Advanced Network Security Assignment 1: Term 1, 2019, CQUniversity

Verified

Added on 2022/12/19

AI Summary

This document presents a comprehensive solution to an Advanced Network Security assignment, addressing key concepts and practical applications. The assignment covers various aspects of network security, including packet capture and analysis using RSA encryption and digital signatures to protect data transmitted between nodes. It also explores server attack identification and mitigation strategies, such as cookie stealing and reply attack prevention. Furthermore, the assignment delves into public key distribution methods and the use of digital signatures for secure key exchange, along with an in-depth analysis of DDoS attacks, including DoS and DDoS attack differences and practical examples like Ping flooding attacks. Mitigation strategies for Ping flooding attacks, such as Cloudflare software and firewall reconfiguration, are also discussed, alongside relevant references.

Running head: ADVANCED NETWORK SECURITY
Advanced Network Security
Name of the Student
Name of the University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1ADVANCED NETWORK SECURITY
Question 1. Packet Capture and Analysis
(e) For the restricting the attacker for accessing the message which transmitted between the
node three and node 1 must be encrypted with proper encryption. For the encryption RSA
algorithm and the digital signature can be leveraged.
(f) The server is capable of identification of the attack by the analysis of the data packets.
This data packet captured within network and usable for the identification of the attack
source.
Cookie stealing attack can be leveraged to get the access of server and through this data can
be modified in the server.
(g) Reply attack are used for stealing data in unauthorised way but the system will identify
the attacker as an authorised user (Kinnunen et al. 2017). Through this way the server will
not know about the attack. Session ID tagging can be used with encrypted component so that
this attack can be prevented.
Question 2: Analysis
(c) Here the two methods of distributing the public key are the email and post to the Moodle
forum where both the methods have some security flaws. The main security issue for the
email delivery is that there is no protection among the sender and the receiver of emails. The
receiver can easily deny about a mail which he/she received or the sender can falsely claim
that he has sent the mail. In the case for the Moodle post this key becomes accessible to all
the peoples who have access to the Moodle. Here the main possible attacks are the key
conformation attack and the known message attack.
(d) The local tutor can use the functionality of digital signature to efficiently sign the public
key and then can distribute it via the Moodle website. In this case for the secure signature

2ADVANCED NETWORK SECURITY
process digital signature has been selected as it provides both the functionality of encryption
and authentication (Josefsson and Liusvaara 2017). To implement the digital signature some
steps need to be followed. In the first step message digest is calculated. There after digital
signature is calculated. In the next step the digital signature is verified. Here the public key
encryption should be used as the cryptographic mechanism.
(e) In the perspective of security mechanism the digital signature is very much secured as this
provides both the encryption and the authentication process (Pooja and Yadav 2018). The
digital signature is also capable of preserving the data authenticity. This digital signature can
block attacks related with Man in the Middle attack. The digital signature is vulnerable to the
cipher text attack.
Question 3:
(a) Overview of DDoS Attacks:
Denial of Service: The DoS attack or the Denial of service attack is an attack that is
performed upon a system for freezing the system completely so that the system fails to
execute its normal processes. In this state the system shutdowns completely thus it becomes
vulnerable to various types of attacks and taking advantage of this situation other unethical
works are performed upon on the system (Qin et al. 2018). The Denial of service attack is
achieved through sending a huge amount of data packets to the system of victim. In the first
stage of this attack the targeted system becomes slow and in the later stage all the services of
the system completely closes.
Distributed Denial of Service: The DDoS or the Distributed Denial of Service attack can be
considered as the similar type of attack with the Denial of Service attack but the main
difference in this case is that DoS only targets a specific system while the DDoS attack is
performed on more than one devices simultaneously (Yan et al. 2016). Also, another

3ADVANCED NETWORK SECURITY
difference is this case is that the DDoS attack uses some Trojan to perform the attack on
system of the victim. Through this attack the DDoS is also capable of shutting down all the
targeted victim system.
Differences: While considering the attack done on the network resources and the attack done
on the server resource the main difference is that one compromises with the security while
the other compromises with some resources. While the attack is done on the network
resources the attack is performed on individual basis and in this case only the security of the
network is compromised. On the other hand when this attack is performed on server resource
first the attack depletes all the processing capability. As the processing capability depletes
with this attack the system becomes weak and loophole is created for the Distributed Denial
of Service attack.
(c) Ping flooding attack:
The Ping flooding attack is also known as the ICMP attack. This ping flooding attack
can be also taken as the part of Distributed Denial of Service attack (Singh and Panda 2015).
The ping flooding attack is performed by sending vast number of ICMP echo requests to the
victim’s computer. By sending a huge number of ICMP echo request the performance of the
system lowers and at a certain point of level system becomes unstable and vulnerable to
different types of attack.
Here the ICMP echo is used for performing the ping flooding on the computer of
victim. By utilising the ICMP echo request the system is overloaded and due to that the
system becomes unstable. The unstable system is actually more vulnerable in front of an
attack. It has been assessed that IP address is very much important for performing the ping
flooding attack. In this case IP address of the victim is important in the sense that it is
required for performing the ping flooding attack. Without knowing the IP address the attacker

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4ADVANCED NETWORK SECURITY
will not be able to send pings to the system of the victim (Gupta et al. 2016). Here the
attacker will perform the attack by the execution of proper ping commands in an appropriate
sequence. In this attack environment the attacker need to have more bandwidth than system
of the victim.
(d) Ping flooding attack Mitigation:
Mitigation of the ping flooding is very much important for a secured networking
environment. Here in two ways the ping flooding attack can be minimised. The first solution
for mitigating the ping flooding attack is the Cloudfare Software. This Cloudflare software is
specially designed for stooping the attack of ping flooding. The second way of mitigating the
ping flooding attack is the reconfiguration of the existing firewall. By the reconfiguration of
the perimeter of the firewall unnecessary pings that are coming from the outside of the
network can be stopped easily. Thus the system can be saved any potential of ping flooding
attack.

5ADVANCED NETWORK SECURITY
References:
Gupta, N., Jain, A., Saini, P. and Gupta, V., 2016, March. DDoS attack algorithm using
ICMP flood. In 2016 3rd International Conference on Computing for Sustainable Global
Development (INDIACom) (pp. 4082-4084). IEEE.
Josefsson, S. and Liusvaara, I., 2017. Edwards-curve digital signature algorithm (eddsa) (No.
RFC 8032).
Kinnunen, T., Sahidullah, M., Delgado, H., Todisco, M., Evans, N., Yamagishi, J. and Lee,
K.A., 2017. The ASVspoof 2017 challenge: Assessing the limits of replay spoofing attack
detection.
Pooja, M. and Yadav, M., 2018. Digital Signature.
Qin, J., Li, M., Shi, L. and Yu, X., 2018. Optimal denial-of-service attack scheduling with
energy constraint over packet-dropping networks. IEEE Transactions on Automatic
Control, 63(6), pp.1648-1663.
Singh, B. and Panda, S.N., 2015. Defending Against DDOS Flooding Attacks-A Data
Streaming Approach. International Journal of Computer & IT, pp.38-44.
Yan, Q., Yu, F.R., Gong, Q. and Li, J., 2016. Software-defined networking (SDN) and
distributed denial of service (DDoS) attacks in cloud computing environments: A survey,
some research issues, and challenges. IEEE Communications Surveys & Tutorials, 18(1),
pp.602-622.