U.S. flag

An official website of the United States government

Here’s how you know

Official websites use .gov A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS A lock ( Lock A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


Small Business Cybersecurity Corner

Small business cybersecurity case study series.

Ransomware, phishing, and ATM skimming are just a few very common and very damaging cybersecurity threats that Small Businesses need to watch out for. The following Case Studies were created by the National Cyber Security Alliance , with a grant from NIST, and should prove useful in stimulating ongoing learning for all business owners and their employees.

  • Case 1: A Business Trip to South America Goes South Topic: ATM Skimming and Bank Fraud
  • Case 2: A Construction Company Gets Hammered by a Keylogger Topic: Keylogging, Malware and Bank Fraud
  • Case 3: Stolen Hospital Laptop Causes Heartburn Topic: Encryption and Business Security Standards
  • Case 4: Hotel CEO Finds Unwanted Guests in Email Account Topic: Social Engineering and Phishing
  • Case 5: A Dark Web of Issues for a Small Government Contractor Topic: Data Breach

The Review Hive

Type to search

case study network security

Cybersecurity Case Studies and Real-World Examples

' src=

image courtesy pixabay.com

Table of Contents

In the ever-evolving landscape of cybersecurity, the battle between hackers and defenders continues to shape the digital domain. To understand the gravity of cybersecurity challenges, one need only examine real-world examples—breaches that have rocked industries, compromised sensitive data, and left organizations scrambling to shore up their defenses. In this exploration, we’ll dissect notable cybersecurity case studies, unravel the tactics employed by cybercriminals , and extract valuable lessons for strengthening digital defenses.

Equifax: The Breach that Shattered Trust

In 2017, Equifax, one of the largest credit reporting agencies, fell victim to a massive data breach that exposed the personal information of nearly 147 million individuals. The breach included sensitive data such as names, Social Security numbers, birthdates, and addresses, leaving millions vulnerable to identity theft and fraud.

Lessons Learned

1. Patch Management is Crucial:

The breach exploited a known vulnerability in the Apache Struts web application framework. Equifax failed to patch the vulnerability promptly, highlighting the critical importance of timely patch management. Organizations must prioritize staying current with security patches to prevent known vulnerabilities from being exploited.

2. Transparency Builds Trust:

Equifax faced severe backlash not only for the breach itself but also for its delayed and unclear communication with affected individuals. Transparency in communication is paramount during a cybersecurity incident. Organizations should proactively communicate the extent of the breach, steps taken to address it, and measures for affected individuals to protect themselves.

Target: A Cybersecurity Bullseye

In 2013, retail giant Target suffered a significant breach during the holiday shopping season. Hackers gained access to Target’s network through a third-party HVAC contractor, eventually compromising the credit card information of over 40 million customers and the personal information of 70 million individuals.

1. Third-Party Risks Require Vigilance:

Target’s breach underscored the risks associated with third-party vendors. Organizations must thoroughly vet and monitor the cybersecurity practices of vendors with access to their networks. Note that a chain is only as strong as its weakest link.

2. Advanced Threat Detection is Vital:

Target failed to detect the initial stages of the breach, allowing hackers to remain undetected for an extended period. Implementing robust advanced threat detection systems is crucial for identifying and mitigating breaches in their early stages.

WannaCry: A Global Ransomware Epidemic

In 2017, the WannaCry ransomware swept across the globe, infecting hundreds of thousands of computers in over 150 countries. Exploiting a vulnerability in Microsoft Windows, WannaCry encrypted users’ files and demanded ransom payments in Bitcoin for their release.

1. Regular System Updates are Non-Negotiable:

WannaCry leveraged a vulnerability that had been addressed by a Microsoft security update months before the outbreak. Organizations fell victim due to delayed or neglected updates. Regularly updating operating systems and software is fundamental to thwarting ransomware attacks .

2. Backup and Recovery Planning is Essential:

Organizations that had robust backup and recovery plans were able to restore their systems without succumbing to ransom demands. Implementing regular backup procedures and testing the restoration process can mitigate the impact of ransomware attacks.

Sony Pictures Hack: A Cyber Espionage Saga

In 2014, Sony Pictures Entertainment became the target of a devastating cyberattack that exposed an array of sensitive information, including unreleased films, executive emails, and employee records. The attackers, linked to North Korea, sought to retaliate against the film “The Interview,” which portrayed the fictional assassination of North Korea’s leader.

1. Diverse Attack Vectors:

The Sony hack demonstrated that cyber threats can come from unexpected sources and employ diverse attack vectors. Organizations must not only guard against common threats but also be prepared for unconventional methods employed by cyber adversaries .

2. Nation-State Threats:

The involvement of a nation-state in the attack highlighted the increasing role of geopolitical motivations in cyber incidents. Organizations should be aware of the potential for state-sponsored cyber threats and implement measures to defend against politically motivated attacks.

Marriott International: Prolonged Exposure and Ongoing Impact

In 2018, Marriott International disclosed a data breach that had persisted undetected for several years. The breach exposed personal information, including passport numbers, of approximately 500 million guests. The prolonged exposure raised concerns about the importance of timely detection and response.

1. Extended Dwell Time Matters:

Marriott’s breach highlighted the significance of dwell time—the duration a threat actor remains undetected within a network. Organizations should invest in advanced threat detection capabilities to minimize dwell time and swiftly identify and mitigate potential threats.

2. Post-Breach Communication:

Marriott faced criticism for the delayed communication of the breach to affected individuals. Prompt and transparent communication is vital in maintaining trust and allowing individuals to take necessary actions to protect themselves.

SolarWinds Supply Chain Attack: A Wake-Up Call

In late 2020, the SolarWinds supply chain attack sent shockwaves through the cybersecurity community. Sophisticated threat actors compromised SolarWinds’ software updates, enabling them to infiltrate thousands of organizations, including government agencies and major corporations.

1. Supply Chain Vulnerabilities:

The incident underscored the vulnerability of the software supply chain. Organizations must conduct thorough assessments of their suppliers’ cybersecurity practices and scrutinize the security of third-party software and services.

2. Continuous Monitoring is Essential:

The SolarWinds attack highlighted the importance of continuous monitoring and threat detection. Organizations should implement robust monitoring systems to identify anomalous behavior and potential indicators of compromise.

Notable Lessons and Ongoing Challenges

1. Human Element:

Many breaches involve human error, whether through clicking on phishing emails or neglecting cybersecurity best practices. Cybersecurity awareness training is a powerful tool in mitigating the human factor. Employees should be educated on identifying phishing attempts, using secure passwords, and understanding their role in maintaining a secure environment.

2. Zero Trust Architecture:

The concept of Zero Trust, where trust is never assumed, has gained prominence. Organizations should adopt a mindset that verifies every user, device, and network transaction, minimizing the attack surface and preventing lateral movement by potential intruders.

3. Cybersecurity Collaboration:

Cybersecurity is a collective effort. Information sharing within the cybersecurity community, between organizations, and with law enforcement agencies is crucial for staying ahead of emerging threats. Collaborative efforts can help identify patterns and vulnerabilities that may not be apparent to individual entities.

4. Regulatory Compliance:

The landscape of data protection and privacy regulations is evolving. Compliance with regulations such as GDPR, HIPAA, or CCPA is not only a legal requirement but also a cybersecurity best practice. Understanding and adhering to these regulations enhances data protection and builds trust with customers.

5. Encryption and Data Protection:

The importance of encryption and data protection cannot be overstated. In various breaches, including those of Equifax and Marriott, the compromised data was not adequately encrypted, making it easier for attackers to exploit sensitive information. Encrypting data at rest and in transit is a fundamental cybersecurity practice.

6. Agile Incident Response:

Cybersecurity incidents are inevitable, but a swift and agile incident response is crucial in minimizing damage. Organizations should regularly test and update their incident response plans to ensure they can respond effectively to evolving threats.

7. User Awareness and Training:

Human error remains a significant factor in many breaches. User awareness and training programs are essential for educating employees about cybersecurity risks , promoting responsible online behavior, and reducing the likelihood of falling victim to phishing or social engineering attacks.

8. Continuous Adaptation:

Cyber threats constantly evolve, necessitating a culture of continuous adaptation. Organizations should regularly reassess and update their cybersecurity strategies to address emerging threats and vulnerabilities.

Conclusion: Navigating the Cybersecurity Landscape

The world of cybersecurity is a battlefield where the landscape is ever-changing, and the adversaries are relentless. Real-world case studies serve as poignant reminders of the importance of proactive cybersecurity measures . As organizations adapt to emerging technologies, such as cloud computing, IoT, and AI, the need for robust cybersecurity practices becomes more pronounced. Real-world case studies offer invaluable insights into the tactics of cyber adversaries and the strategies employed by organizations to defend against evolving threats.

case study network security

Prabhakar Pillai

I am a computer engineer from Pune University. Have a passion for technical/software blogging. Wrote blogs in the past on SaaS, Microservices, Cloud Computing, DevOps, IoT, Big Data & AI. Currently, I am blogging on Cybersecurity as a hobby.

Leave a Comment Cancel Comment

Your email address will not be published. Required fields are marked *

Save my name, email, and website in this browser for the next time I comment.

case study network security

Cyber Case Studies Subscribe


The 2 am call: Preparing for a government cyberattack

Fremont County suffered a cyberattack in 2022 that took pieces of the county's law enforcement's systems offline, including communications.


Häfele recovers from ransomware attack with new SASE platform

An international manufacturer and supplier of furniture fittings,  recovered from a recent ransomware attack after utilizing a single-vendor SASE platform. 

Ride share

Ride-hailing company, inDrive, uses new platform to prevent fraud

The ride-share company is using a security platform to keep negotiations & prices transparent and dishonest & fraudulent users out of the system.

The Old Spaghetti Factory

The Old Spaghetti Factory restaurant chain ups network & physical security

The Old Spaghetti Factory restaurant chain decided to upgrade legacy technology with network, voice and security infrastructure from Interface Systems.

school student

K-8 students learn cybersecurity through gamification

K-8 students can learn cybersecurity techniques through a gamified education platform called Cyber Legends. Learn more in this case study.

manufacturing automation

Electric company uses SAP monitoring to bolster cybersecurity

International electric and manufacturing firm Schneider Electric uses a Systems Applications and Products (SAP) security platform from SecurityBridge to bolster SAP visibility. Learn more in this case study.

pharmaceutical cybersecurity

Pharmaceutical company secures network with AppSec compliance tools

Sanofi, a global biopharmaceutical company based in France, protects its network security with the Security Platform & Compliance Monitor from SecurityBridge. Learn more in this case study.

cyber attack

Tech university stops cyberattack with AI

When an African technology university was targeted by Malware as a Service, Darktrace AI helped identify the cyberattack in its early stages.

school student

Coding robot teaches K-12 students about cybersecurity

K-12 students need to learn about cybersecurity along with their exposure to digital technology. The Sphero BOLT, a coding robot, can help teach students about cyber risk management, ethical hacking and more.

shadowed figures behind falling numbers

Anti-human trafficking organization combats abuse with data analytics

The Anti-Human Trafficking Intelligence Initiative (ATII) uses data analytics tools to monitor the dark web for information on human trafficking operations. The organization now uses Siren's Investigative Intelligence platform to expedite their search capacity.

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content..

Copyright ©2024. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

  • Quick links
  • 10 Trends Shaping 2024
  • Global Private Equity Risk Index Highlights Risky Insight From Digital Chatter
  • 2023 Fraud and Financial Crime Report
  • Popular topics
  • Valuation Advisory Services
  • Compliance and Regulation
  • Corporate Finance and Restructuring
  • Investigations and Disputes
  • Digital Technology Solutions
  • Business Services
  • Environmental, Social and Governance Advisory Services (ESG)
  • Environmental, Social and Governance
  • Consumer and Retail
  • Financial Services
  • Industrials
  • Technology, Media and Telecom
  • Energy and Mining
  • Healthcare and Life Sciences
  • Real Estate
  • Our Experts
  • Client Stories
  • Transactions
  • Restructuring Administration Cases
  • Settlement Administration Cases
  • Anti-Money Laundering
  • Artificial Intelligence
  • Cost of Capital
  • Cryptocurrency
  • Financial Crime
  • M&A Updates
  • Valuation Outlook
  • Blogs / Publications
  • Webcasts and Videos

Cyber Security Case Studies

Managed detection and response case studies, managed detection and response, building cyber resilience amid azure migration.

