网络安全代写 | COS30015 IT Security Assignment
本次澳洲作业案例是网络安全相关的一个assignment作业代写
Any IT graduate involved in IT security will need to be able to adapt and respond to unfamiliar and changing security
threats and to evaluate and use new tools. To be capable in their profession, graduates need to be able to apply skills
through design and planning, categorisation, evaluation and analyse of tools, techniques, threats and procedures.
Choose ONE topic only from the following study areas:
Select one of the following topics and choose 1 attack and 1 security tool:
• Trojans and Backdoor
• Viruses and Worms
• Sniffers
• Phishing
• Denial of Service
• Buffer Overflows
You will need to research 1 tool attacker’s use, and 1 security tool used to counter attackers in the area chosen. Your
assignment involves running both tools, evaluating and analysing their use in means to evade or detect
threats/detection. That is, how are you going to use these tools? To show how attackers can bypass detection, or how
tools can be used to detect this threat type? Or show how both operate? From this perspective, you should justify your
choice (over others), install, run and demonstrate the use of tools, producing some output or results. You should
analyse and evaluate the usage and results from both attacker and defender perspectives, and potential impact. Be sure
to discuss threats and countermeasures of these risks.
Select one of the following topics:
1. Lock down a PC which would be connected to the Internet
2. Design and test a home security lab (locking down multiple devices found at home)
There exist many different guides to harden devices. You are required to follow one (of a reputable source) and
evaluate its effectiveness. You should choose a hardening guide, and outline a use case and example scenario (that is,
what needs to be locked down given what threats). This device should be locked down following best practices of the
guide. You then are required to evaluate the effectiveness of the guide in using a range of tools found in Kali
Linux or other well regarded tools. You should justify your guide and attacker tools, analyse and evaluate the
hardening strategy and results.
Select one of the following topics:
1. Prepare and test detailed instructions for modifying a game console
2. Audit the memory management of a complex C or C++ program. You should use buffer-overflow detection
software for this
These choices allow you to recreate known modifications, attack, or construct a use case for vulnerability exploration.
You should document the implementation of a modification, paying close attention to explaining and analysing the
techniques. Or, you should document the challenges, application and effectiveness of auditing memory management.
For either of these, you should link security and computing theory to practical application for evaluation. You are
required to document and analyse the impact of either, evaluate countermeasures and the practicality of either
(modification or exploration).
Select one of the following topics:
1. Using scripts and web services, trace (over 50) spam e-mails to their source as best as you can, try to detect
them
2. Analyse and document some malware which you have caught
These choices allow you to:
To evaluate the spam, you are required to implement a spam detection engine (either in R or Python: there are many
resources and datasets on GitHub). After investigating the sources of your spam, you should outline the purpose of
the spam and impact it may have. Then you should first train and test a detection model, and have it predict the emails
you obtained. You should analyse and evaluate the usage and results (confusion matric metrics) from both attacker
and defender perspectives, and include language, topics, spam technique (to trick the target or bypass the filter) along
with visualisation.
You are to use forensic tools to analyse the malware. You can use static or dynamic tools, or a combination of both.
Examples (but not limited to) of these a Cuckoo, REMnux, IDA Pro. Your evaluation should be in comparison to
older versions of the malware family or against recent examples which are similar, and the challenges surrounding
detection and mitigation. Examples of this evaluation could be: the change in behaviour, the means the malware
obfuscates its behaviour, or how it interacts within an operating system, and thus the impact and challenges it
presents. Along with your evaluation, you also need to document the justification of tools, threat definition and
challenges, and analysis methodology.