Type of assignment: This assignment should be done in groups.

Note: The assignment submission should clearly list the student members of the group, their names, and student numbers on the first page.

Points: The maximum number of points for this assignment is 21, which will be prorated accordingly after all assignments are posted. Weight of each problem is in parenthesis.

Format:

1. Assignment submissions are accepted in the following formats only: HTML (extension .html), PDF (.pdf), RTF (.rtf) , ASCII text (.txt). Assignments submitted in any other format will be discarded. All text in the assignment submissions must be typed and figures plotted to be easy to read and understand. Spelling, grammar, and other language errors will result in fewer points credited to the corresponding problem solutions.
2. Your submission file should be named to reflect the names of the group members, and the assignment number, e.g., alice_bob-assignment_5.pdf.

Problems

1. (7) (Assurance) Write answer to problem 1 from section 17.6 of the Bishop's text book.
2. (7) (Auditing) Write answer to problem 8 from section 21.10 of the Bishop's text book.
3. (7) (Availability) The goal of a Denial-of-service (DoS) attack in the Internet is always to compromise the availability of an application system, e.g., website. How can the web site distinguish between lack of capacity and a denial-of-service attack? For example, web sites often experience a tremendous increase in volume of traffic right after an advertisement with the site¡¯s URL is shown on television during the broadcast of a popular sporting event (Slashdoted phenomenon). That spike in usage is the result of normal access that happens to occur at the same time. How can a site determine that high traffic is reasonable?