Ask Question, Ask an Expert

+61-413 786 465

info@mywordsolution.com

Ask Homework Help/Study Tips Expert

Project: Defeating SkyNet - Part 2: Commanding the Legion

Introduction

In the first part, you created the base foundations of a botnet. Part 2 of the project extends upon this and implements some core security features most recently used in the Conficker worm. Using these cryptography methods, Conficker was able to remain out of the control of hackers, well-funded organisations and even the US government.

The new features for SkyNet include:

  • Using public key cryptography to ensure only data or updates sent out by the botnet master are downloaded by the bot.
  • Using public key cryptography to ensure no-one but the botnet master can decrypt valuable data sent by the bot

SkyNet will be using advanced cryptography to protect itself against well-funded organisations, government agencies and other hackers. What you will be implementing here is inspired by real world cases such as the Conficker work. To have any chance of defeating such a threat, you need to understand how they defend themselves.

Note that you will use the same repository and code base from Project Part 1 in Part 2.

Part 2: Protecting the Castle

1. Securely Updating SkyNet

In the previous part of the project, uploads were supplied to the bot via another bot using peer-to-peer (P2P) or a central website (pastebot.net). As you might have noticed, these updates were not verified in any secure way. By default, updates only needed to start with a specific string (Caesar) to be considered 'signed' from the botnet master. Any third parties with trivial reverse engineering knowledge would be able to realise this and create their own 'signed' updates.

You must devise a scheme where the botnet master is able to securely sign updates for SkyNet. Bots should perform this verification on updates retrieved via P2P or a website.

The exact mechanism by which this occurs is up to you, though some form of public key cryptography is suggested. Your signature scheme should also remain secure even when confronted with attackers who have access to significant resources. The scheme should also be secure even if an attacker reverse engineers your program or the source code for your bot is stolen or released.

2. Securely Transferring Valuable Data to the Botnet Master

As part of their operation, the bots in SkyNet collect valuable data that is then sent to the botnet master. In the current codebase, this valuable data is uploaded in plaintext to pastebot.net. As it is plaintext, the data could be read by anyone who is able to intercept or access these uploads.

You must devise a scheme where the bots are able to securely upload valuable data to pastebot.net. No-one but the botnet master should be able to read the contents of these uploads. The exact mechanism by which this occurs is up to you, though some form of public key cryptography is suggested.

3. Code Checklist             

  • Enable signing and verification for any botnet updates. This requires signing code in master_sign.py and verification code in the verify_file function in lib/files.py.
  • Ensure the upload_valuables_to_pastebot function securely encrypts the data so it's only accessible to the botnet master. You also need to modify master_view.py to allow the file to be decrypted and read by the botnet master.

You should be able to:

  • Create and sign a new botnet update
  • Test bot update verification by trying to download a legitimate update and a fraudulent update from pastebot.net
  • Test bot update verification when downloading updates via P2P
  • Upload valuables of arbitrary size to pastebot.net in an encrypted manner
  • Decrypt encrypted valuables of arbitrary size using the botnet master's private key

Your code should be well commented and in neat order.

4. Documentation

You are to write a two page design document outlining the security you implemented with your system. Your choices for authentication, confidentiality and integrity for the SkyNet botnet should be justified.

Specifically, you should provide a brief answer to these questions:

  • How do you ensure the only one who can send updates to SkyNet is the botnet master?
  • How do you protect the valuable information to ensure it can only be read by the botnet master? Remember that anyone can read the information uploaded onto pastebot.net.
  • How do you ensure the botnet updates signed by the botnet master cannot be forged or modified?
  • If SkyNet's botnet code is dismantled and/or the source code for it stolen, does your scheme become less secure?
  • Give an indication of how di?cult it would be for an adversary to take control of SkyNet when your protections are used.

5. Disclaimer

This is not an operational botnet nor do we intend you to create one. To defeat blackhat hackers, you must understand how they work and the tools they use. Recent botnets have used advanced computer science and crypto-graphic methods in order to remain secure from both hackers, well-funded organisations and even governments. These advanced methods are what we intend you to learn and what we believe will help you detect, prevent and disassemble such attacks in the future.

Attachment:- Assignment Files.zip

Homework Help/Study Tips, Others

  • Category:- Homework Help/Study Tips
  • Reference No.:- M92311141
  • Price:- $120

Guranteed 48 Hours Delivery, In Price:- $120

Have any Question?


Related Questions in Homework Help/Study Tips

Question write a critical evaluation of your learning

Question: Write a critical evaluation of your learning outcome. In your response, consider: 1. Consider the content of this class as they relate to information management/IT and managerial decision making. 2. Base on the ...

For all assessments the following general requirements

For all Assessments, the following general requirements hold: (1) Assignments should be 2-3 double-spaced pages, with reasonable (12 pt.) font and reasonable (1 inch) margins. (2) Citations to the material and in-text ci ...

Concepts and frameworks of occupational therapy assignment

Concepts and Frameworks of Occupational Therapy Assignment - The Assignment Question - Analyse the factors that have influenced Occupational Therapy over time, discussing how Occupational Therapy has evolved in response ...

Question healthy people 2020 organizes the determinants of

Question: Healthy People 2020 organizes the determinants of health around five key domains: economic stability, education, health and healthcare, neighborhood and built environment, and social and community context. Thin ...

Question in our world today it takes time and patience to

Question: In our world today, it takes time and patience to gain someone's trust, especially if an individual is a client that is seeing a psychologist. There are some cases where the client basically bares their soul. W ...

Question your task for this piece of assessment is to

Question: Your task for this piece of assessment is to critically discuss professional issues and leadership challenges for the graduate registered nurse and argue for realistic and achievable actions and goals. 1. Analy ...

Question - from among the four alternatives given below

Question - From among the four alternatives given below, which letter replaces in the given table the question mark? 3 P 8 9 G 11 2 U 4 3 W 1 7 ? 18 A. A B. B C. S D. Y

Organizational changefind a company that went through a big

Organizational Change Find a company that went through a big change within the last 12 months. The change may be a merger, buyout, downsizing, expansion, new marketing strategy, culture change within the company, change ...

Question what is the impact to the nursing profession and

Question: What is the impact to the nursing profession and to the public related to the projected nursing shortage? Discuss at least one way that the nursing profession is working toward a resolution of this problem. The ...

Special educator interview set up a meeting to interview a

SPECIAL EDUCATOR INTERVIEW Set up a meeting to interview a classroom teacher, special education teacher, resources teacher, specialist, guidance counselor, Sunday school teacher, children's pastor, etc., who you perceive ...

  • 4,153,160 Questions Asked
  • 13,132 Experts
  • 2,558,936 Questions Answered

Ask Experts for help!!

Looking for Assignment Help?

Start excelling in your Courses, Get help with Assignment

Write us your full requirement for evaluation and you will receive response within 20 minutes turnaround time.

Ask Now Help with Problems, Get a Best Answer

Why might a bank avoid the use of interest rate swaps even

Why might a bank avoid the use of interest rate swaps, even when the institution is exposed to significant interest rate

Describe the difference between zero coupon bonds and

Describe the difference between zero coupon bonds and coupon bonds. Under what conditions will a coupon bond sell at a p

Compute the present value of an annuity of 880 per year

Compute the present value of an annuity of $ 880 per year for 16 years, given a discount rate of 6 percent per annum. As

Compute the present value of an 1150 payment made in ten

Compute the present value of an $1,150 payment made in ten years when the discount rate is 12 percent. (Do not round int

Compute the present value of an annuity of 699 per year

Compute the present value of an annuity of $ 699 per year for 19 years, given a discount rate of 6 percent per annum. As