Analysis And Planning
With the everyday evolvement of the technology, organizations and institution are shifting their working progress from paper work to digital medium. With this transformation, they need to implement a proper network system in their organization. For all the organization s ether they are small or big they all need a properly designed structured, it will not only help them in establishing the communication network but will also help these kinds of organization to evolve them financially round the clock. These network designs can help them in connecting the people, services and the devices for the organization round the clock.
For a fully functioning network system, there are some basic and advanced requirements, which must be fulfilled to make the designed network effective. For this specific case, the organization has hired the network deigning to establish the connection for their organization. For designing the network the system the network must be designed in such a way that t can be operated all the time even the failure of the server, also in the case of the equipment failure and other issues the network should always stay up. On the other hand, the network must provide services efficiently to the users like the users should get response from host to host in less time. Securing the data and information of the organization is one of the important features for the network system, which must be provided to the UMUC.
Planning of network designing
According to the structure of the UMUC, they have two-storey building, which consists classrooms, IT rooms, libraries and the server rooms with different offices for the different officials. Here, for the case of the UMUC after analysing the structure and requirement of each and every department the as a network engineer it would be suggested that the top down methodology of network design will be the most suitable for UMUC. Hierarchical network design can also be useful for this kind of organization but the main reason behind preferring top down over hierarchical design is that it would provide the host response to the different departments on the basis of the OSI model and the requirement of the applications which they are using .
Figure: - Ground floor architecture of the UMUC
(Source:-provided by the UMUC organization)
Here, from the above given design of the floor of the UMUC 1 can see that it will be better to install a router and three switches on this floor. (One router for this floor and three switch one for classroom, library and the office). Based on the top down methodology IT server rooms and the Classrooms attached with the computer labs will get the network access directly from the application layer of the OSI model and for the office use, they will get a filtered data from the physical layer because of the security and privacy purposes.
Figure: -Architecture of the second floor of the UMUC
(Source: - Provided by the UMUC)
For the ground floor of the UMUC the network, designing strategy will be same as the second floor. On the second floor in the server room all the equipment’s and server is to be installed and the whole building will get wired and wireless connection from that server room.
From the network, contactor’s point of view in the proposed network for the UMUC the organization and the people related to it will get many features and they will be able to access most of the services. The applications on the online server but with all these facilities the UMUC will get threats regarding the security issues due to the vulnerable loopholes in the designed network. From the research done by the service contractor the top down methodology, which they are, going to implement for this organization will create some vulnerable points like visiting of unauthorized websites with the IP’s related to the system of the student. Other vulnerable point which the contractor found that in the design there is lack of security firewall and this design don’t have any kind of external packet filtering devices which can filters the incoming and outgoing packets .
Highlighting on the solutions of these vulnerable loopholes for this designed network it is advised to add packet filter and it will be much better if the organization allows to block unsecured IP’s and links from the main server so that no one can access these links. User has selected the Security check method to check for the venerability of this network design. In this process, the users checked with the available tools as well as manually for the vulnerability of the network system.
Packet filters usually filters the packet form the application layer of the OSI model and here in this deigned network as the network designer has selected the top down methodology for designing the network, which will initiate from the application layer it, will be significant to apply packet filters for securing the vulnerable points .
UMUC an educational organization that will have a lot of data and information related to the students and the officials, which may be highly sensitive from the security point of view. Suppose in the case of online examination the question papers and other related materials need to be secured from loss and theft. For this purpose, the network designer has developed the system in such a way that no one can breach the security layer of the network. For the security outlook of the designed system, there is a lot of possibilities of intrusions and other breakdowns which can harm the security policy of the network. Highlighting the policy for their security in their organizations the network designing company has planned for the three level security and verification process for the system, administrative level, IT manager’s level, individual department level.
About the solution for the security, policy of the network design contractor has advised to upgrade the email policy and internet browser policy of the installed system in the UMUC. There are also some other ways which can help the UMUC from the security point of view. The network designer has suggested to restrict the access from other location and also from the non-cooperative devices .
Restricting the access from the other devices, which is not installed in the organization’s network system, will help the organization from getting the unauthorized traffic and threats.
For managing the risks and threats in the network system of the UMUC it is required to install the monitoring and tracking system of the network. Above all these it is advised by the network designing company to have an administrative system for the UMUC. It is also advised to explore the risk between different departments and the organizations. Due to its architecture, different departments will get the different range of the server connection, which will cause the possibility of risks and threats for the data and the devices of the UMUC.
