User Account

All Pages

Draw a message sequence diagram

Assignment Help Computer Network Security
Reference no: EM132597652

COIT20262 Advanced Network Security - Central Queensland University

Question 1. HTTP Interception

Aim
Your aim is to demonstrate the weakness of communicating in networks without encryption, in particular when web browsing. To do this, you will demonstrate how easy it is to intercept traffic in a network, and explain what information can be extracted from interception of HTTP traffic.
Complete the following phases, in order.

Phase 1: Setup
1. Add a new student user to the MyUni grading system (see NSL 16.3.6). The user must have:
• Username: [StudentID]
• Password: [FirstName]
2. Add a grade for the new student user for unit/course ‘coit20262' with a grade of what you expect to receive this term, e.g. HD, D, C, P or F.
3. Change the domain of the MyUni website to www.[StudentID].edu by editing the
/etc/hosts files.
4. Test that the existing users and new student can access the grading website.

Phase 2: Intercept HTTP Traffic
1. Start capturing on node2 using tcpdump.
2. The new student user must do the following on node1:
a. Visit the MyUni grading website, e.g.:
b. Follow the "Login" link and login
c. Follow the "View grades" link and enter their username and ‘coit20262' to view the course/unit grade, and submit.
d. Follow the "Logout" link.
e. Exit lynx by pressing q for quit.
3. Stop capturing on node2. Note that it is important that the start of the TCP connection (i.e. 3-way handshake), as well as all HTTP requests/responses are included in the capture.
4. Save the capture file as [StudentID]-http.pcap.

Phase 3: Analysis
Answer the following sub-questions regarding the previous phases.
(a) Submit the capture file.

(b) Draw a message sequence diagram that illustrates all the HTTP messages for the new student user viewing the grades (i.e. the HTTP messages from [StudentID]- http.pcap from phase 2 above). Do not draw any packets generated by other applications or protocols, such as ARP, DNS or SSH, and do not draw TCP connection setup or ACKS. Only draw HTTP messages. A message sequence diagram uses vertical lines to represent events that happen at a computer over time (time is increasing as the

line goes down). Addresses of the computers/software are given at the top of the vertical lines. Horizontal or sloped arrows are used to show messages (packets) being sent between computers. Each arrow should be labelled with the protocol, packet type and important information of the message. Examples of message sequence diagrams are given in workshops. Note that you do not need to show the packet times, and the diagram does not have to be to scale. Draw the diagram yourself (e.g. using drawing software or by hand) - do NOT use Wireshark to generate the diagram.

(c) As the attacker you can learn information from intercepting the packets. Based on the packet capture file, write a brief report on what useful information you can learn from the interception. The report, no longer than 1 page, must refer to specific values and packet numbers, as well as give a brief explanation of how the information may be useful for the attacker. For example, if you think the server port number is useful, then your report may say: "The port number used by the web server was 80, as seen in packet 13 in the capture file. The port number is useful for the attacker because ...".

(d) On the message sequence diagram from part (a), identify any messages that contain information you discussed in part (b). For example, if the first message on the message sequence diagram contains the server port number, then include the value of the port number on or next to the first message in part (a).

Question 2. Vulnerability Assessment

Aim
Your aim is to conduct a (partial) vulnerability assessment on the educational institution. (It is only a partial assessment, rather than complete, as you will only assessment a small number of threats). You are to produce a brief report that could be presented to non-technical management (e.g. the university vice-chancellor or academic board).

Phase 1: Asset and Threat Identification
Identify three (3) different threats on assets relevant to the educational institution. These must come from the Attacks on a University database on Moodle. At least two (2) of the threats must be from you (i.e. have your name and not copied directly from others), and none (0) of the threats can be from staff (e.g. Unit Coordinator, Lecturers, Tutors). If you are not sure which entry in the database is from a student or staff, click on the link to their name. Include screenshots of each of the threats from the database in your report.

Phase 2: Vulnerability Appraisal
For each of the three (3) threats, provide a detailed explanation of a vulnerability that can lead to the threat. This should be a specific vulnerability, and refer to computer and network technologies, but still should be understandable by non-technical management.

