RISK ASSESMENT 23
Running head: RISK ASSESMENT 1
Risk assessment in HFI organization
Name
Institution
Table of Contents
- Executive summary 3
- Asset Inventory 3
- Perimeter security 4
4 Vulnerabilities in HFC Network topology 5
4.1 Security vulnerabilities in the VPN gateway external access point 5
4.2 Security Vulnerabilities in Oracle Database server 6
5 Solutions to the improvement of perimeter and network security 7
5.1 Deployment of a firewall with the network 7
5.3 The use of proxy servers 8
6 Mobile security 9
6.1 Best practices for mobile computing 9
7 Wireless vulnerabilities 10
7.1 Security Vulnerabilities in Wireless network 10
7.2 Techniques to protect data 11
8 Authentication protocols and methodologies 12
9 Evaluation of the Web System protocol 13
9.1 Vulnerabilities within the Intranet Server 13
9.2 Secure Web protocols to improve security 14
10 Cloud computing environment 14
10.1 Protecting data moving into clouds 15
10.2 Protecting data in the cloud 15
10.2.1 Content discovery 16
10.2.3 IaaS Encryption 16
10.2.4 PaaS encryption 16
11 Vulnerabilities in the cloud computing environment and its impacts 17
12 HFI risk assessment Report 18
12.1 Existing threats 18
12.2 Controls in places 18
12.3 Likelihood of attacks 19
12.4 Risk assessment report 19
12.5 Risk mitigation procedures 19
References 21
Executive summary
This report provides an evaluation of HFI network topology, by analyzing the security vulnerabilities, perimeter security, and cloud computing environment. Evaluation measures involved the analysis of recent cyber attack and weaknesses in the existing gateways used as access points. Findings from the evaluation revealed that HFI network topology and organizational policy had inherent vulnerabilities that explain the surge in cyber attacks. The report highlight means to improve perimeter security and to fix the weaknesses in the access point through the use of secure protocols and formulation of security policies. The report also provides an insight into cloud computing, ways to secure data and existing vulnerabilities when using the cloud computing environment. Additionally, a risk assessment report is provided to provide means of initiating mitigation measures to be deployed in the event of an attack.
Asset Inventory
The table below provides an inventory of the HFI network topology.
Asset
Cost
Asset
Cost
RAS servers
$3,429
File and print sever
$9000
Oracle database enterprise edition
$47,500 per unit socket
Cisco routers
$1,950
DNS sever cost
Usage 200 ent
Zone 5*0.020
Monthly queries
$17.50
$50,000,000
Perimeter security
Perimeter security comprises of preventative control devices that whose functionality is to deter, detect, delay and deny unauthorized access. Security parameter varies from complex firewall patterns to simple passwords. The primary aim of perimeter security is to sort out the good guy from the bad one, granting access only to those who have it and can prove to be authorized to have it (1 – perimeter security, n.d.). An evaluation of HFC network topology reveals the following access point: Distribution routers, border core routers while the external access point includes the VPN gateway, RAS, border core routers, public switched telephone network, Wi-Fi and remote dial that allows for connectivity to external sources. Remote connectivity to network sources becomes a staple for HFC employees with some granted the opportunity to use their own devices. Assurance of security in wireless networks relies on properties of confidentiality and integrity. In this regards the ability to secure data from an authorized entity and the ability to verify data.
IT perimeter in the later day was simple and characterized by a firewall. Everything inside the firewall was a trusted insider while everything from the outside was not good in terms of networking perspective. However, the revised edition of network security perimeter involves a thorough definition by each node in the network rather than the network itself. Listed below are some of the devices that break traditional network perimeter, mobile devices, applications that traverse through the firewall, wireless access point and direct internet point. Concerning HFI topology, access points are the primary cause of a compromised security perimeter due to existing vulnerabilities (Kruger & Carbone, 2014).
