Reference no: EM133437894
You have been recruited as a full-time security administrator/engineer. You are responsible for monitoring newly discovered vulnerabilities, and if they affect the organisation's IT systems it is also your responsibility to design and implement security measures to deal with the vulnerability if the vulnerable system/software cannot be upgraded or patched. For this project we assume a "new" vulnerability has been recently discovered for a system/software that is critical for the organisation and cannot be taken offline, upgraded, or replaced in the short-term, and no upgrade or patch will be available in the short-term.
The aim of this project is to put your skills to practical use. In this project you will identify and research a security vulnerability and then design and implement strategies for detecting the exploitation of the vulnerability and mitigating the vulnerability (while continuing to provide the affected service). You will document these in a report and implement them in a (virtual) test environment. You will demonstrate the effectiveness of your approach to other students in class. Your reports will contain details on the vulnerability, the setup and demonstration of the test environment as well as descriptions of the design and implementation of the detection and mitigation techniques developed.
The project has three phases: (1) topic proposal, (2) vulnerability description and proposed exploitation detection and mitigation techniques report and (3) vulnerability detection and mitigation demonstration and final report.
Help on phase (2); Vulnerability Detection and Mitigation Design on CVE-2021-40444
The activities that you will undertake are as follows:
1. Describe and explain the vulnerability with a reasonable high level of technical detail. A copy of a CVE report is not acceptable, and a superficial description will attract low marks. The description must include outcomes of the vulnerability, i.e. what it can be used for, what level of access it provides, and which systems are affected by the vulnerability.
2. Under the assumption that there is no short-term fix for the vulnerability, describe a method for detecting the actual exploitation of this vulnerability. This part should start with a more general explanation of the approach but must also provide a detailed technical design for it and explain how it can be implemented. Significant limitations must be discussed.
3. Under the assumption that there is no short-term fix for the vulnerability, describe a method for mitigating exploitation based on this vulnerability. This part should start with a more general explanation of the approach but must also provide a detailed technical design for it and explain how it can be implemented. Significant limitations must be discussed.
Your proposed approaches should be original solutions and not a copy of existing approaches/solutions, and originality will be used as one marking criterium. If your solution is based on any previous work, this previous work must be referenced.
Vulnerability detection and mitigation written report marking rubric:
a. Explanation of the vulnerability and how it is exploited.
b. Explanation and design of approach to detect exploitation of the vulnerability.
c. Explanation and design of approach to mitigate exploitation of the vulnerability.