ISY3006: University of Queensland Security Policy Report Analysis
VerifiedAdded on 2023/03/20
|9
|2800
|85
Report
AI Summary
This report provides a comprehensive analysis of the University of Queensland's (UQ) security policy, focusing on various aspects of information security. It begins with an executive summary and introduction outlining UQ's commitment to ICT security and the scope of the policy. The report defines key terms and then details the core policy components, including access control measures, protection against malicious software, software licensing guidelines, and data integrity protocols. It further addresses disaster recovery and business continuity planning, change management procedures, authority for monitoring activity, and physical security considerations. The report also covers network security, detailing common threats such as Mac flooding, session hijacking, IP spoofing, denial-of-service attacks, and internal/external intrusions, along with corresponding countermeasures. The policy aims to ensure the confidentiality, integrity, and availability of information, managing risks associated with ICT systems. The report concludes with references to relevant sources.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
University of Queensland
Security Policy and Network Security Policy
[DATE]
[Company name]
[Company address]
Security Policy and Network Security Policy
[DATE]
[Company name]
[Company address]
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Contents
Executive Summary....................................................................................................................................................... 2
Introduction.................................................................................................................................................................. 2
Intent........................................................................................................................................................................... 2
Relevant definitions....................................................................................................................................................... 2
POLICY....................................................................................................................................................................... 3
Access Control.......................................................................................................................................................... 3
Protection against malicious software........................................................................................................................... 4
Software licenses....................................................................................................................................................... 4
Data Integrity............................................................................................................................................................ 4
Disaster Recovery and Business Continuity Planning.....................................................................................................4
Change Management.................................................................................................................................................. 5
Authority for Monitoring Activity................................................................................................................................... 5
Physical Security........................................................................................................................................................... 5
Periodic Management Review......................................................................................................................................... 6
Policy Violation............................................................................................................................................................ 7
References.................................................................................................................................................................... 7
Executive Summary....................................................................................................................................................... 2
Introduction.................................................................................................................................................................. 2
Intent........................................................................................................................................................................... 2
Relevant definitions....................................................................................................................................................... 2
POLICY....................................................................................................................................................................... 3
Access Control.......................................................................................................................................................... 3
Protection against malicious software........................................................................................................................... 4
Software licenses....................................................................................................................................................... 4
Data Integrity............................................................................................................................................................ 4
Disaster Recovery and Business Continuity Planning.....................................................................................................4
Change Management.................................................................................................................................................. 5
Authority for Monitoring Activity................................................................................................................................... 5
Physical Security........................................................................................................................................................... 5
Periodic Management Review......................................................................................................................................... 6
Policy Violation............................................................................................................................................................ 7
References.................................................................................................................................................................... 7
Executive Summary
Any organization’s security is as good as it’s weakest link. Some of the organization end up spending millions on
security programs, consultants and invest in expensive hardware, yet they end up with lot of unwanted breaches and
incidents. A major cause for these is how the organization enforces their security plan so as to keep everything in
sync and tight. The backbone of any such security plan is the security policy. This paper talks about the security
policy with respect to University of Queensland, Australia. The paper will present a brief security policy with all the
essential components such as access control plan, definitions, change management process, physical and network
security and so on. With this, the university will be able to implement a tight security as well as have a program to
deal with any unwarranted breaches.
Introduction
University of Queensland is committed in ensuring that there is an appropriate use of ICT or Information
Communication Technology as well as services in the support of administrative, teaching, service and research
functions. The university acknowledges that there is an obligation to ensure security for all ICT data, processes,
hardware and equipment and to that effect, every member associated with the university has the obligation at varying
levels (Cyber Security Policy Catalog, 2012). The security policy contained herein is required by all users to comply
with it and are also bound by the law to observe any relevant statutory legislation.
Intent
This security policy is applicable for individuals and groups including:
● University associates
● Staff members
● All clients and suppliers
● All students
● All equipment and hardware owned by the university.
