Miss Professor only

profileaakumar2010
SafeAssignOriginalityReport.pdf

6/9/2018 SafeAssign Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_100958_1&paperId=217710342&&attemptId=032a7e1

2018-SUMMER-IG-ISOL632-27 - 2018_SUMMER_IG_BUS CONT PLAN & DISASTE RECOVERY PLAN_27

Case Study #3 Anil Kumar Arumalla on Fri, Jun 08 2018, 9:57 AM

24% highest match Submission ID: 032a7e1b-173e-4c73-b347-2b69057539a8

Attachments (1)

Case Study #3.docx

Running Head: DoS ATTACK DoS ATTACK

1 DOS ATTACK NAME: Anil Kumar Arumalla Institute of Affiliation: University of the

Cumberland’s Date: 06/08/2018

Introduction.

2 CLOUD INTEGRATION PRESENTS UNIQUE CHALLENGES TO INCIDENT

HANDLERS AS WELL AS THOSE RESPONSIBLE FOR PREPARING AND

NEGOTIATING THE CONTRACT FOR CLOUD SERVICES. THE CHALLENGES ARE

FURTHER COMPLICATED WHEN THERE IS A PREVAILING PERCEPTION THAT

THE CLOUD INTEGRATION IS “INSIDE THE SECURITY PERIMETER” OR “THE

COMPANY HAS A WRITTEN CONTRACT REQUIRING THE VENDOR TO BE SECURE,

THAT SHOULD BE ENOUGH.” THIS SORT OF THINKING MAY BE NA VE BUT,

UNFORTUNATELY. It is not rare. 2 THE CLOUD PROVIDER MAY HAVE A GREAT

DEAL OF BUILD IN SECURITY OR THEY MAY NOT. WHETHER THEY DO OR DO

(http://safeassign.blackboard.com/)

Case Study #3.docx Word Count: 631 Attachment ID: 217710342

24%

6/9/2018 SafeAssign Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_100958_1&paperId=217710342&&attemptId=032a7e1

NOT, INCIDENT HANDLING (IH) TEAMS WILL EVENTUALLY FACE INCIDENTS

RELATED TO THE INTEGRATION, NECESSITATING PLANNING FOR HANDLING

INCIDENTS IN THIS NEW ENVIRONMENT.

Information security is not considered a full-time job by many organizations because once the

security has been insured the organization will need them only when they are vulnerable to attacks

or facing threats or when the security must be upgraded. 3 (BLUNDEN 2014) IT IS

CRITICAL FOR ORGANIZATIONS TO HAVE A DOS RESPONSE PLAN BEFORE IT

HAPPENS BECAUSE OF THE FOLLOWING:

i. 4 IN ORDER TO ESTABLISH WHO WILL RESPOND TO AN ATTACK TO

MINIMIZE CONFUSION.

ii. Determine who does what post-attack to maximize efficiency and minimize your response time.

iii. To know where the risk is the greatest is the first step toward addressing that risk.

iv. Find vulnerable spots in your network to protect them.

5 TECHNIQUES USED BY MALWARE DEVELOPERS TO DISGUISE THEIR CODE

AND PREVENT IT FROM BEING ANALYZED.

Obfuscation is the commonly used technique adopted by malware developers in attempts to protect

their code. Obfuscation is the act of designing a system code that becomes hard for human beings to

understand. (Krieg et.al 2013). This is some of the ways malware designers obfuscate malware

codes so that they not detected by antivirus scanners.

i. Dead-code insertion This technique is designed to work by adding inefficient guidelines to

programs to alter their appearance, but not change their behavior. So as to fight dead-code

additions, the signature centered antivirus detectors should have the ability to erase the inefficient

instructions prior to analysis.

ii. Register reassignment This technique is designed to put off registers for generations and at the

same time maintaining the program code while still maintaining its behavior.

6/9/2018 SafeAssign Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_100958_1&paperId=217710342&&attemptId=032a7e1

iii. Subroutine reordering Malware developers design this technique in a manner that is not easy for

antivirus scanner programs to discover the initial code. It does this by altering the arrangement of

the subroutines of the initial codes in a haphazard manner. This makes it impossible for antivirus

scanners to detect and identify any of the malware codes.

iv. Instruction subroutines This one is designed to perform a modification on the initial code by

substituting part of the instructions by other sets of instructions that match the initial ones.

v. Code Transportation This technique is meant to reorder the arrangement of the guidelines of the

initial code and maintaining constant behavior of the code so that no noticeable changes are

observed.

vi. Code Integration In applying this technique, the designed malware finds its way to attach to the

code of the program it is meant to alter. So as to perform this technique, the malware starts by

dismantling the program into smaller pieces and then divides itself between them. It then

reassembles the combined code to become another generation (Yin et.al 2013).

