SEC 410 - Web and Data Security Report: E-commerce Security Strategy
VerifiedAdded on 2022/08/23
|13
|3318
|21
Report
AI Summary
This report presents a comprehensive security initiative designed for an expanding global e-commerce corporation. The report begins by outlining a security policy document, addressing employee requirements, data leakage prevention, and full disk encryption. It then summarizes the overall security strategy and details the importance of a thorough network audit to identify and protect critical devices and data. Furthermore, the report offers information security-related recommendations for integrating the corporation with a newly acquired company, including data center security, software patching, and strong password policies. The report also assesses intrusion detection systems (IDPS and NIDS) and vulnerability scanners (Network Configuration Manager and Paessler PRTG), providing insights into their implementation within the e-commerce environment. Finally, the report concludes with a summary of key findings and recommendations to fortify the company's web and data security posture.
Running head: WEB AND DATA SECURITY
WEB AND DATA SECURITY
Name of the Student
Name of the University
Author Note
WEB AND DATA SECURITY
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1WEB AND DATA SECURITY
Table of Contents
Introduction:...............................................................................................................................2
Discussions.................................................................................................................................2
Security Policy Document......................................................................................................2
Summary of the Strategy........................................................................................................5
Network Audit........................................................................................................................5
Information Security-related Recommendations...................................................................6
Intrusion Detection System....................................................................................................7
Vulnerability Scanners...........................................................................................................8
Network Firewall Devices......................................................................................................9
Conclusion..................................................................................................................................9
Bibliography.............................................................................................................................11
Table of Contents
Introduction:...............................................................................................................................2
Discussions.................................................................................................................................2
Security Policy Document......................................................................................................2
Summary of the Strategy........................................................................................................5
Network Audit........................................................................................................................5
Information Security-related Recommendations...................................................................6
Intrusion Detection System....................................................................................................7
Vulnerability Scanners...........................................................................................................8
Network Firewall Devices......................................................................................................9
Conclusion..................................................................................................................................9
Bibliography.............................................................................................................................11
2WEB AND DATA SECURITY
Introduction:
Web and data security is one of the most important activities that a company should
do in order to protect the data and web from hackers. A security initiative is to be taken for en
E-commerce Company with two websites and the Company is located in New York and
London. The Company presently has 300 employees. Recently, the company will merge with
another company that has a research and development and sales department and they have
150 to 200 employees in the office. They will develop new products and sell the products
online.
The report deals with the security policy document for the E-commerce organization.
The report focuses on the summary of the whole security strategy and the network audit in
order to determine the devices and data that are to be protected. The report discusses about
the recommendations related to information security for combining the corporate enterprise
environments. The report has a brief discussion about the intrusion detection systems,
network firewall devices that can be implemented in the E-commerce organization.
Discussions
Security Policy Document
The security policy document covers the policies of data security that cover the important
areas of concern for the E-commerce company (Kim & Han, 2018). The policies include the:
Requirements of the employee
Prevention of leakage of data
Full disk encryption of the workstation
Employee Requirements
Introduction:
Web and data security is one of the most important activities that a company should
do in order to protect the data and web from hackers. A security initiative is to be taken for en
E-commerce Company with two websites and the Company is located in New York and
London. The Company presently has 300 employees. Recently, the company will merge with
another company that has a research and development and sales department and they have
150 to 200 employees in the office. They will develop new products and sell the products
online.
The report deals with the security policy document for the E-commerce organization.
The report focuses on the summary of the whole security strategy and the network audit in
order to determine the devices and data that are to be protected. The report discusses about
the recommendations related to information security for combining the corporate enterprise
environments. The report has a brief discussion about the intrusion detection systems,
network firewall devices that can be implemented in the E-commerce organization.
Discussions
Security Policy Document
The security policy document covers the policies of data security that cover the important
areas of concern for the E-commerce company (Kim & Han, 2018). The policies include the:
Requirements of the employee
Prevention of leakage of data
Full disk encryption of the workstation
Employee Requirements
3WEB AND DATA SECURITY
It is essential to complete the awareness of security training of E-commerce company and
agree in order to support the utilization of the policy
If an unknown or a unauthorized person is recognized in the Company, then it is required
to notify the administration of the company.
An authorized employee must accompany the visitors to the E-commerce Company at all
times. If the employees of the company are responsible for accompanying the visitors
then they must restrict the visitors to some appropriate areas.
