Summary
Signature weapon refers to dealing with software terrorizations leveled in a computer, such as Trojan, viruses, malware, and worms. In cybersecurity, signature-based detection is used to identify malware and to protect a computer from attacks such as crypto-jacking (Bastian, 2021). The procedure involves an antivirus with a predefined source of motionless signs, such as fingerprints that represent recognized system intimidations (Ahmed, 2019). All computer programs, apps, software, data, and files use a digital path when saving and accessing (Cartwright & Cartwright, 2019). Coding ensures that each approach or signature is unique to the particular stuff to avoid hacking. This allows antivirus software to scan a computer for tracks of recognized malware (Al Mashhadani et al., 2019). The database is used by antivirus software in signature-based detection to look for paths resembling footprints of identified malware during the scanning.
When protective systems look for a course and notice an imminent threat, the path is termed malware and is deleted or isolated. Signature-based detection has been used for so long because of its effectiveness in identifying malware on devices and computers (Jethva et al., 2020). Since malware is software and contains a path, the footprint is added to a database on recognition of a new risk. Therefore, antivirus software using this database quickly finds malicious activity in devices being scanned (Alsoghyer & Almomani, 2019). Signature-based detection is highly used in many antivirus products globally to avert malware attacks.
Smaller Banking Organizations-Bigger Risk
Community banks are more affected by software activities than bigger ones due to cyberattacks and damage from data openings. Smaller banks lack resources to ensure cybersecurity, employ professionals, or conduct all-day security operations midpoints, unlike large financial institutions leading to higher attacks (Gogolin et al., 2021). An attack on a small bank can quickly spread to others. This is because monetary institutes are digitally linked making companies that are interacting through the web. These include retailers, suppliers, software sellers, and other organizations that handle clients’ financial data (Berdyugin & Revenkov, 2019). According to Newgard, third-party tech providers that give amenities to many banks get unprotected cyberattacks (Al Moneef & Prasad Samontaray, 2019). Smaller banks rely on minority essential mainframes leading to less protection against cybercrimes. According to the cybersecurity firm Trend Micro report, ransomware attacks on the banking industry increased by 1318% in mid-2021 compared to 2020 (Kahveci & Wolfs, 2018). Law on data protection should generally cover all the units handling purchaser monetarist information, credit evaluation agencies, and vendors.
Minor banks have become the primary targets in recent years because low technological advancement, thus, lack of adequate experience to fight malware makes them easy targets for fraudsters. Unlike big banks capable of hiring and maintaining staff talented in cybersecurity issues, minority-led institutions and credit mergers get most cyberattacks because they lack all of the above (Alkhaldi, 2018). Moreover, community banks fail to invest in cybersecurity to protect sensitive clients’ information because of the limited funding (Cohen & Hendler, 2018). Small banks should make more efforts to purchase security software for fewer attacks to maintain customers and strengthen the clients’ confidence. Communal banks should be submissive to principles governing fights with ransomware for future success and keeping clients.
Ransomware Attacks in 2019, 2020, 2021 & 2022 with Facts and Figures
The ransomware attack has become a significant threat to many institutions worldwide with increasing cyber-attacks annually. In the year 2019, in the United States, 744 administrations in the health department, 122 government institutions, and 1,228 universities and schools closed due to ransomware attacks (Alaba, 2021). Even though the cyberattacks increased in 2019, the cases decreased in 2020 and even further in 2021. Despite the reduction in server vulnerability in 2019, server exploits remain a common ransomware attack path and are rising daily. Data and information seepage threat rose from 10% in 2020 to 77% in 2021 (August et al., 2019). In the year 2021, the education and trade sectors were the main targets, whereby both were affected at 44% (Nyikes & Szűcs, 2019). Statistics on the software show that the supply and transportation sector has more minor attacks with 25% (Dragan et al., 2019). In the modern world, companies are attacked by malware in seconds.
In 2019, a new company could be affected after 14 seconds, but the rate lowered to 11 seconds in 2021. Statistics indicate that 37% of businesses got affected by ransomware in 2021 (Yadav, 2022). In mid-2021, cybercrime increased by 102% compared to 2020, and the number of organizations involved has doubled since 2020 to date. In 2021, 54 % of the malware attacks could not be prevented, but at the same time, 39% failed (Kassab, 2019). In early January 2022, 27% of public schools and health sectors in the U.S.A were attacked by malware (Yadav, 2022). As a result of attackers’ execution of more personalized attacks, ransomware attacks will increase 2022 by at least 30% (Szücs et al., 2021). Ransomware attacks on businesses worldwide continue to vary as years go by.
