Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Desklib - Online Library for Study Material with Solved Assignments, Essays, Dissertations

Verified

Added on 2023/06/08

AI Summary

Desklib is an online library for study material with solved assignments, essays, dissertations and more. This page contains a submission for COIT20262 - Advanced Network Security, Term 2, 2018. It includes a cookie stealing attack, cryptography and ransomware research. The page also includes recommendations and a bibliography.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

COIT20262 Assignment 1 Submission Term 2, 2018
COIT20262 - Advanced Network Security, Term 2, 2018
Assignment 1 Submission
Due date: 5pm Friday 24 August 2018 (Week 6) ASSESSMENT
Weighting: 40%
1Length: N/A
Student Name: enter your name
Student ID: id
Campus: campus
Tutor: tutor
Advanced Network Security Page 1 of 20

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

COIT20262 Assignment 1 Submission Term 2, 2018
Question 1. Cookie Stealing Attack
Phase 1: Setup
Creation of topology 7 in Virtnet
Adding new normal user to the MyUni grading system with the student ID and First
name
Advanced Network Security Page 2 of 20

COIT20262 Assignment 1 Submission Term 2, 2018
Advanced Network Security Page 3 of 20

COIT20262 Assignment 1 Submission Term 2, 2018
Adding new malicious user to the MyUni grading system
Adding grade for the normal user
Advanced Network Security Page 4 of 20

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

COIT20262 Assignment 1 Submission Term 2, 2018
Changing title of the MyUni Website
Changing the domain of myuni website
Advanced Network Security Page 5 of 20

COIT20262 Assignment 1 Submission Term 2, 2018
Testing the website
Advanced Network Security Page 6 of 20

COIT20262 Assignment 1 Submission Term 2, 2018
Phase 2: Capture Cookies
Starting capture of packet on node 3
Advanced Network Security Page 7 of 20

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

COIT20262 Assignment 1 Submission Term 2, 2018
Visiting the MyUni grading website
Following the Logging link
Advanced Network Security Page 8 of 20

COIT20262 Assignment 1 Submission Term 2, 2018
Following the View grades link
Following the Logout link
Advanced Network Security Page 9 of 20

COIT20262 Assignment 1 Submission Term 2, 2018
Exiting lynx
Stopping capture on node 3
Advanced Network Security Page 10 of 20

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

COIT20262 Assignment 1 Submission Term 2, 2018
Phase 3: Masquerade Attack
Setting for the cookie stealing attack on node 2
Starting capturing on node 3
Advanced Network Security Page 11 of 20

COIT20262 Assignment 1 Submission Term 2, 2018
Visiting the MyUni grading website
Following the view grades link
Advanced Network Security Page 12 of 20

COIT20262 Assignment 1 Submission Term 2, 2018
Following the logout link
Advanced Network Security Page 13 of 20

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

COIT20262 Assignment 1 Submission Term 2, 2018
Exiting lynx by pressing q
Stopping capture on node 3
Advanced Network Security Page 14 of 20

COIT20262 Assignment 1 Submission Term 2, 2018
Part (c) Message Sequence Chart
Advanced Network Security Page 15 of 20

COIT20262 Assignment 1 Submission Term 2, 2018
Part (d) Information from Packets
Information Answer
Packet number from normal-student.pcap that contains the normal
students’ password
26
Packet number from normal-student.pcap in which the server
originally sends the cookie to the browser
28
Last 4 HEX digits of the id_hash in the cookie (give the value of the
last 4 digits, not the packet number)
6f96
Packet number from malicious-student.pcap that contains the
normal students grade for coit20262.
37
Packet number from malicious-student.pcap in which the client
originally sends the stolen cookie
49
Part (e)
Write your answer here
The id_hash is calculated with the generation of random number and applying RSA algorithm
for the generation of the exponential bits.
Part (f)
Write your answer here
For grading of web application the id_hash is used for encrypting the message with the
private key and decrypting using the public key for management of the integrity and
increasing the security of data transmission.
Part (g)
Write your answer here
The algorithms that are used for the generation of id-hash are easily available to the hacket
and the hacker can intercept the message for decrypting the cipher text into plain text and
fraud the user identity.
Part (h)
Write your answer here
Part (i)
Write your answer here
The cookie header file is send by the server to the browser and it is stored in the browser for
fetching the cookie from the server. A domain name or path can be set for receiving the
cookie and enforcing a limitation. Here the nano editor in virtnet is used for modifying the
cookie and the student id is used as the username for logging into the grading website
automatically.
Advanced Network Security Page 16 of 20

