Reference no: EM13380035

Question 1

Describe a malware attack that causes the victim to receive physical advertisement.

Question 2

Suppose that a metamorphic virus, DoomShift, is 99% useless bytes and 1% useful bytes. Unfortuntely, DoomShift has infected the Loginprogram on your Unix system and increased its seize from 54K bytes to 1054K bytes;hence, 1,000K bytes of login program now consists of the DoomShiftviruss. Barb has a cleanup program, DoomSweap, that is able to prune away the useless bytes of the Doomshift virus, so that in any infected file it will consist of 98% useless bytes and 2% useful bytes. If you apply DoomSweep to the infected login program, what will be its new size?

Question 3

Show how to defend against the DOS attack of Exercise C5-10.

You are the system administrator for an provider that owns a large network (eg. At least 64,000 IP addresses). Show how you can use SYN cookies to perform DOS attack on a web server.

Question 4

Describe how to modify a NAT router to prevent packets with spoofed IP addresses from exiting a private network.

Question 5

Suppose the transaction ID of DNS queries can take values from 1 to 65,536 and is randomly chosen for each DNS request. If an attacker sends 1,024 false replies per request, how many requests should he trigger to compromise the DNS cache of the victim with probability 99%?

Question 6

Describe a modification to the random port scan, as describe in previous exercise, so that it still use a randomly generated sequence of port numbers but will now have exactly the same number of attempted TCP connections as a sequential port scan.

Question 7

Describe a method for protecting users against URL obfuscation attacks.

Question 8

What is the plaintext for the following ciphertext, which was encrypted using a simple substation cipher:

CJBT COZ NPON ZJV FTTK TWRTUYTFGT NG DTN O XJL.Y COZ ZJV CPJVIK DTN O XJL MYUCN.