Information Assurance & Security

(TEB 2193)

Extended Assignment (EA)

Semester : Sept 2020

Lecturer’s Name : Nazleeni Samiha Bt Haron

Name ID Number

Fatin Nasuha Binti Abdul Razak 18002908

Certification of Originality
I hereby confirm and understand that :
Plagiarism (copying / cheating) is not permitted, and if caught and found guilty, I will receive
an F grade for this extended assignment, and will be subjected to the Academic
Disciplinary Committee.
All answers submitted for this extended assignment is my own original work.

Signature:

Students’s Name: Fatin Nasuha Binti Abdul Razak

 Question 1

1. Introduction

1.1. Background of the study

As the coronavirus (COVID-19) epidemic drives more employees to operate from

home, several businesses recognize that their existing structures do not accommodate
a sufficient number of remote workers. While some business interruption is necessary
as workers who are supposed to work in offices move to work from home, it is
important for companies to ensure that their services are accessible and safe
throughout this period.

Although working at home can sound like a simple option for workers, reality can be
very difficult for IT teams.

Businesses need to ask themselves how equipped they are to continue providing the
same services at the same level of quality across the available, flexible and efficient
network. Businesses will need to consider how easily they can adapt and deliver a
remote, stable networking system to their employees.

Many companies that consider themselves oriented towards promoting work from
home are likely to discover that their current strategies actually do not work on a scale.
Existing solutions are usually only set up to serve a limited subset of users, allowing
access only to the systems that individual employees need. Today, for all workers
having remote access to a wide variety of business processes, ensuring access in a
safe manner is the next obstacle (Fortinet's Australia, 2020).

1.2. Problem Statement

For different workers using different toolsets and having different criteria, it can be
tricky to ensure that the approach implemented is customized to everyone's needs. In
addition, several remote working systems are designed to work for business
computers. However, companies who cannot send each employee a laptop would
need to let them connect using their own computers, making it more difficult to handle
system and network protection.
As an information security analyst for a consultant company, we have to provide a
security threats and solutions for the new working mode. Based on research and
investigation, most of workers tend to work from home using their personal devices
such as mobile phone, mobile tablets and personal laptops than their company
devices. This scenario occurs because the limitation of the business to provide the
employee a laptop. The businesses can’t give every each of employee a laptop will let
them connect using their own devices. This leads yet another dimension of security
issues which makes it impossible to ensure that employees obey business policy
(Fortinet's Australia, 2020). On top of that, the employees also using home-based
wireless connectivity for connecting to the company’s network. As we can see that all
workers used email services and cloud services to run and completed their task during
their working hours. Home security networks are generally less secure than internal
organization networks, and workers operating in isolation place them at greater risk of
falling for phishing scams or business email compromise attacks. This is will make it
harder to manage device and network security (Fortinet's Australia, 2020).

2. Objectives

The purpose of this study, we have to find out what is the information security and
assurance that will be related based on this scenario.

Firstly, we have to clearly identified what is the threats, vulnerabilities, risk and attacks
that involved in this situation. Secondly, we have to look at all the element that
involved. For examples based on this scenario, we can find out about the wireless
network security, firewall, virtual private network (VPN) and Demilitarized Zone (DMZ).

A Threats is a possible security violation that might exploit the vulnerability of a system.
Within the context of security risk, Threats can be classified as a potential causes of
an incident that many result in harm to a system or organization.

A Vulnerabilities means that some of weakness of a system that could allow security
to be allowed. They are have a few types of the vulnerabilities. But in this scenario we
can identified it as hardware or software vulnerabilities which is through employees,
technology, hardware, software, and network.
Based on the explanation above, Threats and Vulnerabilities causes a risk to the
businesses. The meaning of the risk is the potential that a given threat will exploit
vulnerabilities of an asset or group of assets and thereby cause harm to the
organization.

In a nutshell, a means of classifying security attacks can be divided by two term which
are a passive attack and active attack. Passive attack attempts to learn or make use
of information from the system but does not affect the system resources. An active
attack attempts to alter system resources or affect their operation. The objective of an
attack is to cause damage.

