CMIT 321 Executive Proposal Project: Advance Research Security

Verified

Added on 2019/09/30

AI Summary

This executive proposal, submitted for CMIT 321, addresses the cyber security challenges faced by Advance Research Corporation, specifically focusing on Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. The proposal introduces KFSensor, a Windows-based honeypot Intrusion Detection System (IDS), as a solution to mitigate these threats. The document details the functionality of KFSensor as a decoy server, diverting attacks from critical systems and providing enhanced information compared to traditional security measures like NIDS and firewalls. The proposal highlights the ease of installation, user-friendly interface, and cost-effectiveness of KFSensor, emphasizing its ability to detect and respond to various attacks. The author provides a practical application of the product and its advantages, concluding that by implementing KFSensor, the organization can significantly reduce the impact of DoS and DDoS attacks, safeguarding its operations and reputation. The proposal includes references to relevant sources supporting the product's effectiveness.

Executive Proposal Project
CMIT 321

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Executive Proposal Project
Introduction
Advance Research Corporation as a medical research and development company has been very
successful in innovation pharmaceutical and medical products. In addition, Advance Research
Corporation’s business has been growing during the past few years. By expanding the network
the security of the network should be increased as well. Understanding vulnerabilities of the
network can help to realizing the level of the risks that an organization might face (Cohen, 2014).
The Purpose of Executive Proposal
The Advance Research Corporation has become a very successful company and because of that
it has been the major target for cyber-attacks. The company has been under several Denial of
Service (DOS) attacks during the 9 months. These attacks have impacted the Advance Research
ability to do its normal business and also these attacks have damaged company’s reputation.
There are different kinds of cyber-attacks that can put negative impact to any businesses such as
Advance Research.
Among those attacks Denial of Service (Dos) attacks and Distributed Denial of Service (DDoS)
attacks are becoming the most major attacks for the computer networks. The purpose of these
kinds of attacks is to make network resources and machines unreachable or unavailable to
authorized users. In the Denial of Service, attackers overload the target system resources by
flooding the system with non-legitimate traffic or service requests. The result might be slow
network performance or unavailability a target website. In Distributed Denial of Service attack,
attackers target a single system with using a group of compromised systems. Even though these

kinds of attacks last about one to two hours, in the second quarter of 2015, one Distributed
Denial of Service was recorded that lasted about 13 hours and 240 Gbps (Keane, 2015).
The Solution Overview
KFSensor is a great tool that Advance Research Corporation can take advantage of. This is a
Windows based honeypot Intrusion Detection Systems (IDS). Intrusion detection systems help to
detect any kind of violation of security policy like misuse or unauthorized access. Intrusion
detection system does that by gathering and analyzing information from network and computers.
KFSensor act as a honeypot. Honeypots are network connected computer software or even a
device that appears to be attractive and vulnerable and seems to have important information in it
but realistically only exist to be attack by attackers. Honey pats seem to be part of a network, but
in reality it is not part of the network. It is isolated and monitored.
KFSensor by acting as a decoy server diverts attacks from important systems and provide higher
level of information that can be attained by using NIDS and Firewalls alone.
According to the KFSensor vendor website, Keyfocus.net, during the 12 years of production use,
KFSensor has been regularly update, improved and it is fully supported. KFSensor prevent itself
from being overloaded and it detects and responds to Denial of Service attacks, individual
service attacks and port scans.
I did a research on this product to obtain some more information and review on KFSensor. Roger
.A Grimes has written a greater article, KFSensor: Sweet Windows honeypot, in the
InfoWorld.com. In his article he mentioned, for almost a decade, KFSensor has been the top
class honeypot. Since 2003, KFSensor has been updated and maintained by its creator Tom
Wright (Grimes, 2010).

Even I tried this product using iLabs. In this lab I searched for an open port on the target system.
Then using the lab I performed Denial of Service attack on the target system. Later I used
KFSensor to detect the attack and examine the packets that were logged by this tool. KFS is a
great tool for detecting and examining Denial of service attacks. Working with this tool is very
easy and it has great interface.
KFSensor Professional Edition cost $599 per license. This is good for single standalone
honeypot. The KFSensor Enterprise Edition costs more but it is good for multiple honeypot
installation for entire Advance Research Corporation network. Since installation and
implementation of this product is not complicated and it has very easy to use interface, the cost
for the installation and training is not significant. There is no special hardware required in order
to install and use KFSensor.
Since honeypots seem to be part of a network, but in reality they are not part of the
organization’s network and because honeypots are isolated, installation and implementation of
KFSensor wouldn’t impact the production environment of Advance Research Corporation.
Summary
The Impact of Denial of Service (DoS) and Distributed Denial of Service (DDoS) on the
Advance research organization can be significant. They can disrupt Advance Research
Corporation’s normal operation and also they can damage company’s reputation. There are
different tools that can be used to overcome these kinds of attacks. KFSensor is the most suitable
tool that Advance Research Corporation can use. It acts as a honeypot and diverts attacks from
important systems of the organization. Installation of this product is easy and does not required
special hardware. In addition it has very user friendly interface and working with this tool is

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

easy. It is time to action. By purchasing this product we can reduce the impact of Denial of
Service (DoS) and Distributed Denial of Service attacks.

References
Cohen, G. (2014, January 30). Best practices for network security management. Retrieved
February 25, 2016, from http://www.networkworld.com/article/2173927/tech-primers/best-
practices-for-network-security-management.html
Grimes, R. A. (2010, November 17). KFSensor: Sweet Windows honeypot. Retrieved February
25, 2016, from http://www.infoworld.com/article/2622920/intrusion-detection/kfsensor--sweet-
windows-honeypot.html
Keane, J. (2015, August 19). DDoS attacks hit record numbers in Q2 2015. Retrieved February
25, 2016, from http://www.digitaltrends.com/computing/ddos-attacks-hit-record-numbers-in-q2-
2015/
KFSensor. (n.d.). Retrieved February 25, 2016, from http://www.keyfocus.net/kfsensor/