Discussion

You are required to write an APA formatted paper with no less than 6 peer reviewed references and no less than 3 pages of findings on one aspect of a topic covered in this weeks Chapter 9, Correlation

Subject Name :

Don't use plagiarized sources. Get Your Custom Essay on

Discussion

Just from $13/Page

Order Essay

Spring 2020 – Emerging Threats & Countermeas (ITS-834-25) – Full Term

Chapter

Discretion

Cyber Attacks
Protecting National Infrastructure, 1st ed.

• Proprietary information will be exposed if discovered
by hackers

• National infrastructure protection initiatives most
prevent leaks
– Best approach: Avoid vulnerabilities in the first place

– More practically: Include a customized program focused
mainly on the most critical information

C
h
a
p
te

r 7
–

D
is

c
re

tio
n

Introduction

• A trusted computing base (TCB) is the totality of
hardware, software, processes, and individuals
considered essential to system security

• A national infrastructure security protection program
will include
– Mandatory controls

– Discretionary policy

• A smaller, less complext TCB is easier to protect

tio
n

Trusted Computing Base

Fig. 7.1 – Size comparison issues in a
trusted computing base

• Managing discretion is critical; questions about the
following should be asked when information is being
considered for

disclosure

– Assistance

– Fixes

– Limits

– Legality

– Damage

– Need

• Security through obscurity is often maligned and
misunderstood by security experts
– Long-term hiding of vulnerabilities

– Long-term suppression of information

• Security through obscurity is not recommended for
long-term protection, but it is an excellent
complementary control
– E.g., there’s no need to publish a system’s architecture

– E.g., revealing a flaw before it’s fixed can lead to rushed
work and an unnecessary complication of the situation

Security Through Obscurity

7
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7
–
D
is
c
re
tio
n

Fig. 7.2 – Knowledge lifecycle for
security through obscurity

Fig. 7.3 – Vulnerability disclosure
lifecycle

• Information sharing may be inadvertent, secretive, or
willful

• Government most aggressive promoting information
sharing

• Government requests information from industry for
the following reasons
– Government assistance to industry

– Government situational awareness

– Politics

• Government and industry have conflicting
motivations

Information Sharing

Fig. 7.4 – Inverse value of information
sharing for government and industry

• Adversaries regularly scout ahead and plan before an
attack

• Reconnaissance planning levels
– Level #1: Broad, wide-reaching collection from a variety of

sources

– Level #2: Targeted collection, often involving automation

– Level #3: Directly accessing the target

Information Reconnaissance

Fig. 7.5 – Three stages of
reconnaissance for cyber security

• At each stage of reconnaissance, security engineers
can introduce information obscurity

• The specific types of information that should be
obscured are
– Attributes

– Protections

– Vulnerabilities

• Layering methods of obscurity and discretion adds
depth to defensive security program

• Even with layered obscurity, asset information can
find a way out
– Public speaking

– Approved external site

– Search for leakage

Obscurity Layers

Fig. 7.6 – Obscurity layers to protect
asset information

• Governments have been successful at protecting
information by compartmentalizing information and
individuals
– Information is classified

– Groups of individuals are granted clearance

• Compartmentalization defines boundaries, which
helps guides decisions

• Private companies can benefit from this model

Organizational Compartments

Fig. 7.7 – Using clearances and
classifications to control information

disclosure

Fig. 7.8 – Example commercial mapping
of clearances and classifications

• To implement a national discretion program will
require
– TCB definition

– Reduced emphasis on information sharing

– Coexistence with hacking community

– Obscurity layered model

– Commercial information protection models

National Discretion Program

Chapter

Divers

ity

Cyber Attacks
Protecting National Infrastructure, 1st ed.