Continuous internal checking and monitoring will lead the organization to reduce the risks and threats, beside this there are also some simple solutions provided but the network designing company which will help them like , as they suggested that the network designed should be segmented and the each and every department should get their separate security firewall system.
Continuous checking and monitoring the network system will provide the benefit of getting the full details about the access and the functionality of the network systems. On the other hand the networking company has suggested to segment the departments and their protocols for each and every switched the main reason behind this suggestion o that it will secure the data on the department bass s, if any of the segment get affected with the attack or other thing then other departments will remain safe. In the IT server room, it is very important to segment it from the other department because this department have the highest probability of getting threat. Beside these suggestion from the need of the network engineer it suggested that to install a firewall system to the network which will help them in protecting from the spams and viruses .
For an educational organization like UMUC they need to continue their business plan in each and every situation. Continuity in business plan mainly refers to the getting continuity of the organization in situation of the breakdown and failure. In the case of power shortage or any kind of the technical background the UMUC will need a backup and recovery system, which will keep their all data safe and it, will be more helpful if they install the backup server system or the optional methods for the power. In the case of natural causes like thunders and storms it may be possible that they will get affected with the server connection loss for this situation they need a system, which can provide the service to their important departments in emergency situation.
Network Development Company has proposed some solutions that should be implemented in the proposed designed network that will help them in maintain the continuity of their business plan. They have an option to add a cloud server that will ride them a lot extra features than the backup and storage in these situations. It is also suggested to create a backup at regular interval of time. The company has planned to install an automatic backup system. Discussing about the network then company has planned to provide a system in two ways one for the main wore connection, which they will get connection directly, form the server and they have created a local a home based server, which can provide them the services at the time of the breakdown.
Installing a backup and recovery system will lead to the safety and security of data in case of any kind of failure in the networks system. As per the proposed plan, they have designed the system in such a way that in case of the small hardware failure the network will automatically shift to the next system, which will not break the continuity of the system.
Controlling the access of the system is one another requirement of the organization, as thee kind of educational organization will need different level of the permission based access, like they will require a separate permission access of the head management of the organization and the for the lower level like the students access they must be restricted from accessing the server from the magamanet and the teacher’s server. For all purposes, the network designing company has developed the system in such a way that they will provide the different IP have and protocol for the different users groups.
For the access, control system in this proposes network system the designer has separated the departments in the different fragment of the network and they have connected each other the users from the same server with different access level with the help of the administrative control system .
For the justification of this selection, the network company has suggested plan, which they have planned for the access control system the installed administrative access control system, will provide them benefit of tracking and maintaining the access of the different user groups and this will also provide help in tracking the network status and the other related things.
According to the research the whole network system by the engineer of the network designing company, as the engineer concluded from his whole research and study that there are many security threats to their devices and applications due to the network system. As these, all devices will be connected from the server and with the same network these all have a risk of getting affected with that. The design should be made in such a way that there will be a facility of security and protection of these devices. There are some other physical problem related to the doors, fencing and the area of the room which will create an issues in this regard .
Detection of breach in the physical security of the application devices and the software connected to this network is highly required and this can be achieved by different process. In the case of Hosts server if they get any threat in their security this can be detected through the available software’s. Manually form checking the status and traffic of the IP in the case of host servers these can be detected from the TCP SYN attack or from the detected UDP session these security threats can be detected . In the case of the physical devices, if the user founds any kind of the unexpected files and operations in their system then they can detect that they got affected with some kind of viruses and spams. On the other hand the installed anti viruses and other system can also help the users in detecting the security breach in their devices. Physical issues can be detected manually by checking the strength and connection speed of the network from that place.
Protecting these severs and the devices from any kind of external security threat they can use the anti-virus system or they have the option to get the firewall system in their main server. This will help them in preventing all the things from a single place. Protecting these things physically the user has an option to get check and analyse their system from their available system analyser. one can install the biometric features at the door locking system which will provide an extra security to the room.
About the recovery option in the designed network system, they have a lot of recovery option, which the network development company has, provided in the designed network. They can recover the configuration other stem related system form the recovery storage device installed in the network system.
The developer had worked a lot in finding the solution for the physical damages to the hosts and other devices. The company has provided the high quality wired fibre optic cable which is hard to break and on the other hand they had proposed for installing a monitoring the physical devices also, at a regular interval of time they will check the performance of the network and other physical devices.
Fibre optics and the system administrative devices will provide all the information related to the physical devices to the monitor of the IT a manager and the network engineer of the UMUC from there they can track and repair the detected fault in the whole system .
