HW Assignment 9

(10 points) Explain the correlation between OSI and TCP/IP model. Then provide example
protocols for Applications and Transport layers in TCP/IP model.

 Application Layer protocol: HTTP, FTP, SMTP

 Transport Layer protocol: TCP, UDP

(5 points) Explain the difference between TCP and UDP Transport protocols.

TCP UDP

 Connection-Oriented  Connectionless

 Reliable  Unreliable

 Acknowledgment is sent after  No acknowledgment

receiving the packet
 E.g.: RTP, SMTP  E.g.: FTP, TELNET

(4 points) Answer the following questions based on the format of a TCP packet:

a. How many bits are reserved for control information?

96 bits are reserved.
b. How many bits is reserved for source address?
16 bits are reserved.
c. How many bits is reserved for destination address?
16 bits are reserved.
d. How many bits is reserved for payload?
The payload bits are variable.
(6 points) Fill in the blanks:

a. ______Dynamic IP routing____ is based on travelling datagrams through internetworks

one hop at a time. The entire route is unknown at the beginning of the journey.
b. _____Multicasting_____ is group-based communication. It can be one-to-many or many-
to-many distribution.
c. The most important requirement of a ___Converged____ network is the ability to treat
different data types differently.
d. ___VoIP____ process transmits telephone calls (voice) over the internet.
e. ____ H.324___ is the standard recommended by the ITU for low bit-rate voice
transmission over the Internet.
f. ___Plain text _____ is an unencrypted message data.

(5 points) Describe the encryption process and the way it works.

Encryption is the process in which we convert plain text into ciphertext. Ciphertext means a random
and meaningless text which cannot be understood without decryption.

(10 points) How is a Brute-force attack different from the Dictionary attack?

Brute-force: A brute force attack is when a Hacker tries all possible combinations of a password to
get the password. This is resource intensive as there can be so many possible combinations. The
possible number of combinations for an 8-character password with alphabets and numbers. The
longer the password more time needed to crack.

Dictionary attack: A dictionary attack is a kind of brute-force attack where the hacker, does not try
all possible combinations but only tries the password from a dictionary file. The file will have some of
the most used passwords and some combination of those. Attackers commonly publish password
dictionaries after attacks so that they can be used in the future by other hackers.

(5 points) Suppose you want to create password using lowercase (a~z) and uppercase (A~Z) English
alphabet characters, as well as numbers 0~9. How many possible passwords can be generated if
the length of the password is 5?

26 alphabets in lowercase, 26 alphabets in uppercase, and 0 to 9 are 10 digits.

26+26+10 =62

And the length is 5

So, 62^5 = 916132832 possible passwords

(5 points) What is password entropy? How is it calculated?

Password entropy means how unpredictable the password is.

Formula : log2(x) in upper problem x=62

(10 points) What is malware and what are its classifications? Explain each type. What is the base
of these classifications?

Malware or virus are interchangeable terms. It means accessing the device without the owner’s
permission.

 Adware typically collects the types of websites that you visit so advertisers can display
custom advertisements.
 Spyware, like adware, will often send your browsing activities to advertisers.
 Computer Virus primary characteristic of a computer virus is malicious software that cyber
criminals program to reproduce. It usually does so by attacking and infecting existing files on
the target system.
 Worm are infectious and cybercriminals design them to replicate themselves. However, a
worm replicates without targeting and infecting specific files that are already present on a
computer.
 Trojan is a malicious program that misrepresents itself to appear useful. Cybercriminals
deliver Trojans in the guise of routine software that persuades a victim to install it on their
computer.

(10 points) Define malware payload. What are the main characteristics of malware payload?

A payload is the component of the attack which causes harm to the victim. Attack vectors such as
viruses, worms, and malware can all contain one or more malicious payloads.

a. Display irritating messages and unnecessary ads.

b. Upload or download files
c. Cause slow response time
d. Cause network traffic jams
e. Disable antivirus and malware detection software
f. Allow remote access of device
g. Steal credit cards and personal information by recording the keystrokes
h. Delete or modify data and files

(5 points) Explain how does a computer worm spread?

Where a worm differs from a virus is that it typically doesn’t infect or manipulate files on its own.
Instead, it simply clones itself repeatedly and spreads via a network (say, the Internet, a local area
network at home, or a company’s intranet) to other systems where it continues to replicate itself.

(13points) Define the following concepts:

a. Spyware: A software that secretly gathers user’s information without their knowledge.
b. Man-in-the-Middle: An eavesdropping exploits known as the middleman.
c. Spam: The unsolicited messages that are usually sent in massive numbers using email
d. Phishing: An email scam that acts as a message from an organization or company to get
information from people.
e. Pharming: The process of redirecting website traffic to a fake or fraudulent website.
f. Multiplexing: The process of incorporating something to multiplex signal or system.
g. Modulation: The controlling of the characteristics of a signal in the desired way.
h. Bandwidth: The amount of data that is carried from one source to another source within a
fixed period
 i. Synchronous communication: A transmission that transfers a large amount of data but
requires a coherent clock signal between the transmitter and receiver
j. Asynchronous communication: A transmission that uses framing bits to signal the beginning
and end of the receiver
k. Simplex communication: The communication that is only in one direction from the
transmitter to the receiver
l. Half-duplex communication: The two-way communication that is only one direction at a
time.
m. Full-duplex communication: Simultaneous two-way communication is known as Full-duplex
communication.

(4 points) Find the efficiency and overhead for asynchronous transmission of a single 8-bit ASCII
(American Standard Code for Information Interchange) character with one start bit and one stop
bit

Efficiency:

8
Eff = (10∗100 %) =80 %

Overhead:

100 -Eff = 20%

(8 points) What is noise, and SNR? Explain different types of noise and where each type of noise is
found.

The unwanted electrical signal disturbance in the electrical signals is called noise.

Signal to Noise Ratio (SNR) measure used to compare the level of the desired signal to background
noise.

Examples of noise:

 Continuous: It is found in ventilation.

 Intermittent: Increases, decreases at a fast rate. It can be found in trains
 Impulsive: shocking. It is found in the demolition industry.
 Low Frequency: we are always exposed to it, spreads easily. It is found in the engine.