3. Literature Review

Based on the research, potential vulnerabilities and security threats or attacks with
regards on workers (user). It will be impacts or damages of the threats and attacks to
the users and their machine. To maintain economic income and market success for
businesses who radically shift into cloud computing to help workers who operate
remotely. With unprecedented cloud growth, data breaches and cyber security are
taking a big leap forward (Mandal & Khan, 2020).

The impact that will can be find out from here is causing security breaches. The
exponential rise of cyber threats, as day-to-day growth around the globe not only
impacts real-time data in the cloud, but hinders the host's personal space. As we all
know, the cloud approach comes with a rigid security policy with an acceptable
compliant structure that satisfies business needs. User is connected to the internet
with the local services provider or mobile operator which is out of enterprise zone that
make it turn to untrusted. The attacker can pass through the host’s IP address and
making it the victim of Trojan horse attack, ransomware attack, spoofing of IP, MAC.
etc based on this situation. The impact of business in the support of work from home
over the adoption of cloud has already captured the IT market. Collaborating with
remote working enterprise have to move on the cloud without any restriction. The use
of personal workspace would not agree with the current rigid security measures that
are contributing to major attacks these days. One of the major attacks to this problem
is Social Engineering and Phishing Attacks. Cyber-attack is a human problem where
the attacker finds keyboards or visual screen as the weakest point to trick us into
divulging sensitive information (Mandal & Khan, 2020).

It were already investigated that most severe types of attack that can expose human
vulnerabilities. This largely remote working situation offers an appropriate way to take
advantage of this changed behaviour. From the examples of a security perspective, to
permit the users while accessing the business resources remotely will be involving
many services for public access. Video conferencing tools are affected by the
significant increase in usage and demand. Especially in business, this platform are
used to organized the meetings and form teams (Muheidat, Tawalbeh, Quwaider, &
Saldamli, 2020).

Many people are forced to work using their personal devices since the beginning of
the work from home. Security information in the companies and government
departments can no longer be enforced on their own devices. In a nutshell, the security
of the system has become weak. This has helped hackers and other cyber criminals
to rely on insufficient security measures to collect information about organizations.
Opening this file installed a malicious piece of code on the victim's computer, which
ran every time the word processing program was accessed. Cyber threats have similar
effects on the crisis, such as natural disasters. Data breaches are amongst the top
global risks. This technology-based connectivity in society has made it easier for
attackers to initiate their attacks.

They are a few of cyberattacks that will impact to the user and business. First is
Phishing Attacks, phishing refers to a threat where the attackers send an email to the
victim. Sharing confidential work information via email or some other social network,
such as WhatsApp, has led to serious phishing attacks in recent days. (Mandal &
Khan, 2020). For examples, it was made to seem authentic and pretending an official
email, so that the victim follows a link provided. By following the link connects the
computer to the command center, where the attacker can access any information from
the victim’s system. In a simple explanation is the command and control center could
remotely view and control the victim’s devices. Second type of threats is Ransomware,
Ransomware attack mainly encrypts the data from the Microsoft Windows machine
using malware code. It would take money from the Windows machine user to decrypt
the files and the hackers are threatening to make the data public. This attack is often
used by compromised email attachments or malicious websites. For example, data
exfiltration is performed at the side of malicious encryptions. When hacked,
businesses fail to pay for the secret decryption key, and then attackers can leak the
stolen files. This practice has made it easier for cyber attackers to bargain with victims,
and it has contributed to blackmail data breaches. The following of the cyber attack is
Pharma Span Splashes. The intention here is to tempt the user to click the link while
they browse out of curiosity. In addition, video conferencing attack also can be one of
the reasons. The business generally installed the different kind of video conferencing
applications. The attacker trying to attack are most of the popular platform that has
been use by the people like Zoom, Slack, Google Meet, WebEx Cisco. Any recent
attacks on these apps may not have the protection of hosts and cloud services at all
(Mandal & Khan, 2020). Changes in technology used by companies such as video
conferencing build a void that is successfully manipulated (Muheidat et al., 2020).