● All information assets
Relevant definitions
1. Availability
Availability means the ability of information systems used in the university to be useable and accessible when
required. They should be able to resist unwarranted attacks and recover from disasters.
2. Confidentiality
It mean the concept of protecting critical and sensitive information and to be able to disclose it to anybody
who does not have the absolute right or need to know (Olsina et all., 2014).
3. Governance
Governance documents means a document which has been formally approved that outlines all kinds of non-
discretionary principles as well as intents so as to guide the university practice.
Any organization’s security is as good as it’s weakest link. Some of the organization end up spending millions on
security programs, consultants and invest in expensive hardware, yet they end up with lot of unwanted breaches and
incidents. A major cause for these is how the organization enforces their security plan so as to keep everything in
sync and tight. The backbone of any such security plan is the security policy. This paper talks about the security
policy with respect to University of Queensland, Australia. The paper will present a brief security policy with all the
essential components such as access control plan, definitions, change management process, physical and network
security and so on. With this, the university will be able to implement a tight security as well as have a program to
deal with any unwarranted breaches.
Introduction
University of Queensland is committed in ensuring that there is an appropriate use of ICT or Information
Communication Technology as well as services in the support of administrative, teaching, service and research
functions. The university acknowledges that there is an obligation to ensure security for all ICT data, processes,
hardware and equipment and to that effect, every member associated with the university has the obligation at varying
levels (Cyber Security Policy Catalog, 2012). The security policy contained herein is required by all users to comply
with it and are also bound by the law to observe any relevant statutory legislation.
Intent
This security policy is applicable for individuals and groups including:
● University associates
● Staff members
● All clients and suppliers
● All students
● All equipment and hardware owned by the university.
● All information assets
Relevant definitions
1. Availability
Availability means the ability of information systems used in the university to be useable and accessible when
required. They should be able to resist unwarranted attacks and recover from disasters.
2. Confidentiality
It mean the concept of protecting critical and sensitive information and to be able to disclose it to anybody
who does not have the absolute right or need to know (Olsina et all., 2014).
3. Governance
Governance documents means a document which has been formally approved that outlines all kinds of non-
discretionary principles as well as intents so as to guide the university practice.
4. ICT
ICT means the information as well as communication technologies owned or leased by the university.
5. ITMS
It means the university’s technology as well as management support.
6. ICT System
ICT system means a set of software and hardware that is used in combination to access, process and / or store
information.
POLICY
The policy is intended to preserve ICT and ICT based systems to ensure confidentiality, integrity and availability of
information. It is also concerned with the risk management aspect and ensuring that are enough internal controls
implemented. The university is committed in ensuring that there is an appropriate use of ICT or Information
Communication Technology as well as ICT is aptly protected and maintained, and also best security procedures are
in place.
The risks associated with the ICT and ICT systems in the university concern with the following sets of losses:
● Information Confidentiality - The privacy aspect of corporate or personal information
● Data Integrity - Ensuring the data is accurate and complete. There is no accidental corruption related to data
and there is protection in place.
● System Availability: That the ICT systems are readily available and can recover from disaster and damages.
● Appropriate use: Ensuring the ICT based resources in the university are used for the purposes for which they
were meant to.
The potential causes for these losses are deemed as ‘threats. These threats could be of non-human such as accidental
or natural causes or human.
The ICT security policy is relevant for the following areas of security
● Security of the computer system - Peripherals, applications, operating systems, processors among others
● Physical security - Physical facilities that store ICT equipment and information
● Operational security - Power equipment, environmental control among others
● Procedural Security - Vendor staff, management people, staff as well as students
● Communications security - Communication hardware and services
Access Control
● All individuals who access ICT and ICT based system will be identified by a unique ID.
● Individuals will be allowed to access ICT on basis of user-level and privileges.
● Unauthorized users would be barred from accessing the system.
● All user-based activity will be logged.
● Authorized users would need to:
○ Beware of his or her rights and authorities.
ICT means the information as well as communication technologies owned or leased by the university.
