Assignment

OriginalityReport.pdf

Home >Computer Science homework help >Assignment

7/31/2019 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=3636c68c-c7d5-47fa-aec9-55d5e21fefcb… 1/6

%59

SafeAssign Originality Report Summer 2019 - Application Security (ISOL-534-50) (ISOL-534-51) - Co… • Research Paper Draft

%60Total Score: High riskMohana Manikanta Patibandla Submission UUID: b0317f21-9abe-93f4-c5de-fc07d553c09b

Total Number of Reports

1 Highest Match

60 % ResearchDraft.doc

Average Match

60 % Submitted on

07/12/19 07:32 PM EDT

Average Word Count

2,472 Highest: ResearchDraft.doc

%60Attachment 1

Institutional database (6)

Student paper Student paper Student paper

My paper Student paper My paper

Global database (2)

Student paper Student paper

Internet (2)

docplayer fortinet

Top sources (3)

Excluded sources (0)

View Originality Report - Old Design

Word Count: 2,472 ResearchDraft.doc

2 5 6

1 10 9

4 3

8 7

2 Student paper 5 Student paper 6 Student paper

Running head: RESEARCH DRAFT

RESEARCH DRAFT

The Research Draft

Mohana Manikanta Patibandla

University of Cumberland’s

Introduction

Fundamentally, an application firewall refers to a countersecurity measure whose aim is to limit access by an operating system’s applications. Earlier on, it is

imperative to note that the performance of a firewall was mainly about control of data flow to and from the CPU where it examined each data packed and determined whether it should be forwarded to a specific destination. Today, application firewalls are offering additional protection through controlling file execution or specific handling of data by software (Tøndel, Bartnes & Jaatun, 2014). It has been acclaimed that the best performance of a firewall is only realized if the user can configure it so as to define the ports through which unwanted data may enter or leave. Notably, though the firewalls may be configured that does not means that an intruder will not get past it which brings forth the major contention of this paper. Are application firewalls effective in upholding the security of applications in the event of a cyber- attack?

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport?attemptId=3636c68c-c7d5-47fa-aec9-55d5e21fefcb&course_id=_109656_1&download=true&includeDeleted=true&print=true&force=true

7/31/2019 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=3636c68c-c7d5-47fa-aec9-55d5e21fefcb… 2/6

The Background

A study carried out by Hannes Holm and Mathias Ekstedt (2013) to evaluate of the application firewalls’ efficiency in the event of an attack. Through use of

injection attacks, the researchers found out that the prevention rate is 80% in case that all measures have been put in place and only 25% if all the measures have not been employed. Measures included involving a professional in configuring the firewall, having a skilled operator monitoring the firewall, and whether a black box (automated one) had been employed in tuning the firewall. When all these measures have been put in place, the researchers found out that a prevention rate of 80% if normally recognized. This is an indicator that even when best practices are adopted, an intruder is still able to infiltrate a system which means that a firewall may not be an effective tool.

At the organizational level, it is imperative to note that a majority of small and mid-sized organizations do not have the required personnel when it comes to application firewalls. The companies only purchase the software from vendors, install them, and enable the detection mode. However, as earlier noted this is not enough as there is a need for configuration and turning which improves the performance of the firewalls. When this is not done, studies have shown that firewalls are easily bypassed and an organization may not quickly learn about an infiltration. This comes out as a major weakness as it means that configuration must be done by professionals who should also closely monitor a system. These are some of the best practices that are unlikely to be realized by most organizations.

Additionally, there are constantly evolving web applications which require customized application firewalls. Today, it is common to see even 1990s CGI scripts which are paired with AJAX applications which are in turn using third party APIs and web services in a cloud. This indicates the evolution and complexity of the application structure which requires firewalls that are as well complex and customized (Tøndel et al., 2014). However, most organizations do not adhere to this meaning that the current firewalls are vulnerable hence can easily be bypassed especially in this era of rampant cyber security incidents.