C
h
a
p
te

r 4
–

D
iv

e
rs

ity

Introduction

• The securing any set of national assets should
include a diversity strategy

• The deliberate introduction of diversity into national
infrastructure to increase security has not been well
explored

• Two system are considered diverse if their key
attributes differ

• Diversity bucks the trend to standardize assets for
efficiency’s sake

Fig. 4.1 – Diverse and nondiverse
components through attribute

differences

4
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 4
–
D
iv
e
rs
ity

Diversity and Worm Propagation

• Worm propagation is an example of an attack that
relies on a nondiverse target environment

• Worm functionality in three steps:
– Step #1: Find a target system on the network for

propagation of worm program

– Step #2: Copy program to that system

– Step #3: Remotely execute program

– Repeat

• Diversity may be expensive to introduce, but saves
money on response costs in the long run

Fig. 4.2 – Mitigating worm activity
through diversity

Desktop Computer System Diversity

• Most individual computers run the same operating
system software on a standard processor platform
and browse the Internet through one or two popular
search engines with the one of only a couple
browsers

• The typical configuration is a PC running Windows on
an Intel platform, browsing the Internet with Internet
Explorer, searching with Google

• This makes the average home PC user a highly
predictable target

Fig. 4.3 – Typical PC configuration
showing diversity

• Three Considerations
– Platform costs

– Application interoperability

– Support and training

• Ultimate solution for making desktops more secure
involves their removal
– Not a practical solution

• Cloud computing may offer home PC users a diverse,
protected environment

Diversity Paradox of Cloud
Computing

Fig. 4.4 – Spectrum of desktop diversity
options

Fig. 4.5 – Diversity and attack difficulty
with option of removal

• Modern telecommunications consist of the following
two types of technologies
– Circuit-switched

– Packet-switched

• When compared to one another, these two
technologies automatically provide diversity

• Diversity may not always be a feasible goal
– Maximizing diversity may defend against large-scale

attacks, but one must also look closely at the entire
architecture

Network Technology Diversity

Fig. 4.6 – Worm nonpropagation benefit
from diverse telecommunications

Fig. 4.7 – Potential for impact
propagation over shared fiber

• Any essential computing or networking asset that
serves a critical function must include physical
distribution to increase survivability

• Physical diversity has been part of the national asset
system for years
– Backup center diversity

– Supplier/vendor diversity

– Network route diversity

Physical Diversity

Fig. 4.8 – Diverse hubs in satellite
SCADA configurations

• A national diversity program would coordinate
between companies and government agencies
– Critical path analysis

– Cascade modeling

– Procurement discipline

National Diversity Program

Chapter

Commonality

Cyber Attacks
Protecting National Infrastructure, 1st ed.

• Certain security attributes must be present in all
aspects and areas of national infrastructure to
ensure maximum resilience against attack

• Best practices, standards, and audits establish a low-
water mark for all relevant organizations

• Audits must be both meaningful and measurable
– Often the most measurable things aren’t all that

meaningful

C
h
a
p
te

r 5
–

C
o
m

m
o
n
a
lity

Introduction

• Common security-related best practices/standards
– Federal Information Security Management Act (FISMA)

– Health Insurance Portability and Accountability Act (HIPAA)

– Payment Card Industry Data Security Standard (PCI DSS)

– ETSI Cyber Security Technical Committee (TC-CYBER)

– ISO/IEC 27000 Standard family (ISO27K)
• ISO 27001 – Security management systems

• ISO 27002 – Code of practice for InfoSec controls

– COBIT – Control Objectives for Information and related Technology

– NIST Cybersecurity Framework

m
o
n
a
lity

Introduction

Fig. 5.1 – Illustrative security audits for two
organizations

5
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 5
–
C
o
m
m
o
n
a
lity

Fig. 5.2 – Relationship between
meaningful and measurable

requirements

• The primary motivation for proper infrastructure
protection should be success based and economic
– Not the audit score

• Security of critical components relies on
– Step #1: Standard audit

– Step #2: World-class focus

• Sometimes security audit standards and best
practices proven through experience are in conflict

Meaningful Best Practices for
Infrastructure Protection

Fig. 5.3 – Methodology to achieve
world-class infrastructure

protection practices

• Four basic security policy considerations are
recommended
– Enforceable: Policies without enforcement are not

valuable

– Small: Keep it simple and current

– Online: Policy info needs to be online and searchable

– Inclusive: Good policy requires analysis in order to include
computing and networking elements in the local nat’l
infrastructure environment

Locally Relevant and
Appropriate Security Policy

Fig. 5.4 – Decision process for security
policy analysis

• Create an organizational culture of security
protection

• Culture of security is one where standard operating
procedures provide a secure environment

