Case Request Form

PopVote: Assessing the Risk of DDoS (B)

案例編號 : UST032/B
HBP產品 : ST32B
作者 : Prof Kai-lung HUI ; Dr Minyi HUANG ; Ping Fan KE ; Anthony LAI
發布日期 : 08.11.2017


In this series of case studies, students learn to identify, assess, and control the risks of distributed denial of service (DDoS) attacks in a real-world situation. PopVote was the electronic voting system used by the Public Opinion Programme (POP) at the University of Hong Kong. This case study consists of cases A, B, and C. Case B sets the scene for risk control in information security management. To improve cloud-based security, POP outsourced the system security to Amazon Web Services (AWS), CloudFlare, and UDomain. During the mock and preregistration period of the voting event, the scale of DDoS attacks forced AWS and UDomain to make an unusual move and withdraw their services. CloudFlare also warned that it might suspend its service if there was another wave of cyber-attacks. The POP team had to decide immediately what they should do to control the risks.


Through use of the PopVote cases, students are expected to:
Become familiar with the key components of risk management in information security, including risk identification, risk assessment, and risk control.
Learn how to compare, contrast, and evaluate the options available to an organization when facing the imminent threat of a DDoS attack.
Choose risk-control strategies for business continuity and disaster recovery.

公司/機構 University of Hong Kong
行業 university, cyber security, information system, information technology, public services
主要學科 Information Technology
主題 security measures, Cloud-based security, Content Delivery Network (CDN), Cyber attack, Distributed denial of service (DDoS), Domain name server (DNS), Mock vote, Occupy Central, risk assessment, political campaign
地區 Hong Kong
案例屬性 Field
案例頁數 6
教學筆記 13
最近修訂日期 16.08.2016