Group 7
Group 7
CYS III
GROUP MEMBERS
S/N NAMES REGISTRATION NUMBER
1 KELVIN ALEX PETER BCSe-01-0204-2022
2 MICHAEL ISSA AMANZI BCSe-01-0016-2022
3 ALEN DAUSON BCSe-01-0174-2022
4 FAUSTIN MASAGA BCSe-01-0098-2022
5 GILBERT MBUJI BCSe-01-0165-2022
6 ELLY MATHIAS BCSe-01-0058-2022
7 THADEO THOBIAS BCSe-01-0049-2022
8 BENARD KAKIZIBA BCSe-01-0158-2022
9 IAN LESIKA BCSe-01-0232-2022
10 DIANA ISACK BCSe-01-0024-2022
11 ESTHER MWAIBINDE BCSe-01-0031-2022
12 MAGDALENA LYANGA BCSe-01-0125-2022
13 MINZA SILVANO BCSe-01-0177-2022
14 MARIA NASORO BCSe-01-0176-2022
15 OLIVER OBED BCSe-01-0104-2022
QUESTIONS
Binary Tree Applications in Cybersecurity
1. Describe the Binary Tree Structure and Algorithm:
Explain the properties of a Binary Tree and how search operations are performed
within it.
Provide an example of a Binary Search Tree (BST) and outline the process of
inserting, deleting, and searching for nodes.
Explain tree traversal methods
3. Cybersecurity Application:
Explain how a Binary Search Tree could be applied in a cybersecurity context,
such as maintaining a list of known malicious IP addresses.
Describe how the BST structure can help speed up search operations compared to
a linear search, especially in high-frequency scenarios like real-time threat
detection.
iii. Levels
A binary tree grows in levels, starting at level 0 (the root).
Nodes at level n can have up to 2n nodes.
v. Traversal Order
Nodes are accessed in a specific order using traversal methods such as in-
order, preorder, post-order or level-order.
vi. Balance
A balanced binary tree ensures that the height difference between the left
and right subtrees of any node is at most 1. This keeps operations efficient.
Time Complexity:
O(n) in the worst case, where n is the number of nodes, because
every node may need to be visited.
Step 4: The right child of 20 is empty (null). That’s means 25 is not in the tree.
Note: The search ends when you reach an empty spot in the tree.
Provide an example of a Binary Search tree (BST) and outline the process of inserting, deleting
and searching for nodes.
Suppose the data elements are 45, 15, 79, 90, 10, 55, 12, 20, 50
Step 1: Insert 45
Step 2: insert 15
As 15 is smaller than 45, so insert it as the root node of the left subtree.
Step 3: Insert 79:
As 79 is greater than 45, so insert as the root node of the right subtree.
90 is greater than 45 and 79, so it will be inserted as the right subtree of 79.
Step 5: Insert 10:
55 is larger than 45 and smaller than 79, so it will be inserted as the left subtree of 79.
Step 7: Insert 12.
12 is smaller than 45 and 15 but greater than 10, so it will be inserted as the right subtree
of 10.
Step 8: insert 20.
20 is smaller than 45 but greater than 15, so it will be inserted as the right subtree of 15.
50 is greater than 45 but smaller than 79 and 55. So, it will be inserted as a left subtree of
55.
Searching for a node in a BST
Is 55 equal to 45? No
Is 55 greater than 45? Yes, so move to the right subtree.
Is 55 equal to 79? No
Is 55 less than 79? Yes, so move to the left subtree of 79.
In binary search tree, we must delete a node from the tree by keeping in mind that the property of
BST is not violated. To delete a node from BST, there are three possible situations occurs:
We can see the process of deleting a node with one child from BST in the below image.
In the below image, suppose we have to delete the node 79 as the node to be deleted has
only one child, so it will be replaced with its child 55.
So, the replaced node 79 will now be leaf node that can be easily deleted.
c) When the node to be deleted has two children
This case of deleting a node in BST is a bit complex among other cases. In such a case,
the steps to be followed are listed as follows:
Firstly, find the in-order successor the node to be deleted.
After that, replace that node with the in-order successor until the target node is
placed at the leaf of tree.
And at last, replace the node with NULL and free up the allocated space.
The in-order successor is required when the right child of the node is not empty. We
can obtain the in-order successor by finding the minimum element in the right child
of the node.
We can see the process of deleting a node with two children from BST in the below
image. In the below image, suppose we have to delete node 45 that is the root node,
as the node to be deleted has two children, so it will be replaced with its in-order
successor. Now, node 45 will be at the leaf of the tree so that it can be deleted easily
Insertion in Binary Search Tree
A new key in BST is always inserted at the leaf. To insert an element in BST, we have to start
searching from the root node; if the node to be inserted is less than the root node, then search for
an empty location in the left subtree.
