Assessment Details and Submission Guidelines Unit Code MN603 Unit Title Wireless Networks & Security Assessment Type Group Assessment with Individual Components with 2-3 members in each group Assessment Title The cutting edge wireless technologies and your critical thinking about them Purpose of the assessment (with ULO Mapping) The purpose of this assignment is to exercise and develop skills required to design secure wireless networks, addressing the need of clients. In this assessment, students will be able to Analyse practical alternatives for how to build, protect and manage WLAN.  Design a secure WLAN and utilise techniques to mitigate possible attacks.  Solve complex problems in secure wireless network designs.  Help enterprises to maintain and implement a secure wireless network.  Contribute and cooperate with teams for implementing a secure wireless  network.  Weight 20% Total Marks 80 Word limit 1400 Due Date Friday 5 PM, Week 11 (26 May 2017) Submission Guidelines All work must be submitted on Moodle by the due date along with a completed Assignment Cover Sheet. The report will be automatically checked by Turnitin embedded on moodle. By submitting on MOODLE you agree that the work is yours unless properly cited. The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2 cm margins on all four sides of your page with appropriate section headings. Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style. For assignments 1 to 5 days late, a penalty of 10% (of total available marks) per day. For assignments more than 5 days late, a penalty of 100% will apply. One group one submission. Extension If an extension of time to submit work is required, a Special Consideration Application must be submitted directly to the School's Administration Officer, in Melbourne on Level 6 or in Sydney on Level 7. You must submit this application three working days prior to the due date of the assignment. Further information is available at: http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/specialconsiderationdeferment Academic Misconduct Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/Plagiarism-Academic-Misconduct-Policy-Procedure. For further information, please refer to the Academic Integrity Section in your Unit Description.  Assignment Description: Student need to form a group of two to three students. Then the group need to pick up one of below project on group interest. A group need to design a network according to given specification and submit a group report including individual group member’s contribution in front page. Both project is designed and created by Dr Vinod Mirchandani. Project I: Secure Hotspot Throughput Analysis in ShopEz Mall You are employed as a Wireless Network Engineer by a leading shopping mall company called ShopEz to provide WLAN coverage for the planned hotspots inside the mall. You have the option to provide the hotspots in the mall by using only either the 802.11b or 802.11g WLAN Access Points (APs). Some of the hotspots are to provide Open access authentication while others need to provide shared key authentication to customers who pay a fee. ShopEz mall wants to provide hotspot access from each of the APs with a minimum throughput of 1 Mbps in its coverage area. This minimum throughput would also be sufficient for the shoppers to gain access to multimedia services locally as well as over the Internet. An important question that you need to study experimentally is to determine the variation in the average throughput experienced by the client device(s) vs distance in meters from the AP. In order, to get a good estimate of the throughput at different distances from the AP you need to measure the throughput in four different directions i.e. with client devices antenna directly in Line of Sight of the AP, the client devices antenna at 90 degrees (deg.) from AP, at 180 deg. from AP and at 270 deg. from the AP. The throughput needs to be measured for two different packet sizes i.e. 500 bytes and 1470 bytes. As this is an indoor environment so the RF propagation characteristics also come into play. So, a proper choice of either the 802.11b or 802.11g available WLANs also needs to be made along with suitable antennas in the final network. ShopEz mall is on a tight schedule and budget so you need to quickly create a small testbed using open source tools and software to measure the throughput vs range from AP. You have been told by the IT department of the mall that in the past they have used Iperf tool to emulate the generation of UDP network traffic and Wireshark to sniff the packets. You should determine the throughput vs range in meters from the AP time for UDP traffic generated first for a packet size of 500 bytes and then 1470 bytes. You need to repeat the above study for APs using a shared secure key and for the same two packet sizes and compare the results with the corresponding results obtained for open access authentication system. From the comparison of the results an important question that you need to analyse is if the throughput vs range performance is influenced by shared key authentication. Note: You also need to undertake a serious literature research on tools, security equipment required and any issues that may arise. You should address the following tasks in your report. You are required to perform detailed literature review on hardware/software, security and other issues. Group member one: What in your opinion are the key factors that influence the performance of