• Ideal environment marries creativity and interest in
new technologies with caution and a healthy
aversion to risk

Culture of Security Protection

Fig. 5.5 – Spectrum of organizational
culture of security options

• Organizations should be explicitly committed to
infrastructure simplification

• Common problems found in design and operation of
national infrastructure
– Lack of generalization

– Clouding the obvious

– Stream-of-consciousness design

– Nonuniformity

Infrastructure Simplification

Fig. 5.6 – Sample cluttered engineering
chart

Fig. 5.7 – Simplified engineering chart

• How to simplify a national infrastructure
environment
– Reduce its size

– Generalize concepts

– Clean interfaces

– Highlight patterns

– Reduce clutter

• Key decision-makers need certification and education
programs

• Hundred percent end-user awareness is impractical;
instead focus on improving security competence of
decision-makers
– Senior Managers

– Designers and developers

– Administrators

– Security team members

• Create low-cost, high-return activities to certify and
educate end users

Certification and Education

Fig. 5.8 – Return on investment (ROI)
trends for security education

• Create and establish career paths and reward
structures for security professionals

• These elements should be present in national
infrastructure environments
– Attractive salaries

– Career paths

– Senior managers

Career Path and Reward Structure

• Companies and agencies being considered for
national infrastructure work should be required to
demonstrate past practice in live security incidents

• Companies and agencies must do a better job of
managing their inventory of live incidents

Responsible Past Security Practice

• Companies and agencies being considered for
national infrastructure work should provide evidence
of the following past practices
– Past damage

– Past prevention

– Past response

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 5
–
C
o
m
m
o
n
a
lity
Responsible Past Security Practice

• A national commonality plan involves balancing the
following concerns
– Plethora of existing standards

– Low-water mark versus world class

– Existing commissions and boards

National Commonality Program

Chapter

Collectio

Cyber Attacks
Protecting National Infrastructure, 1st ed.

• Diligent and ongoing observation of computing and
networking behavior can highlight malicious activity
– The processing and analysis required for this must be done

within a program of data collection

• A national collection process that combines local,
regional, and aggregated data does not exist in an
organized manner

C
h
a
p
te

r 8
–

C
o
lle

c
tio

Introduction

Fig. 8.1 – Local, regional, and national
data collection with aggregation

• At local and national levels data collection decisions
for national infrastructure should be based on the
following security goals
– Preventing an attack

– Mitigating an attack

– Analyzing an attack

• Data collection must be justified (who is collecting and why)

• The quality of data is more important than the quantity

Fig. 8.2 – Justification-based decision
analysis template for data collection

• Metadata is perhaps the most useful type of data for
collection in national infrastructure
– Metadata is information about data, not what the data is

about

• Data collection systems need to keep pace with
growth of carrier backbones

• Sampling data takes less time, but unsampled data
may be reveal more

Collecting Network Data

Fig. 8.3 – Generic data collection
schematic

8
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 8
–
C
o
lle
c
tio
n

Fig. 8.4 – Collection detects evidence of
vulnerability in advance of notification

• National initiatives have not traditionally collected
data from mainframes, servers, and PCs

• The ultimate goal should be to collect data from all
relevant computers, even if that goal is beyond
current capacity

• System monitoring may reveal troubling patterns

• Two techniques useful for embedding system
management data
– Inventory process needed to identify critical systems

– Process of instrumenting or reusing data collection
facilities must be identified

Collecting System Data

Fig. 8.5 – Collecting data from
mainframes, servers, and PCs

Security Information and Event
Management

• Security information and event management (SIEM)
is the process of aggregating system data from
multiple sources for purpose of protection

• Each SIEM system (in a national system of data
collection) would collect, filter, and process data

• Objections to this approach include both the cost of
setting up the architecture and the fact that
embedded SIEM functionality might introduce
problems locally

Fig. 8.6 – Generic SIEM architecture

Fig. 8.7 – Generic national SIEM
architecture

• Identifying trends is the most fundamental
processing technique for data collected across the
infrastructure

• Simplest terms
– Some quantities go up (growth)

– Some quantities go down (reduction)

– Some quantities stay the same (leveling)

– Some quantities doing none of the above (unpredictability)

