CS 32 Project 4 Word

CS 32 Project 4 Word - CS32 Fall 2009 Project 4 Hackers...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
CS32 Fall 2009 Project 4 Hackers Begone! Due: 9 PM, March 12, 2009
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Table of Contents Table of Contents ................................................................................................................ 2 Introduction .......................................................................................................................... 3 Network Communications Primer ....................................................................................... 6 How to Scan Packets ............................................................................................................ 7 Task #1: Reassemble the network stream from the packets ........................................... 7 Task #2: Write an efficient signature scanning engine to scan the reassembled buffer . 9 Task #3: Tracking detected attacks as Incidents ............................................................ 12 How Your Class May Be Used .......................................................................................... 13 Functional/Implementation Requirements ......................................................................... 14 What to Turn In .................................................................................................................. 15 Grading .............................................................................................................................. 16 I’m Overwhelmed! Help! ................................................................................................... 17 Appendix A ........................................................................................................................ 18 Appendix B ........................................................................................................................ 19 2
Background image of page 2
Introduction For your fourth and final project, you’ve been hired by the SmallbeNach software company, the world’s 352 nd largest cybersecurity provider, to program a new Intrusion Prevention System (IPS) for use in their popular Horton AntiVirus software line to detect network-based attacks on PCs. What’s an Intrusion Prevention System? Well, it’s a software module that scans internet packets for malicious attacks and then blocks attacks. Modern security programs, like Norton Internet Security 1 , scan the contents of all incoming (from the Internet to your computer) and outgoing (visa versa) network packets for attacks that may harm your computer or originate from your computer and harm other computers. If an attack is found in any packet, that packet can be dropped and prevented from reaching/leaving your computer. The most common type of IPS is called a signature-based IPS. A signature-based IPS works by scanning all network packets against a set of one or more expert-written signatures. Each signature is a string of characters that can be used to identify an attack. For example, let’s consider a hypothetical attack where the attacker embeds the following
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 11/07/2009 for the course CS 32 taught by Professor Davidsmallberg during the Winter '08 term at UCLA.

Page1 / 21

CS 32 Project 4 Word - CS32 Fall 2009 Project 4 Hackers...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online