More Subjects
Mitigation Model For Awareness And Knowledge Of Employees Toward DDos Attacks
Mitigation Model for Awareness and Knowledge of Employees toward DDoS Attacks
[Name of the Student]
[Name of the Institution]
Abstract
Cybersecurity is an issue of high concern for organizations to maintain their security. They confront threats of DDoS attacks and need to develop solutions for dealing with such situations. Mitigation plans are developed by organizations to address issues involving risks. A risk management embedded mitigation model is required to be developed for successful loss reduction and efficiency increase of organizations towards DDoS attacks. These attacks are usually unintentionally facilitated by employees due to their ignorance of cyber threats. This calls for creating awareness and imparting knowledge in employees so that they can contribute towards defense against DDoS attacks. This paper reviews twelve scholarly articles entailing recent researches that provide adequate information about the current status of defense against cyber (especially DDoS) attacks, provide a solution for dealing with these threats, and propose an embedded mitigation model for creating awareness in employees towards the above-said threats.
Keywords: Embedded mitigation model, distributed denial-of-service attack, risk management, cybersecurity, employees' awareness, business continuity plan
Introduction
A DDoS attack, ‘Distributed Denial-of-Service’ attack is an attempt aimed at disrupting normal traffic of a server, network, or service that is targeted by overwhelming with an excessive flow of Internet traffic. These attacks are made effective by the use of various compromised computer systems, which serve as the sources of attack traffic in these malicious attempts. The target machines exploited through DDoS attacks include computers and other devices. A request is made to a server or a website that looks valid but it is malicious, or the server/website is flooded with excessive data to take it down. DDoS attacks are automated attacks that are concentrated as well, and they attempt to send a large number of requests to the target network so that it becomes useless. The process of DDoS attacks is completed by sending a huge amount of data packets to some target network, computer system, or device to at fast speed, and the target starts lagging partly or completely until it is completely down. In upscale DDoS attacks, a traffic jam is created by blocking the highway, which eventually prevents regular traffic from reaching the desired destination. DDoS mitigation is the process that is developed to protect a targeted network or server from a DDoS attack. To ensure protection from a DDoS attack, specialized network equipment needs to be designed, or cloud-based protection is required. This will provide resilience against the DDoS attacks, though it cannot prevent the attacks. In organizations, DDoS attacks become serious concerns as the information is usually confidential, and an employee's work can be disrupted to a great extent as a result of these attacks. These attacks are capable of causing much harm to businesses. They can make the function of servers and websites disruptive. The current study relates to selected peer-reviewed articles on risk mitigation against DDoS attacks, seeks insight and useful information for creating awareness and knowledge against DDoS attacks, assesses the ultimate contribution of employees’ awareness and knowledge in this issue, and provides a mitigation embedded model to remain protected against the DDoS attacks by activating speed and response time of their activity.
Theoretical Background
Risk mitigation is one of the many ways to deal with risk threats in risk management studies. Risk management involves different strategies to reduce or eliminate risks that have different implications, i.e., accept, avoid, reduce, or transfer strategies. The mitigation embedded model is used for creating awareness in employees by accelerating the implementation of regulated policies and technical procedures. It explains the process of IT service continuity planning and the way it impacts the transitioning to embedded policies and practices. Information security management involves procedures for creating awareness and knowledge of DDoS attacks. An embedded model for mitigating risks of DDoS attacks comprises different components: creating knowledge and awareness, implementing policies and principles, applying technical procedures, improving business service and request management, and establishing (IS) Management, service continuity, and service configuration.
Employees can contribute well towards reducing loss and increasing efficiency against DDoS attacks by understanding these attacks and following the instructions given by the management for this purpose. On the service providers’ end, the administrators should enroll in a DDoS protection service, which detects traffic flows that seem to be abnormal and drives traffic away from the organization’s network. The service providers will make a recovery plan against the disaster. This will ensure efficient and successful mitigation, communication, and recovery in case an attack occurs. To strengthen the security further, certain initiatives prove beneficial, such as installing antivirus software, installing a firewall and then configuring it to control the incoming traffic, and evaluating the security settings if they meet the requirements of protection against present DDoS attacks. The web server must be protected from being overwhelmed by the flood of requests. Filters need to be added to identify, detect, and drop information packets from potential sources of attacks. Half-open connections have to be timed out deliberately to ensure protection. Certain spoofed information or requests are received; these requests should be dropped for security purposes.
