Assignment 4 Solutions



The grades weren't as high for this assignment, but I assume everyone was very busy...

We already went over the answers to the questions in class, so I won't detail them too much here... the are fairly straight-forward...

The bonus question answer I was looking for, was the fact that the virus won't infect files smaller than itself.

Solution to 22.11.12. Rule C2 requires that all TPs be valid. If a TP containing a computer virus is certified as valid, a computer virus would be introduced. Hence enforcing rule C2 prevents the introduction of a computer virus. Similarly, C4 and C5 certify specific properties of a program, and so those programs would not have computer virus (else they would not be certified). Rule C1 may prevent the introduction of a computer virus, provided the computer virus is written by creating data in an invalid form, but that will cause an interpreter to act as a computer virus. Rules E1 and E2 ensure that TPs do what is expected, and hence they would prevent the execution (but not necessarily the introduction) of computer virus. Rule E3 deals with user authentication and is not relevant. Rules E1 and E2 enforce TP execution restrictions, not certifications, and so are not relevant. Rules C3 and E4 speak to separation of duty, which constrains the minimum number of agents required to act; this is not relevant either. Hence, rules C2, C4, C5, and possibly E1, E2, and C1 are relevant. 



Student IDs:
80532039
11721040
37861002
39129002
Score: 50/56

Questions:

(8/8) Question 1.1 - Good analysis of buffer overflow problem, and good example assembly code.
(3/3) Question 1.2 - 
(4/4) Question 1.3 - 

(1/1) Question 2.1 - 
(2/2) Question 2.2 - 
(4/4) Question 2.3 - 
(1/1) Question 2.4 - 
(5/5) Question 2.5 - 
(2/2) Question 2.6 - 
(+0) BONUS Question 2.7 - Good ideas, but I was looking for the fact that the virus won't infect files smaller than itself.

(4/8) 22.11.12 - Incomplete solution.

(3/5) 13.6.7 - More details needed... you answer is not well founded.

(4/4) Question 5.1 -
(3/3) Question 5.2 -
(3/3) Question 5.3 -
(1/1) Question 5.4.1 -
(1/1) Question 5.4.2 -
(1/1) Question 5.4.3 -





Student IDs:
83556019
83313015
50891985

Score: 34/56

Questions:

(0/8) Question 1.1 - No answer given
(2/3) Question 1.2 - More details needed.
(0/4) Question 1.3 - No answer given

(1/1) Question 2.1 - 
(1/2) Question 2.2 - It's also TSR, and Executable Infector
(3/4) Question 2.3 - More detail needed.
(1/1) Question 2.4 - 
(2/5) Question 2.5 - Much more detail needed.
(1/2) Question 2.6 - The virus can corrupt files.
(+0) BONUS Question 2.7 - 

(6/8) 22.11.12 - Not exactly correct

(4/5) 13.6.7 - I don't think your premise is correct.

(4/4) Question 5.1 -
(3/3) Question 5.2 -
(3/3) Question 5.3 -
(1/1) Question 5.4.1 -
(1/1) Question 5.4.2 -
(1/1) Question 5.4.3 -






Student IDs:
76409994
74080995
79179990

Score: 49/56

Questions:

(7/8) Question 1.1 - Good Analysis.
(3/3) Question 1.2 - 
(4/4) Question 1.3 - 

(1/1) Question 2.1 - 
(2/2) Question 2.2 - 
(3/4) Question 2.3 - Each byte is one ascii character.
(1/1) Question 2.4 - 
(4/5) Question 2.5 - It also puts 2 bytes at the start.
(2/2) Question 2.6 - 
(+0) BONUS Question 2.7 - 

(4/8) 22.11.12 - More detailed analysis needed.

(5/5) 13.6.7 - 

(4/4) Question 5.1 -
(3/3) Question 5.2 -
(3/3) Question 5.3 -
(1/1) Question 5.4.1 -
(1/1) Question 5.4.2 -
(1/1) Question 5.4.3 -






Student IDs:
35595024
42349001
79956017
s78058997

Score: 48/56

Questions:

(5/8) Question 1.1 - Good references
(3/3) Question 1.2 - 
(4/4) Question 1.3 - 

(1/1) Question 2.1 - 
(2/2) Question 2.2 - 
(4/4) Question 2.3 - 
(1/1) Question 2.4 - 
(3/5) Question 2.5 - Not a very good solution.
(2/2) Question 2.6 - 
(+0) BONUS Question 2.7 - I was looking for the fact it will not infect files smaller than itself.

(7/8) 22.11.12 - A little too vague

(3/5) 13.6.7 - More details needed.

(4/4) Question 5.1 -
(3/3) Question 5.2 -
(3/3) Question 5.3 -
(1/1) Question 5.4.1 -
(1/1) Question 5.4.2 -
(1/1) Question 5.4.3 -






Student IDs:
s84688019
s36271005
s43453000
s79691010

Score: 52/56

Questions:

(6/8) Question 1.1 - Good start, but more details needed.
(3/3) Question 1.2 - 
(4/4) Question 1.3 - 

(1/1) Question 2.1 - 
(2/2) Question 2.2 - 
(4/4) Question 2.3 - 
(1/1) Question 2.4 - 
(5/5) Question 2.5 - 
(2/2) Question 2.6 - 
(+1) BONUS Question 2.7 - Inventive, but not the solution I was looking for.