Vulnerabilities in HFC Network topology
4.1 Security vulnerabilities in the VPN gateway external access point
HFC uses VPN gateway as a mechanism to transfer sensitive data between clients and a server application for remote workers. Users are authorized to work from home with VPN remote access being made available.VPN gateway employs the use of encryption technology to promote organizational data confidentiality and minimal manipulation. However, Authentication of the user is not provided for when using VPN. To gain access, the user provides passwords and username. Without authentication, the internal network is exposure to security risks is high (Perez, 2014). The fact that VPN gateway in HFC network topology is relays on MS-CHAP V2, which on its own is not secure. Increases the security vulnerabilities to hackers’ intrusions, the use of MS-CHAP V2 allow hackers to access passwords to wireless networks and VPN easily. Furthermore, an intruder can stage an attack within the network by using hacking tools to compromise the network system. Common forms of intrusion include network hijacking and man in the middle attack. Whereas the organization has not yet experienced a situation of VPN hijacking, the man in the middle attack is the most probable cause. For instance, an article in Business Week about HFI reported that technicians noted abnormal traffic inbound into the significant spike internal networks. Traffic volume and frequency of the traffic spiked significantly, yet the person or thing generating the traffic was unknown.
Additionally, the use of VPN gateway poses a client-side risk. Employees at home can access the internal network using mobile devices at the same time using a VPN connection. Multiple uses cause split tunneling which poses a risk to private networks, furthermore, HFI BYOD policy may result in compromised machines gaining access to connecting networks. This policy increases security vulnerabilities at multiple fronts which might cause substantial data loss (VPN & RAS Testing, n.d.). In the event, a home user brings to work a compromised machine infected with malware then leakage of passwords over a VPN channel is possible. Besides, malware infestation in one system connected via VPN, the malware quickly spreads to other computers if the anti-virus protection systems are ineffective.
Security vulnerabilities in the RAS external access point. Remote asses point server gives a wide range of services to remotely connected users. Usually, it acts as a gateway for remote users and organizational internal local area network (VPN & RAS Testing, n.d.). Furthermore, the use of VLAN switches increases the ease of penetration into a network. Typically, several tools are in existence that provides attackers with the luxury to penetrate VLAN and cause chaos. It is important to note that VLANs is at two layers of the OSI network model. Basing on this aspect, the majority of cyber attacks utilize the vulnerability for a switch track malicious wares. These vulnerabilities coupled with the number of cyber attacks on HFI provide proof that the network topology perimeter security is bellow per (Ten top threats to VLAN security, 2018). An attacker can conduct multiple attacks without detection.
4.2 Security Vulnerabilities in Oracle Database server
Highlighting the security vulnerabilities in the Oracle database server is prudent. Oracle database is a multi-model database management system commonly used for mixed database workloads. A considerable portion of data handling in the HFI is handling by Oracle database on high-end supercomputers located in TCB. Vulnerabilities in the Java Virtual machine component provides for a means in which remote and authenticated attackers can compromise the product by establishing a shell attack (Wright, 2014). Weak auThis is the only viable reason that can be used to explain the HFI attack which resulted in substantial financial implications and loss of public trust.
Solutions to the improvement of perimeter and network security
Basing on the evaluation of HFI topology, the preventive measures to in the use of firewalls, subjecting the network to penetration test, deployment of proxy servers and the use of intrusion detection system. This perimeter measures entail both preventive and detective control measures to help the organization counter the ever increasing threat of cyber security. For instance, taking into consideration HFI BYOD policy which allows employees to use their own devices in accessing the internal network. The little security measure is in place to regulate who and why an individual accessing some zones within the network.
5.1 Deployment of a firewall with the network
In the HFI organization, there is a need for logical segregation of security within the network. The sole aim of separation is to isolate sensitive network components. For example, there is no valid reason why an individual in the customer service was accessing the database. The firewall is configured in association with the component IP address. Firewall set rules is applicable in the HFI organization to strictly deter personnel accessing the high-security zone without valid reasons. This method is useful since it prevents any data packets from crossing the firewall (Karhade 2015). It is on the assumption that some users might be the sources of cyber attack, for example, the USB flash drive found in one of the computers. Thus deny all protocol is vital in ensuring the least privilege approach takes effect.