The desk of the E-commerce Company should be kept clean. In order to uphold the
security of information the employees requires to make sure that not all the things that are
printed in the data of scope is left unattended at the work.
A secured password on all the systems of the E-commerce Company as per the policy of
password.
The employees must notify immediately to the administration of the company or the
concerned person that the devices containing the in-scope data is lost.
It must be made sure that the resources that are holding the data in scope are not left
unexposed.
Prevention of Leakage of Data
The data leakage prevention technology of the E-commerce Company will scrutinize for
the data that are in motion
The data leakage prevention technology will recognise the particular content that are the
data of sales and the exports of the information those are identifiable outside the systems
those are controlled
The data leakage prevention policy will be deployed in order to aware the end user in the
occurrence of transmission of data those are sensitive and the end user will be given a
option to refuse or authorize or reject the data transfer.
It is essential to complete the awareness of security training of E-commerce company and
agree in order to support the utilization of the policy
If an unknown or a unauthorized person is recognized in the Company, then it is required
to notify the administration of the company.
An authorized employee must accompany the visitors to the E-commerce Company at all
times. If the employees of the company are responsible for accompanying the visitors
then they must restrict the visitors to some appropriate areas.
The desk of the E-commerce Company should be kept clean. In order to uphold the
security of information the employees requires to make sure that not all the things that are
printed in the data of scope is left unattended at the work.
A secured password on all the systems of the E-commerce Company as per the policy of
password.
The employees must notify immediately to the administration of the company or the
concerned person that the devices containing the in-scope data is lost.
It must be made sure that the resources that are holding the data in scope are not left
unexposed.
Prevention of Leakage of Data
The data leakage prevention technology of the E-commerce Company will scrutinize for
the data that are in motion
The data leakage prevention technology will recognise the particular content that are the
data of sales and the exports of the information those are identifiable outside the systems
those are controlled
The data leakage prevention policy will be deployed in order to aware the end user in the
occurrence of transmission of data those are sensitive and the end user will be given a
option to refuse or authorize or reject the data transfer.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4WEB AND DATA SECURITY
The policy of data leakage prevention will centrally log the events for re-examination.
The team of IT will conduct the triage that is at the first level on actions, recognising the
data that can be responsive and the situation where the data transfer was approved and
there is a worry of use those are unsuitable.
Where there is a concern of breach of data, the procedure of incident management of IT is
to be utilized with particular notice to be given to the security management.
Full Disk Encryption of the Workstation
All the devices that are present in scope should be allowed with full disk encryption.
The Security Awareness Training and the Acceptable Use of Policy of the E-commerce
Company must need the end users to inform the management of security if they think that
they are not in observance with the framework
The Security Awareness Training and the Acceptable Use Policy must need the end users
to inform the management of security that any of the devices are lost or stolen.
The security management validates the policy of encryption and the compliance. The
machines require reporting to the management of the E-commerce company in order to
enable records of audit to display observance as necessary.
Where the management is not probable and an encryption those are standalone is
installed. The end user of the device must provide an active key copy of encryption to IT.
Summary of the Strategy
The security policy has three parts. The parts consist of employee requirements that
are information security policy for the employees, next is the data leakage prevention in the
E-commerce Company and policy for the encryption of full disk in the Company.
The security policy for the employees of the E-commerce Company is that the
employees must be provided with security training so that they can understand the data
The policy of data leakage prevention will centrally log the events for re-examination.
The team of IT will conduct the triage that is at the first level on actions, recognising the
data that can be responsive and the situation where the data transfer was approved and
there is a worry of use those are unsuitable.
Where there is a concern of breach of data, the procedure of incident management of IT is
to be utilized with particular notice to be given to the security management.
Full Disk Encryption of the Workstation
All the devices that are present in scope should be allowed with full disk encryption.
The Security Awareness Training and the Acceptable Use of Policy of the E-commerce
Company must need the end users to inform the management of security if they think that
they are not in observance with the framework
The Security Awareness Training and the Acceptable Use Policy must need the end users
to inform the management of security that any of the devices are lost or stolen.
The security management validates the policy of encryption and the compliance. The
machines require reporting to the management of the E-commerce company in order to
enable records of audit to display observance as necessary.
Where the management is not probable and an encryption those are standalone is
installed. The end user of the device must provide an active key copy of encryption to IT.
