Secure Software Development Best Practices
Secure Software Development Best Practices
Secure Software Development Best Practices
256
Research Paper
Journal Homepage: www.ojs.ijemd.com
ISSN (print): 2791-0164 ISSN (online): 2957-5036
Abstract
This research aims to explore optimal strategies for fortified software, enhancing the implementation of secure software
development practices. Software security involves crafting and designing software that guarantees the integrity, confidentiality,
and availability of its code, data, and functionalities. Often, in prioritizing functionality, security takes a back seat when
organizations embark on system development. Yet, it's imperative to embed security at every phase of the Software
Development Life Cycle (SDLC). Numerous methodologies and models exist for addressing software security, but only a few
substantiate creating secure software applications effectively. Despite advancements, software security remains inadequately
addressed, posing a challenge to integrating security protocols into the SDLC seamlessly. This review advocates specific
security measures to be integrated at each SDLC level, fostering a secure SDLC. Efficient amalgamation of these processes
ensures the delivery of secure software systems with minimized resource expenditure. Additionally, it highlights hurdles
encountered in employing agile development methodologies for crafting secure software. These challenges stem from assessing
agile ideals, principles, and security assurance procedures. These findings underscore the urgency for research facilitating safe
software development, addressing barriers inhibiting its adoption. The paper serves as a valuable reference, shedding light on
the significance of establishing secure software development processes.
Keywords: SDLC; Secure Software Development; Secure Software Development Life Cycle; Software Security.
1. Introduction
Secure software is one of the most crucial aspects in any software development or service and the protection
the IT infrastructures[1], it is the stepping stone for a quality product or service and may save considerably
a significant amount of funds in the long run when developing a software product or service [2][3]. To
elaborate, software development security is similarly important as compared to the functionalities of a
software. Software security ensures that the CIA (Confidentiality, Integrity, Availability) of data and
services are not compromised. Security is a crucial aspect that necessitates careful consideration right from
the inception of the software development process. Bugs and faults identified in the early stages of
development are more easily and cost-effectively addressed in comparison to those discovered at later
Hence, the integration of security measures throughout the whole Software Development Life Cycle
(SDLC) is necessary in order to provide secure conventional practices, security is commonly regarded as a
secondary concern that is addressed by developing patches for any vulnerabilities discovered during project
testing or post-deployment [4] . Briefly, software security may be defined as the protection of software
applications from unauthorized access, use, or destruction. Often compared to cybersecurity, software
security techniques are applied during software development unlike cybersecurity which focuses on
protecting internet-based systems. In focus, the goal of software development security is to ensure that the
application is secured and remains functional under a malicious attack [5]. Utilizing a safe software product
in an actual setting allows the system's overall susceptibility to be decreased. It would make sense to
determine the best way to incorporate security practices such as secure code into the traditional SDLC [6].
In this section we provide a detailed introduction to the current secure software development trends which
includes the development process and the tools/strategies used.
The core principles of software security describe factors such as methods, frameworks, and strategies
implemented to defend a software against attacks by reducing vulnerabilities that attackers may exploit on
[7]. There are methods that developers use as guidelines when developing a secured software which is
known as the Software Development Life Cycle (SDLC). In detail, the SDLC method includes phases which
are planning, requirement gathering and analysis, designing, coding, testing, deployment, and maintenance.
b. V-shaped model
The following SDLC model is the V-shaped model, which is also known as the verification and validation
model. Whereby, development and testing phases are executed in parallel. Additionally, V-model and
Waterfall model are similar except that the test planning and testing start an early stage in V-model [11]. It
can be categorized into two groups which are the verification phase and validation phase. Table 1.1 shows
the description of each stage in the verification and validation phase.
4 International Journal of Emerging Multidisciplinaries
Verification Validation
Stage Description Stage Description
Requirement Required information is Unit testing Performed on individual
analysis gathered and analysed. components.
Detects early defection.
Managed in low-level
design phase.
System Architecture, components, Integration Executed the design phase
design design are created and testing (high level)
documented. Testing activities is done on
integrated modules.
High-level The design of each System Performed during the
design respective modules and its testing system design phase.
integrated functionality Entire system functionality
between them. is tested.
Low-level Design and architecture of Acceptance Related to the requirement
design each component. testing analysis phase.