5. ITMS
It means the university’s technology as well as management support.
6. ICT System
ICT system means a set of software and hardware that is used in combination to access, process and / or store
information.
POLICY
The policy is intended to preserve ICT and ICT based systems to ensure confidentiality, integrity and availability of
information. It is also concerned with the risk management aspect and ensuring that are enough internal controls
implemented. The university is committed in ensuring that there is an appropriate use of ICT or Information
Communication Technology as well as ICT is aptly protected and maintained, and also best security procedures are
in place.
The risks associated with the ICT and ICT systems in the university concern with the following sets of losses:
● Information Confidentiality - The privacy aspect of corporate or personal information
● Data Integrity - Ensuring the data is accurate and complete. There is no accidental corruption related to data
and there is protection in place.
● System Availability: That the ICT systems are readily available and can recover from disaster and damages.
● Appropriate use: Ensuring the ICT based resources in the university are used for the purposes for which they
were meant to.
The potential causes for these losses are deemed as ‘threats. These threats could be of non-human such as accidental
or natural causes or human.
The ICT security policy is relevant for the following areas of security
● Security of the computer system - Peripherals, applications, operating systems, processors among others
● Physical security - Physical facilities that store ICT equipment and information
● Operational security - Power equipment, environmental control among others
● Procedural Security - Vendor staff, management people, staff as well as students
● Communications security - Communication hardware and services
Access Control
● All individuals who access ICT and ICT based system will be identified by a unique ID.
● Individuals will be allowed to access ICT on basis of user-level and privileges.
● Unauthorized users would be barred from accessing the system.
● All user-based activity will be logged.
● Authorized users would need to:
○ Beware of his or her rights and authorities.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
○ Should not share his or her credentials with anybody else.
○ Actively terminate the session and remove his or privileges as soon as there is no longer any need
Protection against malicious software
● ITMS would be responsible for distribution and configuration of Antivirus throughout the facilities of
University.
● Users with non-standard based systems should be responsible for Antivirus commissioning on their own.
● All data and attachments need to be validated before being connected.
● Systems that have been infected must be isolated as soon as they are infected.
Software licenses
The university as well as individuals would be responsible with the Commonwealth Copyright Act (ALLEN, 1982)
before acquiring a license for software or hardware.
Acquiring a copyrighted software without the authorization of the copyright owner would be considered a breach of
the Act.
ITMS would be responsible for centrally managing the licenses.
Email
Spam is considered to be a serious issue at the university. Contents of a spam mail should not be downloaded as it
may result in the hosts being infected (Chipman, 2016). The university mail servers should not be abused such that
mailing servers IP address are blacklisted and hence become the source of spam (Pu, 2019)
ITMS will be monitoring all emails to validate and prevent any spams or malicious content being sent or received.
The reason for this is:
a) A virus or trojan may be sent via spam and as the hosts start to become infected, they become part of a
something known as Botnet which is controlled centrally from elsewhere in the world (Xiang et al., 2013).
b) University credentials being obtained via phishing attack would use university mail servers to send large
volume of spam.
Data Integrity
ITMS would be responsible for all valuable, sensitive or critical information in the university's storage system. Data
being maintained in the host is the responsibility of the system owner. A regular backup would be scheduled wherein
individual servers, data sets as well as computer systems will be backed up to backup mediums as well as off-site
locations (Nelson, 2011).
Disaster Recovery and Business Continuity Planning
The ITMS will incorporate various measures in place to cope up with disaster and to ensure that the university can
recover from any localized or globalized service disruption.
All data managed centrally will be mirrored or to the disaster recovery location of the university and in the event of
any unwarranted disaster, the recovery process can kick in and restore the system back to it’s working state (Watters,
2013).
○ Actively terminate the session and remove his or privileges as soon as there is no longer any need
Protection against malicious software
● ITMS would be responsible for distribution and configuration of Antivirus throughout the facilities of
University.
● Users with non-standard based systems should be responsible for Antivirus commissioning on their own.
