches and
preserve the confidence of their consumers by spotting and
correcting security flaws early in the development process.
Along with difficulties, including security testing in the
development process has several advantages. Organizations
may find and address vulnerabilities early on by including
security testing in the development process, which can
ultimately save time and dollars. Organizations may also
improve their reputation and gain the trust of their consumers
by proactively resolving security issues.
Lack of visibility: Agile security requires continuous
testing and monitoring, but managing them may be
challenging if there is no simple method to track progress and
spot possible issues. The use of agile security tools and
frameworks is one approach to overcoming this difficulty. A
unified platform for monitoring and tracking the security of
agile development projects is offered by these tools and
frameworks. They enable developers to monitor the
advancement of security testing and remediation operations as
well as to detect and address security flaws in real-time.
Adopting agile security methods, such as using security-
focused testing and code review procedures, is another
alternative. These procedures aid in making sure that security
is taken into account from the beginning of the development
process rather than being added on later.
Strong communication and cooperation between
development and security teams are also essential for effective
agile security. Together, these teams may spot security risks
earlier in the development cycle and solve them before the
project is complete.
Resistance to change this reluctance may be brought on by
a lack of knowledge or experience with agile security
methods. Agile security gives team members additional roles
and duties, including adding a security champion or
integrating security testing into the development cycle. Team
members who are accustomed to traditional development
techniques may find these changes upsetting, and they may

need assistance and training to appreciate the value and
significance of agile security, the concern that agile security
may slow down the development process is another element
that could lead to opposition. Agile development focuses on
being able to move rapidly and consistently produce
functioning software, therefore integrating security
procedures may be seen as impeding this objective. It's crucial
to understand, however, that including security procedures in
the development cycle might actually assist to lower the
possibility of delays and disruptions brought on by security
flaws that are found later in the development cycle.
TABLE I. THE PERCENTAGES OF DIFFICULTIES AND OBSTACLES
Difficulties and Obstacles
Percentage
Lack of comprehension or
support from the development
teams
59% (according to the Ponemon
Institute survey)
Limited resources
45% (according to the ISSA survey)
Integration of security testing
into the development process
is challenging
63% (according to the ISACA survey)
In order to overcome opposition to agile security, effective
communication, and stakeholder support may be essential.
The advantages of agile security, such as the capacity to spot
and fix security flaws sooner in the development process and
the lower risk of delays and disruptions brought on by security
concerns, should be understood by team members. Reducing
resistance may also be achieved by including team members
in the decision-making process and by offering them
information and support to help them comprehend and
embrace agile security procedures.
Security in DevOps refers to the integration of security
measures and practices throughout the entire DevOps process,
from the planning and design stages to deployment and
operations. This helps to ensure that security risks are
identified and addressed early and that security is not an
afterthought.
There are several key principles of security in DevOps,
including:
• Security as code: Treating security as code means that
security measures are integrated into the same version
control system as the code itself, allowing for the
automation of security testing and deployment.
• Continuous security testing: Continuous security
testing involves testing for security vulnerabilities at
every stage of the DevOps process, rather than just at
the end. This helps to catch security issues early on and
allows for rapid remediation.
• Collaboration and communication: Collaboration and
communication between developers, security teams,
and other stakeholders is essential to ensure that
security is a priority throughout the DevOps process.
• Risk management: Risk management involves
identifying and prioritizing potential security risks and
taking steps to mitigate them.
By following these principles, organizations can integrate
security into their DevOps processes and reduce the risk of
security breaches and other cyber-attacks.
IV. DISCUSSION
Agile security is a process that integrates security into the
agile development process. However, this can be challenging
for development teams due to a lack of comprehension or
support from team members. Some team members may find
the process new or undesirable, making it difficult to get buy-
in and commitment to following the process.
A lack of comprehension or support from development
teams can be a major obstacle in implementing agile security.
This can occur when team members are not familiar with agile
security practices or do not see the value in incorporating
security into the development process. A study by the
Ponemon Institute found that only 28% of organizations
believed that their development teams fully understood the
importance of security in the agile development process.