Since all sites available on the Internet depend on each other to some extent, the security or insecurity of a site can be affected by that of others. A remote attacker can plan the attack by implanting tools to control multiple systems and direct them for launching an attack. Understanding the way DDoS attacks are planned and executed is crucial for preventing intrusions by implementing a system of security. Certain non-technical and technical procedures are available with the advancement in technology to develop security against DDoS. A company should be in consistent contact with the service provider to implement state-of-the-art services related to continuity, configuration, and management of security and protection.
Literature Review Table
Sr #
Author + Year
Problem/Purpose
Questions
Methodology
Findings
Conclusion
Comment
1
(Epoh, 2018)
Assess damages caused by DDoS
What can be the methods to prevent damages caused by DDoS
Secondary research, mixed methodology
Mitigation is only effective when the detective and preventive methods are used simultaneously
Damages caused by DDoS can be mitigated by using detective and preventive measures.
The study indicates the need for robust technologies for cybersecurity.
2
(Burke, 2018)
Research the methods to prevent the IoT devices to become compromised for being used in DDoS attacks
1. Nature of IoT devices and their vulnerabilities
2. Attacks against IoT devices and ways to prevent those attacks
Secondary research based on the existing literature on the subject
Security can be assured by developing protection for devices at risk implementing certain protocols as attackers attack specific industries.
Devices at risk need protection for their vulnerability
The study ascertains that service providers should take responsibility for providing security.
3
(Liu, Cao, Zhu, & Ge, 2019)
Prevention services provided by ISPs are mostly non-deployable and privacy-invasive
How is it possible to create DDoS prevention services that can be effective in coping with real-time threats?
An empirical study to determine the problem precisely and provide a solution subsequently
Developing a solution in the form of ‘Umbrella’ that deals with the issues being addressed
Umbrella efficiently deals with the serious attacks on the networks
Umbrella has been proved to effectively mitigate DDoS attacks
4
(D’Cruze, Wang, Sbeit, & Ray, 2018)
Traditional approaches to address DDoS attacks have limitations; need arises for a successful approach
Identify modern more sophisticated threats of DDoS attacks and proposing an effective solution
Mixed methodology, reviewing the existing literature and developing a new solution using quantitative data
The proposed solution, software-defined networking model, is an efficient, effective, flexible, and automated.
The model proposed is more effective in mitigating the cyber threat.
The model is being used successfully at Verizon networks.
5
(Singh, Dumka, & Sharma, 2019)
Detect and prevent the DDoS attacks on a mobile ad-hoc network by comparing various tools and techniques
How various techniques used in DDoS attacks impact a mobile ad-hoc network?
Comparative analysis of the techniques used in DDoS attacks conducting secondary research
Techniques used to secure the channel offer different solutions but they all cater to the problem addressed partly
Security remains a concern to date in spite of the availability of various channel security techniques
Further research is needed to secure the channels completely
6
(Saharan & Gupta, 2019)
Make the underlying network intelligent in SDN (software-defined network) environments to prevent DDoS attacks
How DNS protocol vulnerabilities can be altered to protect the functioning of the service provider?
Propose a mitigation solution by using quantitative data to analyze the flexibility and programmability of SDN
SDNs provide the basis for developing mitigation solution that makes them secure against DDoS attacks
DDoS attacks can be prevented by eliminating vulnerabilities of the DNS protocol
Research yields positive results in the direction specified
7
(Dayanandam, Rao, Bujji Babu, & Nalini Durga, 2019)
Analyzing DDoS attacks and developing preventive measures against them
What are the major components of defense mechanisms and their implications related to DDoS?
Classifying DDoS attacks and addressing them with relevant defense mechanisms using the existing research and technology
The classification of DDoS attacks after identifying them using an intrusion detection system can reduce the mitigation risks
Introducing a mechanism that will defend DDoS attacks at the application layer and network layer.
Classifying the DDoS attacks helps to develop a specific mechanism for protection against them
8
(Bojović, Bašičević, Ocovaj, & Popović, 2019)
Detecting the DDoS attacks with the use of a hybrid detection method
Does a hybrid detection method prove to be more advantageous than others for DDoS detection?
