6CCS3NSE/7CCSMNSE Network Security
6CCS3NSE/7CCSMNSE
Network Security 6CCS3NSE/7CCSMNSE Network Security 2023-24 Academic Year
Network securityModule code: 6CCS3NSE/7CCSMNSCoursework title: Network attack and defenceCoursework set by:Dr Hannan Xiao
Individual or group: This coursework can be done in a group or individually. The group
size depends on the experimental needs and is capped at a maximum
of 4. If working in a group, all group members are awarded the samemark that is awarded to the submitted coursework.
Once you have formed a group offline, everyone must use the linkhttps://keats.kcl.ac.uk/mod/choicegroup/view.php?id=7365887 toregister your group. If you are doing the coursework individually thenyou should register a group too, but your group will have just 1member.Weight of the overall assessment
for this module
15%
Learning outcomes assessed in
this coursework
- Demonstrate knowledge of security properties for networks andthe principal approaches to guaranteeing those properties
- Demonstrate an understanding of network attacks
- Demonstrate an understanding of network defence
Data work handed out:9 th February 2024Data work to be handed in: 24 th April 2024
Target date for the return of the
marked assignment:
within 4 weeks of handed in
Submission requirements:
Each submission (individually or in a group) should contain a report
of maximally 1500 words or a video of maximum 15 minutes long. If
working in a group, 1 submission only is required per group.Page 2 of 6
The goal of this coursework is to apply the knowledge and the understanding from the classroom in a realnetwork scenario. The overall task is to create a network, run and observe normal traffic, then launchnetwork attacks, and observe the impact on network performance. Finally use network defencemechanisms to protect the network and observe the effectiveness. It contains several levels of tasks, and a
otal mark of 100.
Level 1: Build a network and test its connectivity
(20 marks) At this level, you are supposed to build a network using the module VMs or mininet.
- Draw a diagram to show the topology of your network. Each computer on the diagram should haveits IP address labelled.
- Test connectivity of the network by using the ping command.
o If work in a group using VM, full connectivity代写 6CCS3NSE/7CCSMNSE Network Security between any two machines should be testedYou should also test the connectivity to the Internet on VM.
o If you use mininet, also show the connectivity between each host in your network. Hosts inmininet can also be connected to the Internet but it requires extra configuration so is notcompulsory at this levelLevel 2: Generate and analyse traffic on your network
(20 marks)
At this level, you are supposed to generate some network traffic on your network, observe the traffic in
network sniffer(s) and measure network performance. This step is important as it builds the benchmark foyou to compare with later levels.
- Generate traffic.
o It is your choice of what kind of traffic you want to generate via standard Internetapplications or a tool you research and find to generate Internet traffic.o You may use Internet applications to generate traffic. For example, you can open a webrowser on your VM.
o You may use the tool iperf to generate traffic such as UDP and TCP on your network. Thismakes the volume of the traffic easily controllable. Iperf can bused on VM and mininet.
- Traffic analysis
o Use tcpdump or wireshark to monitor the traffic.
o Analyse the traffic at protocol level, packet level and flow level using wireshark
- Network performance analysis
o Analyse the performance of the TCP/UDP traffic such as throughput, delay and packet loss.
You can get the performance data from iperf output or wireshark statistics.
Level 3: Network attack(s)
(25 marks)
At this level, let’s see how network attacks impact the network.
- Generate normal traffic as you have done at level 2
- Generate an attack or multiple attacks such as ICMP flooding, TCP SYN flooding, IP spoofing or anyother, when the normal traffic is ongoing
o Remember you can use multiple machines/VMs or multiple hosts in mininet
o You can use hping3 or any other toolsPage 3 of 6
- Analyse how network attacks impact the network, via traffic analysis and network performanceanalysis by comparing the results with that at level 2.
Level 4: Network defence
(25 marks)
At this level, let’s see how firewall(s) in your network can defend the victim from the attacks.
- Set a firewall on your network and configure its rules. You can use iptables on the VMs or in
mininet. You can also choose to use other firewalls. Multiple rules can be used for the defence.
- Generate the normal traffic as you have done at level 2.
- Generate the attacks as you have done at level 3.
- Show how the firewall works to mitigate the attacks.
- Compare and analyse the performance of level 2, 3, and 4 to demonstrate the effectiveness of thefirewall.
Level 5: Critical evaluation and reflection
(10 marks)
Critically evaluate what you have learnt from this coursework technically and socially. If you are in a group,
each of you must tell your role in the experiment (attacker/victim) and what you have contributed to the
design, development and running of the experiment.
Submission
A report of maximum 1500 word that describes your experiments from level 1 to level 4 and analysis and
includes the critical evaluation and reflection at level 5. The report should be a PDF file.
The report should be named as “24nse.gxxx.pdf”, where xxx is your group number. For example, if your
group number is 2, the filename should be “24nse.g001.pdf”.
Or
A video of maximum 15 minutes that demonstrates the experiments from level 1 to level 4 and analysis,
and your verbal reflection at level 6. Each group member must say their reflection in the video. The video
should be an mp4 file.
The mp4 should be named as “24nse.gxxx.mp4”, where xxx is your group number. For example, if your
group number is 2, the filename should be “24nse.g001.mp4”.
Marks Excellent description or demonstration of multiple network attacks executed ithe network. Excellent analysis on how network attacks impact the network viatraffic analysis and network performance analysis compared with level 2Screenshots of network attacks and analysis are included in report ordemonstrated in video submission.18Good description or demonstration of one or multiple network attacks executed
in the network. Good analysis on how network attacks impact the network viatraffic analysis and network performance analysis compared with level2.Screenshots of network attacks and analysis are included in report ordemonstrated in video submission.
12-17Some attack(s) generated on the network but may not be completed. Someanalysis on how network attacks impact the network via traffic analysis andnetwork performance analysis but not well explained.
Limited screenshots of network attacks and analysis are included in report ordemonstrated in video submission.
