UH Project Report Critique: Cyber Attack Prevention System
VerifiedAdded on 2023/06/03
|10
|2286
|296
Report
AI Summary
This report critiques a project focused on developing a cyber attack prevention system, specifically a honeynet. It evaluates the project's description, problem-solving approach, and initial solutions, highlighting challenges encountered during experimentation, such as the lack of dedicated lab resources and difficulties in creating a true DMZ. The critique also assesses the project's consideration of legal, social, ethical, and professional issues related to cybersecurity. It further identifies gaps in the study, such as the implementation of high and low interaction honeypots using Java. Desklib provides access to this and other student-contributed assignments.
Running head: PROJECT REPORT ON CYBER ATTACK PREVENTION SYSTEM
PROJECT REPORT ON CYBER ATTACK PREVENTION SYSTEM
Name of the student:
Name of the university:
Author note:
PROJECT REPORT ON CYBER ATTACK PREVENTION SYSTEM
Name of the student:
Name of the university:
Author note:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1PROJECT REPORT ON CYBER ATTACK PREVENTION SYSTEM
Executive summary:
In today’s world cybercrime is one of the most dangerous issues that the organizations
are facing and need to be immediately addressed. In the recent past there have many reported
cases wherein hackers have taken control over the organizational systems, have stolen important
data, and breached the privacy of the systems. They have conducted tax frauds and other illegal
activities after stealing the important data such as financial tax sheets and other documents.
In this report the different aspects associated with the designing of a security system and
their associated factors such as legal, ethical and other factors will be discussed. By the end of
this report, the reader will have a clear understanding of these aspects and have an in depth
understanding about the security measures that can be taken within the organizations.
Executive summary:
In today’s world cybercrime is one of the most dangerous issues that the organizations
are facing and need to be immediately addressed. In the recent past there have many reported
cases wherein hackers have taken control over the organizational systems, have stolen important
data, and breached the privacy of the systems. They have conducted tax frauds and other illegal
activities after stealing the important data such as financial tax sheets and other documents.
In this report the different aspects associated with the designing of a security system and
their associated factors such as legal, ethical and other factors will be discussed. By the end of
this report, the reader will have a clear understanding of these aspects and have an in depth
understanding about the security measures that can be taken within the organizations.
2PROJECT REPORT ON CYBER ATTACK PREVENTION SYSTEM
Table of Contents
Introduction:....................................................................................................................................3
Project description and initial solutions:..........................................................................................3
Problem evaluation and opinion on the proposed solution approach:.........................................4
Project Evaluation:...........................................................................................................................5
Legal issues:.................................................................................................................................5
1. Code of Conduct:...........................................................................................................5
2. Extra-legal, minor:.........................................................................................................6
3. Extra-legal, major:.........................................................................................................6
Social issues:................................................................................................................................6
1. Social websites:.............................................................................................................6
2. Social engineering:........................................................................................................6
Ethical issues:..............................................................................................................................6
1. Ethical hackers:.............................................................................................................6
2. Ethical behavior of the employees:...............................................................................6
Professional issues:......................................................................................................................7
1. Trust and integrity:........................................................................................................7
2. Employee vandalism as well as favoritism:..................................................................7
Conclusions:....................................................................................................................................7
References:......................................................................................................................................9
Table of Contents
Introduction:....................................................................................................................................3
Project description and initial solutions:..........................................................................................3
Problem evaluation and opinion on the proposed solution approach:.........................................4
Project Evaluation:...........................................................................................................................5
Legal issues:.................................................................................................................................5
1. Code of Conduct:...........................................................................................................5
2. Extra-legal, minor:.........................................................................................................6
3. Extra-legal, major:.........................................................................................................6
Social issues:................................................................................................................................6
1. Social websites:.............................................................................................................6
2. Social engineering:........................................................................................................6
Ethical issues:..............................................................................................................................6
1. Ethical hackers:.............................................................................................................6
2. Ethical behavior of the employees:...............................................................................6
Professional issues:......................................................................................................................7
1. Trust and integrity:........................................................................................................7
2. Employee vandalism as well as favoritism:..................................................................7
Conclusions:....................................................................................................................................7
References:......................................................................................................................................9
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3PROJECT REPORT ON CYBER ATTACK PREVENTION SYSTEM
Introduction:
Cybercrime is one of the major issues, which is being faced by most of the companies in
today’s world. There are different forms of cybercrime that are prevalent within the
organizations such as data theft and privacy breach of the most sensitive and confidential data of
the organizations. The hackers can get into the organizations workstations including the servers
as well as computers of the employees and steal important data to use it for their interests. In
addition, there are issues where in the hackers can claim huge amounts of money from the
companies once they maliciously infect the systems with ransom ware.