For the Wireless device security which are connected with the wireless network of the UMUC which need to be secured. These devices are Wireless and it is very tough for the IT and network engineer to keep track and access all these Wireless devices. Devices like Wireless laptops and tablets needs to be secured for the vulnerabilities caused by the wireless communication, these devices mainly operates on the server to server or host to host basis which creates a lot of security loops in their designing network .
For securing the Wireless devices the network designed company has installed the firewall on the main server on the other hand they had also developed the IP tracking and Blocking facilely in their network which will automatically block the unsafe IP’s from the network’s and help the uses in protecting form these threats.
Behind the selection of this approach of blocking the IP and installing the firewall system for the Wireless device security in the proposed network system, the network engineer justified his suggestion with providing an example of the other instituting where they blocked the sites related to the restricted contents. The teachers as well as the students should be also restricted from accessing these sites so that they will not any kind of threat from this.
Perimeter defence extensively required as it is one level of defending UMUCs network from being affected by severe attacks. It facilitates marvellously for providing protection as a firewall to the internal systems from external attacks. Perimeter defence is required as part of protection suite. Defence in depth is necessary for several layers of security protect UMUCs network as well as its valuable data. Thus, as unavoidable, UMUC necessitates to deal with perimeter that users would be attempting to defend. Restricting the number of connections available from other networks, like the Internet, to the internal network will be helpful quite a lot as users will be have fewer connections for which UMUC is required to manage the protection criteria. Ideally, considering the security perspective, UMUC is having only one connection with the Internet whereas at numerous instances within the Universities, operation requirements suggest that some number of groups within the organization necessitates additional connections.
For properly setting up perimeter defence, it is much imperative for implementation of both prevention as well as intrusion detection systems through acute utilization of tools such as firewalls, packet filters like Stateful packet Inspection (SPI) filters, application proxies and circuit level gateways. There are numerous types and every type should be taken under consideration precisely prior to implementation. For such a facility, it can be proposed that pfSense XG-15411U HA firewall tool to be implemented for initial perimeter defence measure. This device has been created for specifically large to medium level organisations and is made for offering a broad range of flexibility in terms of security and provision of network monitoring. Installation followed by utilization of dematerialized zone (DMZ) will be helpful for unreliable sources to enter within the servers of UMUC. Finally, performance of a site scanning overt the network UMUC can proficiently ensure any sort of gap in their security on the closed network.
Well-structured defence architecture is capable of treating security in network just like an onion. When some intruder peels away outermost layer, there are numerous remaining underneath it. No perception carries further importance while engaging in discussion regarding network security than defence in depth. Defence in depth will be helpful for MUMC in protecting its network resources even in case when one of the numerous security layers has been compromised. After all, no guarantee can be provided by a single security component for withstanding all attacks it may necessitate to face.
Network devices comprises of hubs, switches, Network Interface Card, routers and Wireless Access Points. Some computers as well as Laptops are having built-in NIC whilst other systems require plugging a NIC within an expansion slot on the computers and afterwards connecting through computer port. The four kinds of NIC that are available in usage are token ring, Ethernet, modem, Integrated Service Digital Network and token ring. Hubs at times provide collision and are necessary for replacement by switches. Switches are considered as Open Systems Interconnection (OSI) layer two tools, which efficiently send data only directed towards the intentional device. System like firewalls and spam ware should be installed externally for these purposes.
The easiest fixing strategy for unknown assets over the network is to pursue an extensive review of all connected devices on UMUC’s network and thereby identify all various platforms it is running. By accomplishing this, UMUC could know whereabouts of all the various access points that are available on the University’s network and identify which ones are in necessity of security updates. The easiest way of fixing the issue of unlatched security vulnerability is maintenance of a strict schedule to keep up with security patches. Gradual changes in the programs as well as operating systems on UMUC’s network for making them same can easily simplify this effective process. For instance, if all systems are Windows operating based or Mac operating based (avoiding the hodgepodge of Mac, Windows, Linux, etc.), then the IT professionals at UMUC only necessitates to keep track on Windows OS or Mac OS security patch scheduling as well as alerts.
Network defence devices will be commanding in the provision of defence in depth security from core to the perimeter. Their responses will be giving a glimpse in future of the UMUC network security. Along with continuous advancements in networking another concerning fact has been emergence of new security threats, which are multiplying seemingly day by day. The dynamic nature of attacks is demanding for dynamic multipoint security solutions. It would be justifiable that Network management systems along with their proficiency in monitoring capabilities as well as unified views onto the infrastructural dynamics will give UMUC a powerful weapon to fight cyber threats. For ensuring security in today’s distributed networks, IT teams within the University must be developing defence-in-depth planning, which will combine network-enforced security tools and devices with best possible practices.
