PricingBlogAbout Us

CSCI862 System Security Assignment 2: Analysis of Security Threats

Verified

Added on  2022/10/13

|6
|728
|9
Homework Assignment
AI Summary
This document presents solutions to a System Security assignment (CSCI862) from Spring 2019, addressing various aspects of network and system security. The solutions encompass puzzle analysis, exploring the distribution, average, and standard deviation of hashes required for different puzzle configurations. It also analyzes a TCP SYN spoofing attack, calculating the bandwidth and rate of the attacker. Furthermore, the assignment delves into the application of Baye's Theorem for assessing malware incidence in email messages. The solutions also discuss insider threats, providing an example and recommending security measures. Additionally, the document covers topics such as the limitations of private access specifiers in C++, and the nature of various security threats including WannaCry, BlueSmack, Emotet, XML Bomb, Cinderella attack, and password manglers. The assignment concludes with SQL queries designed to extract specific information from a database, demonstrating practical application of security principles.
Document Page
Networking
System Security
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Student Name –
Student ID -
Document Page
Solution 1 :
Puzzle A: One sub- puzzles. k = 7.
Puzzle B: Four sub-puzzles. k = 5.
a) Expected number of steps for A = 2 k-1 = 2 7-1 = 64
Expected number of steps for A = 2 k-1 = 2 5-1 = 16
b) Client puzzle protocol can be used to obtain the distributions.
c) Graph of distribution
d) Average number of hashes = 64+16/2 = 40
e) Standard deviation for distribution of number of hashes needed = ? = √(64-40)2 + (16-40)2
= 24*1.414 = 33.936

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
Solution 2 :
TCP SYN spoofing attack
512 connection requests
SYN – ACK – 5 times at 30 s interval
Packet size = 64 bytes
Rate ( per minute ) of attacker = 1 / 5 x 30 s = 60/150 per minute = 0.4 per minute
Bandwidth = 64 x 8 / 150 bits per second = 3.413 bps
Solution 3 :
Baye’s Theorem
Incidence of viral attachments in email messages = 1/259 = P(B)
P ( Malware checker – viral ) = 0.98 = P ( A )= P ( Malware checker – non viral )
P ( Malware is correct / viral ) = P ( A/B ) = P ( B/A ) . P ( A ) / P ( B ) = 1/259 x 0.98
/ 1/259 = 0.98
Solution 4 :
Instance of an Insider placing malware within a system
The insider threats can expose the organization to many hazards related to cyber
security. They are near to the data or the system which is at high risk and they are
thought to be trust worthy. An example – In 2016, Sage ( Account and HR software
provider – UK ) had suffered due to it. An insider stole the customer’s data ( private
data like bank account details, salaries etc. ) by unauthorized means. This can lead to
the leakage of very sensitive data. An alert system must be developed to keep a check
if an employee gets unwanted access.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Solution 5 :
The use of private access specifier in declaring a class in C++ does not provide
protection at the memory level. It helps the developer in avoiding any mistakes. The
access specifier determines and sets boundary to decide how a class member is
available beyond that class. The private variables are made private by compiler. They
can be accessed by memory browsing. The memory area is reachable and not
protected.
Solution 6: Domain and Nature
(a) WannaCry It is ransomware attack present worldwide and caused by
wannacryworm. It uses transport mechanism for spreading itself. It targets computers
that run Microsoft Windows OS. It encrypts data and demands ransom payment in
Bitcoin cryptocurrency.
(b) BlueSmack – It is a type of emulator used for running the Android app or game on the
devices containing Windows or Mac. It can harm our computer or damage it.
(c) Emotet – It is a Trojan. It is spread by the spam emails ( script , files or links ).
Document Page
(d) XML Bomb – It is a message that is small and dangerous. It causes data explosion. Its
composing and sending is done by a program parsing the XML files.
(e) Cinderella attack – This is disabling for the security software. It manipulates the
internal clock time of the network. This leads to expiration of the security software’s
license fast which can lead to a cyber attack.
(f) Password mangler – It refers to the script which juggles our password for making
it more strong. It allows us to use one password at every place.
Solution 7 :
a) Sequence of 2 queries to identify the salary of Diana
SELECT XYZ ( CASE WHEN NAME = ‘DIANA’ )
FROM TABLEABC
b) Sequence of queries to determine Diana’s salary
SELECT MAXIMUM ( SALARY)
FROM TABLEABC
WHERE SCHOOL = ‘COMPUTING’
AND GENDER = ‘FEMALE’
AND POSITION = ‘LECTURER’

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

chevron_up_icon
1 out of 6
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2026 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.