case study on network security

An official website of the United States government

Here’s how you know

Official websites use .gov A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS A lock ( Lock A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

https://www.nist.gov/itl/smallbusinesscyber/cybersecurity-basics/case-study-series

Small Business Cybersecurity Corner

Small business cybersecurity case study series.

Ransomware, phishing, and ATM skimming are just a few very common and very damaging cybersecurity threats that Small Businesses need to watch out for. The following Case Studies were created by the National Cyber Security Alliance , with a grant from NIST, and should prove useful in stimulating ongoing learning for all business owners and their employees.

• Case 1: A Business Trip to South America Goes South Topic: ATM Skimming and Bank Fraud
• Case 2: A Construction Company Gets Hammered by a Keylogger Topic: Keylogging, Malware and Bank Fraud
• Case 3: Stolen Hospital Laptop Causes Heartburn Topic: Encryption and Business Security Standards
• Case 4: Hotel CEO Finds Unwanted Guests in Email Account Topic: Social Engineering and Phishing
• Case 5: A Dark Web of Issues for a Small Government Contractor Topic: Data Breach

Cyber Case Studies Subscribe

The 2 am call: Preparing for a government cyberattack

Fremont County suffered a cyberattack in 2022 that took pieces of the county's law enforcement's systems offline, including communications.

Häfele recovers from ransomware attack with new SASE platform

An international manufacturer and supplier of furniture fittings,  recovered from a recent ransomware attack after utilizing a single-vendor SASE platform. 

Ride-hailing company, inDrive, uses new platform to prevent fraud

The ride-share company is using a security platform to keep negotiations & prices transparent and dishonest & fraudulent users out of the system.

The Old Spaghetti Factory restaurant chain ups network & physical security

The Old Spaghetti Factory restaurant chain decided to upgrade legacy technology with network, voice and security infrastructure from Interface Systems.

K-8 students learn cybersecurity through gamification

K-8 students can learn cybersecurity techniques through a gamified education platform called Cyber Legends. Learn more in this case study.

Electric company uses SAP monitoring to bolster cybersecurity

International electric and manufacturing firm Schneider Electric uses a Systems Applications and Products (SAP) security platform from SecurityBridge to bolster SAP visibility. Learn more in this case study.

Pharmaceutical company secures network with AppSec compliance tools

Sanofi, a global biopharmaceutical company based in France, protects its network security with the Security Platform & Compliance Monitor from SecurityBridge. Learn more in this case study.

Tech university stops cyberattack with AI

When an African technology university was targeted by Malware as a Service, Darktrace AI helped identify the cyberattack in its early stages.

Coding robot teaches K-12 students about cybersecurity

K-12 students need to learn about cybersecurity along with their exposure to digital technology. The Sphero BOLT, a coding robot, can help teach students about cyber risk management, ethical hacking and more.

Anti-human trafficking organization combats abuse with data analytics

The Anti-Human Trafficking Intelligence Initiative (ATII) uses data analytics tools to monitor the dark web for information on human trafficking operations. The organization now uses Siren's Investigative Intelligence platform to expedite their search capacity.

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends..

Copyright ©2024. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Mapping Biological Systems to Network Systems pp 117–175 Cite as

Case Study: A Review of Security Challenges, Attacks and Trust and Reputation Models in Wireless Sensor Networks

• Heena Rathore 2  
• First Online: 11 February 2016

1068 Accesses

1 Citations

In Wireless Sensor Network (WSN), where nodes besides having its inbuilt capability of sensing, processing and communicating data, also possess some risks. These risks expose them to attacks and bring in many security challenges. Therefore, it is imperative to have a secure system where there is perfect confidentiality and correctness to the data being sent from one node to another. Cooperation among the nodes is needed so that they could confidently rely on other nodes and send the data faithfully. However, owing to certain hardware and software faults, nodes can behave fraudulently and send fraudulent information. Nevertheless, since the network is openly accessible, anybody can access the deployment area which breaches the security of WSN. Therefore, it is required to have correct and accurate secure model for WSN to protect the information and resources from attacks and misbehavior. Many researchers are engaged in developing innovative design paradigms to address such nodes by developing key management protocols , secure routing mechanisms and trust management systems. Key management protocols and secure routing cannot itself provide security to WSNs for various attacks. Trust management system can improve the security of WSN. The case study begins by explaining the security issues and challenges in WSN. It discusses the goals, threat models and attacks followed by the security measures that can be implemented in detection of attacks. Here, various types of trust and reputation models are also reviewed. The intent of this case study is to investigate the security related issues and challenges in wireless sensor networks and methodologies used to overcome them. Furthermore, the present case study provides details on how bio-inspired approaches in WSN prove a benefactor in many ways.

This is a preview of subscription content, log in via an institution .

Buying options

• Available as PDF
• Read on any device
• Instant download
• Own it forever
• Available as EPUB and PDF
• Compact, lightweight edition
• Dispatched in 3 to 5 business days
• Free shipping worldwide - see info
• Durable hardcover edition

Tax calculation will be finalised at checkout

Purchases are for personal use only

Agah, A., Das, S. K., & Basu, K. (2004). A game theory based approach for security in wireless sensor networks. In 2004 IEEE International Conference on Performance, Computing, and Communications (pp. 259–263).

Google Scholar  

Agah, A., Basu, K., & Das, S. K. (2005). Preventing DoS attack in sensor networks: a game theoretic approach. In 2005 IEEE International Conference on Communications, 2005, ICC 2005 (Vol. 5, pp. 3218–3222).

Agah, A., & Das, S. K. (2007). Preventing DoS attacks in wireless sensor networks: A repeated game theory approach. International Journal Network Security, 5 (2), 145–153.

Agah, A., Basu, K., & Das, S. K. (2006). Security enforcement in wireless sensor networks: A framework based on non-cooperative games. Pervasive and Mobile Computing, 2 (2), 137–158.