Ransomware Forecasts for 2023 and Beyond with Facts and Figures
Ransomware will continue evolving globally since it was not realized recently and probably will not stop soon. By 2025, predictions show that governments will have rules around ransomware with 30% growth (Cardillo, 2020). According to cybersecurity projects, the worldwide healthcare cybersecurity market will increase by 15% yearly. By 2030, 7.5 billion people will be connected to the internet and interacting with data (Fuloria, 2022). Cisco says that, by 2023, networked devices will exceed people, while in the next 15 years, there will be 1 trillion interacted devices fixed in the world (Joseph & Mukesh, 2018). As per cybersecurity schemes, by 2025, 340 billion programs will be secured and 200 zettabytes of data stored. Many CEOS claim that cybersecurity will be the greatest threat to business growth by 2024 by up to 10% (Yadav, 2022). Women will give 30 percent of the universal cybersecurity work power by 2025, which will reach 35 percent by 2031 (Balasubramanian, 2021). With ransomware prices anticipated to increase globally by 16% per year over the next three years, the prices will reach USD 10.7 trillion annually by 2027, rising from USD 3 trillion in 2013.
According to an estimate by Bloomberg Law, digital advertising fraud is on the rise. The industry loses $51 million in a day due to trailer swindles, but by 2023, the number will shoot to $100 billion yearly (Usharani et al., 2021). According to cybersecurity endeavors, victims of ransomware will cost $265 billion (USD) annually by 2031, according to cybersecurity endeavors (Yadav, 2022). In addition, as criminals continue improving malware payloads and other related activities, the amount paid relies on a 30% yearly increase in damage for the next ten years.
National Security Agency (NSA)
The National Security Agency (NSA) is a defense organization tasked with safeguarding networks and data. It surveys, collects, and processes data and information for home and abroad aptitude and counterintelligence purposes. The NSA is in charge of securing the United States’ telecommunications networks and information systems (Swanson & Vogel, 2017). Before delivering servers, network hardware, and routers to businesses embattled for spying, the CIA intercepts them and installs hidden graft firmware. NSA is active in hacking computers, cellphones, and networks in monitoring every activity to safeguard people’ safety (Birchall, 2019). NSA transfers phone discussions acquired from ground, aerial, as well as satellite observing positions to intelligence bodies, resulting in disruption of dialogue among residents in the country as well as other nations (Smoot, 2017). This enables the organization to trace people’s travels and associations.
The National Security Agency Network (NSAN), an extremely secure network with fiber-optic as well as satellite networks, provides NSA staff with admission to the organization’s systems and databases (Nolte, 2019). The admission is strictly regulated and checked, for instance, keystrokes are registered, actions are checked at random, and transferring and printing network files are documented. NSA uses cottonmouth, a device implanted in the computer, to launch remote access to the target computer. Upon inserting the device, NSA can transmit instructions and information between hardware as well as software embedded with the help of a network bridge (Lovis, 2019). The agency monitors email data, website locations from internet examinations, bank transactions, credit-card activities, traveling accounts, and phone records (Brand, 2019). The person sending, the one receiving, and the email’s subject could be incorporated, but the content within the message or phone data is omitted.
Cybersecurity & Infrastructure Security Agency (CISA) & its Government Partners
CISA is accountable for defending the critical infrastructure of a nation from physical and cyber pressures. The task needs teamwork between various government and private area administrations (Kim, 2019). CISA is always allocated a bigger budget for fighting ransomware yearly. It is a unit for managing, modifying cyber, and security threats on infrastructure, protecting federal civilian executive branch networks from ransomware, and safeguarding emergency communications. CISA uses a set of organizing establishments to work with central, state, local, tribal, national, private sector, and worldwide associates to monitor information sharing and partnerships, and to discuss and solve complex risks. CISA applies knowledge to deliver global services to shareholders and help secure the state’s cyber, physical, and communications serious infrastructure from active threat situations. The National Cybersecurity Protection System (NCPS) (Olexander & Tamara, 2019) is a combination of systems that delivers proficiencies, including imposition detection, intrusion prevention, and information sharing abilities that facilitate the protection of the National Government’s information technology infrastructure from cyber threats allocated $407million for facilitation.
