博客

Cardiff School of Computer Science and Informatics

计算机论文作业代写 If you defer an Autumn or Spring semester assessment, you may fail a module and have to resit the failed or deferred components.

Coursework Assessment Pro-forma

Module Code: CMT121

Module Title: Penetration Testing and Malware Analysis

Lecturer: Dr George Theodorakopoulos

Assessment Title: Penetration Testing and Malware Analysis Coursework Resit

Assessment Number: 1

Date Set: 17 July 2023

Submission Date and Time:

Feedback return date: Later than 6 September 2023 (date of the Exam Board)  计算机论文作业代写

If you have been granted an extension for Extenuating Circumstances, then the submission deadline and return date will be later than that stated above. You will be advised of your revised submission deadline when/if your extension is approved.

If you defer an Autumn or Spring semester assessment, you may fail a module and have to resit the failed or deferred components.  计算机论文作业代写

If you have been granted a deferral for Extenuating Circumstances, then you will be assessed in the next scheduled assessment period in which assessment for this module is carried out.

If you have deferred an Autumn or Spring assessment and are eligible to undertake summer resits, you will complete the deferred assessment in the summer resit period.

If you are required to repeat the year or have deferred an assessment in the resit period, you will complete the assessment in the next academic year.  计算机论文作业代写

As a general rule, students can only resit 60 failed credits in the summer assessment period (see section 3.4 of the academic regulations). Those with more than 60 failed credits (and no more than 100 credits for undergraduate programmes and 105 credits for postgraduate programmes) will be required to repeat the year. There are some exceptions to this rule and they are applied on a case-by-case basis at the exam board.

If you are an MSc student, please note that deferring assessments may impact the start date of your dissertation. This is because you must pass all taught modules before you can begin your dissertation. If you are an overseas student, any delay may have consequences for your visa, especially if it is your intention to apply for a post study work visa after the completion of your programme.

NOTE: The summer resit period is short and support from staff will be minimal. Therefore, if the number of assessments is high, this can be an intense period of work.

This assignment is worth 100% of the total marks available for this module. If coursework is submitted late (and where there are no extenuating circumstances):

1. If the assessment is submitted no later than 24 hours after the deadline, the mark for the assessment will be capped at the minimum pass mark;
2. If the assessment is submitted more than 24 hours after the deadline, a mark of 0 will be given for the assessment.

Extensions to the coursework submission date can only be requested using the Extenuating Circumstances procedure. Only students with approved extenuating circumstances may use the extenuating circumstances submission deadline. Any coursework submitted after the initial submission deadline without *approved* extenuating circumstances will be treated as late.  计算机论文作业代写

More information on the extenuating circumstances procedure can be found on the Student Intranet:

https://intranet.cardiff.ac.uk/students/study/exams-and-assessment/extenuating-circumstances

https://intranet.cardiff.ac.uk/students/study/your-rights-and-responsibilities/academic-regulations

By submitting this assignment you are accepting the terms of the following declaration:

I hereby declare that my submission (or my contribution to it in the case of group submissions) is all my own work, that it has not previously been submitted for assessment and that I have not knowingly allowed it to be copied by another student. I understand that deceiving or attempting to deceive examiners by passing off the work of another writer, as one’s own is plagiarism. I also understand that plagiarising another’s work or knowingly allowing another student to plagiarise from my work is against the University regulations and that doing so will result in loss of marks and possible disciplinary proceedings1.

1 https://intranet.cardiff.ac.uk/students/study/exams-and-assessment/academic-integrity/cheating-and-academic-misconduct

Assignment  计算机论文作业代写

There are two Tasks in this coursework:

• T1 is to analyse malware and it is worth 30 marks.
• T2 is to test a vulnerable Virtual Machine image and it is worth 70 marks.

For T1, you will be given the same two pieces of malware (available on Learning Central) that you analysed in the regular coursework assessment. Using the feedback that you received after your original submission, you should improve on your original analysis. You should analyse both pieces of malware and write a report with your conclusions. This malware does not have a malicious payload and it is safe to analyse on your machines, but you will not need to run the malware anyway.