Article   Google Scholar  

Aggarwal, K., Goyal, M., & Srivastava, P. R. (2012). Code coverage using intelligent water drop. International Journal Of Bio-Inspired Computation, 4 (6), 392–402.

Ahmed, N., Kanhere, S. S., & Jha, S. (2005). The holes problem in wireless sensor networks: A survey. ACM SIGMOBILE Mobile Computing and Communications Review, 9 (2), 4–18.

Alpcan, T., & Basar, T. (2006). An intrusion detection game with limited observations. In 12th International Symposium on Dynamic Games and Applications, Sophia Antipolis, France .

Ng, A. (2012a). Retrieved February, 2013, from http://cs229.stanford.edu/notes/cs229-notes1.pdf .

Ng, A. (2012b). Video Lectures on Machine Learning. Retrieved February, 2013.

Atakli, I. M., Hu, H., Chen, Y., Ku, W. S., & Su, Z. (2008). Malicious node detection in wireless sensor networks using weighted trust evaluation. In Proceedings of the 2008 Spring Simulation Multiconference (pp. 836–843). Society for Computer Simulation International.

Auralius. (2009). Retrieved May, 2013 from https://decibel.ni.com/content/docs/DOC-5381 .

Baljak, V., Tei, K., & Honiden, S. (2012). Classification of faults in sensor readings with statistical pattern recognition. In  SENSORCOMM 2012, The Sixth International Conference on Sensor Technologies and Applications (pp. 270–276).

Bhaskaran, K., Triay, J., & Vokkarane, V. M. (2011). Dynamic anycast routing and wavelength assignment in WDM networks using ant colony optimization (ACO). In  2011 IEEE International Conference on Communications (ICC) (pp. 1–6). IEEE.

Bhanot, S. (2008). Artificial Neural Network. In Process control principle applications.

Boukerch, A., Xu, L., & El-Khatib, K. (2007). Trust-based security for wireless ad hoc and sensor networks. Computer Communications, 30 (11), 2413–2427.

Chen, H., Wu, H., Hu, J., & Gao, C. (2008, June). Event-based trust framework model in wireless sensor networks. In International Conference on Networking, Architecture, and Storage, 2008. NAS’08 (pp. 359–364). IEEE.

Chen, H., Wu, H., Zhou, X., & Gao, C. (2007). Agent-based trust model in wireless sensor networks. In Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing , 2007, SNPD 2007 (Vol. 3, pp. 119–124).

Chen, Y., Zhong, Y., Shi, T., & Liu, J. (2009). Comparison of two fitness functions for GA-based path-oriented test data generation. In ICNC’09. Fifth International Conference on Natural Computation, 2009 (Vol. 4, pp. 177–181).

Chen, Z., Qiu, Y., Liu, J., & Xu, L. (2011). Incentive mechanism for selfish nodes in wireless sensor networks based on evolutionary game. Computers & Mathematics with Applications, 62 (9), 3378–3388.

Article   MathSciNet   MATH   Google Scholar  

Cormen, T. H. (2009). Introduction to algorithms . Cambridge: MIT press.

MATH   Google Scholar  

Curiac, D. I., Volosencu, C., Doboli, A., Dranga, O., & Bednarz, T. (2007). Discovery of malicious nodes in wireless sensor networks using neural predictors. In WSEAS Transactions on Computers Research (Vol. 2, pp. 38–43).

Dargie, W. W., & Poellabauer, C. (2010). Fundamentals of wireless sensor networks: Theory and practice . New Jersey: John Wiley & Sons.

Book   Google Scholar  

Dibrov, B. F., Livshits, M. A., & Volkenstein, M. V. (1977a). Mathematical model of immune processes. Journal of theoretical biology, 65 (4), 609–631.

Dibrov, B. F., Livshits, M. A., & Volkenstein, M. V. (1977b). Mathematical model of immune processes: II. Kinetic features of antigen—Antibody interrelations. Journal of theoretical biology, 69 (1), 23–39.

Dorigo, M., & Gambardella, L. M. (1997). Ant colony system: A cooperative learning approach to the traveling salesman problem. IEEE Transactions on Evolutionary Computation, 1 (1), 53–66.

Du, W., Deng, J., Han, Y. S., & Varshney, P. K. (2006). A key predistribution scheme for sensor networks using deployment knowledge. IEEE Transactions on Dependable and Secure Computing, 3 (1), 62–77.

Eschenauer, L., & Gligor, V. D. (2002). A key-management scheme for distributed sensor networks. In Proceedings of 9 th ACM conference on Computer and communications security , pp. 41–47.

Fowler, A. C. (1981). Approximate solution of a model of biological immune responses incorporating delay. Journal of Mathematical Biology, 13 (1), 23–45.

Ganeriwal, S., Balzano, L. K., & Srivastava, M. B. (2008). Reputation-based framework for high integrity sensor networks. ACM Transactions on Sensor Networks (TOSN), 4 (3), 15.

Großschädl, J., Szekely, A., & Tillich, S. (2007). The energy cost of cryptographic key establishment in wireless sensor networks. In Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security  (pp. 380–382). New York: ACM.

Horowitz, E., & Sahni, S. (1978). Fundamentals of computer algorithms (p. 206). Cambridge: Computer Science Press.

Jerome, J., Aravind, A. P., Arunkumar, V. & Balasubramanian, P. (2005). LabVIEW based intelligent controllers for speed regulation of Electric Motor. In Proceedings of the IEEE on Instrumentation and Measurement Technology Conference, 2005 ( Vol. 2, pp. 935–940).

Jonker, C. M., & Treur, J. (1999). Formal analysis of models for the dynamics of trust based on experiences. In Multi-Agent System Engineering (pp. 221–231). Berlin: Springer.

Jøsang, A., Ismail, R., & Boyd, C. (2007). A survey of trust and reputation systems for online service provision. Decision Support Systems, 43 (2), 618–644.