Building Cyber Resilience Amid Azure Migration

Client Story

Seamless response to ransomware and a cyber resilience upgrade.

Seamless Response to Ransomware and a Cyber Resilience Upgrade

Reducing a Hospitality Company’s Cyber Risk Surface

Reducing a hospitality company’s cyber risk surface

Enhancing Security Visibility for a Leading Asset Management Firm

Enhancing Security Visibility for a Leading Asset Management Firm

Elevating Cyber Security Maturity of a Housebuilding Company

Elevating Cyber Security Maturity Of A Housebuilding Company

Protecting the 2008 U.S. Presidential Election from Cyber Attacks

by Alan Brill

Protecting the 2008 U.S. Presidential Election from Cyber Attacks

Endpoint Detection and Response to Increase Plastics Manufacturer’s Cyber Posture

Endpoint Detection and Respond to increase Plastics Manufacturer’s Cyber Posture

Stronger Threat Detection and Response for UK Bank: Reduced False Positives, Swifter Response

Stronger Threat Detection and Response for UK Bank: Reduced False Positives, Swifter Response

Enhanced Ransomware Defences for Global Shipping Business with Robust MDR

Enhanced Ransomware Defences for Global Shipping Business with Robust MDR

Large Hospital Leverages Managed Detection and Response for Increased Resilience and Compliance Reporting

Large Hospital Leverages Managed Detection and Response for Increased Resilience and Compliance Reporting

Defending Healthcare Organization Against Persistent Trickbot Attacks

Defending Healthcare Organisation Against Persistent Trickbot Attacks

Optimized Security Operations and Cyber Governance for Asset Management Firm

Optimized Security Operations and Cyber Governance for Asset Management Firm

Digital Forensics and Incident Response Case Studies

Digital forensics and incident response, online skimming attack facilitated by work-from-home arrangements.

Case Study | Online Skimming Attack Facilitated by Work-From-Home Arrangements

Electronic Gift Card Fraud Investigation Uncovers Contractual Risks

Case Study: Electronic Gift Card Fraud Investigation Uncovers Contractual Risks

Spearphishing Compromises Fuel Chain Credit Card Transactions, Ends in Ransomware

Case Study| Spearphishing Compromises Fuel Chain Credit Card Transactions, Ends in Ransomware

Insider Threat Case Study: Digital Forensics Reveals Fraud, Potential Regulatory Concerns

by Kevin Wong, Ben Hawkins

Insider Threat Case Study: Digital Forensics Reveals Fraud, Potential Regulatory Concerns

Kroll Contains, Remediates SWIFT System Cyber Fraud for Middle Eastern Bank

by Kevin Wong, Imran Khan

Kroll Contains, Remediates SWIFT System Cyber Fraud for Middle Eastern Bank

Transatlantic Cyber Investigation Unmasks Insider Threat, Preempts Ransom Attempt

by Michael Quinn, Ben Hawkins, Justin Price

Boosting Your Insider Threat Program: Examples, Indicators and Mitigation Steps

Office 365 Business Email Compromise Investigation Leads to Stronger Security

by Devon Ackerman

Cyber Extortion Gets Personal– The Next Step in Email Compromises

Business Email Compromise Attack Investigation and Remediation for Insurance Broker

Business Email Compromise Attack Investigation and Remediation for Insurance Broker

Proactive Services Case Studies

Penetration testing, continuous penetration testing optimizes security in agile product development for software startup.

Continuous Penetration Testing Optimizes Security in Agile Product Development for Software Startup

Scaling Up Application Security for a Global Telecommunications Company

Scaling Up Application Security for a Global Telecommunications Company

Safeguarding Election Security Through Penetration Testing

Safeguarding Election Security Through Penetration Testing

AWS Penetration Testing Gives In-Depth Cyber Risk Insight to Specialist Bank

AWS Penetration Testing Gives In-Depth Cyber Risk Insight to Specialist Bank

State of Arkansas Cyber Security Assessment

by Frank Marano, Jeff Macko

State of Arkansas Cyber Security

Red Team Exercise Helps International Trade Organization Comply with FCA Cyber Security Mandates

Red Team Exercise Helps International Trade Organization Comply with FCA Cyber Security Mandates

Other Cyber Security Case Studies

Cyber governance and risk, gdpr assessment and u.s. data privacy laws action plan for a global biopharmaceutical company.

GDPR Assessment and U.S. Data Privacy Laws Action Plan for a Global Biopharmaceutical Company

Cyber Litigation Support

Uncovering critical historical data to progress a complex legal case.

Uncovering Critical Historical Data to Progress a Complex Legal Case

Taking an Underwriter’s Security Posture From At-Risk to Resilient

Taking Underwriters Security Posture At Risk to Resilient

Cloud Security

Cloud native security platform (cnsp) design and implementation for top five media firm.

Cloud Native Security Platform (CNSP) Design and Implementation for Top Five Media Firm

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

Agile Penetration Testing Program

Integrated into your software development lifecycle (SDLC), Kroll’s agile penetration testing program is designed to help teams address security risks in real time and on budget.

Penetration Testing Services

Validate your cyber defenses against real-world threats. Kroll’s world-class penetration testing services bring together front-line threat intelligence, thousands of hours of cyber security assessments completed each year and a team of certified cyber experts — the foundation for our sophisticated and scalable approach.

Application Threat Modeling Services

Kroll helps development teams design and build internal application threat modeling programs to identify and manage their most pressing vulnerabilities.

Application Security Services

Kroll’s product security experts upscale your AppSec program with strategic application security services catered to your team’s culture and needs, merging engineering and security into a nimble unit.

Cloud Security Services

Kroll’s multi-layered approach to cloud security consulting services merges our industry-leading team of AWS and Azure-certified architects, cloud security experts and unrivalled incident expertise.

24x7 Incident Response

Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.

Connect With Us

Jason N Smolanoff

Chief Financial Officers Ignoring Cyber Risk Worth Millions of Dollars According to Kroll Report

Cyber Risk and CFOs: Over-Confidence is Costly

Kroll Acquires Crisp, Trusted Provider of Real-time Risk Intelligence

by Andrew Burke

Kroll Acquires Crisp, Trusted Provider of Real-Time Risk Intelligence

Kroll Partners with Armis to Extend Preparedness and Response for OT and ICS Environments

Kroll Partners with Armis to Extend Preparedness and Response for OT and ICS Environments

Kroll Acquires Resolver, a Leader in Risk Intelligence Technology

Kroll Acquires Resolver, a Leader in Risk Intelligence Technology

Threat Intelligence

Q1 2024 cyber threat landscape virtual briefing.

Join the Q1 2024 Cyber Threat Landscape Virtual Briefing as Kroll’s cyber threat analysts outline notable trends and insights from our incident response intelligence.

Q4 2023 Cyber Threat Landscape Report: Threat Actors Breach the Outer Limits

Kroll at 2024 Gartner Security & Risk Management Summit

Join Kroll experts at Gartner SRM in National Harbor from June 3-5, 2024. Stop by booth 556 to meet our team.

Gartner Security Risk Management Summit

Kroll at Infosecurity Europe 2024

Join our cyber risk experts at Infosecurity Europe in London, June 4–6, Stand C35. Get the latest threat intel, win prizes, and more.

Kroll Europe Infosecurity

Kroll is headquartered in New York with offices around the world.

More About Kroll

  • Trending Topics
  • Find an Expert
  • Media Inquiry

More About Kroll

  • Accessibility
  • Code of Conduct
  • Data Privacy Framework
  • Kroll Ethics Hotline
  • Modern Slavery Statement
  • Privacy Policy

Academia.edu no longer supports Internet Explorer.

To browse Academia.edu and the wider internet faster and more securely, please take a few seconds to  upgrade your browser .

Enter the email address you signed up with and we'll email you a reset link.

  • We're Hiring!
  • Help Center

paper cover thumbnail

Network Security: A Case Study

Profile image of Susan Lincke

This paper reviews 3 case studies related to network security. The first two exercises deal with security planning, including classifying data and allocating controls. The third exercise requires more extensive TCP knowledge, since the exercise includes evaluating a computer power-up sequence … but with interesting results!

Related Papers

Habeeb Rayapati

case study network security

Dr. Ashraf Aboshosha , Alaa Sheta , Amany Sarhan

Cyber threat became one of the most serious problem for both economics and national security in the 21st century. Therefore, we need a focused research on developing efficient techniques, technologies and tools to deal with this stimulating problem. The growing dimension and complexity of spatiotemporal data generated on daily basis and from variety of sources and its distribution over all types of networks makes it a challenge to protect it from theft or damage. Cyber security is the science that concerns on protecting these big data from disruption or misused. This special issue is provided to explore the complexity of this problem and to present possible number of solutions. L. Juleen and T. Kiong in their article presented a method to enhance the security of the transmitted data over the Wireless Local Area Network. They provided a data security dynamic design algorithm that has the ability to automatically change the configuration of both encoder and decoder based on a few bits of initial input data to the encoder. There new algorithm strengthens the overall security of the transmitted data over the wireless links. Vulnerability analysis of Extensible Authentication Protocol (EAP) DoS Attack over wireless networks is presented by Malekzadeh et. al. Authors presented an experimental framework to demonstrate and quantify possible flooding attacks using unprotected EAP frames against wireless communications. Results show that such attacks can easily launch, and cause serious service disruption to compromise network availability. A professional comparison of decision tress, artificial neural network and support vector machine for network intrusion detection is presented by A. Sheta and A. Alamleh. Intrusion Detection Systems (IDSs) is one of the main solutions for computer and network security. We need IDS to identify the un-authorized access that attempt to compromise confidentiality, integrity or availability of computer or computer network. In this research, author attempted to provide new models for intrusion detection (ID) problem using veracious data mining techniques. The proposed models were capable of reducing the complexity while keeping acceptable detection accuracy. The Denial Of Service (DOS) attacks are one of the very serious networks attach. M. Salem et. al. Presented a new security technique is proposed that aims to detect the DOS attacks in WLANs and further prevent the detected attackers, in the future, from accessing the network. They measure the Probability of Denied Service (PDS) with respect to the number of attacks and the maximum number of connections that access point allows. These results show the effectiveness of the proposed technique in securing the WLAN against the DOS attacks. An analytical view on possible techniques for the identification of information systems threats sources is presented by A. Al-Zubi. He proposed a new approach for identifying the source of threats and the proposed actions to be taken against. A framework called Intrusion Detection System Using Distributed Agents (IDSUDA) was built by A. Alim et. al. This framework is extendable in its capabilities and could be enhanced to meet future challenges. A comparison of Novel architectures of VHDL Implementation of the SAFER+ encryption algorithm and Pipelined AES algorithm is also presented in this special issue by D. Sharmila and R. Neelaveni. It was found that the proposed SAFER+ architecture has better data throughput and frequency than the pipelined AES algorithm.

International Journal of …

Dr.Sasikumar Gurumoorthy

— Network security is a complicated subject, historically only tackled by well-trained and experienced experts. However, as more and more people becomè`wired'', an increasing number of people need to understand the basics of security in a networked world. This document was written with the basic computer user and information systems manager in mind, explaining the concepts needed to read through the hype in the marketplace and understand risks and how to deal with them. Some history of networking is included, as well as an introduction to TCP/IP and internetworking. We go on to consider risk management, network threats, firewalls, and more special-purpose secure networking devices. This is not intended to be a ``frequently asked questions'' reference, nor is it a ``hands-on'' document describing how to accomplish specific functionality. It is hoped that the reader will have a wider perspective on security in general, and better understand how to reduce and manage risk personally, at home, and in the workplace.

Muhammad Adeka

Liam Landers

Gayvelline Calacal

Recovery of DNA from bone samples exposed to adverse environmental conditions for prolonged periods has significant application in the identification of human remains. At times, information derived from DNA typing serves as the only tool for identification. Proper management and processing of human bone samples is important in countries like the Philippines which experiences a variety of natural, e.g. up to 20 typhoons per year; as well as man-made disasters. In addition, the tropical climate with relatively high humidity, promote rapid decomposition of any recoverable tissue from human remains thus preventing identification through standard pathological examinations. Hence, this study undertook to compare five DNA extraction procedures for handling fresh bone samples and bone samples that had been exhumed six months post burial. The criteria used for comparison includes DNA yield, DNA purity, e.g. absence of PCR inhibitors in solution and DNA quality, e.g. successful amplification ...

