1. Running head: INFORMATION SECURITY ATTACKS 1
Information Security Attacks
John Intindolo
ISSC461- IT Security: Countermeasures
American Public University
2. INFORMATION SECURITY ATTACKS 2
Abstract
Information Security is essential to everyone and anyone who owns a computer. The people who
rely on the Confidentiality, Integrity, and Availability (commonly referred to as the CIA Triad of
Network Security) vary from large to small and everyone in between. There could be an
organization with thousands of employees connected to a network over multiple locations to
handle their everyday business needs. Then again a much smaller network such as that of the
common family man who relies on his computer for budgeting expenses as well as keeping up
with friends and family (through social media websites like Facebook and Twitter) will also rely
on Information Security. The differences between those two are huge, but the common thing that
they share is the need to keep their information secure. Passwords, financial information,
customer contacts, credit card numbers, and files are among the things in need of protection.
Hackers want to get their hands on this data for a multitude of reasons that range from
destroying, seizing, exposing, disabling, stealing, or altering it. This is known as an Information
Security attack. There are many different ways that a hacker can choose to perform an attack, but
for the purpose of this paper some of the most common types will be discussed. The common
types of attack discussed in this paper are as follows: Denial-of-Service Attacks (DOS), Trojan
Horses, Worms, Logic Bombs, Buffer Overflow, as well as Attacks Performed by Hackers. These
attacks will be described for what they are, how they may be prevented from happening, and in
the event of one occurring how to mitigate their impact on an organization’s network.
3. INFORMATION SECURITY ATTACKS 3
Table of Contents
Information Security Attacks.......................................................................................................1
John Intindolo................................................................................................................................1
Abstract...........................................................................................................................................2
Introduction....................................................................................................................................4
What is Information Security?.....................................................................................................5
What is an Information Security Attack?...................................................................................5
Areas of Vulnerabilities...............................................................................................................5
Social Enginerring.................................................................................................................. 6
Mail Servers............................................................................................................................6
Improperly Configured Firewall.............................................................................................7
Filtering Routers..................................................................................................................... 7
Intercepted Data Transmited to Mail Servers.........................................................................8
Overlooked Security Vulnerabilites............................................................................................ 8
Patching................................................................................................................................... 8
Weak Passwords..................................................................................................................... 9
Mobile Devices.......................................................................................................................9
USB Flash Drives................................................................................................................. 10
Types of Attacks........................................................................................................................10
Denial-of-Service Attack.......................................................................................................10
Trojan Horses.........................................................................................................................11
Worms....................................................................................................................................12
Logic Bombs..........................................................................................................................12
Buffer Overflow.....................................................................................................................13
When a program or process attempts to store more data in a temporary data storage area (or
buffer) than it is intended to hold it is called a buffer overflow. The data that cannot fit into
a buffer will overflow into other buffers and corrupt or even overwrite the valid data within
them. This makes a buffer overflow an attack on the computer or network’s integrity. The
extra data may contain codes with instructions that the attacker designed to damage files,
change data, or give them access to confidential data...........................................................13
Prevention.....................................................................................................................................13
Denial-of-Service Attack...........................................................................................................13
Trojan Horses.............................................................................................................................14
Worms........................................................................................................................................14
Logic Bombs..............................................................................................................................14
Buffer Overflow.........................................................................................................................15
Mitigation.....................................................................................................................................15
Denial-of-Service Attack...........................................................................................................15
Trojan Horses.............................................................................................................................16
Worms........................................................................................................................................16
Logic Bombs..............................................................................................................................17
Conclusion....................................................................................................................................17
References.....................................................................................................................................19
4. INFORMATION SECURITY ATTACKS 4
Introduction
In today’s world almost everyone relies on computers in one way or another. A person
may use their computer to do a multitude of things including: paying bills, surfing the web,
balancing their finances, or staying connected with family and friends through social media
websites such as Twitter and Facebook. Businesses are also relying on computers and the Internet
to handle their day-to-day activities such as financial data, employee records, customer
information, sensitive company data, and inventory. The question that remains is how does one
protect all of this data? The answer to that is by using Information Security. Information Security
relies on careful and well-thought out planning from the Security Administration Team, and
without the co-operation of everyone connected to the network it will fail. That means security
procedures must be followed by anyone on the network, whether it be the CEO of the company
or a customer service representative. What is the reasoning behind an Information Security
attack?