Else, search for the empty location in the right subtree and insert the data. Insert in BST is
similar to searching, as we always have to maintain the rule that the left subtree is smaller than
the root, and right subtree is larger than the root.
Tree traversal refers to the process of visiting all nodes in binary tree in a specific. There are
several methods for traversing a binary tree, each providing a unique way to access and process
nodes.
Pre-order Traversal: 45, 15, 10, 12, 20, 79, 55, 50, 90
Level order traversal for this example is: 45, 10, 79, 10, 20, 55, 90, 12,
50.
2. Analyze the average-case and worst-case complexity of searching in a Binary Search
Tree
Average Case:
A balanced BST has nodes that are evenly
distributed.
On average, the height of the tree is log (n) where n
is the number of nodes.
Average-Case Complexity: O (log n).
Worst Case:
An unbalanced BST can occur if data is inserted in sorted order (either
increasing or decreasing).
The tree becomes a degenerate (linked-list-like) structure, where the
height is n
Worst-Case Complexity: O (n).
Discuss how unbalanced and balanced trees affect search efficiency, particular in large
datasets.
i. Balanced Trees
A balanced tree is a tree where the height (the number of levels or edges from the root to
the farthest leaf) is kept as small as possible.
In a balanced tree, the number of nodes on the left and right subtrees of any node are
roughly the same.
In a balanced tree, the height is approximately log (n) where n is the number of nodes. This
means that for a tree with a large number of nodes, the height of the tree stays relatively small,
which is good for performance.
When searching for a value, you only need to traverse a small number of levels (around
log (n)) to find the value.
For example, if you have a balanced tree with 1,000,000 nodes, the height of the tree
will be around 20 (since log 2 (1,000,000) ≈20. So, you only need about 20 comparisons
to find a value, even in a large dataset.
An unbalanced tree is a tree where the height is too large relative to the number of
nodes.
This happens when the tree is not structured well, for example, when you keep inserting
values in sorted order (e.g., 1, 2, 3, 4, 5...).
In this case, the tree ends up being like a linked list, with each node having only one
child.
In an unbalanced tree, the height can be as large as n, where n is the number of nodes. This
makes search operations much slower.
In an unbalanced tree, you might have to traverse all the way from the root to the last
node, taking n comparisons (where n is the number of nodes).
For example, in a tree with 1,000,000 nodes, the height of the tree could be 1,000,000 (if
it is completely unbalanced), and you'd have to make 1,000,000 comparisons just to find
a value.
Balanced Tree:
Search Efficiency: The time it takes to search is much smaller. Even if you have
millions of nodes, the height will be relatively small (around log (n)).
For example, if you have 1,000,000 nodes, the height will be around 20,
and you'll only need 20 comparisons to find a value.
Performance: The tree remains efficient for both searching, inserting, and deleting
values, even with very large datasets.
Unbalanced Tree:
Search Efficiency: The time it takes to search increases significantly. As the tree
becomes more unbalanced, the height increases to n, so searching takes longer.
For example, if you have 1,000,000 nodes and the tree is unbalanced, the
height might be 1,000,000, meaning you'd have to check 1,000,000 nodes
to find the value.
Performance: The operations (search, insert, delete) become inefficient and take a long
time as the tree grows. This becomes a major problem when dealing with large datasets.
2. Red-Black Tree
Definition: A self-balancing BST that maintains balance through color-coding nodes (red or
black) and enforcing specific rules during insertion and deletion.
Impact on Search Efficiency:
Guarantees operations. Slightly faster insertion and deletion compared to AVL trees due to fewer
rotations.
Use Case in Cybersecurity:
Suitable for dynamic environments where frequent updates (additions or deletions) occur, such
as maintaining live threat feeds or firewall rules.
3. Hash Tables
Definition: A data structure that maps keys to values using a hash function for constant-time
lookups.
Impact on Search Efficiency:
Provides average-case search time. Does not require balancing but might experience collisions,
requiring a resolution strategy (e.g., chaining or open addressing).
Use Case in Cybersecurity:
Excellent for quickly searching large datasets like malicious IP addresses.
Collisions can slow performance, making it less suitable for scenarios with poor hash function
distribution.
4. B-Trees (and B+ Trees)
Definition: A self-balancing multi-way search tree commonly used in databases and file systems.
3. Cormen, T.H., Leiserson, C.E., Rivest, R.L. and Stein, C., 2009. Introduction to
Algorithms. 3rd ed. Cambridge, MA: MIT Press.
4. Knuth, D.E., 1998. The Art of Computer Programming (Volume 3). 3rd ed. Boston:
Addison-Wesley.
5. Weiss, M.A., 2013. Data Structures and Algorithm Analysis in C++. 4th ed. Boston:
Pearson Education.