Managing Network Security with Snort Open Source Intrusion Detection Tools

Organizations both large and small are constantly looking to improve their posture on security. Hackers and intruders have made many successful attempts to bring down high-profile company networks and web services for lack of adequate security. Many methods have been developed to secure the network infrastructure and communication over the Internet such as the firewall and intrusion detection systems. While most organizations deploy security equipment, they still encounter the challenge of monitoring and reviewing the security events. There are various intrusion detection tools in the market for free. Also, there are multiple ways to detect these attacks and vulnerabilities from being exploited and leaking corporate data on the internet. One method involves using intrusion detection systems to detect the attack and block or alert the appropriate staff of the attack. Snort contains a suite of tools that aids the administrators in detecting these events. In this paper, Snort IDS was analysed on how it manages the network from installation to deployment with additional tools that helps to analyse the security data. The components and rules to operate Snort were also discussed. As with other IDS it has advantages and disadvantages

Developing a secured social networking site using informa on security awareness techniques

Background: Ever since social network sites (SNS) became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA) remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it dif cult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has con rmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS. Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented. Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP) approach, using PhP as the coding language with the MySQL database engine at the back end. Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours. Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it

A Congenial Access Control Technique for Knowledge Management Systems

Usability is of extreme importance in any system design. In knowledge management systems, the need for usability is heightened by the inertia to use the system by workers. The current popular access control technique used by in KMS and portals is not exactly suitable for such a sensitive system because it does not amend to the fuzzy nature of a KMS and KM functions and ends up making the system difficult to use and violates the overall objective of the system. The research highlights usability issues as one of the problems of KMS and a potent cause of failure it was therefore treated with such seriousness. A more congenial access control technique was proposed which allows for the fuzziness inherent in KMS for large organizations. The model was evaluated through a real-world implementation – the dotCSC and the design proved viable. The system had a 0% false positive and an initial 2.1% false negative rate which was quickly corrected. It eliminated the stress of continuous role engineering and modifications. The system also recorded a high level of usability based on an online survey conducted through it. Overall, we achieved adequate security and usability, a goal which has been elusive to KMS and other systems

Measuring Information Security Awareness Efforts in Social Networking Sites – A Proactive Approach

For Social Network Sites to determine the effectiveness of their Information Security Awareness (ISA) techniques, many measurement and evaluation techniques are now in place to ensure controls are working as intended. While these techniques are inexpensive, they are all incident- driven as they are based on the occurrence of incident(s). Additionally, they do not present a true reflection of ISA since cyber-incidents are hardly reported. They are therefore adjudged to be post-mortem and risk permissive, the limitations that are inacceptable in industries where incident tolerance level is low. This paper aims at employing a non-incident statistic approach to measure ISA efforts. Using an object- oriented programming approach, PhP is employed as the coding language with MySQL database engine at the back-end to develop sOcialistOnline – a Social Network Sites (SNS) fully secured with multiple ISA techniques. Rather than evaluating the effectiveness of ISA efforts by success of attacks or occurrence of an event, password scanning is implemented to proactively measure the effects of ISA techniques in sOcialistOnline. Thus, measurement of ISA efforts is shifted from detective and corrective to preventive and anticipatory paradigms which are the best forms of information security approach

SOA-RTDBS: A service oriented architecture (SOA) supporting real time database systems

With the increase of complexity in Real-time Database Systems (RTDBS), the amount of data that needs to be managed has also increased. Adoption of a RTDBS as a tightly integrated part of the SOA development process can give significant benefits with respect to data management. However, the variability of data management requirements in different systems, and its heterogeneity may require a distinct database configuration. We addressed the challenges that face RTDB managers who intend to adopt RTDBS in SOA market; we also introduce a service oriented approach to RTDBS analytics and describe how this is used to measure and to monitor the security system. A SOA approach for generating RTDBS configurations suitable for resource-constrained real-time systems using Service Oriented Architecture tools to assist developers with design and analysis of services of developed or new systems was also explored

On the use of Locality for Improving SVM-Based Spam Filtering

Recent growths in the use of email for communication and the corresponding growths in the volume of email received have made automatic processing of emails desirable. In tandem is the prevailing problem of Advance Fee fraud E-mails that pervades inboxes globally. These genres of e-mails solicit for financial transactions and funds transfers from unsuspecting users. Most modern mail-reading software packages provide some forms of programmable automatic filtering, typically in the form of sets of rules that file or otherwise dispose mails based on keywords detected in the headers or message body. Unfortunately programming these filters is an arcane and sometimes inefficient process. An adaptive mail system which can learn its users’ mail sorting preferences would therefore be more desirable. Premised on the work of Blanzieri & Bryl (2007), we proposes a framework dedicated to the phenomenon of locality in email data analysis of advance fee fraud e-mails which engages Support Vector Machines (SVM) classifier for building local decision rules into the classification process of the spam filter design for this genre of e-mails

Pinch Analysis as a Knowledge Management Tool for Optimization in Supply Chain

Supply chain managers are trying to maximize the profitable operation of their manufacturing and distribution supply chain, but due to global competition in process industries and complexities of the supply chain processes together with large computational times, it has made optimization of supply chain management (SCM) quite difficult. Recently, Knowledge management (KM) is a new important information technology-based business paradigm for achieving competitive advantage, and it is no surprise that it has received so much attention from researchers. This paper therefore deploys Pinch Analysis, a practicable tool that entails less complex mathematics compared to many other optimization tools, to manage critical knowledge generated in supply chains. In this study, demand and supply explicit knowledge from the organization was represented as composites for the pinch analysis. The developed system gave supply chain managers new insights into SCM and thus aiding quick decision-making and on the overall helped to achieve the much needed competitive advantage

Towards a More Mobile KMS

Present knowledge management systems (KMS) hardly leverage the advances in technology in their designs. The effect of this cannot be positive because it creates avenues for dissipation and leaks in the knowledge acquisition and dissemination cycle. In this work we propose a development model that looks at KMS from the mobility angle enhancing previous designs of mobile KMS (mKMS) and KMS. We used a SOA based Smart Client Architecture to provide a new view of KMS with capabilities to actually manage knowledge. The model was implemented and tested as a small scale prototype to show its practicability. This model will serve as a framework and a guide for future designs

Pinch Analysis as a Knowledge Management Tool for Optimization in Supply Chain

Supply chain managers are trying to maximize the profitable operation of their manufacturing and distribution supply chain, but due to global competition in process industries and complexities of the supply chain processes together with large computational times, it has made optimization of supply chain management (SCM) quite difficult. Recently, Knowledge management (KM) is a new important information technology-based business paradigm for achieving competitive advantage, and it is no surprise that it has received so much attention from researchers. This paper therefore deploys Pinch Analysis, a practicable tool that entails less complex mathematics compared to many other optimization tools, to manage critical knowledge generated in supply chains. In this study, demand and supply explicit knowledge from the organization was represented as composites for the pinch analysis. The developed system gave supply chain managers new insights into SCM and thus aiding quick decision-making and on the overall helped to achieve the much needed competitive advantage