CISA uses funds allocated by the federal government to provide resources needed to build on actions to defend and protect State systems and critical infrastructure. The efforts include support to agencies in mitigating serious vulnerabilities discovered through cyber hygiene scanning. Others comprise high-value asset assessments provided by CISA and deploying, updating, and maintaining agency schemes to raise the discernibility of networks and improve the ability to manage risks (Busquim e Silva et al., 2021). CISA has conducted training and security assessments for critical infrastructure owners and workers to boost the operator’s flexibility to threats, providing procedural and programmatic care to alternative respondents to guarantee the reliable communication. Modernized programs from NCPS will improve CISA’s ability to detect, respond and mitigate threats.
The Victim
Banking and finance are mainly targeted because of the multiple data storage of customers. Hackers code programs that access the bank accounts of Banks’ clients and access the accounts leading to money withdrawals (Zheng et al., 2019). The government institutions are victims of cybercrime whereby the attackers use programs to hack governmental information and spread frauds on false information for conning citizens. Health sectors are affected by ransomware such that records of patients, either in-patient or out-patient, are accessed by the invaders, hence interfering with the data and information.
This leads to a total loss of data kept by the organizations. In businesses, ransomware is on high target because muggers access information stored by the enterprise owners in computers through hacking passwords leading to the theft of resources or cash (Baicu, 2019). Although ransomware targets massive institutions, organizations, or businesses, no industry is safe from the malware, and people should beware of measures taken to avoid such attacks. Despite schools being targeted by cybercrime, higher education institutions are in increased demand due to the possession of massive data. Assailants access such data leading to increased cases of theft.
The manufacturing industry is a very great danger of ransomware. Drudges use coded programs to access products manufactured by a company and create scams for the business by duplicating the stuff. Information Technology is on board by the malware in the modern world (Ghosh, 2019). Although ways are being developed on how to cybercrime worldwide, hackers are coming up with ways of developing more powerful software than computer programs. Such software can be used to attack operating systems and obtain passwords that can be used to access data and information stored by the IT experts.
The Ransom
Ransom refers to a certain amount paid by organizations or businesses to cyber assailants due to cyber-attacks for the return of stolen data. The money differs according to the size of the companies. After a victim pays the ransom and gets files back, the cost to recover remains greater than not paying. In 2020, the average recovery cost from attacks for organizations that paid the ransom was $1,450,000 compared to a $732,000 recovery fee for companies that did not pay the payoff. Ransom raised over $220,298 in 2021 compared to the previous years (McLean et al., 2019). Small businesses do not spend more on ransom payments because such traders pay $5,900. In 2020, hackers needed more pay, leading to an increase of 61 percent since the start of the year to $178,100 on average (Rughani, 2017). Ransom demand by hackers raised to a total of $220,298 in 2021. In 2018, the ransom pay increased 16 times to $84,050 by the end of the year from $6,000 in 2018 (Belova & Onischenko, 2019).When a successful attack was made on a computer manufacturing company Acer, the attackers demanded a ransom of $50 million, although nobody knows whether the amount was paid.
Cybersecurity study shows that only less than 1/3 of victims of the attacks pay the ransom. Whether the government should illegalize ransom payment is still being discussed. If organizations do not pay the cash, the economic driver behind attacks will never exist. Cybersecurity insurance strategies may instead cover ransom payments. Without victims paying the ransom, attackers will seek other approaches to make money through attacks.
The Hacker
A hacker is a person who illegally disrupts computer systems intending to install malware and destroy or steal data stored by other people. Hackers code programs and use the programs to attack other peoples’ information (Napetvaridze & Chochia, 2019). Drudges use millions of different programs to discover devices. A hacker infects a computer with viruses designed to cause duplicates and make computers smash, smearing all data on a storage device. Attackers code programs that create simple viruses and send the bugs to latent fatalities through the mail or websites with content that can be easily downloaded. Hackers gain backdoor access by encrypting programs that search for footprints that are not secured and use such pathways to steal information. (Nathan, 2020) A hacker creates cryptograms used to interrupt and read email messages from the victims. This, in return, leads to the attacker spreading junk using the victim’s mail.