Coding Code development Performed in the customer’s
environment.
c. Agile Method
Agile SDLC is a prominent development approach that focuses on process flexibility and customer
satisfaction by delivering a functioning software product to the customers quickly. This enables the
customers to understand how the software works after it has been completed and to provide any
requirements or suggestions for modifying the application, even when it is still in the late development
stage. The Agile SDLC process flow is divided into five stages: concept, inception, iteration, release, and
production. During the concept phase, the project is brainstormed and prioritised. After careful study, the
process moves on to inception, during which teams are created, the fundamental environment is negotiated,
and a budget is produced. During iteration, the team of developers works extensively to consistently provide
functional products to customers and make modifications based on their requests and feedback. The release
phase follows, during which quality assurance testing is undertaken to obtain the final version iteration of
the product. Finally, the production phase is the period in which the system is operated and maintained.
Agile SDLC is favourable in terms of flexibility since the entire project is divided into tiny iterations that
may make changes often. As a result, development risk is reduced, and customer satisfaction is ensured
because they may provide ongoing input to the software [13].
2. Literature Review
In this section, numerous primary study sources were reviewed and analysed in relation to the current secure
software issues and challenges. This section provides an in-depth analysis of multiple research articles to
conclude and identify outcomes of their respective research papers to obtain an understanding on the
challenges and issues faced when developing a secured software These study sources are utilized to gain
an understanding of the existing research while challenging their arguments and debates to challenges faced
in developing a secured software and its best practices.
Secure Software Development 5
Based on the paper published by Zulfikar Ahmed Maher et. al., it was found that security measurements
were not consistently addressed in the initial design phase of the software development. Hence, resulting in
an abundance of software systems with penetrable security defences [22]. The research revolved around
studying the factors that influenced the developer’s intention to adopt such secure software development
practices. The methods practiced for their research was based on qualitative research methodology where
interviews were conducted to gain an understanding from professionals working at Malaysian software
development organizations. The findings from their interviewees and report resulted in several challenges.
Whereby, the first obstacle to implementing and practicing secure software development, is the lack of
vision and clear directions supplied by the senior management, with a low focus on the security principles
required in designing systems. Another important concern raised was the absence of security project
implementation. As with the implementation of the agile technique, this research noted the issue of short
deadlines because of a lack of attention on security measures [23].
It is noted from literature review, that authors have similar yet slightly different views on the issues and
challenges faced when developing a secure software. The four main issues derived and concluded are firstly,
Rafiq Ahmad Khan et. al found that software developments lack security measures in the early stages of
the SDLC process and post-SDLC process due to ignorance of developers. Secondly, the study by Hela
Queslati et. al proposed that the challenges faced were due to the inefficiency of the agile SDLC approach
of fast-shipping iterations which caused security measurements to be implemented without quality due to
time constraints as one of the main challenges. Thirdly, the study conducted by Simon Foley et. al found
that the issues faced when developing secure software were mainly due to the ignorance and centric
approach of developers which tend to increase security vulnerabilities in their software due to lack of
knowledge in other areas of security development. Finally, the study conducted by Zulfikar Ahmed Maher
et. al. suggested that the cause of issues in secure software development were due to the lack of vision and
clear directions by senior management and the time constraints to implement security requirements into a
software.
b) Design phase
Mostly found the software bugs and issues are present in the design phase of the SDLC process [24]. The
design process in the SDLC model is the foundation for developing a secure software system [25]. Hence,
by reducing risks in this phase, significant effort needed maybe reduced in the following phases. As shown
in Table 2.2, the top 5 most common security issues that arise in the design phase are listed with its
respective frequencies.
Table 2.2: Security risks in the design phase [6]
c) Development/Coding phase
Poor secure development or coding remains as one of the prominent challenges in the SDLC process. This
is because that it may be challenging to select a proper programming language and classification of modules
to be used. A more secure code being released is based on the inclusion of security protections in each
phase of the SDLC. Poor integration of authentication and authorization modules are due to the poor
implementation of authentication functions and access-control policies [26]. Further, authentication and
authorizations are crucial components of a basic secure software system. Threat modelling at Microsoft is
often based on the STRIDE model which account for Spoofing (S), Tampering (T), Repudiation (R),
Information disclosure (I), Denial-of-service (D), and Elevation of privilege (E) [27]. Some of the most
prevalent security vulnerabilities that impede the process of secure authorization and authentication include
tampering, spoofing, repudiation, information exposure, denial-of-services[28] [29], privilege elevation,
8 International Journal of Emerging Multidisciplinaries
and failure to restrict URL access or access control. Table 2.3 shows the top 10 security risks in the
development phase.