Network penetration test
A network penetration test is used to identify the security exposures that are used to surface when cyber attacks occur through the intranet and internet. A network penetration test is highly useful in identifying vulnerabilities ranging from compromised passwords to web servers and databases. These types of test are an internal and external test. An external test is used to identify vulnerabilities in the external environment outside the network (Shinde, & Ardhapurkar, 2016). This method involves the analysis of publicly available information and behavior of security devices. Internal test, on the other hand, is used to provide an in-depth view of the organizational security measures. Internal measures involve accessing external and internal access points, analyzing if employees can compromise the network with the information in their possession.
Ethical hacking is a process that can be used to access the internal resources of an organization. The primary aim is to find out whether secured information can be accessed, read or corrupted (Bourgeois & David, 2014).HFI can employ the use of proficient third party and in compliance with the PCI data security standards. However, it is worth noting that testing does not necessarily mean deployment of sophisticated technology, but even the sinister-sounding auditors paying the organization a visit can be useful in determining how easily it to access secured zones is.
5.3 The use of proxy servers
A proxy server is a hardware or software that sits between one network and others acting as intermediaries. Proxy servers can be used in the HFI organization to control outbound data traffic. It usually compromises of a gateway between a home network and the internet (Kara, 2016). Because employees are allowed to access the network while at home proxy server is useful in protective roles. The external requestor connects to the proxy, requesting a service that is to be provided by internal computers. The request is analyzed and evaluated based on predetermined criteria. In this way, at no point will external IP that has submitted the request be connected directly to the internal IP address.
5.4 The use of intrusion detection system.
IDS are the logical companion of a firewall. It is designed to recognize when an exceptional security issue has occurred — referring back to a security breach in 2018 when a laptop was used to snoop in a busy office that had sniffers software. The longer it took to detect the computer, the more the network was being compromised. To curb the occurrence of such, the use of IDS is useful in identifying such intrusions (Chandrashekhar, Revapgol & Pattanashetti, 2016). The prompt to the administrator results in drastic remedial actions. However, the design of IDS should be carried out with much care to avoid sensitivity resulting in false alarms.
Mobile security
In the HFI organization, mobility is a vital component that allows for workers interaction in real time. However, an evaluation of the HFI reveals a worrying trend characterized by losing possession of mobile devices.In this event; the entire network system is easily compromised.Unprotected mobile devices pose an easy target for well-seasoned hackers; hence mobile security has to be adjusted ranging from one employee to the other.
6.1 Best practices for mobile computing
The use of mobile device management can maintain mobile security.MDM ensure that the managed devices are equipped and used following the company security standards.HFI organization ought to develop security measures that govern which mobile apps can be used on company end devices, and remove any unwanted apps in case of doubt. The other advantage of using MDM lay in the fact that it can be used to turn off and delete data from stolen devices remotely (Kalinichenko, & Ferra, 2015). Mobile security framework can also be used to conduct static analysis and malware identification, as such the network administrator is alerted when malware infested mobile device connects to the internal network.
Besides, the company IT department should develop an enterprise app store. An Enterprise store enables employees to download apps needed for a particular task, and from a secure source. Enterprise app design should integrate encryption in the sense that they can encrypt data between devices; this makes it rely difficult to spy communication between devices in utilization. Likewise, the employees should be reminded and helped in updating the mobile OS with security patches (Klassen et al. 2015). The HFI organization should re-assess the BYOD policy since an employee can quickly launch a malicious code after reading an email. The employees are the most significant risk and ought to receive information on best practices in regards to mobile computing.
Devices accessing the network through a wireless network should pose user authentication in terms of user names and passwords. Strict adherence to safe security practices by all employees in HFI is necessary. Education on security measure, such as how to avoid phishing emails and the use of strong passwords for accessing the network helps mitigate cyber attacks. These measures if well-implemented decreases rapidly the threats posed by the use of mobile devices and go a long way in increasing employee productivity.