With the use of Zombie computers, which are devices used to send junk, when a victim of cybercrime opens a code, the zombie computer is connected with the target’s computer allowing the hacker to manage the user’s machine and cause a crime. Some ciphers will enable a hacker to view all passwords of IT personnel. When installed on a user’s machine, the software keeps all passwords or keystrokes, allowing the hacker to interfere with the target’s device and steal every piece of information required (Legunsen et al., 2019). Hackers can use social engineering to convince people with access to targeted systems to click on malicious links, open files infected with malware, or disclose information, hence accessing confidential information.
The Encryption Key
The process of transforming data or information into a code is referred to as encryption. In a computer program, a code is a symbolic organization of data or instructions. Encryption seeks to prohibit reverse operations without the use of a key (Roy et al., 2019). Most malware instances include a unique note after the encoding stating that the only method to decrypt a person’s files is to transfer bitcoins to a top-secret site. Files encoded with the most current ransomware employed in the impacted attacks cannot be decrypted. As a result, the perpetrators want a large ransom.
To encrypt high-speed rate data, symmetric encryption algorithms such as AES can be employed. This encryption method will be utilized by the ransomware to encrypt user files with the AES algorithm and keep the keys required to encrypt each file on disk. Whenever the ransom is paid, the encoder will launch this document using the keys and begin translating. Ransomware employs hybrid encryption techniques that mix symmetric and asymmetric encoding (Berezutski & Palchik, 2019). The data are encrypted with asymmetric cryptography, which is quick and does not require an internet connection. Nonetheless, the executable of the malware includes the public key of a remote command and control server concealed on the dark web.
The public key is utilized to encrypt the cryptographic key using cryptography, such that fresh keys are created whenever a machine is infected. A lock file encrypts every 16 bytes of a file in order to avoid detection by ransomware prevention software. This new encryption method is the most intriguing since text documents may still be read in part. Client-side asymmetric encryption enables ransomware to build an RSA key pair, encrypt all files using the decryption key, and transfer the secret key to the server for safekeeping.
No Guarantee After Payment
Organizations or businesses should understand that paying ransom ransomware does not mean that all data will be returned. While some firms get some of the data back, most companies do not get any returns. The latest report from security firm Sophos argues that agreeing to ransom demands does not guarantee one to be returned the data entirely by the attackers. In most cases, businesses who agree to pay the amount for the return of data and information do not get it all because files may be corrupted, leading to data loss. Only 65% of the stolen data is likely to be recovered after paying a ransom (Kravets, 2019). Research from Sophos shows that 8% of ransomware victims manage to get all data back after paying a ransom and up to 29% get not more than half of their data back (Qamar et al., 2019). Although ransomware attacks have been steadily shrinking, ransom demands and the cost of remediation have grown with less trust in the percentage of data to be recovered by hackers.
The numbers suggest attackers are not casting a vast network but targeting specific firms to expect higher payments. Organizations at an increased risk of attacks should come up with ways to secure data and information, which will lead to the low payment of ransom because there is no guarantee of total recovery from the drugs. Most firms opt not to give the payoff to the aggressors. Although the number of businesses experiencing cyber-attack fell from 51% in 2020 to 37% in 2021, the percentage is expected to continue decreasing. However, the chances of organizations having data recovered fully by the attackers is minimal.
Prevention Models
Organizations should install the latest system updates and ensure automatic installation to avoid data attacks. Saving work or information often on hard drives or clouds is significant. Businesses should ensure that crucial information such as passwords is backed up regularly and kept in main applications such as online banking is mandatory (Rathore et al., 2022). People should use digital tools with caution, whereby behavior can be identified on computers and tablets when individuals pay attention to messages that appear on screens and check spelling mistakes hence checking and realizing the status of the devices.
Organizations should develop policies and safeguards surrounding computing behavior both within and outside the workplace. The guidelines should address devices that employees can use for accessing corporate resources, websites allowed to visit, and the files allowed to be downloaded. Individuals should back up important data regularly and, if possible, store it in another location. Organizations should educate employees on popular hacking techniques like phishing and ransomware and be able to develop policies on how to deal with such attacks (Pratama, 2020). Individuals should use strong passwords when accessing data and information to avoid easy guessing from attackers and avoid using the same passwords on websites like email, Facebook, and many more. Installing current antivirus software and accepting updates is essential. Businesses should ensure that data is stored in ample space to avoid hackers quickly noticing the storage area. Organizations should beware of unofficial app stores or downloads of executable programs to get the software without licenses because such apps contain malware (Kara & Aydos, 2022). Organizations should apply required security updates to operating systems, applications, and software, preventing hackers from exploiting known vulnerabilities to launch attacks.
