Assignment Guidelines
Course Code: CS664
Course Title: Cyber Security Defense and Countermeasures
Subject:
You are requested to write review, survey or state-of-art article within the domain of course
textbook: “Corporate Computer Security”. You can pick any topic or subtopic within the
course subjects to build your article. Your article has to give an overview of existing
literature in a field, often identifying specific problems or issues and analyzing information
from available published work.
Notes:
1. Each group should send the title of its paper as well as a half-page-description of the
subject by Saturday of Week 3 (26/01/2019).
2. The template of the article can be found in below pages. Your article must obey the
template guidelines in precise manner.
3. Your article cannot go beyond 14 pages inclusive references.
4. At least, five of your references must to be from journal articles published in well
publishers’ databases; IEEE, Springer, Elsevier, Wiley and Taylor & Francis.
5. You must combine yourselves into a group of 2 students.
6. Submission deadline is Saturday of Week 9 (09/03/2019); by email to your respective
SEU instructor. The submission must be done by Corresponding Author.
7. You will have a 15-20 min presentation starting from Week 10. The group
presentation will be selected in random base.
1
Click and type the title of your article, only capitalize first word and proper nouns
First-name Surname1*, Second-name Surname2 and Third-name Surname3
Affiliation 1, Email address, University, City, Country
Affiliation 1, Email address, University, City, Country
3
Affiliation 1, Email address, University, City, Country
1
2
*Corresponding Author
ABSTRACT
An Abstract is required for every article; it should succinctly summarize the reason for the work, the main findings, and the
conclusions of the study. The abstract should be no longer than 250 words. Do not include artwork, tables, elaborate equations or
references to other parts of the article or to the reference listing at the end. The reason is that the Abstract should be
understandable in itself to be suitable for storage in textual information retrieval systems.
Keywords: Keyword_1; Keyword_2; Keyword_3; Keyword_4; Keyword_5
1. Introduction
We believe a template should help you, not hinder you, in
authoring your article. It should follow you in how you want
to write your article, not force you to fill in bits and pieces of
text. It should allow you to type any text, copy from previous
versions, or load an already existing plain text to be
formatted. You will therefore find no fill-in screens; you will
not need to remember shortcut keys, to use lists of styles,
bother about alignment, indents, fonts and point sizes. Just a
mouse-click at one of the menu options will give you the style
that you want.
The objective of this template is to enable you in an easy
way to style your article attractively. It should be emphasized,
however, that the final appearance of your article in print and
in electronic media will very likely vary to greater or lesser
extent from the presentation achieved in this Word®
document.
2.1. Article Size
The Manuscript should be prepared in English language by
using MS Word. Article can be up to 14 pages inclusive
references and abstract.
Supply some 3–5 keywords, separated with semicolons,
e.g., Azomethine ylide; Claisen rearrangement; Diels-Alder
cycloaddition; Enantioselective catalysis; Ionic liquid;
Metathesis; Microwave-assisted synthesis.
3. The main text
You will usually want to divide your article into
(numbered) sections. Headings should reflect the relative
importance of the sections. Your article can go beyond 4th
order heading.
Ensure that all tables, figures and schemes are cited in the
text in numerical order. Trade names should have an initial
capital letter, and trademark protection should be
acknowledged in the standard fashion, using the superscripted
characters for trademarks and registered trademarks
respectively. All measurements and data should be given in SI
(System International) units where possible, or other
internationally accepted units. Abbreviations should be used
consistently throughout the text, and all nonstandard
abbreviations should be defined on first usage. The
experimental information should be as concise as possible,
while containing all the information necessary to guarantee
reproducibility.
2. The first page
Naturally, your article should start with a concise and
informative title. Do not use abbreviations in title. Next, list
all authors with their first names or initials and surnames (in
that order). Indicate the author for correspondence. After
having listed all authors’ names, you should list their
respective affiliations. Link authors and affiliations using
superscript lower-case letters from the ‘Author Footnote
Symbols’ menu in the toolbar.
2
Figure 1. (a) Fairness index, (b) Average Fairness Index
Table 1. Table, version 1
Parameter
Slot time
ACK size
RTS size
CTS size
Data packet size
DIFS interval
SIFS interval
CWmin
CWmax
Bandwidth
Transport protocol
Value
20 μs
20 bytes
25 bytes
20 bytes
1000 bytes
40 μs
10 μs
31
1023
2 Mbps
UDP
Parameter
Slot time
ACK size
RTS size
CTS size
Data packet size
DIFS interval
SIFS interval
CWmin
CWmax
Bandwidth
Transport protocol
Value
20 μs
20 bytes
25 bytes
20 bytes
1000 bytes
40 μs
10 μs
31
1023
2 Mbps
UDP
3.1. Tables, figures and schemes
All citations of figure and tables in text must be in
numerical order. Citations to figures in text always carry the
word “Figure.”, “Table.” followed by the figure/table number.