Summary of the Strategy
The security policy has three parts. The parts consist of employee requirements that
are information security policy for the employees, next is the data leakage prevention in the
E-commerce Company and policy for the encryption of full disk in the Company.
The security policy for the employees of the E-commerce Company is that the
employees must be provided with security training so that they can understand the data
5WEB AND DATA SECURITY
breach in the company. if the employees find that any unauthorized person is found in the
company then it should be notified to the security management of the company. The
employees should escort a person to the company and then restrict them to several places in
the company (Moody, Siponen & Pahnila, 2018). The company should properly maintain the
IT assets of the company. The employees of the Company must use secure passwords on the
systems of the company. The employees should notify the security management in case the
sensitive data is lost.
The second policy of the company is prevention of data leakage. The main aim of this
policy is to prevent the leakage of data of the E-commerce company. The data leakage
prevention technology will alert the user if any sensitive data of the company is transferred.
The data leakage prevention technology will notify the security management if any case of
data breaches occurs.
The next policy is the full disk encryption of the workplace. The devices of the
Company should be fully encrypted. The standalone encryption should be configured in
every system of the Company. The encryption will disable the hackers to get into the system
of the Company.
Network Audit
The network audit of the company is to be done by an auditor of network to determine
devices and the data that are to be protected. The devices and the data needs to be protected
for the company so that the hackers do not enter the network of the company and gain the
sensitive information that is important for the company (Ege, Kim & Wang, 2019). The
network auditor must be expert in auditing the network of the E-commerce organization. The
devices are to be kept secure are the computers, smartphones, routers, equipments of
network, network ports and other equipments of IT must be kept secure so that the hacker
breach in the company. if the employees find that any unauthorized person is found in the
company then it should be notified to the security management of the company. The
employees should escort a person to the company and then restrict them to several places in
the company (Moody, Siponen & Pahnila, 2018). The company should properly maintain the
IT assets of the company. The employees of the Company must use secure passwords on the
systems of the company. The employees should notify the security management in case the
sensitive data is lost.
The second policy of the company is prevention of data leakage. The main aim of this
policy is to prevent the leakage of data of the E-commerce company. The data leakage
prevention technology will alert the user if any sensitive data of the company is transferred.
The data leakage prevention technology will notify the security management if any case of
data breaches occurs.
The next policy is the full disk encryption of the workplace. The devices of the
Company should be fully encrypted. The standalone encryption should be configured in
every system of the Company. The encryption will disable the hackers to get into the system
of the Company.
Network Audit
The network audit of the company is to be done by an auditor of network to determine
devices and the data that are to be protected. The devices and the data needs to be protected
for the company so that the hackers do not enter the network of the company and gain the
sensitive information that is important for the company (Ege, Kim & Wang, 2019). The
network auditor must be expert in auditing the network of the E-commerce organization. The
devices are to be kept secure are the computers, smartphones, routers, equipments of
network, network ports and other equipments of IT must be kept secure so that the hacker
6WEB AND DATA SECURITY
cannot enter these devices. The most important devices that are to be kept safe from which
the hackers can gain the sensitive information are the computers, routers and the networks
that are present in the E-commerce company.
The data also needs to be kept secure so that the attackers do not gain the sensitive
information that is very important for the Company. The company will have sensitive
information like the design of the E-commerce website of the company, the codes that are
required in order to develop the website, the details of the clients of the company and the
vendors from which the company take important materials for the company. Other than these,
there are also other types of sensitive data that can be very valuable to the competitor of the
E-commerce Company (Hollingsworth, 2016). The company must take steps so that the
hackers do not get hold of this sensitive information and it will be a huge loss for the
company.
Information Security-related Recommendations
The E-commerce organization will be acquiring another company that has various
line of business and they have plans to offer products for sale that is online. However, the
network manager for the other organization is a difficult person, he only knows the network
architecture, and he is not willing to share. The information security related recommendations
that can be offered to both the enterprise are that the data centre of both the organizations
must be kept secure so that the hackers do not gain the sensitive information. The systems of
the organizations must be installed with antivirus and all the softwares should be patched.
Strong password should be used for each application and the softwares that are used by the
company. The company must properly back up the sensitive information. The wifi that are
used in the company must be secured with strong passwords and the social network
information must be limited by the two organizations. These recommendations must be
properly kept in mind and should be implemented by the company so that the hackers or the
cannot enter these devices. The most important devices that are to be kept safe from which
the hackers can gain the sensitive information are the computers, routers and the networks
that are present in the E-commerce company.
