Attempt all questions.
Submit the following on Moodle:
· Answers: A Microsoft Word document containing answers to the questions.
· File for Question 1: netcat.pcap
· Files for Question 2: screenshot-attack.png, screenshot-success.png
This is an individual assignment, and it is expected students answer the questions themselves. Discussion of approaches to solving questions is allowed (and encouraged), however each student should develop and write-up their own answers. See CQUniversity resources on Referencing and Pliagiarism
Guidelines for this assignment include:
· Do not exchange files (reports, captures, diagrams) with other students.
· Complete tasks with virtnet yourself – do not use results from another student.
· Draw your own diagrams. Do not use diagrams from other sources (Internet, textbooks) or from
· Write your own explanations. In some cases, students may arrive at the same numerical answer,
however their explanation of the answer should always be their own.
· Do not copy text from websites or textbooks. During research you should read and understand
what others have written, and then write in your own words.
A separate spreadsheet lists the details marking criteria.
Each sub-question is allocated marks in [square brackets].
Questions which require a specific answer will be marked on correctness.
Questions which require explanations will be marked on correctness, depth and clarity of the answer. To receive full marks, the explanation must be correct, must include significant depth to demonstrate understanding of the topic (but does not include irrelevant information), and must be clear to the intended audience. Unless otherwise stated, assume the audience has a background similar to Master of IT students that have successfully completed 1st year of study.
Questions which require diagrams will be marked on the correctness and clarity of the diagram.
Submitted files will be marked on correctness of the information included.
For this question you must use virtnet (as used in the workshops) to study Internet applications with Wireshark. This assumes you have already setup and are familiar with virtnet. See Moodle and workshop instructions for information on setting up and using virtnet, deploying the website, and performing the attack.
Your task is to:
• Create topology 5 in virtnet where:
o node1 will be referred to as the client
o node2 will be the router
o node3 will be the server
• Start capturing packets using tcpdump on the router (node2)
• While capturing, perform the following operations in order:
1. Start netcat TCP server using assigned port on the server (node3)
2. Start netcat TCP client on the client (node1)
3. On the client (node1) type: COIT20262 Assignment 1
· Stop the capture and save the file as netcat.pcap
Server port numbers must be assigned based on the last three (3) digits of your student ID, xyz, as
defined below. Examples are given for a student ID of 12345678.
· For netcat TCP server use port 6xyz. Example port: 6678
After performing and understanding the above steps, answer the following sub-questions
(a) Submit your capture file as netcat.pcap on Moodle. The single file must contain all packets of the
TCP exchange using your assigned port and using your ID and name. [3 marks]
(b) Draw a message sequence diagram that illustrates all the TCP packets generated by using netcat
(do not draw any packets generated by other applications or protocols, such as ARP, DNS
or SSH). A message sequence diagram uses vertical lines to represent events that
happen at a computer over time (time is increasing as the line goes down). Addresses of the
computers/software are given at the top of the vertical lines. Horizontal or sloped arrows are used to
show messages (packets) being sent between computers. Each arrow should be labelled with the
protocol, packet type and important information of the message. Examples of message sequence
diagrams are given in workshops. Note that you do not need to show the packet times, and the
diagram does not have to be to scale. [3 marks]
(c) Based on your capture only, identify the following information, and give the packet that the
information is found in. If the information is found in multiple packets, give the first packet from the
capture. For example, if the information is found in packet numbers 3, 5 and 7, you would give the
packet as 3. [4 marks]
Use virtnet, perform an SQL injection attack on the demo grading website www.myuni.edu.
The general steps for performing an SQL injection attack with virtnet are described at:
However you must follow these specific steps when performing the attack:
1. Before performing the attack, add two new student users to the database with the following details:
a. New student 1: username is your ID, password is your ID
b. New student 2: username is 12037777, password is hacker
2. For both of the new students add the following courses and grades:
a. New student 1: coit20262, D
b. New student 1: coit20263, C
c. New student 2: coit20262, HD
d. New student 2: coit20263, F
3. Perform the SQL injection attack as new student 2, i.e. logged in as 12037777
4. Take a screenshot of the attacker web browser showing the form the attacker uses to perform the attack. Make sure the screenshot clearly shows the fields/data entered by the attacker. Save the screenshot as screenshot-attack.png.
