Assignment First

加拿大论文代写:攻击威胁模型和分类

威胁可以定义为有可能损害或危及组织资产的事件。组织的资产是它所拥有的信息的资产。根据威胁建模:

  1. 必须确定资产。在这种情况下,资产是传递的信息和存储的数据。计算机、物理结构(如设备、存储介质、路由器等)被认为是物理资产(Denning, 1999)。
  2. 然后必须创建体系结构概述。这是第3节中的网络图。

3.然后必须创建网络的安全概要文件。在安全概要文件中,需要标识网络信任边界、数据流和入口点(Tipton & Krause, 2003)。在给定的网络中,网络内的信任边界可能比它与万维网连接的边界更宽松。入口点可能与html浏览器一样简单。

  1. 识别威胁:本案例识别出两种威胁,即拒绝服务攻击和未经授权的信息披露攻击。
  2. 文档威胁:必须用风险管理和缓解计划将威胁完整地文档化。

场景1:在Dos攻击的情况下,攻击者将从一个成功的入口点开始。它将是网络中的工作站。只有在完全控制了工作站之后,攻击者才会在网络中与服务器建立联系(可以是任何服务器,也可以是所有服务器)。拒绝服务攻击可能伴有信息窃取,也可能不伴有信息窃取。在正常情况下,攻击只会导致网络瘫痪,导致服务器向涉众提供关键信息服务。这让网络用户陷入混乱。

场景2:黑客设法入侵并进入网络,将获得他不应该获得的信息访问。另一种情况是,一名学生在不应该将自己的id或密码共享给网络的情况下,却不知情;导致第三方恶意用户获取他不应该拥有的信息。

加拿大论文代写 :攻击威胁模型和分类

A threat can be defined as an occurrence that has the potential to damage or compromise organization assets. The assets of the organization are that of the information it has. According to threat modeling:

  1. The assets have to be identified. In this case the assets are the information being passed and the data being stored. Computers, the physical architecture such as the equipment, the storage media the routers and more are considered as the physical assets (Denning, 1999).
  2. An architecture overview has to then be created. This is the network diagram in section 3.
  3. The security profile of the network must then be created. In the security profile, the network trust boundaries, the data flow and entry points are to be identified (Tipton & Krause, 2003). In the given network, the trust boundaries within the network might be more relaxed than the one where it connects with the World Wide Web. Entry points might be as simple as an html browser.
  4. Identify threats: Two threats have been identified in this case, which are the denial of service attacks and the unauthorized information disclosure attacks.
  5. Document threats: Threats have to be documented completely with a risk management and mitigation plan.
    Scenario 1: In the case of the Dos attacks, the attacker will start with one successful entry point. It would be a workstation in the network. Only after getting complete control over the workstation, the attacker would then establish contact with the server within the network (it could be any of the servers or all three of them). The denial of service attack may or may not be accompanied with the theft of information. In normal cases, the attack only brings down the network, bringing down critical information services from server to the stakeholders. This throws network users into chaos.
    Scenario 2: A hacker who manages to compromise and enter the network would gain information access that he is not supposed to get. An alternative scenario would be a student who unknowingly shares his id or password to the network when he is not supposed to; resulting in a third party malicious user gaining access to information he is not supposed to have.