It is worth noting that though application firewalls are good at offering preventive security where they can prevent simple vectors such as SQL injections, they may not be able to keep out unknown application logic vulnerabilities. Such vulnerabilities normally require an in-depth understanding of application’s business logic (Tøndel et al., 2014). Today, there are a number of vendors that are trying to design firewalls that are using incremental rule-set hardened in pair with IP reputation as well as behavioral white-listing and machine learning in a bid to prevent applications from the logic vulnerabilities. However, these new designs have not proven effective as they are still bypassed. This is due to the fact that they must pass some complicated learning cycles which tend to take a longer time meaning they are not reliable enough.

In today’s application security, firewalls are no longer entirely effective in upholding the security of applications they must work in conjunction with other security features such as vulnerability scanners which enable easier scanning and identification of a particular threat. Additionally, it has been recommended that every organization should look for application firewalls that are easy to customize and those that are compatible with other security controls as a means of promoting the security level. More so, it is deemed best practices if an organization can hire experts such as IT professionals who will monitor a system for threats and also configure the system in the best manner. This indicates that though application firewalls are in use in various institutions and organizations, they are not as effective and should be paired with other security features.

This is considered a best approach especially when a business organization is at a higher risk of an attack such as banks and hospitals. The Problem Statement

It was earlier pointed out that an application firewall refers to a countermeasure that aims at limiting access to the system’s resources. Today, application firewalls are controlling file execution while also filtering data that enters or leaves a system. It is a traditional approach to system’s security, but there are wider concerns whether the firewalls are effective in ensuring the complete security of the system. Hannes Holm and Mathias Ekstedt (2013) while testing the effectiveness of application firewalls in the event of an attack determined that they were 80% effective when all measures have been met and 25% effective if all measures have not been met. The authors called for customization and configuration of the application firewalls in a bid to promote the security of the system’s resources, but 100% efficiency will still not be achieved. Why do organizations continue to employ application firewalls while they get less effective by the day? Currently, there are new forms of attacks that are encrypted and disguise themselves as legitimate traffic and are rarely detected by the application firewalls. More so, there are Denial-of-Service attacks that are able to send massive amounts of data disguised as legitimate data that make systems to crash. The application firewalls are not able to detect these types of attacks which puts their efficiency into question. The Literature Review

Examination of existing literature on performance of application firewalls indicated a number of aspects. The various authors have been looking into how different technologies promote the effectiveness of the application firewalls. It was clear that all the approaches have their flaws which prevent the firewalls from being 100% effective as looked into below. Manaseer and Al Hwaitat (2018) have looked into a new approach that is about a centralize web firewall system with the aim of promoting application security. The centralized system ought to detect and contain all the web application attacks through a centralized command system. In the event of an attack, the central command system distributes information on the attackers to all the clients connected to the system, including the IP addresses, the kind of an attack, and the time of an attack. These procedures are carried out as soon as the attack has been carried out in a bid to reduce the scale of harm that may be caused. When the clients have received the information, they will take the appropriate action, such as blocking the IP addresses and data associated with the addresses.

The model outlined above is deemed an effective one when it comes to detection of traditional forms of attacks such as phishing attacks. Majority of firewalls have been configured in a manner they are able to detect and contain nearly all traditional forms of attacks. However, there are newer forms of attacks where malware is encrypted and disguised as legitimate traffic that is rarely detected by the application firewalls (Razzaq, Latif, Ahmad, Hur, Anwar & Bloodsworth, 2014). The strength of the model outlined above lies in the ability to detect an attack. When an attack is not detected in a timely manner, the model will not promote the security of the system. This comes out as the major weakness of this approach. For it to be fully efficient, the detection which is usually automated must detect all the forms of attacks without failure.