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

COIT20262 Assignment 1 Submission Term 2, 2018
Advanced Network Security Page 17 of 20

COIT20262 Assignment 1 Submission Term 2, 2018
Question 2. Cryptography
Part (c)
Write your answer here
In the scenario of sender generate a random 256 bit secret key and use encryption it is not
considered as a secure mechanism because the encrypted file can be decrypted for getting the
random string generated by the user. Moreover brute force attack can be used for getting the
access of the system thus it is necessary to use strong password with the combination of
uppercase lowercase numeric and special character for increasing the security.
Part (d)
Write your answer here
If the sender encrypts a secret key but not the Iv it can be easily predicted if the hacker have
the access of it by guessing its pattern. The hash values of the cookies can also be used for
accessing the web browser and intercepting the ciphertext.
Advanced Network Security Page 18 of 20

COIT20262 Assignment 1 Submission Term 2, 2018
Question 3. Ransomware Research
Overview of Ransomware
Write your answer here
The following are the common methods of infection in ransomware such as:
Downloading of file from insecure or malicious websites can cause installation of bundled
sophisticated codes in the machine and execute when the website is visited.
Emails can be a source of planting malicious agents and the user can download the file by
clicking a link or downloading an attachment
If the RDP port is left opened it can help the hacker to access the system and execute
different operation that can compromise the security of the system.
Technical Details of Ransomware
Write your answer here
The payload is used for generating fake designed warning for locking the important files and
does not open when the condition of the hacker is met.
There are different techniques in cryptography and it can be combined with the malware for
operating as a ransomware. As an example of ransomware WannaCry can be taken which is
used for the exploitation of the vulnerability of the windows and keep a control on the
information sharing.
For obtaining the ransoms the vulnerabilities of a network or system is analysed by the
hacker by performing a penetration test and reverse engineering. A strong public key
encryption is used for encryption of the files.
The ransom cannot be break easily it a combination of different encryption techniques and it
is hard to predict the encryption for decrypting the file.
Recommendations
Write your answer here
It is recommended that the data should be backed up regularly such the infected files can be
wiped out and the installation procedure can be started from the beginning.
The security updates should be installed after a regular interval of time for the mitigation of
the problems in the operating system.
Antivirus software should be updated regularly and secure connection should be used for
sending and receiving files in the network.
Advanced Network Security Page 19 of 20

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

COIT20262 Assignment 1 Submission Term 2, 2018
Bibliography
Savaglia, J., & Wang, P. (2017). CYBERSECURITY VULNERABILITY ANALYSIS VIA
VIRTUALIZATION. Issues in Information Systems, 18(4).
Takeuchi, Y., Sakai, K., & Fukumoto, S. (2018, August). Detecting Ransomware using
Support Vector Machines. In Proceedings of the 47th International Conference on
Parallel Processing Companion (p. 1). ACM.
Advanced Network Security Page 20 of 20

1 out of 20

+13062052269

info@desklib.com

Desklib - Online Library for Study Material with Solved Assignments, Essays, Dissertations

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

COIT20262 - Advanced Network Security Assignment 1 Submission

COIT20262 - Advanced Network Security Assignment 1 Submission

COIT20262 Assignment 1 Submission

Understanding Distributed Denial of Service Attacks

COIT20262 Assignment 1 Submission

COIT20262 - Advanced Network Security