微信客服:xiaoxionga100
微信客服:ITCS521
程序代写案例-CMT118
时间:2021-02-06
Cardiff School of Computer Science and Informatics
Coursework Assessment Pro-forma
Module Code: CMT118
Module Title: Malware Analysis and Vulnerability Assessment
Lecturer: George Theodorakopoulos
Assessment Title: Malware Analysis and Vulnerability Assessment
Assessment Number: 1
Date Set: 9 December 2020
Submission Date and Time: 12 February 2021 at 9:30am
Return Date: 28 February 2021
This assignment is worth 100% of the total marks available for this module. If coursework is
submitted late (and where there are no extenuating circumstances):
1 If the assessment is submitted no later than 24 hours after the deadline,
the mark for the assessment will be capped at the minimum pass mark;
2 If the assessment is submitted more than 24 hours after the deadline, a
mark of 0 will be given for the assessment.
Your submission must include the official Coursework Submission Cover sheet, which can be
found here:
https://docs.cs.cf.ac.uk/downloads/coursework/Coversheet.pdf
Submission Instructions
There are two Tasks in this coursework: Task 1 (T1) is on Malware Analysis and Task 2 (T2) is
on Vulnerability Assessment. In addition to the official Coursework Submission Cover sheet
(see above), you should submit two reports (PDF or Word file).
Description Type Name
Cover sheet Compulsory One PDF (.pdf) file [student number].pdf
T1 report Compulsory One PDF (.pdf) or Word file (.doc or
.docx)
T1_[student number].pdf/doc/docx
T2 report Compulsory One PDF (.pdf) or Word file (.doc or
.docx)
T2_[student number].pdf/doc/docx
Any deviation from the submission instructions above (including the number and types of
files submitted) will result in a 10% reduction in marks for the corresponding Task.
Staff reserve the right to invite students to a meeting to discuss coursework submissions
Assignment
There are two Tasks in this coursework: T1 is to analyse malware and it is worth 30 marks. T2
is to test a vulnerable Virtual Machine image and it is worth 70 marks.
For T1, you will be given access to two pieces of malware. You will analyse both and write a
report with your conclusions. You should submit your report as a PDF or Word file. The report
should be at most 1000 words. Anything beyond the first 1000 words will not be marked.
For T2, you will be given two VM images: one is a Kali Linux VM from which you will conduct
your attacks against the other VM (Ubuntu Linux), which contains at least 7 vulnerabilities.
Your task is to follow a systematic process to find and exploit the vulnerabilities in the Ubuntu
VM, propose fixes for the vulnerabilities that you find, and finally write a report with your
findings and your recommendations. You should submit your report as a PDF or Word file. In
total, the report should be at most 3000 words. Anything beyond the first 3000 words will
not be marked.
Learning Outcomes Assessed
1. Perform static and dynamic malware analysis to explain the malware’s anatomy, its
effects on a system and its spreading behaviour.
2. Identify, evaluate, and recommend, with justification, a selection of configurations
and countermeasures to reduce the likelihood and impact of potential security
attacks.
3. Perform application penetration testing to identify system and network security
vulnerabilities and exploit them.
4. Explain how to detect and react to network intrusions.
5. Explain how web browsers are used to exploit vulnerabilities and inject malicious
code into web services (e.g. cross-site scripting).
Criteria for assessment
Fail
(0-49%)
Pass
(50-59%)
Merit
(60-69%)
Distinction
(70-100%)
Approach Random steps
taken to conduct
analysis and
attacks. Many
inappropriate
tools chosen.
Clear understanding of
relevant tools and
methods, but with some
unsystematic or
unjustified deviations
from proper
methodology.
Systematic
methodology
chosen. Adopts
appropriate
methods and
tools
Exceptional
scholarship shown
in choice and
application of
methodology.
Justification of
choices and good
evidence of
understanding
alternatives.
Results Very few or no
relevant
malware
behaviour
discovered.
Superficial
demonstration
of only basic
skills in malware
analysis and
pentesting.
Adequate discovery of
behaviour and
vulnerabilities, but some
relevant ones are
missing.
Some competency in
analysis/pentesting
shown, but with clear
limitations.
Recommendations are
present but limited in
quantity or quality.
Most relevant
malware
behaviour and
VM vulnerabilities
found. Skilful tool
usage. Effective
recommendations
for fixing
vulnerabilities.
Extensive discovery
of relevant
malware behaviour
and VM
vulnerabilities.