This report will study a security system that has the ability to secure the information
networks within any organizations and protect them from any kinds of cyber-attacks. The
different aspects such as the description of the project aims and the solutions will be studied
further in this report. Other aspects such as legal, professional, ethical and social issues of the
security system including the different techniques of testing and implementing them will be
discussed in the following paragraphs. By the end of the report, the reader will have a complete
understanding of the complex problem solving techniques that are needed to develop a security
program for preventing organizational cyber-attacks.
Project description and initial solutions:
The project will make use of a research methodology in order to conduct a research so
that the back ground of the project is clear and the researcher has a clear idea about what cyber
security is and how the enterprise cybercrimes a recommitted by the hackers. A proper
methodology will also be selected in order to properly conduct the research and the security
Introduction:
Cybercrime is one of the major issues, which is being faced by most of the companies in
today’s world. There are different forms of cybercrime that are prevalent within the
organizations such as data theft and privacy breach of the most sensitive and confidential data of
the organizations. The hackers can get into the organizations workstations including the servers
as well as computers of the employees and steal important data to use it for their interests. In
addition, there are issues where in the hackers can claim huge amounts of money from the
companies once they maliciously infect the systems with ransom ware.
This report will study a security system that has the ability to secure the information
networks within any organizations and protect them from any kinds of cyber-attacks. The
different aspects such as the description of the project aims and the solutions will be studied
further in this report. Other aspects such as legal, professional, ethical and social issues of the
security system including the different techniques of testing and implementing them will be
discussed in the following paragraphs. By the end of the report, the reader will have a complete
understanding of the complex problem solving techniques that are needed to develop a security
program for preventing organizational cyber-attacks.
Project description and initial solutions:
The project will make use of a research methodology in order to conduct a research so
that the back ground of the project is clear and the researcher has a clear idea about what cyber
security is and how the enterprise cybercrimes a recommitted by the hackers. A proper
methodology will also be selected in order to properly conduct the research and the security
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4PROJECT REPORT ON CYBER ATTACK PREVENTION SYSTEM
systems will be tested before a final roll out to ensure its successful incorporation within
organizations (Moore 2014). Experimentation will also be carried out to explain the different
data collection as well as the systems outputs experimentation techniques, necessary for
developing the security program.
In the initial phase, a logging system was developed which was used to review the logs as
well as the packets captured or an analysis of the gathered data using big data. This would
initially help the organizations to understand the hacking techniques used by the hackers. In
addition, the different vulnerabilities that are possible to be a threat for any organizations were
chosen in order to classify them according to their severity (Raiyn 2014). The initial plan was to
differentiate the honeypots and the home network by using another router, which would have
separated the broadcast domain, after which a VPNbridge would be used to connect router with
the VPS provider, which would also make use of Microsoft Azure (Griffin 2013).
Problem evaluation and opinion on the proposed solution approach:
Problem solving was a troublesome task, since there are no dedicated laboratories in the
university where the honeypot experiments could be carried out, for which home equipment has
had to be used. This caused a challenge since the web servers as well as the honeypots had to be
exposed to the vulnerable internet and the hackers could have easily attacked the home networks.
True DMZ is also not offered by the home networks, which gain was a challenge. This turns off
the firewall thereby reducing network security even more. The initial plan to use a VPNbridge to
connect the VPS provider and the router did not work as efficiently as Microsoft azure since two
virtual NICs could not be assigned to virtual machines, when the report was being written
(Kolthof 2015).
systems will be tested before a final roll out to ensure its successful incorporation within
organizations (Moore 2014). Experimentation will also be carried out to explain the different
data collection as well as the systems outputs experimentation techniques, necessary for
developing the security program.