Joseph, J. F. C., Lee, B. S., Das, A., & Seet, B. C. (2011). Cross-layer detection of sinking behavior in wireless ad hoc networks using SVM and FDA. IEEE Transactions on Dependable and Secure Computing, 8 (2), 233–245.

Kayalvizhi, R., Vijayalakshmi, M., & Vaidehi, V. (2010). Energy analysis of RSA and ELGAMAL algorithms for wireless sensor networks. In Recent Trends in Network Security and Applications (pp. 172–180). Berlin: Springer.

Kim, T. K., & Seo, H. S. (2008). A trust model using fuzzy logic in wireless sensor network. World Academy of Science, Engineering and Technology, 42 (6), 63–66.

MathSciNet   Google Scholar  

Lee, I. (2007). Software System Lecture Note: Security. Retrieved August 28, 2014, from http://www.cis.upenn.edu/lee/07cis505/Lec/lec-ch9asecurity-v2.pdf .

Li, X., & Lyu, M. R. (2008). A novel coalitional game model for security issues in wireless networks. In Global Telecommunications Conference, 2008, IEEE GLOBECOM 2008 (pp. 1–6). IEEE.

Lopez, J., Roman, R., Agudo, I., & Fernandez-Gago, C. (2010). Trust management systems for wireless sensor networks: Best practices. Computer Communications, 33 (9), 1086–1093.

Luo, J., Liu, X., & Fan, M. (2009). A trust model based on fuzzy recommendation for mobile ad-hoc networks. Computer Networks, 53 (14), 2396–2407.

Article   MATH   Google Scholar  

Lupu, T. G. (2009). Main types of attacks in wireless sensor networks. In I. Rudas, M. Demiralp, & N. Mastorakis (Eds.), WSEAS International Conference, Proceedings, Recent Advances in Computer Engineering (Vol. 9).

Raj, M. R. C., Kumar G. E. P., Kusampudi, K. (2013). A survey on detecting selfish nodes in wireless sensor networks using different trust methodologies. International Journal of Engineering and Advanced Technology (IJEAT), 2 (3), 197–200.

Mármol, F. G., & Pérez, G. M. (2012). TRIP, a trust and reputation infrastructure-based proposal for vehicular ad hoc networks. Journal of Network and Computer Applications, 35 (3), 934–941.

Mármol, F. G., & Pérez, G. M. (2011). Providing trust in wireless sensor networks using a bio-inspired technique. Telecommunication systems, 46 (2), 163–180.

Meng, Y., & Li, W. (2013). Evaluation of detecting malicious nodes using Bayesian Model in wireless intrusion detection. In Network and System Security (pp. 40–53). Berlin: Springer.

Momani, M., & Challa, S. (2010). Survey of trust models in different network domains. arXiv preprint arXiv:1010.0168 .

Momani, M., Challa, S., & Alhmouz, R. (2008). BNWSN: Bayesian network trust model for wireless sensor networks. In Mosharaka International Conference on Communications, Computers and Applications, 2008. MIC-CCA 2008 (pp. 110–115).

Muller, K., Mika, S., Ratsch, G., Tsuda, K., & Scholkopf, B. (2001). An introduction to kernel-based learning algorithms. IEEE Transactions on Neural Networks, 12 (2), 181–201.

Ni, K., Ramanathan, N., Chehade, M. N. H., Balzano, L., Nair, S., Zahedi, S., et al. (2009). Sensor network data fault types. ACM Transactions on Sensor Networks (TOSN), 5 (3), 25.

Neuman, B. C., & Ts’ O. T. (1994). Kerberos: An authentication service for computer networks. Communications Magazine IEEE, 32 (9), 33–38.

Newsome, J., Shi, E., Song, D., & Perrig, A. (2004). The sybil attack in sensor networks: analysis & defenses. In Proceedings of the 3rd international symposium on Information processing in sensor networks (pp. 259–268).

Pathan, A. S. K., Lee, H. W., & Hong, C. S. (2006). Security in wireless sensor networks: issues and challenges. In The 8th International Conference on Advanced Communication Technology, 2006. ICACT 2006 (Vol. 2, p. 6).

Pehr, S. (2008). An Analysis of WSN Security Management. Master of Science Thesis , Stockholm, Sweden, Chapter-2, pp. 6–12.

Rathore, H., & Jha, S. (2013). Bio-inspired machine learning based wireless sensor network security. In 2013 World Congress on Nature and Biologically Inspired Computing (NaBIC) (Vol. 5, pp. 140–146).

Rathore, H., Badarla, V., Jha, S., & Gupta, A. (2014). Novel approach for security in wireless sensor network using bio-inspirations. In Proceedings of IEEE International Conference on Communication Systems and Networks (COMSNETS) (Vol. 6, pp. 1–8).

Reddy, Y. B. (2012). Trust-based approach in wireless sensor networks using an agent to each cluster. International Journal of Security, Privacy and Trust Management, 1 (1), 19–36.

Reddy, Y. B. (2009). A game theory approach to detect malicious nodes in wireless sensor networks. In Proceedings of International Conference on Sensor Technologies and Applications (SENSORCOMM) (Vol. 3, pp. 462–468).

Resnick, P., Kuwabara, K., Zeckhauser, R., & Friedman, E. (2000). Reputation systems. Communications of the ACM, 43 , 45–48.

Ringwald, M., & Romer, K. (2007). Deployment of sensor networks: Problems and passive inspection. In Proceedings of Intelligent Solutions in Embedded System s (Vol. 5, pp. 179–192).

Scholkopf, B., & Smola, A. J. (2001). Learning with kernels: Support vector machines, regularization, optimization, and beyond (pp. 204–205). Cambridge: MIT Press.

Shah-Hosseini, H. (2007). Problem solving by intelligent water drops. In IEEE Congress on Evolutionary Computation, 1 , 3226–3231.

Shah-Hosseini, H. (2009). Optimization with the nature-inspired intelligent water drops algorithm . INTECH Open Access Publisher.