Networks designs need to be protected from the host to the last devices, which the users are using in this designed network. The host network will get a lot of threat and other security related issues which need to be rescued for the security of the whole network and the devices and other software has installed and attached with this network.
For the solution of the host defence system the network designing company has proposed to install a host based firewall which will protect their host sings servers from any outer intrusions and the other kind of threats. There are some other recommendation which the network company has provided to the UMUC for securing their hosting servers. They advised them to encapsulate or to protect they passwords by hashing them and hiding them from them main network server so that no one other than the admin get access to the portal of the hosting servers. On the other hand, it is strictly advised by the company to the UMUC that they have to secure their server rooms and the distributed IP with the TCP protocol, which will lead to adding extra security to their network design.
For the justification of this proposed system for securing the host system from the intrusions and other threats the hired engineer suggested the UMUC to install the host firewall, which will protect the hosting server, and highlighting about the main functionality of the hosting firewall it generally filters the IP and the packets received from the different sources. This host firewall will also help the users in securing their system at their individual level, as these firewalls are highly sophisticated and they are normally designed for the personal use or to use for small purposes. These will provide the benefits of filtering the packets from the application layer of the OSI model and from the designed network model.
A protected protocol can be defined as a network protocol, which will be effective in ensuring the security as well as integrity of information that is in transit through a network connection. Some kinds of security protocols that are extensively necessary are Secure Socket Layers (SSL), Secure Shell (SSH), Transport Layer Security (TLS), Hypertext Transfer Protocol Secure (HTTPS), Secure Hypertext Transfer Protocol (S-HTTP) and Hypertext Transfer Protocol (HTTP). SSL is prominently required for securing messages, which are essential to be transmitted through the internet and thereby will necessitates to utilize port 443. TLS is quite similar to SSL; however, it is not interoperable. It is worthy to mention that few applications can make use of either SSL or TLS in the process of data transmittal. Secure Shell protocol is required, as it will allow maintenance of security in iterative remote control of systems. HTTPS protocol is also necessary for securing form of HTTP, which is in turn required for encryption of information prior to its transmittal. HTTP is considered as an unsecure protocol, which will be eventually used for clear text while transmission of data. S-HTTP protocol has never been widely utilised and is never considered as secure as HTTPS.
According to the necessity of transmitting sensitive information, which is necessary to be transmitted through the network, it can be strongly suggested that implementation of the SSL protocol can be the best-proposed solution. Enforcement of this protocol will eventually enable SSL Handshake Protocol for acute establishment of a highly secured channel for acute transmission of encrypted data. Implementation of SSL protocol will be accurate for checking of dates on the certificates for seeing in case whether they are valid and while the name matches with the URL that has been typed on any browser. SSL will be asking the query whether it should be the certificate authority (CA), which is responsible for issuance of certificate can be trustworthy while validation of authentication. Furthermore, it will be recommended for utilization of SSH protocol for deliverance of a secured interactive remote control system. SSH should be used in Ron Rivest, Adi Shamir, and Leonard Adleman (RSA), which is a public key cryptography for maintenance of both authentication and connection. Finally, HTTPS will be enforced for securing hypertext, which is to be utilized in SSL encryptions prior to data transmission through the Internet.
The public key infrastructure (PKI) is a reliable procedure used for encryption followed by decryption of data and this altitude of security can be very effective for multifaceted authentication method. The certifications that will be used in due process will promisingly insure safety level in security because of validation of data. Certifications can be denied or approved owing to data that has been provided to CA. This form of approved validation is effective for verifying that the user is having the authority of having accessibility over the network. Revoking certifications, in case when they are stolen or lost holds much significance for ensuring security in the university database as the management do never yearn for this authentication to be in hand of an intruder or network attacker. Overall, this will be an effectual method for ensuring authentication, which will be actually verifying the client is a trusted one.
The Maryland University College is an international renowned body, which is responsible of providing services either through face to face interaction such as in classroom or through the web i.e. online. It is worthy to mention that employees, visitors and students extensively rely on the utilization of online resources of university for accomplishment of day-by-day tasks. The university is comprehensively reliant on online transactions for security, which is inclusive but is never restricted towards payments, email services and enrolments. Having these necessary services being accessed through the web utilizing an internet browser, it can be assuredly recommended that UMUC requires to implement hypertext transfer protocol secure (HTTPS) with the purpose of keeping transactions protected as well as secured from unauthorized individuals or malicious stuffs.