For T2, you will be given the same ‘target’ VM image that you pentested for the regular coursework assessment. It contains at least 7 vulnerabilities. Using the feedback that you received after your original submission, you should follow a systematic process to find and exploit 7 of these, propose fixes for the vulnerabilities that you find, and finally write a report with your findings and your recommendations.

You should submit a joint report for both tasks, as a single PDF or Word file. In total, the report should be at most 4000 words. Anything beyond the first 4000 words will not be marked.

Learning Outcomes Assessed

1. Perform static and dynamic malware analysis to explain the malware’s anatomy, its effects on a system and its spreading behaviour.
2. Identify, evaluate, and recommend, with justification, a selection of configurations and countermeasures to reduce the likelihood and impact of potential security attacks.
3. Perform application penetration testing to identify system and network security vulnerabilities and exploit them.
4. Explain how to detect and react to network intrusions.
5. Explain how web browsers are used to exploit vulnerabilities and inject malicious code into web services (e.g. cross-site scripting).

Criteria for assessment  计算机论文作业代写

Credit will be awarded against the following criteria.

Task 1 – Malware Analysis (30 marks)

• mentioned above, you will be given two pieces of malware to analyse. For each malware separately, you must collect evidence about its behaviour and complete the following sub-tasks by referring to the evidence you collected:
• List the malware’s significant imports and strings, and its host-based and network-based indicators. (10 marks)
• Describe how the malware works. (10 marks)

Specifically for the malware called “sample.dat”, your response should explicitly also answer the following questions:

1. What is the AES Key, IV used by the malware sample?
2. What are the commands the malware sample runs?
3. Describe the purpose the malware tries to achieve. (10 marks)

Your report must clearly separate your responses to each of these sub-tasks. For each piece of malware, the marks will be allocated against the following criteria:

	Fail (0-49%)	Pass (50-59%)	Merit (60-69%)	Distinction (70-100%)
Completeness of results (40%)	Very little or no relevant malware behaviour discovered. Superficial demonstration of only basic skills in malware analysis	Adequate discovery of behaviour, but some significant malware functionality has been overlooked. Some competency in analysis shown, but with clear limitations.	Most relevant malware behaviour found. Few errors or omissions	Extensive discovery of relevant malware behaviour. Wide range of skills shown and executed with precision.

 

Factual and technical correctness (40%)	Many factual or technical errors. Identification of malware behaviour is not linked to evidence. The output of malware analysis tools is not interpreted correctly on multiple occasions.	Technical arguments contain some errors, or invalid statements/facts about the malware are given. Some evidence is provided, but linkage to identified malware behaviour is not strong or it could be easily questioned.  计算机论文作业代写	Competence in malware analysis process is evident, by employing correct tools and illustrated for logical and technically valid arguments. Findings are clearly linked to evidence.	Any tools employed in collecting evidence about the malware must be applied correctly and their outputs interpreted meaningfully. Conclusions about the behaviour of the malware must be supported by the evidence collected.
Presentation (20%)	Significant lack of clarity and/or coherence. Unstructured report. Minimal awareness of technical terminology.	Communication is adequate to get the point across but requires some effort to understand. Good attempt to provide structure to the report, but with limitations (e.g. information that should be in one section appearing in another). Some but not many misunderstandings of terminology.	Clear and concise language. Well-structured into sections. Uses standard technical terminology.	The description of the malware evidence collection process, the analysis and the conclusions drawn must be clear, concise, and coherent. No marks will be lost for spelling or grammar errors, as long as they do not impede understanding Clear, precise, to-the-point description with no ambiguities nor irrelevant information included. Logical structure, easy to follow with appropriate use of screenshots. Displays excellent command of technical terminology.

Task 2 – Penetration Testing (70 marks)

To gain full marks, you should clearly follow a systematic pentesting methodology, you should clearly describe each vulnerability you find, how you found it in the VM, how you

exploited it, and you should clearly recommend, with justification, a selection of configurations and countermeasures for fixing it. Your whole analysis should be specific to the VM you are given – do not just provide a generic description of vulnerabilities or types of vulnerabilities.

Vulnerabilities that do not count and will not give you any marks:

• Network vulnerabilities, e.g. arp spoofing.
• Denial of service attacks
• Lack of an encrypted connection to the VM
• Social Engineering attacks

In the VM, there are at least 7 vulnerabilities among those you are taught in the module, for example:

• SQL injection
• XSS attack
• Remote Command Execution
• Cross-site Request Forgery
• Bad cookie practice
• Bad HTTP headers
• Weak passwords

But you may also find other vulnerabilities – they all count.  计算机论文作业代写

Each vulnerability counts for up to 10 marks (up to 70 marks total). If you include more than 7 vulnerabilities, you will not gain more than 70 marks. In fact, you may lose marks, if any of your descriptions contain e.g. technical errors. So, aim to submit only your top 7 vulnerabilities. Marks will be allocated following these specific marking criteria:

	Fail (0-49%)	Pass (50-59%)	Merit (60-69%)	Distinction (70-100%)
Completeness of results (40%)	3 or fewer valid vulnerabilities discovered. Superficial demonstration of only basic skills in pentesting. Significant omissions in the presented explanations and recommendations for fixes.	4 vulnerabilities found, with some significant ones missing. Some competency in pentesting shown, but with clear limitations. Some explanations given for how to find the vulnerabilities and how they can cause damage, but with omissions. Recommendations for countermeasures are present but limited in quantity or quality.	5-6 valid vulnerabilities found. Skilful tool usage. Effective recommendations for fixing vulnerabilities. Minor omissions/errors in explanations and recommendations.	7 distinct vulnerabilities are found. For each one, a thorough explanation is given on how an attacker can find it and how they can exploit it. Complete description of what the vulnerability is, how it can cause damage and to whom. Competent assessment of its severity and state-of-the-art recommendations for fixes and countermeasures. Wide range of

 

				skills shown and executed with precision.
Argument (40%)	Many factual or technical errors. Identification of security vulnerabilities is not linked to evidence. Mistaken interpretation of tool outputs.	Arguments contain some errors or invalid statements/facts are presented. Some evidence is provided, but linkage to identified vulnerabilities is not strong or it could be easily questioned.  计算机论文作业代写	Significant ability illustrated for logical and technically valid arguments. Identification of vulnerabilities are clearly linked to evidence.	Any pentesting tools used are applied correctly and their outputs interpreted meaningfully. Conclusions about the vulnerabilities are supported by the evidence collected. Scientifically and technically correct statements, with no nuances missed. Evidence provided is both adequate to support the conclusions and it has no reasonable alternative interpretations.
Presentation (20%)	Significant lack of clarity and/or coherence. Unstructured report. Minimal awareness of technical terminology.	Communication is adequate to get the point across but requires some effort to understand. Good attempt to provide structure to the report, but with limitations (e.g. information that should be in one section appearing in another). Some but not many misunderstandings of terminology.	Clear and concise language. Well-structured into sections. Uses standard technical terminology.	Clear, precise, to-the-point description with no ambiguities nor irrelevant information included. Logical structure, easy to follow with appropriate use of screenshots. Displays excellent command of technical terminology.

Feedback and suggestion for future learning  计算机论文作业代写

Feedback on your coursework will address the above criteria. Feedback and marks will be returned within 4 working weeks from the submission deadline in line with Cardiff University regulations. Feedback will be returned as follows:

• Individual feedback – in writing via Learning Central – Grade Centre.
• Cohort feedback – summary feedback for the cohort will be provided in writing via Learning Central – Announcements.

Feedback from this assignment will be useful for the Dissertation project.

Submission Instructions

You should submit one joint report (PDF or Word file), not a separate report for each task.

Description	Type	Name
Report	Compulsory	One PDF (.pdf) or Word file (.doc or .docx)	[student number].pdf/doc/docx (e.g. 230123456,pdf)

Any deviation from the submission instructions above (including the number and types of files submitted) may result in a reduction in marks for that task of 10%.

Staff reserve the right to invite students to a meeting to discuss coursework submissions

Support for assessment

Questions about the assessment can be asked on https://stackoverflow.com/c/comsc/ and tagged with ‘cmt121‘, or by email to the lecturer.

 

更多代写：加拿大BIO生物学代写  槍手代考英文  金融学Online exam代考  留学Essay代写推荐  留学论文代写范文  加拿大数学代写

合作平台：essay代写 论文代写 写手招聘 英国留学生代写