微信客服:xiaoxionga100
微信客服:ITCS521
网络安全代写-7CCSMNSE
时间:2022-03-31
6CCS3NSE/7CCSMNSE Network Security Coursework
Specifications
2021-22 Academic Year
Jacopo Cortellazzi
Description:
The goal of this coursework is to apply the knowledge and the understanding from the
classroom in a real network scenario. The overall task is to create a network, run and
observe normal traffic, then launch network attacks, and observe the impact on network
performance. Finally use network defense mechanisms to protect the network and
observe the effectiveness.
It contains several levels of tasks, and a total mark of 20.
This coursework can be done in a group or individually. The group size depends on the
experimental needs and is capped at a maximum of 4. If working in a group, all group
members are awarded the same mark that is awarded to the submitted coursework.
Once you have formed a group offline, everyone must use the link below to register
your group. If you are doing the coursework individually then you should register a
group too but your group will have just 1 member
(https://keats.kcl.ac.uk/mod/choicegroup/view.php?id=5492837)
The deadline is 25/04/2022 23:59pm. Late submissions will be marked 0.
Weight of the overall assessment : 15%
Learning outcomes:
• Demonstrate knowledge of security properties for networks and the principal
approaches to guaranteeing those properties
• Demonstrate an understanding of network attacks
• Demonstrate an understanding of network defence
Submission:
Each submission (individually or in a group) should contain a report of maximally 1000
words. If working in a group, 1 submission only is required per group.
Level 1: Build a network and test its connectivity (4 marks)
At this level you are supposed to build a network using the module VMs or mininet. Feel
free to use http://mininet.org/.
• Draw a diagram to show the topology of your network. Each computer on the
diagram should have its IP address labelled.
• Test connectivity of the network by using the ping command.
o If you have a group of four people with four VM, full connectivity between
any two machines should be tested. You should also test the connectivity
to the Internet on VM.
o If you use mininet, also show the connectivity between each host in your
network. Hosts in mininet can also be connected to the Internet but it
requires extra configuration so is not compulsory at this level.
Level 2: Generate and analyse traffic on your network (4 marks)
At this level you are supposed to generate some network traffic on your network, observe
the traffic in network sniffer(s) and measure network performance. This step is important
as it builds the benchmark for you to compare with later levels.
Generate traffic :
• It is your choice of what kind of traffic you want to generate via standard Internet
applications or a tool you research and find to generate Internet traffic
• You may use Internet applications to generate traffic.
• You may set up services (SSH,FTP,SMB, etc...)
• You may use the tool iperf to generate UCP and/or TCP traffic on your network. This
makes the volume of the traffic easily controllable. Iperf can be used on VM and mininet.
Traffic analysis:
• Use tcpdump or wireshark to monitor the traffic.
• Analyse the traffic at protocol level, packet level and flow level using wireshark
Network performance analysis:
• Analyse the performance of the TCP/UDP traffic such as throughput, delay and packet
loss. You can get the performance data from iperf output or wireshark statistics. Use
statistical and graphical tools to highlight traffic characteristics.
Level 3: Network attack(s) (5 marks)
At this level the focus is on attacking the network and impact its performances.
Suggested steps :
• Generate normal traffic
• Generate an attack or multiple attacks such as ICMP flooding, TCP SYN flooding, IP
spoofing or any other, when the normal traffic is ongoing
o Remember you can use multiple machines/VMs or multiple hosts in mininet
o You can use hping3 or any other tool
o Feel free to be creative while generating the attack
• Analyse how network attacks impact the network, via traffic analysis and network
performance analysis by comparing the results with that at level 2. Use graphical tools to
highlight traffic characteristics and the impact of the chosen attack. E.g. in case of DoS
attack analyse the degradation of the network connection, in case of hijacking how the
session was stolen.
Level 4: Network defence (5 marks)
At this level the focus is to defend the victim from the attacks.
Suggested steps:
• Set a firewall or IDS on your network and configure its rules. You can use iptables on the
VMs or in mininet. You can also choose to use other tools. Multiple rules can be used for
the defence.
• Generate the normal traffic as you have done at level 2.
• Generate the attacks as you have done at level 3.
• Show how the firewall works to mitigate the attacks.
• Compare and analyse the performance of level 2, 3, and 4 to demonstrate the
effectiveness of the Firewall.
Level 5: Critical evaluation and reflection (2 marks)
Critically evaluate what you have learnt from this coursework technically and socially. If you are
in a group, each of you must tell your role in the experiment (attacker/victim) and what you have
contributed to the design, development and running of the experiment.
Marking
Rubrics Marks
Level 1
Excellent description or demonstration of a
network built in VM or
mininet with at least 3 nodes. Network topology
clearly drawn in report or
shown in video with IP addresses of nodes
marked correctly. Connectivity
fully tested and shown in report or video.
