• Login
    View Item 
    •   Mak IR Home
    • College of Computing and Information Sciences (CoCIS)
    • School of Computing and Informatics Technology (CIT)
    • School of Computing and Informatics Technology (CIT) Collection
    • View Item
    •   Mak IR Home
    • College of Computing and Information Sciences (CoCIS)
    • School of Computing and Informatics Technology (CIT)
    • School of Computing and Informatics Technology (CIT) Collection
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    An internal intrusion prevention model for a distributed organisation

    Thumbnail
    View/Open
    Thesis report (2.269Mb)
    Date
    2008-10
    Author
    Nakyeyune, Florence
    Metadata
    Show full item record
    Abstract
    Information security has never been a tougher challenge with the security attacks being both internal and external. Most organizations focus great amounts of attention and funds on securing the perimeter of their network while forgetting that their most valuable assets are actually inside. As a minimum they deploy a common set of network defenses to establish a security perimeter or multiple security zones. Generally this includes network firewalls, anti-virus software and network intrusion detection capabilities. Unfortunately due to the nature of modern network and sophistication of intruders/attackers, perimeter security defenses are often circumvented. Defense in-depth is the only viable strategy for data and system protection. It is for this reason that a host-based intrusion prevention system was designed which would focus on protecting applications by means of application data inspection and application behaviour control to provide comprehensive host protection. Questionnaires, interviews and observations laid out the existing security configuration deployed on the computing resources of Pride Microfinance Limited(PML). Analysis of the findings concerning the existing security configurations as well as the common security threats faced by information systems network were used as the basis for the design of the host based intrusion prevention tool. On analysis of the findings the researcher designed a tool which was based on Windows Active Directory and Kaspersky antivirus software version 6.0. This tool addressed the most frequent internal network attacks faced on the PML network. The end result was a host-based intrusion prevention tool (HIP) that bound closely with the operating system kernel and services, monitoring and intercepting system calls to the kernel or application programme interfaces in order to prevent attacks as well as log them.
    URI
    http://hdl.handle.net/10570/511
    Collections
    • School of Computing and Informatics Technology (CIT) Collection

    DSpace 5.8 copyright © Makerere University 
    Contact Us | Send Feedback
    Theme by 
    Atmire NV
     

     

    Browse

    All of Mak IRCommunities & CollectionsTitlesAuthorsBy AdvisorBy Issue DateSubjectsBy TypeThis CollectionTitlesAuthorsBy AdvisorBy Issue DateSubjectsBy Type

    My Account

    LoginRegister

    Statistics

    Most Popular ItemsStatistics by CountryMost Popular Authors

    DSpace 5.8 copyright © Makerere University 
    Contact Us | Send Feedback
    Theme by 
    Atmire NV