Moradi, Teshnelab and Kashi (2019) praised the introduction of web 2.0 arguing that it has better approaches to the management of traffic, enabling firewalls to deal with malware in a much effective manner. The authors have noted that the introduction of the web 2.0 saw new attacks and application firewalls became a necessity. This new web saw the integration of machine learning where detection of anomalies is easier, especially in a situation where numerous web requests are being sent at ago. The authors have noted that the approach is regarded ineffective due to the fact that detection is mainly about traditional forms of attacks. The system has an automated detection system that will detect attacks and block them. This is done by application firewalls that are supposed to detect and contain threats before they can cause real harm to the system’s resources.

In essence, the authors praised the web 2.0 due to its new features against web application attacks. However, hacking tools are quickly evolving and so should the application firewalls that are being put in place. Most of the organizations do not update or reconfigure the firewalls frequently, which leave the system vulnerable to attacks (Rafique, Humayun, Gul & Abbas, 2015). An approach that does not allow for frequent reconfiguration of the firewalls may not be effective in dealing with new forms of attacks. The authors have ascertained that though web 2.0 had new technologies such as machine learning, the application firewalls employed do not timely

7/31/2019 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=3636c68c-c7d5-47fa-aec9-55d5e21fefcb… 3/6

Source Matches (30)

My paper 100% Student paper 100%

g g g, pp p y y detect the new forms of attacks being experienced today.

Han, Liu, and Fan (2018) state that information sharing and especially the Internet of Things have made web applications to be a target for hackers. They note that web applications have adopted what is commonly known as machine learning where web attacks are being detected and contained before real harm can be caused. Also, they have noted that the machine learning approach enables an analysis of HTTP packets before they can be allowed to leave or enter a system. This created preprocessing to be a requirement, introducing inefficiencies in the realization of rapid exchange of data between systems and devices. The authors have as well as noted that newer models and techniques are important in the realization of application security, but there is a need for more to be done. They have noted that there lacks a standard approach by organizations where some systems puts others at risk. For instance, the IoT devices which have an access to databases may have vulnerable application security meaning that a hacker may exploit them and gain an access to the device as well as the databases it accesses. This means that there is a need for adoption of a standardized approach which will ensure that all devices exchanging data have secure applications (Stewart, 2017). Though the authors have not proposed deployment of application firewalls, it is clear that they support use of such firewalls. They recommend application of latest application firewalls and avoidance of use of open source operating systems and applications. In so doing, the applications will have an enhanced level of application security. Discussion

From the literature above, it can be seen that the various approaches employed for application security are not effective. Organizations are still utilizing older models where the firewalls are supposed to detect attacks and prevent them from accessing the system. However, the hacking tools have continually evolved and the firewalls are not wholly effective. For instance, there are new forms of attacks that are encrypted and disguised as legitimate data. The majority of old firewall models may not be able to detect such attacks. This has continually lowered the efficiency of the application firewalls explaining why most high profile organizations have reported incidents.

Application firewalls as a countermeasure may not keep off all forms of attacks. They are usually configured in a manner that anticipates a form of an attack which limits their efficiency. If they are not configured to detect new forms of attacks, they will not detect them. This explains why it is recommended that organizations should focus on frequent reconfiguration of the firewalls as a security measure. Also, it is recommended that organizations should not have a centralized data system, but a fragmented one that lowers the risk of infiltration.

To address the inefficiencies of the application firewalls, the following measures need to be taken. First, they should be regularly reconfigured to enable them to detect new forms of attacks. This can be done once in every three months. Second, application firewalls should not be the only lines of defense. They should be

complemented by other measures such as end-to-end encryption of data being transmitted from one point to another. Third, organizations should avoid use of open source operating systems and applications as they have a higher susceptibility level. In essence, though application firewalls are important in upholding the security of the web applications they cannot achieve 100% efficiency and should be regularly reconfigured and supported by other practices such as encryption of data to improve the overall efficiency. Organizations should not rely on application firewalls for overall security of the system’s resources. References

Han, D., Liu, Q., & Fan, W., (2018). A new image classification method using CNN transfer learning and web data augmentation. Expert Systems with Applications,

95, pp. 43-56. doi: 10.1016/j.eswa.2017.11.028

Holm, H., & Ekstedt, M. (2013). Estimates on the effectiveness of web application firewalls against targeted attacks. Information Management & Computer