Hypertext Transfer Protocol (HTTP) is a technique to encode and transport data in between a client like a web browser as well as a web server. HTTP is considered as the prime protocol to transmit information through the Internet. The College is undoubtedly reliant on making use of the web for carrying out most of their transactions, whether it is in relevant to students, employees or other activities. The HTTP protocol, which is an unencrypted one, does never provide protection to data from being altered or intercepted, which can make users in the University subjected to eavesdropping followed by tracking as well as modification of received information. With the functioning of hypertext transfer protocol secure (HTTPS), UMUC will be effective for guaranteeing the connections in the web with the opportunity of having the following features:
- Confidentiality: The connection of visitor is encrypted followed by obscuring of URLs, sensitive metadata and cookies.
- Authenticity: The visitor is connecting with real website, and never through a “man-in-the-middle” or to impersonator
- Integrity: The data that has been sent in between the visitor as well as the website has never been corrupted or modified.
Information has been sent through unsecured HTTP, which can be straightforwardly accessed as well as compromised by malevolent attacks.
According to high necessity and handling of web by services that has been provided by the Maryland University College, it has always been highly prioritised that these services are extensively protected. Through implementation of hypertext transfer protocol secure (HTTPS), introduction of UMUC will undoubtedly guarantee that the data that has been on the web are accurately secured along with authorizing users with the allowance of accessing such data. Utilization of HTTPS will secure sockets layer (SSL) or transport layer security (TLS) with the purpose of keeping the information encrypted prior to its sending over the network.
While combining with proposed solutions that have been mentioned above, the University College necessitates of keeping in their mind that the safeguard of information that has been stored on information sent over emails, workstations and assure that scarped data has been protected. UMUC promisingly necessitates adopting as well as establishing protocols for file encryption, which will be keeping the data under intense protection. It can be proposed that UMUC can put into action encryption of files, hard drives as well as directories with the opportunity of providing data protection in addition. It can be recommended that UMUC should be focused on stabilizing the exploitation of encrypting file system (EFS), Pretty Good privacy (PGP), GNU Privacy Guard (GPG) and full volume encryption.
File encryption is a procedure involved in encryption of every file that are present in the storage medium as well as permitting accessibility on the encrypted data following appropriate authentication has been ensured. The acute storage encryption solution to be applicable for a specific situation is extensively dependent on storage type, the amount of data necessary to be protected, environment where storage should be located as well as the threats that are necessary to be resolved. The UMUC should be considering Encrypting File System, GNU privacy guard and Full Volume Encryption. The EFS will ensure additional level of file and directories’ security. It will also ensure cryptographic protection to every file that is on the NTFS file system by making use of public key encryption. GnuPG is a free and complete implementation of Open PGP standard, which is defined by PGP or RFC4880. BitLocker Drive Encryption is considered as the data protection element that should be availed on Windows Server 2008 R2 and in some versions of Windows 7. With the integration of BitLocker alongside operating system will be effective in addressing the severe threats due to data theft as well as exposure from stolen, lost or incongruously decommissioned systems. BitLockerhelps will be effective in keeping information on the hard drive totally protected even if stolen.
The UMUC should be stabilising the intended solutions of file encryption with the objective of hardening the security of information that has been stored or being transferred through the network. Such type of solutions will be freed for using along with some of those being standard of modern computers. Establishing a policy, which necessitates implementation of such type of solutions, will promisingly make sure that employees stay adhered to the exercises of the organization .
The ways malicious attacks are occurring is so dynamic that UMUC can never be reliant on the single principle with the purpose of keeping data that has been sent over the network safely. UMUC should be considering establishing a technique, which will be effective in keeping the data integrity secure. It can be proposed that the implementation of hashing by making use of SHA-1 hash algorithm will be undoubtedly perfect. The most important application of hash functions in relevance to cryptography has been message integrity. The hash value will be providing a digital fingerprint of the contents of the message, which desirably ensures message has never been altered through an intruder, virus or other means. Hash algorithms is expected to be effective as of exceedingly low probability, which two varied plaintext messages would be yielding the similar hash value.