Moreover, personal devices issues also affected in these cases. It has also drive the
user to reused of older devices. Many people working from home have a little or no
knowledge about the information technology (IT) and the security issues that related
to it. This is due to security become worse, after reusing personal devices. These can
be illustrated such the devices might not been in use for a long time and required
updating for the operating system, anti-virus software, previously installed programs,
and many more. Cyber-criminals have found a chance to manipulate people, as they
have already developed malicious software to infect devices. All of these devices can
get infected with malware (Botnets) while connecting to the Internet to use web
applications and to get updates from the servers that are located on Cloud Computing
Environment (CCE), which can cause serious damage if these devices are corrupted
once they are connected to the Internet. Malware can cause an increase in Internet
traffic, leading to a distributed denial of service (DDoS) attack (Alashhab et al., 2020).

The potential vulnerabilities and security threats also can be affected to the network.
It is real that with the rise in cloud use, cyber attackers are making the prime vector by
breaching the gaps as follow. First is while the user connecting through home network.
Connecting to corporate services hosted by cloud server staff using their untrusted
network service offered by local service carriers or mobile networks that do not have
a privacy policy. Exposing by Internet Service Providers (ISPs) triggers spoofing
attacks (ARP spoofing, IP spoofing, MAC spoofing), DDoS attacks. Besides DNS
Hijacking, DNS snooping, Cache spoofing are other big attacks that can hack down
the device over a network connection (Mandal & Khan, 2020).
Second, security issues at network layer also can be identified in term of potential
security threats affected. The main function of the network layer is to relay the
information obtained from the sensing layer to the computing device for processing.
The primary security issues that bumped into the network layer such as Phishing Site
Attack, Access Attack, DDoS/DoS Attack, Data Transit Attacks, and Routing Attacks.
Phishing attacks also refer to attacks where a few IoT devices can be attacked with
limited effort by the attacker. There is a risk of discovering phishing sites in the process
of users accessing websites on the Internet. Once the user's account and credentials
have been stolen, the entire IoT environment used by the user becomes vulnerable to
cyberattacks (Hassija et al., 2019).

Access Attack or access breaches are sometimes referred to as advanced persistent

threats (APT). This is a form of attack in which an unknown person or an enemy has
access to the IoT network. The intruder will remain undetected in the network for a
long period of time (Hassija et al., 2019).

DDoS/DoS Attack, the attacker floods the target servers with a large number of
unwanted requested. If multiple methods are used by the attacker to flood the target
site, such an attack is referred to as a DDoS or a distributed denial of service attack.
Due to the fluctuation and complexity of IoT networks, the network layer of the IoT is
faced to such attacks.

Data Transit Attacks happen when IoT applications dealing with a lot of data storage
and exchange. As we know that every each of data is valuable, therefore it is always
the target to the hacker. In such data movements, various link systems are used and
IoT implementation are also vulnerable to data breach.

Routing Attacks in such attacks that malicious nodes in an IoT application may try to
redirect the routing paths during data transit. For examples is Sinkhole attacks are a
particular type of routing attack in which the opponent advertises an artificial shortest
routing path and draws nodes to channel traffic into it. The worm-hole attack is another
attack that could become a significant security threat if paired with other threats, such
as sinkhole attacks. A warm-hole is an out-of-band link between two nodes for fast
packet transfer. An attacker will build a warm-hole between a compromised node and
a device on the Internet and attempt to circumvent simple security protocols in an IoT
program (Hassija et al., 2019).

Thus, we can summarize it that COVID-19 has become a threat to the security of
different organization in the world. Cyber criminals are constantly trying to capitalize
on the new developments in the world today (Muheidat et al., 2020).