Comparing the proposed method with two others that exist in the literature already
The proposed method is more productive than the two others
The approach used in this study is verified and credible in mitigating DDoS risks
A controlled DDoS experiment is dependable in the empirical study of DDoS attacks
9
Williams –Banta, 2019)
People are considered to contribute to the success of cyber-attacks, and they need to make aware of the issue and protection measures
What is the relationship between the knowledge of cybersecurity, awareness attitudes about security, and breaches of data in an organization, and their required investments
A mixed approach involving qualitative and quantitative methodologies, and sampling one hundred persons for the research
The research question comprising three different parts was answered by the research, establishing the relationship in the three scenarios
Organizations have to understand the knowledge, attitude, and behavior of employees regarding cybersecurity
Creating a balance in the variables discussed is helpful for organizations to improve their security controls
10
(Sumi, Dutta, & Sarker, 2019)
Many people are still unaware of the cyber-attacks and respective preventive measures
How can people be made aware of various cyber-attacks and what preventive measures need to be taken
Certain related and useful keywords were used to collect secondary data from the Web
Cyber-security is essential to protect data, networks, and systems from cyberattacks
Cybersecurity implemented effectively can mitigate the risks associated with data, individuals, or organization
People need much training and awareness to reduce risks of cyber-attacks
11
(Saxena & Dey, 2019)
Cloud users cannot identify easily the source of DDoS attacks
How much value is the use of a third-party auditor in DDoS prevention in cloud-computing?
Experimenting an auditor-based traceback approach that used Weibull distribution to analyze the source of DDoS attack
The identification factor resulted from the study was strong, and the traffic pattern generated alerts regarding the attacks
The cloud environment DDoS defense can be easily obtained by Weibull distribution and third-party auditor
The proposed solution is more contributing to the problem than other available methods
12
(Azeez et al., 2019)
Data related to all layers of the OSI model are susceptible to cyber-attacks and need to be protected
What device or system can be developed to monitor a network or system?
An intrusion detection and prevention system (IDPS) is suggested to detect vulnerabilities and enact preventive measures
The study provides several responsive techniques to support the firms to cope with the computer-related crimes
An IDPS can identify vulnerabilities in different channels of information distribution
This review on IDPS is the latest in this particular issue.
Research Questions
“How can we mitigate risks and reduce losses by increasing employees’ awareness and knowledge of the DDoS attacks, using a mitigation embedded model in business setups?”
“Do the two factors, speed and response time, involved in the embedded mitigation model reduce the impact of the DDoS attacks if activated?”
Methodology
Participants
This study is comparative research about a selection of twelve articles, which discuss the DDoS attacks and relevant preventive measures. It involves considering different scenarios where different samples have been chosen for research.
Materials
The study involves the use of the latest technologies to protect against cyber threats like DDoS attacks. Systems are supposed to have an improvement in the security tools embedded. Protocols are revised for the sake of enhanced protection. Materials required for increasing awareness among employees of organizations include brochures, training manuals, and IT tools and devices.
Design
The study involves latent variables as well as observed variables. The latent variables include assurance and efficiency, and system and resources. The observation variables include response time, speed, quality implementation, availability of resources, and awareness of employees. Among these observation variables, the response time and speed have to be activated so that the embedded model for mitigating DDoS attacks risks could be activated properly. The response time and speed relate to the requests made at the server or website. Activating these two variables would accelerate network efficiency.
Procedure
The embedded model will discuss the issues of service continuity, configuration, and request management. From the twelve peer-reviewed articles described above, the model is developed for addressing the threats of DDoS attacks. This model would be a part of the business continuity planning for increasing credibility. The model will be embedded in the organizations' processes to ensure the training and education of employees accordingly. It will transform the system to be secured and resistible against DDoS threats.
Results
Embedded risk mitigation model increases the chances of risk reduction in DDoS attacks because they make use of certain techniques related to IT. Activation of the required variables will enable this system to address the issue appropriately. People's awareness of the security threats has a direct correlation with the mitigation model embedded in the company, provided that the company will develop the cyber risk reduction system satisfactorily. The above-said reviewed articles suggest that the embedded model should entail elements of risk management techniques that have been developed in the IT industry for this purpose.
Discussion
The study demonstrates that techniques and tools used for mitigating risks of DDoS threats are not as up-to-date and competitive as they should be. The DDoS attackers are much more sophisticated and they are always engaged in developing new ways to breach data and intrude people's privacy. Organizations are not safe concerning their information, systems, and people. Employees are still in dire need of extensive training to be able to protect themselves from getting involved in cybercrimes.
