LAN security vulnerability analysis framework: case of National Irrigation Board

Wambugu, Nancy Muthoni
Journal Title
Journal ISSN
Volume Title
Strathmore University
In today’s environment, many organisation like National Irrigation Board, have adopted open policies on the utilization of LAN where users may plug in unknown devices. Without the right network frameworks, it is difficult to manage network devices that are connected to the Local Area Network in an ad hoc manner. These LAN devices may have vulnerabilities that can expose entire network to security threats. The study used case study research design and applied existing network exploration frameworks and security policies to collect data for analysis. Network exploration was carried out on the devices connected to the LAN of National Irrigation Board. Research findings showed the need for implementing a framework that checks the security vulnerability of devices connected to the LAN of National Irrigation Board. The framework was developed to allow a Network Administrator identify devices that are plugged into the LAN, analyse vulnerabilities and take remedial action based on the analysis outcome. This ensured that the devices connected to the LAN do not pose a security threat to the entire network. The framework used policy-based network security metrics that were generated from an Institution’s ICT Security Policy. Using the regression method, the metrics were quantified, weighted and applied on each computer on the LAN to generate the Security Score Index. Based on the outcome of the analysis, a decision was made on whether to allow or disconnect the LAN device from the network.
A thesis submitted in partial fulfilment of the requirements for the Degree of Master of Science in Information Systems Security (MSc.ISS) at Strathmore University
LAN, Network, Vulnerabilities, Security metrics