Table 2.3: Security risks in the development phase [6]
d) Deployment phase
A few of the challenging issues in the developing phase are designing authentication protocols, improper
configuration management, developing strong cryptosystems, building effective trust models and the
policies in the security [31]. According to Rafiq Ahmad Khan et. al, this phase reported the least of issues
compared to the other phases in the SDLC model. Hence, Table 2.5 shows some of the common software
security risks from the deployment phase.
Secure Software Development 9
e) Maintenance phase
A wide variety of possible vulnerabilities may be evaluated through vulnerability-oriented architectural
research which can provide a systematic and thorough approach. However, this approach was reported to
be time-consuming and costly, especially this can be an issue where software development iterations are
time constrained which makes fitting security activities challenging due to the time-consuming nature of it.
Some of the common problems that arise due to time pressure are the compromise of security integration
to accelerate the launching schedule, timing attacks, insufficient time for teams to adapt to the security
activities and tight deadlines which promotes pressure. Hence, Table 2.6 shows the reported issues
concerning security risks in the maintenance phase.
Table 2.6: Security risks in the maintenance phase [6]
Category Challenge
Challenges
SDLC Security activities are to be implemented for each development
iteration.
Limited iteration time which may not fit security activity time duration.
Incremental Security constraints are broken due to refactoring.
development
System security requirements may break due to frequent system or
software requirement changes.
Frequent code changes make completing the assurance activities
challenging.
4. Proposed Solutions
The proposed solution is based on using the agile approach from secured software development where it
has posed many challenges thus to give a proper solution for it, it would be much easier to follow the
methods. When developing using the software and using the agile method, it is much more different
approach to the overall process in reasons of how certain backlogs are being built. Although, it can help in
the development for a better purpose as well. With many complications being imposed by the criteria; it is
better to go for solutions so that it can overcome the future and current problems that can be faced. The first
part is by implementing a security-related policy where the policy acts as a secure rule or regulation that is
needed to be follow when conducting a development using the two approaches. With this being said, when
implementing this policy, it should be security-related assurance based as well as a policy that is a
benefactor to both developers and the process of it. When the policies are implemented, the best alternatives
are chosen as well as best methods used to gain and reduce certain unwanted issues. This would help in
cutting costs as well as lessen the workload when working on certain projects based on the approach. This
also will help in securing the data or any vital information that is being used. Next, empowering the
developers to make sure they are responsible for the security’s application. This is where the developers
are to be careful when developing applications or software using vital data. In cases of security breaches or
data stolen, the developers are to take accounted for the loss as well. This means when conducting such
development, the developers are in need of using the best practices of security to protect the data in the
process. This method is to be done when the developers can understand the ways and methods to protect
and make sure the data is well protected in the process. Thus, it would help in making the application more
secure as well, as the data within the application. Furthermore, the proposed solution is to make sure it is
more flexible in building a culture of security for the many applications that are being developed in the near
future. When implementing security, it becomes more secure, and more applications are better from the
users preceptive. This being said that security plays an important role in many applications especially in
this era that is full of technology-based products. With this, having security layer helps keeps the mind at
ease as well as knowing that the user's data is protected.
Following that, best practices can also be implemented during the different stages of the SDLC model
namely the requirement, designing, implementing, testing, deploying and maintenance phase. For a secure
requirement phase, the purpose is to provide a complete security by integrating basic security functions that
include confidentiality, integrity, and availability [19]. The next phase to be discussed is the designing
phase, which is one of the creative stages of the SDLC. Almost half of the software defects are identified
and detected during the design phase. Briefly, some of the common best practices in the design phase are
developing threat models, secure design documentations, understanding and following security design
principles, and lastly secure design review and verification [42-48]. For the implementation phase, 80
percent of system penetration is due to coding errors in commercial software [38] [56-60]. Best practices
for this phase incudes performing code reviews, provide security knowledge and training to software
developers, implement static code analysis and conduct source code assessment process [43] [49-55].
Briefly, the best practices that can be made for the testing, deploying, and maintenance phase are penetration
testing, static analysis, and threat database preparation respectively.
