CSCI 5235 Network Security

Lab 1

Total: 100 points

1.1.   (5 pts) Visit the class discussion group (link available in the syllabus page). Post a message with your full name as the subject line. In your post, briefly introduce yourself (including your full name) and one item you most desire to learn in this class. Throughout this class, you shall regularly participate at the discussion group to find recent announcements, reminders, and discussions. 

1.2.   Cyber attacks: Explain what each of the following attacks is. Cite your source(s). 

Note: Not all information published on the web are correct; discern the validity of the information you use.

1)     (5 pts) Traffic Analysis

2)     (5 pts) Smurf attack

3)     (5 pts) Replay attacks

4)     (5 pts) Explain the relationship between replay attacks and Denial of Service attacks.

5)     (5 pts) Man-in-the-Middle Attacks

6)     (5 pts) Explain the relationship between DNS poisoning attacks and man-in-the-middle attacks.

 

1.3.   Consider an automated teller machine (ATM) in which users provide a card and a personal identification number (PIN) for account access. If the card and the PIN entered are correct, the customer will gain access to the bank account; otherwise the access is denied. Explain what confidentiality, integrity, origin integrity, availability, and non-repudiability would mean in such a context (i.e., ATM user authentication) and whether it is enforced with the given method (i.e., bank card plus PIN). NOTE: Do not simply give the generic definition of a security service; your definitions should be tailored to the given context.

7)     (5 pts) confidentiality

8)     (5 pts) integrity

9)     (5 pts) origin integrity

10)  (5 pts) availability

11)  (5 pts) non-repudiability

 

1.4.   Suppose John is using his laptop to send a piece of data (d) to Mary. Below are some assumptions.

Assumptions:

(a)    The IP of John’s laptop is 281.832.005.123, and its MAC address is A4-41-5D-BB-08-C9.

(b)   Mary’s computer’s IP address is 777.555.123.100, and its MAC is B9-5C-D8-66-95-4F.

(c)    The IP of the default gateway/router of John’s laptop is 222.333.444.101, and its MAC is 11-22-33-44-55-AB-C0.

Answer the following questions:

12)  (5 pts) How would the Layer-3 header (i.e., IP header) be structured? Hint: Show the source address and the destination address.

13)  (5 pts) How would the Layer-2 header be structured? Hint: Show the source address and the destination address.

14)  (5 pts) Explain how John’s default router would process the packet sent from John’s computer.

 

1.5.   The following questions are based on the hypothetical X.509 hierarchy as shown in Figure 4.6 of the Stallings book.

William Stallings, Network Security Essentials: Applications and Standards, 6th edition, Pearson, 2017.

 

15)  (5 pts) What are the forward certificates and the reverse certificates of entity W (a CA).

16)  (5 pts) In the given example, entity A can acquire the following certificates from the directory to establish a certification path to B:

  X<<W>> W<<V>> V<<Y>> Y<<Z>> Z<<B>>

Explain how A would verify this certification path in order to obtain the public key of B. Hint: A’s certificate is issued by CA X; therefore it is implied that A has X’s certificate pre-installed in its local directory.

17)  (5 pts) Suppose B wants to have C’s public key (for sending a confidential message to C or to verify a signature signed by C). Show how the certification path to C would be structured.

18)  (5 pts) Suppose a new entity, say D, has acquired a certificate from CA Y, that is, Y<<D>>. Would B be able to verify D’s certificate? Justify your answer. Hint: How would the certification path to D be structured?

19)  (5 pts, continued from above) Would A be able to verify D’s certificate? Justify your answer. Hint: How would the certification path to D be structured?

 

 

Lab 2

Total: 100 points

2.1     (10 pts) What is EAPOL? Explain its relationship to IEEE 802.1X.

2.2     (10 pts) What is Radius protocol? Explain its relationship to IEEE 802.1X.

2.3     (10 pts) In the IPsec, there exist two modes, that is, the transport mode and the tunnel mode. Explain when you would use the transport mode and when you would use the tunnel mode.

2.4     (10 pts) How are digital certificates used in TLS? What security services are provided by digital certificates in TLS?

2.5     (10 pts) How are session keys generated in TLS? How are session keys used in TLS?

2.6     (10 pts) Briefly explain base64 encoding. Why is base64 conversion useful for an e-mail application?

2.7     (10 pts) How are digital certificates used in S/MIME? What security services are provided by digital certificates in S/MIME?

2.8     (30 pts) Suppose you work as a network security specialist for a company, and your supervisor asks you whether TLS or IPsec should be used to secure the company’s network system. Perform a trade-off analysis of TLS and IPsec, and explain what your answer would be in response to your supervisor’s inquiry.

Research project

 

Research topic: What is Zero Trust? Is it a hype or a new paradigm?

To help you get started, view the following videos:

-        Zero Trust: https://youtu.be/VukTt8Y22yg

-        The Fallacy of the "Zero-Trust Network":  https://www.youtube.com/watch?v=tFrbt9s4Fns&t=735s

Note 1: This is an individual project.

Note 2: Make sure you properly cite the work of other researchers or professionals. Visit http://sce.uhcl.edu/yang/citing.htm for more information about cited references. Warning: Missing or improper cited references in your draft paper and/or the final report will result in poor score for your research project. Do either quotations or re-paraphrasing properly in your paper. Copying multiple sentences or paragraphs from publications or online pages is NOT a proper way of citing others’ work.

 

The goal of this project is for you to visit refereed publications (as well as some relevant web sites) to perform a detailed investigation of the research topic. The University Library has online databases that could be used as a starting point of your literature search.

 

Items to be submitted:

 

1. The draft paper (including at least an abstract & initial literature survey)

The draft paper should be 1-2 pages long (single-spaced), and contains the following sections:

(1)    Research topic

(2)    Your name and an email address that you check regularly (that is, at least once a day)

(3)    Class name (i.e., CSCI5235 Network Security)

(4)    The abstract of your paper, including a general description of the topic and what you plan to accomplish in the final paper

(5)    Survey of related work: Discuss at least three articles related to your chosen topic.

(6)    A tentative outline (agenda) of your final report. That is, the sections/subsections that you plan to include in the final paper.

 

To submit the draft paper, create a thread in the Blackboard discussion board (with the subject line “Draft paper: <your full name>”) and post your draft paper in that thread. Check the syllabus for the due date.

 

2. Online reviews of others’ draft papers

Review at least five draft papers posted by your classmates. NOTE: This task should be completed within two weeks after the draft paper’s due date.

 

3. The final paper

1.      The final paper should be 5-10 pages long (single-spaced), and include your findings about the chosen topic.

2.      The following is a suggested outline of your final report:

                                          i.     Title

                                         ii.     Your name (and email address)

                                       iii.     An abstract (50-100 words)

                                       iv.     Introduction to the topic

                                         v.     Significance of the chosen topic with respect to this course

                                       vi.     Survey of related work

                                      vii.     Implemented demonstrations, if applicable

                                    viii.     Your findings

                                       ix.     Future work: research ideas and projects related to the topic

                                         x.     Conclusion

                                       xi.     Appendix (if any)

To submit the final paper, create a thread in the Blackboard discussion board (with the subject line “Final paper: <your full name>”) and post your paper in that thread. Check the syllabus for the due date.