References
Ahmed, M. (2019). Ransomware: The evolution of a cybercrime. International Journal of Psychosocial Rehabilitation, 23(4), 1228-1237. Web.
Alaba, F. (2021). Ransomware attacks on remote learning systems in the 21st century: A survey. Biomedical Journal of Scientific &Amp; Technical Research, 35(1). Web.
Alkhaldi, K. (2018). Knowledge engineering approach for controlling phishing attacks in E-banking. SSRN Electronic Journal. Web.
Al Mashhadani, A., Kaiiali, M., Sezer, S., & O’Kane, P. (2019). A multi-classifier network-based crypto ransomware detection system: A case study of locky ransomware. IEEE Access, 7, 47053-47067. Web.
Almoneef, A., & Prasad Samontaray, D. (2019). Corporate governance and firm performance in the Saudi banking industry. Banks and Bank Systems, 14(1), 147-158. Web.
Alsoghyer, S., & Almomani, I. (2019). Ransomware detection system for android applications. Electronics, 8(8), 868. Web.
August, T., Dao, D., & Niculescu, M. (2019). Economics of ransomware attacks. SSRN Electronic Journal. Web.
Baicu, C. (2019). Regular banking system versus shadow banking system. A comparative assessment of evidence from Romania. Journal of Economic Development, Environment and People, 8(4), 24-41. Web.
Bastian, A. (2021). Improving antivirus signature for detection ransomware attacks with machine learning. Smart Comp: Jurnalnya Orang Pintar Komputer, 10(1), 30-34. Web.
Balasubramanian, A. (2021). Insurance against ransomware. SSRN Electronic Journal. Web.
Belova, A., & Onischenko, V. (2019). Methods of safety domestic security. Cybersecurity: Education, Science, Technique, 2(6), 134-141. Web.
Berdyugin, A., & Revenkov, P. (2019). Approaches to measuring the risk of cyberattacks in remote banking services of Russia. Bezopasnost Informacionih Tehnologija, 26(4), 83-92. Web.
Berezutski, Y., & Palchyk, M. (2019). Some aspects of cybersecurity protection provided for critical infrastructure objects: Experience that can be implemented in Ukraine. Information Security of the Person, Society and State, (27), 49-56. Web.
Birchall, C. (2019). On the NSA (new security aesthetics). New Formations, 98(98), 171-173. Web.
Brand, M. (2019). Mind games: Cognitive bias, US intelligence and the 1968 Soviet invasion of Czechoslovakia. Intelligence and National Security, 34(5), 743-757. Web.
Busquim e Silva, R., Piqueira, J., Cruz, J., & Marques, R. (2021). Cybersecurity assessment framework for digital interface between safety and security at nuclear power plants. International Journal of Critical Infrastructure Protection, 34, 100453. Web.
Cardillo, A. (2020). Ransomware. Berliner Anwaltsblatt, (11).
Cartwright, A., & Cartwright, E. (2019). Ransomware and reputation. Games, 10(2), 26.
Cohen, Y., & Hendler, D. (2018). Scalable detection of server-side polymorphic malware. Knowledge-Based Systems, 156, 113-128. Web.
Fuloria, S. (2022). Cybersecurity and ransomware. Academia Letters.
Dragan, V., Belov, Y., & Grishunov, S. (2019). Analysis of cyber attacks on banking systems. Issues of Radio Electronics, (11), 46-49. Web.
Ghosh, J. (2019). The Blockchain: Opportunities for research in information systems and information technology. Journal of Global Information Technology Management, 22(4), 235-242. Web.
Gogolin, F., Lim, I., & Vallascas, F. (2021). Cyberattacks on small banks and the impact on local banking markets. SSRN Electronic Journal. Web.
Kim, H. (2019). A study on the cybersecurity and infrastructure security agency act in the United States. Korea Criminal Intelligence Review, 5(1), 13-39. Web.
Kravets, V. (2019). Comparative analysis of the cybersecurity indices and their applications. Theoretical and Applied Cybersecurity, 1(1). Web.
