COM398 Systems Security

用户28182741721
61 阅读10分钟

COM398SUST COM398 Systems Security 60% OF THE TOTAL MARK Release Date: 04th March 2024 Submission Date: 3rd May 2024 (12:00 (Noon) UK time) Date returned with feedback: Within twenty working days after the submission deadline. In submitting your assignment, you are agreeing to the following declaration of ownership: I declare that this is all my own work and does not contain unreferenced material copied from any other source. I have read the University’s policy on plagiarism and understand the definition of plagiarism. If it is shown that material has been plagiarised, or I have otherwise attempted to obtain an unfair advantage代 写COM398 Systems Security for myself or others, I understand that I may face sanctions in accordance with the policies and procedures of the University. A mark of zero may be awarded and the reason for that mark will be recorded on my file. University policy on plagiarism is available here. CW2 is an individual coursework which is worth 60% of the total coursework mark for this module. The successful completion of CW2 will address the following learning outcomes: • Develop practical prototypes to experiment with and reinforce core systems security concepts. • Illustrate a comprehension of the key issues and principles underlying modern security in computing systems. • Characterise the threats faced by computing systems, applications and systems; and examine the role of security risks assessment and management in IT. This coursework component requires students to research, write and make a presentation on the topic of traffic analysis during a DoS / DDoS attack using Wireshark. This element would require each student to prepare PowerPoint slides (10-15) and vodcast of the student presenting the slides. The vodcast should be a maximum of 15 minutes long (vodcast exceeding the maximum limit will be penalised according to the following scheme). COM398SUST 15 minutes + 10% No penalty 15 minutes + >10% - 20% reduction in the total mark by 5% 15 minutes + >20% - 30% reduction in the total mark by 10% 15 minutes + >30% - 40% reduction in the total mark by 15% 15 minutes + >40% - 50% reduction in the total mark by 20% 15 minutes +>50% The maximum total mark achievable is 40% This assessment component is designed to encourage students to reflect critically on the fundamentals of systems security; and relate these fundamental concepts to developments within the field, and to realworld practical examples. The students should submit the PPT they presented along with the video to show his / her ability to carry out research on the CW topic. This coursework component requires you to prepare (see also notes 1 & 2, and the coursework preparation, submission and provision of feedback sections below) a video-recorded PPT presentation and the PPT file (video + PPT slides) on traffic analysis using Wireshark. In this coursework, you will be only considering the TCP/IP protocols for the analysis. Students will have to log their experience (including any Wireshark based visualisation), observations and analysis of the captured network traffic in a PPT document describing the TCP/IP protocol suit, and addressing some specific points related to the provided Wireshark traffic file (PCAP file). The PPT document and presentation may include (but not limited to) and address the following points:

  1. An explanation of the TCP/IP protocols suit including: a) The Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), and the difference between the two protocols b) The Internet Protocol (IP) c) The Difference between TCP and IP d) The work of the TCP 3-Way Handshake Process.
  2. Describe and contrast the Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks, and their sub-types.
  3. In the provided PCAP file, identify the type of the attack; any of your observations and analysis of the traffic should be justified and explained by adding suitable Wireshark snapshots (or any suitable Wireshark trace visualisation approach that you can embed in your presentation / video)
  4. What is the IP address of the suspected attacker in the PCAP file? Justify and explain? COM398SUST
  5. Reflecting on the detected attack(s), you should add in your conclusion the possible context / cause(s) that allowed such attack(s) to take place; and countermeasure recommendations. You should prepare your PPT document and presentation in such a way that it may be understood by and useful to a fictitious group of students taking a course in computing and who may be joining placement employers. Although you have the freedom to adopt and follow your own presentation plan and structure, the expectation, however, is that there should be an ‘Introduction’ in which you should cover the TCP/IP protocols suit from which you can elaborate on the DoS and DDoS as in the points above. The body of the report should be divided and partitioned into sections and any appropriate visualization means should be used (e.g snapshots). Your presentation should be evidence-based and supported by relevant and up-to-date references and links. Sources should include textbooks, academic web sites, manufacturers’ web sites, RFCs, white papers and academic literature (conferences and journals). You may use your own selected referencing style. Note 1: You can use data from such sources as evidence but you need to express this in your own words. Plagiarism will not be tolerated and will be dealt with according to University policy: www.ulster.ac.uk/student/exa…. It is inappropriate to make a presentation based on sources which are not listed. Note 2: You should demonstrate good knowledge and understanding of the topics and points of your presentation; and express them with high effectiveness, conciseness and succinctness. When preparing your presentation, you should make sure to include only the most relevant references. Coursework preparation, submission