Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Improving the Cyber defence of an organisation based on IP Geolocation and security appliances
University West, Department of Engineering Science, Division of Mathematics, Computer and Surveying Engineering.
University West, Department of Engineering Science, Division of Mathematics, Computer and Surveying Engineering.
2020 (English)Independent thesis Basic level (university diploma), 5 credits / 7,5 HE creditsStudent thesisAlternative title
Förbättra en organisations cyberförsvar baserad på IP Geolocation och säkerhetssystem (Swedish)
Abstract [en]

As advancement and usage of data communication has increased exponentially on a global scale, with a devastating exposure to attacks and varying security threats to home offices as well as to large enterprises, there is always a need for enhanced network protection. The IT department of the company OneDefence, located in western Sweden, was chosen for the thesis and based on the stated information from the organisation, aims were set on how to improve their network defence capabilities. The aim of this thesis is to list ten countries posing the most serious IT threats, and to limit the attack surface of OneDefence’s IT network as much as possible while still providing the necessary services to users abroad. After researching the countries, a prototype was set up to mimic OneDefence’s topology of interest and test attacks were conducted as detailed in the Methodology chapter. The results of the investigations showed the countries posing most serious cyber threats included China, Russia and North Korea among others which were statistically calculated based on the total number of recognised cyberwarfare attacks. The results obtained from the different DoS attacks in the prototype showed that an IPS should be at the heart of an organisation's network defence for combating these intrusions, as well as potentially other types. With the help of a prototype built based on the organisation's topology, several attacks were somewhat successfully mitigated with the equipment used on hand, with only a low percentage of packets allowed to pass through the security unit. Lastly, to explore further enhancements of defence capabilities of OneDefence, a comparison between different products and devices were performed. This resulted in products from the Fortinet brand such as FortiGate NGFW and UTM capabilities as they are offering several advantages compared to competitors.

Abstract [sv]

Då stora framsteg och användning av datakommunikation har ökat exponentiellt på en global skala, med en förödande exponering av attacker och säkerhetshot mot hemanvändare såväl som stora företag, finns detalltid ett behov av förbättrad nätverksskydd. IT-avdelningen hos företaget OneDefence, valdes för att utföra examensprojektet och baserade sig på organisationens angivna information för att förbättra deras nätverksförsvar. Syftet med denna rapport är att sammanställa en lista på tio länder som utgör de allvarligaste IT-hoten i världen, samt begränsa attackytan för organisationens nätverk så mycket som möjligt medan man behåller alla nödvändiga tjänster till användare utomlands. Efter att ha undersökt länderna, anordnades en prototyp för att efterlikna delar av OneDefences topologi av intresse och testattacker utfördes enligt metodologikapitlet. Resultaten av utredningarna visade att från de länder som utfört de allra allvarliga cyberhoten inkluderade bland annat Kina, Ryssland och Nordkorea, som har beräknats statistiskt baserat på antalet igenkända cyberwarfare attacker. Resultaten från de olika DoS-attackerna visade att en IPS bör vara kärnan i en organisations nätverksförsvar för att kunna bekämpa dessa intrång, samt potentiellt andra typer. Med hjälp av den prototyp som byggdes baserad på organisationens topologi, blockerades flera attacker rätt framgångsrikt, med en låg procentandel av paketen som gick genom säkerhetsenheten. Slutligen utforskades ytterligare förbättringar av försvarsförmågan hos organisationen genom att jämföra olika produkter och enheter. Detta resulterade i produkter från Fortinet-varumärket såsom FortiGate NGFW med UTM förmåga, då de erbjuder flera fördelar jämfört med konkurrenter.

Place, publisher, year, edition, pages
2020. , p. 25
Keywords [en]
Cybersecurity, Cisco ASA Firewall, IP Geolocation, Malware, Cyber Attacks, IPS
Keywords [sv]
IT-säkerhet, Cisco ASA Brandvägg, IP Geolocation, Malware, Cyberattacker, IPS
National Category
Information Systems
Identifiers
URN: urn:nbn:se:hv:diva-16149Local ID: EXN300OAI: oai:DiVA.org:hv-16149DiVA, id: diva2:1512054
Subject / course
Computer science
Educational program
Nätverksteknik med IT-säkerhet
Supervisors
Examiners
Available from: 2021-01-07 Created: 2020-12-21 Last updated: 2021-02-23Bibliographically approved

Open Access in DiVA

fulltext(1763 kB)556 downloads
File information
File name FULLTEXT01.pdfFile size 1763 kBChecksum SHA-512
c360f12b9cfed3cdd3b222f56304db9c325049d0247008e468c2cb883e8c77f44e11736919fde2fec98ae6607f65ac9fe08f30217e85f8f2facb569814f00e96
Type fulltextMimetype application/pdf

By organisation
Division of Mathematics, Computer and Surveying Engineering
Information Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 556 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 761 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf