July 2, 2020

1.1      Denial of Service Attack

HTTP Denial of carrier assault (Tan, 2014) is an application layer attack in which an internet site is attacked for down timing and unavailability. In this attack, multiple malformed HTTP packets are dispatched to the webserver. The net server then uses its sources to grasp it such that its power would and time would be consumed. HTTP packets are dispatched from more than one customer as supply addresses and in more than one sorts such that web server can’t right now discard it is illegitimate. As quickly as the server is overburdened, it will become unable to serve. It can, however, be avoided effortlessly thru ideal SSL configuration and web security.
ICMP Flood DDOS attack (Tan, 2014) is the assault in which the attacker generates ICMP ping packets toward the victim. ICMP packets are used for pinging so that network connectivity may be checked. As these packets are extremely small in size, so they are usually now not prevented from the firewall, so the attacker sends it in a giant range to overburden the link and create traffic congestion in the common network. As these ICMP flood attacks have been used majorly over the years, so these assaults are now regarded to all networks, so, IPS and IDSs generally block them by means of default.


1.2            Identification of Threats:

Multiple threats are prone to the network at the moment which can create the threat of the security breach at the network. First of all, threats of interior attack are the most as there are no suited insurance policies for the work ethics of employees who use endpoints and community resources. The use of any such malicious system or hyperlink can create the chance of interior assault which can lead to huge interior malware injections and faraway operations.
Externally there are threats to the cloud server which is used with the aid of the people to send and talk vital archives with each other. As, a public stage cloud server is being utilized and no committed cloud server is present, so, at any factor in time, the attacker can attempt to get admission to cloud assets and steal it.
In this regard, the hazard of statistics theft, malware injection, Cross-site scripting, and OS commanding is present to the network.

1.3            Identification of Vulnerabilities:

Vulnerabilities that are present to the network, involve vulnerability to the database server in which data of all company and all the user is present. A cloud server is also vulnerable to confidentiality, integrity and availability attack at any point in time. Other than this, the vulnerability of end devices is present which can get attacked again for access control.


1.4      Likelihood of Occurrence:

Likelihood of occurrence of different attacks is explained as below:

Attack Likelihood of Occurrence
Malware injection High
DDOS attack Medium
Cross Site Scripting High
Remote OS commanding High

1.5      Impact:

Impact of the attacks is explained as below:

Attack Impact
Malware injection High
DDOS attack High
Cross-Site Scripting High
Remote OS commanding High


If any of the above attacks occur, the network would get crippled for its operations and would become unable to perform any routine operation smoothly as all the operations are linked to the IT infrastructure and automation of data. It is, therefore, necessary to keep network assets secured from any kind of such attack.

Leave a Reply

Your email address will not be published. Required fields are marked *