ANALYSIS OF ROUTER ATTACK WITH SECURITY INFORMATION AND EVENT MANAGEMENT AND IMPLICATIONS IN INFORMATION SECURITY INDEX

Information security is a need to secure organizational information assets. The government as the regulator issues an Information Security Management System (ISMS) and Information Security Index (US) as a measure of information security in the agency of a region. Security Information and Event Management (SIEM) is a security technology to secure information assets. SIEM is expected to provide information on attacks that occur on the router network and increase the value of the Indeks KAMI of government agencies. However, the use of SIEM is still questionable whether it can recognize a router attack and its impact on the value of our index. This research simulates attacks on routers with 8 attacks namely Mac Flooding, ARP-Poisoning, CDP Flooding, DHCP Starvation, DHCP Rogue, SYN Flooding SSH Bruteforce and FTP Bruteforce. 8 types of attacks followed by digital forensic analysis using the OSCAR method to see the impact on routers and SIEM. Also measured is index KAMI before and after the SIEM to be able to measure the effect of SIEM installation on the value of index KAMI. It was found that the use of SIEM to conduct security monitoring proved successful in identifying attacks, but not all were recognized by SIEM. SIEM only recognizes DHCP Starvation, DHCP Rogue, SSH Bruteforce and FTP Bruteforce. Mac Flooding, ARP-Poisoning, CDP Flooding, SYN Flooding attacks are not recognized by SIEM because routers do not produce logs. Also obtained is the use of SIEM proven to increase our index from the aspect of technology

Download Full-text

Security Information and Event Management Implementation Guidance

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Enabling the New Era of Cloud Computing ◽

10.4018/978-1-4666-4801-2.ch005 ◽

2013 ◽

pp. 94-115

Author(s):

Yushi Shen ◽

Yale Li ◽

Ling Wu ◽

Shaofeng Liu ◽

Qian Wen

Keyword(s):

Information Security ◽

Security Analysis ◽

The United States ◽

Professional Judgment ◽

Event Management ◽

Security Risks ◽

Customer Information ◽

Simple Step ◽

Security Information ◽

Security As A Service

This chapter is about guidance and implementation prepared by the Cloud Security Alliance (CSA) Security as a Service (SecaaS) workgroup, which is made up of users and practitioners in the field of information security. In preparing this implementation guide, input has been sought from experts throughout Europe, the Middle East, and the United States. A lot of professional judgment and experience are applied in the architecture, engineering, and implementation of a Security Information and Event Management (SIEM) guide to ensure that it logs the information necessary to successfully increase visibility and remove ambiguity, surrounding the security events and risks that an organization faces. By providing SIEM as a service under SecaaS, the provider has to be able to accept log and event information, customer information and event feeds, and conduct information security analysis, correlation, and support incident response. By providing flexible real-time access to SIEM information, it allows the party consuming the SIEM service to identify threats acting against their environment cloud. This identification then allows for the appropriate action and response to be taken to protect or mitigate the threat. The simple step of increasing visibility and removing ambiguity is a powerful tool to understanding the information security risks that an organization is facing.

Download Full-text

Information Structure Framework for ISMS Planning and Certification: Malaysian Data

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v12.i2.pp634-640 ◽

2018 ◽

Vol 12 (2) ◽

pp. 634

Author(s):

Palaniappan Shamala ◽

Muruga Chinniah ◽

Cik Feresa Mohd Foozy ◽

Chuah Chai Wen ◽

Aida Mustapha ◽

...

Keyword(s):

Information Security ◽

Business Strategy ◽

Information Structure ◽

Measurement Model ◽

Rasch Measurement ◽

Information Security Management ◽

Structure Framework ◽

Information Security Management System ◽

Information Assets ◽

Structured Questionnaire

Information security are becoming an important aspect of organizations. Organisations also are progressively conscious of its important in their business strategy. The awareness make organisations are currently applying for information security management system (ISMS) to effectively manage their information assets. Therefore, this research aims to provide an Information Structure Framework for ISMS planning and certification. Then Likert structured questionnaire was distributed and the findings have been analyzed using Rasch Measurement Model (RMM). The results from this study, managed to develop Information Structure Framework for ISMS. The proposed framework consists of information structure focuses on providing the information outline which is structured in a way, in which the components are put together to form a meaningful structure which can be navigated at any time. The framework contributes to the field of ISMS and certification area. The framework provides an awareness on knowing beforehand what to do and to what extent they are already conquering the information needed for getting clear direction and to develop ISMS.

