Assessment Details and Submission Guidelines Unit Code MN603 Unit Title Wireless Network & Security Assessment Type Group Assessment with Individual Components Assessment Title Design Secure Wireless LAN Purpose of the assessment (with ULO Mapping) The purpose of this assignment is to exercise and develop skills required to design secure wireless networks, addressing the need of clients. In this assessment, students will be able to • Analyse practical alternatives for how to build, protect and manage WLAN. • Design a secure WLAN and utilise techniques to mitigate possible attacks. • Solve complex problems in secure wireless network designs. • Help enterprises to maintain and implement a secure wireless network. • Contribute and cooperate with teams for implementing a secure wireless network. Weight 20% Marks 40 Word limit N/A Due Date Friday 5 PM, Week 11 (3 Feb 2017) Submission Guidelines • All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page. • The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2 cm margins on all four sides of your page with appropriate section headings. • Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style. • In addition to your report, you are required to appear for an interview to your tutor. In this part: Each member of the group will be asked questions pertaining to his/her work and the overall project. • Zip the report (word document) and design file (ex. SmartDraw file) as "Group number.extension" (Group1.extension) on Moodle on or before the due date. Extension • If an extension of time to submit work is required, a Special Consideration Application must be submitted directly to the School's Administration Officer, in Melbourne on Level 6 or in Sydney on Level 7. You must submit this application three working days prior to the due date of the assignment. Further information is available at: http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/specialconsiderationdeferment Academic Misconduct • Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/Plagiarism-Academic-Misconduct-Policy-Procedure. For further information, please refer to the Academic Integrity Section in your Unit Description. Assessment Cover Sheet Student ID: Student Surname: Given Name: Course: School: Unit Code: Unit Title: Due Date: Date Submitted: Campus: Lecturer: Tutor: All work must be submitted on Moodle by the due date. If an extension of time to submit work is required, a Special Consideration Application must be submitted. Further information is available at: http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/specialconsiderationdeferment Academic Misconduct Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/Plagiarism-Academic-Misconduct-Policy-Procedure. For further information please refer to the Academic Integrity Section in your Unit Description. Student Declaration I/We declare that:  the work contained in this assignment is my/our own work/group work, except where acknowledgement of sources is made;  certify that this assessment has not been submitted previously for academic credit in this or any other course;  I/we have read the MIT's Plagiarism and Academic Misconduct Policy Procedure, and I/we understand the consequences of engaging in plagiarism;  a copy of the original assignment is retained by me/us and that I/we may be required to submit the original assignment to the Lecturer and/or Unit Co-ordinator upon request; I/we have not plagiarised the work of others or participated in unauthorised collaboration when preparing this assignment. Student Signature: Date: 1. Background This is a group assignment, with 2-3 members in each group. Secure Hotspot Throughput Analysis in ShopEz Mall By Dr Vinod Mirchandani You are employed as a Wireless Network Engineer by a leading shopping mall company called ShopEz to provide WLAN coverage for the planned hotspots inside the mall. You have the option to provide the hotspots in the mall by using only either the 802.11b or 802.11g WLAN Access Points (APs). Some of the hotspots are to provide Open access authentication while others need to provide shared key authentication to customers who pay a fee. ShopEz mall wants to provide hotspot access from each of the APs with a minimum throughput of 1 Mbps in its coverage area. This minimum throughput would also be sufficient for the shoppers to gain access to multimedia services locally as well as over the Internet. An important question that you need to study experimentally is to determine the variation in the average throughput experienced by the client device(s) vs distance in meters from the AP. In order, to get a good estimate of the throughput at different distances from the AP you need to measure the throughput in four different directions i.e. with client devices antenna directly in Line of Sight of the AP, the client devices antenna at 90 degrees (deg.) from AP, at 180 deg. from AP and at 270 deg. from the AP. The throughput needs to be measured for two different packet sizes i.e. 500 bytes and 1470 bytes. As this is an indoor environment so the RF propagation characteristics also come into play. So, a proper choice of either the 802.11b or 802.11g available WLANs also needs to be made along with suitable antennas in the final network. ShopEz mall is on a tight schedule and budget so you need to quickly create a small testbed using open source tools and software to measure the throughput vs range from AP. You have been told by the IT department of the mall that in the past they have used Iperf tool to emulate the generation of UDP network traffic and Wireshark to sniff the packets. You should determine the throughput vs range in meters from the AP time for UDP traffic generated first for a packet size of 500 bytes and then 1470 bytes. You need to repeat the above study for APs using a shared secure key and for the same two packet sizes and compare the results with the corresponding results obtained for open access authentication system. From the comparison of the results an important question that you need to analyse is if the throughput vs range performance is influenced by shared key authentication.. Note: You also need to undertake a serious literature research on tools, security equipment required and any issues that may arise. 