Isalam and Health Journal

Islam and Health Journal

Introduction The promotion and development of traditional medicine along with conventional and modern medicine have encountered different achievements and challenges in different societies. The aim of this study was to assess the achievements and challenges of promoting and developing the use of traditional medicine in the Iranian Family Physician Program (FPP) from the viewpoint of managers and administrators. Methods: This cross-sectional study was conducted via holding 16 expert panels in 2017. The research population included the managers and executers of the implementation of the urban FPP in 28 cities of Fars province, selected by census. Data were collected using a researcher-made questionnaire whose validity and reliability were confirmed. Data were analyzed by SPSS 23 at a significant level of <0.05. Findings: Among 347 people, 188 (54.1%) were male, 172 (50.7%) of them had a bachelor's degree. The subjects reported a total number of 341 and 41 achievements with and without repeatability as well as 415 and 63 challenges with and without repeatability, respectively. The most mentioned achievements included reducing the cost of treatment (65 cases), use of industrial medicines (52) and drug complications (50), and finally increased trust and popularity (42); the most mentioned challenges were the lack of necessary infrastructures (63 cases), profitability of brokers and non-professionals, low level of doctors' knowledge (38) and physician opposition (24). There was a significant relationship between the number of achievements and challenges with some of the individual variables (P<0.05). Conclusion: This study showed that the managers have many concerns about misuse and lack of infrastructures required for the FPP in addition to hoping for the promotion and development of the use of traditional medicine in this program.

Dans der Muzen: de relatie tussen de kunsten gethematiseerd, pp. 157-170.

Marijke Jonker

The writings of the French art critc Étienne-Jean Delécluze illustrate a more general transition from a mimetic to an idealistic theory of expression, which started in French art theory and art criticism during the years 1820-1840. This article traces the development of his thinking from the Salon of 1824 and his discussion with Stendhal on Shakespearian and Homeric art to the end of his career. It is shown that the concept of theatricality occupied a central place in Delécluze’s critiques and that the meaning of this concept followed his changing ideas on expression and history painting.

Case Study: A Review of Security Challenges, Attacks and Trust and Reputation Models in Wireless Sensor Networks

  • First Online: 11 February 2016

Cite this chapter

case study network security

  • Heena Rathore 2  

1071 Accesses

1 Citations

In Wireless Sensor Network (WSN), where nodes besides having its inbuilt capability of sensing, processing and communicating data, also possess some risks. These risks expose them to attacks and bring in many security challenges. Therefore, it is imperative to have a secure system where there is perfect confidentiality and correctness to the data being sent from one node to another. Cooperation among the nodes is needed so that they could confidently rely on other nodes and send the data faithfully. However, owing to certain hardware and software faults, nodes can behave fraudulently and send fraudulent information. Nevertheless, since the network is openly accessible, anybody can access the deployment area which breaches the security of WSN. Therefore, it is required to have correct and accurate secure model for WSN to protect the information and resources from attacks and misbehavior. Many researchers are engaged in developing innovative design paradigms to address such nodes by developing key management protocols , secure routing mechanisms and trust management systems. Key management protocols and secure routing cannot itself provide security to WSNs for various attacks. Trust management system can improve the security of WSN. The case study begins by explaining the security issues and challenges in WSN. It discusses the goals, threat models and attacks followed by the security measures that can be implemented in detection of attacks. Here, various types of trust and reputation models are also reviewed. The intent of this case study is to investigate the security related issues and challenges in wireless sensor networks and methodologies used to overcome them. Furthermore, the present case study provides details on how bio-inspired approaches in WSN prove a benefactor in many ways.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
  • Durable hardcover edition

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Agah, A., Das, S. K., & Basu, K. (2004). A game theory based approach for security in wireless sensor networks. In 2004 IEEE International Conference on Performance, Computing, and Communications (pp. 259–263).

Google Scholar  

Agah, A., Basu, K., & Das, S. K. (2005). Preventing DoS attack in sensor networks: a game theoretic approach. In 2005 IEEE International Conference on Communications, 2005, ICC 2005 (Vol. 5, pp. 3218–3222).

Agah, A., & Das, S. K. (2007). Preventing DoS attacks in wireless sensor networks: A repeated game theory approach. International Journal Network Security, 5 (2), 145–153.

Agah, A., Basu, K., & Das, S. K. (2006). Security enforcement in wireless sensor networks: A framework based on non-cooperative games. Pervasive and Mobile Computing, 2 (2), 137–158.

Article   Google Scholar  

Aggarwal, K., Goyal, M., & Srivastava, P. R. (2012). Code coverage using intelligent water drop. International Journal Of Bio-Inspired Computation, 4 (6), 392–402.

Ahmed, N., Kanhere, S. S., & Jha, S. (2005). The holes problem in wireless sensor networks: A survey. ACM SIGMOBILE Mobile Computing and Communications Review, 9 (2), 4–18.

Alpcan, T., & Basar, T. (2006). An intrusion detection game with limited observations. In 12th International Symposium on Dynamic Games and Applications, Sophia Antipolis, France .

Ng, A. (2012a). Retrieved February, 2013, from http://cs229.stanford.edu/notes/cs229-notes1.pdf .

Ng, A. (2012b). Video Lectures on Machine Learning. Retrieved February, 2013.

Atakli, I. M., Hu, H., Chen, Y., Ku, W. S., & Su, Z. (2008). Malicious node detection in wireless sensor networks using weighted trust evaluation. In Proceedings of the 2008 Spring Simulation Multiconference (pp. 836–843). Society for Computer Simulation International.

Auralius. (2009). Retrieved May, 2013 from https://decibel.ni.com/content/docs/DOC-5381 .

Baljak, V., Tei, K., & Honiden, S. (2012). Classification of faults in sensor readings with statistical pattern recognition. In  SENSORCOMM 2012, The Sixth International Conference on Sensor Technologies and Applications (pp. 270–276).

Bhaskaran, K., Triay, J., & Vokkarane, V. M. (2011). Dynamic anycast routing and wavelength assignment in WDM networks using ant colony optimization (ACO). In  2011 IEEE International Conference on Communications (ICC) (pp. 1–6). IEEE.

Bhanot, S. (2008). Artificial Neural Network. In Process control principle applications.

Boukerch, A., Xu, L., & El-Khatib, K. (2007). Trust-based security for wireless ad hoc and sensor networks. Computer Communications, 30 (11), 2413–2427.

Chen, H., Wu, H., Hu, J., & Gao, C. (2008, June). Event-based trust framework model in wireless sensor networks. In International Conference on Networking, Architecture, and Storage, 2008. NAS’08 (pp. 359–364). IEEE.

Chen, H., Wu, H., Zhou, X., & Gao, C. (2007). Agent-based trust model in wireless sensor networks. In Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing , 2007, SNPD 2007 (Vol. 3, pp. 119–124).

Chen, Y., Zhong, Y., Shi, T., & Liu, J. (2009). Comparison of two fitness functions for GA-based path-oriented test data generation. In ICNC’09. Fifth International Conference on Natural Computation, 2009 (Vol. 4, pp. 177–181).

Chen, Z., Qiu, Y., Liu, J., & Xu, L. (2011). Incentive mechanism for selfish nodes in wireless sensor networks based on evolutionary game. Computers & Mathematics with Applications, 62 (9), 3378–3388.

Article   MathSciNet   MATH   Google Scholar  

Cormen, T. H. (2009). Introduction to algorithms . Cambridge: MIT press.

MATH   Google Scholar  

Curiac, D. I., Volosencu, C., Doboli, A., Dranga, O., & Bednarz, T. (2007). Discovery of malicious nodes in wireless sensor networks using neural predictors. In WSEAS Transactions on Computers Research (Vol. 2, pp. 38–43).

Dargie, W. W., & Poellabauer, C. (2010). Fundamentals of wireless sensor networks: Theory and practice . New Jersey: John Wiley & Sons.

Book   Google Scholar  

Dibrov, B. F., Livshits, M. A., & Volkenstein, M. V. (1977a). Mathematical model of immune processes. Journal of theoretical biology, 65 (4), 609–631.

Dibrov, B. F., Livshits, M. A., & Volkenstein, M. V. (1977b). Mathematical model of immune processes: II. Kinetic features of antigen—Antibody interrelations. Journal of theoretical biology, 69 (1), 23–39.

Dorigo, M., & Gambardella, L. M. (1997). Ant colony system: A cooperative learning approach to the traveling salesman problem. IEEE Transactions on Evolutionary Computation, 1 (1), 53–66.

Du, W., Deng, J., Han, Y. S., & Varshney, P. K. (2006). A key predistribution scheme for sensor networks using deployment knowledge. IEEE Transactions on Dependable and Secure Computing, 3 (1), 62–77.

Eschenauer, L., & Gligor, V. D. (2002). A key-management scheme for distributed sensor networks. In Proceedings of 9 th ACM conference on Computer and communications security , pp. 41–47.

Fowler, A. C. (1981). Approximate solution of a model of biological immune responses incorporating delay. Journal of Mathematical Biology, 13 (1), 23–45.

Ganeriwal, S., Balzano, L. K., & Srivastava, M. B. (2008). Reputation-based framework for high integrity sensor networks. ACM Transactions on Sensor Networks (TOSN), 4 (3), 15.

Großschädl, J., Szekely, A., & Tillich, S. (2007). The energy cost of cryptographic key establishment in wireless sensor networks. In Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security  (pp. 380–382). New York: ACM.

Horowitz, E., & Sahni, S. (1978). Fundamentals of computer algorithms (p. 206). Cambridge: Computer Science Press.

Jerome, J., Aravind, A. P., Arunkumar, V. & Balasubramanian, P. (2005). LabVIEW based intelligent controllers for speed regulation of Electric Motor. In Proceedings of the IEEE on Instrumentation and Measurement Technology Conference, 2005 ( Vol. 2, pp. 935–940).

Jonker, C. M., & Treur, J. (1999). Formal analysis of models for the dynamics of trust based on experiences. In Multi-Agent System Engineering (pp. 221–231). Berlin: Springer.

Jøsang, A., Ismail, R., & Boyd, C. (2007). A survey of trust and reputation systems for online service provision. Decision Support Systems, 43 (2), 618–644.

Joseph, J. F. C., Lee, B. S., Das, A., & Seet, B. C. (2011). Cross-layer detection of sinking behavior in wireless ad hoc networks using SVM and FDA. IEEE Transactions on Dependable and Secure Computing, 8 (2), 233–245.

Kayalvizhi, R., Vijayalakshmi, M., & Vaidehi, V. (2010). Energy analysis of RSA and ELGAMAL algorithms for wireless sensor networks. In Recent Trends in Network Security and Applications (pp. 172–180). Berlin: Springer.

Kim, T. K., & Seo, H. S. (2008). A trust model using fuzzy logic in wireless sensor network. World Academy of Science, Engineering and Technology, 42 (6), 63–66.

MathSciNet   Google Scholar  

Lee, I. (2007). Software System Lecture Note: Security. Retrieved August 28, 2014, from http://www.cis.upenn.edu/lee/07cis505/Lec/lec-ch9asecurity-v2.pdf .

Li, X., & Lyu, M. R. (2008). A novel coalitional game model for security issues in wireless networks. In Global Telecommunications Conference, 2008, IEEE GLOBECOM 2008 (pp. 1–6). IEEE.

Lopez, J., Roman, R., Agudo, I., & Fernandez-Gago, C. (2010). Trust management systems for wireless sensor networks: Best practices. Computer Communications, 33 (9), 1086–1093.

Luo, J., Liu, X., & Fan, M. (2009). A trust model based on fuzzy recommendation for mobile ad-hoc networks. Computer Networks, 53 (14), 2396–2407.

Article   MATH   Google Scholar  

Lupu, T. G. (2009). Main types of attacks in wireless sensor networks. In I. Rudas, M. Demiralp, & N. Mastorakis (Eds.), WSEAS International Conference, Proceedings, Recent Advances in Computer Engineering (Vol. 9).

Raj, M. R. C., Kumar G. E. P., Kusampudi, K. (2013). A survey on detecting selfish nodes in wireless sensor networks using different trust methodologies. International Journal of Engineering and Advanced Technology (IJEAT), 2 (3), 197–200.

Mármol, F. G., & Pérez, G. M. (2012). TRIP, a trust and reputation infrastructure-based proposal for vehicular ad hoc networks. Journal of Network and Computer Applications, 35 (3), 934–941.