● All data and attachments need to be validated before being connected.
● Systems that have been infected must be isolated as soon as they are infected.
Software licenses
The university as well as individuals would be responsible with the Commonwealth Copyright Act (ALLEN, 1982)
before acquiring a license for software or hardware.
Acquiring a copyrighted software without the authorization of the copyright owner would be considered a breach of
the Act.
ITMS would be responsible for centrally managing the licenses.
Spam is considered to be a serious issue at the university. Contents of a spam mail should not be downloaded as it
may result in the hosts being infected (Chipman, 2016). The university mail servers should not be abused such that
mailing servers IP address are blacklisted and hence become the source of spam (Pu, 2019)
ITMS will be monitoring all emails to validate and prevent any spams or malicious content being sent or received.
The reason for this is:
a) A virus or trojan may be sent via spam and as the hosts start to become infected, they become part of a
something known as Botnet which is controlled centrally from elsewhere in the world (Xiang et al., 2013).
b) University credentials being obtained via phishing attack would use university mail servers to send large
volume of spam.
Data Integrity
ITMS would be responsible for all valuable, sensitive or critical information in the university's storage system. Data
being maintained in the host is the responsibility of the system owner. A regular backup would be scheduled wherein
individual servers, data sets as well as computer systems will be backed up to backup mediums as well as off-site
locations (Nelson, 2011).
Disaster Recovery and Business Continuity Planning
The ITMS will incorporate various measures in place to cope up with disaster and to ensure that the university can
recover from any localized or globalized service disruption.
All data managed centrally will be mirrored or to the disaster recovery location of the university and in the event of
any unwarranted disaster, the recovery process can kick in and restore the system back to it’s working state (Watters,
2013).
Apart from this a BCP or business continuity plan will be implemented for all systems in the university (Bajgoric,
n.d.).
Change Management
Change control procedures would be done in a form approach for the management of change so that the change is
introduced in a sensible and controlled manner (Bull & Brown, 2012).
After a change has been applied the hardware, software and communication links will be moved to production only
after receiving authorization from ITMS.
Authority for Monitoring Activity
Users would have a legitimate expectation of privacy; however, university also has the right to inspect any data being
stored on their resources so as to detect, prevent or minimize unacceptable behaviour on the computer systems. If a
system is found to possess any unlawful content or behaviour, the same shall attract action from local law
enforcement bodies of queensland.
Physical Security
Physical security of all ICT facilities is essential in order to prevent any kinds of unauthorized use. It also ensures
that the system are protected from theft, damage and natural events. Access to data-storage rooms, server rooms,
networking and computing facilities would be restricted to authorized personnel.
Network Security
The policy also contains a detailed description of network-based attacks and countermeasures against it. These are
enumerated below:
Mac Flooding
Mac Flooding is a process wherein the security of network switches is compromised and therefore the data packets
being sent from the routers are disrupted (Shi, Liu, Jin & Song, 2013).
Countermeasure
This can be prevented in a two-fold fashion. Firstly, the port should be made secure that both limits the number of
MAC address that can connected to it and explicitly allowing only authorized MAC address to connect. Secondly,
there is an automatic learning mode as well that dynamically allows only trusted clients to connect to the routers.
Session hijacking
Session hijacking involves an attacker taking over a user’s web-session ID. Once this has been gained, the attacker
can pose as the original user and carry out further attacks such as Cross-site scripting and IP spoofing.
Countermeasure
There are a few countermeasures against it and these include encryption and using string as the session key.
n.d.).
Change Management
Change control procedures would be done in a form approach for the management of change so that the change is
introduced in a sensible and controlled manner (Bull & Brown, 2012).
After a change has been applied the hardware, software and communication links will be moved to production only
after receiving authorization from ITMS.
Authority for Monitoring Activity
Users would have a legitimate expectation of privacy; however, university also has the right to inspect any data being
stored on their resources so as to detect, prevent or minimize unacceptable behaviour on the computer systems. If a
system is found to possess any unlawful content or behaviour, the same shall attract action from local law
enforcement bodies of queensland.
