• Login
    View Item 
    •   SU+ Home
    • Research and Publications
    • Faculty of Information Technology (FIT)
    • FIT Projects, Theses and Dissertations
    • MSIT Theses and Dissertations
    • MSIT Theses and Dissertations (2021)
    • View Item
    •   SU+ Home
    • Research and Publications
    • Faculty of Information Technology (FIT)
    • FIT Projects, Theses and Dissertations
    • MSIT Theses and Dissertations
    • MSIT Theses and Dissertations (2021)
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    A Honeypot based malware analysis tool for SACCOs in Kenya

    Thumbnail
    View/Open
    Full-text thesis (3.267Mb)
    Date
    2021
    Author
    Mwendwa, Keith Mwesigwa
    Metadata
    Show full item record
    Abstract
    Kenya had her first established Savings and Credit Co-operative (SACCO) society in 1908 and to date, the SACCO societies have grown into a Billion-dollar industry. SACCOs contribute 5.72% to Kenya’s Gross Domestic Product (GDP) and are significantly changing the lives of Kenyans in almost all sectors of the economy. Like other sectors, SACCOs are facing growing cyber threats that have potential to affect their performance. The report by Serianu of 2018 indicates that SACCOs have poor visibility on enterprise cybersecurity and thus are poorly prepared to anticipate risk, detect vulnerabilities, respond to incidents and contain threats. Further, SACCOs have low budget allocations and inadequate skilled staff to advise in prevention and protection against threats. Because of this, SACCOs across the globe lose hundreds of millions of dollars annually. The Serianu Cyber Security Report of 2018, indicates that the global cost of cybercrime was at 600 billion dollars in 2015, which had risen by $100 billion from the previous year. The report indicated the SACCOs were the most affected, while the affected organizations lost money, experienced downtimes and reputation damage. It is observed that many SACCOs in Kenya are slowly putting up measures to prevent, detect, and remediate cyber-attacks with minimal resources. This study intends to help SACCOs have a paradigm shift in how to detect and respond to malware by developing a prototype. The literature review brought to light the different applications of honeypot solutions, but the solution is not common within the SACCO industry. The prototype, a honeypot that was used for malware analysis in order to determine breach scenarios and common cyberattacks showed outstanding performance when run for a few days, in capturing malware, and helping in their analysis. The proposed solution enables SACCOs to better mitigate and possibly reverse Cyber-attacks on their infrastructure due to the information they get from analysing malware. Development of the prototype was based on Rapid Application Development methodology to build a robust malware analysis tool on Honeypots and was tested for reliability where it showed an outstanding accuracy level as all attack traffic was captured and logged. While from the first 24 hours of uptime, in 100 captured attacks, the prototype was able to give Md5 hashes of 11 malwares, the prototype captured the IP addresses associated with the rest of the attacks which can be blacklisted by a SACCO employing this tool.
    URI
    http://hdl.handle.net/11071/12752
    Collections
    • MSIT Theses and Dissertations (2021) [18]

    DSpace software copyright © 2002-2016  DuraSpace
    Contact Us | Send Feedback
    Theme by 
    Atmire NV
     

     

    Browse

    All of SU+Communities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    My Account

    Login

    DSpace software copyright © 2002-2016  DuraSpace
    Contact Us | Send Feedback
    Theme by 
    Atmire NV