Sharma, R., Chaba, Y., & Singh, Y. (2010). Analysis of security protocols in wireless sensor network. International Journal of Advanced Networking and Applications, 2 (3), 707–713.

Sharma, K., & Ghose, M. K. (2010). Wireless sensor networks: An overview on its security threats. International Journal of Computer Applications Special Issue on Mobile Ad-hoc Networks.

Shigen, S., Yue, G., Cao, Q., & Yu, F. (2011). A survey of game theory in wireless sensor networks security. Journal of Networks, 6 (3), 521–532.

Soderman, P. (2008). An analysis of wsn security managemant. Master of Science Thesis.

Soliman, H. H., Hikalb, N. A., & Sakrb, N. A. (2012). A comparative performance evaluation of intrusion detection techniques for hierarchical wireless sensor networks. Egyptian Informatics Journal, 13 (2), 225–238.

Suykens, J. A., & Vandewalle, J. (1999). Least squares support vector machine classifiers. Neural Processing Letters, 9 (3), 293–300.

Article   MathSciNet   Google Scholar  

Vapnik, V. (2000). The nature of statistical learning theory . New York: Springer.

Book   MATH   Google Scholar  

Wang, Y., Attebury, G., & Ramamurthy, B. (2006). A survey of security issues in wireless sensor networks. CSE Journal Articles, 8 (2).

Wang, W., Chatterjee, M., & Kwiat, K. (2009). Coexistence with malicious nodes: A game theoretic approach. In Proceedings of International Conference on Game Theory for Networks (GameNets 09) (pp. 277–286).

Wagstaff, K., Cardie, C., Rogers, S., & Schrödl, S. (2001). Constrained k-means clustering with background knowledge. In  ICML (Vol. 1, pp. 577–584).

Wikipedia. (2013). Retrieved December 3, 2013, from http://en:wikipedia:org=wiki=Computationalcomplexityofmathematicaloperations .

Zia, T., Zomaya, A., Ababneh, N. (2007). Evaluation of overheads in security mechanisms in wireless sensor networks. In Proceedings of International Conference on Sensor Technologies and Applications (pp. 181–185).

Download references

Author information

Authors and affiliations.

Indian Institute of Technology, Jodhpur, India

Heena Rathore

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Heena Rathore .

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this chapter

Cite this chapter.

Rathore, H. (2016). Case Study: A Review of Security Challenges, Attacks and Trust and Reputation Models in Wireless Sensor Networks. In: Mapping Biological Systems to Network Systems. Springer, Cham. https://doi.org/10.1007/978-3-319-29782-8_10

Download citation

DOI : https://doi.org/10.1007/978-3-319-29782-8_10

Published : 11 February 2016

Publisher Name : Springer, Cham

Print ISBN : 978-3-319-29780-4

Online ISBN : 978-3-319-29782-8

eBook Packages : Engineering Engineering (R0)

Share this chapter

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

• Publish with us

Policies and ethics

• Find a journal
• Track your research

• Artificial Intelligence
• Generative AI
• Business Operations
• IT Leadership
• Application Security

Business Continuity

• Cloud Security
• Critical Infrastructure
• Identity and Access Management
• Network Security
• Physical Security
• Risk Management
• Security Infrastructure
• Vulnerabilities
• Software Development
• Enterprise Buyer’s Guides
• United States
• United Kingdom
• Newsletters
• Foundry Careers
• Terms of Service
• Privacy Policy
• Cookie Policy
• Member Preferences
• About AdChoices
• E-commerce Links
• Your California Privacy Rights

Our Network

• Computerworld
• Network World

Security Case Studies

Selected case studies on security challenges and solutions.

Security case studies: Selected in-depth explorations of how leading organizations have approached critical security challenges.

These case studies provide the chance to learn from your peers, whether you are creating an overall strategy or working to solve a specific tactical security problem. (Note: None of these articles were written or sponsored by product and service providers.)

Case study collection updated 10/16/2012.

Leadership and Organizational Issues

Governance, risk and compliance

Fiserv’s GRC process and software implementation (2012)

GRC is a process, not a technology. Fiserv identifies the benefits and challenges of its GRC work.

Alignment with corporate mission and profitability

Dunkin’ Brands security focuses on making dough (2010)

Aligning corporate security with corporate priorities makes everyone’s fortunes rise. A look behind the counter at Dunkin’ Donuts’ parent company. [Full article requires

E-discovery

NBC Universal takes e-discovery inhouse (2010)

NBC Universal saw requests for e-discovery services soar in just a few years. The company’s CISO, Jonathan Chow, knew there had to be a more efficient and cost-effective way to handle it.

Digital and Physical Security Convergence:

Constellation Energy (2005)

What does it take to make security convergence happen? One secret is to sneak up on it, the way Constellation Energy did, by seeming to be doing something else entirely.

Enterprise Risk Management:

All systems go at Georgetown University (2010)

ERM might seem a lofty concept, but Georgetown University provides an example of turning that concept into specific systems and projects that reduce risk.

Information Risk Management:

Harland-Clarke Rechecks Risk Management (2007)

New security program adds more systematic processes for evaluating, prioritizing and mitigating risk.

Departmental Organization:

Reinventing T-Mobile’s Security Function (2006)

T-Mobile needed to reinvent its security function, so it recruited a veteran team to shape a new asset protection division. The goal: Inject risk calculations into every business decision.

Safety and Community Relations:

Boston’s Infectious Disease Research Lab (2006)

When controversy hit, Kevin Tuohey became the public face of a high-profile plan to study deadly diseases in Boston. To succeed, the security director would have to become part diplomat, part great communicator.

Security Metrics, Budgets and ROI

Cost management:

IT security on a shoestring budget (2011)

Michael Dent, CISO of Fairfax County Government in Virginia, created an enterprise-wide IT security program with a fraction of the budget he wanted.

Budgeting, Metrics and Security Value:

American Water (2006)

How American Water’s Bruce Larson uses a simple metric to build bridges with business partners and justify security spending at the same time.