3-4
A network built in VM or mininet with only 2
nodes. Network topology
clearly drawn in report or shown in video with IP
addresses of nodes
marked correctly. Connectivity fully tested and
shown. There could be
minor slips in description or demonstration.
2-2.5
A network built in VM or mininet with at least 2
nodes. Network topology
drawn in report or shown in video with IP
addresses of nodes marked.
Connectivity tested and shown. Errors are found
in the drawing/testing.
1.5
Some attempt of building the network 0.5-1
No network built 0
Level 2
Excellent description or demonstration of
sensible traffic generated on
the network built at level 1, using iperf or other
tools of choice. Excellent
traffic analysis and network performance
analysis.
3-4
Good description or demonstration of sensible
traffic generated on the
network built at level 1, using iperf or other tools
of choice. Good traffic
analysis traffic analysis and network performance
analysis.
2-2.5
Some traffic generated on the network built at
level 1, using iperf or other
tools of choice. Some traffic analysis and
network performance analysis
but may contain some errors.
1.5
Some attempt of generating the traffic and
analysis
0.5-1
No attempt on generating traffic 0
Level 3
Excellent description or demonstration of multiple
network attacks
3.5-5
executed in the network. Excellent analysis on
how network attacks
impact the network via traffic analysis and
network performance analysis
compared with level 2.
Good description or demonstration of one or
multiple network attacks
executed in the network. Good analysis on how
network attacks impact
the network via traffic analysis and network
performance analysis
compared with level 2.
2.5-3
Some attack(s) generated on the network but
may not be completed.
Some analysis on how network attacks impact
the network via traffic
analysis and network performance analysis but
not well explained.
1.5-2
Some attempt of generating the attack 0.5-1
No attempt on generating the attack 0
Level 4
Effective firewall rule setup to block the attack.
Excellent description or
demonstration on how the firewall defends the
network. Excellent traffic
analysis and performance evaluation through
comparison of level 2, 3 and
4.
3.5-5
Good firewall rule setup to block the attack. Good
description or
demonstration on how the firewall defends the
network. Good traffic
analysis and performance evaluation through
comparison of level 2, 3 and
4.
2.5-3
Some firewall setup to block the attack but may
not be effective. Some
description or demonstration on how the firewall
defends the network.
There may be errors in traffic analysis and
performance evaluation
through comparison of level 2, 3 and 4.
1.5-2
Some attempt of defending the network 0.5-1
No attempt of defending the network 0
Level 5
Critical evaluation and reflection 1.5-2
Some evaluation and reflection but may not
critical
0.5-1
No attempt on generating the attack 0
Specifications
2021-22 Academic Year
Jacopo Cortellazzi
Description:
The goal of this coursework is to apply the knowledge and the understanding from the
classroom in a real network scenario. The overall task is to create a network, run and
observe normal traffic, then launch network attacks, and observe the impact on network
performance. Finally use network defense mechanisms to protect the network and
observe the effectiveness.
It contains several levels of tasks, and a total mark of 20.
This coursework can be done in a group or individually. The group size depends on the
experimental needs and is capped at a maximum of 4. If working in a group, all group
members are awarded the same mark that is awarded to the submitted coursework.
Once you have formed a group offline, everyone must use the link below to register
your group. If you are doing the coursework individually then you should register a
group too but your group will have just 1 member
(https://keats.kcl.ac.uk/mod/choicegroup/view.php?id=5492837)
The deadline is 25/04/2022 23:59pm. Late submissions will be marked 0.
Weight of the overall assessment : 15%
Learning outcomes:
• Demonstrate knowledge of security properties for networks and the principal
approaches to guaranteeing those properties
• Demonstrate an understanding of network attacks
• Demonstrate an understanding of network defence
Submission:
Each submission (individually or in a group) should contain a report of maximally 1000
words. If working in a group, 1 submission only is required per group.
Level 1: Build a network and test its connectivity (4 marks)
At this level you are supposed to build a network using the module VMs or mininet. Feel
free to use http://mininet.org/.
• Draw a diagram to show the topology of your network. Each computer on the
diagram should have its IP address labelled.
• Test connectivity of the network by using the ping command.
o If you have a group of four people with four VM, full connectivity between
any two machines should be tested. You should also test the connectivity
to the Internet on VM.
o If you use mininet, also show the connectivity between each host in your
network. Hosts in mininet can also be connected to the Internet but it
requires extra configuration so is not compulsory at this level.
Level 2: Generate and analyse traffic on your network (4 marks)
At this level you are supposed to generate some network traffic on your network, observe
the traffic in network sniffer(s) and measure network performance. This step is important
as it builds the benchmark for you to compare with later levels.
Generate traffic :
• It is your choice of what kind of traffic you want to generate via standard Internet
applications or a tool you research and find to generate Internet traffic
• You may use Internet applications to generate traffic.
• You may set up services (SSH,FTP,SMB, etc...)
