Overview of the technology studied
Discuss about the Survey Of Information Security Incident Handling In The Cloud.
The overview of the technology that has been studied in this report is the security that is provided in the network structure of an organization, generally against two major attacks which the DoS and DDoS (Xu, et al., 2014). The Denial of Service (DoS) is a kind of attack that occurs when the user of a specific programme or network is denied of using that set of networks even though he/she provides all the useful information required to give him/her the access to the said network (Laybats & Tredinnick, 2016). This refers to an attack wherein an individual is targeted and the computer programme is controlled by a third-party who restricts the access of the general user.
(DDoS) is a kind of service attack that occurs when an group of machines is targeted together in a manner so that there is an extreme form of denial of service throughout the entire network. This is a specialised form as the same attack is redistributed to different sectors and hence has a large-scale effect to it (Garba et al., 2015).
Generally, it is difficult to understand how a DoS and DDoS attack occurs and how it can impact a network. It has been identified that generally DoS and DDoS attack takes place bt flooding the entire system by target messages, malicious packages and other requests which will end up slowing down the system (Conklin, et al., 2015). There would be occasions when the user would require to shut down the system and it is during this period that the different forms of the DoS services try to access and take control over the system of the network and the applications attached to the same network. In general, there has been a call for different forms of security applications and features to be put into these areas so that one could encourage and make certain changes in this aspect of the technology and create a way to detect and eliminate any form of DoS or DDoS attack before it can have any impact on the system. Hence, the system network used for this report is the Software Defined Network (SDN) which is a new form of network designed through an integration of software and physical network components, but along with that, it has been seen to be effective is securing a machine against any form of external third-party intrusions (Siponen, et al., 2014). Also, the cloud connectivity has been undertaken in these areas and there has been an effect regarding the way this cloud system is vulnerable to the DoS and DDoS and therefore, there has been a research done to this effect to find out the security features of cloud systems.
Technologies and applications
Some of the challenges that has been faced in the research area are:
- Lack of Expert Knowledge: There was a lack of expert knowledge in the entire process of network creation and network process of learning (Sommestad, et al., 2014). The network structure of an organization is vast and it is connected in several different way which makes it difficult to understand the chief layout of the organizational network processes. Since the physical network is replaced by software networking, there is a problem in that area because the chief overlay is transported into advanced software networks which makes it difficult to understand (Safa, Von Solms & Furnell, 2016).
- Intractability and Complexity of Network processes: Since the network processes is itself a very complex area, it was difficult to understand the network problems. Most of the functioning of the network could not be traced back as it was lost in the web of network processes and even when the entire organization is run on the basis of a software defined network, it becomes impossible to trace the network because the loss of transmission is still a part of the problem. Hence, it becomes difficult to understand and dig deep into the complexity of network processes (Parsons, et al. 2015).
- Lack of proper accessibility: As is the case with every sophisticated network setting, there are a lot of barriers set up in the network for security reasons so that there is not much accessibility of random people or third-party breaches. There are also accessibility issues present by the use of barriers so that there is no internal breach that takes place (Sommestad, Karlzén & Hallberg, 2015). As a result, there was a problem regarding accessibility of information is this case and that posed a major challenge in conducting the research.
In this article, there has been an overview provided on how Denial of service actually works and what tools are used by hackers to create a successful DoS attack on a target computer. In this article, it is stated that the DoS attack is in fact done by the hacker with a specific motive and a specific target which is referred to as hacktivism, and therefore, it becomes difficult to detect such hackers since it is such a planned and premeditated attack (Ab Rahman & Choo, 2015). The article also identifies the different ways in which the DoS attack can be prevented or a machine can be protected from such an attack (Oriyano, 2016). In general, the author hints upon the rise of the DDoS attack as well, which is not elongated in the article, but the author seems to put DDoS in the same category of hacktivism, with only a larger group of targets who requires to be attacked in this case (Lowry, et al., 2015).