Based on the research above, we can provide a few kinds of security for preventing
vulnerabilities, threats and attack. This is how to protect the employees working at
home from cyber threats and at the same time can protect the entire user and company
from threats. As a preventive, some measurement can stop spreading the cyber
threat. Home-working people also must follow the following tips. First, a strong
password policy and a multi-authentication policy can be carried out to ensure the
authentication of workstations or hosts. Additionally, a password manager can help
avoid risky behaviour such as saving or sharing credentials. Second, by using of
external USB ports can be discouraged when connecting to the cloud services of an
organization. Third, organizations should set up some training session on safety
prevention and understanding for people. Fourth, to stop social engineering attacks,
always search your email address before clicking on the URL. Unintentional clicks are
specifically forbidden in order to prevent phishing scams. Fifth, the shared file system
(Dropbox, Google Drive, etc.) can be used as a means of contact between employees.
Sharing files with a free email address or some social media community is a strict
prohibited. Sixth, in the field of video conferencing, often encourage users to join after
the admin participates. Beware of the screen sharing. Seventh, back up all files to the
hard disk before sharing to the cloud medium. Eighth, always checking the source of
the application before downloaded. Ninth, often maintain a sign-out pattern after using
cloud services. Tenth, keep all the software and application updated with the latest
security patches from time to time. Next is email domain security can be supported
against email spoofing attacks through DMARC, SPF, and DKIM protocols. The rest
is often checking the spelling and grammar of any each of link before clicking on it.
Don’t forget to avoid an emails which insist to act immediately and containing any prize
winning money or any serious loss like lost of ATM card. Next step that can be
implemented is trying to use VPN solution with encrypted network connection. It is will
be safe the worker or user to access IT resources within the organisation and
elsewhere on the internet. The following step that can be use by the organisation is
that the organisation should be updating their cybersecurity policy and include home
and remote working. They have to include remote working access management, by
using of personal devices, and updated data privacy considerations for employee
access to documents and other information that related to their job and task (Ahmad,
2020). Lastly try to avoid mixing of official work and personal interest in the same
workstation. (Mandal & Khan, 2020).
As we can see here, all those attacked happen when workers are working from home.
Based on this scenario, the user also can protect their own software and hardware by
using Demilitarized Zone (DZN) method. DMZ are used to improve the security of an
organisations network. This can be implementing by segregating devices, such as
computers and servers on the opposite sides of the firewall. Why we have to
implementing this method. This is because when we are using cloud server and email
server, we are exposed by letting people from unstructured network (internet) and are
given access behind the company firewall. Due to security concern the hacker could
use the this activities to cause hacked. How to overcome this problem by using DMZ
method is by putting server in front of firewall. When we are using this method, the
hacker cannot going to be accessing. This is what we call as a perimeter network by
putting outsides the firewall. To more secure DMS uses two firewall which is adds and
extra larger of protection. DMZ can configure in home. User can go to home router
DMZ setup pages such as Linksys (Cisco) and NETGEAR. By the way, this setup is
not a truly DMZ. By using the home router, DMZ setup designated a device as a DMZ
host. It will forward all the ports to that devices. In additional, a common use of a DMZ
in a home would be put gaming console. Gaming console can configure it as DMZ
hose. Gaming console often use of online gaming. We can implement the step by
accessing the DMZ server and go to setting router and put a gaming IP address as a
default DMZ server. The DMZ device should be configured with a static IP address. In
this setup, the home router servers act as the firewall. The devices such as computer
safe behind the router firewall because gaming console fully exposed to the internet
when it located at the opposite side of the firewall. In a nutshell, DMZ in where the
firewall protection is forbidden in term of computing word (Mandal & Khan, 2020).
Cloud provides many advantages, including access to low-cost and flexible IT services
at any time. But the cloud model can pose additional difficulty and security risks to the
IT infrastructure of the supply chain, if not properly handled. As a result, there is
impossible to have the right measures to avoid successful attack. Around the same
time workers are controlled by the amount of information they can obtain from the
system. While working from home, the company should prevent the main network from
being compromised by unauthorized individuals. In this case, the remediation plans of
the threats and the incident response action for the attacks can be implemented. The
first solutions can be considered is limiting employee access to data. In order to
prevent successful threat, the organisation has to ensure that access to information is
limited to employees. To entry the systems should be on the priority of the duties of
the employees. Second solution that can be implement is by doing a regular patching
of the operating system and the software. Software and the operating system are
periodically updated to improve security by the vendor. This suggests that as time
progresses, the available interventions would become less capable of avoiding
successful attacks. Organizations need to upgrade the applications and the operating
system on a daily basis and keep their protection up to date (Muheidat et al., 2020).