Wireless vulnerabilities
7.1 Security Vulnerabilities in Wireless network
HFI network topology utilizes the wireless router as a linkage point connecting the wireless antenna with internal networks. However, wireless networks have security vulnerabilities that might compromise the HFI network system. Different types of attack through the Wireless network. The major one is passive attacks and active attacks. On the one hand, passive attacks characterized by snooping of traffic without modifying data or the traffic between two nodes while active attack modifies data and results in dropping of packets in networks. The attacks can also affect multilayer switches to inform of signaling jamming and sniffing (Waliullah & Gan, 2014).
Furthermore, their vulnerabilities in Wi-Fi devices are introduced by manufacturers in the hardware component meaning that they are highly susceptible to hackers. These include poorly secured administrators access and vulnerable services such as play and pug.HFI allows connectivity to its wireless network as an external access point. The fact that wireless network employs the use of a secure shell which is highly abused by reliable means to a network can easily be compromised. Besides, the wireless security protocol in the recent past, have been found to poses weakness. For instance, the wired equivalent privacy encryption protocol has been found to have many flaws. The weak protocols algorithm increases the susceptibility of a network to attacks, through sniffing initialization vectors.
7.2 Techniques to protect data
Safeguards measure to protect data, include updating the firmware of Wi-Fi enabled devices. As soon as updates are available, the entire devices should be updated and switching to Ethernet until patches are wired up. The use of VPN when accessing remote devices is a safety practice. Even though changing default Wi-Fi network names seem outdated, it can help minimize the risk of intrusion. Bundled routers in these cases should have complex credentials to deter unauthorized access (Network security, lesson 2: Common security measures, n.d.).
Authentication technology such as two-factor authentication is effective in protecting wireless networks. For all users accessing the network, rather than just using a password an authentication method by the administrator helps track and block entry point to the network. Access to the physical access control system should employ the use of facial recognition technology to authenticate personnel. This method is quick compared to the use of biometrics and scanners, especially in large organizations.
Network security measure to protect against data loss involves the installation of IDS.IDS exist into two, host and network IDS. On the one hand, host-based IDS is installed on a particular important machine and is tasked to ensure a particular system matches set baseline (Le, Loo, Chai & Aiash, 2016). The favorite file integrity checker helps in to notify the administrator in the event of any changes thus denying hackers backroom access into networks.
On the other hand, network-based IDS consist of ordinary traffic sniffers running in idle modes. IDS analyzes the database for any malicious and known attack signatures by going through each packet. The advantage of employing IDS as a means of offering data security lays in the fact that it is tough to detect. Since the IDS on its own does not need to generate traffic, making it difficult to know if the system is under scrutiny.
8 Authentication protocols and methodologies
Authentication allows the protocol to allow multiple devices to access the central servers. Mostly commonly used protocols are TACAS+, RADIUS, and active directory. It is important to note that different protocols are used for different purposes (Remote Access Authentication Protocols, n.d.).HFI uses the wireless technology which employs the use of MS CHAMP V2 protocol that provides for data protection and encryption. MS CHAMP V2 helps in mitigating the risk of hijacking and middle man attacks by performing authentication and encryption at the same time.
For the wired network environment, authentication protocol in use is to ensure that passwords transmit over the internet is safe.HFI organization uses the WAN network to link over 20 remote facilities to the corporate headquarters. Challenge Handshake Authentication protocol is used by point to point protocol for extensive area network in HFI organization. The fact that HFI value and offers the BYOD policy, the employees can access internet connectivity remotely. Mobility devices employ the use of one-way authentication this requires the user to provide a user name and passwords and a second factor on something else they have ( Arteaga, Al Osman, & El Saddik,2016).
The above-listed protocols have weaknesses the main reason as to why HFI experienced multiple attacks. It is essential to ensure a high level of encryption to secure the wireless network. Wi-Fi Protected Access is much easier to use and is built in almost all modern hardware’s. Wi-Fi protected set up, on the other hand, provides security using WAP and add secure network set up and connections when available.
9 Evaluation of the Web System protocol
The web site is continuously under constant surveillance by hackers and any following door result to the compromised system. Web systems are built with n tier architectural pattern in that several servers work together to provide web site functionality (Georgiev, Jana,& Shmatikov, 2015). The most common in the HFI organization is the web servers, application server, and the database server.HFI utilizes the RAS server acting as the remote gateway connecting the external user with internal users in the organization over the LAN connectivity.RAS also allows the user to connect a remote computer over the phone line.
