Monitoring the type of DDoS attack, the frequency of the attack, duration of attack, and the aggressiveness of the attack all provide clues as to whom may be instituting the attack. The packet stream can be disrupted by the victim by 'pretending' to go offline to the protocol receiving the bandwidth from that particular attack. The rerouting of using available bandwidth to other protocols via an alternative port can remove the ramifications of the attack.
Applying the aforementioned framework within the cloud environment offers an unprecedented level of security enabling the transmission and storage of information in an environment where DDoS is actively monitored and attacks are recognizable. The strategy of using the cloud ostensibly removes the bottleneck constriction due to the lack of physical infrastructure such as a server that purports a chokepoint should an attacker stream an abundance of packet information to the target server.

According to Koutepas, Stamatelopoulos,….

Detecting, Preventing or Mitigating Distributed Dos (DDOS) Attacks
The Internet continues to be a critical subject due to the increasing attacks based on the major universal communication infrastructures. This study identifies the one detection and two mitigation approaches in developing content to show that DDoS are becoming common in daily business operations.

ationale for selecting the papers

The first research paper I selected is titled "Mitigating Dos Attacks Using Performance Model-Driven Adaptive Algorithms" by Barna and others. The article is recent and goes in length in elucidating the most invaluable method of mitigating DDoS. I also selected this article because it goes in lengths showing how DDoS affects the operations of an organization warranting the adoption of succinct measures in case of an attack.

I also selected an article by ahmani, Sahli, and Kamoun, titled "Distributed Denial-Of-Service Attack Detection Scheme-Based Joint-Entropy" as it elucidates clearly the best way of detecting DDoS in an organization's….

Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks concentrate on rendering any resource (i.e., site, server, or application) inaccessible for whichever function it was created for. There are numerous means for making services inaccessible to their legitimate customers, including manipulation of network packets, resource handling, programming, or logical vulnerabilities. When services receive several requests, they may become unavailable for legitimate customers. Likewise, services can also stop due to exploitation of programming vulnerability, or how the service manages the resources it utilizes. The attacker may, at times, inject and effect arbitrary code when carrying out DoS attacks for accessing key data or executing server commands. DoS attacks considerably damage the service quality, negatively affecting legitimate customers experience. They give rise to significant delays in response, service disruptions, and huge losses, thereby directly affecting the availability of service (OWASP, 2015). This form of cyber-attack attempts to make a certain target service inaccessible for….

Detecting, Preventing and Mitigating Dos or DDOS Attacks
Detecting, Preventing and mitigating DoS or distributed Dos Attacks

Distributed Denial of Services is constantly evolving from small megabits to massive megabits of data. Many Internet Service providers lack the capacity and the ability to mitigate this problem. Most of these attacks are run from one master station that takes control of millions or many stations and use them as Zombies to launch the attack. This paper uses ideas from peer-reviewed articles to summarize aspects related to detection, prevention, and mitigation of DoS attacks.

ationale of selecting the papers

The first research paper selected by Kompella, Singh, and Varghese (2007)is titled "On Scallable Attack Detection in the network" from IEEE/ACM Transactions on Networking Journal. I selected this research paper because it showed a significant research on the current issue of denial of service. The research paper also contains knowledge that captures researcher's attention to this topic.

The….

Auditing, Monitoring, and Detecting of Dos or DDoS Attacks
A Dos (denial of service attack) is an attempt to make network or machine resources non-available to legitimate users. Attackers use the Dos to accomplish their goals by flooding the target resources or machines with the superfluous requests or useless packets to overload the systems and prevent users to fulfill their legitimate requests. When Dos originates from a single network or host node, it is termed a Dos attack, however, a distributed Dos is a more serious attack that attempts to consume computer resources to prevent the system from providing services. A DDoS occurs when there are multiple sources of attacks and often come from thousands of unique IP addresses. However, the rates of the DDoS have increased in the last few years, and criminals target high profile servers such as credit card payment gateways, banks other big corporations to achieve their….

DDoSCISA Warns of Possible DDoS Risk in Contec Patient Monitor Medical deviceshttps://www.scmagazine.com/analysis/device-security/cisa-warns-of-possible-ddos-risk-in-contec-patient-monitor-medical-devicesIn September 2022, CISA reported that Contec Health patient monitor medical devicesnamely, the CME8000are vulnerable to possible threat actor attacks, such as mass DDoS attacks or malicious firmware updatesanywhere Contec Health patient monitor medical devices are used due to security bugs in the devices. One bug is that uncontrolled resource consumption causes failures in the parsing of malformed network data in the CMS800, for example. The bugs could be exploited by threat actors looking to gain control of health networks or sensitive data. This report is significant because it shows that the lack of security in the devices makes employees and patients vulnerable to a threat actor. One possible solution for addressing this issue is to improve authentication/controls that would prevent a threat actor from accessing the network through the devices; fix security bugs in the CME8000.Who, What, When,….

" (Muntenu, 2004)
According to Muntenu (2004) "It is almost impossible for a security analyst with only technical background to quantify security risk for intangible assets. He can perform a quantitative or qualitative evaluation using dedicated software to improve the security of the information systems, but not a complete risk assessment for the whole information system. Qualitative assessment based on questionnaires use in fact statistical quantitative methods to obtain results. Statistical estimation represents the basis for quantitative models." Muntenu states conclusion that in each of these approaches the "moral hazard of the analyst has influence on the results because human nature is subjective. He must use a sliding window approach according to business and information systems features, balancing from qualitative to quantitative assessment." (2004) qualitative study of information systems security is reported in a study conducted in U.S. academic institutions in the work of Steffani a. urd, Principal Investigator for Information….

