T. Andrew Yang

Tel.: (281) 283-3835

Last updated: 03/05

CSCI 5931 Network Security

Spring 2005


Check the syllabus page to find out the due dates.
Assignment 1
Assignment 2
Assignment 3
Projects
  • Assignments
Assignment 1
1.A (10 pts)
Visit the class discussion group at http://groups.yahoo.com/group/NetSecuritySpr05/ and join the group as a member.  Throughout this semester, you shall regularly visit the discussion group to find recent announcements, reminders, and discussions.  Print out the confirmation message in response to your membership request, and hand it in as part of this assignment.

1.B  (50 pts, 5 pts each) Write a brief paragraph to explain each of the following terms. Clearly note the source of your answer (web page, text book, etc.).
(i) security zone      (ii) message authentication   (iii) VPN   (iv) IPsec  
(v) certificate-based authentication

1.C (15 pts)  Problem 3.3 (S: p.83)
1.D (15 pts)  Problem 3.10 (S: p.84)

Assignment 2: new due date - 3/31
Cisco IOS commands and NS-2:
In this class, we've been exposed to examples of Cisco IOS commands and scripts for setting up routers, switches, and other devices. The primary objective of this exercise is to further your understanding of IOS commands. You may find the following links useful when completing the exercises.
  • Cisco IOS Commands Master List, Release 12.2:
2.A (30 pts, 15 pts per script) Draw a network diagram for each of the following scripts. For example diagram, see the Malik's book (e.g., Figure 3-2 on p.40). Explain what each of the scripts would accomplish.
    1. switch & vlan

hostname Switch-B

vtp mode transparent

vlan 10 name Engineering

vlan 20 name Sales

vlan 30 name Marketing

interface range fastEthernet0/1 – 16

 switchport mode access

 switchport access vlan 10

interface range fastEthernet0/17 – 32

 switchport mode access

 switchport access vlan 20

interface range fastEthernet0/33 – 48

 switchport mode access

 switchport access vlan 30

interface vlan 10

 ip address 192.168.10.1 255.255.255.0

    1. switches & routers

! L3-Switch-A Configuration

hostname L3-Switch-A

ip routing

ip multicast-routing

interface fastEthernet0/1

 no switchport

 ip address 10.2.1.1 255.255.0.0

 ip pim dense-mode

interface fastEthernet0/2

 no switchport

 ip address 10.3.1.1 255.255.0.0

 ip pim dense-mode

interface fastEthernet0/3

 no switchport

 ip address 10.1.1.1 255.255.0.0

 ip pim dense-mode

router eigrp 10

 network 10.0.0.0

! L3-Switch-B Configuration

hostname L3-Switch-B

ip routing

ip multicast-routing

interface fastEthernet0/1

 no switchport

 ip address 10.2.1.2 255.255.0.0

 ip pim dense-mode

interface fastEthernet0/2

 no switchport

 ip address 10.4.1.2 255.255.0.0

 ip pim dense-mode

interface fastEthernet0/3

 no switchport

 ip address 10.5.1.2 255.255.0.0

 ip pim dense-mode

interface fastEthernet0/4

 no switchport

 ip address 10.6.1.1 255.255.0.0

 ip pim dense-mode

router eigrp 10

 network 10.0.0.0

! Router-B Configuration

hostname Router-B

ip routing

interface fastEthernet0/0

 no shutdown

 ip address 10.6.1.10 255.255.0.0

 ip igmp join-group 239.1.1.1

router eigrp 10

 network 10.0.0.0

! Router-C Configuration

hostname Router-C

ip routing

interface fastEthernet0/0

 no shutdown

 ip address 10.5.1.10 255.255.0.0

 ip igmp join-group 239.1.1.1

router eigrp 10

 network 10.0.0.0

2.B (10 pts) Suppose you are asked to merge the switch in script #1 (i.e., Switch-B) with the network in script #2. What additional commands do you need to enter? Show the complete script to accomplish this task.
 
2.C (20 pts)
Can you use NS-2 to simulate the network in script #2? If yes, show how this is done. If not, explain the reason(s). If it can only be partially done, show the partial results and explain why the rest can not be accomplished.

Assignment 3

In the paper "Design of network security projects using honeypots"  (by Sadasivam/Samudrala/Yang, Journal of Computing Sciences in Colleges, Vol. 20, Issue 4. April 2005.), the authors discussed three network security projects involving the use of honeypots for and attracting and detecting network intrusions. A local copy of the paper is available at http://sce.uhcl.edu/yang/research/honeypot-paper-final.doc. The paper also presents an introduction to the basic concepts of honeypots/honeynets, and how it may be used to aid the security of a network. The three lab projects are included in section 5 of the paper. As part of this assignment, you are to read the paper, understand what honeypots means and how they could be deployed, and implement the lab projects.

