共计 10319 个字符,预计需要花费 26 分钟才能阅读完成。
Introduction to computer systems, networks and security
Assignment 2 – Trimester 1, 2021
Submission guidelines
This is an individual assignment, group work is not permitted (except for parts of task 1.1 as stated below).
Deadline: 10 May 2021, 11:55pm
Submission format: Word (doc, docx) (one file containing both parts 1 and 2), uploaded electronically via
Moodle.
Late submission:
• By submitting a Special Consideration Form or visit this link:
https://lms.monashcollege.edu…
• Or, without special consideration, you lose 5 marks of your mark per day that you submit
late (including weekends). Submissions will not be accepted more than 5 days late. This
means that if you got Y marks, only Y-n*5 will be counted where n is the number of days
you submit late.
• Assessment items will not be accepted after more than 14 calendar days unless a Special
Consideration application has been approved. This 14-day time frame does not apply to
assessments due in Week 12.
Marks: This assignment will be marked out of 100 points, and count for 15% of your total unit marks.
Plagiarism: It is an academic requirement that the work you submit be original. If there is any
evidence of copying (including from online sources without proper attribution), collaboration, pasting
from websites or textbooks, Zero marks may be awarded for the whole assignment, the unit or you
may be suspended or excluded from your course. Monash Colleges policies on plagiarism, collusion,
and cheating are available here or see this link:
https://www.monashcollege.edu…
Further Note: When you are asked to use Internet resources to answer a question, this does not
mean copy-pasting text from websites. Write answers in your own words such that your
understanding of the answer is evident. Acknowledge any sources by citing them.
Monash College MCD4700 Assignment 2
1
- WLAN Network Design and Security
For this task, you will perform a WLAN site survey. Your task is to produce a map of (part of) a building that
gives an overview of the wireless networks that are available, as well as an analysis of the network. What you
will need: a WiFi-enabled laptop (some smartphones also work, see below), and a place to scan. You can
perform a survey of your home or, of an office space or, of parts of the Monash University campus, or inside
a shopping centre. If you don’t own a suitable device that you could use for this activity, please try to borrow
one from a friend, or contact us to find out an alternative. This activity has two sub-tasks: (a) conduct a survey,
and (b) write a report on your observation.
1.1. Survey
Create a map of the place that you want to do a survey. A simple floor-plan will be sufficient, which doesn’t
have to be perfectly scaled. Your survey should cover an area of at least 80 square meters (e.g. 8×10
meters, or 4×20, or two storeys of 4×10 each). Be creative about the survey, which can include indoor
hallways or outside areas. Your survey should include walls, doors etc. as obstruction to wireless signals. It
will be easier to write something interesting in the analysis in part b). Furthermore, your survey must include
at least three WiFi access points (AP). These APs can be inside your own residence, but can also include
neighbours’APs. If you are scanning in a commercial area or on campus, you should be able to see enough
APs. If you want, you can create an additional AP with a phone (using Personal hotspot or Tethering
features).
For the survey, use a WLAN sniffing tool (see below) and collect data from more than or equal to eight
different locations on your map. For each location, record the technical characteristics of all visible APs. In
particular, you should record network name, MAC address, signal strength, 802.11 version(s) supported,
band (2.4 or 5 GHz) and channel(s) used. Some of these parameters may not be available depending on
the tools and/or the laptop brand that you use. In that case, collect as much data as possible. Create maps,
based on your floor-plan, that visualises the information you have gathered. Do not use automatically
generated“heatmaps”as produced by professional versions of the apps mentioned above. Simple maps
that show the values of the different characteristics in different locations are sufficient. You can submit one
or two maps, showing different aspects of your scan. The maps need to include locations of the access
points (as far as you can determine them, or an approximation of the location based on the observed signal
strength). (30 Marks)
Monash College MCD4700 Assignment 2
2
Example Floor Plan
This is just to give you an idea of the level of detail required in the map. Your map may include either a singlestory
or a double-story house that you are living in. In addition to the map, your survey would have to include
tables that contain details and measurements for the indicated locations.
Dimensions: 8×10 meters, or 4×20, or two storeys of 4×10 each
Red circles: access points
Blue circles: locations of measurements
Monash College MCD4700 Assignment 2
3
1.2. Write a Report (Word limit 600)
Write a report on your observations analysing the data collected in the previous step. Your analysis should
investigate the following aspects:
1.2.1. Channel occupancy: Are different access points competing on the same channels? Are they
configured to use overlapping channels? Is roaming available? Determine the overlap that has
been implemented to enable roaming. Etc. (7.5 Marks)
1.2.2. Attenuation: How does different material affect signal strength and noise? Do you notice any
difference in attenuation for different APs? How about attenuation caused by your own body? Can you
measure and reflect the result? (7.5 marks)
1.2.3. Coverage: Do the access points sufficiently cover the desired area? Could the placement or
configuration be improved? (7.5 Marks)
1.2.4. Any other aspect of your own choice. Here are a few suggestions: (7.5 Marks)
a. measure the attenuation caused by your own body, or
b. measure the download and upload speeds in different locations, or
c. determine the overlap that has been implemented to enable roaming, or
d. describe how you interpolated the locations of access points from the signal strengths.
e. Interference: Effect of other sources of signals (microwave oven, reflected signals from walls,
doors etc.)
Describe your findings and explain them with some technical detail adding some diagrams (i.e., not only say
what you found, but also how you performed the analysis or why you think the network is behaving that way).