5. Take a screenshot of the attacker web browser showing a successful attack, i.e. the grades of other students. Save the screenshot as screenshot-success.png.
Answer the following questions.
(a) Give a general explanation of an SQL injection attack. (This explanation should NOT reference the attack you performed in virtnet; it should be for any SQL injection attack). [1 marks]
(b) Explain two general approaches that can be used to avoid or minimise SQL injection attacks. (This explanation should NOT reference the attack you performed in virtnet; it should be for any SQL injection attack). [2 marks]
For this specific attack on www.myuni.edu:
(c) Explain the limitation/weakness in the MyUni website that allowed the SQL injection attack to be successful. In your explanation refer to the file(s) and line(s) of code, and give samples of the code in your answer. [2 marks]
(d) Explain what the attacker, 12037777, had to do in their web browser to perform the attack. In your explanation include the screenshot screenshot-attack.png and refer to the information shown in that screenshot. [2 marks]
(e) Submit your screenshot screenshot-attack.png as a separate file. That is, you must both embed the screenshot in the report AND submit the file separately. The reason for this is that it makes it easier for the marker in reading the report to have an embedded image, but sometimes the quality is hard to read (hence the additional file submission). [1 mark]
(f) Explain what the attacker, 12037777, could learn or gain from performing the SQL injection attack. In your explanation include the screenshot screenshot-success.png and refer to the information shown in that screenshot. [1 mark]
(g) Submit your screenshot screenshot-success.png as a separate file. [1 mark]
(h) Explain what the website developer could do to prevent this SQL injection attack. In your explanation, give exact code or steps the developer should use. [2 marks]
Recent progress in artificial intelligence (AI) technologies have prompted massive growth in innovation and automation and their potentialities have expanded from smart buildings, smart transportation, smart grids, smart governances to smart anything. These technologies are already being used to defend network attacks; however, they can be used maliciously. For example, DeepLocker has shown the intentional use of AI for a harmful purpose. Threat actors are constantly changing and enhancing their attack approach with a unique emphasis on the application of AI-driven techniques inside the attack process which can be used in conjunction with traditional attack techniques to cause greater damage. Your task is to study how AI technologies can be used maliciously to perform network attacks and what measures should be taken to mitigate these attacks.
You must write a short report that answers the following questions:
(a) As a network security analyst, why is it important that you have knowledge of AI-based network attacks? 
(b) Select three examples of AI-based network attacks and describe them. 
(c) What are the defensive strategies you can take to prevent any two of the these attacks? 
You should structure your report into a section for each of the above parts.
There is no minimum/maximum length of the report. Support you finding by quoting reputable sources of information. You may draw diagrams if needed. Including pictures from other sources, or including pictures that do not help with the explanation will not gain marks and may lead to reduced marks. You may assume the audience of the report has a similar background on network security as you. You should give sufficient technical detail to demonstrate you understand the issues.
COIT20262 Network Security Assignment, matlab assignment help online, programming assignment experts, assembly language assignment help, python programming assignment help, php programming assignment help
Holding a PhD degree in Finance, Dr. John Adams is experienced in assisting students who are in dire need...
55 - Completed Orders
Canada, Toronto I have acquired my degree from Campion College at the University of Regina Occuption/Desi...
52 - Completed Orders
Even since I was a student in Italy I had a passion for languages, in fact I love teaching Italian, and I...
102 - Completed Orders
To work with an organization where I can optimally utilize my knowledge and skills for meeting challenges...
109 - Completed Orders
JOB OBJECTIVE Seeking entry level assignments in Marketing & Business Development with an organization...
202 - Completed Orders
Current work profile Project manager- The Researchers Hub (2nd Jan 2016 to presently working) Researc...
20 - Completed Orders
Sales Assistant, Mito Marina Assigned to the Stationery dept – assisted in merchandising, stock taking...
100 - Completed Orders
Personal Profile Dedicated and highly experienced private chauffeur. High energy, hardworking, punctua...
200 - Completed Orders
I'm Lizzy, full time education specialist in English, Essay Writing, Economics and Maths. Having Assi...
109 - Completed Orders