Intrusion Detection Systems Case Study

Improved Essays
avoiding such attacks such as Intrusion Detection System (IDS) which is the most popular method of defense [29].
A defense federation is used in [29] for guarding against such attacks. Under this technique each cloud is loaded with separate IDS. The different intrusion detection systems work on the basis of information that is exchange between these systems. In case a specific cloud is under attack, the cooperative IDS alert all other components in the system. Trustworthiness of a cloud is decided by voting, so that the overall system performance is not compromised.
C) Cookie Poisoning
It is method of modifying the contents of cookie by an attacker to gain unauthorized information about the user for the purpose of identity theft. Attacker
…show more content…
Before making an application live developer may also leave certain debug options running in order to re-examine. Special attention must be given to these backdoors as attacker can gain unprivileged access to the website [31]. Since these debug options facilitate back-end entry to the developers, and sometimes these debug options are left enabled unnoticed, this may provide an easy entry to a hacker into the web-site that let him make changes at the website level [31].
Now that we have seen some of the application level threats to the system we will look into what security measures can be used to avoid such attacks. Best way to achieve an application level security in a cloud environment is to analyze and address security threat at various cloud service model such as SaaS, PaaS and IaaS .For example in case of IaaS service model developers are given capability to develop and deploy application in a cloud environment. Developer may not be concerned with the application security of the application his is deploying in a cloud environment. Application runs on a provider’s infrastructure hence provider is responsible to provide various security measures so that infected application sharing resources with others does not affect other applications. Following are the security measures identified by in research paper
…show more content…
• Custom implementation of authorization and authentication schemes should not be implemented unless they are tested properly [ ].
• Back up policies such as Continuous Data Protection (CDP) should be implemented in order to avoid issues with data recovery in case of a sudden attack [96].
• Additionally, they should be aware if the virtual network infrastructure used by the cloud provider is secured and the various security procedures implemented to ensure the same [25].
Paper [] discusses security challenges in IaaS and discusses identity/access management and multifactor authentication techniques in Amazon Web Service (AWS) cloud.
In case of PaaS and SaaS model cloud provider has a responsibility to provide good level of security .Following aspects related to security must be considered.
• How the different applications are isolated from each other and whether the data belonging to one customer is inaccessible to any other customer or not[

Related Documents

  • Improved Essays

    Vulnerability assessment as related to IT environment is any flaw or weakness in the network infrastructure’s defenses that could be exploited in order to create an impact on the network. When it comes to network architectures vulnerability is a security weakness and mostly it is not being seen as a security threat. Protecting and defending a network successfully requires an effective system architecture security. Plus organization, network engineers and administrators must have policies, guidelines and follow through with the vulnerability assessment process. A successful defense will require effective information security architecture with that vulnerability assessment.…

    • 706 Words
    • 3 Pages
    Improved Essays
  • Great Essays

    to an extent through the encryption of data and proper access control management. Still even with these security measures in place, dubious attackers can breach the security measures and gain access to the data in the following ways [4]. • Cross-site scripting • Cross-site request forgery • Cookie manipulation • OS and SQL injection • Insecure storage • Hidden field manipulation Due to the vulnerabilities listed above, achieving data security in cloud remains a mammoth task. 1) Network Security: When using SaaS, the client transfer sensitive information to the application over the network. Hence, it is essential to secure the connection and provide proper network security.…

    • 1432 Words
    • 6 Pages
    Great Essays
  • Great Essays

    Risk Analysis Assignment

    • 1273 Words
    • 6 Pages

    They typically take which sequence of steps? The steps involved in risk analysis are; (1) identifying any potential risks, (2) assessing the risks the risks that are found, and (3) controlling threats to an organization 's IT infrastructure in hopes of lowering or eliminating security threats. Two factor authentication is another method for attempting to block unauthorized access to a system, network, or general sensitive information. Two factor authentication requires "something you know"; a password or PIN, and "something you have"; a card, dongle, cellphone, or other piece of hardware. Finally, it is possible to reduce an attacker 's chances by keeping systems up to date with items such as security patches and system software and hardware…

    • 1273 Words
    • 6 Pages
    Great Essays
  • Improved Essays

    Applications can dictate their networking requirements to the controller via northbound PAIS. In response, the controller converts those requirements into flows and installs them into the switches. Any malicious application can overwrite past policies/rules and make the network vulnerable (e.g. overwrite the old security rule with a new rule: bypass the firewall). There is no security mechanism in place to stop this kind of policy…

    • 710 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    Port Scanning Policy

    • 729 Words
    • 3 Pages

    Purpose and Scope: The purpose of this port scan is to get the information about the devices connected in the network and get verified from the security officer so that none of the irrelevant ports are open and to make companies devices more secure. This policy is applicable to the security officer having control over devices connected in the network. 2. Policy: This policy covers the guidelines for scanning the companies’ infor-mation…

    • 729 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    I will pass policies that show employees how to construct strong passwords to log in to the system such as P0c0nt@s2132, in which shows not only letters but upper case, symbols, and numbers. As well as, a secret question and password must be provided to provide reassurance that the person logging in is who they say they are. Next would be to have the right and updated anti-virus and malware protections. This will help detect threats that enter the system. Locking your network and applying wired networks, which involves plugging into physical outlets or hacking modem ports.…

    • 700 Words
    • 3 Pages
    Improved Essays
  • Improved Essays

    Also, aggregation of data in cloud to reduce system admin or other infrastructure may poses additional security challenges. Expectations to have better cyberspace which is secure, resilient and enables innovation ensuring public health and safety. Conclusion In the end, Fast evolving technology keeps challenging to cybersecurity solutions , while vulnerabilities are vast and laws created for them is unclear. According to center for law and security single actor can’t make any changes without collaborative effort. Cooperation among government and private sector to balance the effectiveness with efficiency and security with privacy and innovation in a practical…

    • 1171 Words
    • 5 Pages
    Improved Essays
  • Great Essays

    d. Any files received either electronically sent or through removable media should be scanned for probable malicious software content. e. Electronic mail attachments and downloads should be checked for malicious software before use. The corporate email system should be protected against this and “SPAM”. f. An incident response procedures and team should be established to deal with the outbreak of this malicious software. g. User awareness and training should be periodically done to inform users of the risks associated with obtaining files and software either from non-trusted websites, or on any other medium, indicating what protective measures should be taken.…

    • 1344 Words
    • 6 Pages
    Great Essays
  • Superior Essays

    Without it, how else will an organization know what their weaknesses are and what they can do to improve their defenses? As mentioned previously, Deerman (2012) found that there are three main phases of the malware lifecycle. Through the good intentions of implementing white hat hacking, an organization will be able to clearly see the vulnerabilities in their system and where attackers will most likely hit first. Understanding the offensive and defensive perspectives of the malware lifecycle will equip the organization with the adequate skills and tools to disable the first phase from developing so the malware never reaches the second or third phases. The best method of security is to always take preventative…

    • 1603 Words
    • 7 Pages
    Superior Essays
  • Improved Essays

    Reconnaissance involves gathering information of a target without any prior knowledge about the company relating to or an individual. It includes both Passive and Active Reconnaissance. This steps helps to discover useful data which can assist them to plan the attack. Scanning is the phase which takes place exactly after the attacker is able to collect enough information to understand the business works and those data which are valuable. Hackers uses this collecteddata to find a way which will help them executing an attack on the Operating System, Installed Software, Open Ports, IP Addresses or user accounts.…

    • 1032 Words
    • 5 Pages
    Improved Essays