Tools: You can use e.g. Acrylic WiFi (https://www.acrylicwifi.com/en/) for Windows, NetSpot
(http://www.netspotapp.com) for Mac OS and Windows, and LinSSID or wavemon for Linux. If you have an
Android smartphone, apps like WiFi Analyzer can also be used. On iOS, WiFi scanning apps do not provide
enough detail, so iPhones won’t be suitable for this task. For drawing the site maps, any drawing tool should
work, for example LucidChart, or even presentation tools such as Powerpoint, Keynote or Google Slides. Scans
of hand-drawn maps are acceptable if they are neat and easily readable.
Monash College MCD4700 Assignment 2
4 - Cyber Security
Information on security problems, weaknesses and attacks can be found in many places (blogs, newsletters,
experts’pages, etc.). Your task is to pick one item from the following list, read the news item, look up and read
the referenced sources, and finally write a report on the findings. [Note: all the links were checked while preparing
this document. If any of the links couldn’t be traced, please check for any broken link or missing characters like
‘-’or‘_’etc.] - Hackers hijack thousands of Chromecasts to warn of the latest security bug. [Link]
- Limiting Location Data Exposure. [Link]
- Dark Basin: Uncovering a Massive Hack-For-Hire Operation. [Link]
- Identifying Unintended Harms of Cybersecurity Countermeasures. [Link]
- TikTok and 32 other iOS apps still snoop your sensitive clipboard data. [Link]
- Google removes 25 Android apps caught stealing Facebook credentials. [Link]
- New Mac Ransomware Is Even More Sinister Than It Appears. [Link]
- Your Privilege Gives Your Privacy Away: An Analysis…….. [Link]
- A simple telephony honeypot received 1.5 million robocalls across 11 months. [Link]
- Hackers Convinced Twitter Employee to Help Them Hijack Accounts. [Link]
- ‘Ghostwriter’ Influence Campaign: Unknown Actors Leverage….. [Link]
- Smart locks opened with nothing more than a MAC address. [Link]
- U.S. Government Contractor Embedded Software in Apps to Track…. [Link]
- The Simulation of Scandal: Hack-and-Leak Operations, the Gulf States….. [Link]
- Bluetooth flaw allows impersonation of trusted devices….. [Link]
- Critical ‘Sign in with Apple’ Bug Could Have Let Attackers Hijack…… [Link]
- ‘I love you’: How a badly-coded computer virus caused billions in damage…..[Link]
- Top Cybersecurity Threats in 2020.. [Link]
- Incident Of The Week: Passwords And Biometrics Info For…. [Link]
- Samsung and Roku Smart TVs Vulnerable to Hacking, Consumer Reports..[Link]
- Smart Home: Threats and Countermeasures [Link]
- Serious flaws leave WPA3 vulnerable to hacks that steal Wi-Fi…. [Link]
- Securing Smart Homes And Buildings: Threats and Risks to Complex[Link]
24.What Are The Biggest Cybersecurity Threats In 2019? [Link] - The Challenges of Security for IoT and Home Automation…[Link]
- Risk associated with cookies. [Link]
- Wireless Network and Wi-Fi Security Issues to Look Out For. [Link]
- DDoS attacks in Q2 2019. [Link]/
- Your Smart Home is Vulnerable to Cyber Attacks. [Link]
Choose one of the news items above, read the text, and look up and read the articles and information
referenced in the news item. Then, write a report following the guideline given below.
Monash College MCD4700 Assignment 2
5
2.1 Summary (10 Marks)
Write a short summary of the news item in your own words (between 50 and 200 words).
2.2 Identify (2.5 Marks)
Identify which software, hardware or system is affected (max 50 words). The identification should be as precise
as possible. Include exact product names, distribution of the product, version numbers, etc.
2.1 Describe the Problem (2.5 Marks)
Describe how the problem was discovered and how it was initially published. Try to find this information in the
referenced articles. The problem might have been found by researchers at a university, by a professional security
company, by some hacker, published in a scientific conference/journal, in a newspaper on a blog, etc. Was it the
result of targeted research, found by chance, were any tools used, etc? (write 50-100 words)
2.1 Estimate the Seriousness (15 Marks)
Estimate how serious the issue/weakness/attack is, describe what is necessary to exploit the weakness, evaluate
what the consequences might be if it is exploited, and what reactions you think are necessary/useful on (i) a
technical level, (ii) in terms of human behaviour, and (iii) on a policy level (between 150 and 300 words).
Report Structure
For task 1 and task 2, you should stick to the word count. A maximum of 10% above the maximum word count
is acceptable. You should first think about the main statements you want to make and then write a concise text.
Additional text will be ignored in the marking. The report must be your individual work (no group work is
permitted). You should structure the report in accordance with the items in the task description. It should be well
structured, readable, and use of correct language and grammar is required. All information from external sources
must be properly referenced (see resources on Moodle about referencing). References do not contribute to the
word count.
A report, well-written and presented professionally, must include:
● Title page
● Table of Contents
● Appropriate use of figures and tables
● References and in text citations
● Overall structure, presentation and formatting
● Grammar punctuation and spelling
(10 Marks)
Monash College MCD4700 Assignment 2
6
File to be submitted
One file only named”YourLastName-FirstName-StudentID”.docx or doc: Your report should include: - Title Page (including: Title, Your Name, Your Student ID, Lecturer Name, Tutor Name, Tutorial
Day/Time). - Table of contents (auto generated).
- Add Part 1 and Part 2 (with appropriate heading and subheading for each part).