Project ROI:

Digital Video Surveillance at Intel (2005)

Allen Rude, security manager at Intel, invested more than four years in an ROI study to justify the cost of digital video surveillance.

Threats and Defenses

Advanced Persistent Threats:

APT in action: The Heartland breach

Heartland Payment Systems CTO Kris Herrin talks about the attack that changed his views on data security.

What’s the business case for GRC? (2012)

Governance, risk and compliance (GRC) can be a dauntingly complex undertaking. But for Fiserv, the alternative was even more complicated.

Situational Awareness:

Inside the new World Trade Center (2011)

Louis Barani leads the construction of an integrated system to help identify security and safety issues by connecting the dots faster.

Cloud security:

More tales from the cloud (2011)

Challenges and solutions at three companies moving into cloud-based IT services:

• Mohawk Fine Papers

Identity management:

How DTCC took on ID management (2011)

A look at why DTCC deployed identity and access management software from Hitachi ID Systems to automate its password management processes.

Access control:

Policy-based access control at a university (2010)

One school’s approach to maintaining security in an open environment.

Virtualization Security:

Virtual Server Security at Schwan Foods (2010)

When it comes to sampling innovative technology, Schwan Foods, a multibillion-dollar frozen food producer, digs right in.

DDOS and Online Extortion:

How a Bookmaker and a Whiz Kid Took On a DDOS-based Online Extortion Attack (2005)

What it’s like to get hit with a DDoS attack (2010)]

Facing an online extortion threat, bookmaker Mickey Richardson bet his Web-based business on a networking whiz from Sacramento who first beat back the bad guys, then helped the cops nab them.

Anatomy of a Fraud (2004)

Most fraud victims clam up. In this check-tampering case, the victim-a small-business owner-decided to speak out. The resulting cautionary tale offers a rare, detailed look into the mechanics and psychology of fraud. And its aftermath.

Phishing and Incident Response:

Midsize Bank (2005)

What happens after a phishing attack? Here’s one midsize bank’s phishing incident response plan.

Product Counterfeiting:

Drug Busters: Novartis (2005)

Novartis deploys a global team to track down counterfeit drugs and help authorities prosecute counterfeiters.

Video Surveillance:

Surveillance Cameras at Secaucus Junction (2005)

New Jersey Transit’s new station finds additional benefits in its security cameras.

School Security:

Securing the Suburban High School (2007)

Privacy, safety, security and budgeting considerations collide.

Crisis Communication: 

Gale Global Facilities Services (2006)

With good planning, Web and mobile technologies can help find and inform employees in the event of a disaster. A global company shows how.

Simulations and exercises:

USAA’s Disaster Drill: Practice Makes Perfect (2003)

As one of the nation’s largest insurance companies, USAA is in the business of managing risk. So it makes sense that the company uses exercises, simulations and drills to learn how to respond in the event of a disaster.

Related content

Attackers exploit critical zero-day flaw in palo alto networks firewalls, cisa orders us government agencies to check email systems for signs of russian compromise, cisa opens its malware analysis and threat hunting tool for public use, top cybersecurity m&a deals for 2024, from our editors straight to your inbox.

Derek helped create and launch CSO in 2002, and served as Editor in Chief of the magazine and website from 2006 through 2013.

More from this author

33 questions to ask about your company’s security, sample erm organizational charts, 2011 state of the cso, getting the board on board, most popular authors.

Show me more

Top cybersecurity product news of the week.

ISC2 study pegs average US cybersecurity salaries at $147K, up from $119K in 2021

Customers of Sisense data analytics service urged to change credentials

CSO Executive Sessions: Geopolitical tensions in the South China Sea - why the private sector should care

CSO Executive Sessions: 2024 International Women's Day special

CSO Executive Sessions: Former convicted hacker Hieu Minh Ngo on blindspots in data protection

LockBit feud with law enforcement feels like a TV drama

Sponsored Links

• Tomorrow’s cybersecurity success starts with next-level innovation today. Join the discussion now to sharpen your focus on risk and resilience.

Security in Wireless Networks: Analysis of Wi-Fi Security and Attack Cases Study

Ieee account.

• Change Username/Password
• Update Address

Purchase Details

• Payment Options
• Order History
• View Purchased Documents

Profile Information

• Communications Preferences
• Profession and Education
• Technical Interests
• US & Canada: +1 800 678 4333
• Worldwide: +1 732 981 0060
• Contact & Support
• About IEEE Xplore
• Accessibility
• Terms of Use
• Nondiscrimination Policy
• Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. © Copyright 2024 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.

Academia.edu no longer supports Internet Explorer.

To browse Academia.edu and the wider internet faster and more securely, please take a few seconds to  upgrade your browser .

Enter the email address you signed up with and we'll email you a reset link.

• We're Hiring!
• Help Center

Network Security: A Case Study

This paper reviews 3 case studies related to network security. The first two exercises deal with security planning, including classifying data and allocating controls. The third exercise requires more extensive TCP knowledge, since the exercise includes evaluating a computer power-up sequence … but with interesting results!