Social Engineering as it Applies to Information Systems Security
The research takes into account several aspects that better create an overview of the term and the impact it has on security systems. In this sense, the first part of the analysis reviews the concept of social engineering and the aspects it entails. Secondly, it provides a series of cases that were influenced by social engineering and the effects each had on the wider picture of information security. Thirdly, the research looks at what policies are set in place to avoid this type of practice and how has the information security society responded to the threat posed by social engineering. Finally, possible solutions to the issues social engineering raises are also presented in the context of the increased technological environment in which business is conducted in the world we live in today.

General aspects on social engineering

A non-academic definition of what social engineering….

Cloud Computing Security Pros & Cons
Over the last ten years, cloud computing has rapidly grown and it is expected to grow even further as more businesses move online. When cloud computing was first conceived, many skeptics dismissed it as being just another tech fad that will quickly disappear. However, over the last three years cloud computing has truly changed the way we think about IT nowadays. The Cloud has significantly reduced the cost of doing business and has allowed businesses to focus on their core activities and not IT related issues (Krutz & Vines, 2010; Ali, Khan &Vasilakos, 2015). These reasons and many other which we will highlight in this essay show that Cloud computing is here to stay. However, like any other technology, cloud computing has also been associated with a few challenges and inefficiencies. This paper will look at the pros and cons of cloud computing. In the….

(%) Cross Site Scripting (XSS) errors -- by far the most common strategy hackers use to gain access to the source code of websites and the databases supporting them is to use a technique called cross-site scripting (Brodkin, 2007). Actively monitoring the percentage of XSS errors over time can determine patterns of when hackers attempt to gain access to a website's source code, database links, pricing and e-commerce systems. This is one of the most often used metrics in security dashboards used for monitoring Web-based applications and multisite installations.

(%) Incidence and Trending of Buffer Overflow Injection Flaws -- This is most commonly associated with attempts to gain access to SQL databases supporting a website by forcing a buffer overflow condition (Brodkin, 2007). This is one of the most effective hacking strategies there are as it forces a system to fail and allow access.

(%) Authentication Soft and Hard Errors -- the….

Crime
Workplace is not safe from numerous types of crimes. These crimes can range anywhere from burglary to homicides and from discrimination on the basis of sex to even rape for that matter. But these crimes are physical crimes and it is easy to avoid them or keep them at bay by making use of physical barriers, security cameras and a few sensible risk/security management tactics. For instance, if only 3 or 4 people work at night-time, it is easy to target anyone of them but if a considerable amount of people work together and have no hostility towards each other, these types of situations can be avoided. Use of security systems is a pre-requisite for the protection of material wealth and belongings. These types of systems can help avoid theft and burglary but if somehow these do occur, it will inform the managers of the incident at the earliest….

CYBE CIME AND COPOATE SECUITYAbstractIn the past, various businesses have lost huge sums of money to cybercriminals, while others have experienced severe service disruptions. This has been the case as cyber criminals execute schemes meant to advance certain agendas. For this reason, cybercrime is increasingly being seen as one of the most serious challenges that business enterprises (as well as government agencies) face today. Various surveys conducted in the past indicate that the problem could be worsening. The problem is aided by the emergence of what could be deemed as cybercrime facilitating factors such as crypto currencies. The dynamic nature of cybercrime, i.e. in relation to variations in the methodology and conduct of attacks, also makes it difficult for this particular challenge to be effectively dealt with. It is with this in mind that various interventions have been floated in the past to reign in this particular challenge. However, to….

cloud computing will be discussed to show that the good outweighs the bad. Furthermore, it will be further discussed that the government is looking into using cloud computing because it will cut IT cost down and increase capabilities despite the fact people are concerned with security issues that this may bring to the public.
In completing a dissertation, it is very hard to go through the challenges that it requires. From the start and until this moment, I had gone through many challenging stages. The challenges that I faced were deciding the topic, reading various journals and articles, narrowing down focus within a large area, getting information on cloud computing, which all required time and effort. Despite the strong tasks that I faced, I finally made it and the 'final product' is about to be released. I feel extremely happy to have this chance to learn through the process since….

Threat Identification
The threats

How the threats are detected

Ever since the September 11, 2001 terrorist attacks, businesses have had to critically rethink on the level of adequacy of their disaster recovery arrangements in relation to their business continuity plans as noted by Lam (2002,p.19). The September 11, 2001 tragedy effectively highlighted the importance for organizations to continue with their commercial operations even under the most exceptional of circumstance. My business which has a considerable e-commerce operation is particularly vulnerable to the IT related threats. It is therefore crucial that these threats be identified and eliminated or mitigated before they result to loss of revenue.

In my business, I face several threats. However, the ones that I consider most dominant are technology threats and information threats. These threats can cause a major disruption to the to business continuity planning (BCP) cycle. Technology threats include natural disasters like fire and flooding, system failure, network failure,….

Business Impact Analysis
The heart of any major business, beyond its human capital, is usually its technological resources and status. A business that relies on internet access and an arsenal of computer hardware and software must collect and harness the necessary knowledge, people and tools to manage this technology in an efficient yet effective way. Doing otherwise can expose trade secrets and customer data. Loss of productivity can also be exceedingly damaging.

Mission Critical Functions

As it relates to technology, there are three major functions that are mission critical. The first, and most important, is the network itself. If the network goes down, any networking and Internet functions will grind to a halt. Having such a happenstance drag on for a considerable amount of time can cause massive amounts of damage in terms of client deliverables not being provided and necessary administration work not getting done. It is true that not all tasks….