Jethva, B., Traoré, I., Ghaleb, A., Ganame, K., & Ahmed, S. (2020). Multilayer ransomware detection using grouped registry key operations, file entropy and file signature monitoring. Journal of Computer Security, 28(3), 337-373.
Joseph, L., & Mukesh, R. (2018). Detection of malware attacks on virtual machines for a self-heal approach in cloud computing using VM snapshots. Journal of Communications Software and Systems, 14(3), 249-257.
Kahveci, E., & Wolfs, B. (2018). Digital banking impact on Turkish deposit banks performance. Banks and Bank Systems, 13(3), 48-57. Web.
Kara, I., & Aydos, M. (2022). The rise of ransomware: Forensic analysis for windows based ransomware attacks. Expert Systems with Applications, 190, 116198. Web.
Kassab, H. (2019). The role of cyber-attacks in 21st century war. Revista De Estudos E Pesquisas Avançadas Do Terceiro Setor, 2(2), 90. Web.
Legunsen, O., Al Awar, N., Xu, X., Hassan, W., Roşu, G., & Marinov, D. (2019). How effective are existing Java API specifications for finding bugs during runtime verification?. Automated Software Engineering, 26(4), 795-837. Web.
Lovis, C. (2019). Big Data, artificial intelligence and “Us”. Bioethica Forum. Web.
McLean, C., Ransom, J., & Galaznik, A. (2019). PCN432 evaluation of missing data imputation strategies in clinical trial and emr data using standardized data models. Value in Health, 22, S520. Web.
Napetvaridze, V., & Chochia, A. (2019). Cybersecurity in the making – Policy and law: A case study of Georgia. International and Comparative Law Review, 19(2), 155-180.
Nathan, M. (2020). Credential stuffing: New tools and stolen data drive continued attacks. Computer Fraud &Amp; Security, 2020(12), 18-19.
Nolte, W. (2019). US intelligence and its future: aligning with a new and complex environment. Intelligence and National Security, 34(4), 615-618. Web.
Nyikes, Z., & Szűcs, E. (2019). Prevention of ransomware attacks by increasing security awareness. Műszaki Tudományos Közlemények, 11(1), 149-152. Web.
Olexander, B., & Tamara, L. (2019). Security of data transfer to the internet of things. Cybersecurity: Education, Science, Technique, 2(6), 6-18. Web.
Pratama, Y. (2020). Making of digital forensic readiness index (DiFRI) models to malware attacks. Cyber Security Dan Forensik Digital, 3(2), 1-5. Web.
Qamar, A., Karim, A., & Chang, V. (2019). Mobile malware attacks: Review, taxonomy & future directions. Future Generation Computer Systems, 97, 887-909. Web.
Rathore, H., Sasan, A., Sahay, S., & Sewak, M. (2022). Defending malware detection models against evasion based adversarial attacks. SSRN Electronic Journal.
Rughani, P. (2017). Data recovery from ransomware affected android phones using forensic tools. International Journal of Computer Sciences and Engineering, 5(8), 67-70.
Roy, Y., Mazur, N., & Riabchun, O. (2019). Strategy of determination of the hypothetical direction of increasing the risk of inflammation of the infrastructure safety. Cybersecurity: Education, Science, Technique, (3), 97-103. Web.
Smoot, B. (2017). National security agency releases army security agency histories covering 1945–1963. Cryptologia, 41(5), 476-478. Web.
Swanson, M., & Vogel, K. (2017). Big data, intelligence, and analyst privacy: Investigating information dissemination at an NSA-funded research lab. Intelligence and National Security, 33(3), 357-375. Web.
Szücs, V., Arányi, G., & Dávid, Á. (2021). Introduction of the ARDS—Anti-ransomware defense system model—Based on the systematic review of worldwide ransomware attacks. Applied Sciences, 11(13), 6070. Web.
Usharani, S., Manju Bala, P., & Martina Jose Mary, M. (2021). Dynamic analysis on crypto-ransomware by using machine learning: GandCrab ransomware. Journal of Physics: Conference Series, 1717(1), 012024. Web.
Yadav, S. (2022). A Survey on ransomware malware and ransomware detection techniques. International Journal for Research in Applied Science and Engineering Technology, 10(1), 243-248.
Zheng, W., Feng, C., Yu, T., Yang, X., & Wu, X. (2019). Towards understanding bugs in an open source cloud management stack an empirical study of OpenStack software bugs. Journal of Systems and Software, 151, 210-223.