7CCSMNSE代做、代写C++，Python程序语言

日期：2025-03-26 08:52

Page 1 of 6

6CCS3NSE/7CCSMNSE

Network Security

6CCS3NSE/7CCSMNSE Network Security

2023-24 Academic Year

Coursework Specification

Module title: Network security

Module code: 6CCS3NSE/7CCSMNSE

Coursework title: Network attack and defence

Individual or group: This coursework can be done in a group or individually. The group

size depends on the experimental needs and is capped at a maximum

of 4. If working in a group, all group members are awarded the same

mark that is awarded to the submitted coursework.

Once you have formed a group offline, everyone must use the link

register your group. If you are doing the coursework individually then

you should register a group too, but your group will have just 1

member.

Weight of the overall assessment

for this module

15%

Learning outcomes assessed in

this coursework

• Demonstrate knowledge of security properties for networks and

the principal approaches to guaranteeing those properties

• Demonstrate an understanding of network attacks

• Demonstrate an understanding of network defence

Data work handed out: 9

th February 2024

Data work to be handed in: 24

th April 2024

Target date for the return of the

marked assignment:

within 4 weeks of handed in

Submission requirements: Each submission (individually or in a group) should contain a report

of maximally 1500 words or a video of maximum 15 minutes long. If

working in a group, 1 submission only is required per group.

Page 2 of 6

The goal of this coursework is to apply the knowledge and the understanding from the classroom in a real

network scenario. The overall task is to create a network, run and observe normal traffic, then launch

network attacks, and observe the impact on network performance. Finally use network defence

mechanisms to protect the network and observe the effectiveness. It contains several levels of tasks, and a

total mark of 100.

Level 1: Build a network and test its connectivity (20 marks)

At this level, you are supposed to build a network using the module VMs or mininet.

• Draw a diagram to show the topology of your network. Each computer on the diagram should have

its IP address labelled.

• Test connectivity of the network by using the ping command.

o If work in a group using VM, full connectivity between any two machines should be tested.

You should also test the connectivity to the Internet on VM.

o If you use mininet, also show the connectivity between each host in your network. Hosts in

mininet can also be connected to the Internet but it requires extra configuration so is not

compulsory at this level.

Level 2: Generate and analyse traffic on your network (20 marks)

At this level, you are supposed to generate some network traffic on your network, observe the traffic in

network sniffer(s) and measure network performance. This step is important as it builds the benchmark for

you to compare with later levels.

• Generate traffic.

o It is your choice of what kind of traffic you want to generate via standard Internet

applications or a tool you research and find to generate Internet traffic.

o You may use Internet applications to generate traffic. For example, you can open a web

browser on your VM.

o You may use the tool iperf to generate traffic such as UDP and TCP on your network. This

makes the volume of the traffic easily controllable. Iperf can be used on VM and mininet.

• Traffic analysis

o Use tcpdump or wireshark to monitor the traffic.

o Analyse the traffic at protocol level, packet level and flow level using wireshark

• Network performance analysis

o Analyse the performance of the TCP/UDP traffic such as throughput, delay and packet loss.

You can get the performance data from iperf output or wireshark statistics.

Level 3: Network attack(s) (25 marks)

At this level, let’s see how network attacks impact the network.

• Generate normal traffic as you have done at level 2

• Generate an attack or multiple attacks such as ICMP flooding, TCP SYN flooding, IP spoofing or any

other, when the normal traffic is ongoing

o Remember you can use multiple machines/VMs or multiple hosts in mininet

o You can use hping3 or any other tools

Page 3 of 6

• Analyse how network attacks impact the network, via traffic analysis and network performance

analysis by comparing the results with that at level 2.

Level 4: Network defence (25 marks)

At this level, let’s see how firewall(s) in your network can defend the victim from the attacks.

• Set a firewall on your network and configure its rules. You can use iptables on the VMs or in

mininet. You can also choose to use other firewalls. Multiple rules can be used for the defence.

• Generate the normal traffic as you have done at level 2.

• Generate the attacks as you have done at level 3.

• Show how the firewall works to mitigate the attacks.

• Compare and analyse the performance of level 2, 3, and 4 to demonstrate the effectiveness of the

firewall.

Level 5: Critical evaluation and reflection (10 marks)

Critically evaluate what you have learnt from this coursework technically and socially. If you are in a group,

each of you must tell your role in the experiment (attacker/victim) and what you have contributed to the

design, development and running of the experiment.

Submission

A report of maximum 1500 word that describes your experiments from level 1 to level 4 and analysis and

includes the critical evaluation and reflection at level 5. The report should be a PDF file.

