take recorded pcap file of 300 400MB in size and provide the following analysis the summation of your learning throughout the course project you will demonstrate what you learned throughout the first 7 weeks of this course by submitting a five (5) page paper that 1) describes the results of the PCAP and SNORT signatures which alerted from the captures you did in your course project and 2) answers the questions outlined below Screen shots of alerts SNORT signature references PCAP snippets graphs ACID output are all allowed and encouraged Final paper is your opportunity to put all the tools together and provide a comprehensive analysis of HIDS NIDS data that was collected over a few weeks during the project timeframes In addition to outlining the results of your course project, your five (5) page paper should also answer the following For SNORT and or PCAP Why did the signatures alert What IP was the malicious host s What time did the possibly malicious traffic occur Will it happen again Is it normal network traffic What can be done to prevent the traffic For Host Analysis (HIDS or log analysis) What logs did you analyze What logs were signs of malicious activity What was the malicious activity What was the offending IP What time s did the activity occur Will it happen again Is it normal system activity What can be done to prevent the activity Can you explain all that you see on PCAP NIDS HIDS Log analysis If not, what can you deduce that the traffic patterns logs are Additional Requirements Papers should be double spaced with 1 margins When citing material from the course, please use proper APA style You need not include a reference list if your sources were class materials Any other sources should be listed in a reference list at the end of your paper Expected length is 5 pages Your paper is due the final day of the term Papers will be evaluated on Organization and readability (grammar, punctuation, spelling, APA style) Reflection upon, and description of, the learning AND Incorporation of material covered in class into your discussion

The Answer is in the image, click to view ...

Answered step by step

Verified Expert Solution

Link Copied!

Question

1 Approved Answer

Posted on Jul 31, 2024

take recorded pcap file of 300-400MB in size and provide the following analysis. the summation of your learning throughout the course project.you will demonstrate what

take recorded pcap file of 300-400MB in size and provide the following analysis.

the summation of your learning throughout the course project.you will demonstrate what you learned throughout the first 7 weeks of this course by submitting a five (5) page paper that 1) describes the results of the PCAP and SNORT signatures which alerted from the captures you did in your course project; and 2) answers the questions outlined below.

Screen shots of alerts/SNORT signature references/PCAP snippets/graphs/ACID output are all allowed and encouraged. Final paper is your opportunity to put all the tools together and provide a comprehensive analysis of HIDS/NIDS data that was collected over a few weeks during the project timeframes.

In addition to outlining the results of your course project, your five (5) page paper should also answer the following:

For SNORT and/or PCAP:

Why did the signatures alert?
What IP was the malicious host/s?
What time did the possibly malicious traffic occur?
Will it happen again?
Is it normal network traffic?
What can be done to prevent the traffic?

For Host Analysis (HIDS or log analysis):

What logs did you analyze?
What logs were signs of malicious activity?
What was the malicious activity?
What was the offending IP?
What time/s did the activity occur?
Will it happen again?
Is it normal system activity?
What can be done to prevent the activity?
Can you explain all that you see on PCAP/NIDS/HIDS/Log analysis?
- If not, what can you deduce that the traffic/patterns/logs are?

Additional Requirements:

Papers should be double-spaced with 1" margins.
When citing material from the course, please use proper APA style.
You need not include a reference list if your sources were class materials.
- Any other sources should be listed in a reference list at the end of your paper.
Expected length is 5 pages.
Your paper is due the final day of the term.
Papers will be evaluated on:
- Organization and readability (grammar, punctuation, spelling, APA style);
- Reflection upon, and description of, the learning; AND
- Incorporation of material covered in class into your discussion.