Related Papers

Dr. Ashraf Aboshosha , Alaa Sheta , Amany Sarhan

Cyber threat became one of the most serious problem for both economics and national security in the 21st century. Therefore, we need a focused research on developing efficient techniques, technologies and tools to deal with this stimulating problem. The growing dimension and complexity of spatiotemporal data generated on daily basis and from variety of sources and its distribution over all types of networks makes it a challenge to protect it from theft or damage. Cyber security is the science that concerns on protecting these big data from disruption or misused. This special issue is provided to explore the complexity of this problem and to present possible number of solutions. L. Juleen and T. Kiong in their article presented a method to enhance the security of the transmitted data over the Wireless Local Area Network. They provided a data security dynamic design algorithm that has the ability to automatically change the configuration of both encoder and decoder based on a few bits of initial input data to the encoder. There new algorithm strengthens the overall security of the transmitted data over the wireless links. Vulnerability analysis of Extensible Authentication Protocol (EAP) DoS Attack over wireless networks is presented by Malekzadeh et. al. Authors presented an experimental framework to demonstrate and quantify possible flooding attacks using unprotected EAP frames against wireless communications. Results show that such attacks can easily launch, and cause serious service disruption to compromise network availability. A professional comparison of decision tress, artificial neural network and support vector machine for network intrusion detection is presented by A. Sheta and A. Alamleh. Intrusion Detection Systems (IDSs) is one of the main solutions for computer and network security. We need IDS to identify the un-authorized access that attempt to compromise confidentiality, integrity or availability of computer or computer network. In this research, author attempted to provide new models for intrusion detection (ID) problem using veracious data mining techniques. The proposed models were capable of reducing the complexity while keeping acceptable detection accuracy. The Denial Of Service (DOS) attacks are one of the very serious networks attach. M. Salem et. al. Presented a new security technique is proposed that aims to detect the DOS attacks in WLANs and further prevent the detected attackers, in the future, from accessing the network. They measure the Probability of Denied Service (PDS) with respect to the number of attacks and the maximum number of connections that access point allows. These results show the effectiveness of the proposed technique in securing the WLAN against the DOS attacks. An analytical view on possible techniques for the identification of information systems threats sources is presented by A. Al-Zubi. He proposed a new approach for identifying the source of threats and the proposed actions to be taken against. A framework called Intrusion Detection System Using Distributed Agents (IDSUDA) was built by A. Alim et. al. This framework is extendable in its capabilities and could be enhanced to meet future challenges. A comparison of Novel architectures of VHDL Implementation of the SAFER+ encryption algorithm and Pipelined AES algorithm is also presented in this special issue by D. Sharmila and R. Neelaveni. It was found that the proposed SAFER+ architecture has better data throughput and frequency than the pipelined AES algorithm.

International Journal of …

Dr.Sasikumar Gurumoorthy

— Network security is a complicated subject, historically only tackled by well-trained and experienced experts. However, as more and more people becomè`wired'', an increasing number of people need to understand the basics of security in a networked world. This document was written with the basic computer user and information systems manager in mind, explaining the concepts needed to read through the hype in the marketplace and understand risks and how to deal with them. Some history of networking is included, as well as an introduction to TCP/IP and internetworking. We go on to consider risk management, network threats, firewalls, and more special-purpose secure networking devices. This is not intended to be a ``frequently asked questions'' reference, nor is it a ``hands-on'' document describing how to accomplish specific functionality. It is hoped that the reader will have a wider perspective on security in general, and better understand how to reduce and manage risk personally, at home, and in the workplace.

Muhammad Adeka

Liam Landers

Ashok Kumar A KBSS

American Journal of Biomedical Research

shahin rahman

This study was carried out to determine sero-prevalence of hepatitis B and hepatitis C virus co-infection among pregnant women. Viral hepatitis during pregnancy is associated with high risk of maternal complications; infections with Hepatitis B virus (HBV) or the Hepatitis C virus (HCV) are public health problems. Worldwide, there are about 350 million HBV carriers and 130 to 170 million people infected with HCV. The presence of HBV and HCV was determined using third-generation enzyme immunoassay (EIA), reactive samples were further confirmed using enzyme linked immune sorbent assay (ELISA) (Bio-Rad, France). Age group 26-30 and 31-35 had highest frequency of 240 (36.98%) and 206 (31.74%) respectively in HBV and HCV. Sero prevalence of HBV and HCV were 44 (6.78%) and 9 (1.39%) respectively. Prevalence of HBV and HCV co-infection was 1 (0.15%) in age group 31-35. Proper management of maternal hepatitis during the prenatal phase ensures better outcomes in the infant, therefore screeni...

Flor Martinez

Resumen: Es bien conocido que uno de los agentes más importantes de la sociedad actual es la información. Las llamadas nuevas tecnologías abren posibilidades de transmisión de la información en aspectos tan cotidianos como en el ámbito administrativo. Hay pocas actividades humanas en que no tenga incidencia de forma directa o indirecta la informática. Esto requiere dar un nuevo enfoque en la interacción y la gestión de estas tareas. En este artículo se presenta el desarrollo del proyecto de implantación de terminales de autoservicio para la información universitaria en la Universidad de Salamanca con la colaboración del Banco Santander Central Hispano. Se intenta facilitar el acceso virtual tanto para tareas de tipo administrativo y académico como de tipo personal, en una red de 13 puntos distribuidos en todo el ámbito de la universidad.

Peyman Ghasemi Tamami

In turning process, the predominant parameters have different influences on machinability. Thus, a main problem associated with this process is to select optimal solution in which the process reaches to desirable performance. In the present work, an experimental study has been attempted to investigate the effect of turning parameters such as spindle speed, feed rate and depth of cut on machinability properties such as axial force, surface roughness and tool wear while turning of age hardened 2024 aluminum alloy. Hence, fifteen experiments is designed and conducted based on central composite design to obtain the empirical model from outputs and study effects of parameters. Finally, the desirability approach function has been used to optimize force, surface roughness and tool wear, simultaneously. Results indicated that selection of spindle speed at the second level, feed rate at the first level and the depth of cut at the third level guarantees the minimum surface roughness and tool ...