References Blunden, B. (2014). Behold a Pale Farce: Cyberwar, Threat Inflation, & the Malware

Industrial Complex.

Krieg, C., Dabrowski, A., Hobel, H., Krombholz, K., & Weippl, E. R (2013). Hardware Malware.

Yin, H., & Song, D. (2013). 5 AUTOMATIC MALWARE ANALYSIS: An emulator based

approach. New York: Springer.

Citations (5/5) 1 https://www.sans.org/reading-room/whitepapers/incident/incidents-cloud-33619

2 https://www.ukessays.com/dissertation/examples/computer-science/incident-handling-on-cloud-computing.php

3 Another student's paper

4 Another student's paper

5 Another student's paper

6/9/2018 SafeAssign Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_100958_1&paperId=217710342&&attemptId=032a7e1

Matched Text

Suspected Entry: 62% match

Uploaded - Case Study #3.docx DOS ATTACK NAME

Source - https://www.sans.org/reading- room/whitepapers/incident/incidents-cloud-33619

includes a DOS attack)

Suspected Entry: 99% match

Uploaded - Case Study #3.docx CLOUD INTEGRATION PRESENTS UNIQUE CHALLENGES TO INCIDENT HANDLERS AS WELL AS THOSE RESPONSIBLE FOR PREPARING AND NEGOTIATING THE CONTRACT FOR CLOUD SERVICES

Source - https://www.ukessays.com/dissertation/examples/comput er-science/incident-handling-on-cloud-computing.php

Cloud integration presents unique challenges to incident handlers as well as to those responsible for preparing and negotiating the contract for cloud services

Suspected Entry: 63% match

Uploaded - Case Study #3.docx THE CHALLENGES ARE FURTHER COMPLICATED WHEN THERE IS A PREVAILING PERCEPTION THAT THE CLOUD INTEGRATION IS “INSIDE THE SECURITY PERIMETER” OR “THE COMPANY HAS A WRITTEN CONTRACT REQUIRING THE VENDOR TO BE SECURE, THAT SHOULD BE ENOUGH.” THIS SORT OF THINKING MAY BE NA VE BUT, UNFORTUNATELY

Source - https://www.ukessays.com/dissertation/examples/comput er-science/incident-handling-on-cloud-computing.php

The challenges are further complicated when there is a prevailing perception that the cloud integration is “inside the security Edge or the organisation has been stated in written that a agreement needed the supplier to be safe, this must be sufficient

Suspected Entry: 90% match

Uploaded - Case Study #3.docx THE CLOUD PROVIDER MAY HAVE A GREAT DEAL OF BUILD IN SECURITY OR THEY MAY NOT

Source - https://www.ukessays.com/dissertation/examples/comput er-science/incident-handling-on-cloud-computing.php

The cloud provider may have a great deal of built in security or they may not

6/9/2018 SafeAssign Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_100958_1&paperId=217710342&&attemptId=032a7e1

Suspected Entry: 98% match

Uploaded - Case Study #3.docx WHETHER THEY DO OR DO NOT, INCIDENT HANDLING (IH) TEAMS WILL EVENTUALLY FACE INCIDENTS RELATED TO THE INTEGRATION, NECESSITATING PLANNING FOR HANDLING INCIDENTS IN THIS NEW ENVIRONMENT

Source - https://www.ukessays.com/dissertation/examples/comput er-science/incident-handling-on-cloud-computing.php

Whether they do or not, incident handling (IH) teams will eventually face incidents related to the integration, necessitating planning for handling incidents in this new environment

Suspected Entry: 66% match

Uploaded - Case Study #3.docx (BLUNDEN 2014) IT IS CRITICAL FOR ORGANIZATIONS TO HAVE A DOS RESPONSE PLAN BEFORE IT HAPPENS BECAUSE OF THE FOLLOWING

Source - Another student's paper Why it is critical for an organization to have a DoS attack response plan well before it happens

Suspected Entry: 65% match

Uploaded - Case Study #3.docx IN ORDER TO ESTABLISH WHO WILL RESPOND TO AN ATTACK TO MINIMIZE CONFUSION

Source - Another student's paper For minimizing the confusion that who will respond to an attack

Suspected Entry: 99% match

Uploaded - Case Study #3.docx TECHNIQUES USED BY MALWARE DEVELOPERS TO DISGUISE THEIR CODE AND PREVENT IT FROM BEING ANALYZED

Source - Another student's paper Techniques used by malware developers to disguise their code and prevent it from being analyzed

Suspected Entry: 62% match

Uploaded - Case Study #3.docx AUTOMATIC MALWARE ANALYSIS

Source - Another student's paper Practical malware analysis

6/9/2018 SafeAssign Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_100958_1&paperId=217710342&&attemptId=032a7e1