Recent Question/Assignment
ITNE2002
Network and Information Security
Assignment 2
July 2018
Instruction
In this assignment, you are asked to write a report on a topic of your choice and upload it in Moodle by the due date mentioned in the Teaching and Assessment Plan or as per Lecturer’s instruction.
Report Writing and Presentation
• A one-page description of a topic (choose one from following list provided below) you want to report and present:
– Only one student can select one topic (i.e., first come first serve basis)
– No team work allowed
– You have to prepare a 5-minute presentation of the major ideas of the topic in your report
– An in-depth survey on the major topics in recent developments of information security
• The content and depth of your surveys will be considered in the final score.
• Topics should focus on selected parts in recent developments in information security, for example,
– Cloud security or privacy (e.g., cloud storage security and cloud computing security)
– Social network security or privacy (e.g., Facebook privacy issues)
– Smart phone security (e.g., Android “Fake-ID” problem and iCloud security) – Recent security bug: “Shell Shock” for bash, “heartbleed” for OpenSSL,. Class Presentation: 5-minute presentation per student
Word limits: 1250 to 1500
Reference Style
In this course, the Harvard reference style is preferred. Please familiarize yourself with the style. Your ability to use proper academic style will form part of the assessment.
Plagiarism
Note that plagiarism or Copy/Paste from Google or any source is NOT acceptable. Your works will be checked with special software. The source of all material must be clearly cited, whether it be published or unpublished, and all assistance, whether in writing or orally, must be acknowledged.
Topics to choose from
1. Google Play - Wallet security
2. Mobile Device / Smart Phone Security
3. USB has become hacked pipeline, the well-known USB virus introduced
4. Cloud security and privacy
5. Security of network DropBox Cloud Drive
6. DDOS attack Network
7. Cyber warfare
8. SALITY (malware)
9. OpenSSL Heartbleed Loophole
10. SQL Injection
11. Social network security/privacy proposal
12. Facebook privacy issues
13. OpenSSL: The Heartbleed Bug
14. Smartcard security authentication mechanism
15. Mobile payment systems security
16. Android broadAnyWhere bug
17. Improving App Privacy
18. E-mail- phishing
19. iCloud Vulnerability
20. iOS Masque Attack
21. TOR - Often referred to as the ‘Dark’ or ‘Deep’ Web. Anonymous Access is Good or
Evil
22. Teamviewer Privacy and security Encryption
23. Bring your own device security model
24. Line Communication Security Event
25. Bitcoin
26. Instagram privacy
27. Shellshock vulnerability
28. Internet of Things Security
29. Extortion Hacks
30. Embedded Hardware Hacking
31. Advanced Persistent Threat
32. Chip-and-PIN Innovations
33. Symantec Endpoint Protection (SEP) Loophole
34. Heartbleed for OpenSSL
35. Driverless cars and data security
36. POS software and malicious attacks
37. Concerns about Cloud Storage
38. Biometric data security
39. Cyber Insurance
40. Threat assessments / Penetration Testing
41. Legacy technology security issues
42. Authentication in distributed systems
43. Identity and Access Management / Federated Identity
44. Federated Identity Standards
45. SSL 3.0 security
46. Information Security Management / ISO 27001
47. Region (malware) analysis
48. Audit Trail
49. Web spam taxonomy
50. Malicious Insiders
Assessment Criteria
Following is the criteria.
Criterion Marks
Clarity of ideas, discussion and examples
(coherent and well-structured piece of writing) /2
Relevance to selected topic /5
Documentation
(accuracy of referencing and relevance to topic. Use of primary data) /2
Presentation /6
Total
/15