RELATED PAPERS

Itinerarios Revista De Literatura

Luizir de Oliveira

Marcelo Firer

Monica Ruiz Torres

Nahoko Wada

Folha de São Paulo

Ana Carla Marinato

European journal of pharmaceutics and biopharmaceutics : official journal of Arbeitsgemeinschaft fur Pharmazeutische Verfahrenstechnik e.V

Edna Soares

Papeles de Trabajo. Centro de Estudios Interdisciplinarios en Etnolingüística y Antropología Socio-Cultural

Mariano Roman Schejter

Kunstbulletin

J. Emil Sennewald

Selim Louafi

Eduardo Elias Pantano

Open Access Macedonian Journal of Medical Sciences

Ahmed Eltobgy

Physiological Genomics

Naveen Kumar

Revista Paulista de Pediatria

Felipe Horta Jaques

Annals of Medicine & Surgery

Fentahun Tarekegn

KU毕业证文凭金斯顿大学本科毕业证书 英国学历学位认证如何办理

Työterveyslaitos eBooks

Riitta Jolanki

Literatura Mexicana

Pablo Garcia

Indian Journal of Surgery

Aniruddha Bhuiyan

办英国肯特大学毕业证书 制作肯特大学文凭学历证书

Mathematical Problems in Engineering

•   We're Hiring!
•   Help Center
• Find new research papers in:
• Health Sciences
• Earth Sciences
• Cognitive Science
• Mathematics
• Computer Science
• Academia ©2024

• Skip to content
• Skip to search
• Skip to footer

Create a threat-centric security strategy

As the severity and complexity of cyber threats grow, a pervasive, threat-centric security model is critical. Continuous protection before, during, and after attacks narrows the breach area and reduces business disruption. Deep visibility into threats across the entire network helps us keep Cisco's infrastructure, data, and users protected. 

Contact Cisco

• Get a call from Sales

Call Sales:

• 1-800-553-6387
• US/CAN | 5am-5pm PT
• Product / Technical Support
• Training & Certification

Remote Work: Keeping It Secure - How Cisco scales our secure remote workforce

Every Cisco employee teleworks at least some of the time. So when the pandemic sent everyone home to work, we already had the technology, culture, and processes in place. The big changes were scaling our existing VPN and implementing split tunneling. This article explains our solution—a collaboration between Cisco IT and our Security and Trust Organization.

IT security stories

Network security

Better security means better business. We protect our users, data, and Cisco’s business with strong network-based security.

• Cisco ACI + Firepower Threat Defense simplifies application security
• Fighting Malware to the End: How We Tested and Deployed AMP for Endpoints
• Migrating to Cisco’s Next-Generation Firewall for Core Security

Email and web security

We protect against dynamic, rapidly changing threats that affect email today. And our web security options integrate easily into our data centers, network, and branch offices.

• Improving Security with Automated Email Analysis

Policy and access

Dynamically controlling network access helps us proactively secure the network across all devices and users.

• Can We Trust Your Device? Checking Security Posture
• Strengthening and Scaling Security with IoT Device Onboarding
• Read all security stories

Meet the IT bloggers

Find out the latest news on what's happening in Cisco IT. Read more

GDPR versus flexible working & mobility

60% of Generation Y is nowadays preferring mobile for work and personal use, and the demand for working from anywhere at any time is growing. The work environment is changing into a more flexible model.

Customer Zero for Next-Generation Firewall 6.3

In Cisco IT’s role as Customer Zero, we have been partnering with the security business group to test-drive the new Firepower 6.3 software. Our ultimate goal is to help improve the code before it is released to our customers.

Six ways to stay secure on a budget

Malware has evolved dramatically in the past 20 years – from malicious script kiddies, corporate and nation-state espionage, to a multimillion dollar industry. But where to start when there are so many options and you’re on a tight budget?

Europe PMC requires Javascript to function effectively.

Either your web browser doesn't support Javascript or it is currently turned off. In the latter case, please turn on Javascript support in your web browser and reload this page.

Search life-sciences literature (43,917,979 articles, preprints and more)

• Available from publisher site using DOI. A subscription may be required. Full text

Network Security: Case Study Analysis

Preprint from SSRN , 22 Nov 2022 https://doi.org/10.2139/ssrn.4217769   PPR: PPR603102 

Abstract 

Full text links .

Read article at publisher's site: https://doi.org/10.2139/ssrn.4217769

Europe PMC is part of the ELIXIR infrastructure

Cyber Insight

What is case study in cyber security? Learn from real-life examples.

June 27, 2023

As a cyber security expert with years of experience, I understand how intimidating it can be to protect one’s digital presence in today’s world. We constantly hear about security breaches, ransomware attacks, and hackers stealing sensitive data. However, it’s not just the industry professionals who can learn to protect themselves from cyber-attacks. With the right knowledge, anyone can learn how to spot and neutralize potential threats.

One of the best ways to gain this knowledge is through real-life examples. That’s where case studies come in. These case studies allow us to learn from actual cyber-security incidents and understand what went wrong, why it happened, and how it could have been prevented. As a reader, you’ll be able to apply this knowledge to your own digital presence, and protect yourself, your family, and your business from cyber-attacks.

So, in this post, we’ll dive into what exactly a case study is in the context of cyber-security. I’ll show you how to use these case studies to learn from past security incidents, how they can help you understand the risks you face, and ultimately, how to protect yourself from becoming a victim of a cyber-attack. Are you ready to learn from some real-life examples in cyber-security? Let’s get started!

What is case study in cyber security?

The team responsible for conducting a cyber security case study typically employs a variety of methods to get a complete perspective on the threat environment. Some of the methods they may use include:

• Collecting data from internal security systems, such as firewalls and intrusion detection systems, to identify potential threats
• Analyzing data on cyber-related threats from external sources, such as threat intelligence feeds and open-source intelligence (OSINT)
• Engaging with other organizations or industry groups to share information and best practices
• Conducting interviews with employees and other stakeholders to gather insights and information about the incident

Once the team has collected and analyzed all the necessary data, they develop a detailed report outlining their findings and recommendations for improving the organization’s cyber security posture. This report may be used to inform the development of new policies and procedures, or to train employees on how to better detect and respond to cyber threats. Ultimately, the goal of a cyber security case study is to help organizations become more resilient and better prepared to defend against cyber attacks.

???? Pro Tips:

1. Understand the purpose of a case study in cyber security. A case study is an in-depth analysis of a particular cybersecurity event or incident, which is used to identify the weaknesses in the system or processes and provide insights into how to improve them.