The conclusion for this study, we have to identify the various threats that have affected
against the IT devices and the behaviour and perceptions of end users towards those
threats. Users can be vulnerable to various types of threats when they run insecure
Internet software on their own home computers, which may not be upgraded or
patched with the current security policies. As a result, home workers can become the
target of attackers to quickly steal (copy) large amounts of data (Alashhab et al., 2020).
Cyber criminals use the COVID-19 pandemic as a method of expanding their
operations. The advent of COVID-19 has led to a rise in cyberattacks.
Question 2

1. Introduction

1.1. Background of the study

MFNS Tech Sdn Bhd is a small-medium size company that offers e-commerce solutions and
implements eCommerce websites to the customers worldwide. E-Commerce , also known as
e-Business, is basically the selling and purchasing by electronic means of services and goods,
such as the Internet. This involves both electronic data and funds transfer between two or
more parties. Simply put, shopping online is like we all know it. It's become so simple and
quick that with only a few clicks, everyone can shop right from the living room. That has further
changed with the introduction of smartphones, where you can now shop with an Internet-linked
wireless app anywhere and at any time. You can now search online for virtually any product
or service, without having to physically go anywhere. E-Commerce websites are online portals
that facilitate electronic purchases of goods and services through the transfer of information
and funds over the Internet. In the early days, e-commerce was done partly by e-mails and
phone calls. Today, with a single platform, anything and everything a transaction wants can
be executed online.

Data security is fundamental of MFNS Tech because the company holds volumes of customer
data and many other private and confidential information. Data loss would have negative
impact on the customers, the business, and people’s perception on the company reputation.
The company aims to have a secure environment for the business not only in terms of data
security but also in network security monitoring, testing and maintenance.
As computers and other digital devices have become important for business and commerce,
they have also become increasingly the target of attacks. In order for an organization or person
to use a computer system confidently, they must first be convinced that the device is not
hacked in any manner and that all communications will be secure (Bourgeois). In this report,
we will explore the core principles of protection of the information system and address some
of the steps that can be taken to minimize security threats. We are also focusing on how
organization can stay secure. Several various steps that an organization can take to increase
protection would be addressed.

1.2. Problem Statement

With global e-commerce revenue expected to grow, the market is booming, with no promises
to end any time soon. As a result, many companies are unprepared for the security threats
raised by the running of an e-commerce organization. In the perfect future, brick-and-mortar
shops will operate without caring too much about protection owing to the structures and
services placed in place by the government of their respective localities (Onibalusi, 2020).

Contrary to what many expect, most security risks to e-commerce do not involve the use of
groundbreaking technologies on the part of hackers. Many security risks just involve a little bit
of social engineering and manipulation regarding key individuals in the target organisation
(Onibalusi, 2020).

A lot of eCommerce security threats operate in a similar way. In MFNS Tech Sdn Bhd have
encountered some of the issues. The problem occurs in this company which is in term of
Confidentiality. Confidentiality in the security services means the assurance that information
is not disclosed to unauthorized persons, process or devices. For example the issues happen
in this company is the company wants to take electronic orders from a partner company.
However, they allowed the partner company to taking the order that are sending from
unauthorized person. The company also has encountered incidents involving user
downloading unauthorized software, using unauthorized websites, and utilizing personal USB
devices. The following issues to this company occur is the authentication systems allows the
employees to have the same password for more than a year. The authentication is one of the
types of security services that are very important should be considered. Authentication means
that security services are designed to established the validity of a transmission, message, or
originator. It is also can be means as verifying an individual’s authorizations to receive specific
categories of information. Another of the issues to this company is by using the default firewall
rules. The following issues, the company has been attacked by Denial of Service (DoS) attack.
The company also received threats from malicious attackers.

2. Objectives
The objectives of this study to find out the security solutions to solve the issues that the
company are facing. In this problem occurs, we have focusing on what is the solution for
ensuring the safety of the data in terms of confidentiality, integrity, and availability (CIA). The
protection of the use of information systems is primarily meant to ensure the safety of business
process elements (BPEs) enabled by the information system, i.e. by introducing adequate
security mechanisms to ensure that business processes function in a well-defined and
reasonable manner (Xu et al., 2017). Physical security, network security, host security,
application security, data security and backup security are categorized into specific
technological specifications of the information system from various perspectives. Application
security is one of the basic technical specifications that define the security standard of the
information system security, which includes, in particular, identity verification, access control,
analysis, confidentiality and so on (Xu et al., 2017). And it is used to secure the different
properties of the application information system from various unwanted acts.

The concept of identity authentication domain to formally scan identity authentication in

application system, and a modelling and reasoning method based on logical predicate had
been suggested. Application security of information systems is fundamentally intended to
ensure the security of business process elements (BPEs) enabled by the information system,
i.e. by introducing effective security mechanisms to ensure that business processes function
in a well-defined and logical manner (Xu et al., 2017). The fundamental elements of the
business method consist of the activities, input/output, event performers and targets (Xu et al.,
2017).

