Task 3 does not need to be done
Security in Computing and IT (COSC2651/CPT251) Assignment 1, OUA SP4, 2020 Due Date: end of Week 5, 23:59pm Sunday 3/1/2021 Task 1 Using your skills learnt in Practical 01, select a recent (not older than three months) vulnerability from the National Vulnerability Database and analyse it from the following aspects: a) Provide a detailed description of the vulnerability. (Include the NVD url link) (4 marks) b) Impact (Access Vector, Complexity, Authentication, Impact type etc) including CVSS Score version 2 and version 3. (Screenshot Accepted) (4 marks) c) Explain the purpose of using CVSS scores. (Two valid bullet points expected. This must be explained in your own words) (4 marks) d) Proposed Solution (Screenshot Accepted. Must also include URL of vendor solution) (4 marks) e) Examine the ASD’s Strategies to Mitigate Cyber Security Incidents at: https://www.cyber.gov.au/acsc/view-all-content/publications/strategies-mitigate- cyber-security-incidents Identify which strategies mitigate the vulnerability? As part of your solution you must provide a valid explanation of how each chosen strategy will be effective. You must provide at least two strategies. In the event that only one is applicable, you must clearly explain why all other strategies are not effective. (4 marks) [20 marks] Task 2 Search a number of antivirus companies’ websites (e.g. Symantec, McAfee, Kaspersky, F-Secure, AVG, Bit Defender, Webroot, ESET, G-Data, Avira, Lavasoft, Microsoft etc.). Find at least four sites that publish malware listings, and compare their malware lists. a) List the four sites. (include URL) (4 marks) b) Discuss how descriptive and informative the sites are. (include screenshots, Compare at least 4 key criteria across the sites: Risk Criticality, Date, Recommendation, Description) (5 marks) c) Try to compare the malware listings (in terms of completeness of their malware listings and how up to date their listings are). Explain the problems with attempting to compare the malware listings of each site in this way. (5 marks) d) Given the differences in the way each site presents this information, which site would you recommend and why? (6 marks) [20 marks] https://www.cyber.gov.au/acsc/view-all-content/publications/strategies-mitigate-cyber-security-incidents https://www.cyber.gov.au/acsc/view-all-content/publications/strategies-mitigate-cyber-security-incidents Task 3 Select two recent, different threats from an antivirus company’s database. Describe for each: a) The descriptions and URL references to the two threats (4 marks) b) How the threat spread (two or more attack strategies) (4 marks) c) The targets of malicious activity (information, resource etc.) (4 marks) d) The ways of hiding inside the victim’s computer (avoids detection) (4 marks) e) At least two preventative measures the user could take to avoid the threat. (4 marks) [20 marks] Task 4 In a given system, passwords are required to be 8 to 12 characters in length. Each character can be any alphanumeric character and passwords are case sensitive. For authentication matching purposes, all passwords are hashed and stored in a password file. The password file contains 1024 password hash values, with each belonging to a single user in the system. Suppose an intruder has gotten access to the password file and the intruder has a dictionary containing 216 common passwords and there is a 6.25% chance that any given password is in that dictionary. In addition the intruder has a computer that can generate and compare 109 hashes per second. a) How many different passwords are possible? What if the password was not case sensitive? Explain your answer and show all calculations and results. (4 marks) b) How many years would it take to check every possible valid password combination (in both cases above)? (4 marks) c) Suppose the intruder wants to recover the password of Bill, who is a user in the system. Right now the intruder only has Bill’s password hash value in the password file. Using the intruder’s dictionary, what is the number of hash operations that the intruder expects to compute in order to find out Bill’s password, given the 6.25% chance that any given password is in the dictionary as mentioned above? Assuming that the intruder has a computer which can generate 109 hashes per second, how long would this take? Explain your answer and show all calculations and results. (6 marks) d) What is the probability that at least one of the 1024 passwords kept in the system actually exists in the intruder’s dictionary? (6 marks) [20 marks] Task 5 The delays and uncertainty over the recent US election have highlighted areas where security and technology both aid and limit the effectiveness of such systems. Investigate various electronic election voting systems, their benefits and their various issues. Contrast this against the pre-existing manual (in person and postal) voting processes and how these issues are addressed. As part of your investigation, determine the types of attacks and security limitations that each is susceptible to. How do poorer countries without infrastructure deal with these issues? How are issues such as non-repudiation, duplicate voting and other types of voter fraud detected and prevented in manual voting? What mechanisms and technologies are available to deal with these issues in electronic voting systems? SUBMISSION FORMAT You must submit a single pdf file. It's not acceptable to include photos of your handwriting in your submission, you must type your answers and format appropriately. Your content must be references using the RMIT Harvard Referencing style. (https://www.rmit.edu.au/content/dam/rmit/documents/library/referencing/Harvard-referencing-examples.docx) You must not reference sources such as Wikipedia. https://www.rmit.edu.au/content/dam/rmit/documents/library/referencing/Harvard-referencing-examples.docx