CSIS 4010 Computer Security
1. Text reading
Chapters 12, 13, 20, 21, 22
2. Textbook questions (80 points)
12.3 What are the basic steps needed to secure the base operating system?
12.6 What is the point of removing unnecessary services, applications, and protocols?
12.19 What are the major differences between the implementation of discretionary access control models on Unix and Linux systems that those on Windows systems?
12.3 Why are file system permissions so important in Linux DAC model? How do they relate or map to the concept of “subject-action-object” transactions?
12.7 Consider an automated audit log analysis tool (e.g., swatch). Can you propose some rules which could be used to distinguish “suspicious activities” from normal user behavior on a system for some organization?
13.1 Define cloud computing.
13.4 Describe some of the main cloud-specific security threats.
13.7 List and briefly define the principal components of an IoT-enabled thing.
20.2 What are the basic functions (operations) used in symmetric encryption algorithms?
20.4 What is the difference between a block cipher and a stream cipher?
20.10 List ways in which secret keys can be distributed to two communicating parties.
20.2 Consider a Feistel cipher composed of 16 rounds with block length 128 bits and key length 128 bits. Suppose for a given k, the key scheduling algorithm determines values for the first 8 round keys, k1, k2,… k8, then sets
k9=k8, k10=k7, k11=k6,…, k16=k1
Suppose you have a ciphertext c. Explain how, with access to an encryption oracle, you can decrypt c and determine m using just a single oracle query. This shows that such a cipher is vulnerable to a chosen plaintext attack. (An encryption oracle can be thought of as a device that, when given a plaintext, returns the corresponding ciphertext. The internal details of the device are not known to you and you cannot break open the device. You can only gain information from the oracle by making queries to it and observing its responses.)
20.7 Suppose an error occurs in a block of ciphertext on transmission using CBC. What effect is produced on the recovered plaintext blocks?
21.4 What is a one-way function?
21.5 Briefly explain Diffie-Hellman key exchange.
21.8 In an RSA system, the public key of a given user is e=31, n=3599. What is the private key of this user?
22.1 List four functions supported by S/MIME.
22.5 What protocols comprise SSL?
22.9 What services are provided by IPsec?
22.1 In SSL and TLS, why is there a separate Change Cipher Spec Protocol rather than including a change_cipher_spec message in the Handshake Protocol?
3. Article review: (20 points)
This is an INDIVIDUAL assignment. Answer the questions using a word processor. Make sure that you use a spelling checker. Cite all references used including the textbook. This includes any information that you get from the Internet. DO NOT FORGET to enclose any direct quotations in quotation marks.
Please read the following paper on Android malware detection and write a summary about the paper. Show your critical analysis whenever you can.
Rana, M. S., Rahman, S. S. M. M., & Sung, A. H. (2018, September). Evaluation of tree based machine learning classifiers for android malware detection. In International Conference on Computational Collective Intelligence (pp. 377-385). Springer, Cham.
A copy of the paper is attached to this assignment.
The purpose of this assignment is to describe and summarize the content and fundamental argument of an article in a concise format, and through this exercise to practice skills in critical reading.
The assignment must include 2-3 pages (single-spaced, not counting quotations used) containing:
· A paragraph showing the summary of the article
· Your opinion of the article’s quality and your own position. Did the writer do sufficient research? Is the article technically correct? Are there elements of the argument that could have been enhanced with more detail or more argumentation? What would a follow-up article contain to be useful to this one? Did you agree with the article? Did it support or change your opinion? If not, then why?
· Use the APA style for references and citations.
Your submission will be evaluated based on the following criteria.
· Quality of the article you choose
· Relevance to the course
· Technical depth of your discussion
· Soundness and originality of your critical evaluation
· Clarify of your discussion
· Conformance to APA on all citations and references
To expand the discussion, you are highly encouraged to explore additional relevant publications using the following search engines. If you do so, please include a “List of References” at the end of the summary.
Search Engines for Scholarly Publications
Reference information on the APA style