Physical Security
Physical security of all ICT facilities is essential in order to prevent any kinds of unauthorized use. It also ensures
that the system are protected from theft, damage and natural events. Access to data-storage rooms, server rooms,
networking and computing facilities would be restricted to authorized personnel.
Network Security
The policy also contains a detailed description of network-based attacks and countermeasures against it. These are
enumerated below:
Mac Flooding
Mac Flooding is a process wherein the security of network switches is compromised and therefore the data packets
being sent from the routers are disrupted (Shi, Liu, Jin & Song, 2013).
Countermeasure
This can be prevented in a two-fold fashion. Firstly, the port should be made secure that both limits the number of
MAC address that can connected to it and explicitly allowing only authorized MAC address to connect. Secondly,
there is an automatic learning mode as well that dynamically allows only trusted clients to connect to the routers.
Session hijacking
Session hijacking involves an attacker taking over a user’s web-session ID. Once this has been gained, the attacker
can pose as the original user and carry out further attacks such as Cross-site scripting and IP spoofing.
Countermeasure
There are a few countermeasures against it and these include encryption and using string as the session key.
Encryption prevents such kind of attack by encrypting the session and incorporating string as the session key makes
the attacker unable to hijack session using brute-force based attacks.
IP Spoofing
In IP Spoofing the attacker gains access to the computer system by spoofing the IP address of the original user.
Countermeasures
Encryption as well as authentication be used in IP V6 to prevent such spoofing attacks. At the same time, router can
be configured to enable egress and ingress filtering and allowing only trusted IP to connect to the university network
(Snyder et al., 2010).
Denial of Service attack
The function of Denial of service attack is to flood the target host with so many requests that it effectively overloads
the computational prowess (Piskozub, n.d.). A distributed denial of service attack is a more severe version of this
attack (DDoS Prevention, 2016).
Countermeasures
A source verification method can be built into the routers and hosts to verify where the attack is originating and
restrict the packets which seems to be malicious. Yet another countermeasure is to use the ‘Detect’ method to
separate a legitimate request from an attack request in the shortest time possible A ‘react’ method can also be used to
mitigate the attack by effectively creating an overlay or traceback methods (DDoS Prevention, 2016).
Internal or External Intrusion
This is nothing but deliberate intrusion attempt either from a person from inside the university who is a part of the
university or from an external individual or group of people by using single or multiple methods of attacks. They
could infect the systems with a trojan, a malware that was sent via file attachments or exploitation of vulnerabilities
in the system.
Countermeasure
Ports: The first and foremost method against them is to patch unneeded ports on the network server of the university.
Firewall: The university must use a hardware-based firewall that can be installed within the networking infrastructure
of the university to prevent unwarranted breaches. This can be combined with a software firewall at the host-level for
further protection (Thomas, 2012).
IDS: An intrusion detection system can also be used in combination of a firewall that uses a combination of methods
for protection against attacks
Antivirus and system patches: Lastly, at the host level, the ITMS can employ the use of modern antivirus solutions
for further protection both from internal and external threats. At the same time, the systems and applications in the
host systems as well as the servers needs to be patched regularly for any vulnerabilities.
the attacker unable to hijack session using brute-force based attacks.
IP Spoofing
In IP Spoofing the attacker gains access to the computer system by spoofing the IP address of the original user.
Countermeasures
Encryption as well as authentication be used in IP V6 to prevent such spoofing attacks. At the same time, router can
be configured to enable egress and ingress filtering and allowing only trusted IP to connect to the university network
(Snyder et al., 2010).
Denial of Service attack
The function of Denial of service attack is to flood the target host with so many requests that it effectively overloads
the computational prowess (Piskozub, n.d.). A distributed denial of service attack is a more severe version of this
attack (DDoS Prevention, 2016).