Based on the problem that MFNS Tech occurs, the solutions for ensuring the safety data can
be implemented by using safe attributes of application security model. The security attributes
refers to the confidentiality (C), integrity (I), and availability (A) of the business process element
(Xu et al., 2017).

Confidentiality refers of an operation is the secure feature that the execution stage and the
activity content are not exposed to an unauthorized agent. The confidentiality of the event
performers is the safe attribute that requires the performer to keep the secret. It also shown
the reliability of the performer. Privacy of data refers to secure attributes that shield data from
intrusion by unauthorized agents. The confidentiality of the target is the secure feature that
the time and quality targets of the operation are not revealed to an unauthorized agent (Xu et
al., 2017). Look at the example of this scenario, while the company wants to send an order by
using electronic platform from a partner company that indicated of unauthorized user and tend
to downloading unauthorized software as mention above. The confidentiality of security model
can be implemented. The organization must at least restrict if not prohibit the introduction of
unauthorized software. It should warn against accessing foreign information without prior
scanning (Xu et al., 2017). By implementing of this method, the company can avoid to received
threats from malicious attackers and attacked by the DoS attack.

Integrity of the activity refers to the quality of the execution of the activity. A secure feature
that allows an operation to be done in compliance with the planned protocol. The integrity of
the performer relates to the safe attribute that the performer performs in compliance with the
expected organizational requirements. The integrity of the data is the secure attribute that the
data cannot be tampered with or lost. The honesty of the target applies to the secure attribute
that the time of operation and the quality target cannot be tampered with (Xu et al., 2017).

The availability of activity is the safe attributes that the activity can be completed within a
predetermined time. Performer’s availability refers to whether the performer can follow the
security requirements of the business. The availability of data refers to the protected feature
that the authorized agent would not reject the service if it is appropriate to access the data.
The availability of the goal refers to the protected characteristic of whether the time and
efficiency goals of the operation will be reached after the end of the activity. By implementing
of this method, the company have to change their password instead of using the same
password for more than year. The advantages to the company is the data or any information
that has been stored in a devices or cloud services are safe from any kind of attack.
This company can be implementing of all this security model to overcome all the issues arise
in their organization and to ensure the data in safely mode (Xu et al., 2017).

There are consist a few of security solutions for monitoring the network perimeter of the
company for detecting attacks and threats. First is by using the application tools. For examples
of the tools is by using Cognito platform. Cognito platform for NDR is in 100% services of
detecting and responding to attack inside cloud, data center, IoT, and enterprise networks.
Their jobs is to find and stop those attacks early and with certainty. Vectra Cognito is a network
detection and response platform that uses artificial intelligence to detect attacker behavior and
protect both hosts and users from being compromised. Vectra Cognito provides high fidelity
alerts and does not decrypt data so you can be secure and maintain privacy whether that’s in
the cloud, data center, enterprise networks, or IoT devices ("Cognito Platform,").

The second solution that can be implementing to this problem is by using Intrusion Detection
System (IDS). An IDS is an intrusion detection system, not a system designed to respond to
an attack. An IDS can be part of a larger security tool with responses and remedies, but the
IDS itself is simply a monitoring system. IDS act as a system that montiors network traffic for
suspicious activity and alerts user when such activity is discovered. IDS is a security services
that want to detect/defense inclusion made from intrusion. The firewall act as filtered. The
router act to separate to any respective machine for example IP address.
By using a layered approach. It can be increased an attacker’s risk of detection and reduces
an attacker’s chance of success. The layered approaches based on defense in depth. That
are contain of data, application, host, internal network, permitter, and physical security. The
intrusion techniques objective is to gain access or increase privileges. The initial attacks often
exploit system or software vulnerabilities to execute code to get backdoor or to gain protected
information. The security intrusion involves in a security event, or combination of multiple
security events, that constitutes a security incident in which an intruder gains, or attempts to
gain, access to a system without having authorization to do so.
IDS security works in combination with authentication and authorization access control
measures, as a double line of defence against intrusion. It was complement firewalls and anti-
malware software.

