Unit 6 Reflection post

Organizations face challenges to secure their assets from potential cyber-attacks since such attacks are becoming more and more sophisticated; hence implementing network security is becoming vital in this digital connected world. In the initial post, we have seen how Vodafone Portugal was a victim of a cyber-attack in 2022, which caused their network to be offline and suspended their services to customers, (Cyber security intelligence, accessed 5 September 2023). Firewalls can be the first line of defense against cyber attacks, but we have seen that firewalls have pros as well as limitations.Kornaros et al (2020) argue that hardware firewall stops unauthorized access from untrusted applications. Moreover, the hardware firewall has key benefits such as having the possibility to configure specific rules for traffic and controlling the traffic that reaches the network, (what is hardware firewall, accessed 5 September 2023). However, the drawback for this approach is that it can be vulnerable to malicious attacks from the inside. (Essex, 2023) Moreover, firewalls can be arguably vulnerable to denial-of-service attacks since such attacks can come in the form of volumetric attack where the bandwidth get flooded with traffic and causing the hardware resources to be depleted, (Balarezo et al, 2021) The NGFW,on the other hand, has the SYN rate limiting feature which can arguably help in preventing denial of service attacks, however there can be exceptions where this feature malfunctions making it vulnerable to such attacks, (Selvaraj, 2018). The rise of machine learning and artificial intelligence has led practitioners to explore this area.For example, Dawadi et al (2023) examined the use of deep learning techniques with web application firewalls to mitigate denial of service. They concluded that the deep learning model was 97.57% accurate in denial-of-service detection.

Organizations should be proactive in their counter measures to cyber-attacks; it’s important to understand the context of what needs to be protected and perform the risk assessment, then design the threat model that best fits the use case and requirements. Applying network security can arguably serve as the first line of defense, in addition to the periodic penetration tests for security audits. This can lead to an effective strategy against malicious attacks.

References:

  • Balarezo, J.F., Wang, S., Chavez, K.G., Al-Hourani, A. and Kandeepan, S. (2021). A survey on DoS/DDoS attacks mathematical modelling for traditional, SDN and virtual networks. Engineering Science and Technology, an International Journal. doi:https://doi.org/10.1016/j.jestch.2021.09.011.

  • Cyber security intelligence, 2022, online available at https://www.cybersecurityintelligence.com/blog/vodafone-portugal-has-been-hacked-6121.html; (accessed 5 September 2023)

  • Dawadi, B.R., Adhikari, B. and Srivastava, D.K. (2023). Deep Learning Technique-Enabled Web Application Firewall for the Detection of Web Attacks. Sensors, 23(4), p.2073. doi:https://doi.org/10.3390/s23042073.

  • Kornaros, G., Tomoutzogloua, O., Mbakoyiannis, D., Karadimitrioua, N., Coppola, M., Montanari, E., Deligiannis, I. & Gherardi, G. (2020) “Towards holistic secure networking in connected vehicles through securing CAN-bus communication and firmware-over-the-air updating”, Journal of Systems Architecture,https://doi.org/10.1016/j.sysarc.2020.101761.

  • Selvaraj, V. (2018). Distributed Denial of Service Attack Detection, Prevention and Mitigation Service on Cloud Environment. Journal of Computer Engineering & Information Technology, 07(03). doi:https://doi.org/10.4172/2324-9307.1000205.

  • What is hardware firewall, 2022, online available at: https://www.fortinet.com/resources/cyberglossary/hardware-firewalls-better-than-software; (accessed 5 September 2023)

  • University of Essex online (2023). Approaches to Security Design Lecturecast. LCYS_PCOM7E August 2023 Launching into cyber security. University of Essex Online.