The data also needs to be kept secure so that the attackers do not gain the sensitive
information that is very important for the Company. The company will have sensitive
information like the design of the E-commerce website of the company, the codes that are
required in order to develop the website, the details of the clients of the company and the
vendors from which the company take important materials for the company. Other than these,
there are also other types of sensitive data that can be very valuable to the competitor of the
E-commerce Company (Hollingsworth, 2016). The company must take steps so that the
hackers do not get hold of this sensitive information and it will be a huge loss for the
company.
Information Security-related Recommendations
The E-commerce organization will be acquiring another company that has various
line of business and they have plans to offer products for sale that is online. However, the
network manager for the other organization is a difficult person, he only knows the network
architecture, and he is not willing to share. The information security related recommendations
that can be offered to both the enterprise are that the data centre of both the organizations
must be kept secure so that the hackers do not gain the sensitive information. The systems of
the organizations must be installed with antivirus and all the softwares should be patched.
Strong password should be used for each application and the softwares that are used by the
company. The company must properly back up the sensitive information. The wifi that are
used in the company must be secured with strong passwords and the social network
information must be limited by the two organizations. These recommendations must be
properly kept in mind and should be implemented by the company so that the hackers or the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7WEB AND DATA SECURITY
attackers do not get into the network architecture or the system of the companies and get hold
of the sensitive information that are very important for the company.
Intrusion Detection System
An intrusion detection system is a type of system that checks the traffic of a network
for the activities those are doubtful and the problems alerts when such type of activities is
discovered. The two IDS that are to be evaluated are IDPS and NIDS
The systems of intrusion detection and prevention are the systems that observe the
suspicious activities in the traffic of network and then prevent it. The IDPS technologies
generally offer broad detection capabilities (Hodo et al., 2016). Most of the products of the
utilise an integration of detection methods and it generally support decision those are more
accurate and they are more flexible in customization and tuning. There are various types of
methodologies of IDPS. They are detection based on signature, detection based on anomaly
and analysis of stateful protocol.
The full form of NIDS is system of Network Intrusion detection. A system attempts to
identify the activities of hacking, denial of service attacks on a network of computer. The
NIDS tracks the traffic of the network and assist to detect the malicious activities by
recognising the suspicious patterns in the packets those are coming in (Javaid et al., 2016).
The intrusion detection and prevention system must be implemented in the E-
Commerce company because it has many functionalities and technologies as compared to the
System of Network Intrusion Detection. The detection methodologies of IDPS include
detection based on signature, detection based on anomaly and analysis of stateful protocols.
There are various types of IDPS like the network based IDPS that can handle the network of
the company.
attackers do not get into the network architecture or the system of the companies and get hold
of the sensitive information that are very important for the company.
Intrusion Detection System
An intrusion detection system is a type of system that checks the traffic of a network
for the activities those are doubtful and the problems alerts when such type of activities is
discovered. The two IDS that are to be evaluated are IDPS and NIDS
The systems of intrusion detection and prevention are the systems that observe the
suspicious activities in the traffic of network and then prevent it. The IDPS technologies
generally offer broad detection capabilities (Hodo et al., 2016). Most of the products of the
utilise an integration of detection methods and it generally support decision those are more
accurate and they are more flexible in customization and tuning. There are various types of
methodologies of IDPS. They are detection based on signature, detection based on anomaly
and analysis of stateful protocol.
The full form of NIDS is system of Network Intrusion detection. A system attempts to
identify the activities of hacking, denial of service attacks on a network of computer. The
NIDS tracks the traffic of the network and assist to detect the malicious activities by
recognising the suspicious patterns in the packets those are coming in (Javaid et al., 2016).
The intrusion detection and prevention system must be implemented in the E-
Commerce company because it has many functionalities and technologies as compared to the
System of Network Intrusion Detection. The detection methodologies of IDPS include
detection based on signature, detection based on anomaly and analysis of stateful protocols.
There are various types of IDPS like the network based IDPS that can handle the network of
the company.
8WEB AND DATA SECURITY
Vulnerability Scanners
The vulnerability scanners are the scanners that are used in order to identify the
security vulnerabilities in a system (El et al., 2017). The vulnerability scanning can be
performed by an individual or by an administrator of network for the purpose of security or it
can be utilised by the hackers in order to gain access those are unauthorized to the system of
the company or any other system.