throughput in the above case study? Create and discuss the experimental setup for the performance measurement in the above case study with the help of figures. Create and discuss the Test plan with the help of Figures and tables to evaluate the throughput vs range performance. Provide adequate justifications for each step in the plan. List the networking, devices and software required including their costs. Group member two: In your opinion what are the motivations for carrying out the performance study in the above scenario Research and explain the criteria on which you will select the WLAN in the above scenario i.e. 802.11b or 802.11g. Prepare the experimental setup of Group member one – Devices, software installations, proper allocation of IP addresses, frequencies and connections and the Testing of connectivity. Creation of UDP traffic type and its details such as packet size, data rates etc. Methodical measurement of performance and its tabulation for both the open access authentication and shared key case. Group member three: Would a mesh network topology be suitable in the above scenario for a peer-to-peer or backhaul communications in the mall? Investigate the implications of using a mesh network. Discuss the scenario in which the test was conducted such as the height and orientation of devices, antenna types, floor plan with distances, show any obstructions, walls, distances between devices Document the work of Group members two and one and prepare a complete report in close consultation with members 1 and 2. Discuss also in the report in the following sections: executive summary, introduction, research/investigation related questions of Group members 1 and 2, research regarding mesh networks suitability and its implications in the above scenario, test and measurements (work of group members 1 and 2), major outcomes from the interpretation of the results, issues and any future tasks.  Project II: Pilot Project for Implementation of Wireless access network in Albert School You are the technical consultant to the Education department of NSW that currently has 200 schools under its administration. Most of the schools are of similar type and requirements for example: have around 500 students per school, 50 staff, online education programs, video conferencing facility between staff members across different campuses. Many of the schools do not have adequate wireless coverage Consider one such school in the NSW school system called Albert school that the NSW Education department wants to use it as a pilot project to provide cost effective wireless access. In Albert school currently there is no provision for wireless access to the campus network and Internet. The students and staff have made repeated demands to the school principal to have wireless access to the Albert school network and Internet. As the school often gets visitors and parents so this will also allow them to gain access to the wireless network by using their own laptop computer. The school’s principal also is eager to have a wireless network that should provide support for visitors and secure access to resources for the staff. You have been assigned to help Albert school to have a wireless network and being a pilot project you will be making use of the experience that you will gain from it in other NSW schools as well. Some of the challenges that you face are with respect to the cost, security, vendor selection, implementation and performance. One of the security issue faced by the school is that signal transmitted by the access point (AP) could also be transmitted outside the school building. This could then be used by hackers to gain access to the school internal network and resources. Another issue that may arise in the event of poor security measures is that the visitors to the school could access the resources of the staff. Rogue APs is also a concern to the school principal as well as the type of content accessed. The principal also wants the details of the student(s) who violate the school’s policies with regards the usage policy to be immediately logged so that after auditing action can be taken against the offending student(s). Some of the students also use USB mobile broadband modem to bypass the school’s network access control and content access policies. This may pose as a security risk as well. The IT team of the Education department has recommended you to use the RADIUS server for authentication purposes in the school. The school principal wants you to create an experimental testbed to demonstrate its usefulness to him and the school staff. You are also faced with the challenge of the architecture that you need to have for Albert school i.e. whether to have it distributed or centralised. Cost of the overall network including maintenance needs should be kept as low as possible because of the budgetry constraints of the Education department. Apart from the RADIUS server demonstration you have to make several recommendations to the school for all aspects of the network. Note: You also need to undertake a serious literature research on tools, security equipment required and any issues that may arise. You should address the following tasks in your report. You are required to perform detailed literature review on hardware/software, security and other issues. Group member one: Explain the different ways by which you could keep the costs low for the Albert school wireless network Explain the ways by which you could meet the security