Compabilitiy Mode
$10-30 USD
Dibayar semasa penghantaran
1. Attackers may be actively attempting to evade a detection system. We assume that an employee has developed a webserver that listens on TCP port 80. However, this webserver is vulnerable to an attack. If an HTTP request contains a string of “ATTACK” (case sensitive), the webserver will be exploited. An example is illustrated as follows:
IP Header TCP Header GET ATTACK [login to view URL]
You have designed a signature-based (a.k.a., misuse) intrusion detection system, which will raise an alert if it finds “ATTACK” in one TCP packet.
a. How can an attacker successfully launch attacks while evading your detection system? (5 Points)
b. How can you modify your detection algorithm to counteract?
2. Collecting benign samples to train a model for anomaly detection is usually very expensive. Let us assume Alice and Bob achieve the identical detection rates and false positive rates. The following figure plots how the size (e.g., memory consumption) of the model (y-axis, used to profile the benign behaviors) grows as we use more benign samples (x-axis) to train the model. Which system do you prefer according to the figure? Give two reasons. (dotted-Alice, line-Bob)
ID Projek: #22455539
Tentang projek
Dianugerahkan kepada:
3 pekerja bebas membida secara purata $27 untuk pekerjaan ini
Hi, I'm a security researcher from Pakistan. I have been working in CyberSecurity field for the past 2 years. Signature-based detection can be implemented easily using a traffic monitoring tool. However, the task 2 Lagi
1) ok. 2)bob. I will build my own defense server in front of your server. Hello Dear! I am a hard worker having good delivery. You will feel always gorgeous about your project's going if you hire me. EVEN super gorge Lagi