In the initial phase, a logging system was developed which was used to review the logs as
well as the packets captured or an analysis of the gathered data using big data. This would
initially help the organizations to understand the hacking techniques used by the hackers. In
addition, the different vulnerabilities that are possible to be a threat for any organizations were
chosen in order to classify them according to their severity (Raiyn 2014). The initial plan was to
differentiate the honeypots and the home network by using another router, which would have
separated the broadcast domain, after which a VPNbridge would be used to connect router with
the VPS provider, which would also make use of Microsoft Azure (Griffin 2013).
Problem evaluation and opinion on the proposed solution approach:
Problem solving was a troublesome task, since there are no dedicated laboratories in the
university where the honeypot experiments could be carried out, for which home equipment has
had to be used. This caused a challenge since the web servers as well as the honeypots had to be
exposed to the vulnerable internet and the hackers could have easily attacked the home networks.
True DMZ is also not offered by the home networks, which gain was a challenge. This turns off
the firewall thereby reducing network security even more. The initial plan to use a VPNbridge to
connect the VPS provider and the router did not work as efficiently as Microsoft azure since two
virtual NICs could not be assigned to virtual machines, when the report was being written
(Kolthof 2015).
5PROJECT REPORT ON CYBER ATTACK PREVENTION SYSTEM
Another issue is that the hackers used large chunks of IP addresses and automated tools
were used to try different sets of usernames as well as passwords for vulnerable servers.
Project Evaluation:
In the security system, analysis it had been identified that a DMZ is not offered which
exposed he home network to the vulnerable attacks by the hackers over the internet. The initial
plan was to use a VPNbridge to differential the VPS provider and the router but it did not work
out as Azure since parallel NIC’s could not be assigned to virtual machines which in turn could
not act as routers. The webserver as well as the honeypots had to exposed to the externally
available home network IP address, which was the last available option. This too did not work
since the complete home network topology was changed by doing so, which was not a feasible
option. However, this allowed this allowed a proper separation between the honeypots, home
network as well as the webserver by using a proper DMZ. Proving of the honeypots effectiveness
was not met by this experiment, since honeypot is incorporated alongside the different
webservers, with an intention to capture the information of the attackers and not to divert the
attacks from the web servers. This experiment has not been of much help since the attackers
were already scanning the internet protocol addresses, despite the fact that the public internet
protocol addresses were not being broadcasted. They did not have an attached domain, yet the
hackers were able to scan the IP addresses (Rice 2013).
There are different legal, social, professional and ethical issues that are associated to the
security system that has to be kept in mind by the developers at the time of developing and
incorporating the security program. These are explained below as:
Legal issues:
These are the ethical and legal constraints of a threat agent; some options are:
Another issue is that the hackers used large chunks of IP addresses and automated tools
were used to try different sets of usernames as well as passwords for vulnerable servers.
Project Evaluation:
In the security system, analysis it had been identified that a DMZ is not offered which
exposed he home network to the vulnerable attacks by the hackers over the internet. The initial
plan was to use a VPNbridge to differential the VPS provider and the router but it did not work
out as Azure since parallel NIC’s could not be assigned to virtual machines which in turn could
not act as routers. The webserver as well as the honeypots had to exposed to the externally
available home network IP address, which was the last available option. This too did not work
since the complete home network topology was changed by doing so, which was not a feasible
option. However, this allowed this allowed a proper separation between the honeypots, home
network as well as the webserver by using a proper DMZ. Proving of the honeypots effectiveness
was not met by this experiment, since honeypot is incorporated alongside the different
webservers, with an intention to capture the information of the attackers and not to divert the
attacks from the web servers. This experiment has not been of much help since the attackers
were already scanning the internet protocol addresses, despite the fact that the public internet
protocol addresses were not being broadcasted. They did not have an attached domain, yet the
hackers were able to scan the IP addresses (Rice 2013).
There are different legal, social, professional and ethical issues that are associated to the
security system that has to be kept in mind by the developers at the time of developing and
incorporating the security program. These are explained below as:
Legal issues:
These are the ethical and legal constraints of a threat agent; some options are:
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6PROJECT REPORT ON CYBER ATTACK PREVENTION SYSTEM
1. Code of Conduct: Legal and optional obligations are set out by the different
organizations, which are followed by the different threat agents (Mason 2017).
