Attack & Security Tools Choose one of the following topics and choose 1 attack and 1 security tool:
• Trojans and Backdoor
• Viruses and Worms
• Denial of Service
For this topic, you will need to research 1 tool attacker’s use, and 1 security tool used to counter attackers in the area chosen. Your assignment involves running both tools, evaluating, and analysing their use in means to evade or detect threats/detection. That is, how are you going to use these tools?
To show how attackers can bypass detection, or how tools can be used to detect this threat type? Or show how both operate?
From this perspective, you should justify your choice (over others), install, run and demonstrate the use of tools, producing some output or results. You should analyse and evaluate the usage and results from both attacker and defender perspectives, and potential impact. Be sure to discuss threats and countermeasures of these risks.
Part A: This question is compulsory. You need to prepare a documentation/specification to show how you implement the tool/tools. This part of the assignment requires you to know how to prepare a documentation/specification in applying a tool to real-world security problems. In part A, you are required to include the following:
• Brief explanation on the method used (a couple of paragraphs) followed by details on what’s your assumption /expectations regarding the the results of the method that you actually tested/chose.
• A detailed documentation/specification about how to use the tool. In other words, a complete, beginning to end, tutorial like presentation of the experiment, including screen shots, this could look like a manual or a journal.
• Any script code and images (screen dumps) showing the successful completion of the tasks in this part of the assignment.
Part B: This question is compulsory. You will provide a complete run through the activity; you will provide screenshots of how the tool was run and also an evaluation of the data you are using. In part B, you are required to include the following:
• A theoretical description of the attack. If for example you decide to run a spear phishing attack, you will need to provide around 300-500 words describing the attack in detail.
• An evaluation of the data, in any given case.
• Provide a short evaluation and considerations of the attack, this can and should also include defence mechanisms which can be used to defend from such an attack. Please note, this should be done thoroughly and present various mechanisms and description of which you consider to be better and why. For example, for a DoS attack where the attacker has spoofed the IP address, there are a number of mechanisms to trace back the attacker, you should include most of them.
• Attack results or experimental results discussion. You will need to show what can you see from your experiments and are there any differences between the expectation and your findings, Why? C
Reports should be in a commonly used format (.pdf, or .docx) and should not exceed 15 pages in length. You can also submit your work as a compression file (.zip/.zipx/.rar).
• The first page should be a filled-in copy of the cover sheet on the next page.
• The second page must be a title page indicating: o the unit code and title, o title of the assignment, o the topic, o the authors (by name and student ID), o the submission date/time, o the due date/time. Pages must be numbered starting with the first page AFTER the cover sheet and title page. A table of contents is not to be used.
(IEEE style) is preferred. Each citation must have a corresponding reference at the back of the report. ALL REFERENCES MUST BE CITED.
all material from all sources must be correctly referenced. It is necessary to reference direct quotes, paraphrases and summaries of sources, statistics, diagrams, images, experiment results and laboratory data – anything taken from sources.