Countermeasures
A source verification method can be built into the routers and hosts to verify where the attack is originating and
restrict the packets which seems to be malicious. Yet another countermeasure is to use the ‘Detect’ method to
separate a legitimate request from an attack request in the shortest time possible A ‘react’ method can also be used to
mitigate the attack by effectively creating an overlay or traceback methods (DDoS Prevention, 2016).
Internal or External Intrusion
This is nothing but deliberate intrusion attempt either from a person from inside the university who is a part of the
university or from an external individual or group of people by using single or multiple methods of attacks. They
could infect the systems with a trojan, a malware that was sent via file attachments or exploitation of vulnerabilities
in the system.
Countermeasure
Ports: The first and foremost method against them is to patch unneeded ports on the network server of the university.
Firewall: The university must use a hardware-based firewall that can be installed within the networking infrastructure
of the university to prevent unwarranted breaches. This can be combined with a software firewall at the host-level for
further protection (Thomas, 2012).
IDS: An intrusion detection system can also be used in combination of a firewall that uses a combination of methods
for protection against attacks
Antivirus and system patches: Lastly, at the host level, the ITMS can employ the use of modern antivirus solutions
for further protection both from internal and external threats. At the same time, the systems and applications in the
host systems as well as the servers needs to be patched regularly for any vulnerabilities.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Periodic Management Review
Regular auditing procedures would need to be carried out on all systems, servers and devices in the ICT
infrastructure of the university. Any new devices or systems being added must be configured to the same as that of
the existing system. At the same time, regular audits should be done to ensure security measures are being followed.
Policy Violation
A formal incident response should be done in any event of breach. Actions to correct or recover from errors must be
taken. All emergency action as detailed in the policy should be used and the integrity of systems should be verified
and restored with as minimal disruption as possible.
References
Allen, G. G. (1982). Copyright and Copying in Australia; The Impact of the 1980 Amendments to the Australian
Copyright Act. Libri, 32(1). doi:10.1515/libr.1982.32.1.207
Bajgoric, N. (n.d.). Business Continuity Management. Continuous Computing Technologies for Enhancing Business
Continuity. doi:10.4018/9781605661605.ch013
Bull, M., & Brown, T. (2012, 02). Implementing Change. Facilities Change Management, 108-122.
doi:10.1002/9781119967316.ch8
Cyber Security Policy Catalog. (2012, 04). Cyber Security Policy Guidebook, 93-210.
doi:10.1002/9781118241530.ch6
Chipman, S. (2016). Spam or Not-Spam. Psyccritiques, 61(2). doi: 10.1037/a0040047
DDoS Prevention. (2016, 04). DDoS Attacks, 145-159. doi:10.1201/b20614-6
Nelson, S. (2011). Application Backup Strategies. Pro Data Backup and Recovery, 169-202. doi:10.1007/978-1-
4302-2663-5_8
Olsina, L., Dieser, A., & Covella, G. (2014). Metrics and Indicators as Key Organizational Assets for ICT Security
Assessment. Emerging Trends in ICT Security, 25-44. doi:10.1016/b978-0-12-411474-6.00002-5
Piskozub, A. (n.d.). Denial of service and distributed denial of service attacks. Modern Problems of Radio
Engineering, Telecommunications and Computer Science (IEEE Cat. No.02EX542).
doi:10.1109/tcset.2002.1015977
Pu, C. (2019, 02). Spam DIS Attack Against Routing Protocol in the Internet of Things. 2019 International
Conference on Computing, Networking and Communications (ICNC). doi:10.1109/iccnc.2019.8685628
Snyder, C., Myer, T., & Southwell, M. (2010). Preventing Session Hijacking. Pro PHP Security, 93-104.
doi:10.1007/978-1-4302-3319-0_7
Shi, F., Liu, W., Jin, D., & Song, J. (2013). A Cluster-Based Countermeasure against MAC Layer Attacks in IEEE
802.11 MANETs. Applied Mechanics And Materials, 284-287, 2662-2666. doi:
10.4028/www.scientific.net/amm.284-287.2662
Thomas, C. (2012). Improving intrusion detection for imbalanced network traffic. Security And Communication
Networks, 6(3), 309-324. doi: 10.1002/sec.564
Watters, J. (2013, 12). IT Disaster Recovery. Disaster Recovery, Crisis Response, and Business Continuity, 57-80.
