Intrusion Detection Systems: Retail-Based Cybercrime and the Importance of Security Point of Sales Endpoints Systems Retail-based cybercrime and the importance of security Point of Sales Endpoints Systems

The recent technological advances have resulted in increased dependability of network-based technology for everyday usage. Points of sales systems have also evolved, and they are now linked to the company's network, which makes them vulnerable to attacks. The number of attacks leveled against POS endpoints has increased steadily in recent times [1]. This is because they are mostly stand-alone and they are used to capture credit card information. The attackers are mostly interested in customer information for fraud or identity theft purposes. In order for POS systems to verify customer information and process credit cards, they need network connection. The network connection provided is dependent on the store. Large stores connect their POS systems to the internal network in order to simplify administration and reduce costs. The internal network will have access to internet connection, but at a different level. Therefore, the POS will need to get authorization from the firewall and router before it can receive or send out any information.

With the continual capture and processing of sensitive information by POS systems, there is increased possibility of attack. Cyber criminals are attracted by the possibility of acquiring large information and making a kill out of the information. A majority of the POS systems will have some mechanism for preventing unauthorized access like passwords, but other elements are available that make it hard to keep the attackers at bay. Network systems are more vulnerable and once an attacker gains access to a network they would manage to access all the nodes connected on that network.

Motivation for solving the problem

Securing point of sale systems is vital to ensure that customers can make purchases securely. To encourage more customers to use their credit cards, retail outlets need to provide the customers with a guarantee that their systems are secure. The problem of cybercrime has gained popularity in the recent times. The attackers are making use of system vulnerabilities that manufacturers are unaware of, thus catching customer's off guard. Encouraging retail outlets to safeguard their POS systems would ensure that the retailers are able to guard and protect customer data and information at all times. Using intrusion detection systems, a retailer is able to know whenever an attempt is made to access their systems. Cyber security is vital to ensure that economies grow, and businesses flourish. Current business trends lean towards networked systems, and if there is a threat to some systems, the advances made will result in failure. Protecting and providing retailers with a means of securing their systems would ensure that they could securely conduct transactions online.

If this project were successful, it would improve on the security of point of sales endpoints. The POS endpoints would have a secure method of checking the network before submitting any information. This way if there were any intrusion the POS would not submit the data. There is also a possibility of attackers using memory-scraping malware. This malware is used to scrap data from the memory of POS endpoints. To protect against this malware, the project would use intrusion detection systems and antivirus software that can scan and remove malware. The project would encourage and train retailers on how to protect their systems and guard against any attack.

Approach

The proposed approach is implementing an intrusion detection system that has the capability to incorporate both statistical analysis and expert system analysis. Combining both methods will ensure that any intrusion is easily identifiable and the security officer is notified. Attackers might be able to overcome one of the methods, but to overcome both would be difficult. Having definitions for both, normal and proper behavior guarantees that the system is able to monitor and keep track of all activity. Audit trails, and system logs will be used to record user activities. The logs are only accessible by the system admin and security officer. This adds security as a user cannot modify the logs. Statistical analysis experience and knowledge is vital in order to interpret correctly the data collected. The research will use the SPSS statistical program. The researcher does have access to the tools and possess the requisite expertise.

The proposed timeline for the project is three months. This timeline will allow the researcher to analyze different retail outlets and capture data on how they secure their systems. The initial deliverable for the project is the analysis of the statistical...

Analyzing the statistical analysis system would allow the researcher to gain knowledge on how the different retail stores have defined their normal behaviors. Each store will have its own definitions based on what they perceive as normal usage behavior. Understanding the different behaviors will ensure that the researcher identifies the common behaviors and is able to propose other behaviors in their research. The expert system deals with proper behavior definition. Proper behavior is concerned with how a person will use the system. Having defined what is considered as proper behavior, the expert system has the capability to determine when a user goes against the set behaviors. The expert system will analyze the users at different usage levels, and if a user is found to be copying or trying to access data they are not authorized it would alert the system admin. Researching on different retail outlets will provide the researcher with information on how each store has defined its proper behavior, and measures they have put in place to counter any threats. This way the researcher can understand how users can use their access privileges to perform illegal activities.
Goal

Planned activity

Expected results

Timeline

Literature review

Conduct library search for materials related to topic.

Review the research and identify materials to use.

Identify gaps within the research conducted.

Identify areas that need further research as identified by the previous researchers.

Two weeks

Statistical system analysis

Visit the identified retail outlets and analyze their system.

Conduct interviews with the key personnel.

Interview some of the system users.

Data regarding the system being used.

How the system has been implemented.

Security areas covered by the system

User friendliness of the system

Three weeks

Expert system analysis

Conduct in-depth analysis of the system.

Interview the system developers

Identify threat areas mitigated by the system.

Identify any actual threat that the system has managed to prevent.

Three weeks

Review of results

Enter the data gathered into the statistical program.

Analyze the results.

Develop a hypothesis based on the information derived from the data

Sensible information after the data has been processed.

Based on the information, the researcher is able to identify patterns shared by the retailers.

Three weeks

Report writing

Develop the report and accompanying charts

Finalized report

One week

Competition

There are numerous competitors all focusing on the capabilities of intrusion detection systems for the retail outlets. There is a survey conducted by Peyman Kabiri and Ali A. Ghorbani [2] that analyses the current trends in regards to intrusion detection systems. The researchers have also analyzed the tools employed by other researcher sin this field. Research conducted by Steven R. Snapp [3] focuses on the extent of intrusion detection systems to the whole network. They have not focused primarily on retail outlets, but rather on the whole network topology. After an attack on Target's POS system, there was extensive research conducted by the company and independent researchers. The research was aimed at establishing how the attack occurred and identify the vulnerabilities. Visa Company also conducted its own independent research and established that the attack was conducted via a malware referred to as Dexter. The researchers provided recommendation to all retail outlets and encouraged them to do a system vulnerability test.

The researches and journal articles are based on intrusion detection systems for networked systems. They are related to the project as they provide a foundation, which could be built upon during the research. The researches and surveys will assist during the research to identify the areas that one should focus when conducting the actual research. Focusing on the areas that they had omitted would ensure that the research does progress the work initiated. The journal article that analyses the attack on Target's computers is a revelation as it is very recent and would provide information on how a current attack could occur. This will enable the research to identify the areas to focus upon.

Benefits of the project

Demonstrating the usage of intrusion detection systems on a real retail outlet would demonstrate the benefits of the system to other retailers. POS systems are been used in many retail outlets, and the continual usage makes them vulnerable [4]. Conducting research on methods for protecting the systems is vital in preventing cyber criminals. Focusing on recent trends employed by the attackers ensures that the research is current, and retailers could employ the recommendations. The research will demonstrate that having compliant hardware and software does not guard a retailer against attack. Compliance is only a part of the overall security needed for the POS endpoints.

The solution proposed is unique as it encourages the application of two different methods for intrusion detection. Instead of having only one method, the proposal is to implement both statistical…