9.1 Vulnerabilities within the Intranet Server
Because intranet servers are made available to employees, with most people assuming that they are more secure than the public network. All intranet servers are vulnerable and the fact that HFI lacks any security policy then chances of attack is very high. An evaluation of HFI reveals that the intranet does not deny the user access to specific software and data. Secondly, the organization permits internet use and use of electronic emails. With limited security measures. Lastly, the organization lacks any security policy (Gorny, Conrad, Lovell, & Feather, 2018).
HFI intranet severs pitfalls include, inadequate authentication options such as secure socket layers and encryption options. This vulnerability exposes servers to potential hackers and the resultant loss of data. The servers are lack both hardware and software defenses, with intranet access open to all users both internal and externally. Additionally, the server permits user dials up access through the firewall, support wireless access from any location and limited emphasis on the use of WEP security measures.
9.2 Secure Web protocols to improve security
The most suitable Web protocol for security purposes should integrate cryptography and encryption technology to protect data. In this way, data can only be decrypted using a special algorithm and unique keys.HFI can utilize some of the most popular protocols such as SFTP, HTTPS, and Secure socket layer (TCP/IP Security, n.d.). Depending on the nature of the implementation of SSL, the benefits are massive in terms of providing security measures for web services.SSL ensures confidentiality in that data is not accessible by authorized personnel.SSL can also notify the administrator if data in transit altered. The integrity of information is made possible through the generation of authentication code value on one hand and poses the ability to confirm other parties’ identities.
10 Cloud computing environment
The primary role of the cloud computing environment is to offer security. In this way data that powers systems are safe. Adopting cloud computing is advantageous and the best viable alternative in efforts to counter cybercrime. For HFI organization, data security life cycle is applicable to define strategies for cloud computing. Data dispersion is used to improve data security without necessarily using encryption technology; data dispersion is used to protect HFI data.IDA algorithm ensures that data is available once stored in the cloud through the use of data fragmentation (Rittinghouse, & Ransome, 2016). Data fragmentation in conjunction with encryption increases the security level of stored data beyond reproach.
The main challenge in moving data into the cloud is about how data can move from the respiratory. However, data activity monitoring can be used to tackle this challenge while file activity monitoring provides log details. Data movement into the cloud is facilitated by URL filtering which helps in mentoring data and prevents connecting to users. Data loss prevention, on the other hand, helps in looking at the actual content in transits. Thus it is easy to approve data transiting into the cloud and also block the data getting into unproven services.
10.1 Protecting data moving into clouds
HFI cloud computing environment focuses on securing data in transits. The type of data includes, data moving from the organization traditional infrastructure, movement of data between different cloud providers and movement of data between instances (Albugmi, Alassafi, Walters, & Wills, 2016). Techniques to deploy involve the use of standard network encryption with the end to end the most preferred. Proxy-based encryption protects data integrated into legacy applications.
10.2 Protecting data in the cloud
Cloud computing offers divers alternative measures to secure data. However, in our cases, the HFI cloud computing environment utilizes content discovery, iaas encryption, and PaaS encryption.
10.2.1 Content discovery
These are the tools and processes used in identifying sensitive information going into storage. The beneficial aspect of content discovery is that it allows the organization to formulate policies depending on the nature of data and information. Data is scanned after classification using advanced analysis techniques to detect the location and identify a violation of policies governing the storage of sensitive information. Scanning can be through files share running on an operating system (Albugmi, Alassafi, Walters, & Wills, 2016).
10.2.3 IaaS Encryption
IaaS is classifiable into volume storage and objects storage encryption. Volume storage encryption is tasked to protect volumes from risks such as cloning, and physical loss as a result of faulty drivers. Meanwhile, object storage is highly exposed to the public network and provides for the use of the VPN at the same time offering protection. Iaas volume is encryption technology uses three methods, encryption at an instance, externally managed and proxy managed encryption. When the engine runs within an instance, the key is stored in the volume and protected using a repair key (Suthar, & Patel, 2017). IaaS main aim is to manage virtual machines and reduce costly wastages and unauthorized access. Externally managed encryption, the key is stored externally while the engine runs. Meanwhile, proxy handles all crypto operations while the keys are either stored externally or internally.
