Login Signup
Verified Document

Business Environment And Attacks Research Paper

Related Topics:
Intrusion Detection System Web Services Wireless Network Computer System
Open Document Cite Document

Auditing, Monitoring, and Detecting of Dos or DDoS Attacks A Dos (denial of service attack) is an attempt to make network or machine resources non-available to legitimate users. Attackers use the Dos to accomplish their goals by flooding the target resources or machines with the superfluous requests or useless packets to overload the systems and prevent users to fulfill their legitimate requests. When Dos originates from a single network or host node, it is termed a Dos attack, however, a distributed Dos is a more serious attack that attempts to consume computer resources to prevent the system from providing services. A DDoS occurs when there are multiple sources of attacks and often come from thousands of unique IP addresses. However, the rates of the DDoS have increased in the last few years, and criminals target high profile servers such as credit card payment gateways, banks other big corporations to achieve their criminal goals. An intruder may consume the disk's place by sending excessive email messages to create errors in the systems. Intruders can also implant a zombie software on the target websites to achieve direct Dos attack objectives. Often, the DDoS attacks may consist of two -level approach that include master zombies and slave zombies, where the master zombie uses the slave zombies to a create vulnerabilities across network resources using the malicious code to infect the distributed machines. The attackers can also use the malware to alter the system configuration to provoke the Dos attack. (Jain, Jain, & Gupta, 2011). When an attacker infects the target machine with malware or zombie software, the software will run on a large number of target machines.

Another attacking strategy is by scanning the machine with the zombie software to detect the vulnerable machines, launching the internet traffic through the infected machines. (Stallings, 2013). While web services provide critical functionalities to businesses, however, the Dos might inflict several damages to web services, which may lead to reputation and financial losses. Different research articles focus on the Dos or DDoS attacks, their preventions, detections, and mitigations. (Han, Shen, Duong, et al. 2014, Oliveira, Laranjeiro, & Vieira, 2015).

The objective of this paper is to analyze the main threats and attacks on TCP/IP protocols and the affect networks. Moreover, the study assesses the main attacks and threats on the wired and wireless networks from inside and outside an organization. The study discusses the current penetration testing tools, techniques, and procedures.

Detection, Prevention, and Mitigating Dos Attacks

The TCP/IP protocols are tools that assist in enhancing communication across the internet. The TCP/IP also provides a wide array of functionalities consisting of network layers, transport layers, link layers, and application layer. However, the TCP/IP have been a target of attacks in the contemporary business environment, and the Dos or DDoS attacks are major attacks on TCP/IP. (Steinke, Tundrea, & Kelly, 2011). A Dos attack can make the application layer of the TCP/IP unable to process requests because the attacks will make the server get swarmed by useless packets. Moreover, the attacker can target the TCP/IP network layer making the network system to slow down or drop packets and make the network unusable for the users. The study reviews three articles to demonstrate methods for preventing detecting and mitigating Dos and DDoS Distributed.

"Dos attack detection and mitigation utilizing Cross-Layer Design. Ad Hoc Networks." (Soryal, & Saadawi, 2014 p 71).

Soryal, & Saadawi, (2014) in their research article provide a comprehensive review on the detections and mitigation of Dos attacks using the cross layer designs. This study chooses the article for a review because the authors develop different algorithms for the Dos detections and mitigations, which can be applicable in the IT and business environments. Soryal, & Saadawi, (2014) argue that the Dos attack has become more...

The authors point out that attackers can carry out the Dos attacks in the wireless networks using different methods disguising themselves as legitimate users, follow and control the data packets, and make all the innocent nodes in the systems to consider them as legitimate nodes. Soryal, & Saadawi, (2014) develop Dos detection and migration algorithms to deceive attackers to let them falsely believe that they are still disrupting the network systems. The detection algorithms consist of IEEE 802.11 IDC (Distributed Coordination Function) standards that can be used to perform the Dos detection combined with modification of "IEEE 802.11 MAC layer code." (Soryal, & Saadawi, 2014 p 78). The detection strategy uses the algorithms technique to modify the MAC layer firmware to assist each node in the system to detect the Dos attack utilizing MAC (Medium Access Control) layer to identify the attackers.
The mitigating process is the next step after detecting the Dos attacks. The mitigating module intervenes and starts changing the communication channels based on the PSS (Pre-Shared-Sequence). (Soryal, & Saadawi, 2014). The mitigation algorithms force all the nodes in the systems to change the communication systems to the safe channels. After all the nodes have resumed in the safe channels, the next step is to send the ACT and CTS packets to deceive the attackers into thinking that they are causing damages in the systems. The authors argue that the detection, prevention, and mitigating algorithms can be applied to the commercial wireless routers and other wireless devices such as laptops and smartphones. The strategies can provide an extra layer of security against Dos attacks. Moreover, the algorithms are compatible with IEEE 802.11 standards. The algorithms also allow the trusted users to join the wireless network without a fear of Dos attacks.

"Chapter XXXI Denial-of-Service (Dos) Attacks: Prevention, Intrusion Detection, and Mitigation. IRMA-International.org." (Disterer, Alles, & Hervatin, 2008 p 1).

Disterer, Alles, & Hervatin, (2008) in their research article discuss the strategy that can be employed in detecting, preventing and mitigating Dos attack. The authors argue that Dos attacks have become major threats in a business environment, and the goal of the attack on websites is to block legitimate users from accessing the network services. A method employed to harm websites is by manipulating the target servers or target networks preventing them from performing the legitimate functions and ultimately shut down the network resources. The attackers can also attempt to deplete the resources that include memory, bandwidth, and processing capacity.

Disterer, Alles, & Hervatin, (2008) argue that detection, prevention, mitigation are the strategies against the Dos attacks. The prevention strategies are as follows: First, users should encrypt communication, and data transmitted through Telnet, SMTP, and FTP to prevent unauthorized access to data. Since unencrypted data are sent in a clear text, attackers can take this advantage to installing the malicious code in the systems. Moreover, attackers can spy the users' passwords using the sniffer or malicious code to get access to the passwords. However, the attacks can be prevented using the Secure SSH and FTP. A system administrator can also reduce the threat of DDoS attacks by installing updates constantly because the installation of new updates is necessary to prevent potential attackers taking advantages of security loopholes and install the malicious code in the systems.

Disterer, Alles, & Hervatin, (2008) also recommend that network administrators should scan the corporate networks to detect eventual security holes. The intrusion detection system is also very important to minimize loss, and corporate organizations should monitor their systems to detect eventual intrusion. The corporate administrator should constantly scan their network traffics to detect the anomalies in the hosts. The host-based IDS (intrusion detection system) should be also carried out to analyze the system log files. Moreover, the sniffer software should be installed on the network device such as firewalls, routers, web servers, and load balancers to prevent unwanted traffic in the system.

Disterer, Alles, & Hervatin, (2008) recommends different mitigation strategies for the routers, web servers, and workstations against the Dos attacks. The system administrator should configure the wed servers to discard the SYN requests to filter out the unwanted traffics. Moreover, the administrator should add additional…

Continue Reading...
Sources used in this document:
Reference

Black, P.E. Fong, E. Okun, V. et al.(2007). Software Assurance Tools: Web Application Security Scanner Functional Specification Version 1.0. NIST. Special Publication 500-269.

Chang, J. Venkatasubramanian, K.K. West A.G.et al. (2013). Analyzing and Defending Against Web-based Malware. ACM Computing Survey. 14(9) No 4.

Disterer, G. Alles, A. & Hervatin, A. (2008). Chapter XXXI Denial-of-Service (Dos) Attacks: Prevention, Intrusion Detection, and Mitigation. IRMA-International.org.

Han, D., Shen, W., Duong, T.Q., et al. (2014). A proposed security scheme against Denial of Service attacks in cluster-based wireless sensor networks. Security Comm. Networks. 7:2542 -- 2554
Cite this Document:
Copy Bibliography Citation

Related Documents

Essay
Sainsbury's Business Environment Mission, Vision, Objectives, Goals...
Words: 3320 Length: 10 Document Type: Essay

Sainsbury's Business Environment Mission, vision, objectives, goals and core competence Sainsbury's chain of supermarkets is the leading store of food retailing in Britain. A single store offers approximately thirty-two thousand varieties of products among them fresh produce and own brand comprising of fifty percent total products. A variety of grocery products and quality foods are sold by the chain of supermarkets. Additionally, they offer other services and products such as petrol stations,

Read More
Essay
Torts and the Business Environment
Words: 580 Length: 2 Document Type: Essay

Shedd, P. Morehead, J. & Pagnattaro, M. 2008). The Court however, in absence of any special relationship between Burger King and Iannelli does use the Walls case to highlight "particular circumstances which can give rise to such duty" (Reed, O. Shedd, P. Morehead, J. & Pagnattaro, M. 2008). In deciding the case in favor of the plaintiffs, the court indicates that it was the duty of the Burger King establishment

Read More
Essay
International Business Environment of India
Words: 2971 Length: 9 Document Type: Research Paper

D.). Socio-Cultural Environment Home to the world's tenth largest economy and second largest population, India defies swift generalization. It includes a vast range of developmental situations, cultures, languages, and climates. The country remains largely rural, with just 26% of its people living in cities. Yet in 1995 it had over 30 cities of one million or more residents, including three of the world's 20 largest cities -- Bombay, Calcutta, and Delhi --

Read More
Essay
Economy -Srm Today's Business Environment
Words: 1617 Length: 5 Document Type: Essay

The successful firms have the war chest, and often this was acquired through strong long-term planning. Thus, successful firms have the ability to build upon that success during economic downturns, which sets them up to be in an even stronger position when the next downturn strikes. Works Cited: Becton, B., & Schraeder, M. (2009, January). Strategic Human Resources Management. Journal for Quality & Participation, 31(4), 11-18. Retrieved May 5, 2009, from

Read More
Essay
The Impact of Social Media on Today S Business Environment
Words: 4680 Length: 16 Document Type: Term Paper

Social Media and the Modern Business Environment The modern society has witnessed a phenomenon of ongoing and rapid growth in enhanced communication and interaction between people, especially through the Internet. Actually, the Internet has become the means for collaboration and resulted in the emergence of the social media concept and networking. The Internet has been characterized by the emergence of numerous social media networks that are increasingly used as the means

Read More
Essay
Business Risks -- Overview of the Risk
Words: 2459 Length: 8 Document Type: Essay

Business Risks -- Overview of the Risk Environment There are various types of business risks in the business environment, and these risks, of course, can differ from environment to environment depending on the type of business or organization. The severity and category of the risk also depends on the largeness of the organization and on various other factors, such as location, personality of employer, quantity of employees employed, and so forth

Read More

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now