Security 21(4), 250-265. Manaseer, S., & Al Hwaitat, A. (2018). Centralized Web Application Firewall Security System. Modern Applied Science, 12(10), pp.164-

169. doi: 10.5539/mas.v12n10p164

Moradi Vartouni, A., Teshnehlab, M., & Sedighian Kashi, S. (2019). Leveraging deep neural networks for anomaly-based web application firewall. IET Information

Security. doi: 10.1049/iet-ifs.2018.5404

Rafique, S., Humayun, M., Gul, Z., & Abbas, A. (2015). Systematic Review of Web Application Security Vulnerabilities Detection Methods. Journal of Computer

and Communications 3(9), 28-40.

Razzaq, A., Latif, F., Ahmad, H. F., Hur, A., Anwar, Z., & Bloodsworth, P. C. (2014). Semantic security against web application attacks. Information Sciences 254(1),

19-38.

Stewart, J. M. (2017). Network Security, Firewalls, and VPNs. New York, NY: Jones & Bartlett Learning.

Tøndel, I. A., Bartnes, M., & Jaatun, M. G.

2 2

5 5

6 6

8 9 10

( 2014). Information security incident management: Current practice as reported in the literature. Computers & Security 45(1), 42-57.2

Student paper

Mohana Manikanta Patibandla

Original source

Mohana Manikanta Patibandla

Student paper

University of Cumberland’s

Original source

University of the Cumberland’s

7/31/2019 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=3636c68c-c7d5-47fa-aec9-55d5e21fefcb… 4/6

Student paper 100%

Student paper

Fundamentally, an application firewall refers to a countersecurity measure whose aim is to limit access by an operating system’s applications. Earlier on, it is imperative to note that the performance of a firewall was mainly about control of data flow to and from the CPU where it examined each data packed and determined whether it should be forwarded to a specific destination. Today, application firewalls are offering additional protection through controlling file execution or specific handling of data by software (Tøndel, Bartnes & Jaatun, 2014). It has been acclaimed that the best performance of a firewall is only realized if the user can configure it so as to define the ports through which unwanted data may enter or leave.

Original source

Fundamentally, an application firewall refers to a countersecurity measure whose aim is to limit access by an operating system’s applications Earlier on, it is imperative to note that the performance of a firewall was mainly about control of data flow to and from the CPU where it examined each data packed and determined whether it should be forwarded to a specific destination Today, application firewalls are offering additional protection through controlling file execution or specific handling of data by software (Tøndel, Bartnes & Jaatun, 2014) It has been acclaimed that the best performance of a firewall is only realized if the user can configure it so as to define the ports through which unwanted data may enter or leave

Student paper

Notably, though the firewalls may be configured that does not means that an intruder will not get past it which brings forth the major contention of this paper. Are application firewalls effective in upholding the security of applications in the event of a cyber-attack?

Original source

Notably, though the firewalls may be configured that does not means that an intruder will not get past it which brings forth the major contention of this paper Are application firewalls effective in upholding the security of applications in the event of a cyber-attack

Student paper

A study carried out by Hannes Holm and Mathias Ekstedt (2013) to evaluate of the application firewalls’ efficiency in the event of an attack. Through use of injection attacks, the researchers found out that the prevention rate is 80% in case that all measures have been put in place and only 25% if all the measures have not been employed. Measures included involving a professional in configuring the firewall, having a skilled operator monitoring the firewall, and whether a black box (automated one) had been employed in tuning the firewall. When all these measures have been put in place, the researchers found out that a prevention rate of 80% if normally recognized.

