Miss Professor only
6/9/2018 SafeAssign Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_100958_1&paperId=217710342&&attemptId=032a7e1
2018-SUMMER-IG-ISOL632-27 - 2018_SUMMER_IG_BUS CONT PLAN & DISASTE RECOVERY PLAN_27
Case Study #3 Anil Kumar Arumalla on Fri, Jun 08 2018, 9:57 AM
24% highest match Submission ID: 032a7e1b-173e-4c73-b347-2b69057539a8
Attachments (1)
Case Study #3.docx
Running Head: DoS ATTACK DoS ATTACK
1 DOS ATTACK NAME: Anil Kumar Arumalla Institute of Affiliation: University of the
Cumberland’s Date: 06/08/2018
Introduction.
2 CLOUD INTEGRATION PRESENTS UNIQUE CHALLENGES TO INCIDENT
HANDLERS AS WELL AS THOSE RESPONSIBLE FOR PREPARING AND
NEGOTIATING THE CONTRACT FOR CLOUD SERVICES. THE CHALLENGES ARE
FURTHER COMPLICATED WHEN THERE IS A PREVAILING PERCEPTION THAT
THE CLOUD INTEGRATION IS “INSIDE THE SECURITY PERIMETER” OR “THE
COMPANY HAS A WRITTEN CONTRACT REQUIRING THE VENDOR TO BE SECURE,
THAT SHOULD BE ENOUGH.” THIS SORT OF THINKING MAY BE NA VE BUT,
UNFORTUNATELY. It is not rare. 2 THE CLOUD PROVIDER MAY HAVE A GREAT
DEAL OF BUILD IN SECURITY OR THEY MAY NOT. WHETHER THEY DO OR DO
(http://safeassign.blackboard.com/)
Case Study #3.docx Word Count: 631 Attachment ID: 217710342
24%
6/9/2018 SafeAssign Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_100958_1&paperId=217710342&&attemptId=032a7e1
NOT, INCIDENT HANDLING (IH) TEAMS WILL EVENTUALLY FACE INCIDENTS
RELATED TO THE INTEGRATION, NECESSITATING PLANNING FOR HANDLING
INCIDENTS IN THIS NEW ENVIRONMENT.
Information security is not considered a full-time job by many organizations because once the
security has been insured the organization will need them only when they are vulnerable to attacks
or facing threats or when the security must be upgraded. 3 (BLUNDEN 2014) IT IS
CRITICAL FOR ORGANIZATIONS TO HAVE A DOS RESPONSE PLAN BEFORE IT
HAPPENS BECAUSE OF THE FOLLOWING:
i. 4 IN ORDER TO ESTABLISH WHO WILL RESPOND TO AN ATTACK TO
MINIMIZE CONFUSION.
ii. Determine who does what post-attack to maximize efficiency and minimize your response time.
iii. To know where the risk is the greatest is the first step toward addressing that risk.
iv. Find vulnerable spots in your network to protect them.
5 TECHNIQUES USED BY MALWARE DEVELOPERS TO DISGUISE THEIR CODE
AND PREVENT IT FROM BEING ANALYZED.
Obfuscation is the commonly used technique adopted by malware developers in attempts to protect
their code. Obfuscation is the act of designing a system code that becomes hard for human beings to
understand. (Krieg et.al 2013). This is some of the ways malware designers obfuscate malware
codes so that they not detected by antivirus scanners.
i. Dead-code insertion This technique is designed to work by adding inefficient guidelines to
programs to alter their appearance, but not change their behavior. So as to fight dead-code
additions, the signature centered antivirus detectors should have the ability to erase the inefficient
instructions prior to analysis.
ii. Register reassignment This technique is designed to put off registers for generations and at the
same time maintaining the program code while still maintaining its behavior.
6/9/2018 SafeAssign Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_100958_1&paperId=217710342&&attemptId=032a7e1
iii. Subroutine reordering Malware developers design this technique in a manner that is not easy for
antivirus scanner programs to discover the initial code. It does this by altering the arrangement of
the subroutines of the initial codes in a haphazard manner. This makes it impossible for antivirus
scanners to detect and identify any of the malware codes.
iv. Instruction subroutines This one is designed to perform a modification on the initial code by
substituting part of the instructions by other sets of instructions that match the initial ones.
v. Code Transportation This technique is meant to reorder the arrangement of the guidelines of the
initial code and maintaining constant behavior of the code so that no noticeable changes are
observed.
vi. Code Integration In applying this technique, the designed malware finds its way to attach to the
code of the program it is meant to alter. So as to perform this technique, the malware starts by
dismantling the program into smaller pieces and then divides itself between them. It then
reassembles the combined code to become another generation (Yin et.al 2013).