2. Extra-legal, minor:
This may break laws by minor rather non-violent means (Freato 2015).
3. Extra-legal, major:
These factors can cause heavy fines for the organizations and have no respect for the
rules and laws set by the government for the organizations.
Social issues:
1. Social websites:
Hackers can steal and manipulate data from openly available social networking sites like
Facebook and LinkedIn to hack confidential organizational data.
2. Social engineering:
The hackers send emails to the mailboxes of the different users that has links to phishing
websites.
Ethical issues:
1. Ethical hackers:
These ‘white hat hackers’ are hired to improve the organizational security, by penetrating
into system and then finding and testing bugs and discover the security vulnerabilities
that exist in the systems. They are ethically correct since they use the same techniques
used by the black hat hackers but only to improve the security of the organization. They
have the organizations consent in doing so and are highly paid for the same (Bolman and
Deal 2017).
1. Code of Conduct: Legal and optional obligations are set out by the different
organizations, which are followed by the different threat agents (Mason 2017).
2. Extra-legal, minor:
This may break laws by minor rather non-violent means (Freato 2015).
3. Extra-legal, major:
These factors can cause heavy fines for the organizations and have no respect for the
rules and laws set by the government for the organizations.
Social issues:
1. Social websites:
Hackers can steal and manipulate data from openly available social networking sites like
Facebook and LinkedIn to hack confidential organizational data.
2. Social engineering:
The hackers send emails to the mailboxes of the different users that has links to phishing
websites.
Ethical issues:
1. Ethical hackers:
These ‘white hat hackers’ are hired to improve the organizational security, by penetrating
into system and then finding and testing bugs and discover the security vulnerabilities
that exist in the systems. They are ethically correct since they use the same techniques
used by the black hat hackers but only to improve the security of the organization. They
have the organizations consent in doing so and are highly paid for the same (Bolman and
Deal 2017).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7PROJECT REPORT ON CYBER ATTACK PREVENTION SYSTEM
2. Ethical behavior of the employees:
The employees need to be ethically correct every day in their workplace and need to be
honest whenever they take any business decisions and treat the employees within/outside
the organization.
Professional issues:
1. Trust and integrity:
Employees should be trustworthy and they should hold up their integrity in every day of
their work life and should take all business decisions with due respect and honesty
towards the organization as well as other employees.
2. Employee vandalism as well as favoritism:
Employees should be treated equally and there should be no acts of purposeful data theft
or data corruption among the employees, within the organizations for their own personal
interests (Nakajima et al. 2014).
Conclusions:
It can be concluded that in order to ensure optimum organizational security there are
different aspects such as professional, ethical, legal as well as social aspects that have to be
considered by the system administrators. The different aspects have been clearly explained in the
above paragraphs regarding these aspects and how the employees need to behave in the
workplaces keeping in mind the legal and ethical rules and regulations set by the human resource
departments of the organizations.
There are certain gaps that are present in the study I regards to the security measures that
can be taken in the organizations. High interaction and low interaction honeypot implementation
using the Java language has not been properly defined in the study which otherwise could have
2. Ethical behavior of the employees:
The employees need to be ethically correct every day in their workplace and need to be
honest whenever they take any business decisions and treat the employees within/outside
the organization.
Professional issues:
1. Trust and integrity:
Employees should be trustworthy and they should hold up their integrity in every day of
their work life and should take all business decisions with due respect and honesty
towards the organization as well as other employees.
2. Employee vandalism as well as favoritism:
Employees should be treated equally and there should be no acts of purposeful data theft
or data corruption among the employees, within the organizations for their own personal
interests (Nakajima et al. 2014).
Conclusions:
It can be concluded that in order to ensure optimum organizational security there are
different aspects such as professional, ethical, legal as well as social aspects that have to be
considered by the system administrators. The different aspects have been clearly explained in the
above paragraphs regarding these aspects and how the employees need to behave in the
workplaces keeping in mind the legal and ethical rules and regulations set by the human resource
departments of the organizations.