Mármol, F. G., & Pérez, G. M. (2011). Providing trust in wireless sensor networks using a bio-inspired technique. Telecommunication systems, 46 (2), 163–180.

Meng, Y., & Li, W. (2013). Evaluation of detecting malicious nodes using Bayesian Model in wireless intrusion detection. In Network and System Security (pp. 40–53). Berlin: Springer.

Momani, M., & Challa, S. (2010). Survey of trust models in different network domains. arXiv preprint arXiv:1010.0168 .

Momani, M., Challa, S., & Alhmouz, R. (2008). BNWSN: Bayesian network trust model for wireless sensor networks. In Mosharaka International Conference on Communications, Computers and Applications, 2008. MIC-CCA 2008 (pp. 110–115).

Muller, K., Mika, S., Ratsch, G., Tsuda, K., & Scholkopf, B. (2001). An introduction to kernel-based learning algorithms. IEEE Transactions on Neural Networks, 12 (2), 181–201.

Ni, K., Ramanathan, N., Chehade, M. N. H., Balzano, L., Nair, S., Zahedi, S., et al. (2009). Sensor network data fault types. ACM Transactions on Sensor Networks (TOSN), 5 (3), 25.

Neuman, B. C., & Ts’ O. T. (1994). Kerberos: An authentication service for computer networks. Communications Magazine IEEE, 32 (9), 33–38.

Newsome, J., Shi, E., Song, D., & Perrig, A. (2004). The sybil attack in sensor networks: analysis & defenses. In Proceedings of the 3rd international symposium on Information processing in sensor networks (pp. 259–268).

Pathan, A. S. K., Lee, H. W., & Hong, C. S. (2006). Security in wireless sensor networks: issues and challenges. In The 8th International Conference on Advanced Communication Technology, 2006. ICACT 2006 (Vol. 2, p. 6).

Pehr, S. (2008). An Analysis of WSN Security Management. Master of Science Thesis , Stockholm, Sweden, Chapter-2, pp. 6–12.

Rathore, H., & Jha, S. (2013). Bio-inspired machine learning based wireless sensor network security. In 2013 World Congress on Nature and Biologically Inspired Computing (NaBIC) (Vol. 5, pp. 140–146).

Rathore, H., Badarla, V., Jha, S., & Gupta, A. (2014). Novel approach for security in wireless sensor network using bio-inspirations. In Proceedings of IEEE International Conference on Communication Systems and Networks (COMSNETS) (Vol. 6, pp. 1–8).

Reddy, Y. B. (2012). Trust-based approach in wireless sensor networks using an agent to each cluster. International Journal of Security, Privacy and Trust Management, 1 (1), 19–36.

Reddy, Y. B. (2009). A game theory approach to detect malicious nodes in wireless sensor networks. In Proceedings of International Conference on Sensor Technologies and Applications (SENSORCOMM) (Vol. 3, pp. 462–468).

Resnick, P., Kuwabara, K., Zeckhauser, R., & Friedman, E. (2000). Reputation systems. Communications of the ACM, 43 , 45–48.

Ringwald, M., & Romer, K. (2007). Deployment of sensor networks: Problems and passive inspection. In Proceedings of Intelligent Solutions in Embedded System s (Vol. 5, pp. 179–192).

Scholkopf, B., & Smola, A. J. (2001). Learning with kernels: Support vector machines, regularization, optimization, and beyond (pp. 204–205). Cambridge: MIT Press.

Shah-Hosseini, H. (2007). Problem solving by intelligent water drops. In IEEE Congress on Evolutionary Computation, 1 , 3226–3231.

Shah-Hosseini, H. (2009). Optimization with the nature-inspired intelligent water drops algorithm . INTECH Open Access Publisher.

Sharma, R., Chaba, Y., & Singh, Y. (2010). Analysis of security protocols in wireless sensor network. International Journal of Advanced Networking and Applications, 2 (3), 707–713.

Sharma, K., & Ghose, M. K. (2010). Wireless sensor networks: An overview on its security threats. International Journal of Computer Applications Special Issue on Mobile Ad-hoc Networks.

Shigen, S., Yue, G., Cao, Q., & Yu, F. (2011). A survey of game theory in wireless sensor networks security. Journal of Networks, 6 (3), 521–532.

Soderman, P. (2008). An analysis of wsn security managemant. Master of Science Thesis.

Soliman, H. H., Hikalb, N. A., & Sakrb, N. A. (2012). A comparative performance evaluation of intrusion detection techniques for hierarchical wireless sensor networks. Egyptian Informatics Journal, 13 (2), 225–238.

Suykens, J. A., & Vandewalle, J. (1999). Least squares support vector machine classifiers. Neural Processing Letters, 9 (3), 293–300.

Article   MathSciNet   Google Scholar  

Vapnik, V. (2000). The nature of statistical learning theory . New York: Springer.

Book   MATH   Google Scholar  

Wang, Y., Attebury, G., & Ramamurthy, B. (2006). A survey of security issues in wireless sensor networks. CSE Journal Articles, 8 (2).

Wang, W., Chatterjee, M., & Kwiat, K. (2009). Coexistence with malicious nodes: A game theoretic approach. In Proceedings of International Conference on Game Theory for Networks (GameNets 09) (pp. 277–286).

Wagstaff, K., Cardie, C., Rogers, S., & Schrödl, S. (2001). Constrained k-means clustering with background knowledge. In  ICML (Vol. 1, pp. 577–584).

Wikipedia. (2013). Retrieved December 3, 2013, from http://en:wikipedia:org=wiki=Computationalcomplexityofmathematicaloperations .

Zia, T., Zomaya, A., Ababneh, N. (2007). Evaluation of overheads in security mechanisms in wireless sensor networks. In Proceedings of International Conference on Sensor Technologies and Applications (pp. 181–185).

Download references

Author information

Authors and affiliations.

Indian Institute of Technology, Jodhpur, India

Heena Rathore

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Heena Rathore .

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this chapter

Rathore, H. (2016). Case Study: A Review of Security Challenges, Attacks and Trust and Reputation Models in Wireless Sensor Networks. In: Mapping Biological Systems to Network Systems. Springer, Cham. https://doi.org/10.1007/978-3-319-29782-8_10

Download citation

DOI : https://doi.org/10.1007/978-3-319-29782-8_10

Published : 11 February 2016

Publisher Name : Springer, Cham

Print ISBN : 978-3-319-29780-4

Online ISBN : 978-3-319-29782-8

eBook Packages : Engineering Engineering (R0)

Share this chapter

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

  • Publish with us

Policies and ethics

  • Find a journal
  • Track your research
  • Artificial Intelligence
  • Generative AI
  • Business Operations
  • IT Leadership
  • Application Security
  • Business Continuity
  • Cloud Security
  • Critical Infrastructure
  • Identity and Access Management
  • Network Security
  • Physical Security
  • Risk Management
  • Security Infrastructure
  • Vulnerabilities
  • Software Development
  • Enterprise Buyer’s Guides
  • United States
  • United Kingdom
  • Newsletters
  • Foundry Careers
  • Terms of Service
  • Privacy Policy
  • Cookie Policy
  • Member Preferences
  • About AdChoices
  • E-commerce Links
  • Your California Privacy Rights

Our Network

  • Computerworld
  • Network World

Network and Security Operations Convergence: A Mini-Case Study

Bringing network and security ops under one roof is translating into more efficiency and increased security for it management and consulting firm american systems.

Until very recently the network and security operations for AMERICAN SYSTEMS, a Virginia-based IT management and consulting firm, were two distinct and separate entities. But the company’s CIO, Brian Neely, was looking for a way to centralize their IT tools and streamline event correlation, performance monitoring and security information management. Redundancies among engineers working in both centers also prompted AMERICAN SYSTEMS to look for more efficiency.

CSO spoke with Neely about the process of bringing their NOC and SOC together, and how other organizations considering convergence might learn from their experience. (For more on the topic, see Efficiency Through NOC/SOC Convergence .)

CSO: What was the status of your network operations and your security operations before you began your convergence efforts?

Brian Neely, CIO of AMERICAN SYSTEMS: We operated under a siloed approach and worked primarily with point solutions for security, performance and event monitoring. We have a relatively small staff and require all of our engineers to multi-task; meaning that the monitoring of network and security operations, and respective response, diagnosis, investigation and reporting functions, are typically performed by the same engineers.

Why did you want to make changes to a more converged approach?

In the end, it’s about IT service reliability, integrity and protection—how do we remove barriers, extend controls and leverage processes to improve IT responsiveness and reduce costs and risks.

To obtain our IT objectives for improved security information management capabilities, event correlation, and performance monitoring, we needed to move forward with a single, integrated point-of-contact for all network and security events.

Also new challenges were emerging at an accelerating rate, from the sophisticated security threats, to increased demands from our business functions to deliver and manage better service levels. Therefore we needed to be more proactive at all fronts to ensure higher availability, improved security, and increased data confidence.

We wanted to centralize instrumentation and have the means to extend operational controls. This required a solution that would integrate IT governance, risk and compliance management functionality. With our audit requirements, we needed to advance to a solution where rules and reports could be mapped to our management frameworks (CobIT, ITIL) and compliance best practices (SOX).

Prior to convergence, had the company purposely separated security and network ops?

We had our security and network operations logically separated. I wanted our security people to have security as their primary focus, without distraction. Now they’re co-located, and work hand-in-hand. Experience and knowledge is extended across three different tiers in the infrastructure services group. There have been no issues or negative feedback.

What do you call the new converged NOC and SOC?

It’s called the Core Operations Center—not Network Operations or Security Operations.

What does it look like?

We have occupied our current facility for 11 years and are moving to newly designed facility in the first quarter of 2010. We are in a flat space, with hard-walled offices. In the new facility, engineers and security personnel will be grouped together for monitoring in case of data breaches, loss of power, system outages and data contamination (we work with classified data). It is designed to be a flexible, hi-tech workspace equipped with electronic interactive white boards, multiple real-time communication pathways, video cameras, multiple interactive displays and an integrated information “hub” to work dynamically and quickly, resolving any and all threats.

We are a heavy Microsoft shop and we are leveraging SharePoint to provide us Web-based access to a single portal from anywhere, anytime, like a traditional NOC. We use AccelOps’ integrated monitoring, analytics and reporting, for both security and network operations. Also its business service instrumentation can complement the Core Operations Center.

Tell me more about the AccelOps tool. How does it work in your environment? Why did you chose it?

AccelOps intrigued us, as they offer all the security monitoring, alerting and reporting functionality—but then incorporated performance and configuration metrics. We liked that they came from Cisco realm. Their overall vision aligned with one of our IT objectives for tasking, event correlation and monitoring.

As mentioned earlier, AccelOps gives us a single console where we can get insight into many different aspects of our extended datacenter, the network devices, systems and applications that support it. AccelOps covers security, availability, performance and change management of the infrastructure, thereby giving us our NOC and SOC convergence.

AccelOps itself is a virtual appliance application running on VMware. My team had it up and working in a couple of days; most of the time used was for configuring our infrastructure to communicate with AccelOps. Within a week we had everything running—monitoring, alerting, tracking, reporting and defined business services. Because of the virtual appliance we can scale capacity as needed by adding more VMs or storage to the application.

What types of intelligence do you need to gather to accomplish quicker correlations?

AccelOps provides my team instant intelligence on our business posture, security threats and operational issues through its integrated, interactive and customizable web GUI. Now our engineers can more easily collaborate and get both high-level and detailed views into our network, systems, applications and user activity for a variety of purposes.

For example, we can validate and monitor the affect of an approved change such as a patch, which would support security and ITIL service management processes. Beyond built-in functions, the team could quickly build out rules, search on incidents, make new dashboards and generate reports.

We liked the fact that AccelOps data management was embedded and optimized for long-term access to all the collected data—all the raw and correlated data is online. If one product is seeing one pattern and another system reports another issue—most likely there is a critical event. There can be a variety of security, performance and availability events that may or may not be related—but could affect reliability or integrity. At the same time, monitoring and reporting from different products and sources is time consuming and difficult. Conventional approaches could take weeks to walk through or investigate events and log information as well as analyze network and system behavior. That approach is more reactive—the idea is to get to be proactive and efficient.

Explain what you have seen for benefits of the Core Operations Center. Have you experienced cost-savings? More efficiency in particular areas?