Information Security attacks involve an attempt to destroy, expose, or alter information
and can be performed for a variety of reasons including the following: to steal valuable
information or data (such as customer information), steal financial information (such as credit card
and bank account numbers), sabotage network connectivity (to disrupt business operations), and
even to protest against an organizations beliefs. In fact, in 855 incidents of 174 million
compromised records, a recent study shows that protest was a motive in twenty-five percent of
attacks against large organizations (“3 New Things,” 2013, p. 4). There a many different types of
attacks that an attacker has at their disposal, but the most common will be discussed here. Those
include DoS attacks, Trojan Horses, Worms, Logic Bombs, and Buffer Overlow. In addition to
the attacks themselves the proper forms of prevention and mitigation will also be detailed.
5. INFORMATION SECURITY ATTACKS 5
What is Information Security?
Information Security is the practice of defending information from being accessed, used,
disclosed, modified, inspected, recorded, or destroyed by someone who is unauthorized to do so
(“Definition of information security,” 2012). In other words, Information Security can be
described as maintaining the Confidentiality, Integrity, and Availability (commonly referred to as
the CIA Triad) of an entire organization. Information Security is essential to businesses and home
users alike. In today’s world nearly everything and everyone is connected to the Internet is some
shape or form. An organization’s network going down due to an attack can be the difference in
the company sustaining business or faltering altogether. It is for this reason that information
security attacks are a huge threat to the CIA of an organization’s network. So what is an
Information Security attack?
What is an Information Security Attack?
An Information Security attack is any “attempt to destroy, expose, alter, disable, steal, or
gain unauthorized access to or make unauthorized use of an asset” (“Information technology-
security,” 2014, p.1). As stated earlier the world of today is one that relies heavily on computers
and the Internet. Technology is constantly evolving and that means that hackers are constantly
finding new ways to attack computers and networks as well. To perform an Information Security
attack, a hacker must first find a vulnerability. A vulnerability is a weakness within a product that
allows an attacker to compromise the CIA of said product. There are many different ways that an
attacker can discover a vulnerability. Knowing what they are and how to fix them will be key to
stopping a hacker from infiltrating the organization’s network.
Areas of Vulnerabilities
As stated earlier there are many different ways for a hacker to attack a system and many
places where networks can become vulnerable. By knowing the most common areas and types of
6. INFORMATION SECURITY ATTACKS 6
vulnerabilities an Information Systems Security Practitioner can secure them before they are able
to be exploited by a hacker. With that said the first area of vulnerability to speak of is social
engineering.
Social Enginerring.
Social Engineering is a technique used by hackers to gain information about an
organization that will help them gain access to the system. The term refers to a hacker
manipulating someone within an organization into doing something or giving information that will
divulge confidential information to the hacker. This approach essentially makes hackers using
social engineering tactics modern day con artists. Before hacking a computer network they will
use social engineering to hack into the mind of people within an organization that they have
targeted. The difference between the two according to Savitz & Teller is, “Hacking a system
requires knowledge of programming vulnerabilities, hacking the human mind requires a different
kind of knowledge – specifically, what types of e-mails or links is the victim most likely to click
on” (2012, p.40). The best way to guard against these types of attacks is keeping employees
informed of how hackers are targeting victims, and integrating that information into training
programs.
Mail Servers.
Mail Servers are another common target for hackers trying to obtain access to network
resources. Whenever connected to the Internet a company is at risk of being attacked. According
to Smith, “Given a typical TCP connection, the attacker may sniff its contents, insert or modify
data, or even hijack the connection completely” (2011, p. 687). The best defense against
connection-based attacks is through the use of SSL encryption. SSL encryption prevents attackers
from sniffing, connection hijacking, and (through authentication) even sites which deceive the
7. INFORMATION SECURITY ATTACKS 7
victim into thinking it is the mail server to steal login credentials. Another form of protection for
mail servers is for an Information Security Professional to ensure that the OS and e-mail
applications are both updated and have the latest security patches installed.
Improperly Configured Firewall.
Firewalls protect the computer network’s ports, and an improperly configured firewall can
allow a hacker to scan for vulnerabilities that can lead to an attack using port scanning tools such
as Nmap. In fact according to a Higgins, “Around 85 percent of the 100 network administrators
surveyed in Tufin Technologies’ 2011 Firewall Management report say that half of their firewall
rule changes eventually need to be fixed because of improper setup” (2011). The best way to
properly secure the firewall is through optimizing the firewall policy. This can be done with a
firewall analyzer which can do such things as automatically identify and remove unused rules and
objects, re-order rules based on the frequency of matched traffic, and consolidating similar rules
into one rule.
