Document Type Master's Dissertation Author Abdullah, Hanifa URN etd-10122006-155850 Document Title A risk analysis and risk management methodology for mitigating wireless local area networks (WLANs) intrusion security risks Degree MSc (Computer Science) Department Computer Science Supervisor
Advisor Name Title Prof J H P Eloff Committee Chair Keywords
- OODA cycle
- risk analysis
- risk management
- risk assessment
- wireless intrusion detection system
- wireless local area networks (WLANs)
Date 2006-09-05 Availability unrestricted Abstract
Every environment is susceptible to risks and Wireless Local Area Networks (WLANs) based on the Institute of Electrical and Electronics Engineers (IEEE) 802.11 standard are no exception. The most apparent risk of WLANs is the ease with which itinerant intruders obtain illicit entry into these networks. These intrusion security risks must therefore be addressed which means that information security risk analysis and risk management need to be considered as integral elements of the organisationís business plan.
A well-established qualitative risk analysis and risk management methodology, the Operationally Critical Threat Asset and Vulnerability Evaluation (OCTAVE) is selected for conducting the WLAN intrusion security risk analysis and risk management process. However, the OCTAVE risk analysis methodology is beset with a number of problems that could hamper a successful WLAN intrusion security risk analysis. The ultimate deliverable of this qualitative risk analysis methodology is the creation of an organisation-wide protection strategy and risk mitigation plan. Achieving this end using the OCTAVE risk analysis methodology requires an inordinate amount of time, ranging from months to years. Since WLANs are persistently under attack, there is a dire need for an expeditious risk analysis methodology. Furthermore, the OCTAVE risk analysis methodology stipulates the identification of assets and corresponding threat scenarios via a brainstorming session, which may be beyond the scope of a person who is not proficient in information security issues.
This research was therefore inspired by the pivotal need for a risk analysis and risk management methodology to address WLAN intrusion attacks and the resulting risks they pose to the confidentiality, integrity and availability of information processed by these networks.
Copyright © 2006, University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria
Please cite as follows:
Abdullah, H, 2006, A risk analysis and risk management methodology for mitigating wireless local area networks (WLANs) intrusion security risks , MSc(Computer Science) dissertation, University of Pretoria, Pretoria, viewed yymmdd < http://upetd.up.ac.za/thesis/available/etd-10122006-155850/>E6/2006/gm
Filename Size Approximate Download Time (Hours:Minutes:Seconds)
28.8 Modem 56K Modem ISDN (64 Kb) ISDN (128 Kb) Higher-speed Access dissertation.pdf 4.97 Mb 00:22:59 00:11:49 00:10:20 00:05:10 00:00:26