You can choose to display figure/table through one column
(see Table 1, Figure 1) or across the page (see Table 2, Figure
2). Remember that we will always also need high-resolution
versions of your figures for printing in (i.e. TIFF) format.
Table 2. Table, version 2
Parameter
Slot time
ACK size
RTS size
CTS size
Data packet size
DIFS interval
Bandwidth
Transport protocol
Figure 2. Overload on GV and IV vehicles
Value
20 μs
20 bytes
25 bytes
20 bytes
1000 bytes
40 μs
2 Mbps
UDP
3.2. Lists
For tabular summations that do not deserve to be presented
as a table, lists are often used. Lists may be either numbered
or bulleted. Below you see examples of both.
1. The first entry in the list
2. The second entry
3. A subentry
4. The last entry
3
A bulleted list item
Another one
[4]
You can use the Bullets and Numbering options in the
‘Formatting’ toolbar of Word® to create lists. Note that you
should first block the whole list. A sublisting is coded using
the ‘Increase Indent’ (go to a sublevel of numbering) and
‘Decrease Indent’ (go to a higher level of numbering) buttons.
Basic format for journals:
[5] J. K. Author, “Name of article,” Abbrev. Title of Periodical, vol. x, no.
x, pp. xxx-xxx, Abbrev. Month, year.
Examples:
[6] J. U. Duncombe, “Infrared navigation—Part I: An assessment
of feasibility,” IEEE Trans. Electron Devices, vol. ED-11, no. 1, pp.
34–39, Jan. 1959.
[7] E. P. Wigner, “Theory of traveling-wave optical laser,” Phys. Rev.,
vol. 134, pp. A635–A646, Dec. 1965.
[8] E. H. Miller, “A note on reflector arrays,” IEEE Trans. Antennas
Propagat., to be published.
3.3. Equations
Equations within an article are numbered consecutively
from the beginning of the article to the end. All variables are
italic. (e.g., x, y, n). Function names and abbreviations are
Roman (sin, cos, sinc, sinh), as are units or unit abbreviations
(e.g., deg, Hz,) complete words (e.g., in, out), and
abbreviations of words (e.g., max, min), or acronyms (e.g.,
SNR).
You can type your equations and use the symbols in the
Word® equation editor or in MathType™. Using the ‘Insert
Equation’ option, you can create equations in the Word ®
equation editor, or if the MathType™ equation editor is
installed on your computer.
(empir,1.388Å) (theor,1.388Å)
(theor)cos
W.-K. Chen, Linear Networks and Systems. Belmont, CA:
Wadsworth, 1993, pp. 123–135.
Basic format for reports:
[9] J. K. Author, “Title of report,” Abbrev. Name of Co., City of Co.,
Abbrev. State, Rep. xxx, year.
Examples:
[10] E. E. Reber, R. L. Michell, and C. J. Carter, “Oxygen absorption in the
earth’s atmosphere,” Aerospace Corp., Los Angeles, CA, Tech. Rep.
TR-0200 (4230-46)-3, Nov. 1988.
[11] J. H. Davis and J. R. Cogdell, “Calibration program for the 16-foot
antenna,” Elect. Eng. Res. Lab., Univ. Texas, Austin, Tech. Memo.
NGL-006-69-3, Nov. 15, 1987.
Basic format for handbooks:
[12] Name of Manual/Handbook, x ed., Abbrev. Name of Co., City of Co.,
Abbrev. State, year, pp. xxx-xxx.
Examples:
[13] Transmission Systems for Communications, 3rd ed., Western Electric
Co., Winston-Salem, NC, 1985, pp. 44–60.
[14] Motorola Semiconductor Data Manual, Motorola Semiconductor
Products Inc., Phoenix, AZ, 1989.
(1)
Acknowledgments
Acknowledgments should be inserted at the end of the article,
before the references. When citing names within the
Acknowledgment, do not use Mr., Mrs., Ms., or Miss. List
first initial and last name only. Use the Dr. or Prof. title with
each name separately; do not use plural Drs. or Profs. with
lists of names.
Basic format for books (when available online):
[15] Author. (year, month day). Title. (edition) [Type of medium].
volume (issue). Available: site/path/file
Example:
[16] J. Jones. (1991, May 10). Networks. (2nd ed.) [Online]. Available:
http://www.atm.com
References
Basic format for journals (when available online):
[17] Author. (year, month). Title. Journal. [Type of medium]. volume
(issue), pages. Available: site/path/file
Example:
[18] R. J. Vidmar. (1992, Aug.). On the use of atmospheric plasmas as
electromagnetic reflectors. IEEE Trans. Plasma Sci. [Online].