The two vulnerability scanners that can be evaluated are Network Configuration
Manager and Paessler PRTG.
The Network configuration manager is used in order to prevent the security breaches.
This tool automatically detects configuration problems and implements firmware to the
devices that are present (Sagar et al., 2018). The NCM enables the user to manage the
settings of the devices that are known to develop vulnerabilities. This is done because
configuration problems and missing patches are one of the greatest source of breaches of
security.
The Paessler PRTG is tool that offer monitoring of the infrastructure and it permits
the admins to the stock of the servers, applications, networks and more (Xiong et al 2017).
The platform of the tool can monitor the change in status of the devices and then alert the
user in case of any changes as the activity those are unusual may indicate an intrusion.
The tool that can be recommended to the E-Commerce company is Paessler PRTG.
This tool will help the admin of the company to monitor the networks, servers and the
applications and the tools will help the company to alert the user if any intrusion happens and
the admin can stop the intrusion with the help of this tool.
Vulnerability Scanners
The vulnerability scanners are the scanners that are used in order to identify the
security vulnerabilities in a system (El et al., 2017). The vulnerability scanning can be
performed by an individual or by an administrator of network for the purpose of security or it
can be utilised by the hackers in order to gain access those are unauthorized to the system of
the company or any other system.
The two vulnerability scanners that can be evaluated are Network Configuration
Manager and Paessler PRTG.
The Network configuration manager is used in order to prevent the security breaches.
This tool automatically detects configuration problems and implements firmware to the
devices that are present (Sagar et al., 2018). The NCM enables the user to manage the
settings of the devices that are known to develop vulnerabilities. This is done because
configuration problems and missing patches are one of the greatest source of breaches of
security.
The Paessler PRTG is tool that offer monitoring of the infrastructure and it permits
the admins to the stock of the servers, applications, networks and more (Xiong et al 2017).
The platform of the tool can monitor the change in status of the devices and then alert the
user in case of any changes as the activity those are unusual may indicate an intrusion.
The tool that can be recommended to the E-Commerce company is Paessler PRTG.
This tool will help the admin of the company to monitor the networks, servers and the
applications and the tools will help the company to alert the user if any intrusion happens and
the admin can stop the intrusion with the help of this tool.
9WEB AND DATA SECURITY
Network Firewall Devices
A firewall is a system of network security that controls and tracks outgoing and the
incoming traffic that are based on the network and it is based on rules those are predefined.
The two network firewall devices that can be evaluated are Bitdefender Box and
FortiGate next generation Firewall (Shirali-Shahreza & Ganjali, 2018). The Bitdefender Box
is a firewall device that safeguards all types of smart devices. Once the device is set up, this
device blocks malware, prevents stealing of passwords and prevents identity theft. It also
safeguards the devices that cannot have an antivirus.
The FortiGate next-generation firewalls use processors of security those are purpose-
built and security services those are threat intelligence from AI-powered FortiGuard labs in
order to deliver top-rated safeguard, high performance inspection of encrypted traffic and
clear-texted (Zerkane et al., 2016). These firewalls minimize cost and the complexity with
full visibility into end users, applications and the networks and it offers best of security of
breed.
The firewall that can be used by large companies are FortiGate next-generation
Firewalls. As the companies consider the way to offer visibility that is comprehensive and
layer 7 security that is advanced that consists of protection of threat, prevention of intrusion,
filtering of web and control of application. It is estimated that 80% of the traffic of the
enterprise will be encrypted and 50% of the attacks those are targeting the enterprise will be
hidden in the traffic those are encrypted in order to infiltrate networks or exfiltrate the data by
using inspection of HTTPS.
Conclusion
The report deals with the E-commerce company that has two websites and it will
acquire another company in few months. The report concludes with various types of security
Network Firewall Devices
A firewall is a system of network security that controls and tracks outgoing and the
incoming traffic that are based on the network and it is based on rules those are predefined.
The two network firewall devices that can be evaluated are Bitdefender Box and
FortiGate next generation Firewall (Shirali-Shahreza & Ganjali, 2018). The Bitdefender Box
is a firewall device that safeguards all types of smart devices. Once the device is set up, this
device blocks malware, prevents stealing of passwords and prevents identity theft. It also
safeguards the devices that cannot have an antivirus.
