COM398 Systems Security
60% OF THE TOTAL MARK
Submission Date: 9th December 2024 (12:00 (Noon) UK time)
Date returned with feedback: Within twenty working days after the submission deadline.
CW2 is an individual coursework which is worth 60% of the total coursework mark for this module. The successful completion of CW2 will address the following learning outcomes:
• Develop practical prototypes to experiment with and reinforce core systems security concepts.
• Illustrate acomprehension of the key issues and principles underlying modern security in computing systems
• Characterise the threats faced by computing systems, applications and systems; and examine the role of security risks assessment and management in IT
This coursework component requires students to research, write and make a presentation on the topic of traffic analysis during a DoS / DDoS attack using Wireshark. This element would require each student to prepare PowerPoint slides (10-15) and vodcast of the student presenting the slides. The vodcast should be a maximum of 18 minutes long (vodcast exceeding the maximum limit will be penalised according to the following scheme).
|
18 minutes + 10%
|
No penalty
|
|
18 minutes + >10% - 20%
|
reduction in the total mark by 5%
|
|
18 minutes + >20% - 30%
|
reduction in the total mark by 10%
|
|
18 minutes + >30% - 40%
|
reduction in the total mark by 15%
|
|
18 minutes + >40% - 50%
|
reduction in the total mark by 20%
|
|
18 minutes +>50%
|
The maximum total mark achievable is 40%
|
This assessment component is designed to encourage students to reflect critically on the fundamentals of systems security; and relate these fundamental concepts to developments within the field, and to real- world practical examples.
The students should submit the PPT they presented along with the video to show their ability to carryout research on the CW topic.
This coursework component requires you to prepare (see also notes 1 & 2, and the coursework preparation, submission and provision of feedback sections below) a video-recorded PPT presentation and the PPT file (video + PPT slides) on traffic analysis using Wireshark. In this coursework, you will be only considering the TCP/IP protocols for the analysis. Students will have to log their experience (including any Wireshark based visualisation), observations and analysis of the captured network traffic in a PPT document describing the TCP/IP protocol suit, and addressing some specific points related to the provided Wireshark traffic file (PCAP file). The PPT document and presentation may include (but not limited to) and address the following points:
1. An explanation of the TCP/IP protocols suit including:
a) The Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), and the difference between the two protocols
b) The Internet Protocol (IP)
c) The Difference between TCP and IP
d) The work of the TCP 3-Way Handshake Process.
2. Describe and contrast the Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks, and their sub-types.
3. In the provided PCAP file, identify the type of the attack; any of your observations and analysis of the traffic should be justified and explained by adding suitable Wireshark snapshots (or any suitable Wireshark trace visualisation approach that you can embed in your presentation / video)
4. What is the IP address of the suspected attacker in the PCAP file? Justify and explain?
5. Reflecting on the detected attack(s), you should add in your conclusion the possible context / cause(s) that allowed such attack(s) to take place; and countermeasure recommendations.
You should prepare your PPT document and presentation in such away that it maybe understood by and useful to a fictitious group of students taking a course in computing and who may be joining placement employers.
Although you have the freedom to adopt and follow your own presentation plan and structure, the expectation, however, is that there should bean ‘Introduction’ in which you should cover the TCP/IP protocols suit from which you can elaborate on the DoS and DDoS as in the points above. The body of the report should be divided and partitioned into sections and any appropriate visualization means should be used (e.g snapshots).
Your presentation should be evidence-based and supported by relevant and up-to-date references and links. Sources should include textbooks, academic websites, manufacturers’ web sites, RFCs, white papers and academic literature (conferences and journals). You may use your own selected referencing style.
Note 1: You can use data from such sources as evidence but you need to express this in your own words. Plagiarism will not be tolerated and will be dealt with according to University policy: https://www.ulster.ac.uk/student/exams/cheating-and-plagiarism. It is inappropriate to make a presentation based on sources which are not listed.
Note 2: You should demonstrate good knowledge and understanding of the topics and points of your presentation; and express them with high effectiveness, conciseness and succinctness. When preparing your presentation, you should make sure to include only the most relevant references.
Coursework preparation, submission and provision of feedback:
This coursework should be returned as an electronic submission by the due date specified above. University regulations require that late submissions attract a mark of zero and will be rigorously applied, without exception. If you have extenuating circumstances, you should complete an EC1 form according to your course rules; forms are found on your course website – your year tutor and course director can advise.
• What should be returned is file 1) a copy of the PPT document used as the basis of your presentation (in this case your researched material / script. should either be embedded in the notes section or appended to the end of your PPT document), file 2) the video (in a suitable format, e.g. mp4, you may also use Panopto etc – for a Panopto submission, please refer to the material on the module page) using the CW2 link in the module webpage on Black Board (under assessment in the module webpage).
You should also take note of the following:
• Please ensure the filename of the submitted project folder archive is given as Your- BNumber_CW (i.e., B0011_CW2-PPT and B0011_CW2-VODCAST).
• As it may be expected that the file to be submitted can be of a substantial size, you are advised to attempt your submission early to avoid any IT related issues.
• Feedback will be provided within 20 working days after submission by the date shown above. Feedback can take the form. of comments and a mark as shown herewith:
Criterion Weight
Research material (to include extent of background research, quality of analysis and citations & references) 25
Trace files, traffic or design files analysis (as appropriate; and to include quality of analysis and answers and approach justification) 40
PPT presentation (to include quality of both PPT and text; ad coherence of the points made) 20
Video recording (to include quality of recording, creativity, communication, organization and clarity, use of adequate visualization techniques (e.g. snapshots) 15
Comments:
1) Research Material: The material you present should be evidence-based and supported by relevant and up-to-date references.
2) PCAP files analysis: The analysis should include but not limited to filters and graphs to support your argument(s).
3) PPT presentation: When preparing your presentation, you should be sure to include only the most relevant points on the slides: you can give more details in the notes section if you wish to, however, the purpose of the slide is to be succinct in your information. The background image and snapshots (or additional graphics if you want to use them) and sound/audio effects should be relevant to the points being made on the slide.
4) Video recording: Your recording should demonstrate good knowledge and understanding of the topic of your presentation and express them with high effectiveness.