This article tries to attempt to find the way any kind of DoS activity gets into the system and the way such an attack occurs. The real-time detection takes place under controlled environment and under certain assumptions and in a manner, it tries to identify how any third-party hacker can take control of a system and turn it into a manner wherein they could take control of the access (Lyamin, Vinel, Jonsson & Loo, 2014). It uses the modern IEEE 802.11p which is used in vehicles and therefore uses ‘jamming’ as a way to jam and block any kind of DoS attack that could take place in the vehicular network. In the mathematical probabilistic manner, the probability of the attack has been considered to be p and therefore Two attacker models are assumed: “Random jamming” has been used wherein each packet was transmitted in the channel is corrupted independently with probability p. The “ON-OFF jamming” has been used as another way wherein the OFF state no packets are jammed, while in the ON state K subsequent beacons are destroyed with probability one. Then the attacker switches to the OFF state. The OFF–ON transitions occur at the moments of beacon transmission start with probability p.
The journal identifies SDN as a programmable network and due to this factor, it has been seen as a probable target for hackers who could programme it. This article mentions DoS and man in the middle and how they can affect network transmission and access (Scott-Hayward, Natarajan &Sezer, 2016). It presents the new SDN services and how the SDN service is a good alternative to Cloud computing regarding the detection and the subsequent elimination of the DoS services (Safa & Von Solms, (2016). The article is prepared for understanding security in SDN which is surveyed presenting both the research community and industry advances in this area. The Network Security is considered to be a main factor in this area and so, to stop the general attacks of DoS and DDoS, there has been a consideration to study and alter architecture of SDN so that there is no channel change to detect attacks.
Challenges and problems in the chosen research area
The article has considered how software defined networking while bringing different new benefits and aspects in the world of networking has become a target of distributed denial of service (DDoS). It identifies the way in which it becomes easy for the SDN system to locate and identify any kind DDoS attack, however, the problem occurs that for this identification there needs to be a shift in the channel of the SDN which would make it vulnerable to different other attacks which would be difficult to identify and would compromise the system. The cloud system is also identified in this case and security requirements of cloud computing include confidentiality, integrity, availability, accountability, and privacy-preservability. Among these security requirements, availability is crucial since the core function of cloud computing is to provide on-demand service of different levels. As a result, Denial of service (DoS) attacks and distributed denial of service (DDoS) attacks are the main methods to destroy the availability of cloud computing (Vithanwattana, Mapp & George, 2017). Hence, both these networking sectors are affected by DDoS and though SDN is more capable to attacking the DDoS attacks, the article identifies it to become equally vulnerable to other attacks (Yan & Yu, 2015). The journal traces a series of DoS attacks that has occurred since the period when cloud computing and SDN combined to define the networking area.
This journal is futuristic and compares with the present, past, and the future of SDN. It takes some of its data from other items and traces the rate of increase that has taken places in DoS and Man in the Middle problems and identifies them as Open Source discussion topics for future remedies (Akhunzada et al, 2015). It considers SDN, first as per the claim that it does make the network make up easier but the article focusses on the network security problem that occurs with the SDN and the other factors. According to this article, the integrity and security of SDNs remain unproven when it comes to the placement of management functionality in a single centralized virtual server and this makes it vulnerable to new kinds of attacks which includes new areas through which DoS and DDoS could attack the field. By a taxonomical branching of all the elements of a SDN, it considers the different ways in which the architecture can be fortified to bring about changes in the security features of the SDN construction (Layton, 2016). Different ways to protect SDN from DoS and DDoS attacks have also been suggested in this article.
Journals and articles addressing DoS and DDoS attacks
This journal effectively identified the tools which the hackers use to make an effect by the DoS attack and in this manner, the journal has tried to find the purpose which the hackers use to target specified sets of computers or networks to make the DoS attack possible. However, the issue this journal fails to address is DDoS and its effect on cloud computing and SDN as it skims over this issue, attaching it to the detailed study of DDoS (Gordon, et al., 2015).
This journal is an effective way in which real-time detection of DoS attack is recorded and by the use of this study, it could be identified how certain aspects of DoS works in the breaching of a system and taking over of the same in the process (Mayadunne & Park, 2016). However, the journal is made by making assumptions on the process and there is a controlled situation under which the entire process works, and so considering these effects, there is a lack of real situation basis on the study. The study also concludes stating this problem in the journal itself.
The journal aims to show how hackers have the ability to make use of certain access points to make changes in an organization network system, especially by working into the network elements of the network system (Teh, Ahmed & D’Arcy, 2015). It shows the working of DoS and Man in the Middle and hence is an improvement but it fails to show how the DoS and Man in the Middle work and intercept communication or transmission and how it could be altered.