Conclusion
DDoS attacks pose a major threat to organizations today. Systems, networks, and devices are not secured. The attackers have become much advanced in crafting new techniques to commit data breaches, restrict the use of devices and computers by the authorized users, and intruding the privacy of organizations and employees. An embedded mitigation model can reduce the risks of DDoS attacks to a considerable effect. However, much research and advancement are required by the organizations to cope with these attacks competitively.
Works Cited
Azeez, N. A., Bada, T. M., Misra, S., Adewumi, A., Van der Vyver, C., & Ahuja, R. (2019). Intrusion Detection and Prevention Systems: An Updated Review. In N. Sharma, A. Chakrabarti, & V. E. Balas (Eds.), Data Management, Analytics and Innovation (pp. 685–696). https://doi.org/10.1007/978-981-32-9949-8_48
Bojović, P. D., Bašičević, I., Ocovaj, S., & Popović, M. (2019). A practical approach to detection of distributed denial-of-service attacks using a hybrid detection method. Computers & Electrical Engineering, 73, 84–96. https://doi.org/10.1016/j.compeleceng.2018.11.004
D’Cruze, H., Wang, P., Sbeit, R. O., & Ray, A. (2018). A Software-Defined Networking (SDN) Approach to Mitigating DDoS Attacks. In S. Latifi (Ed.), Information Technology—New Generations (pp. 141–145). https://doi.org/10.1007/978-3-319-54978-1_19
Dayanandam, G., Rao, T. V., Bujji Babu, D., & Nalini Durga, S. (2019). DDoS Attacks—Analysis and Prevention. In H. S. Saini, R. Sayal, A. Govardhan, & R. Buyya (Eds.), Innovations in Computer Science and Engineering (pp. 1–10). https://doi.org/10.1007/978-981-10-8201-6_1
Epoh, J. C. E. (2018). Techniques for Detecting, Preventing and Mitigating Distributed Denial of Service (DDoS) Attacks. In S. Latifi (Ed.), Information Technology—New Generations (pp. 899–904). https://doi.org/10.1007/978-3-319-54978-1_113
Liu, Z., Cao, Y., Zhu, M., & Ge, W. (2019). Umbrella: Enabling ISPs to Offer Readily Deployable and Privacy-Preserving DDoS Prevention Services. IEEE Transactions on Information Forensics and Security, 14(4), 1098–1108. https://doi.org/10.1109/TIFS.2018.2870828
Preventing DDOS Attacks against IoT Devices—ProQuest. (2018). https://search.proquest.com/openview/43313d89a65f45ca5e88bc172814f461/1?pq-origsite=gscholar&cbl=18750&diss=y
Saharan, S., & Gupta, V. (2019). Prevention and Mitigation of DNS based DDoS attacks in SDN Environment. 2019 11th International Conference on Communication Systems Networks (COMSNETS), 571–573. https://doi.org/10.1109/COMSNETS.2019.8711258
Saxena, R., & Dey, S. (2019). DDoS prevention using third party auditor in cloud computing. Iran Journal of Computer Science, 2(4), 231–244. https://doi.org/10.1007/s42044-019-00039-w
Security Technology and Awareness Training; Do They Affect Behaviors and Thus Reduce Breaches? - ProQuest. (2019). https://search.proquest.com/openview/3f1fd392d91d530b6da929de3ac18273/1?pq-origsite=gscholar&cbl=18750&diss=y
Singh, N., Dumka, A., & Sharma, R. (2019). Comparative Analysis of Various Techniques of DDoS Attacks for Detection & Prevention and Their Impact in MANET. In M. Pant, T. K. Sharma, S. Basterrech, & C. Banerjee (Eds.), Performance Management of Integrated Systems and its Applications in Software Engineering (pp. 151–162). https://doi.org/10.1007/978-981-13-8253-6_14
Sumi, F. H., Dutta, L., & Sarker, F. (2019). A Review on Cyberattacks and Their Preventive Measures. International Journal of Cyber Research and Education (IJCRE), 1(2), 12–29. https://doi.org/10.4018/IJCRE.2019070102
More Subjects
Join our mailing list
© All Rights Reserved 2024