We anticipate it will yield a cost-savings to us. Being a defense contractor, we are money conscious and very fiscally conservative. We are an ESOP corporation, 100 percent employee owned. We started with AccelOps late last year when it was a start-up in beta test, and we subsequently became a charter customer. We not only saw the advantages that they delivered, but we were able to give input early in the beta process, which is great. Some of our requested features and implementation needs were baked in before their general release.

I think we’ll need more time to ascertain cost-savings, in terms of value-add. We are seeing advantages of more integrated monitoring. This was seen early on when we had to find exactly who, where, what, and how someone changed certain permissions on a file share server. AccelOps’ query capability searched through thousands of events with iterative filtering to quickly find the needle in the haystack.

We can monitor more proactively and respond more efficiently. We can now isolate a security incident and understand the severity of an attack or violation faster. The same is true for performance and availability problems.

More importantly we have an immediate understanding of the affect on IT services and severity by business impact. As we discussed earlier with the limited resources, I don’t want to put more manpower into monitoring and reporting; monitoring and event aggregation is a time intensive, tedious task. It is nearly impossible to do by applying sheer manpower. We want to take advantage of, and put the burden on, the technology that is available to us. We are beginning to see immediate value in many areas, and there is significant functionality that we haven’t even tapped into at this point in our implementation.

Any advice for other organizations who might be considering NOC and SOC convergence?

Do your homework, and look at the total value products provide across your organization, not just the cheapest solution or most conventional product, which can result in modest management gains or a limited view into your systems. While we used industry research, such as Gartner and others, to narrow the field and help us scope some of our base functionality, we relied on a very qualified staff to make an informed, effective, value-based decision that took into account our business and operational requirements.

Related content

Us government could mandate quantum-resistant encryption from july, microsoft azure’s russinovich sheds light on key generative ai threats, rise of zero-day exploits reshape security recommendations, reducing cso-cio tension requires recognizing the signs, from our editors straight to your inbox, show me more, memcyco report reveals only 6% of brands can protect their customers from digital impersonation fraud.


Employee discontent: Insider threat No. 1


Download the hybrid cloud data protection enterprise buyer’s guide


CSO Executive Session India with Pradipta Kumar Patro, Head of Cyber Security & IT Platform, KEC International


CSO Executive Sessions: The personality of cybersecurity leaders


CSO Executive Sessions: Geopolitical tensions in the South China Sea - why the private sector should care


CSO Executive Sessions India with Pradipta Kumar Patro, Head of Cyber Security & IT Platform, KEC International


Sponsored Links

  • Tomorrow’s cybersecurity success starts with next-level innovation today. Join the discussion now to sharpen your focus on risk and resilience.

Security in Wireless Networks: Analysis of Wi-Fi Security and Attack Cases Study

Ieee account.

  • Change Username/Password
  • Update Address

Purchase Details

  • Payment Options
  • Order History
  • View Purchased Documents

Profile Information

  • Communications Preferences
  • Profession and Education
  • Technical Interests
  • US & Canada: +1 800 678 4333
  • Worldwide: +1 732 981 0060
  • Contact & Support
  • About IEEE Xplore
  • Accessibility
  • Terms of Use
  • Nondiscrimination Policy
  • Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. © Copyright 2024 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.

  • Case Studies

Cyber Security Hub aims to produce case studies routinely, in which the site's editorial staff chats with leading security executives about recent initiatives (with ROI and measurable results).

Mid-year state of cyber security: APAC

A satellite image of West Asia

Cyber Security Hub provides an in-depth look at trends, challenges and investment opportunities across APAC

The benefits of automating enterprise cyber security

Automating enterprise cybersecurity report

Insights on perspectives on automation imperatives, inhibitors, talent and budget in the enterprises to prevent threats, vulnerabilities as well as cyber security

Have your say: the global state of cyber security

Have your say: the global state of cyber security

The global survey offers cyber security professionals the opportunity to share their thoughts and the chance to win $1,000 in Amazon vouchers

The top XDR investment decisions for CISOs

The top XDR investment decisions for CISOs

This Cyber Security Hub report shows how CISOs' uses managed services and XDR to detect threat and prevention of cyber attacks.

The global state of the cyber security industry 2022

The global  state of the cyber security industry 2022

This exclusive report aims to keep cyber security professionals abreast of today’s threats and highlight the areas in which CISOs are allocating security budgets to mitigate the risks facing their org...

The top 20 cyber security movers and shakers 2022

Cyber Security Hub names its 20 cyber security movers and shakers 2022

Cyber Security Hub’s inaugural power list is live, profiling the achievements from cyber security leaders at Microsoft, Visa, Coca-Cola and Aston Martin

Have your say: Cyber Security Hub readership survey

Have your say: Cyber Security Hub readership survey

CS Hub is constantly looking to improve our content, take our survey to tell us how

CS Hub launches 20 cybersecurity leaders to watch

Top 20 Cyber Security Movers and Shakers

CS Hub's inaugural power list to highlight cyber security professionals who ahev been making strides in cyber security over the past 12 months

We want to hear your views on the state of cyber security today

We want to hear your views on the state of cyber security today

Help educate your fellow cyber security professionals on the biggest challenges facing the cyber world today by taking part in our mid-year survey

SaaS Security Survey Report 2022

SaaS security survey report 2022

Find out what steps CISOs are taking to ensure the growing SaaS app attack surface is secured

Top 10 cyber security blogs

Top 10 Cyber Security Blogs

Cyber Security Hub's recommended blogs to help keep you and your organization secure

Outpacing Compliance, Realizing Risk Management & Achieving Forward Posture 

case study network security

Anti-Financial Crime Exchange Europe 2024

September 19-20 Frankfurt, Germany

Anti-Financial Crime Exchange Europe 2024

Automotive Cyber Security Europe 2024

11 - 14 November 2024 Frankfurt, Germany

Automotive Cyber Security Europe 2024

Subscribe to our Free Newsletter

Insights from the world’s foremost thought leaders delivered to your inbox.

Latest Webinars

Preventing financial and reputational risk with process intelligence.

2024-05-23 11:00 AM - 12:00 PM EDT

Preventing financial and reputational risk with process intelligence

Building high-performing development teams: Harnessing tools, processes & AI

2024-05-02 11:00 AM - 12:00 PM EDT

Building high-performing development teams: Harnessing tools, processes & AI

Building cyber resilience

2024-04-24 11:30 AM - 12:30 PM SGT

Building cyber resilience


  • White Papers

Cyber Security Hub COMMUNITY

  • Advertise with us
  • Cookie Policy
  • User Agreement
  • Become a Contributor
  • All Access from CS Hub
  • Become a Member Today
  • Media Partners


Reach Cyber Security professionals through cost-effective marketing opportunities to deliver your message, position yourself as a thought leader, and introduce new products, techniques and strategies to the market.


Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.

iqpc logo

Cyber Security Hub, a division of IQPC

Careers With IQPC | Contact Us | About Us | Cookie Policy

Become a Member today!


Already an IQPC Community Member? Sign in Here or Forgot Password Sign up now and get FREE access to our extensive library of reports, infographics, whitepapers, webinars and online events from the world’s foremost thought leaders.

We respect your privacy, by clicking 'Subscribe' you will receive our e-newsletter, including information on Podcasts, Webinars, event discounts, online learning opportunities and agree to our User Agreement. You have the right to object. For further information on how we process and monitor your personal data click here . You can unsubscribe at any time.


  • Skip to content
  • Skip to search
  • Skip to footer


Create a threat-centric security strategy

As the severity and complexity of cyber threats grow, a pervasive, threat-centric security model is critical. Continuous protection before, during, and after attacks narrows the breach area and reduces business disruption. Deep visibility into threats across the entire network helps us keep Cisco's infrastructure, data, and users protected. 

Contact Cisco

  • Get a call from Sales

Call Sales:

  • 1-800-553-6387
  • US/CAN | 5am-5pm PT
  • Product / Technical Support
  • Training & Certification

Remote Work

Remote Work: Keeping It Secure - How Cisco scales our secure remote workforce

Every Cisco employee teleworks at least some of the time. So when the pandemic sent everyone home to work, we already had the technology, culture, and processes in place. The big changes were scaling our existing VPN and implementing split tunneling. This article explains our solution—a collaboration between Cisco IT and our Security and Trust Organization.

IT security stories

Network security

Network security

Better security means better business. We protect our users, data, and Cisco’s business with strong network-based security.

  • Cisco ACI + Firepower Threat Defense simplifies application security
  • Fighting Malware to the End: How We Tested and Deployed AMP for Endpoints
  • Migrating to Cisco’s Next-Generation Firewall for Core Security

Email and web security

Email and web security

We protect against dynamic, rapidly changing threats that affect email today. And our web security options integrate easily into our data centers, network, and branch offices.

  • Improving Security with Automated Email Analysis

Policy and access

Policy and access

Dynamically controlling network access helps us proactively secure the network across all devices and users.

  • Can We Trust Your Device? Checking Security Posture
  • Strengthening and Scaling Security with IoT Device Onboarding
  • Read all security stories

Meet the IT bloggers

Find out the latest news on what's happening in Cisco IT. Read more

GDPR versus flexible working & mobility

GDPR versus flexible working & mobility

60% of Generation Y is nowadays preferring mobile for work and personal use, and the demand for working from anywhere at any time is growing. The work environment is changing into a more flexible model.

Customer Zero for Next-Generation Firewall 6.3

Customer Zero for Next-Generation Firewall 6.3

In Cisco IT’s role as Customer Zero, we have been partnering with the security business group to test-drive the new Firepower 6.3 software. Our ultimate goal is to help improve the code before it is released to our customers.

Six ways to stay secure on a budget

Six ways to stay secure on a budget

Malware has evolved dramatically in the past 20 years – from malicious script kiddies, corporate and nation-state espionage, to a multimillion dollar industry. But where to start when there are so many options and you’re on a tight budget?

case study network security

Europe PMC requires Javascript to function effectively.

Either your web browser doesn't support Javascript or it is currently turned off. In the latter case, please turn on Javascript support in your web browser and reload this page.

Search life-sciences literature (44,109,272 articles, preprints and more)

  • Available from publisher site using DOI. A subscription may be required. Full text

Network Security: Case Study Analysis

Preprint from SSRN , 22 Nov 2022 https://doi.org/10.2139/ssrn.4217769   PPR: PPR603102 


Full text links .

Read article at publisher's site: https://doi.org/10.2139/ssrn.4217769

Europe PMC is part of the ELIXIR infrastructure

  • Artificial Intelligence
  • Generative AI
  • Cloud Computing
  • CPUs and Processors
  • Data Center
  • Edge Computing
  • Enterprise Storage
  • Virtualization
  • Internet of Things
  • Network Management Software
  • Network Security
  • Enterprise Buyer’s Guides
  • United States
  • Newsletters
  • Foundry Careers
  • Terms of Service
  • Privacy Policy
  • Cookie Policy
  • Copyright Notice
  • Member Preferences
  • About AdChoices
  • E-commerce Links
  • Your California Privacy Rights

Our Network

  • Computerworld


Cisco research highlights network complexity, security challenges

Cisco’s 2024 global networking trends report finds it leaders are besieged by rising cybersecurity risks, workload types, and distributed infrastructures..

Focused Indian male IT leader and female African American financial business leader discussing financial business project looking at tablet device standing in modern corporate office.

Today’s enterprises need more help managing and securing their distributed networking environments than they ever have, Cisco concludes in its Global Networking Trends Report . The research, released this week, analyzes the networking challenges, IT and business priorities, architectural maturity, and investment strategies of 2,052 IT professionals across 10 global industries.

“Network architectures are more sophisticated, more complex, and spread across more multi-clouds and multi-vendors than ever. IT leaders are also besieged by rising cybersecurity risks, increased demand from new app and workload types, and vastly distributed workforces and infrastructures,” wrote Jonathan Davidson, executive vice president and general manager of Cisco Networking, in a blog about the study. 

Managing and controlling such widely distributed systems are core challenges enterprise network customers face, Davidson stated.

One in five (21%) organizations surveyed are currently using multiple, separate management systems when managing their campus, branch, WAN, data center, and multicloud domains, according to the report, while 39% are leveraging a platform architecture across some networking domains. Using a centralized network platform to help handle new and future environments could resolve those problems, according to Cisco’s data.