References Blunden, B. (2014). Behold a Pale Farce: Cyberwar, Threat Inflation, & the Malware
Industrial Complex.
Krieg, C., Dabrowski, A., Hobel, H., Krombholz, K., & Weippl, E. R (2013). Hardware Malware.
Yin, H., & Song, D. (2013). 5 AUTOMATIC MALWARE ANALYSIS: An emulator based
approach. New York: Springer.
Citations (5/5) 1 https://www.sans.org/reading-room/whitepapers/incident/incidents-cloud-33619
2 https://www.ukessays.com/dissertation/examples/computer-science/incident-handling-on-cloud-computing.php
3 Another student's paper
4 Another student's paper
5 Another student's paper
6/9/2018 SafeAssign Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_100958_1&paperId=217710342&&attemptId=032a7e1
Matched Text
Suspected Entry: 62% match
Uploaded - Case Study #3.docx DOS ATTACK NAME
Source - https://www.sans.org/reading- room/whitepapers/incident/incidents-cloud-33619
includes a DOS attack)
Suspected Entry: 99% match
Uploaded - Case Study #3.docx CLOUD INTEGRATION PRESENTS UNIQUE CHALLENGES TO INCIDENT HANDLERS AS WELL AS THOSE RESPONSIBLE FOR PREPARING AND NEGOTIATING THE CONTRACT FOR CLOUD SERVICES
Source - https://www.ukessays.com/dissertation/examples/comput er-science/incident-handling-on-cloud-computing.php
Cloud integration presents unique challenges to incident handlers as well as to those responsible for preparing and negotiating the contract for cloud services
Suspected Entry: 63% match
Uploaded - Case Study #3.docx THE CHALLENGES ARE FURTHER COMPLICATED WHEN THERE IS A PREVAILING PERCEPTION THAT THE CLOUD INTEGRATION IS “INSIDE THE SECURITY PERIMETER” OR “THE COMPANY HAS A WRITTEN CONTRACT REQUIRING THE VENDOR TO BE SECURE, THAT SHOULD BE ENOUGH.” THIS SORT OF THINKING MAY BE NA VE BUT, UNFORTUNATELY
Source - https://www.ukessays.com/dissertation/examples/comput er-science/incident-handling-on-cloud-computing.php
The challenges are further complicated when there is a prevailing perception that the cloud integration is “inside the security Edge or the organisation has been stated in written that a agreement needed the supplier to be safe, this must be sufficient
Suspected Entry: 90% match
Uploaded - Case Study #3.docx THE CLOUD PROVIDER MAY HAVE A GREAT DEAL OF BUILD IN SECURITY OR THEY MAY NOT
Source - https://www.ukessays.com/dissertation/examples/comput er-science/incident-handling-on-cloud-computing.php
The cloud provider may have a great deal of built in security or they may not
6/9/2018 SafeAssign Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_100958_1&paperId=217710342&&attemptId=032a7e1
Suspected Entry: 98% match
Uploaded - Case Study #3.docx WHETHER THEY DO OR DO NOT, INCIDENT HANDLING (IH) TEAMS WILL EVENTUALLY FACE INCIDENTS RELATED TO THE INTEGRATION, NECESSITATING PLANNING FOR HANDLING INCIDENTS IN THIS NEW ENVIRONMENT
Source - https://www.ukessays.com/dissertation/examples/comput er-science/incident-handling-on-cloud-computing.php
Whether they do or not, incident handling (IH) teams will eventually face incidents related to the integration, necessitating planning for handling incidents in this new environment
Suspected Entry: 66% match
Uploaded - Case Study #3.docx (BLUNDEN 2014) IT IS CRITICAL FOR ORGANIZATIONS TO HAVE A DOS RESPONSE PLAN BEFORE IT HAPPENS BECAUSE OF THE FOLLOWING
Source - Another student's paper Why it is critical for an organization to have a DoS attack response plan well before it happens
Suspected Entry: 65% match
Uploaded - Case Study #3.docx IN ORDER TO ESTABLISH WHO WILL RESPOND TO AN ATTACK TO MINIMIZE CONFUSION
Source - Another student's paper For minimizing the confusion that who will respond to an attack
Suspected Entry: 99% match
Uploaded - Case Study #3.docx TECHNIQUES USED BY MALWARE DEVELOPERS TO DISGUISE THEIR CODE AND PREVENT IT FROM BEING ANALYZED
Source - Another student's paper Techniques used by malware developers to disguise their code and prevent it from being analyzed
Suspected Entry: 62% match
Uploaded - Case Study #3.docx AUTOMATIC MALWARE ANALYSIS
Source - Another student's paper Practical malware analysis
6/9/2018 SafeAssign Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_100958_1&paperId=217710342&&attemptId=032a7e1