User Account

All Pages

Malware Analysis - download and analyse the bots

Assignment Help Computer Network Security
Reference no: EM132856286

Malware Analysis

TASKS:

For the purpose of this project you are expected to carry out an investigation into a botnet. Mainly, the investigation should be done by carrying out a literature review of research papers, industry reports and any other resources you may find related to that botnet. In addition, you may identify, download and analyse pcap file(s) and/or dataset(s) associated with that botnet.

Please note that you are NOT required to download and analyse the malware bot component of the botnet. If you decide to download it for further analysis, you should only do this once you have comprehensively researched and have a very good understanding of its behaviour and possible consequences. You are responsible for any damage you may cause as a result of your actions.

The final task will be to document potential defences to protect against future attacks by this botnet on organisations/individuals. Students will have to submit a report documenting their work.

REPORT STRUCTURE:
1. Executive Summary: Description of the objectives and key findings of the investigation.

2. Methodology: Details and justifications (with references) of the botnet investigation methods that were used, which can include but may not be limited to:
• Detail your strategy to search for and select the academic papers, industry reports, and other references.
• Detail the pcap files and/or dataset that you identified and analysed (if any).
• If you decide to download and analyse the bots, provide details and justifications (with references) of the malware analysis methods that were used (e.g., static analysis, dynamic analysis, Internet investigation, etc.),
• Provide description of the test environment setup (e.g., OS version, configuration, precaution and sandboxing measures, etc.), description of the software tools and online tools used for the analysis of the pcap files / datasets / bots, and justification of their choice (i.e., vis-à-vis alternative tools).

3. Botnet Investigation & Findings: Detailed description of the botnet, interpretation and critical analysis of the findings. This section must be broken down into multiple subsections with meaningful headings for each aspect considered, which can include but may not be limited to:
• Bots Identification: Description of the bot sample, such as: type of the file, its name, size, hashes, current anti-virus detection capabilities, etc.
• Botnet Size and Damage: Provide estimates (with references) of the botnet size, as well as details about reported damage caused by the botnet (e.g., monetary cost for institutions, number of affected users / systems, etc.).
• Target Devices: details about the target devices (e.g., PCs, mobile devices, IoT devices, etc.).
• Botnet Architecture: Details and diagram of the architecture/ topology used by the botnet, number and type of C&C server(s), etc.

• Botnet Behaviour: Detail the behaviour of the botnet (e.g., interaction with registry, files, network, etc.), its main purpose / use cases (e.g., steal credit card information, carry out DDoS attacks), etc.
• Botnet Resilience: Detail if the botnet uses any C&C protection and resilience techniques (e.g., bulletproof hosting, DGAs, fast-flux, etc.), detail if the bots use any hiding techniques, persistence mechanisms (e.g., surviving reboots), etc.
• Botnet Takedown: Detail any efforts by law enforcement and/or other organisations / individuals to identify who created and/or operated the botnet (if known), any efforts to deactivate the botnet and how successful these were, etc.
• Botnet Evolution: Details on how the botnet evolved, new variants of the botnet showing up, etc.

4. Recommendations: Provide recommendations on how organisations/individuals can protect themselves against future attacks by this botnet (e.g., best practices, firewall rules, IDS, anti-virus, etc.).

5. Conclusions: Include an overall discussion of the main findings, limitations and implications, detail next steps (i.e., what else would you do if you had more time).

6. References: Include references to all the resources you consulted when preparing this CA (e.g., research papers, industry reports, web resources, etc.).

7. Appendix: Include screenshots and any additional details required to evidence how you conducted thee practical tasks (the use of screenshots should be kept to a minimum in the main part of the document).

Attachment:- Malware Analysis.rar

Attachment:- Project Template.rar

Reference no: EM132856286

Questions Cloud

Develop a communication plan that describes the audiences : Develop a communication plan that describes the nature, timing, and audiences for communications to the internal and external stakeholders
Prepare an income statement showing percentages : Prepare an income statement showing percentages as well as dollar amounts. Conclude your statement with income from operations for the business
What is the probability of actually having lung cancer : What is the probability of actually having lung cancer if an adult tests positive for lung cancer?
Why was model used by amazon for hiring : How do humans remain vigilant when we turn over authority to computers? Have you tried to navigate without gps? Why did Skynet declare war on the human race?
Malware Analysis - download and analyse the bots : Investigation should be done by carrying out literature review of research papers, industry reports and any other resources you may find related to that botnet
What is the probability high school diploma : What is the probability that more than 3 of them have a high school diploma? (That is, what is P(X>3) (round to 4 decimal places)
Prepare the necessary disclosures required by gaap : Sales of segments B and C included intersegment sales of $20,200 and $99,500, respectively. Prepare the necessary disclosures required by GAAP
How useful are crowd sources answers : What are some drawbacks to crowd sourced answers? How reliant are we and how reliant should we be on getting our news from social media?
Why is wikipedia more reliable than a paper encyclopedia : Describe Digital Literacy (how to know what is real on the web). Why is Wikipedia more reliable than a paper encyclopedia? What does this mean to you?

Reviews

len2856286

4/13/2021 9:56:38 PM

I have attached the requirements and the project template for your perusal. Thanks

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd