## Description

Make sure you include referencing for answers where it would obviously be needed.

1. You have two puzzles with parameters as follows:

Puzzle A: One sub–puzzles. k = 5.

Puzzle B: Four sub-puzzles. k = 3.

You should provide, for both cases other than part (b), the following:

(a) The distribution of the number of cases that require each number of hashes. 1 Mark

(b) Explain the method you used to obtain your distributions. Don’t go into too many detailsor show working, it’s more “I wrote a C++ program to … and then using … I …”. 0.5 Mark

(c) A graph of the distribution of the data above. 0.5 Mark

(d) The average number of hashes needed. 0.5 Mark

(e) The standard deviation for the distribution of the number of hashes needed. 0.5 Mark

You should assume that if there are N possible solutions you check the Nth by hashing even if all others have failed and there has to be a solution.

2. Which general security principle is violated in the following pseudo-code? Modify the pseudo-codeto fix the potential security problem. 1 Mark

permit = CheckAccess() IF (permit == Access_Denied) Print “Access Denied”

ELSE

Print “Access Granted”

Run Function()

3. Consider that the incidence of viral attachments in email messages in 1 in 800. Your malware checkerwill correctly identify a message as viral 95% of the time. Your malware checker will correctly identify a message as non–viral 95% of the time. Your malware checker has just flagged a message as being malware. What is the probability that the message is actually okay? Justify your answer using Bayes theorem. 1 Mark

4. Describe, in your own words, a specific instance of an insider placing malware within a system. Youshould describe the type of malware placed, the expected likely impact, and some details regarding the outcome. This is not meaning a hypothetical scenario you have made up, find an actual real world example. 2 Marks

5. Every hour the worm X spreads from each infected computer to one previously uninfected computers. In answering these questions you should explain how you determined your answers.

(a) Give a table showing the number of infected computers at each hour across a 24 hour period.

At time t = 0 the number of X infected computers is N = 1. 0.5 Mark

(b) By time t = 6.5 a counter worm W has been developed and it is deployed on one infected computer. W removes malware X from any host W is on. The counter worm W spreads slightly more quickly than X, with each W spreading to two X infected hosts each hour, provided such hosts are available.

Provide another table showing the spread of W and the impact on X across an appropriate time frame, starting from t = 0 again.

Note the offset in time means that at t = 6.5 the number of X infected computers reduces by 1, so the spread of t = 7 will be slightly smaller than before. Overall the number of X infected computers will go up on the hour, and down on the half hour. 1.5 Marks

(c) Graph the two cases against each other, clearly indicating on it where N = 0. 0.5 Mark

(d) Assume that at time t = 9, X evolves to spread to three uninfected computers each hour. What subsequently happens? 0.5 Mark

6. Briefly describe, in your own words, each of the following. Be sure to specify the domain and natureof each.

(a) An XML bomb. 0.5 Mark

(b) BlueSmack. 0.5 Mark

(c) Mydoom. 0.5 Mark

(d) Torpig. 0.5 Mark

Notes on submission

1. Submission is via Moodle.

3. Submissions more than three days late will not be marked, unless an extension has been granted.

## Reviews

There are no reviews yet.