Original source

A study carried out by Hannes Holm and Mathias Ekstedt (2013) to evaluate of the application firewalls’ efficiency in the event of an attack Through use of injection attacks, the researchers found out that the prevention rate is 80% in case that all measures have been put in place and only 25% if all the measures have not been employed Measures included involving a professional in configuring the firewall, having a skilled operator monitoring the firewall, and whether a black box (automated one) had been employed in tuning the firewall When all these measures have been put in place, the researchers found out that a prevention rate of 80% if normally recognized

Student paper

This is an indicator that even when best practices are adopted, an intruder is still able to infiltrate a system which means that a firewall may not be an effective tool. At the organizational level, it is imperative to note that a majority of small and mid-sized organizations do not have the required personnel when it comes to application firewalls. The companies only purchase the software from vendors, install them, and enable the detection mode. However, as earlier noted this is not enough as there is a need for configuration and turning which improves the performance of the firewalls.

Original source

This is an indicator that even when best practices are adopted, an intruder is still able to infiltrate a system which means that a firewall may not be an effective tool At the organizational level, it is imperative to note that a majority of small and mid-sized organizations do not have the required personnel when it comes to application firewalls The companies only purchase the software from vendors, install them, and enable the detection mode However, as earlier noted this is not enough as there is a need for configuration and turning which improves the performance of the firewalls

Student paper

When this is not done, studies have shown that firewalls are easily bypassed and an organization may not quickly learn about an infiltration. This comes out as a major weakness as it means that configuration must be done by professionals who should also closely monitor a system. These are some of the best practices that are unlikely to be realized by most organizations. Additionally, there are constantly evolving web applications which require customized application firewalls.

Original source

When this is not done, studies have shown that firewalls are easily bypassed and an organization may not quickly learn about an infiltration This comes out as a major weakness as it means that configuration must be done by professionals who should also closely monitor a system These are some of the best practices that are unlikely to be realized by most organizations Additionally, there are constantly evolving web applications which require customized application firewalls

Student paper

Today, it is common to see even 1990s CGI scripts which are paired with AJAX applications which are in turn using third party APIs and web services in a cloud. This indicates the evolution and complexity of the application structure which requires firewalls that are as well complex and customized (Tøndel et al., 2014). However, most organizations do not adhere to this meaning that the current firewalls are vulnerable hence can easily be bypassed especially in this era of rampant cyber security incidents. It is worth noting that though application firewalls are good at offering preventive security where they can prevent simple vectors such as SQL injections, they may not be able to keep out unknown application logic vulnerabilities.

Original source

Today, it is common to see even 1990s CGI scripts which are paired with AJAX applications which are in turn using third party APIs and web services in a cloud This indicates the evolution and complexity of the application structure which requires firewalls that are as well complex and customized (Tøndel et al., 2014) However, most organizations do not adhere to this meaning that the current firewalls are vulnerable hence can easily be bypassed especially in this era of rampant cyber security incidents It is worth noting that though application firewalls are good at offering preventive security where they can prevent simple vectors such as SQL injections, they may not be able to keep out unknown application logic vulnerabilities

7/31/2019 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=3636c68c-c7d5-47fa-aec9-55d5e21fefcb… 5/6

Student paper 99%

Student paper 100%

Student paper 94%

Student paper 68%

Student paper 91%

Student paper 100%

Student paper 92%

Student paper 100%

Student paper

Such vulnerabilities normally require an in-depth understanding of application’s business logic (Tøndel et al., 2014). Today, there are a number of vendors that are trying to design firewalls that are using incremental rule-set hardened in pair with IP reputation as well as behavioral white-listing and machine learning in a bid to prevent applications from the logic vulnerabilities. However, these new designs have not proven effective as they are still bypassed. This is due to the fact that they must pass some complicated learning cycles which tend to take a longer time meaning they are not reliable enough.

