• Login
    View Item 
    •   Repository
    • Masters Theses and Projects
    • Master Theses: Department of Computing and Information Technology
    • View Item
    •   Repository
    • Masters Theses and Projects
    • Master Theses: Department of Computing and Information Technology
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Protecting Institutions of Higher Learning in Kenya: A Scalable Hybrid Decoy Framework against Cyber Threats

    Thumbnail
    View/Open
    Full text (1.018Mb)
    Date
    2021-09
    Author
    Serem, Edwin Kiprono
    Metadata
    Show full item record
    Abstract
    Cybersecurity threats are malicious acts that seek to damage, steal, or gain unauthorized access to information. Higher institutions of learning in Kenya have adopted the use of information systems in their service delivery. However, their level of preparedness to deal with emerging threats in their cyberspace is limited by techniques used to detect, inform, and deflect the cyber threats before they cause much harm. The main objective of this research study was to develop a scalable decoy framework for use in institutions of higher learning. The research process was done in two phases; the first phase encompassed preliminary studies that involved soliciting responses from 84 ICT personnel drawn from 42 institutions in Kenya selected through the purposive sampling method. This study made use of primary data collected using structured questionnaires, then descriptively analyzed. The findings revealed the institutions recorded cyber attacks within twelve months of the research period, and the main tools and techniques in place are inefficient to detect significant threats. The second phase entailed designing the framework prototype using Linux containers as decoys in the front and back end and monitoring the attacks using HonSSH, while graphical presentation used Grafana. The decoys were set in a layered approach. The front-end decoy hid the back-end decoy by internally configuring the front-end decoy to capture and reroute the attacker commands via a secure tunnel. The back-end decoy did the processing of commands issued through the front-end decoy then gave feedback. Simulation of user activities and network traffic generation was achieved using the General HOSTS framework to make it more realistic to the attacker. The attacker's virtual machine used Kali Linux. Scalability, latency, and throughput metrics were used to test the framework's effectiveness; decoy data analysis was done by logstash and pipelined to Kibana for visualization. The experimental results demonstrate that the system effectively misdirected commands by combining deceptive network setup and configurations and generating fake user and network activities with an average latency of 0.0015s, throughput 864Mbits/s, and boot speed 7.485s. The study highly recommends including cyber decoys in the institutions network to boost security in a proactive approach due to effectiveness in utilizing computing resources. The framework will help cybersecurity professionals protect higher institutions of learning from stealthy and sophisticated attacks. This research work contributes to knowledge in designing and developing effective deceptive decoys tools in cybersecurity research.
    URI
    http://repository.embuni.ac.ke/handle/embuni/3881
    Collections
    • Master Theses: Department of Computing and Information Technology [2]

    University of Embu copyright ©  2021
    Contact us | Send Feedback
    Library ER 
    Atmire NV
     

     

    Browse

    All of RepositoryCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    My Account

    LoginRegister

    University of Embu copyright ©  2021
    Contact us | Send Feedback
    Library ER 
    Atmire NV