Title page for ETD etd-10122006-155850


Document Type Master's Dissertation
Author Abdullah, Hanifa
URN etd-10122006-155850
Document Title A risk analysis and risk management methodology for mitigating wireless local area networks (WLANs) intrusion security risks
Degree MSc (Computer Science)
Department Computer Science
Supervisor
Advisor Name Title
Prof J H P Eloff Committee Chair
Keywords
  • OODA cycle
  • risk
  • risk analysis
  • risk management
  • OCTAVE
  • risk assessment
  • wireless intrusion detection system
  • wireless local area networks (WLANs)
Date 2006-09-05
Availability unrestricted
Abstract

Every environment is susceptible to risks and Wireless Local Area Networks (WLANs) based on the Institute of Electrical and Electronics Engineers (IEEE) 802.11 standard are no exception. The most apparent risk of WLANs is the ease with which itinerant intruders obtain illicit entry into these networks. These intrusion security risks must therefore be addressed which means that information security risk analysis and risk management need to be considered as integral elements of the organisationís business plan.

A well-established qualitative risk analysis and risk management methodology, the Operationally Critical Threat Asset and Vulnerability Evaluation (OCTAVE) is selected for conducting the WLAN intrusion security risk analysis and risk management process. However, the OCTAVE risk analysis methodology is beset with a number of problems that could hamper a successful WLAN intrusion security risk analysis. The ultimate deliverable of this qualitative risk analysis methodology is the creation of an organisation-wide protection strategy and risk mitigation plan. Achieving this end using the OCTAVE risk analysis methodology requires an inordinate amount of time, ranging from months to years. Since WLANs are persistently under attack, there is a dire need for an expeditious risk analysis methodology. Furthermore, the OCTAVE risk analysis methodology stipulates the identification of assets and corresponding threat scenarios via a brainstorming session, which may be beyond the scope of a person who is not proficient in information security issues.

This research was therefore inspired by the pivotal need for a risk analysis and risk management methodology to address WLAN intrusion attacks and the resulting risks they pose to the confidentiality, integrity and availability of information processed by these networks.

Copyright © 2006, University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria

Please cite as follows:

Abdullah, H, 2006, A risk analysis and risk management methodology for mitigating wireless local area networks (WLANs) intrusion security risks , MSc(Computer Science) dissertation, University of Pretoria, Pretoria, viewed yymmdd < http://upetd.up.ac.za/thesis/available/etd-10122006-155850/>

E6/2006/gm
Files
  Filename       Size       Approximate Download Time (Hours:Minutes:Seconds) 
 
 28.8 Modem   56K Modem   ISDN (64 Kb)   ISDN (128 Kb)   Higher-speed Access 
  dissertation.pdf 4.97 Mb 00:22:59 00:11:49 00:10:20 00:05:10 00:00:26

Browse All Available ETDs by ( Author | Department )

If you have more questions or technical problems, please Contact UPeTD.