Wide range of skills
shown and
executed with
precision. State-of-
the-art
recommendations
for fixes.
Argument Many factual or
technical errors.
Findings are not
linked to
evidence.
Arguments contain
some errors or invalid
statements/facts are
presented. Some
evidence is provided,
but linkage to findings is
not strong or it could be
easily questioned.
Significant ability
illustrated for
logical and
technically valid
arguments.
Findings are
clearly linked to
evidence.
Scientifically and
technically correct
statements, with
no nuances missed.
Evidence provided
is both adequate to
support the
conclusions and it
has no reasonable
alternative
interpretations.
Presentation Significant lack
of clarity and/or
coherence.
Unstructured
report. Minimal
awareness of
technical
terminology.
Communication is
adequate to get the
point across but
requires some effort to
understand. Good
attempt to provide
structure to the report,
but with limitations (e.g.
information that should
be in one section
appearing in another).
Some but not many
misunderstandings of
terminology.
Clear and concise
language. Well-
structured into
sections. Uses
standard
technical
terminology.
Clear, precise, to-
the-point
description with no
ambiguities nor
irrelevant
information
included. Logical
structure, easy to
follow with
appropriate use of
screenshots.
Displays excellent
command of
technical
terminology.
Feedback and suggestion for future learning
Feedback on your coursework will address the above criteria. Feedback and marks will be
returned on or before 28 February 2021 via Learning Central.
Detailed Instructions
Task 1: Malware Analysis – 30 marks
As explained above, you will be given access to two pieces of malware. You must perform
static and dynamic analysis on both to collect evidence and complete the following sub-
tasks by referring to the evidence you collected:
1. List the malware’s significant imports and strings, and its host-based and network-
based indicators. (10 marks)
2. Describe how the malware works. (10 marks)
3. Describe the purpose the malware tries to achieve. (10 marks)
Your report must clearly separate your responses to each of these sub-tasks.
Task 2: Vulnerability Assessment – 70 marks
The VM images that you will be provided with are linked together in a network topology.
You will log into the Kali Linux VM and you will conduct all your attacks from that VM. You
should not modify the network topology. You should clearly follow a systematic pentesting
methodology, you should clearly identify and describe each vulnerability you find and how
you exploit it, and you should clearly propose how to fix it.
学霸联盟
Coursework Assessment Pro-forma
Module Code: CMT118
Module Title: Malware Analysis and Vulnerability Assessment
Lecturer: George Theodorakopoulos
Assessment Title: Malware Analysis and Vulnerability Assessment
Assessment Number: 1
Date Set: 9 December 2020
Submission Date and Time: 12 February 2021 at 9:30am
Return Date: 28 February 2021
This assignment is worth 100% of the total marks available for this module. If coursework is
submitted late (and where there are no extenuating circumstances):
1 If the assessment is submitted no later than 24 hours after the deadline,
the mark for the assessment will be capped at the minimum pass mark;
2 If the assessment is submitted more than 24 hours after the deadline, a
mark of 0 will be given for the assessment.
Your submission must include the official Coursework Submission Cover sheet, which can be
found here:
https://docs.cs.cf.ac.uk/downloads/coursework/Coversheet.pdf
Submission Instructions
There are two Tasks in this coursework: Task 1 (T1) is on Malware Analysis and Task 2 (T2) is
on Vulnerability Assessment. In addition to the official Coursework Submission Cover sheet
(see above), you should submit two reports (PDF or Word file).
Description Type Name
Cover sheet Compulsory One PDF (.pdf) file [student number].pdf
T1 report Compulsory One PDF (.pdf) or Word file (.doc or
.docx)
T1_[student number].pdf/doc/docx
T2 report Compulsory One PDF (.pdf) or Word file (.doc or
.docx)
T2_[student number].pdf/doc/docx
Any deviation from the submission instructions above (including the number and types of
files submitted) will result in a 10% reduction in marks for the corresponding Task.
Staff reserve the right to invite students to a meeting to discuss coursework submissions
Assignment
There are two Tasks in this coursework: T1 is to analyse malware and it is worth 30 marks. T2
is to test a vulnerable Virtual Machine image and it is worth 70 marks.
For T1, you will be given access to two pieces of malware. You will analyse both and write a
report with your conclusions. You should submit your report as a PDF or Word file. The report
should be at most 1000 words. Anything beyond the first 1000 words will not be marked.
