SIT202 Computer Networks Trimester 2, 2016 Problem Solving Report 3 Due Date: 5pm Tuesday September 27th, 2016 This assessment task must be completed individually, group work and/or collaboration with other students is prohibited. All work completed/submitted as part of this assessment task must be your own, individual work. Any content drawn from other materials, including unit materials, must be clearly quoted where appropriate, and/or clearly referenced. All students should review and be familiar with the content provided by the University regarding how to reference other materials: http://www.deakin.edu.au/students/study-support/referencing And in particular the information provided regarding Academy Integrity: http://www.deakin.edu.au/students/study-support/referencing/academic-integrity Unit Learning Outcomes As per the Unit Guide, the following Unit Learning Outcomes are relevant to this project: ULO 3. Select a local area and design simple protocols for a given environment to track current and future trends in computer networks. Given current and future requirements for one or more networks, you will be required to select/design appropriate protocols to satisfy those requirements. ULO 4. Analyse and articulate security attacks and countermeasures, symmetric and public cryptosystems, digital signature and authentication protocols. You will be required to analyse one or more networks to explain the security requirements of those networks and propose solutions.Question 1 (20 + 15 = 35 marks) a) Consider the design of an application layer protocol for the transfer of extremely large files (multi-terabyte files) for big data applications within a single network, i.e., there is no router/internetworking between the source and destination hosts. Provide two advantages and two disadvantages for selecting the TCP protocol, and two advantages and two disadvantages for selecting the UDP protocol for this application. b) Prepare a set of PowerPoint slides that explain reliable delivery using go-back-n. Your slides must include the following points: i) Introductory slide/s describing basic concepts of go-back-n; ii) Illustration of go-back-n where the receiver discards out-of-order packets; iii) Illustration of go-back-n where the receiver keeps out-of-order packets; and iv) Comparison of advantages and disadvantages. Question 2 (19 marks) In your own words, briefly describe the functionality of each of the following socket API calls for writing a client-server application using TCP: accept, bind, close, connect, listen, receive, send, and socket. In your answer, indicate any pre-requisite calls, e.g., before you can call bind() you must first have created a socket with socket(). Question 3 (18 marks) The local network management team have highlighted a number of important observations in the newest data captured using SNMP and TCP. For each of these observations, briefly explain the likely causes and actions you might take as leader of the network management team:  The link from Router A to Router B has historically shown data integrity errors at a rate of approximately 0.01% packets discarded on both ends of the link. In the last month, these have climbed to over 3% of packets discarded. Reviewing the IT support documentation repository, one of the networks team identifies that new Wiki software was installed on the web server at the same time (connected to Router A).  The organisations anti-virus tool has recently identified an unusually high rate of viruses being detected in a certain computer lab space. Over the same time period, the router connected to that network shows a substantial increase in the number of active TCP connections and the volume of TCP segments being sent to and from that network.  Recently a site-to-site VPN connection was established between a new branch office and the router that acts as the connection point to the ISP. Since the VPN was established, the average queue lengths of packets on the router (incoming packets waiting to processed / outgoing packets waiting to be transmitted) have increased from a very small/insignificant number to a very large number. Question 4 (20 + 8 = 28 marks) a) Protocols at the data-link, network, and/or transport layer often implement data integrity checks using either a checksum or CRC mechanism. Explain why these integrity checks are considered inadequate for the purposes of security and why digests used in Message Authentication Codes (MACs) are more suitable. b) A malicious student has gained administrative access to the University's DNS server and with their new access has implemented a Man in the Middle attack against HTTP+SSL connections by redirecting the web server to a compromised server's IP address. The student intends to record the usernames and passwords of users who log in, unfortunately the other students all realised that their login details would not be secure. Explain why the students were able to identify that their login details could be compromised.Submission Requirements Please note the following requirements when submitting your answers:  Your answers must be submitted to the correct Assignment box provided in CloudDeakin, submissions will not be accepted outside of this assignment box, e.g., email submissions will not be accepted.  Answers must be submitted in a format which can be read by the plagiarism detection system. It is your responsibility to ensure your answers in a correct format. o Acceptable formats include: Word (.doc/.docx), Excel (.xls/.xlsx), PowerPoint (.ppt/.pptx), OpenOffice Text (.odt), Rich Text Format (.rtf), HTML (.html/.htm), Acrobat (.pdf), and Text (.txt) o Unacceptable formats include: ZIP/RAR/7z or any other type of archive, submissions linked from the Portfolio (download the document from the portfolio and upload it separately). o Note that any diagrams you prepare as part of this Problem Solving Report can be submitted either embedded in your document or separately using common image formats  Late submissions are penalised as per Faculty regulations, which is based on the due date of the submission. Note that the indication of lateness by CloudDeakin is often misleading and not considered. For example, for a due date of 5pm Tuesday: o Submission before Tuesday 5pm – no penalty. o Submission after Tuesday 5pm but before Wednesday 5pm – 10% penalty o Submission after Wednesday 5pm but before Thursday 5pm – 20% penalty o Submission after Thursday 5pm but before Friday 5pm – 30% penalty o Submission after Friday 5pm – not accepted.  Applications for extensions can only be considered by the unit chair. In general, applications must be submitted before the due date (unless it is not possible to do so), and must satisfy the rules for special consideration, i.e., reasons must fall into categories for medical, compassionate, or hardship, and evidence must be provided. If you have to wait to receive evidence (such as documentation from a practitioner/professional), or if the due date has passed, you should still contact the unit chair for advice as soon as possible.Marking Scheme Question 1 (20 + 15 = 35 marks)  Part (a) o (5 marks) Advantages of TCP for proposed application layer protocol. o (5 marks) Disadvantages of TCP for proposed application layer protocol. o (5 marks) Advantages of UDP for proposed application layer protocol. o (5 marks) Disadvantages of UDP for proposed application layer protocol.  Part (b) o (3 marks) Introductory slides. o (3 marks) Illustration of receiver discarding out-of-order packets. o (3 marks) Illustration of receiver keeping out-of-order packets. o (3 marks) Comparison of advantages. o (3 marks) Comparison of disadvantages. Question 2 (19 marks)  (8 x 2 = 16 marks) Descriptions of socket API calls.  (3 marks) Correct indication of pre-requisites Question 3 (18 marks)  (3 x 3 = 9 marks) Explanation of likely causes.  (3 x 3 = 9 marks) Explanation of proposed actions and how they address causes. Question 4 (20 + 8 = 28 marks)  Part (a) o (5 marks) Basic concepts of checksum/CRC integrity checks. o (5 marks) Why checksum/CRC checks are inadequate for security. o (5 marks) Basic concepts of digests. o (5 marks) Why digests are more suitable for security.  Part (b) o (3 marks) Basic concepts of how SSL verifies server certificate. o (5 marks) Explanation of how students could identify insecure connection.