ITS64904_ASSIGNMENT_30%_QUESTION

Appendix A

Related Post

6BU020+Assessment+Brief++202425

June 9, 2025

Individual Assignment Rubrics V1 (1)

June 9, 2025

Individual Case Assignment Brief V11 (1)

June 9, 2025

Individual Assignment Rubrics V1 (1)

June 9, 2025

ITS64904 Computer Intrusion Detection

Group Project (30%)

Semester January 2025

I declare that:

• I understand what is meant by plagiarism

• The implication of plagiarism has been explained to us by our lecturer. This project is all our work and I have acknowledged any use of the published or unpublished works of other people.

Appendix B

ITS64904 Computer Intrusion Detection

Individual Tasks Allocation

Indicate (√) in the member’s name column if he/she has been involved in that task. Add rows if necessary

ITS64904 Assignment Assessment Rubrics

Feedback:

Presentation Assessment Rubrics

ITS60904

Computer Intrusion and Detection

Group Project (30%)

Semester MAY 2024

Group Formation

Students will form a group of 5 members, depending on the tutorial class size.

Every member of the team is expected to contribute and participate actively in the entire process of completing this assignment. Each of the group members will be responsible for individual activity; the task depends on the allocation by the respective group leader. Sharing of ideas, extensive group discussion, and brainstorming among group members are required to complete this given assignment.

Assignment Tasks

Comparative Analysis and Simulation of IDS/IPS Tools

1. Compare and contrast Snort, Suricata, OSSEC, and Wazuh in terms of their: o Type (NIDS/HIDS/SIEM)

o Detection Mechanisms (Signature-based, Anomaly-based)

o Key Features and Applications

Provide examples where each tool is most effective.

2. Simulate an attack scenario to evaluate the detection capabilities of Snort and Suricata. o Set up a virtualized network environment with Snort and Suricata configured as NIDS.

o Generate a simulated attack, such as a port scan or SQL injection, using tools like Nmap or Metasploit.

o Collect the alerts and analyze the results.

3. Perform a similar simulation for OSSEC and Wazuh in a host-based environment. o Configure OSSEC and Wazuh on a test host.

o Simulate malicious activities, such as unauthorized file modifications or privilege escalations.

o Compare their detection and reporting capabilities.

4. Show the necessary calculations or metrics used to evaluate the performance of these tools, such as:

o Detection rate (True Positives / Total Attacks).

o False-positive rate (False Positives / Total Non-Attacks).

o Resource utilization (CPU, Memory, and Network overhead).

5. Based on your findings, recommend the best tool or combination of tools for: o Protecting a high-traffic web server.

o Securing distributed endpoints in a corporate environment.

You are required to do research through Internet sites acquired further information from reference books/journals, and obtain additional ideas from other resources.

Prepare a report according to the attached report format to assess and complete the following assignment tasks

Marking Rubric for Comparative Analysis and Simulation of IDS/IPS Tools

Module Learning Outcome (MLO)

MLO 2: Propose secure systems to defend against security threats in the computer and network systems

Assignment Submission

Submission Format: ONE (1) softcopy of a complete report that is type-written using Google Docs/Microsoft Doc to be submitted online via Times in pdf format. The punctuality of submission is based on the softcopy time stamp.

The final report submission should consist of the following components:

The report must be typewritten in the format of the following requirements:

The maximum number of pages is not more than 22 pages (Excluding Cover Page, Task Allocation List, Marking Rubrics, Table of content, References and Appendices)

Presentation date: Week 11 – Week 13 (During Tutorial and Practical Class). Report Submission: Week 10

Submit: Submit in TIMeS. (In PDF format).

➢ Submit a softcopy of the presentation slides via Times after the presentation. Please prepare at most 20 minutes of the slide presentation. All group members must present.

Assessment

This assignment will contribute 30% to the coursework marks of the course. A report shall be produced as an outcome of the research, findings, recommendations, and evaluation. The students will be assessed on a written report in NOT more than 22 pages (the number of pages and word count for the cover page, list of tasks allocation, table of contents, appendices and references are NOT counted), where this will be assessed based on the following criteria:

• Clarity of explanation

• Reasonable command of English

• Reasonable coverage of discussion, information and evaluation.

• The ability to find and manage relevant information from a different source • Quality of references and citation

Late Submission

All assignments should be submitted by the stated due date unless it is revised and approved by the respective lecturer/tutor. Penalty for late submission shall be imposed as followed (unless reasons or application for extension and approval is given before the due date of the assignment):

• Late submission within 1 – 3 days: total marks to be deducted is 10 marks • Late submission within 4 – 7 days: total marks to be deducted is 20 marks • Late submission after 7 days: submission will be rejected and zero mark shall be awarded

As a general rule, no extension of time will be granted. The assignment question and its due dates are normally disclosed in advance to students so that they will be able to manage their time according to different subject study progress and complete this assignment on time.

Feedback

Written feedback on the assignment and rubrics will be returned to the students latest by Week 13/Week 14, by the lecturer.

Plagiarism & Collusion

The School of Computing and Information Technology views cases of plagiarism or collusion by students very seriously. Any students who intentionally plagiarize or collude in any part of their assignments/projects or written work threatens the values of academic work and undermines the credibility and integrity of Taylor’s awards. Plagiarism or collusion discovered at any stage of the student’s course of study will be dealt with appropriately by the School. Such offender shall appear before a panel of enquiry at the School and appropriate punishment will be meted out. Punishment may include failing the student for the assignment or project, re-submission of another piece of work or downgrading the work to the maximum of a passing grade even if the actual grade achieved was higher.

What constitutes “Plagiarism” and “Collusion”?

Plagiarism according to the Oxford Advanced Learner’s Dictionary of Current English means “take and use somebody else’s ideas, words, etc as if they were one’s own.” Plagiarism can take the form of reproduction without acknowledgement from published or unpublished works of others including materials downloaded from computer files and the Internet.

Students work submitted for assessment is accepted on understanding that it is the students’ effort without falsification of any kind. Acknowledgement to the source must be made if students had relied on any sources for information with appropriate reference being made in their work. In particular, you need to cite sources discovered on the Internet or any other publications. Given the explosion of electronic publications in recent years, students need to be careful that their assignments do not become an exercise in cutting and pasting existing abstracts or portions of World Wide Web pages. Rarely will such an approach produce acceptable results.

Collusion can be deemed to be a form of plagiarism involving the unauthorized cooperation between two or more people with a deceptive intention.

Collusion can take the form of two or more students producing a piece of work together but with one intentionally passing it off as his work with the knowledge of the others. A student may have submitted the work of another as his own with consent from that other student. In such cases, both parties are guilty of collusion.

As this assignment is considered a group assignment, the forming of a group to share ideas and assist in the development of assignments or projects is an accepted and encouraged practice. However, it is NOT acceptable for members of one group to submit identical answers to the assignment, by simply copying the work done from another group and cosmetically disguising it with some modifications.

All assignment findings under the same grouping must be submitted as unique group work as a whole and the lecturer is entitled to consider identical layout, identical mistakes, identical argument and identical presentation to be prima facie evidence of collusion.

Obligations of students

Students are required to sign a declaration that the work submitted such as course work assignments, essays and projects, etc. is their original work/effort and that they have not in any way knowingly or allowed another student to copy it. It will be assumed that all submitted work is that of the student’s work.

Students are expected to familiarize themselves with or make use of the method(s) of citing other people’s work by acceptable references.