Phase 3: Risk Assessment
For each of the three (3) threats, assign a vulnerability impact level, likelihood level and risk level, and explain why they are those vulnerability and likelihood levels. You may choose your own scale for impact and likelihood.

Phase 4: Risk Mitigation
Recommend actions to take or countermeasures for each of the three (3) threats.

Question 3. Ransomware

Aim
Your aim is to write a brief report to university staff (including management) as follow up to a ransomware attack on the university.

Phase 1: Research and Report
Your university has been infected by ransomware, affecting primarily their grading system (e.g. MyUni style grading system or Moodle Gradebook). You know that the ransomware encrypted files containing grade information using AES, and the AES secret key was encrypted and saved on the system with RSA public key encryption. The RSA public key is stored on the ransomware code (which you have access to). The university was able to restore some parts of the grading system from backup and manually enter any missing grades.
Write a report addressing the following:
a) What is ransomware? Give a short introduction/overview so that management can understand.
b) Briefly describe real ransomware that has infected other organisations recently. Indicate the name of the ransomware, the organisations(s) it impacted, and what impact it had.
c) Explain the role of the cryptographic mechanisms and why you cannot simply decrypt the files. This should be explained for a technical audience, that is, the IT staff in the university. Refer to types of algorithms used and how they are used.
d) Recommend methods the university should take in the future to avoid becoming infected.

Your report must have four (4) sections, each section addressing a point above. While there is no page limit, each section should be less than half a page, and a good answer could be given in 1 to 3 paragraphs. Do NOT include pictures or tables in the report. Use text only. While you may use numbered lists and dot points, the report cannot entirely be lists. References are not necessary (although the normal rules of academic integrity are expected).

Question 4. Encryption and Signing
Aim
Your aim is to demonstrate skills and knowledge in cryptographic operations, especially key management. You will do this in pairs (that is, with a partner student).
When performing cryptographic operations you must be very careful, as a small mistake (such as a typo) may mean the result is an insecure system. Read the instructions carefully, understand the examples, and where possible, test your approach (e.g. if you encrypt a file, test it by decrypting it and comparing the original to the decrypted). It is recommended you use virtnet to perform the operations.

Phase 1: Key Generation
1. Generate your own RSA 2048-bit public/private key pair and upload your public key to the Public Key Directory on Moodle. (If you have already done this in the tutorial, you do not need to do it again). Save your keypair as [StudentID]-keypair.pem.
2. Generate a secret key to be used with AES-256-CBC, saving it in the file [StudentID]- key.txt.
3. Generate an IV to be used with AES-256-CBC, saving it in the file [StudentID]- iv.txt.

Phase 2: Message Creation and Signing
1. Create a message file [StudentID]-message.txt that is a plain text file containing your full name and student ID inside.
2. Digitally sign [StudentID]-message.txt using RSA and SHA256, saving the signature in the file [StudentID]-message.sgn.
Phase 3: Encryption
1. Encrypt [StudentID]-message.txt using symmetric key encryption, saving the ciphertext in the file [StudentID]-message.enc.
2. Encrypt [StudentID]-key.txt using public key encryption (RSA), saving the ciphertext in the file [StudentID]-key.enc.
3. Encrypt [StudentID]-iv.txt using public key encryption (RSA), saving the ciphertext in the file [StudentID]-iv.enc.
Phase 4: Upload to your Partner
1. To send files to your partner, you must upload them to the Encrypted Files database on Moodle. Your partner can then download from the database.
Phase 5: Decryption and Verification
1. Download the files from your partner from the Encrypted Files database.
2. Decrypt to obtain the message, saving it in the file [StudentID]-received.txt.
3. Verify the signed message.
4. Take a single screenshot showing the OpenSSL verification command and the contents of the message. That is, the single screenshot should show the output of two commands:

openssl dgst ...
cat [StudentID]-received.txt

Phase 6: File Submission
a) Submit the files on Moodle. As output from these phases you should have the following files for submission on Moodle:
• [StudentID]-message.txt
• [StudentID]-keypair.pem
• [StudentID]-pubkey.pem
• [StudentID]-key.txt
• [StudentID]-iv.txt
• [StudentID]-message.sgn
• [StudentID]-message.enc
• [StudentID]-key.enc
• [StudentID]-iv.enc
• [StudentID]-received.txt (this will contain the message you received from your partner)
Even though the encrypted files and public keys must be available on the Moodle databases, you should also include a copy of the files in your assessment submission. Ensure the files in the database and your submission are the same - the marker may use either version.

