Sale!
Placeholder

An Investigation into security threats on the Internet and their prevention

10,000 3,000

Topic Description

SUMMARY/ABSTRACT 
This report is aimed at a small to medium sized company who has some kind of Internet presence or
has plans to go online in the future. The report highlights the many different security threats and
attacks that take place over the Internet and emphasizes the importance of taking security seriously. To
give a real picture of the various security attacks, published cases of these attacks and the effects they
cause are discussed. Security guidelines are also considered and a conclusion is drawn concerning the
amount of value they generate.

Chapter 1: Introduction………………………………………………………………………………….1
1.1 Statement of the Problem……………………………………………………………………………..1
1.2 Aim and Objectives………………………………………………………………………………….1
1.3 Methodology……..………………………………………………………………………………….2
1.4 Schedule….………………………………………………………………….………………………2
Chapter 2: Security Threats……………………………………………………………………………..4
2.1 Why is the Internet Insecure?………………………………………………………………………..4
2.2 Hacking and cyber-criminals…………………………………………………………………………4
2.3 Current Security Threats…………..…………………………………………………………………5
2.3.1 Malicious code (Viruses, Worms, Trojan horse)………………………………………………5
2.3.2 Tapping the Internet…..……………………………………………………………………….6
2.3.3 Spoofing…………….………………………………………………………………………….7
2.3.4 Denial of Service Attack……….………………………………………………………………7
2.3.5 Packet De-fragmentation Attack….……………………………………………………………8
2.3.6 Technological Attacks………………………………………………..……………………..…8
2.3.7 Non – Technological Attacks……………………..……………..…………………… .….….. 9
2.3.8 Summary……………………………………………………………………………………….9
2.4 Classification of Security Attacks………………………………………………………………….10
2.4.1 Comparison and Consideration of Frameworks………………………………………………10
2.5 Published Cases of Security Attacks……..…………………………………………………..……12
2.5.1 Case 1 – Ford and Experian authorisation attack…..…………………………………………12
2.5.2 Case 2 – Internet Denial of Service attack……………………………………………………13
2.5.3 Case 3 – Cisco system attack……….…………………………………………………………13
2.5.4 Case 4 – Malicious virus attack…….…………………………………………………………14
2.5.5 Case 5 – UK Travel firm fraud…………..……………………………………………………14
2.5.6 Case 6 – Sophisticated virus attack……………………………………………………………14
2.5.7 Classification of Cases……………………………………………………………………….15
Chapter 3: Preventing the Problem of Security Threats……………………………………………….17
3.1 Requirements of Security…………………………………………………………………………..17
3.2 Security Guidelines…………………………………………………………………………………18
3.2.1 Description of AEB guidelines……………………………………………………………….18
3.2.2 Description of Smart 421 guidelines…………..….…………………………………………19
CONTENTS
iv
3.3 Comparison of Guidelines……………………………………………………..…………………..20

Chapter 4: Evaluation of Guidelines.…………………………………………………………………..22
4.1 Value of Security Guidelines………………………………………………………………………22
4.2 AEB Guidelines….………………..………………………………………………………………..22
4.2.1 Case 1 – Ford and Experian authorisation attack…..…………………………………………22
4.2.2 Case 2 – Internet Denial of Service attack………………….…………………………………22
4.2.3 Case 3 – Cisco system attack……….………………………….……………………………..23
4.2.4 Case 4 – Malicious virus attack…….………………………….……………………………..23
4.2.5 Case 5 – UK Travel firm fraud…………..…………………….……………………………..23
4.2.6 Case 6 – Sophisticated virus attack…………………………….………………………..……24
4.3 Smart 421 Guidelines..………………………………………………………………………….….24
4.3.1 Case 1 – Ford and Experian authorisation attack…..…………….…………………………..24
4.3.2 Case 2 – Internet Denial of Service attack………………………….…………………………24
4.3.3 Case 3 – Cisco system attack……….……………………………….…………………………25
4.3.4 Case 4 – Malicious virus attack…….………………………………….……………………..25
4.3.5 Case 5 – UK Travel firm fraud…………..…………………………….………………………25
4.3.6 Case 6 – Sophisticated virus attack…………………………………….……………………..25
4.4 Summary……………………………………………………………………………………………25
Chapter 5: Conclusion……………………………………………………..…………………………..27

Bibliography……..…………………………………………………………………………………….28

Appendix A – Personal reflections on the project………………….………………………………….30
Appendix B – Project schedule………………….………………….………………………………….31
Appendix C – Revised project Schedule………..………………….………………………………….32
Tables
Figure 1: Summary of threats……………………………………………………………………………9
Figure 2: Stallings’s classification framework…………………………………………………………11
Figure 3: Whyte’s classification framework……………………………………………………………11
Figure 4: Classification of security attacks……………………………………………………………..15
Figure 5: Comparison of guidelines……………………………………………………………………21
Figure 6: Evaluation of Guidelines summary

GET COMPLETE PROJECT