Investigate attacks on anonymising networks
This assessment aims to assess the understanding of anonymising networks using The Onion Router (TOR) and analyse the network traffic using available tools. This assessment task will also assess the following learning outcome of this subject as well as measure progress towards all the learning outcomes:
• be able to investigate the usage of anonymising networks in the dark web using publicly available tools
You are required to prepare an anonymising network analysis report using the Tor browser based on the following scenario:
As a security specialist for a company, you’re responsible for detecting potential dangers and vulnerabilities early on, such as data breaches and other cyber incidents that could harm your company’s brand. You work as a security expert with an agency, ensuring that the organisation’s data is safe from cyber-attacks. You receive an unexpected alert from your web server at work, indicating that unusual or suspicious behaviour is occurring. As part of your organisation’s security procedures and policies, you gather network traffic logs utilising accessible anonymising network technologies to examine the source of the suspicious behaviour.
You will examine the network traffic logs from both the conventional network and the Tor Network using available analysis tools, as well as all other security compliance procedures, to determine the source of an entry that appeared to be suspicious or malicious.
1. You will access your network traffic logs (please make sure that you are not breaching your privacy if it is your workplace logs)
2. Your task is to surf the web safely and anonymously using the Tor network through the Tor browser. The best way to keep yourself private is to combine Tor with a VPN. You will be required to describe how you maintained your safety while exploring the web.
3. Navigate the web to discover if there is any suspicious activity.
4. Analyse the captured traffic and identify any abnormal/suspicious activity.
5. In your report, you must include the following –
o describe the navigated web traffic logs for your traffic analysis;
o provide some screenshots as evidence of your log analysis ;
o and explain the differences between normal routing traffic from Tor routing traffic;
o explain how Tor maintains anonymity during web browsing;
o describe the potential challenges of the Tor network concerning traffic analysis.
This assessment also provides an opportunity for you to :
– demonstrate factual knowledge, understanding and application of state-of-art of anonymising network;
– demonstrate the ability to investigate the usage of anonymising networks in the dark web
– apply understanding and knowledge to a practical situation.
Exploration of the dark web conditions: you may stumble upon the content you do not want to see, as part of the safety practices when exploring the Dark Web, it is expected that you stick to the purpose of this assessment task and look solely for sites relevant to the threat intelligence. In line with CSU’s duty of care, you will be required to capture how you used the safety protocols in your final report.
This assessment task will assess the following learning outcome/s:
• be able to analyse the malicious and cybercriminal activities inside the dark web.
• be able to analyse dark web content and create web logs.
• be able to investigate the usage of anonymising networks in the dark web using publically available tools.
• Your answers to the questions should be precise but complete and informative.
• Your submission must be in a form readable by Microsoft Word or PDF/Acrobat format and submit it via EASTS.
• The report should be precise but complete and informative and the number of words within 800-1000 words.
• Your submission must be no more than 8 pages long (including diagrams), must have margins no less than 2cm, and a font size no less than 12 points.
• Any text adapted from any source must be clearly labelled and referenced. Please refer to the CSU referencing guide http://student.csu.edu.au/study/referencing-at-csu.
Marking criteria and standards
The following standards will be used to mark this assessment :
Assessable Components HD DI CR PS
Access and collection of network traffic, summarize the report with potential challenges of traffic analysis, including steps to safeguard yourself while exploring the Dark Web.
Maximum marks: 20
Comprehensive summary of the report is provided which is consistent with the task. Report provides logical statements that explicitly illustrates how access and collection of dark web traffic was achieved. The potential challenges to traffic analysis was explained in full. Safety protocols captured in report. Report language is appropriate to the assessment with accurate referencing using APA 7th edition. Detailed report summary that is consistent with the task. Provides a accurate and detailed overview of the results, threats and vulnerabilities including a explicit reference to challenges faced in analysing network traffic. Safety protocols captured in report. Report language is appropriate to assessment with accurate referencing using APA 7th edition. Good summary of results reflecting the assessment purpose.
Provides a general overview of the results, threats and vulnerabilities, including an outline of challenges faced in analysing network traffic. Safety protocols captured in the report. Report language appropriate to assessment with proper referencing. Satisfies the minimum requirements. Provided basic description of access and collection of dark web traffic and summarised the challenges faced in analysing net work traffic. Safety protocols captured in the report. Summary report contains referencing.
For this assessment, you are required to use APA referencing to acknowledge the sources that you have used in preparing your assessment. Please refer to the CSU referencing guide http://student.csu.edu.au/study/referencing-at-csu. In addition, a very useful tool for you to use that demonstrates how to correctly use in-text referencing and the correct way to cite the reference in your reference list can be found at https://apps.csu.edu.au/reftool/apa-7