2. Requirements Design the network to evaluate the performance of throughput vs range as specified in the above scenario from scratch. You have to submit a group report and specify each individual group member's contribution in front page. You should address the following tasks in your report: Group member one: • What in your opinion are the key factors that influence the performance of throughput in the above case study? • Create and discuss the experimental setup for the performance measurement in the above case study with the help of figures. • Create and discuss the Test plan with the help of Figures and tables to evaluate the throughput vs range performance. Provide adequate justifications for each step in the plan. • List the networking, devices and software required including their costs. Group member two: • In your opinion what are the motivations for carrying out the performance study in the above scenario • Research and explain the criteria on which you will select the WLAN in the above scenario i.e. 802.11b or 802.11g. • Prepare the experimental setup of Group member one – Devices, software installations, proper allocation of IP addresses, frequencies and connections and the Testing of connectivity. Creation of UDP traffic type and its details such as packet size, data rates etc. • Methodical measurement of performance and its tabulation for both the open access authentication and shared key case. Group member three: • Would a mesh network topology be suitable in the above scenario for a peer-to-peer or backhaul communications in the mall? Investigate the implications of using a mesh network. • Discuss the scenario in which the test was conducted such as the height and orientation of devices, antenna types, floor plan with distances, show any obstructions, walls, distances between devices • Document the work of Group members two and one and prepare a complete report in close consultation with members 1 and 2. • Discuss also in the report in the following sections: executive summary, introduction, research/investigation related questions of Group members 1 and 2, research regarding mesh networks suitability and its implications in the above scenario, test and measurements (work of group members 1 and 2), major outcomes from the interpretation of the results, issues and any future tasks. 3. Marking Rubric: Total marks for report: 36. Marks are allocated as follows: BONUS MARKS (at week 12 lab): As a group implement • To get BONUS marks you have to demonstrate your proposed setup to evaluate the throughput vs range performance. Marking for Assignment 2 (group report) Total Marks=40 Student Names & IDs: Submission Due: …./…../2015 Date Submitted:.…/…../ 2015 Marker's Name: Mark Achieved in report and demo: /40 HD 80-100% DI 70-79% CR 60-69% P 50-59% Fail <50% Report Presentation /6 Table of contents with appropriate section numbers, figures, references and other appendices Table of contents with appropriate section numbers, figures, references Table of contents with section numbers, figures, references Table of contents and references No proper table of contents, figures, references Assumption, equipment and cost /5 List all the assumptions made, list all the hardware and their cost List most of the assumptions made, list most of the hardware and their cost List some of the assumptions made, list some of the hardware and their cost List few of the assumptions made, list few of the hardware and their cost Did not list most of the assumptions made, Did not list most of hardware Security Requirements /5 Detail all the security requirements for wireless and wired network of the medical centre stated in the case study. Detail most of the security requirements for wireless and wired network of the medical centre stated in the case study. Detail some security requirements for wireless and wired network of the medical centre stated in the case study. Detail very few security requirements for wireless and wired network of the medical centre stated in the case study. Did not detail most of the security requirements for wireless and some of the security requirement for wired network of the medical centre stated in the case study. The network infrastructure /10 The diagram included all system components and interconnecting the devices, with proper labelling of network equipments. The diagram included most system components and interconnecting the devices, with proper labelling of network equipments. The diagram included system components and interconnecting the devices, with proper labelling of network equipments. The diagram included all system components with proper labelling of network equipments. The diagram did not included important system components. Describe and justify your design /5 Detailed descriptions and very well supported arguments. Detailed descriptions and well supported arguments. Detailed descriptions and supported arguments. Detailed descriptions and some supporting arguments. Some descriptions only. Implementation steps or clarity of test bed setup details /5 Detailed descriptions and complete steps. Some detail descriptions and complete steps. Brief descriptions and complete steps. Very brief descriptions and complete steps. Incomplete steps. Interview /4 Student has very good and clear understanding about the activity performed in the project. Student has good and clear understanding about the activity performed in the project. Student has clear understanding about the activity performed in the project. Student has understanding about the activity performed in the project. Student is confused about the activity performed in the project. BONUS marks for Demonstration /10 The implementation is very well suited to your designed network. The implementation is well suited to your designed network. The implementation is suited to your designed network.. The implementation is suited to your designed network.. The implementation is suited to your designed network.. Poor writing Inadequate structure, careless & untidy presentation -5 Plagiarism Type of plagiarism - Copy from other student - Copy from internet source/textbook - Copy from other sources -36 Assessment Components Description of the section Report Presentation Table of contents, figures, references, the minutes and other appendices The network structure Description & Diagrams showing the network (wired and wireless) Security requirements and justification Identify all required security requirements and justify those using logical arguments. Equipment's and cost Detailed descriptions of major equipments and technologies and cost Detail of authentication and authentication technique implementation process ( step by step) List and explain implementation process of authentication and authorization technique for your designed network Assumption The assumptions are not the requirements that are provided in the task. They are the additional requirements that you need for your design. Interview Clarity of students involvement and understanding of the project Poor writing Inadequate structure, careless & untidy presentation Plagiarism Type of plagiarism - Copy from other student - Copy from internet source/textbook - Copy from other sources