联系方式

  • QQ:99515681
  • 邮箱:99515681@qq.com
  • 工作时间:8:00-23:00
  • 微信:codinghelp

您当前位置:首页 >> Java编程Java编程

日期:2020-10-14 11:13

CITS 3004

Cybersecurity

Assignment: CTF

This is an INDIVIDUAL assignment.

Worth: 20% of the unit

Due: Final marks will be counted on 16 October 2020, 5PM (hereon, everything is due on 5PM of the day specified).

Late submissions: late submissions attract 5% penalty of the whole grade per day up to 7 days. After 7 days, your mark

will be zero.

1. Outline

This assignment is a capture the flag (CTF) style assessment item, which requires you to use your

cybersecurity knowledge to solve as many questions as possible. Any plagiarised work will be marked zero.

Remember, this is an INDIVIDUAL assignment – you can discuss ideas but DO NOT share answers.

2. Getting started

? You must first create an account on the CTF server: https://ctf.jinhong.org/

o Remember to have https at the front.

? You must create an account with the username being your student ID and email using your student email.

o You can customise other fields, but ensure they conform to the UWA student conduct regulations.

o Failure to follow this simple instruction may result in you not correctly receiving marks.

? If you have issues creating an account, contact the Unit Coordinator.

Figure 1. CITS3004 CTF Server Front Page

CITS 3004

Cybersecurity

3. Your Tasks

PART 1. SOLVING CTF (80%)

Solve as many questions as you can on the CTF server!

You can also view other students' scores, which should let you know your relative position.

There may be more questions added later, stay tuned! (Notified by LMS announcement when it happens).

PART 2. REPORT (20%)

For each question you solve, you are required to outline the steps you took to get the solution concisely

(clearly explain and keep it as short as possible). Once you completed the CTF, you need to submit your

report that contains your explanations to each question as a single PDF document on LMS by the due date.

If your report is incorrect, then the corresponding question marks may be deducted or removed.

If your report is correct but not sufficiently detailed, then it will only affect the report mark.

NOTES

1. You are required to do additional research as necessary in order to solve those questions.

2. The CTF scores form 80% of the assignment, and the report 20%.

3. If you launch any attacks against the CTF server, you will be marked zero and be forwarded to the

academic misconduct team.

a. If you have mistakenly made changes, contact me ASAP.

b. If we find you first, then you will get zero.

4. If you think you found the correct solution but was not accepted as a correct flag and suspect

someone has altered the flag, contact us to discuss about your solution. The applicable questions in

this category are:

a. Web - Secure Notes Program

b. E Bank – Task 1: Initial Foothold

c. E Bank – Task 2: User Escalation

d. E Bank – Task 3: Root Escalation

5. Well advancing students may be asked for an interview to check the progress.

a. If you are asked for an interview, you must attend.

b. If done online (e.g., Zoom), then you have to show your face for identification.

6. The penalty is set to 40% of your raw mark (e.g., you received 85% for the assignment, then it will be

reduced to 45%). You will receive this penalty if you:

a. Fail to schedule the interview within a reasonable time (10 working days) will result in you

receiving penalties on your assignment grade.

b. No-show for the interview will also result in you receiving penalties.

c. Do not provide sufficient response during the interview.

Let me know if you find any other bugs in the questions.

CITS 3004

Cybersecurity

4. Submission

Your CTF score will be used to calculate Part 1 marks. Submit your final report on LMS by the deadline, which

will be used to calculate Part 2 marks. Marks are scaled accordingly.

5. Bonus Marks

Bonus 8 marks will be awarded for completing the survey that will be available from 12 October 2020. The

survey itself is anonymous, but for me to give you the bonus marks, you must:

1. There is a field at the end of the survey to create a random sequence of characters. Input one.

2. Take a screenshot of the completed survey with the date and time visible (for me to validate).

3. Send the screenshot and the generated random sequence of characters directly to me

(jin.hong@uwa.edu.au) to receive the bonus marks.

4. Your response will be kept anonymous for the purpose of the survey.

Note: Your survey response must be a valid submission to claim the bonus 8 marks. If your survey submission

is deemed to be invalid (e.g., responses are conflicting, responses are selected without reading questions

etc.), then you will not be awarded with the bonus marks.

This bonus marks can be used to top up any missed marks from parts 1 and 2 for the assignment.

6. Rubrics

Criteria Highly Satisfactory (D, HD) Satisfactory (P, CR) Unsatisfactory (N)

Solving CTF (80 marks)

? Understand various

cybersecurity

concepts and

techniques.

? Demonstrate the

ability to carry out

cybersecurity

techniques.

Demonstrated the ability to

conduct cybersecurity concepts

fluently:

? Various cybersecurity

techniques are explored and

demonstrated.

? Competent understanding and

communication of different

cybersecurity techniques.

Demonstrated the ability to

show satisfactory skills in

cybersecurity techniques:

? Understands the basic

concept of cybersecurity

and tried various

techniques.

? Provided sufficient

knowledge in cybersecurity.

Failed to demonstrate the

ability to conduct

cybersecurity techniques:

? Did not explore various

cybersecurity

techniques.

? Difficulty in carrying out

different cybersecurity

techniques.

Reports (20 marks)

? Plans information to

flow logically

through the written

work.

? Delivery of

information is clear

and concise,

demonstrating the

knowledge in depth.

Demonstrated the ability to

discuss in detail of the concepts:

? Work was easy to read and

structured logically.

? Work presentation was

competent, concise, clear and

provide an in-depth

knowledge.

Demonstrated the ability to

discuss the concepts:

? Work generally flowed

smoothly but was a bit

inadequate in places.

? Showed a reasonable

understanding and depth of

the knowledge.

Failed to demonstrate the

ability to discuss the

concepts:

? Presentation was not

concise and clear.

? Ideas and knowledge

were not demonstrated

clearly.

This assignment is out of total 100 possible marks.


版权所有:留学生编程辅导网 2018 All Rights Reserved 联系方式:QQ:99515681 电子信箱:99515681@qq.com
免责声明:本站部分内容从网络整理而来,只供参考!如有版权问题可联系本站删除。