IDS can be categorized of two main types. Network-based IDS to monitor network traffic for
particular network segments or devices and analyzes protocols to identify suspicious activity.
While another one of the IDS main types is Host-Based IDS. HIDS monitors the characteristics
of a single host and the events occurring within that host for suspicious activity. IDS act to
generic architecture. The implementation of the component which are sensor and analyzer.
The sensors are responsible for collecting data. Sensors collect and forward this information
to the analyzer. The analyzers receive input from one or more sensors or from other analyzer.
The analyzer is responsible for determining if an instrusion has occurred. A HIDS is installed
on the client computer.

Another solution is by using Network-Based IDS. A network-based IDS (NIDS) monitors traffic
at selected points on a network or interconnected set of networks. The NIDS examines the
traffic packet by packet in real time, or close to real time, to attempt to detect intrusion patterns.
The NIDS may examine network, transport and/or application level protocol activity directed
toward systems. This is located on the network.

Based on the above review, they are a few kinds of solutions for monitoring the network
permitter of the company for detecting attacks and threats that can be implementing to this
business.

3. Conclusion

The application security model is used to study the basic elements of the business process
supported by information system. The different requirements of the model for the
confidentiality, integrity and usability can be obtained through analyzing security targets of
basic elements of business process. Then the security targets of application security model
can be determined, so as to provide the basis for choosing safe measures of business
process.
 • Propose a new network architecture design with the identified security solutions
to secure the network perimeter of the company.

Internal
firewall

External firewall

Internal
Internal firewall firewall

Internal
firewall
 4. References

Ahmad, T. (2020). Corona Virus (COVID-19) Pandemic and Work from Home: Challenges of
Cybercrimes and Cybersecurity. Available at SSRN 3568830. Retrieved from
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3568830
Alashhab, Z. R., Anbar, M., Singh, M. M., Leau, Y.-B., Al-Sai, Z. A., & Abu Alhayja’a, S. (2020). Impact of
coronavirus pandemic crisis on technologies and cloud computing applications. Journal of
Electronic Science and Technology. doi:10.1016/j.jnlest.2020.100059
Bourgeois, D. B. a. D. T. Chapter 6: Information Systems Security. Retrieved from
https://bus206.pressbooks.com/chapter/chapter-6-information-systems-security/
Cognito Platform. Retrieved from https://www.vectra.ai/products/cognito-
platform?utm_term=%2Bnetwork%20%2Band%20%2Bsecurity%20%2Bsolutions&utm_sour
ce=google-
apj&utm_campaign=APAC_Nonbrand|Network%20Security&utm_medium=searchpd&utm_
content=ETA-Cognito_Platform-01&gclid=CjwKCAiAlNf-
BRB_EiwA2osbxew5rGBPA0M1prwyGcmNxGCTCK1VpPY3dPM81FFsNOPMz96haOIPxRoC98s
QAvD_BwE
Fortinet's Australia, N. Z. a. P. I. r. d. J. M. (2020). How companies can stay secure while employees
work from home. Retrieved from https://itbrief.com.au/story/how-companies-can-stay-
secure-while-employees-work-from-home
Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., & Sikdar, B. (2019). A Survey on IoT Security:
Application Areas, Security Threats, and Solution Architectures. IEEE Access, 7, 82721-82743.
doi:10.1109/access.2019.2924045
Mandal, S., & Khan, D. A. (2020). A Study of Security Threats in Cloud: Passive Impact of COVID-19
Pandemic. Paper presented at the 2020 International Conference on Smart Electronics and
Communication (ICOSEC).
Muheidat, F., Tawalbeh, M., Quwaider, M., & Saldamli, G. (2020). Predicting and Preventing Cyber
Attacks During COVID-19 Time Using Data Analysis and Proposed Secure IoT layered Model.
Paper presented at the 2020 Fourth International Conference on Multimedia Computing,
Networking and Applications (MCNA).
Onibalusi, B. (2020). 6 Security Threats E-Commerce Businesses Frequently Face. Retrieved from
https://learn.g2.com/e-commerce-security-threats
Xu, P., Chen, M., Feng, L., Wu, G., Ma, F., & Wang, D. (2017). An application security model based on
business process in information system. Paper presented at the 2017 12th International
Conference on Intelligent Systems and Knowledge Engineering (ISKE).