COM398 Systems Security

COM398 Systems Security

60% OF THE TOTAL MARK

Submission Date:                            9th  December 2024 (12:00 (Noon) UK time)

Date returned with feedback:     Within twenty working days after the submission deadline.

CW2 is an individual coursework which is worth 60% of the total coursework mark for this module. The successful completion of CW2 will address the following learning outcomes:

•   Develop practical prototypes  to  experiment  with  and  reinforce  core  systems  security concepts.

•   Illustrate acomprehension of the key issues and principles underlying modern security in computing systems

•   Characterise  the  threats faced  by  computing  systems,  applications  and systems;  and examine the role of security risks assessment and management in IT

This coursework component requires students to research, write and make a presentation on the topic of traffic analysis during a DoS / DDoS attack using Wireshark. This element would require each student to prepare PowerPoint slides (10-15) and vodcast of the student presenting the slides. The vodcast should be a maximum of 18 minutes long (vodcast exceeding the maximum limit will be penalised according to the following scheme).

This assessment component is designed to encourage students to reflect critically on the fundamentals of systems security; and relate these fundamental concepts to developments within the field, and to real- world practical examples.

The students should submit the PPT 代写COM398 Systems Security they presented along with the video to show their ability to carryout research on the CW topic.

This coursework component requires you to prepare (see also notes 1 & 2, and the coursework preparation,  submission   and  provision  of  feedback  sections   below)   a  video-recorded   PPT presentation and the  PPT file  (video +  PPT slides) on traffic analysis using Wireshark.  In this coursework, you will be only considering the TCP/IP protocols for the analysis. Students will have to log their experience (including any Wireshark based visualisation), observations and analysis of the captured  network traffic  in  a  PPT  document  describing  the TCP/IP  protocol  suit,  and addressing some specific points related to the provided Wireshark traffic file (PCAP file). The PPT document and presentation may include (but not limited to) and address the following points:

1.   An explanation of the TCP/IP protocols suit including:

a)   The  Transmission Control  Protocol  (TCP)  and  User  Datagram  Protocol  (UDP),  and  the difference between the two protocols

b)   The Internet Protocol (IP)

c)   The Difference between TCP and IP

d)   The work of the TCP 3-Way Handshake Process.

2.   Describe and contrast the  Denial-of-Service (DoS) and  Distributed  Denial-of-Service (DDoS) attacks, and their sub-types.

3.   In the provided PCAP file, identify the type of the attack; any of your observations and analysis of the traffic should be justified and explained by adding suitable Wireshark snapshots (or any suitable Wireshark trace visualisation approach that you can embed in your presentation / video)

4.   What is the IP address of the suspected attacker in the PCAP file? Justify and explain?

5.   Reflecting on the detected attack(s), you should add in your conclusion the possible context / cause(s) that allowed such attack(s) to take place; and countermeasure recommendations.

You should prepare your PPT document and presentation in such away that it maybe understood by and useful to a fictitious group of students taking a course in computing and who may be joining placement employers.

Although you have the freedom to adopt and follow your own presentation plan and structure, the expectation, however, is that there should bean ‘Introduction’ in which you should cover the TCP/IP protocols suit from which you can elaborate on the DoS and DDoS as in the points above. The body of the report should be divided and partitioned into sections and any appropriate visualization means should be used (e.g snapshots).

Your  presentation  should  be  evidence-based  and  supported  by  relevant  and  up-to-date references and links. Sources should include textbooks, academic websites, manufacturers’ web sites, RFCs, white papers and academic literature (conferences and journals). You may use your own selected referencing style.

Note 1: You can use data from such sources as evidence but you need to express this in your own words.  Plagiarism will not  be tolerated and will be dealt with according to  University policy: https://www.ulster.ac.uk/student/exams/cheating-and-plagiarism.   It  is  inappropriate  to   make  a presentation based on sources which are not listed.

Note 2: You should demonstrate good knowledge and understanding of the topics and points of your  presentation;  and  express  them  with  high  effectiveness,  conciseness  and  succinctness. When preparing your presentation, you should make sure to include only the most relevant references.

Coursework preparation, submission and provision of feedback:

This coursework should be returned as an electronic submission by the due date specified above. University regulations require that late submissions attract a mark of zero and will be rigorously applied, without exception. If you have extenuating circumstances, you should complete an EC1 form according to your course rules; forms are found on your course website – your year tutor and course director can advise.

•   What should be returned is file 1) a copy of the PPT document used as the basis of your presentation (in this case your researched material / script. should either be embedded in the notes section or appended to the end of your PPT document), file 2) the video (in a suitable format, e.g. mp4, you may also use Panopto etc – for a Panopto submission, please  refer to the  material  on  the  module  page)  using  the  CW2  link  in  the  module webpage on Black Board (under assessment in the module webpage).

You should also take note of the following:

•    Please  ensure  the filename of the submitted  project  folder  archive  is  given  as Your- BNumber_CW (i.e., B0011_CW2-PPT and B0011_CW2-VODCAST).

•   As it may be expected that the file to be submitted can be of a substantial size, you are advised to attempt your submission early to avoid any IT related issues.

•    Feedback will be provided within 20 working days after submission by the date shown above. Feedback can take the form. of comments and a mark as shown herewith:

Criterion                                                                                    Weight

Research material (to include extent of background research, quality of analysis and citations & references)                           25

Trace files, traffic or design files analysis (as appropriate; and to include quality of analysis and answers and approach justification)                       40

PPT presentation (to include quality of both PPT and text; ad coherence of the points made)                             20

Video recording (to include quality of recording, creativity, communication, organization and clarity, use of adequate visualization techniques (e.g. snapshots)                             15

Comments:

1) Research Material: The material you present should be evidence-based and supported by relevant and up-to-date references.

2) PCAP files analysis: The analysis should include but not limited to filters and graphs to support your argument(s).

3) PPT presentation: When preparing your presentation, you should be sure to include only the most relevant points on the slides: you can give more details in the notes section if you wish to, however, the purpose of the slide is to be succinct in your information. The background image and snapshots (or additional graphics if you want to use them) and sound/audio effects should be relevant to the points being made on the slide.

4) Video recording: Your recording should demonstrate good knowledge and understanding of the topic of your presentation and express them with high effectiveness.