14 International Journal of Emerging Multidisciplinaries
5. Conclusion
This paper first introduces the three different types of SDLC models, then analyses the problems and
challenges, follows findings and results, and finally lists the proposed solutions. The three popular SDLC
models mainly used are Waterfall model, V-shaped model, and Agile SDLC model. Although these three
models have distinct differences in structure, strengths & weaknesses, and attention to focus, but they can
eventually achieve the same effect of helping developers minimize security vulnerabilities and protect their
software from attacks when developing software. The research showed the importance of SDLC for secure
softening development and the need of increasing the security activities in each SDLC phase to pursue a
better SDLC rule. The main challenge in developing secure software is about the developers themselves,
and the impact of the human factor on secure software development is very strong. The research
implications also shows that software security measurements are not implemented with the appropriate
level of attention at the initial stage today, and the occurrence and consequences of this phenomenon is
confirmed by interviewing some software developers in Malaysia. We conclude that the two main problems
faced in developing secure software are the lack of integration of security measures in the SDLC and the
poor integration of agile methods and techniques, which can easily lead to complications in secure software
development. The first problem is that not enough attention is paid to the security aspects of software
development and organizations cut security activities to save cost and time in favour of software
functionality. The second problem is that organizations want to release software faster / cheaper and meet
the needs of consumers, so they choose agile SDLC methods to develop their software and ignore most of
the security activities to achieve the above results. In order to avoid these situations happening, the solutions
we can offer are to ensure that the software development team follows the secure SDLC rules by issuing
relevant security development policies, and then making the relevant developers concerned responsible for
the various losses caused by security breaches, therefore forcing them to complete the entire security
measurement process.
References
[1] Muzafar, S. & Jhanjhi, N.Z. “Success Stories of ICT Implementation in Saudi Arabia,”
https://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/978-1-7998-1851-9.ch008, 151–
163, Jan. 1AD, doi: 10.4018/978-1-7998-1851-9.CH008 (2020).
[2] Humayun, M., Niazi, M., Jhanjhi, N., Alshayeb, M. & Mahmood, S. “Cyber Security Threats and
Vulnerabilities: A Systematic Mapping Study,” Arab. J. Sci. Eng., 45(4), 3171–3189, doi: 10.1007/s13369-
019-04319-2. (2020).
[3] Muzafar, S., Humayun, M. & Hussain, S.J. “Emerging Cybersecurity Threats in the Eye of E-
Governance in the Current Era,” https://services.igi-
global.com/resolvedoi/resolve.aspx?doi=10.4018/978-1-7998-9624-1.ch003, 43–60, Jan. 1AD, doi:
10.4018/978-1-7998-9624-1.CH003 (2022).
[4] M. Humayun, M. Niazi, N. Z. Jhanjhi, S. Mahmood, and M. Alshayeb, “Toward a readiness model
for secure software coding,” Softw. Pract. Exp., 53(4), 1013–1035, doi: 10.1002/SPE.3175 (2023).
[5] “What is software security and why is it important? | Contentful.”
Secure Software Development 15
ignorance,” ACM Int. Conf. Proceeding Ser., 46–56, doi: 10.1145/3171533.3171539 (2017).
[21] N. Cross, “Developments in design methodology,” 357, 1984.
[22] Shah, A. et al. “Challenges and limitations in secure software development adoption - A qualitative
analysis in Malaysian software industry prospect,” Indian J. Sci. Technol., 13(26), 2601–2608, doi:
10.17485/IJST/V13I26.848 (2020).
[23] Geer, D. “Are companies actually using secure development life cycles?,” Computer (Long.
Beach. Calif)., 43(6), 12–16, doi: 10.1109/MC.2010.159 (2010).
[24] Maheshwari, V. & Prasanna, M. “Integrating risk assessment and threat modeling within SDLC
process,” Proc. Int. Conf. Inven. Comput. Technol. ICICT 2016, 1, doi:
10.1109/INVENTIVE.2016.7823275 (2016).
[25] Khan, R.A., Khan, S.U., Khan, H.U. & Ilyas, M. “Systematic Mapping Study on Security
Approaches in Secure Software Engineering,” IEEE Access, 9, 19139–19160, doi:
10.1109/ACCESS.2021.3052311 (2021).
[26] Deepa, G. & Thilagam, P.S. “Securing web applications from injection and logic vulnerabilities:
Approaches and challenges,” Inf. Softw. Technol., 74, 160–180, doi: 10.1016/J.INFSOF.2016.02.005
(2016).
[27] Banowosari, L.Y. & Gifari, B.A. “System Analysis and Design Using Secure Software
Development Life Cycle Based On ISO 31000 and STRIDE. Case Study Mutiara Ban Workshop,” Proc.
2019 4th Int. Conf. Informatics Comput. ICIC 2019, doi: 10.1109/ICIC47613.2019.8985938 (2019).
[28] Muzafar, S., Jhanjhi, N.Z., Khan, N.A. & Ashfaq, F. “DDoS Attack Detection Approaches in on
Software Defined Network,” 14th Int. Conf. Math. Actuar. Sci. Comput. Sci. Stat. MACS 2022, doi:
10.1109/MACS56771.2022.10022653 (2022).
[29] Muzafar, S., & Jhanjhi, N. “DDoS Attacks on Software Defined Network: Challenges and Issues,”
2022 Int. Conf. Bus. Anal. Technol. Secur. ICBATS 2022, 2022-Janua, doi:
10.1109/ICBATS54253.2022.9780662 (2022).
[30] Khan, S.R., Rehman, I. & Malik, S.U.R. “The impact of test case reduction and prioritization on
software testing effectiveness,” 2009 Int. Conf. Emerg. Technol. ICET 2009, 416–421, doi:
10.1109/ICET.2009.5353136 (2009).
[31] Farhan, A.R.S. & Mostafa, G.M. “A Methodology for Enhancing Software Security during
Development Processes,” 21st Saudi Comput. Soc. Natl. Comput. Conf. NCC 2018, doi:
10.1109/NCG.2018.8593135 (2018).
[32] Winter, R.J. “Agile Software Development: Principles, Patterns, and Practices,” Perform. Improv.,
53(4), 43–46, doi: 10.1002/PFI.21408 (2014).
[33] Wäyrynen, J., Bodén, M. & Boström, G. “Security engineering and eXtreme Programming: An
impossible marriage?,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes
Bioinformatics), 3134, 117–128, doi: 10.1007/978-3-540-27777-4_12/COVER (2004).
[34] Bostrm, G., Vayrynen, J., Boden, M., Beznosov, K. & Kruchten, P. “Extending xp practices to
support security requirements engineering,” Proc. - Int. Conf. Softw. Eng., vol. 2006-May, 11–17, doi:
10.1145/1137627.1137631 (2006).
[35] Ge, X., Paige, R.F., Polack, F.A.C., Chivers, H. & Brooke, P.J. “Agile development of secure web
Secure Software Development 17
applications,” ICWE’06 Sixth Int. Conf. Web Eng., 305–312, doi: 10.1145/1145581.1145641 (2006).
[36] Mouratidis, H. & Giorgini, P. “Integrating security and software engineering: Advances and future
visions,” Integr. Secur. Softw. Eng. Adv. Futur. Visions, 1–288, doi: 10.4018/978-1-59904-147-6 (2006).
[37] Beznosov, K. & Kruchten, P. “Towards agile security assurance,” Proc. New Secur. Paradig.
Work., 47–54, doi: 10.1145/1065907.1066034 (2005).
[38] Hoeren, T. & Pinelli, S. “Agile programming – Introduction and current legal challenges,”
Comput. Law Secur. Rev., 34(5), 1131–1138, doi: 10.1016/J.CLSR.2018.04.004 (2018).
[39] “Agile Security Issues: A Research Study General.”
https://www.researchgate.net/publication/267832772_Agile_Security_Issues_A_Research_Study_Genera
l (accessed Oct. 05, 2023).
[40] Khan, R. “Secure software development: a prescriptive framework,” Comput. Fraud Secur.,
2011(8), 12–20, doi: 10.1016/S1361-3723(11)70083-5 (2011).
[41] Thorpe, R. & Holt, R. “The SAGE Dictionary of Qualitative Management Research,” SAGE Dict.
Qual. Manag. Res., doi: 10.4135/9780857020109 (2008).
[42] Khan, R.A., Khan, S.U., Khan, H.U. & Ilyas, M. “Systematic Literature Review on Security Risks
and its Practices in Secure Software Development,” IEEE Access, 10, 5456–5481, doi:
10.1109/ACCESS.2022.3140181 (2022).