Filtering Routers.
A Filtering Router is also a common target of hackers who have aggressive SNMP
scanners and brute-force programs that when successfully attacked can easily turn the router into
a bridge that will allow the hacker unauthorized access to the organization’s network
(“Techniques adopted by,” 1998). Stopping a hacker from network mapping can be done by
installing TCP wrappers on all external hosts. What this does is ensure that only trusted parties
are able connected to the network’s hosts’ critical ports such as ftp, telnet, ssh, etc.
8. INFORMATION SECURITY ATTACKS 8
Intercepted Data Transmited to Mail Servers.
Data that is transmitted over the company’s network to mail servers provides a “bull’s
eye” target for hackers and can be easily intercepted. Hackers can use a victim’s e-mail to look
for passwords sent, or other sensitive data transmitted. However, it may not be what is in an e-
mail message that a hacker wants to see, but rather it is the victim’s login credentials that they
may want instead. This can be done through social engineering that was outlined earlier. The best
practice for secure e-mail transmission is to use encryption. One such program that provides e-
mail encryption is Symantec which is more commonly known by its former name PGP Encryption.
Symantec’s Gateway Email Encryption secures email without having to burden its users with
automatic encryption and decryption of sensitive email, provides multiple flexible options for
email delivery, and centralizes administration of encryption policies and management which
reduces implementation time (“Symantec gateway email,” 2014).
Overlooked Security Vulnerabilites
Network security is “the control of unwanted intrusion into, use of, or damage to
communications on your organization’s computer network” (Stewart, 2011, p.4). The concept
itself seems easy enough, but when actually putting the idea into practice things can get much
more complicated. With that said, sometimes when securing a network certain things get
overlooked that can lead an attack. The first network security vulnerability that is overlooked is
patching.
Patching.
Patching is the process of updating a computer program or its supporting data, fixing bugs
and security vulnerabilities, and improving the overall performance or usability of programs. An
attacker will have an easier time attacking a security vulnerability that exists in software that is not
9. INFORMATION SECURITY ATTACKS 9
updated with the latest patches. In fact, all it takes is for a single missing patch or
misconfiguration of software for an attacker to bring down the entire network (Buris, 2013, p.
19). The two items that need to be patched are software and the operating system itself. One
reason that many overlook this vulnerability in relation to software is because they require manual
patching (unlike the automated patching systems which secure the OS). Another common mistake
made is failing to reboot the system following the employment of a patch. The patch is not fully
installed until a system reboot takes place, which makes doing so extremely important. The best
way to make sure that the company’s patching process is working as intended is to perform
penetration tests (which can search for misconfigurations and missing patches) on a regular basis.
Weak Passwords.
Another common vulnerability is the use of weak passwords. Weak passwords make an
attacker’s life easy, so common things such as birthdays, anniversary, children’s names, etc.
should be avoided at all costs. Instead strong hard to guess passwords should be used combining
a mixture of upper and lower case letters, numbers, and characters. Furthermore, it is important to
regularly change the password as well.
Mobile Devices.
Mobile devices are yet another common vulnerability existing in Information Security
today. One of the reasons for this is because they often do not have passwords enabled.
Additionally files and sensitive data stored on mobile devices should also be encrypted. Two-
factor authentication should always be used when conducting sensitive transactions on mobile
devices as well. A two-factor authentication is more secure than just simply using a password, and
is recommended because a password could be guessed, stolen, or eavesdropped by an attacker.
Having a second form of authentication will make it more difficult for the attacker to gain
10. INFORMATION SECURITY ATTACKS
10
unauthorized access to the mobile device. Two-factor authentication refers to two different
“factors” of something the user knows, has, or is being required to authenticate. According to
Fineburg, “Installing tracking and/or remote-wipe software in the event devices are misplaced,
and end user training” are some other security measures that can help to protect against this
security vulnerability(2012, p.26).
USB Flash Drives.
USB flash drives are the last vulnerability in this piece. This vulnerability is overlooked so
much that a USB flash drive carrying an attack program was able to perform an attack inside of a
classified U.S. Military network. An attack on U.S. military systems in 2008 originated with a
flash drive plugged into a military computer located in the Middle East (Lemos, 2010). USB flash
drives present a vulnerability that could lead to a buffer-overflow attack and enable an attacker to
bypass Windows security and obtain administrative access to a user’s computer. The best way to
secure this vulnerability is by only allowing the use of USB flash drives that are encrypted and
password-protected. Additionally software should be used that allows administrators access
control over removable media devices (such as USB flash drives).