For T2, you will be given two VM images: one is a Kali Linux VM from which you will conduct
your attacks against the other VM (Ubuntu Linux), which contains at least 7 vulnerabilities.
Your task is to follow a systematic process to find and exploit the vulnerabilities in the Ubuntu
VM, propose fixes for the vulnerabilities that you find, and finally write a report with your
findings and your recommendations. You should submit your report as a PDF or Word file. In
total, the report should be at most 3000 words. Anything beyond the first 3000 words will
not be marked.
Learning Outcomes Assessed
1. Perform static and dynamic malware analysis to explain the malware’s anatomy, its
effects on a system and its spreading behaviour.
2. Identify, evaluate, and recommend, with justification, a selection of configurations
and countermeasures to reduce the likelihood and impact of potential security
attacks.
3. Perform application penetration testing to identify system and network security
vulnerabilities and exploit them.
4. Explain how to detect and react to network intrusions.
5. Explain how web browsers are used to exploit vulnerabilities and inject malicious
code into web services (e.g. cross-site scripting).
Criteria for assessment
Fail
(0-49%)
Pass
(50-59%)
Merit
(60-69%)
Distinction
(70-100%)
Approach Random steps
taken to conduct
analysis and
attacks. Many
inappropriate
tools chosen.
Clear understanding of
relevant tools and
methods, but with some
unsystematic or
unjustified deviations
from proper
methodology.
Systematic
methodology
chosen. Adopts
appropriate
methods and
tools
Exceptional
scholarship shown
in choice and
application of
methodology.
Justification of
choices and good
evidence of
understanding
alternatives.
Results Very few or no
relevant
malware
behaviour
discovered.
Superficial
demonstration
of only basic
skills in malware
analysis and
pentesting.
Adequate discovery of
behaviour and
vulnerabilities, but some
relevant ones are
missing.
Some competency in
analysis/pentesting
shown, but with clear
limitations.
Recommendations are
present but limited in
quantity or quality.
Most relevant
malware
behaviour and
VM vulnerabilities
found. Skilful tool
usage. Effective
recommendations
for fixing
vulnerabilities.
Extensive discovery
of relevant
malware behaviour
and VM
vulnerabilities.
Wide range of skills
shown and
executed with
precision. State-of-
the-art
recommendations
for fixes.
Argument Many factual or
technical errors.
Findings are not
linked to
evidence.
Arguments contain
some errors or invalid
statements/facts are
presented. Some
evidence is provided,
but linkage to findings is
not strong or it could be
easily questioned.
Significant ability
illustrated for
logical and
technically valid
arguments.
Findings are
clearly linked to
evidence.
Scientifically and
technically correct
statements, with
no nuances missed.
Evidence provided
is both adequate to
support the
conclusions and it
has no reasonable
alternative
interpretations.
Presentation Significant lack
of clarity and/or
coherence.
Unstructured
report. Minimal
awareness of
technical
terminology.
Communication is
adequate to get the
point across but
requires some effort to
understand. Good
attempt to provide
structure to the report,
but with limitations (e.g.
information that should
be in one section
appearing in another).
Some but not many
misunderstandings of
terminology.
Clear and concise
language. Well-
structured into
sections. Uses
standard
technical
terminology.
Clear, precise, to-
the-point
description with no
ambiguities nor
irrelevant
information
included. Logical
structure, easy to
follow with
appropriate use of
screenshots.
Displays excellent
command of
technical
terminology.
Feedback and suggestion for future learning
Feedback on your coursework will address the above criteria. Feedback and marks will be
returned on or before 28 February 2021 via Learning Central.
Detailed Instructions
Task 1: Malware Analysis – 30 marks
As explained above, you will be given access to two pieces of malware. You must perform
static and dynamic analysis on both to collect evidence and complete the following sub-
tasks by referring to the evidence you collected:
1. List the malware’s significant imports and strings, and its host-based and network-
based indicators. (10 marks)
2. Describe how the malware works. (10 marks)
3. Describe the purpose the malware tries to achieve. (10 marks)
Your report must clearly separate your responses to each of these sub-tasks.
Task 2: Vulnerability Assessment – 70 marks
The VM images that you will be provided with are linked together in a network topology.
You will log into the Kali Linux VM and you will conduct all your attacks from that VM. You
should not modify the network topology. You should clearly follow a systematic pentesting
methodology, you should clearly identify and describe each vulnerability you find and how
you exploit it, and you should clearly propose how to fix it.
学霸联盟
