CO892 Advanced Network Security – Assignment
Evaluating a network security tool
Task: For this assignment, you need to select an open source or freeware tool for
evaluation. The tool should be helpful in the context of network security (e.g., for analysing
network traffic, for detecting malware, for monitoring hosts or traffic). Please note that you
are not allowed to select Snort because it has been the subject of an assessment for module
CO874.
1. Small network setup: For the evaluation, you will need to setup a small network for the
practical work.
• You can use your own resources (laptop or desktop), if they allow you to set a small
network, and work individually.
2. Tool evaluation: The evaluation should EXTENSIVELY test ONE relevant, but non-trivial,
feature of the selected tool.
3. Individual report: The report should contain the following sections. Please use the exact
headings provided.
• Introduction: This section should motivate the selection of the tool and the selection of the
feature. A short overview of the feature selected is recommended.
• Evaluation Setup: This section should list the resources used, and explain the setup of the
small network and anything else needed for the evaluation. A setup diagram is
recommended.
• Evaluation Scope: This section should document the tests performed, and should refer to
any script/code created/used in the evaluation.
o If it is an existing code/script, you should cite the source.
o If it is a new code/script you created yourself, you should add it to an appendix.
Numbered test cases or test scenarios is recommended (for cross reference).
• Evaluation Results: this section should provide results obtained in relation to the test
cases/scenarios. Some relevant screenshots are recommended.
• Conclusion: this section should wrap-up the feature evaluation elaborating on, e.g., pros
and cons of the feature tested, highlights and recommendations for its use in practice.
• References: this section should contain bibliographic details of all sources cited in the text.
(Note: Any source cited should be properly acknowledged in the references list, and all items
in the references list should correspond to, at least, one in-text citation.)
What to submit
The individual report should not exceed four sides of A4 paper (including diagrams, tables
and references), minimum 10pt font size. Any content beyond this page limit, except an
appendix (if added), will be ignored for marking. This means that ONE appendix containing
code/scrips is allowed beyond the four sides of A4 paper.
| Marking scheme |
| The following criteria will be considered for marking the individual report. |
• Motivation (10 marks): how strong and relevant the motivation is;
• Setup (20 marks): how appropriate and complex the setup is;
• Scope (20 marks): how clear and comprehensive the tests are;
• Results (25 marks): how clear and comprehensive the results are;
• Conclusion (10 marks): how insightful and relevant the conclusion is;
• Presentation and References (15 marks): how readable the report is (technical
writing, formatting, flow, absent of typos or grammatical mistakes, and references).