Download Full-text

Information Security and Ecosystems in Smart Cities

Smart Cities and Smart Spaces ◽

10.4018/978-1-5225-7030-1.ch043 ◽

2019 ◽

pp. 956-973

Author(s):

Ahmed Bin Touq ◽

Anthony Ijeh

Keyword(s):

Information Security ◽

Smart Cities ◽

Case Study Research ◽

Urban Environments ◽

Interconnected Systems ◽

Secure Information ◽

Communication Processes ◽

Information Assets ◽

The Impact

The purpose of this article is to evaluate the impact of ecosystems on Information Security in Smart Cities using Dubai as a case study. Innovative interconnected systems can affect the integrity of the information used by residents and citizens if not properly secured. The case study research method was used to examine the impact of the Internet of Everything on secure information exchanges. Data collected from the case study was used to assess the smartness of the urban development in managing its communication processes and information assets in a secure and confidential manner. The limitations of the study are found in its focus on one single city. By evaluating processes used to obtain information from interconnected systems, steps can be taken that would help to reduce threats in thriving innovative urban environments. The findings support the theory and perceptions held by management practitioners and information security specialists.

Download Full-text

Assessing the Information Security Awareness of Employees in PT ABC Against International Organization for Standardization (ISO) 27001:2013

Journal of Computational and Theoretical Nanoscience ◽

10.1166/jctn.2020.8823 ◽

2020 ◽

Vol 17 (2) ◽

pp. 1441-1446

Author(s):

Risma Lukitowati ◽

Kalamullah Ramli

Keyword(s):

Information Security ◽

International Organization ◽

International Electrotechnical Commission ◽

Security Awareness ◽

Information Security Awareness ◽

International Organization For Standardization ◽

Information Security Management System ◽

Information Assets ◽

Iec 27001 ◽

Iso 27001

The main purpose of information security is maintaining information assets that are owned by an organization, such as confidentiality, integrity, and availability (known as CIA). In maintaining information assets, a company usually manages information security by making and implementing an Information Security Management System (ISMS) policy. A widely used and applied ISMS policy in Indonesia is ISO/IEC 27001 (International Organization for Standardization/International Electrotechnical Commission). Indonesian telecommunications company PT ABC has implemented the ISO/IEC 27001:2013 standards and procedures. The company conducts an audit once a year to maintain the level of compliance with ISO/IEC 27001:2013. However, only a few people are involved in conducting audits, and it is still unknown how many employees are aware of the company’s information security. This research focused on assessing how much information security awareness exists within PT ABC. Questionnaires were distributed in two departments of the company: supply chain management and service delivery of the Jakarta operations network. This research also examined company documents and surveillance audits in 2018. The employees were grouped based on their length of employment. The results of the questionnaires, with an error margin of 6%, were further compared with the results of the surveillance audit. Our data show that most employees who have worked at the company for more than six years understood and implemented ISO 27001 controls. Meanwhile, companies still need to socialize ISO to employees who have worked at the company for just one to two years.

Download Full-text

THE ORGANIZATIONAL SECURITY INDEX: A TOOL FOR ASSESSING THE IMPACT OF NATIONAL CULTURE ON INFORMATION SECURITY ATTITUDES IN SLOVENIA AND THE UNITED STATES

Issues In Information Systems ◽

10.48009/3_iis_2020_95-104 ◽

2020 ◽

Keyword(s):

United States ◽

Information Security ◽

National Culture ◽

The United States ◽

Security Index ◽

The Impact ◽

Organizational Security

Download Full-text

Application of security information and event management technology for information security in critical infrastructures

SPIIRAS Proceedings ◽

10.15622/sp.20.2 ◽

2014 ◽

Vol 1 (20) ◽

pp. 27

Author(s):

Igor Vitalievich Kotenko ◽

Igor Borisovich Saenko ◽

Olga Vitalievna Polubelova ◽

Andrey Alexeevich Chechulin

Keyword(s):

Information Security ◽

Critical Infrastructures ◽

Event Management ◽

Management Technology ◽

Security Information

Download Full-text

APPROACH TO INFORMATION SECURITY RISK ASSESSMENT FOR A CLASS «1» AUTOMATED SYSTEM

Cybersecurity Education Science Technique ◽

10.28925/2663-4023.2020.10.98112 ◽

2020 ◽

Vol 2 (10) ◽

pp. 98-112

Author(s):