• You may use the tool iperf to generate UCP and/or TCP traffic on your network. This
makes the volume of the traffic easily controllable. Iperf can be used on VM and mininet.
Traffic analysis:
• Use tcpdump or wireshark to monitor the traffic.
• Analyse the traffic at protocol level, packet level and flow level using wireshark
Network performance analysis:
• Analyse the performance of the TCP/UDP traffic such as throughput, delay and packet
loss. You can get the performance data from iperf output or wireshark statistics. Use
statistical and graphical tools to highlight traffic characteristics.
Level 3: Network attack(s) (5 marks)
At this level the focus is on attacking the network and impact its performances.
Suggested steps :
• Generate normal traffic
• Generate an attack or multiple attacks such as ICMP flooding, TCP SYN flooding, IP
spoofing or any other, when the normal traffic is ongoing
o Remember you can use multiple machines/VMs or multiple hosts in mininet
o You can use hping3 or any other tool
o Feel free to be creative while generating the attack
• Analyse how network attacks impact the network, via traffic analysis and network
performance analysis by comparing the results with that at level 2. Use graphical tools to
highlight traffic characteristics and the impact of the chosen attack. E.g. in case of DoS
attack analyse the degradation of the network connection, in case of hijacking how the
session was stolen.
Level 4: Network defence (5 marks)
At this level the focus is to defend the victim from the attacks.
Suggested steps:
• Set a firewall or IDS on your network and configure its rules. You can use iptables on the
VMs or in mininet. You can also choose to use other tools. Multiple rules can be used for
the defence.
• Generate the normal traffic as you have done at level 2.
• Generate the attacks as you have done at level 3.
• Show how the firewall works to mitigate the attacks.
• Compare and analyse the performance of level 2, 3, and 4 to demonstrate the
effectiveness of the Firewall.
Level 5: Critical evaluation and reflection (2 marks)
Critically evaluate what you have learnt from this coursework technically and socially. If you are
in a group, each of you must tell your role in the experiment (attacker/victim) and what you have
contributed to the design, development and running of the experiment.
Marking
Rubrics Marks
Level 1
Excellent description or demonstration of a
network built in VM or
mininet with at least 3 nodes. Network topology
clearly drawn in report or
shown in video with IP addresses of nodes
marked correctly. Connectivity
fully tested and shown in report or video.
3-4
A network built in VM or mininet with only 2
nodes. Network topology
clearly drawn in report or shown in video with IP
addresses of nodes
marked correctly. Connectivity fully tested and
shown. There could be
minor slips in description or demonstration.
2-2.5
A network built in VM or mininet with at least 2
nodes. Network topology
drawn in report or shown in video with IP
addresses of nodes marked.
Connectivity tested and shown. Errors are found
in the drawing/testing.
1.5
Some attempt of building the network 0.5-1
No network built 0
Level 2
Excellent description or demonstration of
sensible traffic generated on
the network built at level 1, using iperf or other
tools of choice. Excellent
traffic analysis and network performance
analysis.
3-4
Good description or demonstration of sensible
traffic generated on the
network built at level 1, using iperf or other tools
of choice. Good traffic
analysis traffic analysis and network performance
analysis.
2-2.5
Some traffic generated on the network built at
level 1, using iperf or other
tools of choice. Some traffic analysis and
network performance analysis
but may contain some errors.
1.5
Some attempt of generating the traffic and
analysis
0.5-1
No attempt on generating traffic 0
Level 3
Excellent description or demonstration of multiple
network attacks
3.5-5
executed in the network. Excellent analysis on
how network attacks
impact the network via traffic analysis and
network performance analysis
compared with level 2.
Good description or demonstration of one or
multiple network attacks
executed in the network. Good analysis on how
network attacks impact
the network via traffic analysis and network
performance analysis
compared with level 2.
2.5-3
Some attack(s) generated on the network but
may not be completed.
Some analysis on how network attacks impact
the network via traffic
analysis and network performance analysis but
not well explained.
1.5-2
Some attempt of generating the attack 0.5-1
No attempt on generating the attack 0
Level 4
Effective firewall rule setup to block the attack.
Excellent description or
demonstration on how the firewall defends the
network. Excellent traffic
analysis and performance evaluation through
comparison of level 2, 3 and
4.
3.5-5
Good firewall rule setup to block the attack. Good
description or
demonstration on how the firewall defends the
network. Good traffic
analysis and performance evaluation through
comparison of level 2, 3 and
4.
2.5-3
Some firewall setup to block the attack but may
not be effective. Some
description or demonstration on how the firewall
defends the network.
There may be errors in traffic analysis and
performance evaluation
through comparison of level 2, 3 and 4.
1.5-2
Some attempt of defending the network 0.5-1
No attempt of defending the network 0
Level 5
Critical evaluation and reflection 1.5-2
Some evaluation and reflection but may not
critical
0.5-1
No attempt on generating the attack 0