10.2.4 PaaS encryption
The PaaS encryption entails the use of its application to protect data and the client.
Data is protected using encryption built in the database.However, before this data transited to the platform; it passes through a proxy (Suthar, & Patel, 2017). Unlike other models, PaaS solely focuses on protecting data and the ability to plan against any loses in the cloud in case of breaches.
11 Vulnerabilities in the cloud computing environment and its impacts
Cloud environment experiences at a high level just like traditional center environment have vulnerabilities. The fact that cloud computing runs software’s, software’s tends to have vulnerabilities. However, unlike traditional systems cloud computing responsibilities for risks mitigation are shared between the CSP and the cloud consumers. Listed below are the cloud vulnerabilities and their impacts if a data breach occurs.
The practice of shadow IT in an organization poses a risk. The use of unlicensed cloud services could lead to increased malware infection and data exfiltration (Almorsy, Grundy, & Müller,2016). Organizations cannot protect resources; it knows little about, thus having an impact on the organizational ability to control their network and data.
Exposure of internet accessible management IPS poses a vulnerability that could lead to loss of data. Cloud computing environment exposes a set of the application programming interface, API is used by organizations to manage and interact with cloud services. These API can contain the same vulnerabilities just like those API in operating systems. Cloud API is accessible via the internet posing a high potential for attacks (Albugmi, Alassafi, Walters, & Wills, 2016). The impact of this vulnerability is that attackers can explore the API, use organization assets to initiate attacks on other customers using cloud computing platform.
Cloud computing environment is vulnerable to data loss, not caused by attackers in this case. Accidental data deletion by the cloud service provider and physical catastrophe such as earthquakes can cause data losses. Furthermore, if a customer’s encrypts data and sends it to the cloud then losses the key, then the data is lost. This vulnerability exposes an organization to risks just similar to those posed by traditional means and could face legal lawsuits, which affects the credibility of the entire’s organization.
12 HFI risk assessment Report
HFI organization has had its fair share of cyber attacks. The organization has incurred losses in terms of a breach in data confidentiality and resultant legal repercussions due to malicious attacks and lost mobile devices. Additionally, frequent attacks and compromised systems decrease public confidence and reduce productivity due to system downtime. , it is crucial to conduct a risk assessment to ascertain and initiate mitigation measures.
12.1 Existing threats
HFI organization main threat is posed by employees and limited security policy to govern the organization. In respect to this, malicious employees are guilty in cases of granting authorized access into the network system. Carelessness on the part of employees such as losing laptops that have the potential to expose the entire network to cyber attacks. The other threat that is posed by poor security measures, in term of perimeter security and network security which increases the chances and probability of attacks. From the evaluation of existing vulnerabilities it is common knowledge that the wireless network poses the highest risk.
12.2 Controls in places
HFI organization despite the numerous attacks, little control measures are in place. Control measures in terms of technicality are not in place. It is worth noting that there lacks any form of IDS and the authentication procedures to access the internal network is one way which has many security flaws. Meanwhile, non-technical control measures are also not put in place.HFI organization lacks a security policy that regulates and delegates’ security levels within different levels of management.
12.3 Likelihood of attacks
Taking into consideration the lack of both preventive and or detective security measures, the probability of another attack occurring is high. Furthermore, the scale of the attack is high compared to past attacks. The organization vulnerability exists on multiple fronts. For instance, the wireless network provides leeway for unauthorized access while the BYOD policy poses a security risk.