21(3),
pp.
876–880.
Available:
http://www.halcyon.com/pub/journals/21ps03-vidmar
The journal uses the IEEE Template for references
formatting. References in the text should be indicated by
Arabic numerals that run consecutively through the article and
appear inside punctuation.
Authors should ensure that all references are cited in the
text and vice versa. Authors are expected to check the original
source reference for accuracy. See examples shown in the
References section. In text, refer simply to the reference
number. Do not use “Ref.”, “reference” or “Reference [3]
shows ....” use as demonstrated in [3], according to [4] and [69]. Please do not use automatic endnotes in Word, rather, type
the reference list at the end of the article using the
“References” style. The authors encourage using the
“EndNote” software to format and insert the references into
the article (http://endnote.com/). IEEE EndNote template can
be
downloaded
from
(http://endnote.com/downloads/template/ieee). Below is the
references formatting:
Basic format for articles presented at conferences (when available online):
[19] Author. (year, month). Title. Presented at Conference title. [Type
of Medium]. Available: site/path/file
Example:
[20] PROCESS Corp., MA. Intranets: Internet technologies deployed
behind the firewall for corporate productivity. Presented at
INET96
Annual
Meeting.
[Online].
Available:
http://home.process.com/Intranets/wp2.htp
Basic format for reports and handbooks (when available online):
[21] Author. (year, month). Title. Comp an y . C ity, State or
Country. [Type of Medium].Available: site/path/file
Example:
[22] S . L . T a l l e e n . ( 1 9 9 6 , A p r . ) . T h e I n t r a n e t A r c h i te c tu r e : M a n a g i n g i n f o r m a t i o n i n t h e n e w paradigm.
Amdahl
Corp.,
CA.
[Online].
Available:
http://www.amdahl.com/doc/products/bsg/intra/infra/html
Basic format for computer programs and electronic documents (when
available online).
Example:
[23] A. Harriman. (1993, June). Compendium of genealogical
software.
Humanist.
[Online].
Available
e-mail:
HUMANIST@NYVM.ORG Message: get GENEALOGY REPORT
Basic format for books:
[1] J. K. Author, “Title of chapter in the book,” in Title of His Published
Book, xth ed. City of Publisher, Country if not
[2] USA: Abbrev. of Publisher, year, ch. x, sec. x, pp. xxx–xxx.
Examples:
[3] G. O. Young, “Synthetic structure of industrial plastics,” in Plastics,
2nd ed., vol. 3, J. Peters, Ed. New York: McGraw-Hill, 1964,
pp. 15–64.
Basic format for patents (when available online):
4
[24] Name of the invention, by inventor’s name. (year, month day). Patent
Number [Type of medium]. Available: site/path/file
Example:
[25] Musical toothbrush with adjustable neck and mirror, by L.M.R. Brooks.
(1992, May 19). Patent D 326 189
[Online]. Available: NEXIS Library: LEXPAT File: DESIGN
Basic format for conference proceedings (published):
[26] J. K. Author, “Title of article,” in Abbreviated Name of Conf., City of
Conf., Abbrev. State (if given), year, pp. xxxxxx.
Example:
[27] D. B. Payne and J. R. Stern, “Wavelength-switched pas- sively coupled
single-mode optical network,” in Proc. IOOC-ECOC, 1985,
pp. 585–590.
Example for articles presented at conferences (unpublished):
[28] D. Ebehard and E. Voges, “Digital single sideband detection for
interferometric sensors,” presented at the 2nd Int. Conf. Optical Fiber
Sensors, Stuttgart, Germany, Jan. 2-5, 1984.
Basic format for patents:
[29] J. K. Author, “Title of patent,” U.S. Patent x xxx xxx, Abbrev. Month,
day, year.
Example:
[30] G. Brandli and M. Dick, “Alternating current fed power supply,”
U.S. Patent 4 084 217, Nov. 4, 1978.
Basic format for theses (M.S.) and dissertations (Ph.D.):
[31] J. K. Author, “Title of thesis,” M.S. thesis, Abbrev. Dept., Abbrev.
Univ., City of Univ., Abbrev. State, year.
[32] J. K. Author, “Title of dissertation,” Ph.D. dissertation, Abbrev. Dept.,
Abbrev. Univ., City of Univ., Abbrev. State, year.
Examples:
[33] J. O. Williams, “Narrow-band analyzer,” Ph.D. dissertation, Dept. Elect.
Eng., Harvard Univ., Cambridge, MA, 1993.
[34] N. Kawasaki, “Parametric study of thermal and chemical
nonequilibrium nozzle flow,” M.S. thesis, Dept. Electron. Eng., Osaka
Univ., Osaka, Japan, 1993.
Basic format for the most common types of unpublished references:
[35] J. K. Author, private communication, Abbrev. Month, year.
