University of Sunderland

School of Computer Science

CET324 – Advanced CyberSecurity

Assignment 2
2021-2022

The following learning outcomes will be assessed:

 The ability to outline the principles and applications of cyber security,
secure systems and network security system design and validation.
 The ability to apply the principles and techniques from cyber security to
deal with the complex issues involved in effectively designing and
implementing computer and network systems whilst identifying and
minimising the security risks, effectively implementing a reliable and
effective security protocols and identify suitable metrics to quantify and
measure levels of security.
 The ability to apply the principle and technique form cyber security to
deal with aspects and complex issues in web systems and digital
forensics.

Important Information

You are required to submit your work within the bounds of the University
Infringement of Assessment Regulations (see your Programme Guide).
Plagiarism, paraphrasing and downloading large amounts of information from
external sources, will not be tolerated and will be dealt with severely.
Although you should make full use of any source material, which would
normally be an occasional sentence and/or paragraph (referenced) followed
by your own critical analysis/evaluation. You will receive no marks for work
that is not your own. Your work may be subject to checks for originality which
can include use of an electronic plagiarism detection service.

For this assessment you are asked to submit an individual piece of work,
therefore the work must be entirely your own. The safety of your
assessments is your responsibility. You must not permit another student
access to your work.

Referencing for this assessment should be done using the Harvard

referencing system. (see your Programme Guide).

Please ensure that you retain a duplicate of your assignment. We are

required to send samples of student work to the external examiners for
moderation purposes. It will also safeguard in the unlikely event of your work
going astray.
 Submission instruction:
Submission Date and See assignment submission page for submission date
Time
Submission Location Digital copy via Canvas
Document Format  A zip file containing the full source code for a
fully operational system. The system should
operate correctly.
 A Microsoft word document containing the
rational of the your method and the relevant
screenshots of your system indicating and
illustrating the functionalities of the system.
 System demonstration. Your screencast
should be in MPEG or MOV file format titled
“studentID_screencast”

Replace “studentID” with your university student

ID.
Submit the file in the allocated assignment
submission windows on Canvas.

Maximum hours it 48 hours

should take to
complete
Assignment weight 60%
Other requirements You must adhere to the above assessment
requirements.

Your report will be checked for

collision/plagiarism.
Assignment Specification

Part 1 – system design (50 marks)

Produce a computer programme (in your choice of language) for a prototype
system which illustrates appropriate design of security systems and the
application of programming principles to cybersecurity applications.

Participating in online communities require users to register on the platform to

create a user account. The registration process should be secure to protect
user information. One of the steps often involves using captchas to validate
that the request for registration is made by a human user rather a machine,
e.g., bot.

You are required to produce a computer programme containing the following

features as minimum:
 A user interface to prompt a user to create an account by providing
username and password.
 Algorithmically determine the strength of the chosen password by the
user.
 Provides suitable feedback to user about the password strength. You
should research password strength criteria and use your finding to help
you with this task.
 Implement a captcha function to determine that registration request is
made by a human user. For this task, you should research different
types of captchas and implement one type.

Your prototype and prototype design should illustrate and embed good secure
system design and apply appropriate cybersecurity principles and techniques
showing your understanding and knowledge of secure system design. Where
appropriate, you should make use of robust policies and procedures for
password – for example (but not limited to) frequency of change, strength of
password, preventing repetition of passwords, use of encryption etc.

Part 2 – report (25 mark)

Produce a report of about 750 words justifying your chosen approach to the
implemented password and captcha features. You should support your
chosen approach and decision by your literature research. For example, if you
have chosen a specific type of captcha or password combination, support
your decision for selecting them by using citing literature sources that highlight
their strengths.

Part 3 – system demonstration (25 marks)

Prepare up to 10 minutes of recorded visual presentation with audio showing
all the features and functionalities of your implemented software. Your
presentation should show at least the following aspects of your system:
 Clear view of the user interface.
 All the system functionalities as stated in part one of the assignment.
 Clear view of the source code generating the user interface.
Criteria Fail (0-39) Pass (40-49) Good (50-59) Very Good (60-69) Excellent (70-100)
The full source No zip file is A zip file is A zip file is A zip file is A zip file is submitted
code of the submitted. Or, a submitted but it is submitted and it submitted and it and it contains all the
system zip file is missing some of contains only the contains only the required and
(10%) submitted but it is the required and essential system essential system essential system files
missing most of supplementary files but it is missing files but it is missing including
the required and files for the full extra/supplementar some of extra/supplementary
supplementary operation of the y files, such as extra/supplementar file, such as updated
files. system. updated y file, such as REAMDE.txt file
REAMDE.txt file updated
REAMDE.txt file
Correct The system Some of the Most of the required All of the required All of the required
functionality of functionality is system system system system functionalities
the program. The incorrect and functionalities are functionalities are functionalities are are implemented and
original system there is very correct and there implemented and implemented and work correctly.
functionality minimal attempt at is some attempt at work correctly. The work correctly but
shouldn’t solving the solving the logic of the the logic of the
change, and problem. problem. implementation is implementation is
your extended confusing. confusing.
functionality
should also work
correctly.
(50%)
A Microsoft word The document is The document is The document is A well-presented A well-presented
document unsatisfactorily satisfactorily satisfactorily document showing document showing all
containing your presented. It presented. It presented. It shows most of the the extended course
rational of your doesn’t contain shows some of most of the extended source code clearly and they
chosen most of the the extended extended source code clearly but not are presented
approach for the extended code. code. Each code clearly but not logically. Each logically. Each
system design The screenshots screenshot of the logically. Most of screenshot clearly screenshot clearly
(20%) of the extended extended source the screenshots shows the extended shows the extended
source code code shows the show the extended source code and source code and they
doesn’t clearly program code but source code but there is good are described well.
show the program there is lack of there is lack of description.
code and there is description. description.
lack of
description.
Demonstration No coherent Relevant, little Relevant, some Relevant, coherent Excellent and
(20%) structure and coherent structure coherent structure and logically relevant, content,
organisation. and organisation. and organisation. structured with no coherent and logically
Some irrelevant or Some and Relevant content inconsistency or structured. Excellent
poorly presented acceptable but there are major poorly presented use of headings and
content presentation of inconsistencies. Or content titles. no
content sometime poorly inconsistency and
presented content clearly presented
content