Cisco defines a network platform as an integrated system that combines software, policy, and open APIs with an intuitive user interface, advanced telemetry, and automation . It provides a centralized operator experience, end-to-end network management, and an API-driven ecosystem that simplifies operations and enables digital experiences across one or more networking domains. According to the report:

“Adoption of the network platform is anticipated to increase, with nearly three-quarters (72%) of respondents expecting to leverage a platform architecture across one or more domains. Of those, 39% expect to scale the platform architecture across all networking domains, greatly simplifying network management and enabling a variety of business, operational, and technical benefits – from open API ecosystems to enhanced IT collaboration across functions, easier integrations, and a rich pool of data. Data aggregated from telemetry across network domains provides an enterprise-wide view that can be used to generate insights from AI analytics, enhancing performance, experience, security, cost efficiency, and sustainability.” 2024 Cisco Global Networking Trends Report

As networks scale to handle new applications in the data center and cloud, the threat landscape grows, Davidson stated. 

According to the report, 40% of IT leaders cite cybersecurity risks as their number one concern impacting network strategy over the next 12 months, and respondents said they were handling this challenge in a couple ways, according to Davidson: “First is integrating network and security processes, technology, and tools, with half of respondents making this their top network security investment over the next two years. Second, is moving more security tools to the cloud to protect the increasingly distributed infrastructure and workforce better.”

When asked about their top network security priorities for the next two years, 52% said the integration of network security into broader IT security functions was their top priority. To that end, 76% of those organizations plan to deploy a secure access service edge ( SASE ) architecture with integration of SD-WAN and security service edge ( SSE ) cloud security within the same timeframe, researchers stated.

In addition, 44% of respondents said that faster cybersecurity threat identification and response is the most important benefit expected from the convergence of networking and security technologies, processes, and tools.

“Sharing data and telemetry between networking and security domains was the second ranked benefit for 29% of respondents, followed by providing consistent, secure access to multicloud applications from anywhere for 27% of respondents,” the report stated.

Multicloud environments are prevalent, with 92% of organizations saying they have deployed two or more public cloud providers to host their workloads and 34% using more than four, according to last year’s networking trends report.

“However, each public cloud service provider, private data center, and hybrid cloud environment uses different network and security operational models. Organizations need to address the resulting management complexity with a strategy that enables better visibility and more consistent control of connectivity and security across disparate private and public cloud environments,” researchers stated.

Looking ahead to two years from now, 60% of companies expect to have an integrated multicloud networking and security management platform with common APIs for secure workload mobility, network and application visibility, and policy management, researchers stated. “Additionally, organizations on the leading edge of IT innovations plan to have AIOps-driven automation in place to optimize workload mobility with end-to-end visibility across multicloud, private cloud, and edge networks,” the report found.

On the AI front, there’s the potential for AI to relieve IT teams that lack enough operational support. “The promise of AI is the needed reprieve for IT organizations struggling with a lack of resources and automation to handle basic operational tasks,” Davidson stated. “Only 5% of respondents believe their teams are equipped to deliver the innovations needed to help steer business strategy, satisfy customers, and optimize operations.”

Within two years, 60% of respondents expect AI-enabled predictive automation across all domains to manage and simplify network operations.

Data center upgrades are on tap to enable greater throughput and scalability required for AI workloads; 56% of respondents are planning to deploy Enhanced Ethernet, for example, and 59% of respondents plan to simplify their data center network operations with AIOps within two years, the report stated.

Some other interesting study findings include:

  • Today, 32% of organizations said InfiniBand is currently the technology of choice to connect high performance workloads. In two years, 56% said they will deploy a next generation enhanced Ethernet network to support AI workloads.
  • Today, 42% of organizations said sustainability is the top area where the network can drive digital business success. In two years, 55% feel IT will be leading their organizations’ sustainability strategy, and they expect network protocol-driven sustainability initiatives like selective powering and the use of low power modes to positively impact sustainability goals.
  • Today, 32% of respondents said they don’t have visibility into their IT-related energy consumption or emissions data. But in two-years, 60% expect network-driven energy management solutions to have a significant, positive impact on sustainability strategy.

Related content

Regulators sound out users on cloud services competition concerns, backgrounding and foregrounding processes in the linux terminal, fcc proposes $6m fine for ai-generated robocall spoofing biden’s voice, ibm brings ai assistant to mainframe, promises linux version, newsletter promo module test.


Michael Cooney is a Senior Editor with Network World who has written about the IT world for more than 25 years. He can be reached at [email protected] .

More from this author

Kyndryl emphasizes genai with nvidia partnership, mainframe modernization tools, cisco, nutanix strengthen joint hci package, most popular authors.

case study network security

Show me more

Open ran and hashicorp are making us rethink openness.


Complexity snarls multicloud network management


2024 network outage report and internet health check


Has the hype around ‘Internet of Things’ paid off? | Ep. 145


Episode 1: Understanding Cisco’s Converged SDN Transport


Episode 2: Pluggable Optics and the Internet for the Future


Has the hype around ‘Internet of Things’ paid off?


Are unused IPv4 addresses a secret gold mine?


Preparing for a 6G wireless world: Exciting changes coming to the wireless industry


Top 5 NGFW Use Cases with Case Studies in 2024

case study network security

Cem is the principal analyst at AIMultiple since 2017. AIMultiple informs hundreds of thousands of businesses (as per Similarweb) including 60% of Fortune 500 every month.

Cem's work focuses on how enterprises can leverage new technologies in AI, automation, cybersecurity(including network security, application security), data collection including web data collection and process intelligence.

case study network security

The market for next generation firewalls (NGFWs) is rapidly expanding, with an anticipated compound annual growth rate of ~11% between 2023 and 2028, increasing from $5 billion to $8.6 billion. 1 As organizations seek advanced security solutions to combat evolving cyber threats, NGFWs are becoming essential.                                            

This article examines the top 5 NGFW use cases, highlighting their critical role in modern network security and providing some case studies.

If you are looking for cost effective NGFW solutions, you may read open source NGFW .

Top 5 NGFW use cases and case studies

This image summarizes NGFW use cases and case

NGFWs’ ability to offer application awareness and granular controls allows companies to manage complex threats, network traffic and network architecture, and also enable application control and URL filtering.

1. Security threat detection and response

Unlike a traditional firewall, which relies mainly on stateful inspection, a next generation firewall incorporates integrated intrusion prevention systems (IPS) and advanced malware protection. This combination allows NGFWs to inspect network traffic using deep packet inspection firewalls to identify and block malicious traffic. Threat intelligence feeds enhance the capability to detect unknown threats, ensuring organizations can protect their networks from complex threats.

1.1. Software as a service (SaaS) security

Next Generation Firewalls (NGFWs) significantly enhance SaaS security by

  • providing granular application control, advanced threat detection, and data protection
  • enforcing strict access policies to ensure that only authorized users can access specific SaaS applications.
  • integrating identity awareness and centralized management, NGFWs monitor and secure data flow, preventing unauthorized access and data breaches
  • utilizing deep packet inspection (DPI) and threat intelligence feeds, NGFWs safeguard against advanced malware and zero-day threats

1.2. Internet of Things (IoT) security

NGFWs secure IoT devices by

  • offering device identification, traffic analysis, and intrusion prevention capabilities
  • enabling the segmentation of IoT devices into secure zones to reduce the attack surface and limit access to critical network resources
  • monitoring network traffic and detecting anomalies, NGFWs provide early threat detection and prevent malicious activities targeting IoT devices
  • Enforcing security policies and secure communication protocols, NGFWs ensure the integrity and confidentiality of data transmitted by IoT devices

ENT Credit Union case studies on security threat detection and response

ENT Credit Union, a financial services company, provides an example of the capabilities of a next generation firewall in network security by detecting and responding to advanced threats. With over $5.7 billion in assets and 355,000 members, ENT needed improved visibility into east-west traffic to detect anomalies and potential attackers.

By deploying Check Point Quantum NGFW, ENT gained advanced threat detection capabilities, including zero-day attack protection and integrated SSL encryption. This solution provided greater visibility into network traffic, accelerated threat detection and remediation, and increased operational efficiency, ensuring the protection of their members’ information. 2

Beaumont Legal case studies on security threat detection and response

Beaumont Legal, a UK law firm specializing in financial services, needed to protect clients’ financial information and comply with industry cybersecurity standards. By deploying Forcepoint NGFW, the firm achieved over 99.99% network uptime and internet availability, improving visibility and control over network activity. This setup ensured regulatory compliance, enhanced threat detection, and supported more billable hours, thereby increasing business opportunities. 3

2. Network visibility

NGFWs provide full visibility into network traffic, surpassing the limitations of traditional firewalls. They analyze network packets and offer insights into various traffic types, from data center operations to web applications. This visibility extends to remote users and virtual machines, ensuring comprehensive monitoring and control.

Bausch Health on case study on network visibility

Bausch Health, a medical manufacturing company, needed advanced threat prevention and real-time visibility into network activity. Cisco NGFW components, including IPS, anti-malware, and URL filtering, were tuned to maximize visibility and protection across all locations. By deploying Cisco Firepower NGFWs, Bausch achieved increased throughput capability, robust feature sets for device management, and enhanced visibility into threats. 4

3. URL filtering

Next generation firewalls incorporate URL filtering to enhance security compliance and content filtering. By inspecting internet protocol (IP) addresses and web traffic, NGFWs can block access to malicious or inappropriate websites. This capability is crucial for protecting users from malware attacks and maintaining a secure network perimeter. URL filtering also supports secure SD-WAN deployments by ensuring that only legitimate web traffic reaches the network.

Burger King case study on URL filtering 

Facing the end of life for its existing WAN appliances, Burger King deployed Forcepoint NGFWs to manage over 1,000 network points centrally. This deployment included URL filtering to block connections to malicious websites, enhancing network security. The centralized management and URL filtering capabilities ensured secure connectivity from restaurants to headquarters, reduced downtime, and provided significant cost savings on operational and capital expenditures. 5

4. Application control

Next Generation Firewalls provide robust application control, enabling organizations to manage and regulate the use of web applications. NGFWs with application awareness can identify and control specific applications within the network traffic, ensuring that only authorized applications are used. Unlike traditional firewalls, which primarily focus on IP addresses and port numbers, NGFWs can identify and manage applications regardless of the port, protocol, or encryption used.

Next generation firewall for application control is essential for protecting the network perimeter, especially in environments with remote users and virtual machines accessing corporate resources. This application control enables organizations to enforce policies based on the specific application, user, and context. This level of control helps in mitigating risks associated with shadow IT and unauthorized application use.

Stefanini case study on application control

Stefanini, a provider of innovative IT solutions, relies on innovative technology and strong partnerships to enhance competitiveness and protect intellectual property and client data. To protect brand value and reputation and defend against next-generation threats, Stefanini deployed Check Point NGFWs. These firewalls provide advanced protection for the network perimeter and internal networks, enabling application control, advanced identity awareness, and granular policy definitions. 6

5. Network architecture optimization

NGFWs contribute to improved network efficiency by managing and prioritizing traffic types based on security policies. This ensures that critical services and applications receive the necessary bandwidth and protection, enhancing overall network performance.

VR Group case studies on network architecture

To ensure secure, high-speed connectivity for trains moving at over 200 km/h, VR Group adopted Forcepoint NGFWs with a cloud-based, zero-touch deployment. This approach allowed remote configuration of firewalls for each train, reducing overhead costs and enhancing reliability through load balancing across three mobile operators. The NGFWs also provided high bandwidth and real-time data collection, optimizing network performance and improving customer scheduling updates. 7

Max Planck Society case studies on network architecture

Max Planck Society, a research institution, was faced with a lack of centralized management for its existing firewall. The institution adopted Forcepoint NGFW after a collaborative review by IT administrators from participating institutes. The deployment streamlined the security of traffic across four research institutions, offering centralized management and comprehensive functionality. This implementation successfully blocked millions of IP addresses and thousands of malicious web addresses weekly, reduced planned downtime, and provided substantial cost savings and improved uptime. 8

What is a next-generation firewall?

A next generation firewall is a component of the third generation of firewall technology. It combines the capabilities of a conventional firewall with advanced network device filtering functions, such as an application firewall utilizing in-line deep packet inspection (DPI) and an intrusion prevention system (IPS). If you want to learn more about NGFWs, read to learn NGFW features .

What are the challenges of NGFWs?

NGFWs have challenges such as increased complexity, configuration difficulties, and potential performance bottlenecks. To address these issues, organizations need skilled professionals to manage and optimize NGFWs while staying updated on cybersecurity trends and best practices, ensuring a robust and secure network infrastructure.

What are the differences between traditional firewalls and NGFWs?

