Security attacks on information systems occur all the time and pertain to every aspect of the attacked system. In other

Security attacks on information systems occur all the time and pertain to every aspect of the attacked system. In other words the attacks are directed against all components of a system. The attackers look for the weakest links in each component and using various tools exploit the potential vulnerabilities. The first step in establishing a secure information system is to consider the potential threats and the corresponding attacks. Next, the risk or the probability of a threat to cause damage to an asset should be evaluated. Once the threat definition and risk analysis are performed, the appropriate solution of defense can be devised.
In this paper, we will focus on typical attacks in the
Internet affecting confidentiality, integrity and availability. Read through Session 5 Lecture Notes, and become familiar with the issues of vulnerabilities. attacks and countermeasures at different layers.
We will focus on typical attacks in the
Internet affecting confidentiality, integrity and availability mainly on the lower four layers: Layer 1, Physical; Layer 2, Data Link; Layer 3, Network; and Layer 4, Transport. For example, in the link layer, there is ARP spoofing and man-in-the-middle attacks. In the IP layer, there is packet sniffing. In the transport layer, there is the SYN flood attack causing Denial of Service.
Assignment:
Your boss is asking each engineer from all departments to come up with the one or two sources of network threats and attacks you consider the most critical and why (mainly on the lower four layers: Layer 1, Physical; Layer 2, Data Link; Layer 3, Network; and Layer 4, Transport). He wants you to be able to fit your thoughts on an index card. He does not care if the same problem is addressed from several points of view or if you address a very specific threat of the day or one from the past that could come back. You are also asked to have an opinion about the potential risks of such threats and attacks.
Hint: Pick one layer and describe typical attacks in that layer and the controls that are employed in the layer to minimize the attack or vulnerability that leads to the attack. Be as complete as possible and cite your reference materials in your response. You may create a new topic for your response or respond to someones topics expanding upon it or challenging it. We have not talked much about the physical layer. In physical layer, for example, an attacker can cut a cable or jam a wireless signal affecting availability or wiretap affecting confidentiality. You need to dig up sources on the physical layer security.
Due June 19th
OERs:
ARP Spoofing
Arora, H. (2012). TCP/IP Attacks – ARP Cache Poisoning Fundamentals Explained.
Retrieved from http://www.thegeekstuff.com/2012/01/arp-cache-poisoning.
IP Spoofing
Veracode. (n.d.). Spoofing Attack: IP, DNS & ARP. Retrieved from: http://www.veracode.com/security/spoofing-attack.
Session Hijacking
Kapoor. K.
(n.d.).
Session Hijacking
Exploiting TCP, UDP and HTTP Sessions. Retrieved from:
http://www.infosecwriters.com/text_resources/pdf/SKapoor_SessionHijacking.pdf
Man-in-the-Middle (MITM) Attacks
OWASP. (Last Update: 2015). . Man-in-the-Middle Attack.
Retrieved from: https://www.owasp.org/index.php/Man-in-the-middle_attack
Orange, L. (2014).
Top Four Best Practices to Avoid Man-in-the-Middle Attacks.
Retrieved from:
https://blogs.forcepoint.com/insights/top-four-best-practices-avoid-man-middle-attacks
DoS
PluralSight. (2009).
The PING of Death and Other DoS Network Attacks.Retrieved from: https://www.pluralsight.com/blog/it-ops/ping-of-death-and-dos-attacks.

 

"Looking for a Similar Assignment? Get Expert Help at an Amazing Discount!"

Connect with a professional writer in 5 simple steps

Please provide as many details about your writing struggle as possible

Academic level of your paper

Type of Paper

When is it due?

How many pages is this assigment?

Place Order