2. Choose the right case study. When selecting a case study for analysis, ensure that it is relevant to your organization’s cybersecurity practices and challenges. Consider factors such as industry, size, and security posture while selecting a case study.

3. Analyze the case study thoroughly. When analyzing a case study, pay attention to the details of the event or incident being studied. Take note of what went wrong, how it could have been prevented, and what the organization did to recover. This analysis will provide valuable insights into improving your organization’s cybersecurity defenses.

4. Discuss the findings with your team. Once you have analyzed the case study, share your findings and insights with your cybersecurity team. Use the case study as a learning opportunity to explain the importance of cybersecurity management and how to develop proactive strategies to prevent similar incidents.

5. Use the insights to strengthen your organization’s defense. After reviewing the case study and discussing its implications with your team, develop strategies and tactics to strengthen your organization’s cybersecurity defenses. Use the insights gained from analyzing the case study to better protect your organization from similar cyber attacks.

Understanding Case Study in Cyber Security

A case study is an in-depth analysis of a particular problem or situation. In the context of cyber security, a case study focuses on the use of specific tools and techniques to identify, analyze, and mitigate cyber threats. Cyber security case studies are valuable resources that help organizations better understand real-world threats and develop effective strategies to protect their assets against them. Case studies provide insight into how attackers target specific businesses, the methods they use, and the impact of their actions.

The Importance of Threat Monitoring in Cyber Security

Threat monitoring is one of the most crucial aspects of cyber security. It involves regularly monitoring and collecting data on cyber-related threats around the globe, which could affect the sector or business. The goal is to identify potential threats and notify the relevant teams so that they can take appropriate action to prevent or mitigate the risk. Without effective threat monitoring, organizations are vulnerable to a wide range of cyber threats, including malware, phishing attacks, ransomware, and other malicious activities.

Methods Used to Collect Data on Cyber-Related Threats

There are various methods used to collect data on cyber-related threats, including:

• Network scanning: This involves scanning the organization’s network to identify potential vulnerabilities and threats.
• Vulnerability assessments: This involves identifying and assessing potential vulnerabilities in the organization’s hardware, software, and network infrastructure.
• Penetration testing: This involves simulating a cyber-attack to identify weaknesses and vulnerabilities in the system.
• Intelligence gathering: This involves collecting and analyzing information from various sources, including social media, open-source databases, and other traditional intelligence sources, to identify potential threats.

Analyzing the Overall Threat Environment

An essential aspect of threat intelligence is analyzing the overall threat environment. Cyber security experts collect large amounts of data on threats and vulnerabilities to gain a complete perspective of the threat environment. This analysis involves identifying patterns, trends, and emerging threats that could affect an organization. There are numerous tools and techniques used to analyze the overall threat environment, including:

• Machine learning algorithms: This involves analyzing data using artificial intelligence and machine learning techniques to identify patterns and trends.
• Data visualization tools: This involves using charts, graphs, and other visual aids to represent data and identify trends.
• Threat intelligence platforms: This involves using specialized software and tools to automate threat intelligence gathering and analysis.

Assessing Threats and Motivations to Target a Business

Assessing threats and motivations to target a business is a critical aspect of cyber security. Cyber criminals are motivated by different factors, including financial gain, political motives, espionage, and so on. Understanding the motivations behind a cyber-attack can help organizations better prepare for and prevent or mitigate possible threats. Some common motivations include:

• Financial gain: Cyber criminals target businesses to steal sensitive data, intellectual property, or financial details that could help them steal money.
• Political motives: Hackers might target businesses to protest or create political unrest, this may go in line with their ideologies.
• Sabotage: Some cyber-attacks aim to sabotage a business’s operations or reputation.

Implementing Effective Cyber Security Measures

Effective cyber security measures involve identifying threats and implementing strategies to mitigate them. There are various ways to implement cybersecurity measures, including:

• Implementing security protocols: Security protocols ensure that all members of the organization follow the same procedures to maintain the security of the system. This includes guidelines for passwords, access control, and network security.
• Train employees: Training employees, every member of an organization is a potential entry point for a cyber attack, so all employees should be trained to identify and prevent cyber-attacks.
• Upgrading software and hardware: Outdated software and hardware are more vulnerable to cyber-attacks. Upgrades to the latest versions can help prevent many cyber threats.

Staying Ahead of Emerging Cyber Threats

Staying ahead of emerging cyber threats is an essential aspect of cyber-security. Hackers are continuously developing new techniques and tools to circumvent security measures. To keep up with the ever-evolving threat landscape, cyber-security experts must continuously monitor the threat environment, track emerging trends, and implement new security protocols to mitigate new threats. In summary, cyber security experts must remain vigilant, employ a variety of threat monitoring methods and stay appraisable on emerging cyber threats.

most recent

Cybersecurity Basics

What are the three approaches to security in cyber security: explained.

Services & Solutions

What is security solution and why it matters: ultimate guide.

Training & Certification

Is a masters in cybersecurity worth the investment.

What is the Cyber Security Strategy Objective? Protecting Against Breaches.

What is Dart in Cyber Security? A Powerful Tool for Threat Detection.

Decoding SLED: Is Public Sector Cybersecurity the Same?

PH +1 000 000 0000

24 M Drive East Hampton, NY 11937

© 2024 INFO

The Cisco Learning Network

Secure network analysis essentials with case studies, feb 13, 2020 • knowledge, information, article details.

Dec 1, 2020 34 KB pdf

Nothing here yet?

Log in to post to this feed.

Related Articles

• Number of Views 2.49K
• Number of Views 1.63K
• Number of Views 2.57K

Trending Articles

• Cisco Packet Tracer: Software de Simulación para Redes
• 200-301 CCNA Study Materials
• CCIE/CCDE: Book your Lab/Practical Exam

If you encounter a technical issue on the site, please open a support case .

Communities: Chinese | Japanese | Korean

Cisco.com © Copyright 2024 Cisco, Inc. All Rights Reserved. Privacy Statement Terms & Conditions Cookie Policy Trademarks