Large-Scale Trending

Fig. 8.8 – Growth trend in botnet
behavior over 9-month period (2006–

2007)

• Some basic practical considerations that must be
made by security analysts before a trend can be
trusted
– Underlying collection

– Volunteered data

– Relevant coverage

• Collecting network metadata allows security analysts
track a worm’s progress and predict its course

• Consensus holds that worms work too fast for data
collection to be an effective defense
– There’s actually some evidence that a closer look at the

data might provide early warning of worm threats

• After collecting and analyzing, the next step is acting
on the data in a timely manner

Tracking a Worm

Fig. 8.9 – Coarse view of UDP traffic
spike from SQL/Slammer worm

(Figure courtesy of Dave Gross and Brian Rexroad)

Fig. 8.10 – Fine view of UDP traffic spike
from SQL/Slammer worm
(Figure courtesy of Dave Gross and Brian Rexroad)

• Once the idea for a national data collection program
is accepted, the following need to be addressed
– Data sources

– Protected transit

– Storage considerations

– Data reduction emphasis

National Collection Program

Chapter

Deceptio

Cyber Attacks
Protecting National Infrastructure, 1st ed.

C
h
a
p
te

r 2
–

D
e
c
e
p
tio

Introduction

• Deception is deliberately misleading an adversary by
creating a system component that looks real but is in
reality a trap
– Sometimes called a honey pot

• Deception helps accomplish the following security
objectives
– Attention

– Energy

– Uncertainty

– Analysis

C
h
a
p
te
r 2
–
D
e
c
e
p
tio
n

• If adversaries are aware that perceived vulnerabilities
may, in fact, be a trap, deception may defuse actual
vulnerabilities that security mangers know nothing
about.

Introduction

Fig. 2.1 – Use of deception in
computing

• Four distinct attack stages:
– Scanning

– Discovery

– Exploitation

– Exposing

Fig. 2.2 – Stages of deception for
national infrastructure protection

• Adversary is scanning for exploitation points
– May include both online and offline scanning

• Deceptive design goal: Design an interface with the
following components
– Authorized services

– Real vulnerabilities

– Bogus vulnerabilities

• Data can be collected in real-time when adversary
attacks honey pot

Scanning Stage

Fig. 2.3 – National asset service
interface with deception

• Deliberately inserting an open service port on an
Internet-facing server is the most straightforward
deceptive computing practice

• Adversaries face three views

– Valid open ports

– Inadvertently open ports

– Deliberately open ports connected to honey pots

• Must take care the real assets aren’t put at risk by
bogus ports

Deliberately Open Ports

Fig. 2.4 – Use of deceptive bogus
ports to bogus assets

Fig. 2.5 – Embedding a honey pot
server into a normal server complex

• The discovery stage is when an adversary finds and
accepts security bait embedded in the trap

• Make adversary believe real assets are bogus
– Sponsored research

– Published case studies

– Open solicitations

• Make adversary believe bogus assets are real
– Technique of duplication is often used for honey pot

design

Discovery Stage

Fig. 2.6 – Duplication in honey pot
design

• Creation and special placement of deceptive
documents can be used to trick an adversary
(Especially useful for detecting a malicious insider)
– Only works when content is convincing and

– Protections appear real

Deceptive Documents

Fig. 2.7 – Planting a bogus document
in protected enclaves

• This stage is when an adversary exploits a discovered
vulnerability
– Early activity called low radar actions

– When detected called indications and warnings

• Key requirement: Any exploitation of a bogus asset
must not cause disclosure, integrity, theft, or
availability problems with any real asset

Exploitation Stage

C
h
a
p
te
r 2
–
D
e
c
e
p
tio
n

Fig. 2.8 – Pre- and post-attack stages
at the exploitation stage

• Related issue: Intrusion detection and incident
response teams might be fooled into believing trap
functionality is real. False alarms can be avoided by
– Process coordination

– Trap isolation

– Back-end insiders

– Process allowance

• Understand adversary behavior by comparing it in
different environments.