The journal introduces the concept of cloud computing and makes some changes in the cloud features by putting in the way in which cloud affects SDN. But the journal typifies all kinds of cloud breaches under the subheading of leaks and therefore, that results in the journal being very limited in scope and has not the aspect of futuristic in it.
The journal has been introduced to bring up the future aspects of the SDN networks. While the journal does bring in the actual security issues in the world connected to cloud computing, it fails to bring in the way in which the security features could be tackled (Fraunholz, et al., 2017). It is just an awareness journal rather than a problem-solving one. It has also focused more on the taxonomic divisions of SDN architecture and has not concentrated much on the effects of cloud computing and provided more open-ended areas in respect to the security of cloud systems.
Importance of securing the Software Defined Networks (SDN) and Cloud computing
This journal is a proper description and introduction to the technique and network tools that are used by the different hackers to make an attempt into the network or system of targeted individuals. In general, this journal has the good points of making an analysis into the different ways of the breach to occur along with the different psychological implications behind any attack that the attacker may implement. However, there is not much diversity in this article and there are no experiments done in this case.
In this journal, while the real-time detection has been done, there has been many assumptions that have been used in this case. Also, the report has only used the study for the breaching system into vehicular networks under controlled environments, and the same could not be used for the different other networks in companies. This journal also has not provided much evidence on the basis of experiments but have only used certain elements out of their study in the processes used which are limiting. No penetration testing has been done to engage into a comparative analysis.
There is a lack of proper analysis of how the DoS and Man in the Middle enter into the breach elements successfully without getting stopped by the firewall or notified by the security. This lack of understanding is used by the hackers by utilizing different ways for breaching.
The various ways that cloud can be breached from outside or manipulated should be analysed and there should be an understanding into this affair for the best possible security installation and modification. This could be done properly by finding out ways, through trial and error, to effect changes in the security systems of the organization. Therefore, it might be necessary to conduct an experiment with assumptions and then eliminating assumptions and that could help in identifying a specified rule to understand and make changes in this effect.
There are several open issues but for the identification of them, there should be a proper interrogation into how they affect the internet and cloud system through their entry points. The journal also seems to focus more on the identification and the taxonomical division of the SDN architecture and in the process of identifying the protective measures that the SDN architecture could adopt that would help in the protection of the same, the journal seems to skim over cloud protection which is an area most affect by DoS and DDoS attacks.
The future research direction should be made more towards an analytical and interrogative manner rather than categorial and descriptive which it currently is. There is a need to make sure that the programmers and network analysts try to understand how hackers and third-party breaches enter and take control of the network in different ways and for that reason, there is a need to bring about certain predictive algorithms that shall help in predicting and preventing such breaching in the network. The security features could be strengthened is a proper identification and predictive algorithm could stop the breach before it takes place. In order to attain a certain form of stability in the security features of the organization, there will be a need to conduct different measurement and calculation based on different kinds of assumptions and then, through trial and error, each assumption should be eliminated and the conditions should be tweaked to create a good predictive analysis that will detect any kind of attack before it can affect a network. The measurements should also consider the psychological effect that the hackers have, referred as hacktivism, which makes them target certain network units to arrange a planned attack. Future researches should try to find out in what way and how such changes could be brought in and what impact they might have on the SDN and on the networking universe as a whole. There is a necessity for different kind of real-time experiments to be taken on natural systems with different assumptions to check the progress through which a DoS attack occurs. The assumptions should be lowered during the progress to triangulate on how DoS attack occurs and progresses and therefore, in the natural area of occurrence, this kind of problem should be examined and studied properly. While one of the journals have created a taxonomic division of SDN systems, there is a need for incorporating certain changes in the infrastructural base of the organization in a manner that it will be made more secure and more capable of tackling different forms of attacks.
References
Ab Rahman, N. H., & Choo, K. K. R. (2015). A survey of information security incident handling in the cloud. Computers & Security, 49, 45-69.
Akhunzada, A., Ahmed, E., Gani, A., Khan, M. K., Imran, M., &Guizani, S. (2015). Securing software defined networks: taxonomy, requirements, and open issues. IEEE Communications Magazine, 53(4), 36-44.
Bello Garba, A., Armarego, J., & Murray, D. (2015). Bring your own device organizational information security and privacy. ARPN Journal of Engineering and Applied Sciences, 10(3), 1279-1287.
