CYB 233 - Network Defense (NDF)

Assignment
Course Details
Course: CYB 233 - Network Defense (NDF)
Total Marks: 15
Submission Deadline: 21 Nov 2024 11:59:00 PM

Objective
This assignment focuses on enhancing your skills in capturing, analyzing, and
understanding the intricacies of network traffic using Wireshark. You will delve into the
specifics of protocol detection, highlighting the different stages of protocol creation and
communication.

Instructions
1. Data Capture
• Capture your network traffic using Wireshark for a duration of 10 minutes.
• During the capture, visit the following types of websites:
– A news website (e.g., CNN, BBC)
– A social media platform (e.g., Facebook, Twitter)
– An e-commerce site (e.g., Amazon, eBay)
– An educational or informational site (e.g., Wikipedia, an online library)

2. Protocol Detection and Stages

• Focus on the detection and stages of the HTTP/HTTPS and DNS protocols
during your browsing session.
• Document and highlight the following stages for each protocol:
– HTTP/HTTPS:
• Initial TCP handshake
• SSL/TLS negotiation (for HTTPS)
• Request and response headers
• Data transfer
• Session termination
– DNS:
• Query initiation
• Server response
 • Resolution process
• Provide detailed screenshots showing each stage in your captured traffic.

3. Traffic Identification
• Identify and document two specific types of traffic:
– Streaming media traffic (e.g., YouTube, Spotify)
– Email traffic (SMTP/IMAP, if applicable)
• Describe the characteristics and patterns of each identified traffic type.

4. Advanced Filtering
• Apply and document four different filters in Wireshark:
– A filter to isolate DNS queries.
– A filter to view HTTP traffic only.
– A combined filter using logical operators for specific IP and protocol.
– Another combined filter of your choice using logical operators.
• Include screenshots showing these filters in action, with highlights on the filtered
results.

5. Reporting
• Compile a comprehensive report of your findings.
• Include:
– An introduction explaining the assignment objectives.
– A detailed methodology of your data capture and analysis.
– Screenshots with highlights and explanations for each protocol stage and
filter.
– A conclusion summarizing your insights and learning outcomes.

Submission Guidelines
• Report length: 2000-2500 words, excluding appendices.
• Structure: Clear headings, subheadings, and bullet points.
• References: APA format.
• Format: PDF, along with the pcap file.

Marking Criteria
• Protocol Detection and Stages Analysis (8 Marks)
• Traffic Identification and Analysis (5 Marks)
• Advanced Filtering Techniques and Application (6 Marks)
• Quality and Clarity of Report (1 Marks)