• The procurement lifecycle is one of the most
underestimated components in national
infrastructure protection (from an attack
perspective)

Procurement Tricks

Fig. 2.9 – Using deception against
malicious suppliers

• The deception lifecycle ends with the adversary
exposing behavior to the deception operator

• Therefore, deception must allow a window for
observing that behavior
– Sufficient detail

– Hidden probes

– Real-time observation

Exposing Stage

Fig. 2.10 – Adversary exposing stage
during deception

Interfaces Between
Humans and Computers

• Gathering of forensic evidence relies on
understanding how systems, protocols, and services
interact
– Human-to-human

– Human-to-computer

– Computer-to-human

– Computer-to-computer

• Real-time forensic analysis not possible for every
scenario

Fig. 2.11 – Deceptively exploiting the
human-to-human interface

• Programs for national deception would be better
designed based on the following assumptions:
– Selective infrastructure use

– Sharing of results and insights

– Reuse of tools and methods

• An objection to deception that remains is that it is
not effective against botnet attacks
– Though a tarpit might degrade the effectiveness of a

botnet

National Deception Program

Chapter

Depth

Cyber Attacks
Protecting National Infrastructure, 1st ed.

• Any layer of defense can fail at any time, thus the
introduction of defense in depth

• A series of protective elements is placed between an
asset and the adversary

• The intent is to enforce policy across all access points

C
h
a
p
te

r 6
–

D
e
p
th

Introduction

Fig. 6.1 – General defense in depth
schema

D
e
p
th

• Quantifying the effectiveness of a layered defense is
often difficult

• Effectiveness is best determined by educated guesses

• The following are relevant for estimating
effectiveness
– Practical experience

– Engineering analysis

– Use-case studies

– Testing and simulation

Effectiveness of Depth

Fig. 6.2 – Moderately effective single
layer of protection

• When a layer fails, we can conclude it was either
flawed or unsuited to the target environment

• No layer is 100% effective—the goal of making layers
“highly” effective is more realistic

Fig. 6.3 – Highly effective single layer of
protection

Fig. 6.4 – Multiple moderately effective
layers of protection

• A national authentication system for every citizen
would remove the need for multiple passwords,
passphrases, tokens, certificates, and biometrics that
weaken security

• Single sign-on (SSO) would accomplish this
authentication simplification objective

• However, SSO access needs to be part of a
multilayered defense

Layered Authentication

Fig. 6.5 – Schema showing two layers of
end-user authentication

Fig. 6.6 – Authentication options
including direct mobile access

Layered E-Mail Virus and Spam
Protection

• Commercial environments are turning to virtual, in-
the-cloud solutions to filter e-mail viruses and spam

• To that security layer is added filtering software on
individual computers

• Antivirus software helpful, but useless against certain
attacks (like botnet)

Fig. 6.7 – Typical architecture with
layered e-mail filtering

• Layering access controls increases security

• Add to this the limiting of physical access to assets

• For national infrastructure, assets should be covered
by as many layers possible
– Network-based firewalls

– Internal firewalls

– Physical security

Layered Access Controls

Fig. 6.8 – Three layers of protection
using firewall and access controls

• Five encryption methods for national infrastructure
protection
– Mobile device storage

– Network transmission

– Secure commerce

– Application strengthening

– Server and mainframe data storage

Layered Encryption

Fig. 6.9 – Multple layers of encryption

• The promise of layered intrusion detection has not
been fully realized, though it is useful

• The inclusion of intrusion response makes the
layered approach more complex

• There are three opportunities for different intrusion
detection systems to provide layered protection
– In-band detection

– Out-of-band correlation

– Signature sharing

Layered Intrusion Detection

Fig. 6.10 – Sharing intrusion detection
information between systems

• Developing a multilayered defense for national
infrastructure would require a careful architectural
analysis of all assets and protection systems
– Identifying assets

– Subjective estimations

– Obtaining proprietary information

– Identifying all possible access paths

National Program of Depth

Chapter

Separation

Cyber Attacks
Protecting National Infrastructure, 1st ed.

• Using a firewall to separate network assets from
intruders is the most familiar approach in cyber
security

• Networks and systems associated with national
infrastructure assets tend to be too complex for
firewalls to be effective

C
h
a
p
te

r 3
–

S
e
p
a
ra

tio
n

Introduction

• Three new approaches to the use of firewalls are
necessary to achieve optimal separation
– Network-based separation

– Internal separation

– Tailored separation

tio
n

Introduction

Fig. 3.1 – Firewalls in simple and
complex networks

• Separation is a technique that accomplishes one of
the following
– Adversary separation

– Component distribution

What Is Separation?