Original source

Such vulnerabilities normally require an in-depth understanding of application’s business logic (Tøndel et al., 2014) Today, there are a number of vendors that are trying to design firewalls that are using incremental ruleset hardened in pair with IP reputation as well as behavioral white-listing and machine learning in a bid to prevent applications from the logic vulnerabilities However, these new designs have not proven effective as they are still bypassed This is due to the fact that they must pass some complicated learning cycles which tend to take a longer time meaning they are not reliable enough

Student paper

Original source

In today’s application security, firewalls are no longer entirely effective in upholding the security of applications they must work in conjunction with other security features such as vulnerability scanners which enable easier scanning and identification of a particular threat Additionally, it has been recommended that every organization should look for application firewalls that are easy to customize and those that are compatible with other security controls as a means of promoting the security level More so, it is deemed best practices if an organization can hire experts such as IT professionals who will monitor a system for threats and also configure the system in the best manner This indicates that though application firewalls are in use in various institutions and organizations, they are not as effective and should be paired with other security features

Student paper

This is considered a best approach especially when a business organization is at a higher risk of an attack such as banks and hospitals.

Original source

This is considered a best approach especially when a business organization is at a higher risk of an attack such as banks and hospitals

Student paper

The Literature Review

Original source

Review of Literature

Student paper

This can be done once in every three months.

Original source

This training can be done once every two or three months to cover all staff

Student paper

Han, D., Liu, Q., & Fan, W., (2018). A new image classification method using CNN transfer learning and web data augmentation. Expert Systems with Applications, 95, pp.

Original source

Han, D., Liu, Q., & Fan, W., (2018) A new image classification method using CNN transfer learning and web data augmentation Expert Systems With Applications, 95, 43-56

Student paper

10.1016/j.eswa.2017.11.028

Original source

10.1016/j.eswa.2017.11.028

Student paper

Holm, H., & Ekstedt, M.

Original source

Holm, H., & Ekstedt, M

Student paper

Estimates on the effectiveness of web application firewalls against targeted attacks. Information Management & Computer Security 21(4), 250-265.

Original source

Estimates on the effectiveness of web application firewalls against targeted attacks Information Management & Computer Security 21(4), 250-265

Student paper

Manaseer, S., & Al Hwaitat, A.

Original source

Manaseer, S., & Al Hwaitat, A

Student paper

Centralized Web Application Firewall Security System. Modern Applied Science, 12(10), pp.164-169.

Original source

Centralized Web Application Firewall Security System Modern Applied Science, 12(10), 164

Student paper

10.5539/mas.v12n10p164 Moradi Vartouni, A., Teshnehlab, M., & Sedighian Kashi, S.

Original source

10.5539/mas.v12n10p164 Moradi Vartouni, A., Teshnehlab, M., & Sedighian Kashi, S

Student paper

Leveraging deep neural networks for anomaly-based web application firewall. IET Information Security.

Original source

Leveraging deep neural networks for anomaly-based web application firewall IET Information Security

7/31/2019 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=3636c68c-c7d5-47fa-aec9-55d5e21fefcb… 6/6

Student paper 100%

Student paper 87%

fortinet 63%

docplayer 67%

My paper 100%

Student paper 66%

Student paper 100%

Student paper

10.1049/iet-ifs.2018.5404

Original source

10.1049/iet-ifs.2018.5404

Student paper

Rafique, S., Humayun, M., Gul, Z., & Abbas, A.

Original source

Rafique, S., Humayun, M., Gul, Z., Abbas, A., & Javed, H

Student paper

Systematic Review of Web Application Security Vulnerabilities Detection Methods. Journal of Computer and Communications 3(9), 28-40.

Original source

Systematic Review of Web Application Security Vulnerabilities Detection Methods Journal of Computer and Communications, 3(09), 28

Student paper

Semantic security against web application attacks.

Original source

Web Application Security

Student paper

Network Security, Firewalls, and VPNs.

Original source

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2

Student paper

New York, NY:

Original source

New York, NY

Student paper

Jones & Bartlett Learning.

Original source

Jones & Bartlett Publishers

Student paper

A., Bartnes, M., & Jaatun, M.

Original source

A., Bartnes, M., & Jaatun, M

Student paper

Information security incident management: Current practice as reported in the literature. Computers & Security 45(1), 42-57.

Original source

Information security incident management Current practice as reported in the literature Computers & Security 45(1), 42-57