The report should be named as “24nse.gxxx.pdf”, where xxx is your group number. For example, if your

group number is 2, the filename should be “24nse.g001.pdf”.

Or

A video of maximum 15 minutes that demonstrates the experiments from level 1 to level 4 and analysis,

and your verbal reflection at level 6. Each group member must say their reflection in the video. The video

should be an mp4 file.

The mp4 should be named as “24nse.gxxx.mp4”, where xxx is your group number. For example, if your

group number is 2, the filename should be “24nse.g001.mp4”.

Marking

Marking is based on the marking scheme above from evidence in the submitted report or video. See

marking rubrics next page.

Page 4 of 6

Marking Rubrics

Level 1: Build a network and test its connectivity (20 marks)

Rubrics Marks

Excellent description or demonstration of a network built in VM or mininet.

Network topology clearly drawn in report or shown in video with IP addresses of

nodes marked correctly. Connectivity fully tested and shown in report by

screenshots or in video by demonstration.

15-20

A network built in VM or mininet. Network topology clearly drawn in report or

shown in video with IP addresses of nodes marked correctly. Connectivity fully

tested and shown in report by screenshots or in video by demonstration.

There could be minor slips in description or demonstration.

10-14

A network built in VM or mininet. Network topology drawn in report or shown in

video with IP addresses of nodes marked. Some connectivity tested and shown

in report by screenshots or in video by demonstration.

Errors are found in the drawing/testing.

Not all necessary screenshots are provided in report or demonstrations not

shown in video.

5-9

Some attempt of building the network. 1-4

No network is built. 0

Level 2: Generate and analyse traffic on your network (20 marks)

Rubrics Marks

Excellent description or demonstration of sensible traffic generated on the

network built at level 1, using iperf or other tools of choice. Excellent traffic

analysis and network performance analysis.

Screenshots of traffic generation and traffic analysis are included in report or

demonstrated in video submission.

15-20

Good description or demonstration of sensible traffic generated on the network

built at level 1, using iperf or other tools of choice. Good traffic analysis traffic

analysis and network performance analysis.

Screenshots of traffic generation and traffic analysis are included in report or

demonstrated in video submission.

10-14

Some traffic generated on the network built at level 1, using iperf or other tools

of choice. Some traffic analysis and network performance analysis but may

contain some errors.

5-9

Page 5 of 6

Limited screenshots of traffic generation and traffic analysis are included in

report or demonstrated in video submission.

Some attempt of generating the traffic and analysis. 1-4

No attempt of generating traffic. 0

Level 3: Network attack(s) (25 marks)

Rubrics Marks

Excellent description or demonstration of multiple network attacks executed in

the network. Excellent analysis on how network attacks impact the network via

traffic analysis and network performance analysis compared with level 2.

Screenshots of network attacks and analysis are included in report or

demonstrated in video submission.

18-25

Good description or demonstration of one or multiple network attacks executed

in the network. Good analysis on how network attacks impact the network via

traffic analysis and network performance analysis compared with level 2.

Screenshots of network attacks and analysis are included in report or

demonstrated in video submission.

12-17

Some attack(s) generated on the network but may not be completed. Some

analysis on how network attacks impact the network via traffic analysis and

network performance analysis but not well explained.

Limited screenshots of network attacks and analysis are included in report or

demonstrated in video submission.

6-11

Some attempt of generating attacks. 1-5

No attempt of generating attacks. 0

Level 4: Network defence (25 marks)

Rubrics Marks

Effective firewall rule setup to block the attack. Excellent description or

demonstration on how the firewall defends the network. Excellent traffic

analysis and performance evaluation through comparison of level 2, 3 and

4.

Screenshots of firewall setup and experiments are included in report or

demonstrated in video submission.

18-25

Good firewall rule setup to block the attack. Good description or

demonstration on how the firewall defends the network. Good traffic

12-17

Page 6 of 6

analysis and performance evaluation through comparison of level 2, 3 and

4.

Screenshots of firewall setup and experiments are included in report or

demonstrated in video submission.

Some firewall setup to block the attack but may not be effective. Some

description or demonstration on how the firewall defends the network.

There may be errors in traffic analysis and performance evaluation

through comparison of level 2, 3 and 4.

Limited screenshots of firewall setup and experiments are included in report or

demonstrated in video submission.

6-11

Some attempt of defending the network 1-5

No attempt of defending the network 0

Level 5: Critical evaluation and reflection (10 marks)

Rubrics Marks

Critical evaluation and reflection both technical and social aspects. 6-10

Some evaluation and reflection but may not be critical. 1-5

No attempt 0