Conklin, W. A., White, G., Cothren, C., Davis, R., & Williams, D. (2015). Principles of computer security. McGraw-Hill Education Group.
Fraunholz, D., Lipps, C., Zimmermann, M., Antón, S. D., Mueller, J. K. M., & Schotten, H. D. (2017, October). Deception in Information Security: Legal Considerations in the Context of German and European Law. In International Symposium on Foundations and Practice of Security (pp. 259-274). Springer, Cham.
Garba, A. B., Armarego, J., Murray, D., & Kenworthy, W. (2015). Review of the information security and privacy challenges in Bring Your Own Device (BYOD) environments. Journal of Information privacy and security, 11(1), 38-54.
Gordon, L. A., Loeb, M. P., Lucyshyn, W., & Zhou, L. (2015). Externalities and the magnitude of cyber security underinvestment by private sector firms: a modification of the Gordon-Loeb model. Journal of Information Security, 6(1), 24.
Ivanov, M. A., Roslyj, E. B., Starikovskiy, A. V., Krasnikova, S. A., Shevchenko, N. A., & Shustova, L. I. (2018). Non-Binary Pseudorandom Number Generators For Information Security Purposes. Procedia Computer Science, 123, 203-211.
Laybats, C., & Tredinnick, L. (2016). Information security.
Layton, T. P. (2016). Information Security: Design, implementation, measurement, and compliance. CRC Press.
Lee, J., Yoo, B., Lee, H., Cha, G. D., Lee, H. S., Cho, Y., … & Kang, M. (2017). Ultra?wideband multi?Dye?sensitized upconverting nanoparticles for information security application. Advanced Materials, 29(1).
Lowry, P. B., Posey, C., Bennett, R. B. J., & Roberts, T. L. (2015). Leveraging fairness and reactance theories to deter reactive computer abuse following enhanced organisational information security policies: An empirical study of the influence of counterfactual reasoning and organisational trust. Information Systems Journal, 25(3), 193-273.
Lyamin, N., Vinel, A., Jonsson, M., & Loo, J. (2014). Real-time detection of denial-of-service attacks in IEEE 802.11 p vehicular networks. IEEE Communications letters, 18(1), 110-113.
Mayadunne, S., & Park, S. (2016). An economic model to evaluate information security investment of risk-taking small and medium enterprises. International Journal of Production Economics, 182, 519-530.
Oriyano, S. P. (2016). Denial of Service. CEH™ v9: Certified Ethical Hacker Version 9 Study Guide, 305-329.
Parsons, K. M., Young, E., Butavicius, M. A., McCormac, A., Pattinson, M. R., & Jerram, C. (2015). The influence of organizational information security culture on information security decision making. Journal of Cognitive Engineering and Decision Making, 9(2), 117-129.
Safa, N. S., & Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442-451.
Safa, N. S., Von Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations. Computers & Security, 56, 70-82.
Scott-Hayward, S., Natarajan, S., &Sezer, S. (2016). A survey of security in software defined networks. IEEE Communications Surveys & Tutorials, 18(1), 623-654.
Siponen, M., Mahmood, M. A., & Pahnila, S. (2014). Employees’ adherence to information security policies: An exploratory field study. Information & management, 51(2), 217-224.
Sommestad, T., Hallberg, J., Lundholm, K., & Bengtsson, J. (2014). Variables influencing information security policy compliance: a systematic review of quantitative studies. Information Management & Computer Security, 22(1), 42-75.
Sommestad, T., Karlzén, H., & Hallberg, J. (2015). A meta-analysis of studies on protection motivation theory and information security behaviour. International Journal of Information Security and Privacy (IJISP), 9(1), 26-46.
Teh, P. L., Ahmed, P. K., & D’Arcy, J. (2015). What Drives Information Security Policy Violations among Banking Employees?: Insights from Neutralization and Social Exchange Theory. Journal of Global Information Management (JGIM), 23(1), 44-64.
Vithanwattana, N., Mapp, G., & George, C. (2017). Developing a comprehensive information security framework for mHealth: a detailed analysis. Journal of Reliable Intelligent Environments, 3(1), 21-39.
Xu, L., Jiang, C., Wang, J., Yuan, J., & Ren, Y. (2014). Information security in big data: privacy and data mining. IEEE Access, 2, 1149-1176.
Yan, Q., & Yu, F. R. (2015). Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Communications Magazine, 53(4), 52-59.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
