Abstract:
This project was to find out security threats, challenges and attacks brought about by BYOD adoption in institutions. Universities in Kenya as institutions of higher learning were chosen as a case study because BYOD was in extensive use and hence the threats, challenges and attacks would be more pronounced and frequent as compared to the non-academic institutions. The Threats, challenges and attacks were found out using a questionnaire that was sent to ICT administrators of 10 randomly sampled universities. Other existing frameworks were reviewed in order to find out how they tackled threats and challenges associated with BYOD. Framework as a BYOD solution was adopted for this study because the physical implementation of a BYOD solution in universities would be beyond the time limit of this project. The proposed framework was developed by modifying the BFS security framework and advanced it to include advanced devices access to the campus network, Malware detection and prevention, Mobile devices users’ categorization and access to servers and rogue access points by disabling Hotspots applications in mobile devices. Simulation methodology (using OPNET version 14.5) was used to test and validate the proposed framework by subjecting the framework network model to a mobile attacker node and putting preventive measures to address the attack and then comparing the simulation results of the various aspects of network performance tested as well as the campus server that was being targeted. The sampled universities had not put adequate measurers to address the BYOD challenges and attacks they experienced and hence the proposed framework would be very useful if physically implemented.