The FortiGate next-generation firewalls use processors of security those are purpose-
built and security services those are threat intelligence from AI-powered FortiGuard labs in
order to deliver top-rated safeguard, high performance inspection of encrypted traffic and
clear-texted (Zerkane et al., 2016). These firewalls minimize cost and the complexity with
full visibility into end users, applications and the networks and it offers best of security of
breed.
The firewall that can be used by large companies are FortiGate next-generation
Firewalls. As the companies consider the way to offer visibility that is comprehensive and
layer 7 security that is advanced that consists of protection of threat, prevention of intrusion,
filtering of web and control of application. It is estimated that 80% of the traffic of the
enterprise will be encrypted and 50% of the attacks those are targeting the enterprise will be
hidden in the traffic those are encrypted in order to infiltrate networks or exfiltrate the data by
using inspection of HTTPS.
Conclusion
The report deals with the E-commerce company that has two websites and it will
acquire another company in few months. The report concludes with various types of security
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10WEB AND DATA SECURITY
measures that are useful for the company to keep its sensitive information safe. The company
should implement a security policy that should be adhering the security policy. The Company
should audit the network with the help of network auditors so that there are no vulnerabilities
in the network. In order to secure its data and information and the devices, the E-Commerce
company must implement intrusion detection systems, firewall devices and vulnerability
scanners that are discussed in the report and should be implemented by the company. Lastly,
the E-Commerce company must abide by the security policy and train its employees so that
the company does not have any security breach.
measures that are useful for the company to keep its sensitive information safe. The company
should implement a security policy that should be adhering the security policy. The Company
should audit the network with the help of network auditors so that there are no vulnerabilities
in the network. In order to secure its data and information and the devices, the E-Commerce
company must implement intrusion detection systems, firewall devices and vulnerability
scanners that are discussed in the report and should be implemented by the company. Lastly,
the E-Commerce company must abide by the security policy and train its employees so that
the company does not have any security breach.
11WEB AND DATA SECURITY
Bibliography
Ege, M., Kim, Y. H., & Wang, D. (2019). Do global audit firm networks apply consistent
audit methodologies across jurisdictions? Evidence from financial reporting
comparability. The Accounting Review.
El, M., McMahon, E., Samtani, S., Patton, M., & Chen, H. (2017, July). Benchmarking
vulnerability scanners: An experiment on SCADA devices and scientific instruments.
In 2017 IEEE International Conference on Intelligence and Security Informatics
(ISI) (pp. 83-88). IEEE.
Hodo, E., Bellekens, X., Hamilton, A., Dubouilh, P. L., Iorkyase, E., Tachtatzis, C., &
Atkinson, R. (2016, May). Threat analysis of IoT networks using artificial neural
network intrusion detection system. In 2016 International Symposium on Networks,
Computers and Communications (ISNCC) (pp. 1-6). IEEE.
Hollingsworth, C. R. (2016). Auditing for FISMA and HIPAA: Lessons Learned Performing
an In-house Cybersecurity Audit.
Javaid, A., Niyaz, Q., Sun, W., & Alam, M. (2016, May). A deep learning approach for
network intrusion detection system. In Proceedings of the 9th EAI International
Conference on Bio-inspired Information and Communications Technologies (formerly
BIONETICS) (pp. 21-26). ICST (Institute for Computer Sciences, Social-Informatics
and Telecommunications Engineering).
Javaid, A., Niyaz, Q., Sun, W., & Alam, M. (2016, May). A deep learning approach for
network intrusion detection system. In Proceedings of the 9th EAI International
Conference on Bio-inspired Information and Communications Technologies (formerly
Bibliography
Ege, M., Kim, Y. H., & Wang, D. (2019). Do global audit firm networks apply consistent
audit methodologies across jurisdictions? Evidence from financial reporting
comparability. The Accounting Review.
El, M., McMahon, E., Samtani, S., Patton, M., & Chen, H. (2017, July). Benchmarking
vulnerability scanners: An experiment on SCADA devices and scientific instruments.
In 2017 IEEE International Conference on Intelligence and Security Informatics
(ISI) (pp. 83-88). IEEE.