requirements of the school including preventing visitors from accessing the internal network of the school’s staff. How would you restrict the range of the wireless signal so that it does not appear outside the school building? What are the advantages and disadvantages of your methods? Group member two: Create and discuss the experimental setup for the RADIUS server authentication in the above case study with the help of figures. What type of architecture would you choose – Centralised or Distributed? Justify your answer. What type of tools would you use for implantation of the wireless network? Justify their selection. Group member three: Explain your plan for the implementation of the school’s wireless network with the help of a diagram. What recommendations you would make to the school’s principal in providing cost effective coverage, antenna type, number of APs, minimising network drops, allocation of frequencies of the APs, signal measurement. Write a report that includes the following sections: executive summary, introduction, work of Group members 1 and 2, plan of your implementation along with figure, your recommendations and conclusions.  Marking Components and Criteria: Marking Components: Assessment Components Description of the section Marks Allocated Report Presentation Presentation of report including table of contents, figures, references, the minutes and other appendices 10 Assumption, equipment and cost List all the assumptions made, list all the hardware and their cost. The assumptions are not the requirements that are provided in the assignment. They are the additional requirements that you need for your design. 10 Security Requirements Identify all required security requirements and justify those using logical arguments. 10 The network infrastructure Description & diagrams showing the network (wired and wireless) 20 Justification of security requirements Identify all required security requirements and justify those using logical arguments. 10 Implementation steps or clarity of test bed setup details Implementation Steps and the implementation is very well suited to your designed network. 10 Demonstration in simulation setting or practical setting The implementation is very well suited to your designed network. 10 Poor writing Inadequate structure, careless & untidy presentation -5 Plagiarism Type of plagiarism Copy from other student Copy from internet source/textbook Copy from other sources -80  Marking Criteria: HD 80-100% DI 70-79% CR 60-69% P 50-59% Fail <50% Report Presentation /10 Table of contents with appropriate section numbers, figures, references and other appendices Table of contents with appropriate section numbers, figures, references Table of contents with section numbers, figures, references Table of contents and references No proper table of contents, figures, references Assumption, equipment and cost /10 List all the assumptions made, list all the hardware and their cost List most of the assumptions made, list most of the hardware and their cost List some of the assumptions made, list some of the hardware and their cost List few of the assumptions made, list few of the hardware and their cost Did not list most of the assumptions made, Did not list most of hardware Security Requirements /10 Detail all the security requirements for wireless and wired network of the medical centre stated in the case study. Detail most of the security requirements for wireless and wired network of the medical centre stated in the case study. Detail some security requirements for wireless and wired network of the medical centre stated in the case study. Detail very few security requirements for wireless and wired network of the medical centre stated in the case study. Did not detail most of the security requirements for wireless and some of the security requirement for wired network of the medical centre stated in the case study. The network infrastructure /20 The diagram included all system components and interconnecting the devices, with proper labelling of network equipment. The diagram included most system components and interconnecting the devices, with proper labelling of network equipment. The diagram included system components and interconnecting the devices, with proper labelling of network equipment. The diagram included all system components with proper labelling of network equipment. The diagram did not include important system components. Describe and justify your design /10 Detailed descriptions and very well supported arguments. Detailed descriptions and well supported arguments. Detailed descriptions and supported arguments. Detailed descriptions and some supporting arguments. Some descriptions only. Implementation steps or clarity of test bed setup details /10 Detailed descriptions and complete steps. Some detail descriptions and complete steps. Brief descriptions and complete steps. Very brief descriptions and complete steps. Incomplete steps. Demonstration in simulation setting or practical setting /10 The implementation is very well suited to your designed network. The implementation is well suited to your designed network. The implementation is suited to your designed network. The implementation is suited to your designed network. The implementation is suited to your designed network.. Poor writing Inadequate structure, careless & untidy presentation -5 Plagiarism Type of plagiarism Copy from other student Copy from internet source/textbook Copy from other sources -80 The End