Types of Attacks
As mentioned previously, there a many different ways that an attacker can attack a system,
but only the most common are going to be discussed here. Not only are these attacks the most
common, but any and all of them could be a massive threat to the CIA of an organization’s
network.
Denial-of-Service Attack.
Denial of Service or DoS attacks are not only one of the most common attacks, but they
are perhaps the most devastating as well. The purpose behind a DoS attack is to deny the victim
11. INFORMATION SECURITY ATTACKS
11
access to authorized services or data. The two different categories of DoS attacks are those that
crash services and those that flood services. Flooding attacks are used to overload a system or
application by sending too many requests than the server or application can handle, thus causing it
to crash. Blocked access could be the result of an attacker exploiting a vulnerability in an
application which would then cause it to crash, preventing access requests from getting to the
server, or for manipulating access data control (Pleeger, 2012, p. 603).
An example of a DoS attack would be a ping flood which floods the server with
thousands of ping packets and causes the victim’s server to crash when it can no longer handle the
amount of requests. Another form is a Distributed Denial of Service (DDoS) attack which is the
same as a DoS except it uses many computers and Internet connection or a botnet to perform the
attack rather than just one. In the case of a DDoS it is impossible to stop a serious DDoS, but
there are ways to lessen its damage.
Trojan Horses.
A Trojan Horse is type of malware program containing malicious code that is designed to
trick the victim into believing it is something it is not, and once the victim’s computer has become
infected it will carry out whatever action it was designed to perform. An example of this is an e-
mail attachment that appears to be from a trustworthy source. In most cases a Trojan Horse
infection will cause the data to become lost, stolen, or the system itself may become unstable
(freezing, blue screen errors, etc.). Another role that a Trojan Horse may play is that it may act as
a backdoor for the attacker, which allows the attacker to gain unauthorized access to the victim’s
computer without their knowledge. The name itself is derived from Greek mythology where a
wooden horse with Greek soldiers hidden inside was used to deceive the people of Troy that the
12. INFORMATION SECURITY ATTACKS
12
Greek army had admitted defeat. At night however, the hidden soldiers came out of the wooden
horse opened the gates and allowed the rest of the Greek army to enter, and in turn win the war.
Worms.
A worm is a standalone malware computer program that continuously replicates itself to
spread to other computers. Security vulnerabilities are exploited on the victim’s computer and a
worm relies on this to spread itself throughout the network. While many worms are designed to
only spread without changing the systems they pass through, they can cause a disruption in
availability due to the increased network traffic. Typically a worm is installed inadvertently by a
victim who opens an email attachment or a message with executable scripts.
Logic Bombs.
A logic bomb is a line of code within a system or a piece of malware which triggers
malicious behavior when a specified condition has met. For example, a logic bomb will go off
when the amount of time the attacker set has been met. Another example would be that an
attacker would have a logic bomb set to trigger when a victim does not respond to a command.
Typically this is an insider attack performed by a privileged user who knows what security
controls need to be bypassed so that it may go undetected until detonation.
13. INFORMATION SECURITY ATTACKS
13
Buffer Overflow.
When a program or process attempts to store more data in a temporary data storage area
(or buffer) than it is intended to hold it is called a buffer overflow. The data that cannot fit into a
buffer will overflow into other buffers and corrupt or even overwrite the valid data within them.
This makes a buffer overflow an attack on the computer or network’s integrity. The extra data
may contain codes with instructions that the attacker designed to damage files, change data, or
give them access to confidential data.
Prevention
Prevention is one way to fight against these attacks. If the proper security measures are
taken then it is possible that the attack never occurs. At least that holds true in most cases.
However, no network is completely secure from an attack, and if an attacker wants to attack you
they will find a way in. While it is not possible to completely prevent every attack from happening,
taking extra security measures may just force the attacker focus on an easier target. Your network
does not have to be the most secure, only more secure than those around it.
Denial-of-Service Attack
A DoS attack can is hard to prevent, but the best way may be follow several practices.
These practices will help to stop an attack from happening again. Keeping an audit trail describing
changes and their reasons for changing, a list of Standard Operating Procedures and Emergency
Operating Procedures, having administrators know and understand network configuration in
detail, perform test not just locally but over the Internet as well (to simulate customer activity and
allow you find network problems from the customers perspective), train personnel on old
configurations and their purpose when hired as well as during annual auditing, and finally think
14. INFORMATION SECURITY ATTACKS
14
like a hacker to discover where vulnerabilities exist in the network and can be corrected
(Cretzman & Weeks, 2014).
