DESIGN AND IMPLEMENTATION OF NETWORK ACTIVITY MONITORING SYSTEM
(A CASE STUDY OF ANAMBRA STATE FEDERAL INLAND REVENUE SERVICES, F.I.R.S)
CHAPTER ONE
1.0 INTRODUCTION
Attacks on computer by outside intruder
are more publicized but the ones perpetrated by insiders are very common
and often more damaging. Insiders represent the greatest threat to
computer security because they understand their organization’s business
and how their computer systems work. They have both the confidentiality
and access to perform these attacks. An inside attack will have a higher
probability of successfully breaking into the system and extracting
critical information. The insiders also represent the greatest challenge
to securing the company network because they have authorized level of
access to the file system.
In a quest for maximum profitability in a
network, there is need to monitor the activities performed such that
the network activity in a real time would be tracked, confidential
information safeguarded and control over the daily activities of every
staff established. The question is: which and how would one develop the
so much needed system that would exhibit all these potentialities?
Network activity monitoring system is
used to detect inside threats by monitoring file access and process
activity (Behr et al, 2009). It is a powerful tool that allows one to
track any local area network, giving you the most detailed information
on when, how and what your network users do on daily basis. If it is a
library public network, university or commercial organization network,
Activity Monitor offers efficient control. This work targets the
monitoring of every activity of a user in a computer network and
maximizes the security for the organization or corporate body.
1.1 BACKGROUND OF STUDY
The Federal Inland Revenue service
(FIRS) is one of the federal ministries charged with the responsibility
of accessing, collecting, and accounting for the various taxes to the
federal government since 1943.
Tax revenue has been reliable from time,
from where government rely for decision making, and aids for
development and administrative planning, hence the need for optimum
human resource of the organisation or ministry; for it’s considered to
be their most valuable asset if properly harnessed and are well
motivated to perform their assigned tasks so as to enhance the
organisations goals and objectives.
Computer network activity monitoring
system has become one of the vital tools in providing evidence in cases
such as computer misuse and fraud. Computers and other devices are being
used increasingly to commit, enable or support unwanted activity
perpetrated against individuals, organizations or assets. Although it is
most often associated with the investigation of a wide variety of
computer crime, network activity monitoring system may also be used in
civil proceedings. The discipline involves similar techniques and
principles to data recoveryand a lot of information is retained on the
computer than most people realize.
It’s also more difficult to completely
remove information than it is generally thought. For these reasons (and
many more), network activity monitoring system can often find evidence
or even completely recover lost or deleted information, even if the
information was intentionally deleted.
This system consist of two tier
application – server and client whereby the activity monitoring server
can be installed in any computer in the entire local area network and
the client which is the remote spy software is installed on all the
computers on the network to be monitored.
1.2 STATEMENT OF PROBLEM
The existing system used by FIRS has
been a challenge to them. Amongst the problems affecting the FIRS from
maintaining a steady reliable accounting figures and estimates are:-
With the current system, staffs easily erase or add data in order to
cover up their fraud since there is no back up of the activity log.
Frauds like computer fraud: – loss or damage to money, securities
resulting directly from the use of any computer to fraudulently cause a
transfer of money or other property from inside the premises to a
personat a place outside the premise. Their method of operation is not
so efficient for both units in the department (Operations and
Reconciliation units). Both units cannot work at the same time, and this
is because the staffs in one of the unit (reconciliation unit) has to
wait for the staffs in the other unit (operation unit) to get their work
to some extent before they can process their own work, and while they
are processing their own work, the staffs in the operation unit has to
pause their work a little,and with this manual of operation in the
department, rooms for corporate fraud is being created.
These are the more reasons, why the researcher embarked on this research.
1.3 OBJECTIVES OF STUDY
This project targets towards discovering
what should be done to improve the existing system, monitoring the
daily activities of every user in a network and using it to provide
evidence to frauds or crimes committed using computer technology which
some people referred to as digital crime; that is crime committed using a
computer system.
The objective of this work is to develop a system that should be able to;
The objective of this work is to develop a system that should be able to;
1. Monitor the daily activities of every user in a network in real time.
2. Detect active users.
3. Provide accurate evidence on corporate fraud when investigation is being carried out in an organization.
4. Has a good memory management for efficient carrying out of activities.
1.4 SIGNIFICANCE OF STUDY
This work was embarked upon for several
reasons discussed below and again provides answers to some questions
like: What is the value in adopting an investigation system? Why should
you invest time and money on this? What are the benefits to
organisations?
Therefore some of the significance and
benefits of this work include: Increased employers loyalty: -What
ultimately creates the employers loyalty is meeting and exceeding their
expectation. Maintaining system integrity. Staying current on work
status so as to know how well the organisation is going. Ensure proper
handling of investigation in computing:This is the reason why we need a
careful, methodical process for gathering digital data in the first
place; and this is why we need network activity monitoring system.
Increased employer’s retention:-The employees are an investment.
Generally, it takes nine to twelve months or longer before an employee
is a productive asset to a company. If an employee leaves after a year
or two, the company has lost most of its investment.
Information empowered decision making:
-Most managers, executives and employers make decisions based upon all
relevant information. There are some actions that can have a profound
effect on corporate decision making; those actions are more easily
justifiable when you have easily accessed the users system.
1.5 SCOPES OF THE STUDY
Although a network activity monitoring
system involves many things and activities that can be run within it,
yet due to lack of time and space, we were not able to use this software
in other operating systems apart from windows operating system (that is
from windows XP to windows operating system of higher versions).
Furthermore this work did also not involve internet connectivity as well
as detection of virus in a network.
1.6 LIMITATIONS OF THE STUDY
During the course of this study, many
things militated against its completion, some of which are; Lack of
finance Refusal of the Federal Inland Revenue Services Awka, to give
detailed answers and in some cases no answer at all to some questions.
This project is limited to all the data associated with the information
gotten from the Federal Inland Revenue Service commission, and due to
time factor, not all the commissions were reached for sources of data
and information.
1.7 DEFINITION OF TERMS
NAMS (Network activity monitoring
system): This is the system that is used monitor the daily activity of
every user on a network.
Corporate fraud: This is the fraud committed by insiders in a large, publicly traded (or private) corporation, and/or by senior executives.
Real time: Occurring
immediately, this is used for such task as navigation, in which the
computer must react to a steady flow of new information without
interruption.
LAN (local area network): This is computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings.
Suid: A file attributes which allows a program to run as a specific user no matter who executes it.
Corporate decision making:
This is connected with a corporation, this involves the image of a
company or organization where all its members involve taking critical
decision making (finance/planning/strategy)
Internal Auditor: An
employee of a company charged with providing independent and objective
evaluations of the company’s financial and operational business
activities, including its corporate governance. Internal auditors also
provide evaluations of operational efficiencies and will usually report
to the highest level of management on how to improve the overall
structure and practices of the company.
External Auditor: An
external auditor is an audit professional who performs an audit in
accordance with specific laws or rules on financial statements of a
company, government entity, other legal entity or organization, and who
is independent of the entity being audited.
CHAPTER TWO
LITERATURE REVIEW
2.0 COMPUTER NETWORK
Attacks on computer by outside intruder
are more publicized but the ones perpetrated by insiders are very common
and often more damaging. Insiders represent the greatest threat to
computer security because they understand their organization’s business
and how their computer systems work. They have both the confidentiality
and access to perform these attacks. An inside attack will have a higher
probability of successfully breaking into the system and extracting
critical information. The insiders also represent the greatest challenge
to securing the company network because they have authorized level of
access to the file system.
No comments:
Post a Comment