Iryna Litvinchuk ◽

Ruslan Korchomnyi ◽

Nataliia Korshun ◽

Maksym Vorokhob

Keyword(s):

Risk Assessment ◽

Information Security ◽

Management System ◽

Automated Systems ◽

Security Risks ◽

Advantages And Disadvantages ◽

Information Security Management System ◽

Class 1 ◽

Iec 27002 ◽

The Impact

The article is devoted to the assessment of information security risks in automated systems of class "1". An adapted approach to the assessment of information security risks in such automated systems using the Methodology and requirements of the standards of GSTU SUIB 1.0 / ISO / IEC 27001: 2010 and GSTU SUIB 2.0 / ISO / IEC 27002: 2010 is proposed. The efficiency and methods of implementation of the approach are proved on the example of consideration of real threats and vulnerabilities of class 1 automated systems. The main requirement for the creation of information security management system in the organization is risk assessment and identification of threats to information resources that are processed in information and telecommunications systems and speakers. The basic standards on information security in Ukraine are considered, which give general recommendations for the construction and assessment of information security risks within the ISMS. The most common methods and methodologies for assessing information security risks of international standard are analyzed, their advantages and disadvantages are identified. The order of carrying out of works on an estimation of risks of information security of the AS of a class "1" is defined. The vulnerabilities considered by the expert according to the standard ISO/IEC 27002:2005 and the Methodology are given. A conditional scale for determining the impact on the implementation of threats to integrity, accessibility, observation is given. Measures and means of counteracting the emergence of threats are proposed. This approach can be used both for direct information risk assessment and for educational purposes. It allows to get the final result regardless of the experience and qualifications of the specialist who conducts risk assessment, with the subsequent implementation and improvement of the existing risk management system in the organization.

Download Full-text

Security and Privacy Issues in Cloud-Based E-Government

Advances in Electronic Government, Digital Divide, and Regional Development - Cloud Computing Technologies for Connected Government ◽

10.4018/978-1-4666-8629-8.ch012 ◽

2016 ◽

pp. 292-321 ◽

Cited By ~ 4

Author(s):

Heru Susanto ◽

Mohammad Nabil Almunawar

Keyword(s):

Cloud Computing ◽

Information Security ◽

Security And Privacy ◽

Security Issues ◽

Computing Services ◽

Information Security Management System ◽

Cloud Computing Services ◽

The Government ◽

Privacy And Confidentiality ◽

Privacy Issues

Cloud computing services have grown rapidly over the years. Government agencies are also interested in cloud-based provision for their E-government processes. Despite the advantages of cloud-related technologies, there are many security issues as well that fall into several categories of breaches with serious impacts. All these breaches have serious legal and reputational implications. Therefore, governments need to ensure that inherent security threats can be neutralized to ensure that data or information stored in the cloud are well protected. It is imperative for cloud-based e-government (CB-eGov) to use an information security management system (ISMS) to effectively manage CB-eGov. The purpose of this chapter is to discuss how cloud computing can be incorporated in an e-government implementation to improve its efficiency without compromising information security. As such, the government needs to take special care in ensuring security, privacy, and confidentiality of information stored in the cloud.

Download Full-text

Bahrain Government Information Security Framework

Implementing Computational Intelligence Techniques for Security Systems Design - Advances in Computational Intelligence and Robotics ◽

10.4018/978-1-7998-2418-3.ch010 ◽

2020 ◽

pp. 196-209

Author(s):

Yusuf Mohammed Mothanna ◽

Yousif Abdullatif Albastaki ◽

Talal Mohamed Delaim

Keyword(s):

Information Security ◽

Electronic Government ◽

Government Information ◽

Security Framework ◽

Government Services ◽

Local Resources ◽

The World ◽

Information Assets ◽

The Government ◽

National Information

Information technology is perceived as an important enabler for government entities to accomplish their goals. The proliferation of electronic government services that can provide value for citizens and residents have pushed governments all over the world to adopt and deploy these services. However, governments have realized that it is critical to build proper defense to protect the information. Implementing information security by using international or national information security frameworks helps organizations to ensure the safeguard of information assets. This chapter reviews useful information security frameworks. Also, this chapter provides a proposed information security framework implemented in the Government of Bahrain, which is called CyberTrust Program. This framework was developed based on best practices and local resources and culture.

Download Full-text