project

Final Project

Create a Security Lab Tutorial

Look back to the course labs you’ve performed so far, lecture topics covered, and any other security topics in which you have interest. Which area would you like to further explore?

Your final project is to expand your hands-on learning and understanding of security by creating your own lab. Students choose their security topics and what software to use. This is an opportunity to further explore an area of security you find interesting.

Students may work in teams or individually, as preferred. Up to three students (max) may form a team to complete this final course project. Each student must demonstrate that he or she actively contributed to the project. Model your lab tutorial in a format similar to course labs (e.g., description of what the exercise does; numbered steps; URLs to sources used during an exercise posted as footnotes on the relevant page; screen shots that illustrate important input and output and that provide evidence the shots were taken by you; page numbers; etc.)

Due Dates	Assignment Due
Team project proposal submitted on BB Discussion forum	Tues, Nov 16, 2pm*
Submit final project on Blackboard that includes: ** 1. your lab tutorial 2. presentation slides	Thurs, Dec 9, 3pm**
Team presentations	Presentation : Thurs, Dec 9, 6-8pm***

* During class on Nov 16th, we will discuss each student team’s proposal. This is an opportunity for students to get feedback and further flush out their project ideas. Importantly, it is also the time when I’ll review the software and projects being proposed across the class to ensure a variety of projects. Some students may be asked to change their topic because too many students are proposing similar projects. In cases where several student teams propose projects that are too similar, the student/team posting the proposal first gets priority. Note: ensure there is only 1 Discussion forum post per team .

** Final project submissions are per team. If multiple submissions occur from a team, the last submission will be graded. A 3pm deadline is given so that I can organize the order of presentations, and helps me get familiar with your projects prior to your presentation, which is helpful.

*** Students present their final project to the class. Each team member must be present and present some portion of the talk.

IST 656, J. Spears, Fall 2021

Page 1 of 7

Final Project Learning Objective:

1. Expand knowledge gained from course software labs and lectures

2. Create a reasonably detailed lab tutorial that another person could complete

3. Obtain security information on a target in your lab

4. Create a working lab, self-troubleshooting as needed

#1. Choose Project and Submit Proposal

Choose an area of interest to you.

The purpose of this final project is to expand your knowledge from previous course labs in one of the following areas of interest to you:

· Network security operations and/or scanning

· Data analytics of log files

· Malware analysis

· Network protocol analysis with Wireshark

· Web or mobile application pen testing

· Ethical hacking; cyber defense; vulnerability assessment; etc.

· Other security topics, such as access control; encryption; secure code; security analytics

Depending on the software used, it may be useful to install your project software in your Ubuntu VM. Alternatively, consider whether or not it is better for you to create a freshly configured VM. If you are interested in mobile app pen testing, I can provide a lab (from last spring!) that you can use (as-is) to setup an Android virtual device using Genymotion software.

Each team member is expected to install the software used on the team project; perform the lab exercises; and trouble-shoot technical issues as needed.

Some Final Project Suggestions:

The following suggestions build on work you’ve done in previous labs. You are welcomed to work on software not listed below. Either way, submit your proposal by Nov 16th to ensure you’re on the right track.

1. Wireshark

· Analyze malicious traffic

· Detect password cracking attempts

· Detect malicious activity shown in data packet analysis

2. Network protection: pfSense; OpenVPN; intrusion detection system (Snort); creating a DNS using DNSSEC

3. Mobile app pen testing: Genymotion; apktool for reverse-engineering a mobile app; Bluetooth vulnerabilities using Kali Linux tools

4. Test or crack SSL encryption for a vulnerable mobile or web app

5. Conduct some type of cyber attack using, for example, Metasploit or Kali Linux software

· Vulnerable apps: https://owasp.org/www-project-vulnerable-web-applications-directory/ (click on tabs); https://resources.infosecinstitute.com/topic/top-5-deliberately-vulnerable-web-applications-to-practice-your-skills-on/

Post your proposal on the Blackboard Discussion forum:

By the 2pm deadline next Tues, Nov 16th, post a discussion thread containing a brief writeup of your proposed project. State:

1. The name(s) of who will work on this project (up to 3 students)

· Note: if 3 students are on the project, then there needs to be enough work for 3 people.

2. What security software will be used? On which virtual machine (e.g., Ubuntu, or something else)? What target or vulnerable system do you plan to use?

3. What do you want to do with the software? What is the security issue being addressed?

#2. Create a lab tutorial on an approved topic.

Construct a Security Tutorial:

Your tutorial must be reader-friendly, neatly formatted, with numbered steps, screenshots that illustrate important steps and output, and includes descriptions where most useful. Use page numbers. Your tutorial should be detailed enough so that a reader can easily perform your lab (and so that you could duplicate the instructions yourself in the future if you choose). Use a format similar to that in course labs 1, 2, 4, 5, or 7. Begin your tutorial with a brief explanation of what your lab covers, the software used, and any data used.

