Submission instruction:
Submittwo (2) fileson Moodle only:
- The report, based on the answer template, called[StudentID]-report.docx.
- [StudentID]-https.pcap
Replace [StudentID] with your actual student ID, e.g. so the first file is
12345678-https.pcap.(student id: 12079116)please use the attached template that i have atatched herewith. and please the follow the instructions that they have given the pdf.
(message:Coz this is the last assignment for this subject. If I want to pass this subject definitely I have to achieve 30 out of 40. Can you take this responsibility? Money is not a problem. I need the best expert. That's it. Don't think about money. I'm happy to pay. Coz this second assignment very tuff the 1st assignment. Can you take responsibility? I need a 100% good expert.need to do this perfectly. If you can't do this please let me know right now. 30/40 to pass this subject that's why.Otherwise, I'll fail. Becoz I most lost marks for this previous order that I have done from yu so I need to achieve 30/40 for my this order. If you agree I'll hand it over to you. But I need half money-back guarantee. Or something like that.ultimately don't say sorry.I need to pass this so I need to take 30/40. if you can do it under my requirements I'm happy to pay for a new order, if you can't let me know.)
Assignment 1 Submission COIT20262Assignment 2 SubmissionTerm 1, 21 COIT20262 - Advanced Network Security, Term 1, 2021 Assignment 2 Submission Due date: 11:45 pm Monday 7 June 2021 (Week 13) Weighting: 40% 1 Length: N/A Student Name:enter your name Student ID:id Campus:campus Tutor:tutor HTTPS and Certificates Part (a) Write your answer here Part (b) Write your answer here Part (c) Write your answer here Part (d) Write your answer here Attack Detection from Real Intrusion Dataset Part (a) Write your answer here Part (b) Write your answer here Part (c) Write your answer here Part (d) Write your answer here Firewalls and iptables Part (a) Write your answer here Part (b) Write your answer here Part (c) Write your answer here Part (d) Write your answer here Wireless security Part (a) Write your answer here Part (b) Write your answer here Part (c) Write your answer here Advanced Network SecurityPage 5 of 5 COIT20262 - Advanced Network Security, Term 1, 2021 Assignment 2 Questions Due date: 11:45 pm Monday 7 June 2021 (Week 13) ASSESSMENT Weighting: 40% 2 Length: N/A Instructions Attempt all questions. This is an individual assignment, and it is expected students answer the questions themselves. Discussion of approaches to solving questions is allowed (and encouraged), however each student should develop and write-up their own answers. See CQUniversity resources on Referencing and Plagiarism. Guidelines for this assignment include: Do not exchange files (reports, captures, diagrams) with other students. Complete tasks with virtnet yourself – do not use results from another student. Draw your own diagrams. Do not use diagrams from other sources (Internet, textbooks) or from other students. Write your own explanations. In some cases, students may arrive at the same numerical answer, however their explanation of the answer should always be their own. Do not copy text from websites or textbooks. During research you should read and understand what others have written, and then write in your own words. Perform the tasks using the correct values listed in the question and using the correct file names. File Names and Parameters Where you see [StudentID] in the text, replace it with your actual student ID. If your student ID contains a letter (e.g. “s1234567”), make sure the letter is in lowercase. Where you see [FirstName] in the text, replace it with your actual first name. If you do not have a first name, then use your last name. Do NOT include any spaces or other non- alphabetical characters (e.g. “-“). Submission Submit two files on Moodle only: 1. The report, based on the answer template, called [StudentID]-report.docx. 2. Submit the packet capture [StudentID]-https.pcap on Moodle Marking Scheme A separate spreadsheet lists the detailed marking criteria. Virtnet Questions 1 and 3 require you to use virtnet topology 5. The questions are related, so you must use the same nodes for all three questions. node1: client; assumed to be external from the perspective of the firewall. https://www.cqu.edu.au/student-life/services-and-facilities/referencing node2: router; gateway between the internal network and external network. Also runs the firewall. node3: server; assumed to be internal from the perspective of the firewall. Runs a web server with HTTPS and a SSH server for external users (e.g. on node1) to login to. Will contain accounts for multiple users. Question 1. HTTPS and Certificates [10] For this question you must use virtnet (as used in the Tutorials) to study HTTPS and certificates. This assumes you have already setup and are familiar with virtnet. See Moodle and workshop instructions for information on setting up and using virtnet, deploying the website, and testing the website. Your task is to setup a web server that supports HTTPS. The tasks and sub-questions are grouped into multiple phases. Phase 1: Setup Topology 1. Create topology 5 in virtnet. 