12.4 Risk assessment report
Asset
Threats
Vulnerabilities
Priority
Control measures
Servers
Interception
Weak security protocols
High
None
Website
Interception
Poor firewall configuration
High
None
Routers
Hardware failure
Manufactured vulnerabilities
low
None
MLS
Hardware failure
Inbuilt hardware failures
low
None
12.5 Risk mitigation procedures
The following risk mitigation procedures are necessary, back up data regularly in an offsite preferably the cloud computing environment this helps mitigate the risk of file deletion and the threat from disasters such as fires. Upgrading the existing servers by acquiring betters severs with highly effective security protocols. The other mitigation procedure involves the configuration of firewalls and initiating a company security policy. This policy helps to control and ensure safety in the use of outside devices that asses the network.
References
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.
Albugmi, A., Alassafi, M. O., Walters, R., & Wills, G. (2016, August). Data security in cloud computing. In 2016 Fifth International Conference on Future Generation Communication Technologies (FGCT) (pp. 55-59). IEEE.
Arteaga-Falconi, J. S., Al Osman, H., & El Saddik, A. (2016). ECG authentication for mobile devices. IEEE Transactions on Instrumentation and Measurement, 65(3), 591-600.
Chandrashekhar, A. M., Revapgol, J., & Pattanashetti, V. (2016). Big Data Security Issues in Networking. International Journal of Scientific Research in Science, Engineering, and Technology (IJSRSET), 2(1).
Gorny, T., Conrad, T., Lovell, S., & Feather, N. E. (2018). U.S. Patent Application No. 15/863,048.
Georgiev, M., Jana, S., & Shmatikov, V. (2015, May). Rethinking security of Web-based system applications. In Proceedings of the 24th International Conference on World Wide Web (pp. 366-376). International World Wide Web Conferences Steering Committee.
Gorny, T., Conrad, T., Lovell, S., & Feather, N. E. (2018). U.S. Patent No. 9,900,337. Washington, DC: U.S. Patent and Trademark Office.
Karhade, M. (2015). U.S. Patent No. 9,112,911. Washington, DC: U.S. Patent and Trademark Office.
Klassen, G. D., Major, H. R., Gagne, A. R., Creditor, K. J., & Boudreau, J. J. (2015). U.S. Patent No. 8,953,799. Washington, DC: U.S. Patent and Trademark Office.
Kara, M. (2016). A Model for Secure Data Sharing Between Different Security Level Networks. J Comput Eng Inf Technol 6: 1. doi: 10.4172/2324, 9307, 2.
Kalinichenko, B., & Ferra, J. G. (2015). U.S. Patent No. 9,124,582. Washington, DC: U.S. Patent and Trademark Office.
Kruger, D., & Carbone, J. N. (2014). Radically Simplifying Cyber Security. In Applied Cyber-Physical Systems (pp. 51-61). Springer, New York, NY.
Khan, M. A. (2016). A survey of security issues for cloud computing. Journal of network and computer applications, 71, 11-29.
Le, A., Loo, J., Chai, K., & Aiash, M. (2016). A specification-based IDS for detecting attacks on RPL-based network topology. Information, 7(2), 25.
Network security, lesson 2: Common security measures. (n.d.). Retrieved from https://searchnetworking.techtarget.com/tutorial/Network-security-lesson-2-Common-security-measures
Remote Access Authentication Protocols. (n.d.). Retrieved from https://www.sqa.org.uk/e-learning/NetInf104CD/page_09.htm
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management, and security. CRC press.
Security 101: Protecting Wi-Fi Networks Against Hacking and Eavesdropping. (n.d.). Retrieved from https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/security-101-protecting-wi-fi-networks-against-hacking-and-eavesdropping
Shinde, P. S., & Ardhapurkar, S. B. (2016). Cybersecurity analysis using vulnerability assessment and penetration testing. In 2016 World Conference on Futuristic Trends in Research and Innovation for Social Welfare (Startup Conclave) (pp. 1-5). IEEE.
Suthar, K., & Patel, J. (2017). Encryption: An secure approach for data security using encryption and obfuscation techniques for iaas and daas services in a cloud environment. In Proceedings of International Conference on Communication and Networks (pp. 323-331). Springer, Singapore.
TCP/IP Security. (n.d.). Retrieved from https://developer.mozilla.org/en-US/docs/Web/Security/Information_Security_Basics/TCP_IP_Security