3.A Read the paper and answer the following questions.

  1. (5 pts) Explain the differences between a production and a research honeypot.
  2. (5 pts) Explain the differences between a honypot and a honeynet.
  3. (5 pts) In the lab projects, the tool called nmap is used. Explain the main functions provided by this tool.
  4. (5 pts) Compare the tradeoffs of setting up a virtual honeypots versus using an actual server to function as a honeypot.

3.B (20 pts) Investigate the legal and ethical issues of deploying honeypots in an organization. Write a one to two pages of report to summarize your findings. Use proper cited references.

3.C (20 pts) Implement the first project discussed in the paper (Installation and Configuration of Honeyd). Note: As part of this assignment, include necessary information such as IP addresses, port numbers, etc., so the grader may verify the success of your implementation.

3.D (bonus: 20 pts) Implement the 2nd project discussed in the paper (Network Node Discovery ). Note: As part of this assignment, include necessary information such as IP addresses, port numbers, etc., so the grader may verify the success of your implementation.

3.E (bonus: 20 pts)
Implement the 3rd project discussed in the paper (Virtual Honeynets ). Note: As part of this assignment, include necessary information such as IP addresses, port numbers, etc., so the grader may verify the success of your implementation.

Go to the Index


Projects
  • Project 1
    • Project description
The focus of this project is to explore features of the ns-2 network simulator,  by creating and running sample ns applications. To successfully complete the project, each team should check out the following ns-2 resources as well as the ns-2 user manual.
    • Requirements
(Acknowledgement: The project was modified from sample projects by Dr. Papadopoulos, USC.)
 
Part A:
Write Tcl and OTcl Scripts
1. Fractorial Computation. Program in tcl to obtain the value of 10! = 10 * 9 * ... * 1.
        proc Factorial {x} {
            set result 1

              ... FILL IN ...

            return $result
        }
        set result [Factorial 10]
        puts "$result"

   To run it, type "ns ex1.tcl".

2. Multiplying and Dividing. Program in otcl to multiply or divide integer and real numbers.

        Class Real

        Real instproc init {x} {
            $self instvar value_
            set value_ $x
        }

        Real instproc multiply {x} {
              ... ADD YOUR CODE HERE... 
        }

        Real instproc divide {x} {
            $self instvar value_
            puts [expr double($value_) / [$x set value_]]
        }
 

        Class Integer -superclass Real

        Integer instproc divide {x} {
              ... ADD YOUR CODE HERE ... 
        }

        set realA [new Real 12.3]
        set realB [new Real 0.3]

        $realA multiply $realB
        $realA divide $realB

        set integerA [new Integer 12]
        set integerB [new Integer 5]

        $integerA multiply $integerB
        $integerA divide $integerB

    To run it, type "ns ex2.tcl"



Part B: Simulating network topologies

1. Set up a network topology as shown below.

topology

Traffic:

1 TCP connection with source at node 0, sink at node 3 and with an FTP source agent. The FTP flow

<>starts at 0.5 seconds. Terminate the simulation at 12 seconds.

2. Construct the following topology.

topology 2

Traffic:

1 TCP connection with source at node 0, sink at node 4, and with an FTP source agent. The FTP

flow starts at 0.5 seconds.

1 TCP connection with source at node 1, sink at node 5, and with an FTP source agent. The FTP

flow starts at 0.65 seconds.

Terminate the simulation at 12.0 seconds.

Write an ns script to construct the above network with the specified events.

The script should use the nam tool to graphically display the scenario.

Use drop tail queue for all the links and monitor the queue of the bottleneck link between 2 and 3.

Set TCP window to 200.

Mark the flows for better visualization (see template).

Use FullTcp agent.

Print the TCP throughput of the two TCP flows onto the console, at the end of the simulation.

TCP throughput = (total bytes received by the TCP sink)/(total duration of TCP flow).

To obtain total number of bytes received by TCP sink. Use

set totalbytes [$tcpsink set bytes_]

To read current time into ‘currentTime’ variable. Use

set currentTime [$ns now]

The expression to calculate the TCP throughput should be according to Tcl syntax. Refer to the

examples in Marc Greis tutorial or any Tcl programming document.