There are certain gaps that are present in the study I regards to the security measures that
can be taken in the organizations. High interaction and low interaction honeypot implementation
using the Java language has not been properly defined in the study which otherwise could have
8PROJECT REPORT ON CYBER ATTACK PREVENTION SYSTEM
immensely benefitted the developer. This could in turn make the security program even ore well
defined and easy to implement within the organizations. The different kinds of hackers has also
been explained in the study which are mainly the Script kiddie, virus writer, white hat hackers,
grey hat hackers as well as the black hat hackers. They are different kinds of hackers and some
of them perform ethical hacking. It has been clearly explained how the hackers exactly think, in
order to counter attack the viruses designed by them.
Future aspects such as dynamic relationships of data objects and their structures of model
have to be studied in details in the future. The organizational goals should be properly set and
prioritized and their deliverables should be well defined. A complete risk assessment should be
done and the different cost factors to be properly studied by the team of experts for any future
projects within the organization (Yar 2013). The plans should also be explained to the
stakeholders.
immensely benefitted the developer. This could in turn make the security program even ore well
defined and easy to implement within the organizations. The different kinds of hackers has also
been explained in the study which are mainly the Script kiddie, virus writer, white hat hackers,
grey hat hackers as well as the black hat hackers. They are different kinds of hackers and some
of them perform ethical hacking. It has been clearly explained how the hackers exactly think, in
order to counter attack the viruses designed by them.
Future aspects such as dynamic relationships of data objects and their structures of model
have to be studied in details in the future. The organizational goals should be properly set and
prioritized and their deliverables should be well defined. A complete risk assessment should be
done and the different cost factors to be properly studied by the team of experts for any future
projects within the organization (Yar 2013). The plans should also be explained to the
stakeholders.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9PROJECT REPORT ON CYBER ATTACK PREVENTION SYSTEM
References:
Bolman, L.G. and Deal, T.E., 2017. Reframing organizations: Artistry, choice, and leadership.
John Wiley & Sons.
Freato, R., 2015. Microsoft Azure Security. Packt Publishing Ltd.
Griffin, R.W., 2013. Fundamentals of management. Cengage Learning.
Kolthof, D., 2015. Crime in the cloud: An analysis of the use of cloud services for cybercrime.
In Student Conference on IT, Enschede, The Netherlands.
Mason, R.O., 2017. Four ethical issues of the information age. In Computer Ethics (pp. 41-48).
Routledge.
Moore, R., 2014. Cybercrime: Investigating high-technology computer crime. Routledge.
Nakajima, Y., Hibi, T., Takahashi, H., Masutani, H., Shimano, K. and Fukui, M., 2014. Scalable
high-performance elastic software OpenFlow switch in userspace for wide-area network. Proc.
Open Networking Summit (ONS 2014), Santa Clara, CA.
Raiyn, J., 2014. A survey of cyber attack detection strategies. International Journal of Security
and Its Applications, 8(1), pp.247-256.
Rice, A.K., 2013. Productivity and social organization: The Ahmedabad experiment: Technical
innovation, work organization and management.
Yar, M., 2013. Cybercrime and society. Sage.
References:
Bolman, L.G. and Deal, T.E., 2017. Reframing organizations: Artistry, choice, and leadership.
John Wiley & Sons.
Freato, R., 2015. Microsoft Azure Security. Packt Publishing Ltd.
Griffin, R.W., 2013. Fundamentals of management. Cengage Learning.
Kolthof, D., 2015. Crime in the cloud: An analysis of the use of cloud services for cybercrime.
In Student Conference on IT, Enschede, The Netherlands.
Mason, R.O., 2017. Four ethical issues of the information age. In Computer Ethics (pp. 41-48).
Routledge.
Moore, R., 2014. Cybercrime: Investigating high-technology computer crime. Routledge.
Nakajima, Y., Hibi, T., Takahashi, H., Masutani, H., Shimano, K. and Fukui, M., 2014. Scalable
high-performance elastic software OpenFlow switch in userspace for wide-area network. Proc.
Open Networking Summit (ONS 2014), Santa Clara, CA.
Raiyn, J., 2014. A survey of cyber attack detection strategies. International Journal of Security
and Its Applications, 8(1), pp.247-256.
Rice, A.K., 2013. Productivity and social organization: The Ahmedabad experiment: Technical
innovation, work organization and management.
Yar, M., 2013. Cybercrime and society. Sage.
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.