Hodo, E., Bellekens, X., Hamilton, A., Dubouilh, P. L., Iorkyase, E., Tachtatzis, C., &
Atkinson, R. (2016, May). Threat analysis of IoT networks using artificial neural
network intrusion detection system. In 2016 International Symposium on Networks,
Computers and Communications (ISNCC) (pp. 1-6). IEEE.
Hollingsworth, C. R. (2016). Auditing for FISMA and HIPAA: Lessons Learned Performing
an In-house Cybersecurity Audit.
Javaid, A., Niyaz, Q., Sun, W., & Alam, M. (2016, May). A deep learning approach for
network intrusion detection system. In Proceedings of the 9th EAI International
Conference on Bio-inspired Information and Communications Technologies (formerly
BIONETICS) (pp. 21-26). ICST (Institute for Computer Sciences, Social-Informatics
and Telecommunications Engineering).
Javaid, A., Niyaz, Q., Sun, W., & Alam, M. (2016, May). A deep learning approach for
network intrusion detection system. In Proceedings of the 9th EAI International
Conference on Bio-inspired Information and Communications Technologies (formerly
12WEB AND DATA SECURITY
BIONETICS) (pp. 21-26). ICST (Institute for Computer Sciences, Social-Informatics
and Telecommunications Engineering).
Kim, H. L., & Han, J. (2018). Do employees in a “good” company comply better with
information security policy? A corporate social responsibility
perspective. Information Technology & People.
Moody, G. D., Siponen, M., & Pahnila, S. (2018). Toward a unified model of information
security policy compliance. MIS Quarterly, 42(1).
Sagar, D., Kukreja, S., Brahma, J., Tyagi, S., & Jain, P. (2018). Studying open source
vulnerability scanners for vulnerabilities in web applications. IIOAB JOURNAL, 9(2),
43-49.
Shirali-Shahreza, S., & Ganjali, Y. (2018). Protecting home user devices with an SDN-based
firewall. IEEE Transactions on Consumer Electronics, 64(1), 92-100.
Snapp, S. R., Brentano, J., Dias, G., Goan, T. L., Heberlein, L. T., Ho, C. L., & Levitt, K. N.
(2017). DIDS (distributed intrusion detection system)-motivation, architecture, and an
early prototype.
Xiong, Q., Xu, Y., Zhang, B. F., & Wang, F. (2017, January). Overview of the Evasion
Resilience Testing Technology for Network Based Intrusion Protecting Devices.
In 2017 IEEE 18th International Symposium on High Assurance Systems Engineering
(HASE) (pp. 146-152). IEEE.
Zerkane, S., Espes, D., Le Parc, P., & Cuppens, F. (2016, May). Software defined networking
reactive stateful firewall. In IFIP International Conference on ICT Systems Security
and Privacy Protection (pp. 119-132). Springer, Cham.
BIONETICS) (pp. 21-26). ICST (Institute for Computer Sciences, Social-Informatics
and Telecommunications Engineering).
Kim, H. L., & Han, J. (2018). Do employees in a “good” company comply better with
information security policy? A corporate social responsibility
perspective. Information Technology & People.
Moody, G. D., Siponen, M., & Pahnila, S. (2018). Toward a unified model of information
security policy compliance. MIS Quarterly, 42(1).
Sagar, D., Kukreja, S., Brahma, J., Tyagi, S., & Jain, P. (2018). Studying open source
vulnerability scanners for vulnerabilities in web applications. IIOAB JOURNAL, 9(2),
43-49.
Shirali-Shahreza, S., & Ganjali, Y. (2018). Protecting home user devices with an SDN-based
firewall. IEEE Transactions on Consumer Electronics, 64(1), 92-100.
Snapp, S. R., Brentano, J., Dias, G., Goan, T. L., Heberlein, L. T., Ho, C. L., & Levitt, K. N.
(2017). DIDS (distributed intrusion detection system)-motivation, architecture, and an
early prototype.
Xiong, Q., Xu, Y., Zhang, B. F., & Wang, F. (2017, January). Overview of the Evasion
Resilience Testing Technology for Network Based Intrusion Protecting Devices.
In 2017 IEEE 18th International Symposium on High Assurance Systems Engineering
(HASE) (pp. 146-152). IEEE.
Zerkane, S., Espes, D., Le Parc, P., & Cuppens, F. (2016, May). Software defined networking
reactive stateful firewall. In IFIP International Conference on ICT Systems Security
and Privacy Protection (pp. 119-132). Springer, Cham.
1 out of 13
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.