  • Reports (to be submitted electronically to yang@uhcl.edu, cc'ing the TA, as a single zip file)
  • Part A: Hand in the following.
  1. The TCL scripts
  2. Screen snapshots of testing the scripts
  • Part B.1: Hand in the following.
    1. The TCL scripts
    2. Screen snapshots of testing the scripts
    3. Give the TA a demo of this part of the project. Note: You may use the workstations in D140 or your own laptop to complete the projects. If your own laptop is used, bring the laptop to give the demo.
  • Part B.2: Hand in the following, and give the TA a demo of this part of the project.
    1. The TCL scripts
    2. Screen snapshots of testing the scripts
    3. Give the TA a demo of this part of the project.
Go to the Index

  • Project 2: NS-2 & Networking Research
As you have experienced in the first project, NS-2 provides rich features for users to simulate network configurations and protocols. It is a useful and widely used simulation and devleopment environment for conducting simulation-based network research, from local area networks (LANs) to mobile ad hoc networks (MANETs).

An example research project using NS-2 is the "Scenario-based Performance Evaluation of Secure Routing in MANETs", by Sadasivam, Changrani, and Yang. A worling paper reporting the current findings of that project is available here (MANETII05-draft.pdf).

The purpose of this project is two-fold:
  • First of all, you are to read the MANETII05-draft.pdf paper, as an example networking research using NS-2, and to discuss your understanding of such networking researches.
  • Secondly, you are to propose a research project using NS-2, with focus on a topic related to network security. Alternatively, instead of proposing a network security project using NS-2, you may propose to add a feature to extend NS-2's capabilities. Some possible extensions will be discussed below.
Project Requirements

I. Part A: Project Design (Due: 4/7)
  1. Read the MANETII05-draft.pdf paper. Feel free to send your questions to the authors (esp. Karthik at sadasivamk@uhcl.edu).
  2. Read the tutorial prepared by Karthik (ns-tutorial.doc) along with the paper, and answer the following questions:
    1. What were the research goals?
    2. How was the research project conducted using NS-2, highlighting which parts of NS-2 were used?
    3. Were there any additional resources, tools, procedures, etc. that were employed to accomplish the research goals?
    4. Use diagrams to illustrate your points.
Note: Every member of each team should be prepared to answer questions during your team's 'project design' presentation.
  1. Each team should present its chosen project to the class on the due date. Again the chosen project could involve either developing a network security research proposal or extending NS-2 for networking simulation/research. Sample projects are listed below:
  • Using NS-2 to simulate an RFID (Radio Frequency IDentification) wireless network
http://en.wikipedia.org/wiki/RFID
http://www.wireless.ucla.edu/rfid/winrfid/
http://www.rfidjournal.com/

Questions to answer: Is NS-2 ready to simulate an RFID wireless network? If yes, what are the needed tools, resources, and procedure? If not, how could NS-2 be extended to support such projects?
    • Using NS-2 to perform "Evaluation of Certificate-based Authentication in MANETs"

Questions to answer:
Are the proposed performance metrics appropriate? Are there any additional metrics that should be added? What additional resources are needed to implement the proposed project? What is the procedure of implementation?
    • Extending NS-2 so it becomes more like Network Visualizer (especially the functionality of using GUI to design a virtual network)

Questions to answer: How would a GUI designer be added to the NS-2? What capabilities should such a designer have? What network devices (routers, switches, hosts, servers, ...) should be included in such a virtual network designer? If more advanced devices (such as firewalls, VPN servers, etc.) are to be added, what challenges would you need to face?
  • Other project ideas:
Using NS-2 to evaluate the security of an RFID wireless network?
Extending NS-2 to become a virtual network designer for VPN network?
Extending NS-2 to support encryption/decryption?
Can NS-2 be used to build a virtual network for experimenting attacks at the network?
...
What to hand in for Part A
  1. Team presentation: Be prepared to answer questions about the MANETII05-draft.pdf research.
  2. A 2-5 pages of report outlining what your team plan to do in Part B of this project: Use cited references when appropriate. Find at least two published papers related to your chosen topic. It is highly recommended that Powerpoint slides be used for the presentation.

II. Part B: Final Report (Due: 4/28)
  1. Each team should first conduct detailed survey of the chosen topic. Related work that have been done by other researchers should be identified.
  2. A detailed design should be included in the final report, including
    • How NS-2 is to be used?
    • Which features of NS-2 are related to and how these features are to be integrated to implement the design?
    • Are any additional resources available from 3rd parties?
    • Is there any programming required for implementing the project? What are the functinalities of those programs?
  3. A references section should be included in the report.
What to hand in for Part B
a. A final report that contains all three parts listed above (detailed survey, detailed design, up-to-date references),
b. An oral presentation of the report to the class on the due date. It is highly recommended that Powerpoint slides be used for the presentation.

Go to the Index

dd   Main Page

dd   Biography

dd   Teaching

dd    Research

dd    Services

dd     Other Links