and provision of feedback: This coursework should be returned as an electronic submission by the due date specified above. University regulations require that late submissions attract a mark of zero and will be rigorously applied, without exception. If you have extenuating circumstances, you should complete an EC1 form according to your course rules; forms are found on your course website – your year tutor and course director can advise. • What should be returned is file 1) a copy of the PPT document used as the basis of your presentation (in this case your researched material / script should either be embedded in the notes section or appended to the end of your PPT document), file 2) the video (in a suitable format, e.g. mp4, you may also use Panopto etc – for a Panopto submission, please refer to the material on the module page). These files should be put saved in the COM398SUST same folder which is then compressed (zipped); the obtained ZIP file must be uploaded using the CW2 Submission link in the module webpage on Cloud Campus. You should also take note of the following: • Please ensure the filename of the submitted project folder archive is given as YourBNumber_CW (i.e., B0011_CW2-PPT and B0011_CW2-VODCAST). • As it may be expected that the file to be submitted can be of a substantial size, you are advised to attempt your submission early to avoid any IT related issues. • Feedback will be provided within 20 working days after submission by the date shown above. Feedback can take the form of comments and a mark as shown herewith: Student’s ID Mark overall (%) Criterion Weight Research material (to include extent of background research, quality of analysis and citations & references) 25 Trace files, traffic or design files analysis (as appropriate; and to include quality of analysis and answers and approach justification) 40 PPT presentation (to include quality of both PPT and text; ad coherence of the points made) 20 Video recording (to include quality of recording, creativity, communication, organization and clarity, use of adequate visualization techniques (e.g. snapshots) 15 Comments:
  1. Research Material: The material you present should be evidence-based and supported by relevant and up-to-date references.
  2. PCAP files analysis: The analysis should include but not limited to filters and graphs to support your argument(s).
  3. PPT presentation: When preparing your presentation, you should be sure to include only the most relevant points on the slides: you can give more details in the notes section if you wish to, however, the purpose of the slide is to be succinct in your information. The background image and snapshots (or additional graphics if you want to use them) and sound/audio effects should be relevant to the points being made on the slide. COM398SUST
  4. Video recording: Your recording should demonstrate good knowledge and understanding of the topic of your presentation and express them with high effectiveness. Submission: An electronic copy of the assignment may be submitted anytime up until the cutoff date but will not be accepted after it. ASSIGNMENT TO BE SUBMITTED VIA THE DROPBOX MARKED ‘CW 2 Submission’ WITHIN Cloud Campus. COM398SUST Coursework 2023/2024 Evaluation and Marking Rubric COM398 System Security Component Two: The Project (60%)  Criteria (100%) 80-100% High 1st 70-79% 1st 60-69% 2.1 50-59% 2.2 40-49% 3rd 0-39% fail Research material (to include extent of background research, quality of analysis and citations & references) 25% Subject knowledge is evident throughout the presentation; information is clear and correct. The presentation contains pertinent points related to the assignment topic; and is free of errors and weaknesses. Such points are excellently addressed in an appropriate depth level and thoroughly analysed. When needed, specific support is provided for each statement from credible sources. Subject knowledge is evident in much of the presentation; with very few exceptions, almost all presented information is clear; most references are suitable, and the statements made are supported with appropriate citations. The researched material to a considerable extent is addressed and analysed thoroughly. When particular points are addressed, it is done in a particularly proficient level of conciseness. Subject knowledge is evident in the presentation; however, there are few exceptions where details may be missing or where particular points are not addressed in a good depth and conciseness. The researched material is mainly meeting the requirements and guidelines of the assignments with very few exceptions, it is generally clear and easy to identify the sources of statements made and references are suitable. The researched material in the presentation partially meets the requirements and general guidelines of the assignment; details can be missing, and when particular points are addressed, it is not always done in an appropriate level of conciseness. There are instances where material sources may not be suitable, or the claims are not supported by citations. The researched material may be remotely related to the topic of the assignment; details are somewhat sketchy and do not support the topic of the assignment and may lack conciseness. Source materials may not be relevant to the purpose of the presentation. Often, it can be unclear where information or facts come from a source. The researched material and information are confusing, incorrect, or flawed; the presentation material can be partially or totally unrelated to the topic of the assignment; addressed points are not well defined, not well argued and sketchily covered. The presented material does not meet the requirement of the assignment; material is not supported by citations, or the references used are not suitable / credible. Trace files, traffic or design files analysis (as appropriate) 40% The analysis addressed the