This is a short threat analysis exercise, worth 15% of your overall grade. Answers to the questions below should be submitted using Gradescope.
A popular software application is distributed to its users via a website. A particular user downloads this application to run on their PC.
The user’s PC is running a security tool named AppCheck, designed to detect the presence of suspicious executable fifiles on the system. AppCheck works by computing the MD5 hash of each downloaded executable fifile that it fifinds on the system, comparing that hash with a database of known hashes for popular software applications. If a computed hash does not match the value found in the database, AppCheck will display a warning to the user.
This database of known hashes is maintained and regularly updated by the developers of AppCheck. An up-to-date copy of the database is downloaded automatically by AppCheck onto the user’s PC, once a day.
Question 1 (18 marks)
Consider the threat that the user in the scenario above might download malware pretending to be the popular software application, and that AppCheck will fail to issue a warning about this.
Discuss three distinctly difffferent ways in which an attacker might achieve their aim of preventing AppCheck from issuing a warning for the malware.
Each attack discussion is worth 6 marks. For full credit, you need to think of difffferent approaches rather than describing minor variations of the same attack.
Hint: consider all aspects of the AppCheck system and how it operates on the user’s PC. You may fifind it useful to sketch a data flflow diagram for the systems involved in the scenario, to give you a focus for your thinking. (Note: we do not expect to see this diagram, and you will not be able to submit it.)
Question 2 (12 marks)
Discuss measures that can be implemented to mitigate the difffferent attacks described in Question 1.
Each discussion is worth 4 marks (1 mark for identifying the measure properly, 3 further marks for explaining in suffiffifficient detail why this solves the problem).
Submit your answers to the preceding questions using Gradescope, via the link provided for this purpose in the Submit My Work subfolder in Minerva. You will fifind this in the Assessments and Feedback folder.
The deadline for submission is 10.00 on 27 October 2022.
本网站支持淘宝 支付宝 微信支付 paypal等等交易。如果不放心可以用淘宝交易！
E-mail: email@example.com 微信:itcsdx