RMIT Computer Science
1Aims
• To illustrate a practical aspect of security, such as vulnerabilities, threats and attack techniques, familiarise students with some basic security infrastructure, such as software vulnerability and virus databases.
• To get some hands-on experience with encryption
Part 1
Vulnerabilities and Malware
Background
Your company is re-evaluating its operations. It uses a very large number of applications running on different computers. You are given the task of providing information about vulnerabilities in applications so that IT management can consider which applications should be disabled, disconnected from the network or restricted to special workstations in order to reduce the possibility of attacks.
Your manager thinks the company relies on outdated protection and wants an update on recent malware, and also asks you to recommend a new antivirus program for the Windows desktop machines. You need to support your proposal with facts and arguments.
Tasks
Task 1.1 (20 marks)
Using your skills learnt in lab 2, select a recent (not older than two months) vulnerability from the National Vulnerability Database and analyse it from the following aspects:
i. Criticality level (Check Secunia, Screenshot Accepted)
ii. Impact including CVSS Score. (Screenshot Accepted)
iii. Explain the purpose of using CVSS scores. (Two valid bullet points expected.)
iv. Proposed Solution (Screenshot Accepted)
v. Which of the Australian DSD '35 Strategies can be applied to mitigate the vulnerability. Include valid explanations for your answer. (At least two if possible, one will suffice only in rare cases.)
Ensure that you also provide a detailed description of the vulnerability.
Task 1.2 (20 marks)
Search a number of antivirus companies’ (e.g. Symantec, McAfee, Kaspersky, F-Secure, AVG, Bit Defender, Webroot, ESET, G-Data, Avira) websites. Find at least four sites that publish malware listings, and compare the latest malware lists.
i. List the four sites.
ii. Discuss how descriptive and informative are the sites.
iii. Discuss the time difference between the listings.
Hint: Take a subset of malware listings and compare the time difference. This information should be presented in a tabular grid and a small paragraph at the end that summarizes your findings. (Here you select specific malware issues and check the different sites to see when they are listed.)
iv. Which site is the most up-to-date and why?
Hint: Over a two week period compare the malware listings that are reported. Statistically analyse the data set, possibly by giving the malware a weight based on the criticality and the date/time of the listing. This information should be presented in a tabular grid and a small paragraph at the end that summarises which site is the most up-to-date. Data in your grid should serve as proof of your
statement. (This date is different from the previous question as here you select a specific time period instead of looking exclusively for specific malware.)
Task 1.3 (15 marks)
Select a recent vulnerability from an antivirus company’s database, and analyse it from the same aspects as in task 1.1. (Note: No need to explain the purpose of using CVSS scores again.)
Select three recent, different threats from an antivirus company’s database. Describe for each
i. How it spreads (attack strategy)
ii. The target of malicious activity (information, resource etc)
iii. The way of hiding inside the victim’s computer.
Guidelines
The report should be concise, normally not longer than 900 words (excluding pictures). You must start each answer on a new page. Please use the template specified at http://goanna.cs.rmit.edu.au/~pbertok/SIC/Assign/SICReportTemplate.docx
To support your arguments
• Provide screen-dumps for each question (Maximum four screen dumps per question; each screen dump must be large enough to read the text). Feel free to format the page to accommodate larger screenshots.
• Provide references (URLs) when you use information from different sources.
Part 2
Symmetric and asymmetric ciphers
In this part you will practice encrypting and digitally signing documents.
Tasks
Task 2.1 (5 marks)
You are to encrypt your last name using a Caesar cipher, the key for the cipher will be the sum of all the digits of your student number modulo 10. (Modulo 10 means dividing the sum by 10 and taking the remainder as the result.)
NOTE: If your name is hyphenated, just leave out the hyphen.
Example: If my student number is s3333371, I would do (3+3+3+3+3+7+1) % 10 which equals 3 (this is the key I will use for the shift).
You must save the resulting ciphertext in a file called XXXXXXX_task_21.txt (where XXXXXXX is your student number without the “s”) and include it in your submission. No additional text must be included in the file and the cipher should be written in lowercase. There is no need to include the key, since it is derived from the student number; we will compute it automatically when marking.
Task 2.2 (10 marks)
You are to take a SHA256 hash of your student number (without the “s”).
Example: If my student number is s3333371, the hash (minus the “s”) is 71104d3dce566643dbca7cc0fbcf9949ac053912e125031a666e9eae19b09c19
NOTE: Make sure you include only the student number and nothing else in the hash calculations (e.g. exclude the newline/end of line character).
You must then encrypt this hash using the RSA algorithm with the following public key http://titan.csit.rmit.edu.au/~e09962/sicpub.key
Hint: We recommend looking at openssl which is installed on all the RMIT Linux servers. Alternatively, you can search for some online tools, and use those.
You must save the plaintext (i.e. the hash) and resulting ciphertext in a file called XXXXXXX_task_22.txt (where XXXXXXX is your student number without the “s”) and include it in your submission. The first line in the file is the plaintext (the hash), and the second line is the ciphertext (the encrypted hash). No additional text must be included in the file. There is no need (or point) in including the public key, as we hold the corresponding private key.
Task 2.3 (15 marks)
You must generate an RSA public/private keypair.
You must then take the same SHA256 hash from task 2.2, but now instead of encrypting it with our public key, you must create a digital signature by encrypting the hash with your RSA private key.
Hint: We recommend looking at openssl which is installed on all the RMIT Linux servers. Alternatively, you can search for some online tools, and use those.
You must save the resulting ciphertext in a file called XXXXXXX_task_23.txt (where XXXXXXX is your student number without the “s”) and include it in your submission. No additional text must be included in the file. You must also submit your user generated public and private key files; name them XXXXXXXpub.key and XXXXXXXpri.key respectively (where XXXXXXX is your student number without the “s”). Read about Programming in Java Assignment.
Part 3Transposition ciphers
A transposition cipher writes the text in rows and reads them back in columns. It is also common to do it the other way around: writing columns and reading rows. A single columnar transposition cipher improves the security of basic transposition by reordering the columns before reading out the ciphertext.
In this part you have to crack the encryption and recover the plaintext. The basic cracking approach is to recover the size of the transformation matrix, i.e. identifying rows and columns, and rearranging them so that the deciphered text makes sense.
Tasks
Later next week, via email you will receive the following two ciphertexts encrypted with a columnar transposition cipher:
• StudentId_task31_Cipher.txt and
• StudentId_task32_Cipher.txt
Each cipher can be up to 64 characters long. If the ciphertext is less than 64 characters, then it is padded with different letters to the nearest divisible. Your task is to apply columnar transposition to decipher.
Task 3.1 (5 marks)
To keep it simple in this task, only two columns have been swapped in the ciphertext. Your task is to decipher and get the plaintext.
Task 3.2 (10 marks)
The ciphertext in this task was produced by a transposition cipher, and the columns in the ciphertext have been mixed up. (This is the actual way how a single columnar transposition cipher works, the method in task 3.1 is quite basic.) Your task is to recover the plaintext.
You are required to submit the following decipher files along with a readme to briefly explain your approach to decipher
No comments:
Post a Comment