• A working taxonomy of separation techniques: Three
primary factors involved in the use of separation
– The source of the threat

– The target of the security control

– The approach used in the security control

(See figure 3.2)

Fig. 3.2 – Taxonomy of separation
techniques

• Separation is commonly achieved using an access
control mechanism with requisite authentication and
identity management

• An access policy identifies desired allowances for
users requesting to perform actions on system
entities

• Two approaches
– Distributed responsibility

– Centralized control

– (Both will be required)

Functional Separation?

Fig. 3.3 – Distributed versus centralized
mediation

• Firewalls are placed between a system or enterprise
and an un-trusted network (say, the Internet)

• Two possibilities arise
– Coverage: The firewall might not cover all paths

– Accuracy: The firewall may be forced to allow access that
inadvertently opens access to other protected assets

National Infrastructure Firewalls

Fig. 3.4 – Wide area firewall
aggregation and local area firewall

segregation

• Increased wireless connectivity is a major challenge
to national infrastructure security

• Network service providers offer advantages to
centralized security
– Vantage point: Network service providers can see a lot

– Operations: Network providers have operational capacity
to keep security software current

– Investment: Network service providers have the financial
wherewithal and motivation to invest in security

Fig. 3.5 – Carrier-centric network-based
firewall

• Network-based firewall concept includes device for
throttling distributed denial of service (DDOS) attacks

• Called a DDOS filter

• Modern DDOS attacks take into account a more
advanced filtering system

DDOS Filtering

Fig. 3.6 – DDOS filtering of inbound
attacks on target assets

• SCADA – Supervisory control and data acquisition

• SCADA systems – A set of software, computer, and
networks that provide remote coordination of
control system for tangible infrastructures

• Structure includes the following
– Human-machine interface (HMI)

– Master terminal unit (MTU)

– Remote terminal unit (RTU)

– Field control systems

SCADA Separation Architecture

Fig. 3.7 – Recommended SCADA system
firewall architecture

• Why not simply unplug a system’s external
connections? (Called air gapping)

• As systems and networks grow more complex, it
becomes more likely that unknown or unauthorized
external connections will arise

• Basic principles for truly air-gapped networks:
– Clear policy

– Boundary scanning

– Violation consequences

– Reasonable alternatives

Physical Separation

Fig. 3.8 – Bridging an isolated network
via a dual-homing user

• Hard to defend against a determined insider

• Threats may also come from trusted partners

• Background checks are a start

• Techniques for countering insider attack
– Internal firewalls

– Deceptive honey pots

– Enforcement of data markings

– Data leakage protection (DLP) systems

• Segregation of duties offers another layer of
protection

Insider Separation

Fig. 3.9 – Decomposing work functions
for segregation of duty

• Involves the distribution, replication, decomposition,
or segregation of national assets
– Distribution: creating functionality using multiple

cooperating components that work together as distributed
system

– Replication: copying assets across components so if one
asset is broken, the copy will be available

– Decomposition: breaking complex assets into individual
components so an isolated compromise won’t bring down
asset

– Segregation: separation of assets through special access
controls, data markings, and policy enforcement

Asset Separation

Fig. 3.10 – Reducing DDOS risk through
CDN-hosted content

• Typically, mandatory access controls and audit trail
hooks were embedded into the underlying operating
system kernel

• Popular in the 1980s and 1990s

Multilevel Security (MLS)

Fig. 3.11 – Using MLS logical separation
to protect assets

• Internet separation: Certain assets simply shouldn’t
be accessible from the Internet

• Network-based firewalls: These should be managed
by a centralized group

• DDOS protection: All assets should have protection in
place before an attack

• Internal separation: Critical national infrastructure
settings need an incentive to implement internal
separation policy

• Tailoring requirements: Vendors should be
incentivized to build tailored systems such as firewalls
for special SCADA environments

National Separation Program

What Will You Get?

We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.

Premium Quality

Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.

Experienced Writers

Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.

On-Time Delivery

Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.

24/7 Customer Support

Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.