(5/8) 22.11.12 - More details needed.

(5/5) 13.6.7 - 

(4/4) Question 5.1 -
(3/3) Question 5.2 -
(3/3) Question 5.3 -
(1/1) Question 5.4.1 -
(1/1) Question 5.4.2 -
(1/1) Question 5.4.3 -






Student IDs:
41192022
88641030
40790024

Score: 42/56

Questions:

(4/8) Question 1.1 - Good foundation
(3/3) Question 1.2 - 
(4/4) Question 1.3 - 

(0/1) Question 2.1 - No answer given.
(1/2) Question 2.2 - Executable and TSR
(4/4) Question 2.3 - 
(1/1) Question 2.4 - 
(4/5) Question 2.5 - You must also correct the jump instruction.
(1/2) Question 2.6 - It could be corrupted.
(+0) BONUS Question 2.7 - 

(5/8) 22.11.12 - More detailed answer needed.

(3/5) 13.6.7 - Not concise enough

(4/4) Question 5.1 -
(3/3) Question 5.2 - No gridlines on your tables...
(3/3) Question 5.3 -
(1/1) Question 5.4.1 -
(1/1) Question 5.4.2 -
(1/1) Question 5.4.3 -






Student IDs:
45077005
82214016
92294016
81220014

Score: 50/56

Questions:

(8/8) Question 1.1 - Good plan.
(2/3) Question 1.2 - No null terminate for strings > 31 characters.
(4/4) Question 1.3 - 

(1/1) Question 2.1 - 
(2/2) Question 2.2 - 
(4/4) Question 2.3 - Good.
(1/1) Question 2.4 - 
(5/5) Question 2.5 - 
(2/2) Question 2.6 - 
(+0) BONUS Question 2.7 - Nice try.

(5/8) 22.11.12 - More details needed.

(5/5) 13.6.7 - 

(4/4) Question 5.1 -
(3/3) Question 5.2 -
(3/3) Question 5.3 -
(1/1) Question 5.4.1 - Justification seems weak for the last questions..
(0/1) Question 5.4.2 -
(0/1) Question 5.4.3 -






Student IDs:
85051019
38080008
37250008

Score: 55/56

Questions:

(8/8) Question 1.1 - Don't work so hard.
(3/3) Question 1.2 - 
(4/4) Question 1.3 - 

(1/1) Question 2.1 - 
(2/2) Question 2.2 - 
(4/4) Question 2.3 - 
(1/1) Question 2.4 - 
(5/5) Question 2.5 - 
(2/2) Question 2.6 - 
(+3) BONUS Question 2.7 - Good job.

(6/8) 22.11.12 - More details needed.

(3/5) 13.6.7 - More details needed.

(4/4) Question 5.1 - How artistic.
(3/3) Question 5.2 -
(3/3) Question 5.3 -
(1/1) Question 5.4.1 -
(1/1) Question 5.4.2 -
(1/1) Question 5.4.3 -






Student IDs:
47414982
27017953
15051956

Score: 53/56

Questions:

(8/8) Question 1.1 - Good.
(2/3) Question 1.2 - No null termination?
(4/4) Question 1.3 - 

(1/1) Question 2.1 - 
(2/2) Question 2.2 - 
(4/4) Question 2.3 - 
(1/1) Question 2.4 - 
(5/5) Question 2.5 - 
(2/2) Question 2.6 - 
(+1) BONUS Question 2.7 - Good idea.

(6/8) 22.11.12 - More detail needed.

(4/5) 13.6.7 - 

(4/4) Question 5.1 - Good job with this question...
(3/3) Question 5.2 -
(3/3) Question 5.3 -
(1/1) Question 5.4.1 -
(1/1) Question 5.4.2 -
(1/1) Question 5.4.3 -






Student IDs:
81307993
45970985
81278996

Score: 53/56

Questions:

(8/8) Question 1.1 - Good try.
(3/3) Question 1.2 - 
(4/4) Question 1.3 - 

(1/1) Question 2.1 - 
(1/2) Question 2.2 - Also TSR
(4/4) Question 2.3 - 
(1/1) Question 2.4 - 
(4/5) Question 2.5 - More detail needed
(2/2) Question 2.6 - 
(+0) BONUS Question 2.7 - 

(7/8) 22.11.12 - 

(5/5) 13.6.7 - 

(4/4) Question 5.1 - Well done.
(3/3) Question 5.2 -
(3/3) Question 5.3 -
(1/1) Question 5.4.1 -
(1/1) Question 5.4.2 -
(1/1) Question 5.4.3 -






Student IDs:
78321015
76873017
45576022
41169020

Score: 48/56

Questions:

(4/8) Question 1.1 - 
(3/3) Question 1.2 - 
(4/4) Question 1.3 - 

(1/1) Question 2.1 - 
(1/2) Question 2.2 - It writes to the boot sector, but is not multipartite.
(4/4) Question 2.3 - 
(1/1) Question 2.4 - 
(4/5) Question 2.5 - More details needed.
(2/2) Question 2.6 - 
(+0) BONUS Question 2.7 - 

(7/8) 22.11.12 - 

(4/5) 13.6.7 - 

(4/4) Question 5.1 - Interesting embedded graphics.
(3/3) Question 5.2 -
(3/3) Question 5.3 -
(1/1) Question 5.4.1 -
(1/1) Question 5.4.2 -
(1/1) Question 5.4.3 -