Traditional firewalls use port/protocol inspection and blocking at Layers 2 and 4 of the OSI model, which was effective for simpler networks. However, with the complexity of modern cloud-based networks and advanced cyber threats, this approach is no longer sufficient. Next-generation firewalls (NGFWs) filter packets based on applications at Layer 7, offering more precise and effective threat detection. They incorporate external threat intelligence and perform deep-packet inspection, integrating application-level inspection and intrusion prevention. This dynamic and adaptive methodology allows NGFWs to defend against modern threats more effectively than traditional firewalls.

Further Reading

  • Analysis of Top 4 Open Source NGFW Based on Features
  • UTM vs NGFW: Which One to Choose?
  • Top 8 Next-Generation Firewall (NGFW) Features

External Links

  • 1. Next-generation Firewall Market . MARKETSANDMARKETS. Accessed: 21/May/2024.
  • 2. For complete view of network traffic, ENT Credit Union Gains East-West Network Traffic Visibility with Check Point Next Generation Firewalls . Check Point. Accessed: 21/May/2024.
  • 3. Beaumont Legal Relies on Forcepoint to Safeguard Its Clients While They Purchase Their Dream Homes. Force Point. Accessed: 20/May/2024.
  • 4. Bausch Health Case Study Firewall Deployment . Tesrex. Accessed: 20/May/2024.
  • 5. Burger King Scales SD-WAN for Hundreds of Restaurants . Force Point. Accessed: 20/May/2024.
  • 6. Burger King Scales SD-WAN for Hundreds of Restaurants . Force Point. Accessed: 20/May/2024.
  • 7. VR Group Delivers a Reliable Network Aboard High-Speed Trains . Force Point. Accessed: 21/May/2024.
  • 8. GNZ Securely Powers Research at Max Planck Society Institutes . Force Point. Accessed: 21/May/2024.

case study network security

Cem's work has been cited by leading global publications including Business Insider, Forbes, Washington Post, global firms like Deloitte, HPE, NGOs like World Economic Forum and supranational organizations like European Commission. You can see more reputable companies and media that referenced AIMultiple.

Cem's hands-on enterprise software experience contributes to the insights that he generates. He oversees AIMultiple benchmarks in dynamic application security testing (DAST), data loss prevention (DLP), email marketing and web data collection. Other AIMultiple industry analysts and tech team support Cem in designing, running and evaluating benchmarks.

Throughout his career, Cem served as a tech consultant, tech buyer and tech entrepreneur. He advised enterprises on their technology decisions at McKinsey & Company and Altman Solon for more than a decade. He also published a McKinsey report on digitalization.

He led technology strategy and procurement of a telco while reporting to the CEO. He has also led commercial growth of deep tech company Hypatos that reached a 7 digit annual recurring revenue and a 9 digit valuation from 0 within 2 years. Cem's work in Hypatos was covered by leading technology publications like TechCrunch and Business Insider.

Cem regularly speaks at international technology conferences. He graduated from Bogazici University as a computer engineer and holds an MBA from Columbia Business School.

AIMultiple.com Traffic Analytics, Ranking & Audience , Similarweb. Why Microsoft, IBM, and Google Are Ramping up Efforts on AI Ethics , Business Insider. Microsoft invests $1 billion in OpenAI to pursue artificial intelligence that’s smarter than we are , Washington Post. Data management barriers to AI success , Deloitte. Empowering AI Leadership: AI C-Suite Toolkit , World Economic Forum. Science, Research and Innovation Performance of the EU , European Commission. Public-sector digitization: The trillion-dollar challenge , McKinsey & Company. Hypatos gets $11.8M for a deep learning approach to document processing , TechCrunch. We got an exclusive look at the pitch deck AI startup Hypatos used to raise $11 million , Business Insider.

To stay up-to-date on B2B tech & accelerate your enterprise:

Next to Read

Chatbot in uae: top 4 vendors & use cases in 2024, 20 ap automation case studies: analysis of benefits & use cases, sap process mining: top 3 use cases & case studies in 2024.

Your email address will not be published. All fields are required.

Related research

Top 7 Firewall Configuration Software in '24: Analysis of Features

Top 7 Firewall Configuration Software in '24: Analysis of Features

Quantum Sensors in '24: Best 8 Use Cases & Case Studies

Quantum Sensors in '24: Best 8 Use Cases & Case Studies

  • Security News
  • Vulnerabilities & Exploits
  • Kong API Gateway Misconfigurations: An API Gateway Security Case Study

by Alfredo Oliveira and David Fiser

In this article, we continue our journey through the security issues of the API Gateway landscape. Our new research focuses on another popular API gateway — Kong .

The API gateway consists of three main components: the gateway itself, the database, and the administration API. Kong allows running an API gateway without a database, which means that the configuration is directly accessed from memory. However, running Kong without a database pr ohibits the use of certain features.

The Kong API Gateway is available in two versions, namely community and enterprise. Kong’s default database engine is PostgreSQL , and in its earlier version, Cassandra . Additional data stores, such as Redis, can be used for caching using community plug-ins . Security-wise, the community version lacks encryption and vault support compared to the enterprise version.

Figure 1. API gateway architecture example

Like the APISIX, t he Kong API Gateway is also built on NGINX .

Figure 2. API request chain within Kong deployment

We highlight the architecture here to emphasize the fact that the system is only as secure as its weakest part. Any vulnerability or misconfiguration in any of these components could lead to information disclosure, API gateway compromise, back-end compromise, or a supply-chain attack, putting the whole organization at risk.

The Kong API Gateway allows deployment in multiple environments. Each deployment affects the security based on its application components and configuration. This is applicable regardless of where the API gateway is deployed — whether on-premises, entirely in the cloud, or in a hybrid cloud. Users must ensure that only authorized entities can access crucial security components — the Administration API and the database.

Securing the Kong API Gateway administration API must be a top priority as access to this component allows users to read gateway configuration in plain text and modify the configuration in various ways, such as adding routes or tampering with the authorization mechanism. Exposing the administration API to the public or even within a local network puts back-end services at risk.

Unauthorized visitors can usually access protected routes, and information obtained from the gateway configuration could be abused. For instance, malicious actors could harvest user credentials, which can be used and reused to gain access to services. Such leakage allows threat actors to impersonate API gateway users successfully.

Unfortunately, we can still observe some publicly exposed Kong administration API instances that are open to the internet, as shown by the Shodan search engine.

 Figure 3. Global distribution of publicly exposed Kong API gateways

The first indexations started in late 2021, and from then we have observed a rising trend in the number of exposed gateways.

Figure 4. Publicly exposed Kong API gateways by time

It should be noted that not all exposed gateways necessarily represent actual Kong API deployment, as some might be honeypots. Following our analysis, we noticed an unsafe deployment pattern consisting of multiple misconfigurations used within the cloud deployments.

Figure 5. Example of exposed admin API showing OpenID Connect configuration

The Kong API Gateway runs inside a container with the administration API listening on port 8001 or 8443 for SSL. This port is then forwarded to the host, or the container shares the same network. Lastly, the absence of firewall rules on cloud instances leaves an open door for everyone.

In the following sections, we look further into common misconfigurations.

Misconfiguration No. 1: Forwarding the Admin API

In more secure deployments, the admin API should be assigned to a localhost only, not forwarding administration ports nor sharing the network with the host.

Gateway administrators can set a new route as mitigation, requiring credentials for access. The route can point to the administration API, making it accessible outside a container. Similarly, with the enterprise version of API gateway, role-based access control (RBAC) that requires token authentication can be used.

Analyzing this misconfiguration, we can see that we can easily follow this scenario by using default configurations or examples found within container image repositories.

The Kong API Gateway listens on the local network interface only by default. However, the example listed on the Docker Hub image repository (seen in Figure 7) listens on all network interfaces, overriding the default protection and using weak passwords bypassing environment variables.

We can see the danger of copy-pasting without additional security thinking. We also note settings posing security risks when a database endpoint becomes available due to misconfiguration or adjacent system compromise. This provides a simple avenue to access confidential data, similar to scenarios where no credentials were used.

Kong's  documentation   provides detailed instructions on securing the Admin API.

Figure 7. Docker hub official image example exposing port admin 8001 and 8444

Misconfiguration No. 2: Missing firewall rules and exposing the whole computing instance to the public

Imagine an IP address as a door. Having a public door means that anyone — even intruders — can have access to it at any time. It goes without saying that to promote safety, steps such as locking the door and providing keys to only trusted people are a must.

Similarly, make sure that only authorized entities can access your cloud instance. Limiting access to exposed ports only for specific IP addresses or subnets, together with an authentication mechanism, helps mitigate this scenario.

In addition, take extra care in deployments where the applications are accessed with persons using dynamic IP addresses. Instead, use additional access vectors such as virtual private networks (VPNs).

API gateway security concern: Confidential information/secrets storage issues

Usually, accessing protected resources such as administration planes, API back ends, and serverless endpoints requires an authentication mechanism.

One of the API gateway's use cases is simplifying the authentication using an organizational identity provider issuing valid tokens accepted by the API gateway, which then forwards a request to the protected resource using a pre-saved secret. The configuration affects the way the secrets are stored, as they might be saved in the memory of the deployed application or inside the database.

Securing these secrets is thus crucial in overall system security , and there are several steps that can help with this . First, the data store should be accessible only from the API gateway. Credentials for accessing the database shouldn't be easy to guess or copied from default configurations and examples. Gateway administrators should apply TLS as protection to prevent network sniffing in on-premises deployments.

In scenarios where it is unnecessary to forward a secret — for instance, when configuring API key or token access on gateway routes — confidential information shouldn't be stored in only plain text or encrypted plain text, as this makes it possible to recover the secret upon leakage. Instead, hashing mechanisms and salting should be applied, making it almost impossible to recover the original secret upon database leakage. Encryption or external vault storage should be used in scenarios when it is not applicable.

Kong API Gateway stores every secret in the database as plain text by default. Specific plug-ins support additional encryption only when using the enterprise version with a configured keyring. During our research, we discovered that only specific plug-ins support the encryption of sensitive information, and users should be extra careful, especially when using third-party plug-ins.

Figure 8. Example of API key for Azure Functions saved in plain-text database

Encryption support can be verified by checking the encrypted parameter within the plug-in's source code if the source code is available or manually by querying the database when encryption is used.

Figure 9. Encryption and vault support inside Kong API gateway plugins

The encryption is available only in the enterprise version of the Kong API Gateway, leaving the community version secrets stored in plain text. The default key-auth plug-in does not support encryption even in the enterprise version, and the key-auth-sec plug-in should be used instead.  

Consequently, the API Key authentication plug-ins store the secret instead of hashing, which contradicts the basic-auth plug-in, in which hashing is implemented.

Cases where API keys are stored in plain text and used for authentication on the gateway only and not forwarded to the back ends should be classified as a vulnerability .

Delegating the storage of secrets to solutions specially designed for that purpose is the best practice. Vaults can provide the benefits of single secret storage using a safe mechanism, making rotating it easy.

Previously, Kong listed environment variables as a vault (as seen in Figure 10). After sharing our findings with them, this has been changed.

Figure 10. The environmental variables are a vault, though this has been changed.

However, it shows the misconception in the vault terminology presented within official documentation, as environmental variables do not comply with the vault definition. We explained why storing secrets within environmental variables is a bad practice in our previous article .

Figure 11: Updated documentation with correct vault definition

Similar to encryption support, not every plug-in supports a vault for storing sensitive information, as a referenceable argument must be set to true in the plug-in source code. Only the enterprise version of the API gateway supports external vaults.

Plug-ins provide additional functionality the community demands, often providing security challenges and bringing vulnerabilities. As most of the functionality of the Kong API gateway is provided by plug-ins, it makes it a serious concern in terms of security. In previous paragraphs, we described plug-ins that might miss encryption or vault support when required attributes are missing within the schema definition.

Figure 12. Example of missing vault and encryption support of key-auth plugin

Whenever a user inputs data or code, it should be considered a security risk, including plug-ins. For example, request- or response-modifying policies potentially lead to a denial of service (DoS) or worse, remote code execution (RCE).

Kong API Gateway also supports "serverless" code execution; in the Kong language, the administrator could configure the gateway to execute a custom Lua code upon processing a request using the serverless plug-in. The good news for security is the code is run inside a Lua sandbox by default.

However, the user can still bring an issue when the configuration is altered, the sandbox is disabled, or dangerous imports are allowed within the configuration file.