majority of the issues related to the problem area. The analysis integrated sufficient components to the bulk of its goals. The analysis addressed a large part of the issues related to the problem area. The analysis integrated a large number of components to the bulk of its goals. The analysis addresses a good number of the issues related to the problem area. The analysis integrated a good number of components to achieve a good range of goals. The analysis partly addresses some of the issues related to the problem area. The analysis integrated sufficient components to achieve a moderate range of goals. An inadequate analysis was presented which did not clearly address the problem at hand. The analysis minimally integrated elements to achieve its goals. The analysis is flawed or incorrect. It is very sketchy and does not address the problem at hand. COM398SUST Coursework 2023/2024 PPT presentation (to include quality of both PPT and text; ad coherence of the points made) 20% Points made catch the viewer/listener’s attention and hook him/her to the presentation: they are well organized and motivating. Such statements and points are introduced in a logical order and are well interlinked. The presentation is error free and does not encompass any grammar or spelling errors. The points made in the presentation are clear and coherent and evoke good interest from the viewer/listener. The text has very few mistakes or spelling errors, details are presented in a logical order. The points made in the presentation are generally clear but may be uncoherent occasionally and the link between such points may not be obvious. The text has few mistakes or spelling errors, details are presented in a logical order mainly, although with some incoherence. The points made in the presentation evoke a limited interest from the viewer/listener: they are brief, sketchy and incoherent. The structure of the presentation from its introduction to its conclusion did not orient the student to the topic being covered; there are many spelling and other mistakes in the text. The points made in the presentation do not evoke interest from the listener / viewer as there is a very limited coherence between the points made. The presentation is badly structured; text includes many errors. The points made in the presentation are unclear; the listener or viewer may lose interest and is hard for him / her to comprehend the topic; the presentation in incoherent and is ill structured. Video recording (to include quality of recording, creativity, communication, organization and clarity, use of adequate visualization techniques (e.g. snapshots) 15% The recording runs smoothly; the introduction of new ideas transitions are smooth and almost unnoticeable. The video recording, video or podcast is well structured. The selections of graphics, sound effects and works of art have assisted in the communication of ideas. The recording timing is perfect. The recording runs mostly smoothly; only very few changes of introductions of new ideas transitions are noticeable. Still the viewer is hooked and the recording, video or podcast is well structured. The selections of graphics, sound effects and works of art have assisted in the communication of ideas. The recording timing is almost perfect. Multiple types of transitions may be used; however, there is little impact on the smoothness of the recording. Such transitions are used for a purpose: to help tell the story of the presentation. The pacing and timing of the video are good; and the graphics are well employed to convey information. Multiple types of transitions may be used; however, there is some impact on the smoothness of the recording. There are few transitions which do not help the purpose of the recording, or the recording is ill structured. The timing and pacing need to be reviewed as the recording is either too long or too short. When used, graphics and sound effects are not always well employed. Multiple types of transitions may be used: there is a clear impact on the smoothness of the recording. There may be multiple transitions which do not help the purpose of the recording, or the recording is ill structured. The recording is either too short or too long; the pacing is ill suited for the recording length. There may be no graphics, sound effects or work of art to support the recording story. Video is of poor quality and is unedited. There are no transitions added or transitions are used so frequently that they detract from the video. There are no graphics. The timing and pacing are not suitable. COM398SUST Coursework 2023/2024 References CHAPPELL, L. & COMBS, G. 2010. Wireshark network analysis: the official Wireshark certified network analyst study guide, Protocol Analysis Institute, Chappell University. OREBAUGH, A., RAMIREZ, G. & BEALE, J. 2006. Wireshark & Ethereal network protocol analyzer toolkit, Elsevier. COM398SUST Coursework 2023/2024 Appendix A Wireshark is an open-source tool used for capturing and analysing network traffic at a very granular level. Wireshark shows packet details captured from different network sources, and breaks down the traffic into the individual layers of the Open Systems Interconnection (OSI) model (e.g. the data link, network, transport, and application layers). Wireshark uses display filters to highlight and focus the analysis on the interesting packets(Orebaugh et al., 2006, Chappell and Combs, 2010). For this CW component, the MC provides a single PCAP file that includes a network activity. Such file content is to be analysed (the students are not allowed to analyse any other PCAP files as part of this assignment to explain a Dos / DDos attack; however they are free to use any other PCAP files or resources in order to complete their presentation; e.g. students are at liberty of using any resources to highlight any TCP, IP or any protocol’s activity using Wireshark WX:codinghelp
avatar
文章
阅读
粉丝