Date of Award
12-2017
Culminating Project Type
Starred Paper
Degree Name
Information Assurance: M.S.
Department
Information Assurance and Information Systems
College
Herberger School of Business
First Advisor
Dennis Guster
Second Advisor
Lynn Collen
Third Advisor
Kasi Balasubramanian
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.
Keywords and Subject Headings
cloud security, mobile application, real time attacks, dos, routing cache
Abstract
Cyber threat indicators that can be instantly shared in real-time may often be the only mitigating factor between preventing and succumbing to a cyber-attack. Detecting threats in cloud computing environment can be even more of a challenge given the dynamic and complex nature of hosts as well as the services running. Information security professionals have long relied on automated tools such as intrusion detection/prevention systems, SIEM (security information and event management), and vulnerability scanners to report system, application and architectural weaknesses. Although these mechanisms are widely accepted and considered effective at helping organizations stay more secure, each can also have unique limitations that can hinder in this regard. Therefore, in addition to utilizing these resources, a more proactive approach must be incorporated to bring to light possible attack vectors and hidden places where hackers may infiltrate.
This paper shares an insightful example of such lessor known attack vectors by closely examining a host routing table cache, which unveiled a great deal of information that went unrecognized by an intrusion detection system. Furthermore, the author researched and developed a robust mobile app tool that has a multitude of functions which can provide the information security community with a low-cost countermeasure that can be used in a variety of infrastructures (e.g. cloud, host-based etc.). The designed mobile app also illustrates how system administrators and other IT leaders can be alerted of brute force attacks and other rogue processes by quickly identifying and blocking the attacking IP addresses. Furthermore, it is an Android based application that also uses logs created by the Fail2Ban intrusion prevention framework for Linux. Additionally, the paper will also familiarize readers with indirect detection techniques, ways to tune and protect the routing cache, the impact of low and slow hacking techniques, as well as the need for mobile app management in a cloud.
Recommended Citation
Abdul, Raqeeb, "Enhancing Cloud Security by a Series of Mobile Applications That Provide Timely and Process Level Intervention of Real-Time Attacks" (2017). Culminating Projects in Information Assurance. 43.
https://repository.stcloudstate.edu/msia_etds/43
Comments/Acknowledgements
I am grateful to Dr. Dennis Guster for all the immense help I have received in the context of my starred paper. His guidance also led this paper win 2nd prize in Midwest instruction and computing symposium (MICS) 2016.