Phase 7: Reflection
Think about the tasks you performed in this question and write a brief reflection. You should address:
b) Which parts were most challenging or lead to mistakes, and why there were mistakes. What could be changed to make it easier and/or reduce mistakes. Consider OpenSSL as well as the method for sharing files via Moodle databases.
c) Identify potential security weaknesses in the process and/or the steps you took.

Attachment:- Advanced Network Security.rar

Reference no: EM132597652

Questions Cloud

Consultants by acme health systems : NOVA is a diverse region, representing both some of the wealthiest neighborhoods in the nation and large ethnic populations, including Hispanics,
Incident report in the event of an injury : List the type of information you must record in an incident report in the event of an injury, illness or accident in the workplace.
How to prevent yourself from getting ostoarthritis : How you live your life when your younger can and will effect how your body treats you when you get older. Although there are a few factors that can go into oste
Record in an incident report in the event of an injury : List the type of information you must record in an incident report in the event of an injury, illness or accident in the workplace.
Draw a message sequence diagram : Draw a message sequence diagram that illustrates all the HTTP messages for the new student user viewing the grades - As the attacker you can learn information
Organising health and safety training : You are organising health and safety training for your kitchen staff as you have noticed an increase in burn accidents.
Elected or appointed judges-abortion policy in texas : How well does the racial and gender composition of the judiciary reflect the demographics of the state's population?
Write an overview of the issues that each organization faced : Gaining an understanding of the various models of leadership theory is critical in order to understand what skills and abilities are needed to influence.
How can you identify whs training needs for your team : How can you identify WHS training needs for your team?

Reviews

len2597652

8/11/2020 4:43:54 AM

Assignment requires You must use virtnet to perform tasks. Don't rely heavily on images (unless they are asked for). If you do include images, then draw them yourself - don't take images from the Internet, textbook or lecture notes.

Write a Review

Computer Network Security Questions & Answers

  Develop identity management and security awareness training

Develop the identity management and security awareness training plan strategy for Applied Predictive Technologies Company.

  ICT379 Security Architectures Assignment

ICT379 Security Architectures Assignment Help and Solution. Discuss the core security mechanisms Windows implements to prevent the attacker achieving that goal

  Describe the seven domains for a typical it infrastructure

Describe the seven domains for a typical IT infrastructure where network security is implemented

  Cyber crime research

Conduct an Internet search of cyber crimes. Find a cyber crime, a crime where a computer is used to commit a majority of the crime that has occurred in the last three months. Write a 1 ½ to 2 page synopsis of the crime, using APA style formatting.

  Compare and contrast hids and nids

Compare and contrast HIDS and NIDS, and provide at least one example identifying when one would be more appropriate to use over the other. Provide a rationale to support your chosen example.

  Which of the cia goals did tjx fail to achieve in attack

Research the TJX data breach case on the web and answer the following questions.

  Analyze the network protocols and security mechanisms

Analyze the network protocols and security mechanisms in wireless networks. Evaluate the application of Wireless LANs, MANs, and PANs.

  What can be done to protect against ransomware

To pay or not to pay? When it comes to corporate data, should corporations pay? Can you trust paying? What can be done to protect against ransomware?

  Present a research project for the physical security measure

Present a research project for the Physical Security measures for this new facility. Recommend categories of countermeasures and the associated risks.

  Provide one real-world example that demonstrates severity

Examine at least three (3) risks associated with using public wireless access points to gain access to a corporate network. Provide one  real-world example that demonstrates the severity of the identified risks.

  Describe how osi layers can affect a network design

Describe how OSI layers can affect a network's design and network in general. Provide an example. Using resources from this week's readings and those available.

  Why is the nfs option grayed out on the share protocols page

Why is the NFS option grayed out on the Share Protocols page and According to the Server Manager console, what roles are currently installed on the computer

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd