MITS5004

IT Security

Assignment 2

Research Report

Please Note: All work is due by the due date and time. Late submissions will be penalized at the rate of 20% per day including weekends.

MITS5004 Assignment 2

NOTE: This Document is used in conjunction with Assessment 1 [Case Studies & Presentation] and Assessment 2 [Research Study] in the Unit Guide [MITS5004 IT Security-Unit Guide]

Objective(s)

This assessment item relates to the unit learning outcomes as in the unit descriptor. This assessment is designed to improve student presentation skills and to give students experience in researching a topic and writing a report relevant to the Unit of Study subject matter.

INSTRUCTIONS

Assignment 2 - Research Study - 10% (Due Session 9) Individual Assignment

For this component you will write a report or critique on the paper you chose from Assignment 1.

Your report should be limited to approx. 1500 words (not including references). Use 1.5 spacing with a 12 point Times New Roman font. Though your paper will largely be based on the chosen article, you should use other sources to support your discussion or the chosen papers premises. Citation of sources is mandatory and must be in the IEEE style.

Your report or critique must include:

Title Page: The title of the assessment, the name of the paper you are reporting on and its authors, and your name and student ID.

Introduction: Identification of the paper you are critiquing/ reviewing, a statement of the purpose for your report and a brief outline of how you will discuss the selected article (one or two paragraphs). 

Body of Report: Describe the intention and content of the article. If it is a research report, discuss the research method (survey, case study, observation, experiment, or other method) and findings. Comment on problems or issues highlighted by the authors. Report on results discussed and discuss the conclusions of the article and how they are relevant to the topics of this Unit of

Copyright © 2015-2018 VIT, All Rights Reserved. 2

MITS5004 Assignment 2

Study. 

Conclusion: A summary of the points you have made in the body of the paper. The conclusion should not introduce any ‘new’ material that was not discussed in the body of the paper. (One or two paragraphs)

References: A list of sources used in your text. They should be listed alphabetically by (first) author’s family name. Follow the IEEE style.

The footer must include your name, student ID, and page number. 

Note: reports submitted on papers which are not approved or not the approved paper registered for the student will not be graded and attract a zero (0) grade.

What to Submit

Submit your report to the Moodle drop-box for Assignment 2. Note that this will be a turn-it-in drop box and as such you will be provided with a similarity score. This will be taken into account when grading the assignment. Note that incidents of plagiarism will be penalized. If your similarity score is high you can re-submit your report, but re submissions are only allowed up to the due date. If you submit your assignment after the due date and time re-submissions will not be allowed.

Copyright © 2015-2018 VIT, All Rights Reserved. 3

MITS5004 Assignment 2

Copyright © 2015-2018 VIT, All Rights Reserved. 4

MITS5004 Assignment 2

Research report IT security

Abstract- The research paper is included the basic knowledge of IT security and the experiences of the real world regarding the security system. A wide research and its output is mentioned in this paper. The paper brings out the insight of IT security problems and their solution. A discussion provides all the information about the security system and the importance of it in several fields in today world.

1. Introduction

Information security is termed as the subset of cybersecurity. It is designed for minting the availability, integrity, and confidentiality of data. IT security helps in preventing the occurrence of identity theft, data breaches, and cyber-attacks and plays a crucial role in risk management. It is especially protects the information or data processing. The prevention of data manipulation and system manipulation by any unauthorized system or people is performed by the security system. It reduces the risk of data manipulation and any type of attacks in IT systems. It is important to give a stop to the unauthorized access which is responsible for hefting of sensitive information. A brief research has been done and represented in this paper with several aspects of IT security.

2. Research method

The research is designed as a quantities study of understanding the IT security with its purposes, advantages, disadvantages and other important parameters. Among several types of research methods, survey research has been used to study the specific area and to gather the information related to IT security. The survey has been done with the information gathering from individuals, properties, and government as well to understand the prospective of each area. Survey on individuals means collecting information from persons, what does the IT security provide them or what are the advantages and drawbacks of adopting the security system. Similarly the information is gathered from several properties of individuals such as any institution like schools, stores etc. Also a survey has been done for the information gathering from the government properties [1]. The survey has been performed over mails, calls, and meetings. Mainly it is aimed to gather the knowledge about the importance, problems, risks, and managements of the IT security system. Weather this method have the problems of irrelevant, dishonest or inadequate answer of the responders but it is easy way to collect data from a huge number of respondents and also it is cost effective. The research is limited with this aims and this specific method is adopted to understand the experiences of the real world on the IT security system which will be more helpful in completing and representing the research paper with adequate data or information. The research is performed effectively with this adopted method and the quality data is collected and represented in this research paper to acquire an overall knowledge about IT security and its other aspects.

3. Findings

There are several information that is gathered from the research process. Several organizations and institutions are provided with several benefits of using IT security. It is found that the security system provides protection against threats which can enter externally. A robust security system is responsible for create a protection against this threats. It also provides protections against the threats which can occur internally which mainly caused by the weakest security chain link. Compliance regulation, productivity improvement, and cost savings are some factors that are advantages of adopting IT security. In terms of adaptation the IT security provides protection against personal information, crashing websites, and productivity[2]. The organizations will able to maintain its working with high efficiency and provides a relax environment for the users. The networks, computers, and the other digital systems are protected by the security system from the possible threats and attackers. If any system is containing viruses then the security provides protection against it and make the system to work efficiently. Also some problems regarding the security system is measured in this paper. There are some factor that should be maintained in order to accurate protection and are also been discussed. These are some findings which is obtained from the whole research.

Figure 1: Purpose of IT security

4. Problems of IT security

There are several problems regarding IT security that has been understood and listed in this paper. The businesses and individuals are at artist of security attack. Now days the attacks are mostly performed automatically, that's why the attacker can attack hundreds of systems at once [3]. Some organizations are less aware of the cyber threats and that leads them to data manipulation. There are different types of attack regarding IT security such as phishing attack, malware attacks, ransomware, Dodos attacks and so on. Most common challenges of IT security can be considered as data breaches, using of clod services nefariously, lack of strategy and security architecture of clouds, insider threats, weak control pane, misconfiguration, megastructure failures, and visibility of usage of clouds are limited. Problems in IT security can be defined as the any possible attack that malicious for data and information. Some of the security threats are listed below.

Phishing attack

It is mainly the fake communication which is performed through emails or calls or texts to trick the target for carrying the instructions that are provided and will misused by the attacker by hacking their information [4]. The instructions provided by the attackers can be included passwords, number of credit card, login id etc. The main aim is to steal the important or sensitive data or malware installation in target’s system.

SQL injection

It is performed by the attacker on the system where the SQL is uses. There the malicious codes are inserted by the attackers to the target’s system. 

Man in Middle

This type of attacks can occur where into a transaction of two parties the hackers insert themselves in between them [5]. After that from the interrupted traffic ta da can be stolen or filtered by the attackers.

Denial of services

In this type of attack any network or computers flooded by the attackers that make them not to response to the requests [9]. The attack make the attacker able to handle the target system.

Malware 

It is basically a software which is malicious and it can be activated by the target it the provided attachment or link is clicked or accepted. After accepting a malware software is installed to the target’s system which is dangerous for the target [8]. Access can be blocked, other harmful software can be installed, and the system can be made inoperable by doing this attack.

The above mentioned and other types of attacks can be occur in IT security and can be termed as the problems related to IT security.

5. Discussion

In this paper a proper research and its result is represented. IT security is one type of cyber security which provides the protection against the malware activities which can cause data malicious within any system or organization. There are different types of attacks that occurs in the IT security and cause the system having or network hacking. Personal information’s of any individuals or information of any institution can be attacked by thaw attackers with the aim of misusing it. The systems can be handled with low risk by adopting the security system. Main goal IT security are - information privacy maintenance, information integrity maintenance, and controlling of the access to the approved users [6]. There are several methods of maintaining confidentiality such as encryption of data, multifactor verification, and biometric confirmation. The maintenance of integrity can be performed by some methods such as blocking the illegal access, controlling the contact of operators, backing appropriately, and checking the log records. Availability goals can be maintained by adopting several steps such as categorizing the preferred one, possible threats holding down, method determination of security guard go the occurred threats, breaching activities monitoring, interactive maintenance, and updating risk handling policies. All these required steps are useful in protecting any type of complex or other data. Despite of having several issues it is important to adopt the IT security for protecting each data in order to maintain the flow of work continuously [7]. There are possible solutions to overcome the occurred problems if any. Overall IT security plays a crucial role in protecting data, information, and integrity. All the possible discussion according to the security system is mentioned in this paper with adequate information. In today’s world where attackers are adopting new techniques of attacking, the IT security also improved in a way that it can cope with the problems in future.

6. Conclusion

The research is done with adequate actions and the gathered information are represented in this paper. A brief knowledge is gathered on this specific topic and has been discussed. It is concluded that IT security is important in protecting the data of any system or people from malicious attacks. It is important in attempting security protection to the systems and networks. Several organizations and institutions are benefited by security system as the data and information are safe and the risk of attacks reduced. Several problems regarding IT security also has been provided in this paper. Different types of attacks and threats are mentioned here which can affect the security system. Working of the security system also mentioned with all possible factors. All the data has been represented adequately and other factors of the security system has been discussed. Overall discussion and knowledge is provided within the research paper.

References

[1] Alhayani, B., Mohammed, H.J., Chaloob, I.Z. and Ahmed, J.S., 2021. Effectiveness of artificial intelligence techniques against cyber security risks apply of IT industry. Materials Today: Proceedings.

[2] Faraz, A., Waheed, A., Mirza, R.H. and Ishaq, H.M., 2019. Role of camel in food security: a perspective aspect. J. Fish. Livest. Prod, 7(01), p.290.

[3] Kocksch, L., Korn, M., Poller, A. and Wagenknecht, S., 2018. Caring for IT security: Accountabilities, moralities, and oscillations in IT security practices. Proceedings of the ACM on Human-Computer Interaction, 2(CSCW), pp.1-20.

[4] Kovačević, A., Putnik, N. and Tošković, O., 2020. Factors related to cyber security behavior. IEEE Access, 8, pp.125140-125148.

[5] Parker, J., Vazou, N. and Hicks, M., 2019. LWeb: Information flow security for multi-tier web applications. Proceedings of the ACM on Programming Languages, 3(POPL), pp.1-30.

[6] Tick, A., 2019, April. Evaluating e-learning acceptance and usage motivation including IT Security Awareness amid Z generation Hungarian students with xTAM. In 2019 IEEE 23rd International Conference on Intelligent Engineering Systems (INES) (pp. 000137-000142). IEEE.

[7] Xu, F., Luo, X.R., Zhang, H., Liu, S. and Huang, W.W., 2019. Do strategy and timing in IT security investments matter? An empirical investigation of the alignment effect. Information Systems Frontiers, 21(5), pp.1069-1083.

[8] Yasasin, E., Prester, J., Wagner, G. and Schryen, G., 2020. Forecasting IT security vulnerabilities–An empirical analysis. Computers & Security, 88, p.101610.

[9] Zalisham, F.A.B.H.A. and Jali, M.N.B.N., 2021. Preliminary Study On It Security Maintenance Management In Malaysia Organizations. PalArch's Journal of Archaeology of Egypt/Egyptology, 18(1), pp.4061-4073.