Regular auditing procedures would need to be carried out on all systems, servers and devices in the ICT
infrastructure of the university. Any new devices or systems being added must be configured to the same as that of
the existing system. At the same time, regular audits should be done to ensure security measures are being followed.
Policy Violation
A formal incident response should be done in any event of breach. Actions to correct or recover from errors must be
taken. All emergency action as detailed in the policy should be used and the integrity of systems should be verified
and restored with as minimal disruption as possible.
References
Allen, G. G. (1982). Copyright and Copying in Australia; The Impact of the 1980 Amendments to the Australian
Copyright Act. Libri, 32(1). doi:10.1515/libr.1982.32.1.207
Bajgoric, N. (n.d.). Business Continuity Management. Continuous Computing Technologies for Enhancing Business
Continuity. doi:10.4018/9781605661605.ch013
Bull, M., & Brown, T. (2012, 02). Implementing Change. Facilities Change Management, 108-122.
doi:10.1002/9781119967316.ch8
Cyber Security Policy Catalog. (2012, 04). Cyber Security Policy Guidebook, 93-210.
doi:10.1002/9781118241530.ch6
Chipman, S. (2016). Spam or Not-Spam. Psyccritiques, 61(2). doi: 10.1037/a0040047
DDoS Prevention. (2016, 04). DDoS Attacks, 145-159. doi:10.1201/b20614-6
Nelson, S. (2011). Application Backup Strategies. Pro Data Backup and Recovery, 169-202. doi:10.1007/978-1-
4302-2663-5_8
Olsina, L., Dieser, A., & Covella, G. (2014). Metrics and Indicators as Key Organizational Assets for ICT Security
Assessment. Emerging Trends in ICT Security, 25-44. doi:10.1016/b978-0-12-411474-6.00002-5
Piskozub, A. (n.d.). Denial of service and distributed denial of service attacks. Modern Problems of Radio
Engineering, Telecommunications and Computer Science (IEEE Cat. No.02EX542).
doi:10.1109/tcset.2002.1015977
Pu, C. (2019, 02). Spam DIS Attack Against Routing Protocol in the Internet of Things. 2019 International
Conference on Computing, Networking and Communications (ICNC). doi:10.1109/iccnc.2019.8685628
Snyder, C., Myer, T., & Southwell, M. (2010). Preventing Session Hijacking. Pro PHP Security, 93-104.
doi:10.1007/978-1-4302-3319-0_7
Shi, F., Liu, W., Jin, D., & Song, J. (2013). A Cluster-Based Countermeasure against MAC Layer Attacks in IEEE
802.11 MANETs. Applied Mechanics And Materials, 284-287, 2662-2666. doi:
10.4028/www.scientific.net/amm.284-287.2662
Thomas, C. (2012). Improving intrusion detection for imbalanced network traffic. Security And Communication
Networks, 6(3), 309-324. doi: 10.1002/sec.564
Watters, J. (2013, 12). IT Disaster Recovery. Disaster Recovery, Crisis Response, and Business Continuity, 57-80.
doi:10.1007/978-1-4302-6407-1_5
Xiang, C., Lihua, Y., Shuyuan, J., Zhiyu, H., & Shuhao, L. (2013, 02). Botnet spoofing: Fighting botnet with itself.
Security and Communication Networks, 8(1), 80-89. doi:10.1002/sec.749
Xiang, C., Lihua, Y., Shuyuan, J., Zhiyu, H., & Shuhao, L. (2013, 02). Botnet spoofing: Fighting botnet with itself.
Security and Communication Networks, 8(1), 80-89. doi:10.1002/sec.749
1 out of 9
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.