CS 465 Introduction to Computer Security Homework Assignment #2

thunderingaardvarkAI and Robotics

Nov 18, 2013 (3 years and 9 months ago)

73 views

CS 465 Homework #2 Page
1

of
2


CS 465 Introduction to Computer Security

Homework Assignment #2




Assi
gned: Thursday, October 3, 2013

Due:

Tuesday, October 8, 2013

at the beginning of the class

(HARD COPY)

No assignments will be accepted after
9:30 am on Thursday
, Octo
ber 10
, 201
3


Name


Student ID



1

2

3

4

5

Total



/
6




/
5


/
45


/
1
5


/
9


/
80



1.

Describe at least three ways computer viruses can spread.

(6

points)



2.

Explain why computer worms are bigger threat to computer security than computer viruses.
(5

points)


3.

Search the Web and/or professional journals for information
on (1) Sapphire/Slammer worm,
(2) Samy worm, and (3)
Android.Nickispy malware. For each of them

briefly
address the
following points.

a.

The vulnerability
(vulnerabilities)
it has exploited

b.

The way it spread

c.

How fast it spread

d.

The effect it had on systems

e.

How hard/easy it was to clean the system
from the worm.

(45

points)


4.

For each of the following

statements, indicate if they are true or false. If a statement is false, restate it
to be true
.

Provide an argument why the original or restated statement is true
.

a.

Face recognition when used for identification has higher error than fingerprint and iris
re
cognition.

[ ] True [ ] False

b.

Attacks on biometrics as a method of authentication are possible only on the way they are
entered into the system.

[ ] True [ ] False

c.

Common words and names are easy to remember, so they are good passwords.

[ ] True [ ]
False

d.

Unix stores user passwords in a file accessible to all users.

[ ] True [ ] False

e.

Users’ passwords should consist only of letters.

[ ] True [ ] False


(
15

points)


CS 465 Homework #2 Page
2

of
2


5.

Suppose an attacker plans to use a brute force attack (trying all possible passwords) to
determine a password. The attacker’s machine takes 1
msec

(i.e.,
10
-
3
sec
) to test a single
password.
Assuming that a user chooses a six characters long password compu
te how long
will take to break a password under each of the following conditions.

a.

Password characters must be digits (“0” through “9”)

b.

Password characters must be uppercase alphabetic characters (“A” through “Z”)

c.

Password characters may be any ASCII charac
ters from 1 to 127.


(Total: 9

points)