While implementation of a hashing algorithm there should be one key element, which professionals or organisations should be keeping in mind that the larger the hash is the more secured it will be. SHA-256 should be consisting of a lengthy 160 bits, which is to used in different public key cryptographic algorithms and thus well-organized hardware incorporation of SHA-256 holds much importance. It is also significant that UMUC better knows that it is never bounded until the implementation of only SHA-256. The other hashing function that can be implemented is Hashed Message Authentication Code, which will be responsible for combining authentication through a shared secret along with hashing.
Hashing is the most effectual technique that will grant integrity to information, which has been sent through the web. This is the most feasible method by the enforcement of which UMUC can proficiently verify whether the data in transit has been modified or not. Hashing has never been a mean of using it for encryption. However, it will only be utilised for checking the integrity of the file.
In case the infrastructure fails, some work is necessary to be restored to the operational state. However, clients or users would not be having any kind of accessibility in due time and the time at which the system will be recovered is directly depending on mechanism that has been used. These recovery aspects can be captured by various metrics as these are directly associated with costing which is significant to be thought of not just because of the desired metrics but also minimum viable organisational objectives. Prior to devising of an exclusive strategy, UMUC should be first having a series of requirements chalked down for evaluation of feasible solutions. The set of requirements should be aligned by which the solutions can easily be evaluated.
For restoration of mailbox operations, the Client Access Server (CAS) role is necessary to be installed over to the Exchange server. The other proposed solution can be Tivoli Storage FlashCopy Manager, which is necessary to be configured for using a varied CAS in the domain. The time when UMUC completes data backups, the file size of Exchange database can be increased as of incremented database commitments, which can easily be triggered by backed up operations. The RPO is the acceptable amount of data that can be lost in the event of a failure. The Recovery Time Objective (RTO) is the solution time, which is necessary for restoration of the system to its operational state following an uncertain failure. The Recovery Time Objective (RTO) is the required time for restoring the system to its previous operational state after an occurrence of failure. The granularity in recovery time is highly concerned with the specificity by which the users at UMUC can feasibly choose an exacting point in time since the times of yore for acute restoration of the system.
In case the UMUC environment has been configured in appropriate way, the operations related to mailbox restoration will effectively work in the similar way just like previous versions of Microsoft Exchange Server. The various above-mentioned solutions, which can be helpful for IT professionals are justifiable to make investments in backup and recovery services to UMUC’s Chief Information Officer (CIO) as well as other business decision makers. By analysis of the ways to save costing on backup and restoration, UMUC can more feasibly justify their expense to ensure improvements in its acute solutions and thereby protect itself from almost any emergency that might arise. As per the business recovery plan for the organization or for the business continuity plan, the method, which the network providing company has suggested to the UMUC, is for cloud computing services, which will help them in continuing the business in any natural loss as well as help them in recovery system.
 Baker, B., Gupta, O., Naik, N. and Raskar, R., 2016. Designing neural network architectures using reinforcement learning. arXiv preprint arXiv:1611.02167.
 Bansal, K., Masurekar, U., Maskalik, S., Shah, S., Srinivasan, A. and Agarwal, M., Nicira Inc, 2017. Firewall rule management. U.S. Patent 9,787,641.
 Basak, D., Toshniwal, R. and Sequeira, A., VMware Inc, 2017. Firewall configured with dynamic membership sets representing machine attributes. U.S. Patent 9,621,516.
 Bhargava, R. and Reese, D.P., McAfee LLC, 2015. System and method for network level protection against malicious software. U.S. Patent 8,938,800.
Carames, H.V., Quest Software Inc, 2016. Firewall multi-level security dynamic host-based sandbox generation for embedded url links. U.S. Patent Application 14/665,315.
 Chen, W., Wilson, J., Tyree, S., Weinberger, K., & Chen, Y. (2015, June). Compressing neural networks with the hashing trick. In International Conference on Machine Learning (pp. 2285-2294).
 Erin Liong, V., Lu, J., Wang, G., Moulin, P. and Zhou, J., 2015. Deep hashing for compact binary codes learning. In Proceedings of the IEEE conference on computer vision and pattern recognition (pp. 2475-2483).
Serber, P.D., International Business Machines Corp, 2015. Distributed network protection. U.S. Patent 9,021,591.
 Shen, F., Shen, C., Liu, W. and Tao Shen, H., 2015. Supervised discrete hashing. In Proceedings of the IEEE conference on computer vision and pattern recognition (pp. 37-45).
 Zhu, H., Long, M., Wang, J. and Cao, Y., 2016, March. Deep hashing network for efficient similarity retrieval. In Thirtieth AAAI Conference on Artificial Intelligence.