Assessment Details and Submission Guidelines Unit Code BN203 Unit Title Network Security Assessment Type Assignment #01 (Individual) Assessment Title Distributed Denial of Service Attacks (DDoS) Purpose of the assessment (with ULO Mapping) After completing this assessment, student’s should be able to: - Discuss common threats and attacks on networked information systems  - Identify network threats - Explain the major methodologies for secure networks and what threats they  address  Weight 15% Total Marks 30 Word limit Part A: 750 Part B: 750 Due Date Submission Guidelines  All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page.  The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2 cm margins on all four sides of your page with appropriate section headings.  Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style. Extension  If an extension of time to submit work is required, a Special Consideration Application must be submitted directly to the School's Administration Officer, in Melbourne on Level 6 or in Sydney on Level 7. You must submit this application three working days prior to the due date of the assignment. Further information is available at: http://www.mit.edu.au/about-mit/institute- publications/policies-procedures- and-guidelines/specialconsiderationdeferment Academic Misconduct  Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: http://www.mit.edu.au/about- mit/institute-publications/policies- procedures-and- guidelines/Plagiarism- Academic-Misconduct- Policy-Procedure For further information, please refer to the Academic Integrity Section in your Unit Description. Unit Code: BN203 Unit Name: Network Security Prepared by: Naveed Dilber Moderated by: Dr Fariza Sabrina April, 2017 Assignment Description Part A: (15 Marks) Distributed denial of service (DDoS) attacks present a significant security threat to corporations. In one study, covering a three-week period, investigators observed more than 12,000 attacks against more than 5000 distinct targets, ranging from well-known ecommerce companies such as Amazon and Hotmail to small foreign ISPs and dial-up connections. DDoS attacks make computer systems inaccessible by flooding servers, networks, or even end user systems with useless traffic so that legitimate users can no longer gain access to those resources. In a typical DDoS attack, a large number of compromised hosts are amassed to send useless packets. In recent years, the attack methods and tools have become more sophisticated, effective, and more difficult to trace to the real attackers, while defence technologies have been unable to withstand large-scale attacks. A denial of service (DoS) attack is an attempt to prevent legitimate users of a service from using that service. When this attack comes from a single host or network node, then it is simply referred to as a DoS attack. A more serious threat is posed by a DDoS attack. In a DDoS attack, an attacker is able to recruit a number of hosts throughout the Internet to simultaneously or in a coordinated fashion launch an attack upon the target. Figure 1 1) Using the given DDoS attack diagram in Figure 1, identify type of DDoS attack and justify in detail how this attack will affects the Victim’s workstation. 2) Discuss atleast two solutions how this attack can be avoided or mitigated. Marking Criteria: Section to be included in the report Description of the section Marks Introduction Description of selected topic 2 Analyse Analyse identified issues 6 Evaluate/justification Write justification of your evaluation 4 Conclusion Write summary of the report 2 Reference style Follow IEEE reference style 1 Total 15 Unit Code: BN203 Unit Name: Network Security Prepared by: Naveed Dilber Moderated by: Dr Fariza Sabrina April, 2017 Part B: (15 Marks) It is important for networking professionals to stay abreast of new security threats and learn how to address them. In this task, you will look at some web resources that can help you find out about vulnerabilities on your network. For this task, you will need a workstation with internet connectivity and a web browser. 1) Connect to the internet and point your browser to the following: https://technet.microsoft.com/en-us/security/advisories 2) View the entire list of published security advisories. Scroll through and find any two vulnerabilities related to Microsoft product that’s familiar to you such as windows, web browsers or Microsoft office. Click the advisory’s title and number in the left column to view the entire announcement. 3) Read the description of the problem and how it has been addressed. How was the problem discovered and reported? How could someone exploit this vulnerability? Does the potential vulnerability belong to any of the categories you learned such as DDoS, Brute Force, Phishing etc? What are the potential damages this vulnerability could cause, if exploited? Marking criteria: Section to be included in the report Description of the section Marks Introduction Description of each vulnerability 2 Answering question #03 Answering in detail in your own words 10 Conclusion What have you learned from this task 3 Total 15 Marking Rubric: Grade Mark HD 80%+ D 70%-79% CR 60%-69% P 50%-59% Fail < 50% Excellent Very Good Good Satisfactory Unsatisfact ory Identification and Analysis and description Highly valid and appropriate Valid and appropriate Generally valid and appropriate Valid but no appropriate Not valid and not appropriate Explanation/ justification All elements are present and well integrated. Components present with good cohesion Components present and mostly well integrated Most components present Lacks structure. Reference style Clear styles with excellent source of references. Clear referencing/ style Generally good referencing/style Unclear referencing/ style Lacks consistency with many errors Presentation and diagrams Proper writing and drawing. Professionally presented Properly written and drawing, with some minor deficiencies Mostly good, but some structure or presentation problems Acceptable presentation Poor structure, careless presentatio