These misconfigurations might allow vulnerable or malicious execution on the Kong API Gateway. The threat actors will get complete control of the API gateway consequently, leaking all the secrets, eventually leading to a successful supply chain attack and putting the whole organization at risk.

Users should also be careful with an older gateway version that might be allowing sandbox escapes. We suggest turning off the functionality when not explicitly needed and using the up-to-date version of the Kong API Gateway.

Figure 13. Example of possible RCE when untrusted Lua is enabled

Accessing APIs and web applications in general are tightly linked with authentication and authorization. OAUTH 2.0 and Open ID Connect have become industry standards, and their support has been implemented in API gateways. Correct implementations of these flows are crucial elements of API security.

In that regard, Kong API Gateway supports issuing its tokens to third parties and using the third-party OAUTH 2.0 mechanism as an authorization mechanism for routed resources.

Security-wise, API gateway administrators should validate that a secure configuration is applied, avoiding redirection attacks and allowing only trusted identity providers (IdPs).

Failing in those elements might lead to successful user impersonation and unauthorized access, which could be hardly detectable. Issued tokens and authorization flow settings are saved within the database or in memory configuration; failing to secure the administration API or database could lead to the same consequences.

Technologies and their adoptions are double-edged swords; while they provide benefits, they also often inadvertently bring new security challenges. Tools that a ggregate access into multiple different environments, such as API gateways, pose a security risk for all these environments upon breach.

Users should be aware of all security implications and product security features before choosing their solution, as security often comes at a cost and might not be perfectly implemented. Aggregating multiple secrets under a single user or namespace brings security risks, whether inside the API gateway or vault, and we should evaluate these risks by modeling threat scenarios to design more secure architecture and guidelines.

Like it? Add this infographic to your site: 1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.

Related Posts

  • Open RAN: Attack of the xApps
  • Calibrating Expansion: 2023 Annual Cybersecurity Report
  • Building Resilience: 2024 Security Predictions for the Cloud
  • Threat Modeling API Gateways: A New Target for Threat Actors?
  • Rising Security Weaknesses in the Automotive Industry and What It Can Do on the Road Ahead

Recent Posts

  • Navigating the Threat Landscape for Cloud-Based GPUs
  • Email Threat Landscape Report: Protecting Your Organization From Increased Malware, BEC, and Credential Phishing Attacks
  • Back to the Hype: An Update on How Cybercriminals Are Using GenAI
  • Ransomware Spotlight: LockBit

We Recommend

  • Internet of Things
  • Virtualization & Cloud
  • Security Technology

case study network security

  • Addressing CAPTCHA-Evading Phishing Threats With Behavior-Based AI Protection
  • A Deep Dive into the Packet Reflection Vulnerability Allowing Attackers to Plague Private 5G Networks

Kong API Gateway

  • Observability Exposed: Exploring Risks in Cloud-Native Metrics

Phobos Emerges as a Formidable Threat in Q1 2024, LockBit Stays in the Top Spot: Ransomware in Q1 2024

  • Rise in Active RaaS Groups Parallel Growing Victim Counts: Ransomware in 2H 2023


  • Post-Quantum Cryptography: Quantum Computing Attacks on Classical Cryptography
  • Diving Deep Into Quantum Computing: Computing With Quantum Mechanics


  1. (PDF) A Wireless Network Performance and Security Case Study

    case study network security

  2. Day 48 Network Security Case Study

    case study network security

  3. Case Study Network Protection

    case study network security

  4. Data network & security (case study)

    case study network security

  5. Case Studies: Cyber Security Protects Sensitive Data

    case study network security

  6. Mapa mental da estrutura de segurança cibernética

    case study network security


  1. Skype Case study/Network Virtualization/Overlay Network/Lecture 17/Malayalam

  2. CSUN Layer 8 Network Security Package

  3. Network Marketing Case Study with Michelle Cunningham

  4. Network Security Part#3 What is Network Security and goals of Network Security in Pashto by Abdullah

  5. Porter's 5 forces

  6. Process after I-20 || International Study Network


  1. Small Business Cybersecurity Case Study Series

    The following Case Studies were created by the National Cyber Security Alliance, with a grant from NIST, and should prove useful in stimulating ongoing learning for all business owners and their employees. Case 1: A Business Trip to South America Goes South Topic: ATM Skimming and Bank Fraud; Case 2: A Construction Company Gets Hammered by a ...

  2. Cybersecurity Case Studies and Real-World Examples

    The world of cybersecurity is a battlefield where the landscape is ever-changing, and the adversaries are relentless. Real-world case studies serve as poignant reminders of the importance of proactive cybersecurity measures. As organizations adapt to emerging technologies, such as cloud computing, IoT, and AI, the need for robust cybersecurity ...

  3. (PDF) Network Security: Case Study Analysis

    Network Security: Case Study Analysis. January 2022. SSRN Electronic Journal. DOI: 10.2139/ssrn.4217769. Authors: Chamoth Madushan Jayasekara. University of Plymouth. Citations (1) Content ...

  4. PDF A Case Study of the Capital One Data Breach

    2. Technical assessment of the main regulations related to the case study; 3. Answer to the question: Why were the regulations insufficient to protect the data and what are the recommendations for an effective protection? 4. Recommendations for regulatory agencies, organizations, and entities. 3.1. Technical Criteria for Selection of the Case Study

  5. Case Studies (Cyber)

    K-8 students learn cybersecurity through gamification. Security Staff. October 24, 2022. K-8 students can learn cybersecurity techniques through a gamified education platform called Cyber Legends. Learn more in this case study.

  6. Cyber Security Case Studies

    Validate your cyber defenses against real-world threats. Kroll's world-class penetration testing services bring together front-line threat intelligence, thousands of hours of cyber security assessments completed each year and a team of certified cyber experts — the foundation for our sophisticated and scalable approach.

  7. Network Security: Case Study Analysis by GPDCM Jayasekara :: SSRN

    To provide a course of study leading to an understanding of the theory and practical issues that are involved with securing computer networks; and an understanding of key security techniques employed within personal and professional computer networks. XYZ Enterprises is one of the leading groups of companies in Sri Lanka.

  8. (PDF) Network Security: A Case Study

    View PDF. Network Security: A Case Study Susan J. Lincke Computer Science Department University of Wisconsin-Parkside Kenosha, WI [email protected] Abstract This paper reviews 3 case studies related to network security. The first two exercises deal with security planning, including classifying data and allocating controls.

  9. Case Study: A Review of Security Challenges, Attacks and ...

    The objective of the case study was to present a review of various attacks and strategies used in overcoming the attacks. It discusses the security measures that can be implemented to detect the fraudulent nodes through trust and reputation models. Finally, comparative analysis is shown for the trust models discussed in the case study.

  10. Customer Stories

    University of Copenhagen raises the bar: a network infrastructure that's secure, agile, and invisible based on Cisco DNA. EMEA. Secure Network Analytics, Identity Services Engine (ISE), Digital Network Architecture (DNA), Software-Defined Access (SDA), Advanced Services, Catalyst 9000, Digital Network Architecture (DNA) Education.

  11. Network and Security Operations Convergence: A Mini-Case Study

    AccelOps covers security, availability, performance and change management of the infrastructure, thereby giving us our NOC and SOC convergence. AccelOps itself is a virtual appliance application ...

  12. Towards automated cyber decision support: A case study on network

    Network segmentation is a security measure that partitions a network into sections or segments to restrict the movement of a cyber attacker and make it difficult for her to gain access to valuable network resources. This threat-mitigating practice has been recommended by several information security agencies. While it is clear that segmentation is a critical defensive mitigation against cyber ...

  13. Network Security Case Studies: How to Apply Standards

    1. Assess your network risks. Be the first to add your personal experience. 2. Choose your network security standards. Be the first to add your personal experience. 3. Implement your network ...

  14. Case Studies > Network Security First-Step: Firewalls

    A DMZ is another layer of security and defense for your network, as shown in Figure 7-4. Figure 7-4 Firewall Deployment with Web Server in a DMZ. Cisco lists a variety of configuration settings when viewing their devices' configuration files. Example 7-2 shows several configuration files for clarity purposes.

  15. PDF Network Security: A Case Study

    Three case study exercises are useful in providing students a foundation in network security. All three each include a PowerPoint lecture and active-learning exercise, which serves as the case study. Three case studies related to networking include: Designing Information Security: Classifies information by confidentiality and criticality.

  16. Security in Wireless Networks: Analysis of Wi-Fi Security and Attack

    The purpose of this paper is to find and analyze the preventive measures of wireless network security threats by studying and analyzing the network attack behaviors related to Wi-Fi to improve the security of the wireless network. The research methods of this paper are case study and report. First, a correct understanding of the enormous impact ...

  17. Case Studies

    Cyber Security Hub aims to produce case studies routinely, in which the site's editorial staff chats with leading security executives about recent initiatives (with ROI and measurable results). ... Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles ...

  18. Siemens Cybersecurity Case Study

    Siemens Handles 60,000 Cyber Threats per Second Using AWS Machine Learning. Siemens, the 170-year-old global technology leader, must keep a close eye on the ever-evolving landscape of cybercrime. The charter of the Siemens Cyber Defense Center (CDC) is to protect Siemens and its customers from viruses, malware, intellectual property theft, and ...

  19. Security IT Case Studies

    As the severity and complexity of cyber threats grow, a pervasive, threat-centric security model is critical. Continuous protection before, during, and after attacks narrows the breach area and reduces business disruption. Deep visibility into threats across the entire network helps us keep Cisco's infrastructure, data, and users protected.

  20. A Wireless Network Performance and Security Case Study

    As shown in this case study, the wireless security in the target network is extremely weak. The solution would be to use WPA, which is the advanced encryption scheme superseding WEP.

  21. (PDF) Network Security: Case Study Analysis

    2. NETWORK SECUIRTY. Ca se Overview. To provide a course of study leading to an understanding of the theory and practical issues that are involved. with securing computer networks; and an ...

  22. PDF Network Security Case Study.

    Network Security Case Study. Upgrading to an Enterprise Antivirus solution. How we improved our clients Network Security and ... lacked knowledge and awareness of the latest network security threats, a fact that is backed by the number of malware/virus related support tickets that were logged with the previous IT

  23. Network Security: Case Study Analysis

    Following key functionality and task to be consider in establishing the security infrastructure. 1. Customers, distributers, dealers, remote employees should be able to seek following through online (web/mobile) systems. • Certificate verification to identify legitimate business entities. • People can purchase Cloud and Data Centre facilities.

  24. Cisco research highlights network complexity, security challenges

    The research, released this week, analyzes the networking challenges, IT and business priorities, architectural maturity, and investment strategies of 2,052 IT professionals across 10 global ...

  25. Top 5 NGFW Use Cases with Case Studies in 2024

    Top 5 NGFW use cases and case studies. NGFWs' ability to offer application awareness and granular controls allows companies to manage complex threats, network traffic and network architecture, and also enable application control and URL filtering. 1. Security threat detection and response. Unlike a traditional firewall, which relies mainly on ...

  26. Kong API Gateway Misconfigurations: An API Gateway Security Case Study

    Misconfiguration No. 1: Forwarding the Admin API. In more secure deployments, the admin API should be assigned to a localhost only, not forwarding administration ports nor sharing the network with the host. Gateway administrators can set a new route as mitigation, requiring credentials for access.

  27. Case Study: Building Security Skills in Software Engineering Teams

    Summary. Software engineering teams are often dependent on security teams for security expertise, leading to bottlenecks and delays. Software engineering leaders at Siemens Healthineers identify and upskill suitable team members to become security champions and handle security tasks for their teams.

  28. Case Study

    Key highlights of the bug fix are as below : DAILY STATUS REPORT This Network security assessment consumed around 1-4 weeks of time including retest. During the process of Network security assessment, issues like False positives and many others were identified. Then we shared all the identified issues with corre- sponding recommendation Fix ...

  29. Situ-Oracle: A Learning-Based Situation Analysis Framework for ...

    The decentralized nature of blockchain enables data traceability, transparency, and immutability as complementary security features to the existing Internet of Things (IoT) systems. These Blockchain-based IoT (BIoT) systems aim to mitigate security risks such as malicious control, data leakage, and dishonesty often found in traditional cloud-based, vendor-specific IoT networks. As we steadily ...

  30. Computer security

    An example of a physical security measure: a metal lock on the back of a personal computer to prevent hardware tampering. Computer security, cybersecurity, digital security, or information technology security (IT security) is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware ...