SMEs and Cybersecurity Threats in E-Commerce
The EDP Audit, Control, and Security Newsletter
| Hi-index | 0.00 |
Witnessing, firsthand, a tornado in action is something you don't forget; likewise, seeing a Denial of Service attack underway in an isolated lab setting is something you never want to have happen within your real world. Seeing is believing. One immediate reaction is - "What can I do to keep this from ever taking place?" This is an example of IT security education at its best. Train future security engineers by introducing them to a controlled disaster, and inspire them to creatively search for a solution that will prevent such a cyber attack. If the Internet conduit to supported systems or the server resources needed to process requests become overwhelmed by invalid requests initiated by a hacker, legitimate clients will be unable to access online services. Attacks that utilize this overload technique are called Denial of Service or DoS attacks. Many mission critical services are time sensitive and can't tolerate time delays. Also, e-commerce sites can lose large sums of revenue when customers can't access their system. As a result, there is an increasing need for security engineers to fully understand the concepts behind DoS attacks in order to initiate the necessary countermeasures. This lab was created by undergraduates and shows how to successfully construct a DoS lab, as well as the methods used to isolate the lab environment from external networks. The isolated laboratory environment used is the IT Sandbox at an institution of higher education focused on educating IT engineers. The DoS lab demonstrates how TCP SYN, ICMP floods, and LAND attacks exhaust system and/or network resources. Additionally, the lab precipitates critical thought on how best to mitigate DoS and Distributed DoS attacks in the real world.