Case Request Form

PopVote: Assessing the Risk of DDoS (C)

HBP Product : ST32C
Case Author : Prof Kai-lung HUI ; Dr Minyi HUANG ; Ping Fan KE ; Anthony LAI
PublicAction Date : 08.11.2017


In this series of case studies, students learn to identify, assess, and control the risks of distributed denial of service (DDoS) attacks in a real-world situation. PopVote was the electronic voting system used by the Public Opinion Programme (POP) at the University of Hong Kong.
This case study consists of cases A, B, and C. Case C describes what actually happened to PopVote after AWS and UDomain, security system providers, withdrew their services.

Learning Objectives

Through use of the PopVote cases, students are expected to:
Become familiar with the key components of risk management in information security, including risk identification, risk assessment, and risk control.
Learn how to compare, contrast, and evaluate the options available to an organization when facing the imminent threat of a DDoS attack.
Choose risk-control strategies for business continuity and disaster recovery.

Company/Organization University of Hong Kong
Industry university, cyber security, information system, information technology, public services
Major Discipline Information Technology
Subject(s) second-tier protection, Cyber attack, Distributed denial of service (DDoS), Domain name server (DNS), Firewall, NTP (Network Time Protocol) Attack, cloud security , phishing websites, Reflection Attack, risk assessment and management
Geography Hong Kong
Case Nature Field
Page count of the Case 7
Teaching Notes 13
Publisher HKUST
Last Revision Date 16.08.2016