Complete Confidentiality

Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.

Authentic Sources

We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.

Moneyback Guarantee

Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.

Order Tracking

You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.

Order Now Talk to Us

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

Essay

Thesis

Presentation

Dissertation

Term Paper

Research Paper

Book Review

Assignment

Report

Case Study

Letter

Article

Coursework

Speech

Q & A

Critical Thinking

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

Essay

Thesis

Presentation

Dissertation

Term Paper

Research Paper

Book Review

Assignment

Report

Case Study

Letter

Article

Coursework

Speech

Q & A

Critical Thinking

Trusted Partner of 9650+ Students for Writing

From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.

Preferred Writer

Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.

Grammar Check Report

Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.

One Page Summary

You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.

Plagiarism Report

You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.

Free Features $66FREE

Most Qualified Writer $10FREE
Plagiarism Scan Report $10FREE
Unlimited Revisions $08FREE
Paper Formatting $05FREE
Cover Page $05FREE
Referencing & Bibliography $10FREE
Dedicated User Area $08FREE
24/7 Order Tracking $05FREE
Periodic Email Alerts $05FREE

Our Services

Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.

On-time Delivery
24/7 Order Tracking
Access to Authentic Sources

Academic Writing

We create perfect papers according to the guidelines.

Professional Editing

We seamlessly edit out errors from your papers.

Thorough Proofreading

We thoroughly read your final draft to identify errors.

Thorough Proofreading

We thoroughly read your final draft to identify errors.

Delegate Your Challenging Writing Tasks to Experienced Professionals

Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!

Check Out Our Sample Work

Dedication. Quality. Commitment. Punctuality

It May Not Be Much, but It’s Honest Work!

Here is what we have achieved so far. These numbers are evidence that we go the extra mile to make your college journey successful.

0+

Happy Clients

0+

Words Written This Week

0+

Ongoing Orders

0%

Customer Satisfaction Rate

Process as Fine as Brewed Coffee

We have the most intuitive and minimalistic process so that you can easily place an order. Just follow a few steps to unlock success.

Call Us +1 (877) 657-8180 Discuss Order Details Now

See How We Helped 9000+ Students Achieve Success

We Analyze Your Problem and Offer Customized Writing

We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.

Clear elicitation of your requirements.
Customized writing as per your needs.

We Mirror Your Guidelines to Deliver Quality Services

We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.

Proactive analysis of your writing.
Active communication to understand requirements.

We Handle Your Writing Tasks to Ensure Excellent Grades

We promise you excellent grades and academic excellence that you always longed for. Our writers stay in touch with you via email.

Thorough research and analysis for every order.
Deliverance of reliable writing service to improve your grades.

Place an Order Start Chat Now

Discussion

What Will You Get?

Premium Quality

Experienced Writers

On-Time Delivery

24/7 Customer Support

Complete Confidentiality

Authentic Sources

Moneyback Guarantee

Order Tracking

Areas of Expertise

Essay

Thesis

Presentation

Dissertation

Term Paper

Research Paper

Book Review

Assignment

Report

Case Study

Letter

Article

Coursework

Speech

Q & A

Critical Thinking

Areas of Expertise

Essay

Thesis

Presentation

Dissertation

Term Paper

Research Paper

Book Review

Assignment

Report

Case Study

Letter

Article

Coursework

Speech

Q & A

Critical Thinking

Trusted Partner of 9650+ Students for Writing

Preferred Writer

Grammar Check Report

One Page Summary

Plagiarism Report

Free Features $66FREE

Our Services

Academic Writing

Professional Editing

Thorough Proofreading

Thorough Proofreading

Delegate Your Challenging Writing Tasks to Experienced Professionals

Check Out Our Sample Work

It May Not Be Much, but It’s Honest Work!

0+

Happy Clients

0+

Words Written This Week

0+

Ongoing Orders

0%

Customer Satisfaction Rate

Process as Fine as Brewed Coffee

Share Your Requirements

Place Order & Deposit Funds

Release Payment to Your Writer

See How We Helped 9000+ Students Achieve Success

We Analyze Your Problem and Offer Customized Writing

We Mirror Your Guidelines to Deliver Quality Services

We Handle Your Writing Tasks to Ensure Excellent Grades