Another study by ISACA found that while 80% of
organizations reported that they had adopted agile
development methodologies, only 47% of those organizations
felt that their teams were fully committed to incorporating
security into the process. A study by the SANS Institute found
that in organizations where security is not well integrated into
the development process, the likelihood of a security breach is
2.5 times higher than in organizations where security is fully
integrated. Overall, a lack of comprehension or support from
development teams can lead to vulnerabilities, security
breaches, and difficulties in implementing agile security
practices. It is crucial for organizations to ensure that their
development teams are adequately trained and understand the
importance of security in the agile development process.
One common issue is that security tasks are not always
given the same priority level as other development tasks,
leading to limited resources being allocated. A study by the
Ponemon Institute found that 60% of organizations
experienced at least one security breach due to a lack of
resources. Additionally, the study found that the average cost
of a security breach was $3.86 million. Another study by HP
found that 66% of organizations had a shortage of security
skills, with many reporting that they had a difficult time
finding and retaining qualified security professionals. Overall,
limited resources in agile security can lead to vulnerabilities
and security breaches, as well as increased costs for
organizations, some of the percentages of the Difficulties and
Obstacles are summarized in Table (1).
Integrating security testing into the development process
is also challenging. If not done correctly, security testing can
be time-consuming and cause delays in the development
process. Striking a balance between the necessity of extensive
testing and the urgency of moving swiftly and providing value
to consumers can be difficult.
Another challenge is the lack of visibility in the process.
Continuous testing and monitoring are part of agile security,
which can be difficult to manage without an easy method to
monitor progress and spot potential problems. Continuous
testing and monitoring are essential components of agile
security, as they help to ensure that a system is secure and that
any vulnerabilities are identified and addressed quickly.
According to a study by the Ponemon Institute, a lack of
visibility is one of the top challenges faced by organizations
when it comes to software security, with 57% of respondents
reporting that they have difficulty identifying and managing
vulnerabilities. Additionally, a study by the SANS Institute

found that organizations that implement continuous testing
and monitoring are better able to identify and respond to
security threats, with 68% of respondents reporting that they
can detect and respond to security incidents more quickly.
One of the concerns mentioned is the continued
commitment of management to predetermined schedules and
spending caps for product delivery. Consequently, security
issues frequently receive insufficient funding. demonstrates
this by stating that, in his team's opinion, "security is not
presently considered as part of working software, it merely
adds time and doesn't deliver functionality."
Finally, resistance to change can also be a challenge. Some
team members may find it difficult to adjust to the
considerable change in how agile security needs development
teams to operate. Getting everyone on board and making sure
the process is followed consistently may be difficult. Overall,
Agile Security can be a challenging process but if
implemented correctly, it can greatly enhance the security of
the development process.
In summary, security is an essential aspect of Agile and
DevOps software methodologies. The importance of security
in these methodologies can be summarized as follows:
• Early detection of security vulnerabilities: Agile and
DevOps methodologies emphasize early testing and
continuous integration. Security testing is an integral
part of this process, allowing vulnerabilities to be
detected and addressed early in the development cycle.
This approach minimizes the risk of security issues
being discovered only after the product has been
released to production.
• Improved collaboration between development and
security teams: In Agile and DevOps, the development
and security teams work collaboratively to ensure that
the software is secure from the outset. This
collaboration helps to build security into the
development process, rather than treating it as an
afterthought.
• Rapid response to security incidents: DevOps
emphasizes continuous delivery, which means that
software updates are released quickly and frequently.
This approach enables rapid response to security
incidents, allowing security patches to be delivered
promptly to address vulnerabilities.
• Increased automation: DevOps relies heavily on
automation to speed up the software development
lifecycle. Security can also be automated, with tools
that automatically scan code for vulnerabilities and
apply security patches. This approach helps to ensure
that security is integrated into the development process
and reduces the risk of human error.
• Compliance with regulations: Many industries are
subject to regulatory requirements that mandate
specific security controls. Agile and DevOps
methodologies can help organizations comply with
these regulations by integrating security into the
development process and ensuring that security
controls are in place throughout the software
development lifecycle.
