辅导案例-CI6232

欢迎使用51辅导,51作业君孵化低价透明的学长辅导平台,服务保持优质,平均费用压低50%以上! 51fudao.top
CI6232
Intrusion Detection
Assignment Brief
WKWSCI - MSIS (CI6235) 1
Assessment
• Assignment I – 30 % [Report & Presentation]
• Assignment II – 60% [Report & Code]
• Participation (Assignment I) – 10% [Posting of
Questions]
2WKWSCI - MSIS (CI6235)
Assignment Brief
Assignment I
• Learning Objectives
• Problem Statement
• Expected Deliverables
• Grading & Schedule
3WKWSCI - MSIS (CI6235)
Assignment Brief
Learning Objectives
(For Assignment I)
§ For this assignment
– Learn to apply Cyber Kill Chain & MITRE ATT&CK
to a real-world incident
– Team Assessment (up to 4)
4WKWSCI - MSIS
(CI6235)
Assignment Brief
Selection Guidance
(For Assignment I)
§ Choose an Incident that minimally has …
• Details about how the attacks were carried out
• Details about involved intermediaries (part of the
adversarial attacks or victims)
5WKWSCI - MSIS
(CI6235)
Assignment Brief
Deliverable
(For Assignment I)
§ Expected in Assignment Deliverable (PPT)
– List the Cyber Kill Chain techniques used
– List the MITRE ATT&CK techniques used
– Reconstruct the Event (Adversarial Playbook – Techniques ordered by
time)
§ PPT Structure [<15 slides]
– Incident Background [up to 2 slides]
– Cyber Kill Chain [up to 4 slides]
– MITRE ATT&CK Techniques [up to 4 slides]
– Event Reconstructed [up to 2 slides]
§ Details in PPT
– Include details and references in Notes section of each slide
6WKWSCI - MSIS
(CI6235)
Assignment Brief
Presentation
(For Assignment I)
§ Team Presentation
– 15 mins Presentation with 5 mins Q&A (queries posted
earlier)
– Focus on attack techniques and event reconstruction
– Team to address two queries (posted online)
– All team members to present at presentation (via Zoom)
§ Others (individual assessment)
– Post Queries
7WKWSCI - Div of Information Studies
(CI6235)
Assignment Brief
Grading
(For Assignment I)
§ Grading
– For Team Report (in PPT’s note sections), Content: 50%
– For Team Presentation, Content: 25% and Q&A: 25%
– For Individual, Participation with Query (minimally two
queries): 100%
§ Submission Requirement
– PPT: Incident Background, Identified Cyber Kill Chain & MITRE
ATT&CK Techniques, Event Reconstruction
– Post PPT into Discussion Forum -> “Assignment I”
8WKWSCI - MSIS (CI6235)
Assignment Brief
Schedule
(For Assignment II)
§ Submission
– Team Composition by 12 Sep 2020
– Topic Selection by 12 Sep 2020
– Team Submission of Presentation Slides in BlackBoard
Discussion Forum by 10 Oct 2019
– Individual’s question postings by 24 Oct 2020
– Team Presentation with Answers to Queries on 7 Nov
2020
9WKWSCI - MSIS (CI6235)
Assignment Brief
Assignment II
• Learning Objectives
• Problem Statement
• Expected Deliverables
• Grading & Schedule
10WKWSCI - MSIS
(CI6235)
Assignment Brief
Learning Objectives
(For Assignment II)
§ For this assignment
– Learn how to develop a ML / AI solution to solve a specific
problem (network DFIR)
– Experience the development process (of applying ML/AI to
address such problem / challenge)
– Test dataset (PCAP) will be provided (training and validation
datasets will need to be self-sourced)
– Solo submission (however collaborative development
allowed – only up to validation stage)
11WKWSCI - MSIS (CI6235)
Assignment Brief
Problem Statement & Datasets
(For Assignment II)
§ Choice one of Two Problems
– Identify what user’s network activities
– Identify hacking tool is being used
§ Example of Dataset Sources
– Datasets for Cyber Forensics -
https://datasets.fbreitinger.de/datasets/
– Cyber Security dataset -
https://github.com/shramos/Awesome-Cybersecurity-
Datasets
12WKWSCI - MSIS (CI6235)
Assignment Brief
Structure Deliverable
(For Assignment II)
§ Sections
1. Selected forensic problem,
2. Survey of Related Work
3. Selection of existing computational methods or Design of new
algorithms on demand
4. Data gathered
5. Define design of experiments
6. Details of how algorithm is prepared that includes data pre-
processing and training of algorithm using gathered training
dataset
7. Evaluate algorithm with gathered validation dataset
8. Analyze Test dataset manually using tool(s)
9. Evaluate algorithm with provided Test dataset
10. Conclusion
11. Appendix – Source Code
13WKWSCI - MSIS (CI6235)
Assignment Brief
Deliverable Format
(For Assignment II)
§ Report
– Describe the algorithms / model used or developed
– Maximum word count of 5000 (as a guide)
– Report Format : IEEE Conference Report
https://www.ieee.org/conferences/publishing/templates.html
– Source code to be included in report
14WKWSCI - MSIS (CI6235)
Assignment Brief
Grading
(For Assignment II)
§ Grade Assignment
– Solution (Algorithm design, training & validation): 50%
– Test (with provided test dataset): 25%
– Report (Structure and Write-up) : 25%
§ Grading Dimensions
– Completeness (solving problem with validation and testing
datasets)
– Novelty (Algorithms)
15WKWSCI - MSIS (CI6235)
Assignment Brief
Schedule
(For Assignment II)
§ Test dataset (Distributed on 24 Oct 2020)
– Dataset will match problem type
– Apply developed algorithm to test dataset
§ Submission Deadline (Due by 7 Nov 2020)
– Complete Report with Source Code
– Submission via TurnItIn
– Penalty for late submission
– No presentation
§ Source Code Retention (Till 14 Nov 2020)
– In case, further validation and testing needed
16WKWSCI - MSIS (CI6235)
The End
Assignment Brief
WKWSCI - MSIS
(CI6235)
17

欢迎咨询51作业君
51作业君

Email:51zuoyejun

@gmail.com

添加客服微信: abby12468