Trojan Horses
Trojan Horses often go undetected by common virus scanners, and that is why in addition
to a virus scanner being installed on each network computer an anti-malware program should be
installed. An anti-malware program such as Malwarebytes Anti-Malware will block a Trojan
Horse attempting to infect your PC before it has a chance to. Be sure to constantly update the
program as well because it will ensure that the program has the latest threat definitions installed.
Worms
Due to the fact that worms are installed from email attachments the best way to prevent a
worm attack is by never clicking on a link or opening an email attachment that you are unsure of
being from a trusted source. Another precaution to take is to make file extensions visible, which
expose double extensions files such a .jpg.exe. What this means is the picture file you thought you
were downloading is actually an executable program attempting to infect your network.
Additionally, anti-virus and anti-malware programs as mentioned previously will help as well.
Logic Bombs
The best methods for preventing logic bombs are performed in several ways. The first is
through having backups in place to aid in recovery of a security incident. This way a restore may
be performed to before the logic bomb was installed. Another method is through the use of
Separation of duties. This divides the tasks and privileges for specific security measures among
multiple people, and in turn reduces the ability of an attacker to perform a logic bomb attack.
Lastly, a great preventive method would be using a third party for system and log monitoring.
15. INFORMATION SECURITY ATTACKS
15
Careful review of system logs can determine if any changes have occurred or malicious software
has been added to the system.
Buffer Overflow
One good defensive technique for preventing buffer overflow attacks is through filtering
HTML code and characters that may cause problems with the database, and thus creates a
vulnerability that may be exploited. Another measure that could be take is to download SigFree
which is an online signature-free out-of-the-box application-layer method for blocking code-
injection buffer overflow attack messages” by targeting Internet services such as web service
(Wang, Pan, Liu & Zhu, 2008, p.1). Fixing security vulnerabilities will help put an end to buffer
overflow attacks occurring.
Mitigation
As previously stated, not every attack is preventable. There will be an instance where an
attack has occurred, and stopping the attack from spreading or becoming worse is integral to
maintaining the CIA of your network. Lessening the damage done could be the difference of a
business failing or succeeding (especially in this day and age where businesses rely on the
availability of their network for day to day business).That is where mitigation comes in.
Denial-of-Service Attack
In order to mitigate a DoS attack the first step is to scan packets with a monitoring tool. A
DoS Attack can be detected through the use of a packet monitoring tools such as Wireshark.
Wireshark capture lives traffic entering or exiting a specific port so that it may be analyzed.
Through the use of Access Control Lists (ACL) rules the damage of a DoS attack can be
minimized. Doing so will stop incoming traffic from the attacking network.
ACL are performed by entering rules into the router’s command line interface in the
following manner: “Conf t” which configures the terminal of the router, an “Access List” (with a
16. INFORMATION SECURITY ATTACKS
16
given number followed by the attackers ip address) is then created on the second line for a
specific router and its ports, the third line command is “Interface f0/1” which is used to enter that
specific interface to make necessary changes, and on the fourth the line the command “ip access-
group 1 in” is entered and invited to the interface f0/1 which denies all ip packets from the
attacker’s ip address (Sridhar, 2011, p. 19). The problem with this form of mitigation is that it
blocks all hosts from the server and not just the attackers. Another form that is used by most data
providers is called rate limiting. What this does is “places a cap or sets up a threshold limit of
traffic that the server would be able to stand” (Sridhar, 2011, p. 20). It does still allow traffic from
the attacking system to enter, so the best form of mitigation would be to use a combination of
ACL rules and rate limiting to oversee the traffic flow better.
Trojan Horses
Using an anti-spyware program such as the previously mentioned Malwarebytes will also
help in the event that a Trojan Horse has infected your network. It will scan for them and delete
them, or if it is not possible to be deleted it will be quarantined and logged to prevent any further
damage from being done.
Worms
Once a worm has been discovered there are certain steps that need to be taken in order to
remedy the situation. The procedures that should be followed are: Containment, Inoculation,
Quarantine, Treatment, and Planning (Kaya, 2010., p. 11). The first step is to contain the worm
so that it does not continue to replicate onto other systems within the network. Next is to patch
all systems to ensure that uninfected systems do not become infected. As Kaya explains, “The
quarantine phase involves finding each infected machine and disconnecting, removing, or blocking
them from the network” to prevent other unpatched machines on the network from being infected
(2010, p. 14). The next phase is the treatment phase which is cleaning and patching all infected
17. INFORMATION SECURITY ATTACKS
17
systems. Lastly, is the planning phase which should be a set of procedures to be followed to
minimize the extent of the attack, as well as detailed information on who has to do what in the
event of an attack occurring again.