V. CONCLUSION
The main point of this conclusion is that agile security is
an important methodology for protecting networks and
information systems, but it can be difficult to implement,
especially for organizations with limited resources. To
effectively implement agile security, organizations should
focus on key concepts, use outside knowledge and resources,
and adopt a risk-based approach.
In addition, testing a system's security is an important step
in ensuring that it is protected from potential threats. This can
include penetration testing, vulnerability scanning, and other
types of security assessments to identify and remediate any
system vulnerabilities. In addition, regular monitoring and
updates can help keep the system secure over time [30, 31].
We, therefore, recommend the following different methods:
Dynamic Application Security Test (DAST), Static
Application Security Testing (SAST), Interactive Application
Security Testing (IAST), Dependency Scanning, and
Application Penetration Testing.
However, there may be resistance to adopting agile and
DevOps security practices from team members, which can be
overcome through education, communication, and providing
support and resources. By addressing these challenges,
organizations can successfully integrate agile security into
their development process and improve the security and
quality of their software.
ACKNOWLEDGMENT
This research is funded by the Deanship of Research and
Graduate Studies at Zarqa University, Jordan.
REFERENCES
[1] Boehm, B. and Turner, R., 2005. Management challenges to
implementing agile processes in traditional development
organizations. IEEE Software, 22(5), pp.30-39.
[2] Fitzgerald, B. and Stol, K.J., 2014, June. Continuous software
engineering and beyond: trends and challenges. In Proceedings of the
1st International Workshop on Rapid Continuous Software
Engineering (pp. 1-9).
[3] Subashini, S. and Kavitha, V., 2011. A survey on security issues in
service delivery models of cloud computing. Journal of network and
computer applications, 34(1), pp.1-11.
[4] Beznosov, K. and Kruchten, P., 2004, September. Towards agile
security assurance. In Proceedings of the 2004 workshop on New
security paradigms (pp. 47-54).
[5] Boehm, B., 2006. Some future trends and implications for systems and
software engineering processes. Systems Engineering, 9(1), pp.1-19.
[6] Rindell, K., Hyrynsalmi, S. and Leppänen, V., 2017, August. Busting
a myth: Review of agile security engineering methods. In Proceedings
of the 12th International Conference on Availability, Reliability and
Security (pp. 1-10).
[7] Afaneh, Suha, and Issam Al Hadid. "Extreme Programming Agile
Methodologies with Self-Healing." European, Mediterranean &
Middle Eastern Conference on Information Systems 2012
(EMCIS2012) June 7-8, Munich, Germany.
[8] Begel, A. and Nagappan, N., 2007, September. Usage and perceptions
of agile software development in an industrial context: An exploratory
study. In First International Symposium on Empirical Software
Engineering and Measurement (ESEM 2007) (pp. 255-264). IEEE.
[9] Maher, P., 2009, April. Weaving agile software development
techniques into a traditional computer science curriculum. In 2009
Sixth International Conference on Information Technology: New
Generations (pp. 1687-1688). IEEE.
[10] Zuo, A., Yang, J. and Chen, X., 2010, November. Research of agile
software development based on formal methods. In 2010 International
Conference on Multimedia Information Networking and Security (pp.
762-766). IEEE.

[11] Ramesh, B., Cao, L. and Baskerville, R., 2010. Agile requirements
engineering practices and challenges: an empirical study. Information
Systems Journal, 20(5), pp.449-480.
[12] https://www.analyticssteps.com/blogs/7-types-agile-methodologies,
visited at 2/1/2023 .
[13] https://nullsweep.com/integrating-security-with-agile-development/,
visited at 7/1/2023.
[14] Sadovykh, A., Widforss, G., Truscan, D., Enoiu, E.P., Mallouli, W.,
Iglesias, R., Bagnto, A. and Hendel, O., 2021, February. Veridevops:
Automated protection and prevention to meet security requirements in
devops. In 2021 Design, Automation & Test in Europe Conference &
Exhibition (DATE) (pp. 1330-1333). IEEE.
[15] Yasar, H. and Kontostathis, K., 2016. Where to integrate security
practices on DevOps platform. International Journal of Secure
Software Engineering (IJSSE), 7(4), pp.39-50.