[43] Afzal, W., Torkar, R. & Feldt, R. “A systematic review of search-based testing for non-functional
system properties,” Inf. Softw. Technol., 51(6), 957–976, doi: 10.1016/J.INFSOF.2008.12.005 (2009).
[44] Elijah, A.V., Abdullah, A., JhanJhi, N.Z., Supramaniam, M. & Balogun A.O., “Ensemble and Deep-
Learning Methods for Two-Class and Multi-Attack Anomaly Intrusion Detection: An Empirical Study”
International Journal of Advanced Computer Science and Applications(IJACSA),
10(9). http://dx.doi.org/10.14569/IJACSA.2019.0100969 (2019).
[45] Sennan, S. et al. Energy efficient optimal parent selection based routing protocol for Internet of
Things using firefly optimization algorithm. Transactions on Emerging Telecommunications
Technologies, 32(8), e4171 (2021).
[46] Gaur, L. et al. Disposition of youth in predicting sustainable development goals using the neuro-
fuzzy and random forest algorithms. Human-Centric Computing and Information Sciences, 11, NA (2021).
[47] Nanglia, S., Ahmad, M., Khan, F.A.W. & Jhanjhi, N.Z. "An enhanced Predictive heterogeneous
ensemble model for breast cancer prediction." Biomedical Signal Processing and Control 72, 103279
(2022).
[48] Gaur, L. et al. Capitalizing on big data and revolutionary 5G technology: Extracting and visualizing
ratings and reviews of global chain hotels. Computers and Electrical Engineering, 95, 107374 (2021).
[49] Kumar, T., Pandey, B., Mussavi, S.H.A. & Zaman, N. "CTHS based energy efficient thermal aware
image ALU design on FPGA." Wireless Personal Communications 85, 671-696 (2015).
[50] Gouda, W., Sama, N. U., Al-Waakid, G., Humayun, M., & Jhanjhi, N. Z. (2022, June). Detection of
skin cancer based on skin lesion images using deep learning. In Healthcare 10(7), 1183, MDPI (2022).
[51] Lim, M., Abdullah, A., & Jhanjhi, N. Z. Performance optimization of criminal network hidden link
18 International Journal of Emerging Multidisciplinaries
prediction model with deep reinforcement learning. Journal of King Saud University-Computer and
Information Sciences, 33(10), 1202-1210 (2021).
[52] Hussain, K., Hussain, S. J., Jhanjhi, N. Z., & Humayun, M. SYN flood attack detection based on
bayes estimator (SFADBE) for MANET. In 2019 International Conference on Computer and Information
Sciences (ICCIS) 1-4. IEEE (2019).
[53] Hussain, I. et al. Health monitoring system using internet of things (iot) sensing for elderly people.
In 2022 14th International Conference on Mathematics, Actuarial Science, Computer Science and Statistics
(MACS) 1-5. IEEE (2022).
[54] Zahra, F. et al. Rank and wormhole attack detection model for RPL-based internet of things using
machine learning. Sensors, 22(18), 6765 (2022).
[55] Humayun, M. et al. Software-as-a-service security challenges and best practices: A multivocal
literature review. Applied Sciences, 12(8), 3953 (2022).
[56] Humayun, M., Jhanjhi, N. Z., & Almotilag, A. Real-time security health and privacy monitoring for
Saudi highways using cutting-edge technologies. Applied Sciences, 12(4), 2177 (2022).
[57] Alotaibi, A. F. A comprehensive survey on security threats and countermeasures of cloud computing
environment. Turkish Journal of Computer and Mathematics Education (TURCOMAT), 12(9), 1978-1990
(2021).
[58] Kumar, K., Verma, S., Jhanjhi, N. Z., & Talib, M. N. A Survey of The Design and Security
Mechanisms of The Wireless Networks and Mobile Ad-Hoc Networks. In IOP Conference Series:
Materials Science and Engineering 993(1), 012063. IOP Publishing (2020).
[59] Sangkaran, T., Abdullah, A., & JhanJhi, N. Z. Criminal network community detection using graphical
analytic methods: A survey. EAI Endorsed Transactions on Energy Web, 7(26), e5-e5 (2020).
[60] Almusaylim, A. Z., Jhanjhi, N.Z, & Alhumam, A. Detection and mitigation of RPL rank and version
number attacks in the internet of things: SRPL-RP. Sensors, 20(21), 5997 (2020).