Logic Bombs
Using system and log monitoring will enable you to detect when a logic bomb is installed.
Some forms of mitigation could be to first remove the affected host from the network until the
origin of the logic bomb is detected. From there you can remove it from the network. Another
possibility is to restore the affected host’s last backup, but in doing so verify that the bomb is no
longer there. If the bomb is on the backup as well it could restart the trigger or explode
immediately.
Conclusion
Information Security is important to anyone who owns a computer, no matter how
big or small their company or organization. Maintaining the CIA of the organization’s
network is vital to their success and in some cases even their ability to operate at all.
There are so many different types of attacks out there that hackers will use to try and
compromise the CIA of an organization, and therefore it is important to understand what
these attacks are and what purpose they serve.
Once the “what” and “why” of the attacks is understood, the next step is to
determine how to prevent an attack altogether. Lastly, since there is no full-proof security
plan it is vital to have a plan in place on how to mitigate an attack once it has taken place.
Understanding what the attack is, knowing how to prevent an attack, and knowing how to
mitigate the effects of an attack will help to ensure the CIA of the organization’s network.
19. INFORMATION SECURITY ATTACKS
19
References
(2014). Information technology- security techniques- information security management systems-
overview and vocabulary. (3rd ed.). Switzerland: ISO copyright office. Retrieved from
http://standards.iso.org/ittf/licence.html
3 New Things to Know About Information Security. (2013). Security Director's Report, 13(2), 4-
5.
Burris, J. (2013). Network Security: The What and How of Patching. New Jersey Banker, 18-19.
Cretzman, M., & Weeks, T. (2014). Best practices for preventing dos/denial of service attacks.
Retrieved from http://technet.microsoft.com/en-us/library/cc750213.aspx
Definiton of information security. (2012). Retrieved from http://oit.unlv.edu/network-and-
security/definition-information-security
Fineberg, S. (2012). Firms on high alert to boost security. Accounting Today, 26(1), 26-29.
Higgins, K. J. (2011). Survey: Half of firewall rules improperly configured. Retrieved from
http://www.darkreading.com/perimeter/survey-half-of-firewall-rules-
improperly/231903107?itc=edit_stub
Kaya, D. (2010). Mitigating worm attacks [PowerPoint slides]. Retrieved from
http://www.slideshare.net/dkaya/mitigating-worm-attacks
Lemos, R. (2010). Could usb flash drives be your enterprise's weakest link?. Retrieved from
http://www.darkreading.com/management/could-usb-flash-drives-be-your-
enterpris/227200081
References
20. INFORMATION SECURITY ATTACKS
20
Pleeger, Charles (2012). Analyzing Computer Security: A Threat / Vulnerability /
Countermeasure Approach. ISBN: 978-0-13-278946-2. Prentice Hall-Pearson
Publication.
Savitz, E., & Teller, T. (2012). Social Engineering: Hacking The Human Mind. Forbes.Com, 40.
Smith, R.E., PhD. (2011). Elementary Information Security. Burlington, MA: Jones & Bartlett
Learning.
Sridhar, S. (2011). Denial of service attacks and mitigation techniques: Real time
implementation with detailed analysis. The SANS Institute. Retrieved from
https://www.sans.org/reading-room/whitepapers/detection/denial-service-attacks-
mitigation-techniques-real-time-implementation-detailed-analysi-33764
Stewart, J. M. (2011). Network Security, Firewalls, and VPNs, Sudbury, MA: Jones and Bartlett
Learning – ISBN: 9780763791308
Symantec gateway email encryption. (2014). Retrieved from
http://buy.symantec.com/estore/categoryDetailPage/productCode/PGP-GEE-EXP-
LEM_Vx_12MO_PC/skuType/Product
Techniques adopted by 'system crackers' when attempting to break into corporate or sensitive
private networks. (1998). Retrieved from
http://stat.duke.edu/comp/security/antionline_doc.html
Wang, X., Pan, C., Liu, P., & Zhu, S. (2008). Sigfree: A signature-free buffer overflow attack
blocker. IEEE Transactions on Dependable and Secure Computing, 5(4), 1-15.