Analysis of Network Vulnerabilities and Attack Patterns in Kenyan Public University System Networks.

Abstract

The rapid adoption of Information and Communication Technologies (ICTs) in Kenyan public universities has enhanced administrative efficiency and academic delivery. Still, it has also exposed networks to escalating cyber threats, including intrusions and data breaches. The study reveals challenges faced by institutions of higher learning amid rising threats to their cybersecurity as they advance their information technology infrastructure and expand their reliance on internet-based software to enhance their educational, research, as well as administrative activities. This study conducts an empirical analysis of network vulnerabilities and attack patterns in Kenyan public university networks, leveraging 1,290 Secure Shell (SSH) security event logs from the Kenya Education Network (KENET). Employing a quantitative approach grounded in Design Science Research Methodology (DSRM), we categorize vulnerabilities by severity and Common Vulnerabilities and Exposures (CVEs), revealing that medium-severity attacks dominate (94.4%), with SSH-general (57.3%) and CVE-2023-48795 (37.4%) incidents prevalent, peaking between 01:00–03:00. These findings high- light critical risks, such as protocol downgrade attacks and brute-force attempts, necessitating robust cybersecurity measures. We propose actionable recommendations, including automated vulnerability scanning, real-time monitoring, and multi-factor authentication, to enhance network resilience. This study contributes a context-specific analysis of cybersecurity risks in higher education, addressing a gap in localized threat assessments for developing nations.