You are welcomed to use instructions from other online sources, but sources must be cited and multiple sources used. Cite the sources of your lab instructions as footnotes[footnoteRef:1] on the page where the source is used. In other words, cite within the body of the paper, not at the end of the document. [1: To make your document visible, cite your source as an endnote that includes the full URL.]

It is not sufficient to only follow existing tutorials found from other sources. Instead, your tutorial must be customized and include original instructions -- written by you in your own words. Similarly, all screen shots included in your tutorial must be original and from your work. Include some screen shots that illustrate the portions of your tutorial that you customized (different from the online tutorials you found). In other words, do not simply retake a screen shot found online; customize your own narrative.

Your tutorial must demonstrate specific security tasks and have specific results/output. The tutorial should have a narrative. In addition to security requirement, grading is based on:

Caution: allow for sufficient time to trouble-shoot any technical problems your team may encounter when installing, configuring, and using your lab software.

Grading Criteria for Lab Tutorial:

1. Complete and descriptive narrative, written in your own words, of the security issue your project lab is addressing; results are also described

2. Technical solution works; technical activities described; and results are interpreted in your own words.

3. Originality and depth

4. Readability / formatting

5. Repeatability

If two or three students are named on the assignment, there must also be evidence that each student performed work on the project – e.g., each student has a screen shot showing his or her first name in the command prompt, title bar, filename, etc.

Repeatability:

· I should be able to perform the lab with only using your tutorial for the vast majority (e.g., 95%) of steps needed in order to install, configure, and execute the same lab. Though not an exhaustive list, include in your lab tutorial:

· URL to software you’ve installed

· URL to software description/instructions, etc. that you’re using

· Step-by-step instructions

· Screen shots that are helpful for reader to follow; must be readable for credit

Originality and Depth:

· Lab must focus on a security problem; have a purpose (e.g., to locate security vulnerabilities in X); have an outcome (e.g., list of vulnerabilities found); and contain explanations of what was performed and the outcome.

· While a lab narrative is required to explain the purpose of the lab and what it is doing, the vast majority of the lab should be on the actual lab steps performed, along with relevant screen shots.

· Similar to course labs, several screen shots must display students’ first name in some portion of the software window. Each team member must provide named screen shots.

· While it is expected that students will initially reference existing online sources to learn how to construct tutorial, it is expected that such online sources will be “adapted” – meaning that students will tailor and expand upon online sources.

· Aim for at least 50%-60% of lab being original

· If three students are on the team, then the tutorial should clearly contain the workload of three students.

· Include a brief statement on the last page of lab stating what aspects of your lab were from other sources, and which parts are original content from you.

· URLs to sources must be included. Major deductions will occur if this is omitted.

· Only provide citations actually used/applied in your tutorial

· Provide URLs as a footnote in the document where you used the source. In other words, not at the end of the doc, but embedded in your tutorial.

· Please note that TurnItIn.com, or a similar tool will be used to determine originality.

Readability/formatting:

· Provide title page with project name and author(s)

· Break tutorial into digestible and intuitive sections; label each section

· Use page numbering; numbered steps;

· Font size is 12 or 11-pt; section headers; bold font to highlight

· Use spacing and blank lines as appropriate to increase readability

· Format citations as footnotes on the same page (see course labs as examples)

Completeness / Works:

· The tutorial is approx. 10-15 pages, excluding a title page

· The tutorial contains sections on: (a) new lab software installation and configuration, and (b) using the newly installed/configured software

· Overall, the vast majority of your tutorial solution works

· Evidence tutorial works is included in the tutorial via screenshots

#3. Present to class during final exam session:

Create a PowerPoint or PDF presentation. Include a max of 6 slides, as listed below:

First page: provide a title page with Lab name and team members

Second page: introduce what your lab does. State the risk or security issue your lab addresses. Briefly (e.g., 1 sentence) state the purpose of the software your lab uses. (No need to mention Virtual Box or Ubuntu.)

Pages 3, 4, 5: provide original screen shots from your work that best illustrate key elements of your completed project. Screen shots should zoom into content; be visible to audience.

Page 6: Use to provide additional information the team feels is most valuable in presenting their project.

Note: Do not provide wordy definitions or other explanations. Instead, focus on the actions performed in your lab, what they were trying to achieve, and the results. Explaining how your lab software was used within your lab exercises is also of interest.

Grading Guidelines on presentation:

· Your presentation is focused on a security issue

· More time is spent on describing the technical solution and problem addressed

· Screen shots must be reasonably readable to audience (i.e., zoom-in/focus on content)

· Chosen screen shots are value-added (i.e., show us something substantive)

· The security purpose/objective of your lab is clear to audience

· Slide deck is complete, according to above instructions

· If three students work on the project, then all three students are present