[16] Wilde, N., Eddy, B., Patel, K., Cooper, N., Gamboa, V., Mishra, B., &
Shah, K. (2016). Security for DevOps deployment processes: defenses,
risks, research directions. International Journal of Software
Engineering & Applications, 7(6), 01-16.
[17] Why Security and DevOps Should Work Hand in Hand,
https://crashtest-security.com/why-should-cybersecurity -care-about-
devops/, visited at 12/1/2023.
[18] Dijkstra, E.W., 2012. Selected writings on computing: a personal
perspective. Springer Science & Business Media.
[19] Al-Khateeb, M., Al-Mousa, M., Al-Sherideh, A., Almajali, D.,
Asassfeha, M. and Khafajeh, H., 2023. Awareness model for
minimizing the effects of social engineering attacks in web
applications. International Journal of Data and Network Science, 7(2),
pp.791-800.
[20] Al-Mousa, M.R., Al-Zaqebah, Q., Al-Ghanim, M., Samara, G., Al-
Matarneh, S. and Asassfeh, M., 2022, November. Examining Digital
Forensic Evidence for Android Applications. In 2022 International
Arab Conference on Information Technology (ACIT) (pp. 1-8). IEEE.
[21] Al-Mousa, M.R., 2021. Analyzing cyber-attack intention for digital
forensics using case-based reasoning. arXiv preprint
arXiv:2101.01395.
[22] Rasmi, M. and Al-Qawasmi, K.E., 2016. Improving Analysis Phase in
Network Forensics By Using Attack Intention Analysis. International
Journal of Security and Its Applications, 10(5), pp.297-308.
[23] Nada, J.A. and Al-Mosa, M.R., 2018, November. A proposed wireless
intrusion detection prevention and attack system. In 2018 International
Arab Conference on Information Technology (ACIT) (pp. 1-5). IEEE.
[24] Al-Mousa, M.R., 2021, July. Generic Proactive IoT Cybercrime
Evidence Analysis Model for Digital Forensics. In 2021 International
Conference on Information Technology (ICIT) (pp. 654-659). IEEE.
[25] Haimour, S., Al-Mousa, M.R. and Marie, R.R., 2021. Using Chaotic
Stream Cipher to Enhance Data Hiding in Digital Images. arXiv
preprint arXiv:2101.00897.
[26] Al-Arjan, A., Rasmi, M. and AlZu’bi, S., 2021, July. Intelligent
security in the era of AI: The key vulnerability of RC4 algorithm.
In 2021 International Conference on Information Technology
(ICIT) (pp. 691-694). IEEE.
[27] Al-Mousa, M.R., Sweerky, N.A., Samara, G., Alghanim, M., Hussein,
A.S.I. and Qadoumi, B., 2021, December. General Countermeasures of
Anti-Forensics Categories. In 2021 Global Congress on Electrical
Engineering (GC-ElecEng) (pp. 5-10). IEEE.
[28] Samara, G., Rasmi, M., Sweerky, N.A., Al Daoud, E. and Salem, A.A.,
2021, December. Improving VANET's Performance by Incorporated
Fog-Cloud Layer (FCL). In 2021 22nd International Arab Conference
on Information Technology (ACIT) (pp. 1-5). IEEE.
[29] Afaneh, S., Zitar, R.A. and Al-Hamami, A., 2013. Virus detection
using clonal selection algorithm with genetic algorithm (VDC
algorithm). Applied Soft Computing, 13(1), pp.239-246.
[30] Tahaei, M. and Vaniea, K., 2019, June. A survey on developer-centred
security. In 2019 IEEE European Symposium on Security and Privacy
Workshops (EuroS&PW) (pp. 129-138). IEEE.
[31] Mohammad Abdallah, Mustafa Alrifaee, "A Heuristic Tool for
Measuring Software Quality Using Program Language Standards", The
International Arab Journal of Information Technology (IAJIT)
,Volume 19, Number 03, pp. 90 - 98, May 2022, doi:
10.34028/iajit/19/3/4 .