CS 610 Computer Networks
Assignment # 05
FALL 2011
Total Marks = 20
Deadline
Your assignment must be uploaded / submitted before or on January 16, 2011
Upload Instructions
Please view the assignment submission process document provided to you by the
Virtual University of Pakistan
Rules for Marking
Please note that your assignment will not be graded if:
• It is submitted after due date
• The file you uploaded does not open
• The file you uploaded is copied from someone else or from internet.
• It is in some format other than .doc
Objective
The objective of this assignment is to give you practice in critically review the research paper related to the new trends in computer network. After preparing this assignment, you will be able to review and analysis of the research paper.
Note: Material that is an exact copy from other student assignment would be graded zero marks. Please write in your own words.
Assignment Statements:
The research paper is already uploaded on LMS (course announcement). The title of research paper is “Network Security: It is a process, not a product”.
Please provide brief answer to each question (maximum 5 lines) related to this paper. Write all questions in your own words.
Q1. If DOS attack happens in your network then which precautionary measures will you take to prevent that? Marks 10
Q2. In how many ways can we detect system against cyber attacks?
Marks 10
it is very simple. the reasearch paper is attached.the solution is,
ReplyDeleteQ1. If DOS attack happens in your network then which precautionary measures will you take to prevent that? Marks 10
Ans. The way DoS and DDoS attacks are perpetrated, by exploiting limitations of protocols and applications, is one of the main factors why they are continuously evolving, andbecause of that presenting new challenges on how to Combat or limit their effects. Even if all of these attacks cannot be completely avoided, some basic rules can be followed to protect the network against some, and to limit the extent of the attack:
• Make sure the network has a firewall up that aggressively
keeps everything out except legal traffic.
• Implement router filters. This will lessen the exposure to
certain denial-of-service attacks. Additionally, it will aid in
preventing users on network from effectively launching
certain denial-of-service attacks.
• Install patches to guard against TCP/IP attacks. This will
substantially reduce the exposure to these attacks but may
not eliminate the risk entirely.
• Observe the system performance and establish baselines
for ordinary activity. Use the baseline to gauge unusual
levels of disk activity, CPU usage, or network traffic.
Q2. In how many ways can we detect system against cyber attacks?
Ans.
There are at least three ways to prevent an attack, and all three are ultimately forms of active defense. One is to deterthe attacker by having a demonstrated capability to punish the attacker. This implies that the attacker understands the
risk of being identified and located; that the defender is seen as credible in a resolve to punish, and that the “cost” of punishing is acceptable to the defender. A simple situation is ,when the attacker suffers a large “front end” loss through
discovery during the probe phase and the defender can accomplish that discovery cheaply. When the cost to the defender to punish is less than the loss that can be caused by the attacker, there will clearly be an incentive to develop
ways of discovering attackers. But the more common situation is when the relatively high costs of legal. Prosecution of a single attacker are returned in reduced losses over the longer term.
Read more: CS610 Assignment No 5 Solution & Discussion Due Date: 16-01-2012 - Virtual University of Pakistan http://vustudents.ning.com/group/cs610computernetwork/forum/topics/cs-610-assignment-no-5-loo-fir-aa-gai-jay-assignment#ixzz1jWR84Y20