2. Deploy the MyUni demo website, with node3 being the real web server. Phase 2: Certificate Creation 1. Generate your own RSA 2048-bit key pair. Use the public exponent of 65537. Save your key pair as [studentID]-keypair.pem. Use your RSA key pair to generate a Certificate Signing Request called [StudentID]-csr.pem. The CSR must contain these field values: State: state of your campus Locality: city of your campus Organisation Name: your full name Common Name: www.myuni.edu Email address: your @cqumail address Other field values must be selected appropriately. Now you will change role to be a CA. A different public/private key pair has been created for your CA as [StudentID]-ca-keypair.pem. As the CA you must: 2. Setup the files/directories for a demoCA 3. Create a self-signed certificate for the CA called [StudentID]-ca-cert.pem. 4. Using the CSR from step 1 issue a certificate for www.myuni.edu called [StudentID]- cert.pem. Phase 3: HTTPS Configuration 1. Configure Apache web server on node3 to use HTTPS where the domain name is www.myuni.edu 2. Load the CA certificate into the client on node1. Phase 4: Testing 1. Start capturing on node2 using tcpdump. http://www.myuni.edu/ http://www.myuni.edu/ http://www.myuni.edu/ 2. On node1, use lynx to visit https://www.myuni.edu/grades/ and login to view some grades. 3. Demonstrate to your tutor that your secure website is operating correctly. [4 marks] 3. Exit lynx. 4. Stop the capturing and save the file as [StudentID]-https.pcap. When capturing, make sure you capture a full HTTPS session, and avoiding capturing multiple sessions. For on-campus students: Step 3 of above should be demonstrated in your allocated Week 9, 10, 11 or Week 12 tutorial class. Your local tutor will be informed you when your demonstration is passed. For distance students: Unit Coordinator will organise a time for you to demonstrate step 3. Phase 5: Analysis (a) Demonstration of secure web site [4 marks] (b) Submit the following packet capture [StudentID]-https.pcap on Moodle [1 marks] (c) Draw a message sequence diagram that illustrates the TLS/SSL packets belonging to the first HTTPS session in the file. Refer to the instructions in assignment 1 for drawing a message sequence diagram, as well as these additional requirements: Only draw the TLS/SSL packets; do not draw the 3-way handshake, TCP ACKs or connection close. Hint: identify which packets belong to the first TCP connection and then filter with “ssl” in Wireshark. Depending on your Wireshark version, the protocol may show as “TLSv1.2”. A single TCP packet may contain one or more SSL messages (in Wireshark look inside the packet for each “Record Layer” entry to find the SSL message names). Make sure you draw each SSL message. If a TCP packet contains multiple SSL messages, then draw multiple arrows, one for each SSL message, and clearly label each with SSL message name. Clearly mark which packets/messages are encrypted. [3 marks] (d) Generally, Certificate Authorities must keep their private keys very secure by storing them offline in special hardware devices. Explain an attack a malicious user could be perform if they could compromise the CA private key. Use your MyUni website as an example. [2 mark] https://www.myuni.edu/grades/ Page 5 of 8 Question 2. Attack Detection from Real Intrusion Dataset [10 marks] This task is the continuation of the question 2 Assignment 1 where you have evaluated the UNSW-NB15 dataset with three different classifiers where you did not apply any feature selection techniques. Feature selection is one of the key principles that greatly impacts the model’s efficacy by selecting only those features that are most relevant and thereby, reduces over-fitting, improves accuracy and reduces training time. Here you need to explore different built-in feature selection techniques (at least three) in WEKA and identify the best features for each classifier. For this task you will need two files available on Moodle: train.arff and test.arff. You need to follow the following steps: Step 1: Import data in the train.arff into WEKA (explorer). Step 2: Select the attributes by using Attribute evaluator (at least 3) and search method in WEKA and update your datasets accordingly. Step 2: Choose a classifier (That you already used in Question 2 Assignment 1). Step 3: Specify the test option as Use training set and the column of class. Step 4: After the training, supply the test dataset (test.arff) to evaluate the classifier. Step 5: Re-evaluate model on current test set to perform the evaluation. Repeat the step 2 to 7 for other two classifiers. You need to include in your report the following: (a) Screenshot of the selected attributes and evaluation result for each classifier. (1.5 marks) (b) Compare your current outcomes with the outcomes of Question 2 Assignment 1 in term of Accuracy, precision, recall, F1-Score and false positive rate. (3 marks) Reflections: (c) Have you achieved better performance after applying the feature selection technique for each classifier? If yes, why you have achieved that. If no, what is reason you think for that. (2.5 marks) (d) In the UNSW-NB15 dataset, there are nine types of network attacks available. Among these nine attacks which three attacks are highly detected by the classifiers? Please give a short explanation of these three attacks. [3 marks] Page 6 of 8 Question 3. Firewalls and iptables [10] You are tasked with designing a network upgrade for an educational institute which has a single router, referred to as the gateway router, connecting its internal network to the Internet. The institute has the public address range 120.50.0.0/17 and the gateway router has address 120.50.170.1 on its external interface (referred to as interface ifext). The internal network consists of four subnets: A DMZ, which is attached to interface ifdmz of the gateway router and uses address range 120.50.171.0/25. A small network, referred to as shared, with interface ifint of the gateway router connected to three other routers, referred to as staff_router, student_router, and research_router. This network has no