[36] J. K. Author, “Title of article,” unpublished.
[37] J. K. Author, “Title of article,” to be published.
Examples:
[38] A. Harrison, private communication, May 1995.
[39] B. Smith, “An approach to graphs of linear forms,” unpublished.
[40] A. Brahms, “Representation error for real numbers in binary computer
arithmetic,” IEEE Computer Group Repository, Article R-67-85.
Basic format for standards:
[41] Title of Standard, Standard number, date.
Examples:
[42] IEEE Criteria for Class IE Electric Systems, IEEE Standard 308, 1969.
[43] Letter Symbols for Quantities, ANSI Standard Y10.5-1968.
5
Running head: NETWORK HARDENING
1
Network hardening
Name
Institutional Affiliation
NETWORK HARDENING
2
Network Hardening
Network hardening refers to providing network security by reducing the surface of system
vulnerabilities. In the current world computers play a great role in serving as the central
component of information infrastructure. Protecting the network system against intrusions is
therefore is significant to the economy and national security. The scale of network intrusion has
been on the rise despite continued efforts of research and analysis of vulnerability and intrusion
detection.In the fight against network intrusion computer security analysts find themselves
behind the attackers in technology.For example Firewall can provide network security but it can
also be overtaken by experienced attackers.In developing network security against cyber attack
certain susceptibilities may see acceptable when considered individually. In some isolated cases
an intruder can infiltrate a well protected network through multistep intrusion. Multistep
intrusion is a series of steps of attacks that run sequentially in that the first step prepares
subsequent steps of attack.Intruders combine vulnerabilities to a multistep intrusion. Relying on
human analysts to identify such threats is error prone and renders the task of network hardening
as an art rather than a science.
Existing tools do not provide direct solutions to remove threats. They identify , analyze and
interprete risks rather than provide solutions for securing networks.Another key challenge that
exists to securing computer networks is the lack of an automated approach to generating
feasible solutions.Therefore in developing an effective automated network hardening technique
there is a need to establish a system that identifies the correlation between isolated
vulnerabilities and weaknesses.
Strategies of network hardening
How can we find potential enforceable solutions for preventing multistep intrusion targeting
critical network assets?
Use of attack graphs and application to network hardening
A number of tools are available for scanning network vulnerabilities include Nessus, Nmap,
Snort , Cisco security scanner, CyberCop , Computer Oracle and Password system.Attack graphs
are constructed by analyzing the interdependence between vulnerabilities that have been
identified in the target network
Network hardening techniques to generate hardening solutions comprising of satisfied conditions
which make the solutions more enforceable. The proposed automated solution takes into
consideration the dependencies between hardening decisions and employs a near optimal
approximation algorithm to scale linearly with the size of inputs whose performance are
validated experimentally.
NETWORK HARDENING
3
They reveal the threat by specifying possible classifications of channels used by attackers to
compromise networks. The limitation that exist in attack graphs is that they do not provide
solutions to the threat.Finding solutions by hand may often seem tedious especially for large and
less secure networks whose attack graphs are complex. It is also a nightmare because system
administrators find it difficult to identify incidents of attack because they are unaware of the
relationships among attacks. This paper therefore proposes a solution to automate the task of
hardening a network against multistep intrusions.This solution is more enforceable because
initial conditions can be disabled without removing the causes (Wang, Albanese & Jajodia, 2014).
Network hardening
Updating software and hardware
Password protection
Unnecessary protocols and services
Ports
Wireless security
Restricted network access
Due to extensive use of the internet services and emerging security threats most enterprise
networks deploy varieties of security devices for controlling access to their networks using
organizational security requirements. These requirements are becoming more fine grained where
access control depends on heterogeneous isolation patterns like access deny , trusted
communication and payload inspection. In providing network controls that restrict network
access is ConfigSynth an automated framework framework that generates network security
configurations by analyzing various security designs to provide optimal solutions. The main
alternative designs includes different kinds of isolation patterns for traffic flows in different
segments of the network. ConfigSynth takes security requirements and business constrains along
with the network topology as inputs.It then synthesizes optimal cost effective security
configurations satisfying the constraints . it allows placing of of different security devices in the
network according to a given topology.Configsynth uses satisfiability modulo theories for
modeling this synthesis problems (Rahman & Al-Shaer, 2013).
References
Wang, L., Albanese, M., & Jajodia, S. (2014). Introduction. Network Hardening, 1-4. doi: 10.1007/978-3319-04612-9_1
NETWORK HARDENING
4
Rahman, M., & Al-Shaer, E. (2013). A Formal Framework for Network Security Design Synthesis. 2013
IEEE 33Rd International Conference On Distributed Computing Systems. doi: 10.1109/icdcs.2013.70
Purchase answer to see full
attachment