1.

a) Puzzle A
Total Hashes Frequency
-------------------------
1 345
2 326
3 326
4 294
5 292
6 292
7 316
8 305
9 304
10 319
11 312
12 310
13 318
14 323
15 311
16 313
17 305
18 291
19 343
20 348
21 308
22 294
23 307
24 292
25 321
26 302
27 323
28 321
29 305
30 338
31 292
32 304

Puzzle B
Total Hashes Frequency
-------------------------
1 0
2 0
3 0
4 2
5 15
6 18
7 45
8 79
9 138
10 199
11 313
12 364
13 522
14 633
15 679
16 769
17 790
18 859
19 782
20 779
21 718
22 600
23 516
24 373
25 266
26 224
27 145
28 85
29 56
30 20
31 10
32 1

B) Method:
To determine the distribution of the number of cases that require each number of hashes
for Puzzle A, I wrote a program to simulate the puzzle-solving process. The program
generated multiple instances of the puzzle and tracked the number of hashes used in
each case. Using these simulations, I compiled statistics on how frequently each number
of hashes was required."
The data collected from these simulations was then analysed to produce a distribution of
the number of cases corresponding to each possible number of hashes. This distribution
was represented in a table showing the frequency of each hash count.

C) Puzzle A
Puzzle B

D) Puzzle A = Average number of hashes needed: 16.47

 Puzzle B = Average number of hashes needed: 18.01
E) Puzzle A = Population standard deviation: 9.25
Puzzle B = Population standard deviation: 4.58
2. Rate of TCP SYN packets
5 retries + 1 initial Attempt = 6 total attempt
Happens between 30 second intervals, 6 x 30 = 180 seconds = 3 minutes
Table hold 512 requests
512 / 3 minutes = 170.67
170.67 syn packet per minute to keep the tables full
Bandwidth consumption
TCP SYN packet is 32 bytes in size
Attackers send 170.67 SYN packet per minute

Data per minute = 170.67 x 32 bytes = 5461.44 bytes per minute.

Data per minute in bits = 5461.44 x 8 = 43691.52 bits per minute.

Data per second 43691.52 bits / 60 = 728.19 bps

Bandwidth consumption is approximately 728.19 bits per second

3. probability containing malware = 1/250 = 0.004

Probability that is does not contain malware 1 - 0.004 = 0.996
Malware checker correctly identifies email positive rate 95% = 0.95
Negative rate = 5% - 0.05
Calculate P(flagged) = (0.95 x 0.004) + (0.05 x 0.996)
0.0038 + 0.0498 = 0.0536
Apply Bayes Theorem
P(no malware | flagged) =
0.05 x 0.996
=0.929
0.0536
The probability of the email is okay with no malware is 92.9 %

4. CAPTCHA helps prevent email spam from differentiating between human user and
automated scripts or bots.

How it works:
1. Blocking automated bots: many spams email sent by bots for registering fake account
or exploit or either abuse web features. CAPTCHA presents a challenge that the bot
cannot solve and recognize distorted text or image. Only humans can do this, and this
will prevent bots from registering accounts that could be used to spam
2. Reducing automated login attempts: prevent bots from using brute force attack to
guess password and this will add a layer of verification.
3. Prevent email harvesting: bots can crawl the web to harvest email address from
websites which they can use later as spam. CAPTCHA can be added to email
 submission forms or other areas where email addresses are exposed to prevent bots
from automatically extracting this information.

Main Difficulty
1. User Frustration: CAPTCHA image and puzzle can sometimes be difficult even for the
user since it will produce a distorted image or complex one, which can lead frustration to
the user who is entering the website.
2. Accessibility issues: CAPTCHAs are sometimes not accessible to all user especially
with visual or cognitive impairments. Some do provide audio alternatives, but it is difficult
to interpret.
3. Advances in AI: AI learning techniques improves, bots are becoming more capable of
solving CAPTCHAs.
4. Time Consuming: Some can also be time consuming to solve it, which can slow the
login or form submission process.
5. Bypassing Mechanisms: Attacker can bypass CAPTCHAs by using services that
employ human workers to solve CAPTCHA challenges on their behalf.

5. Honeypots are traps designed to detect, deflect, or analyze attempts at unauthorized

use of information systems. In the context of web security and spam prevention,
honeypots typically involve adding hidden fields or elements to web forms (e.g., sign-up,
login, or comment forms) that are not visible or accessible to human users but can be
detected and filled out by automated bots.

How Honeypots Are Better at Resisting Spam Bots Than CAPTCHAs

Seamless User Experience: Unlike CAPTCHAs, which require active user interaction
(e.g., identifying distorted text or images), honeypots work invisibly in the background.
Users don’t need to solve any challenges, making the form submission process
smoother and less frustrating.

No Accessibility Issues: Honeypots do not rely on visual or auditory challenges, so they

avoid accessibility issues that CAPTCHAs often present. Visually impaired or cognitively
challenged users are not excluded from participating in a honeypot-protected form.

No Human Solving Services: CAPTCHA challenges can be bypassed by attackers using

services where humans are paid to solve CAPTCHA puzzles. Honeypots, on the other
hand, are not something a human can solve because they are designed to be ignored by
legitimate users. Since bots automatically fill all fields, they reveal themselves, making
honeypots harder for attackers to bypass.

Invisible to Bots: Unlike CAPTCHAs, which explicitly prompt the user or bot to interact,
honeypots are designed to be unnoticed by both users and attackers. This subtlety can
 make honeypots more effective, as bots often don't detect the trap and continue their
malicious activities, leading to easy detection and blocking by the system.

Reduced Computational Resources: CAPTCHAs can slow down the server because of
the additional steps required to generate and verify challenges. Honeypots, being simple
hidden fields, require minimal computational resources to implement and analyze,
making them more efficient in resisting bot attacks without straining system
performance.

6. (a) WannaCry
Domain: Cybersecurity
Nature: Ransomware Attack
WannaCry: a large-scale ransomware attack in May 2017, targeting computers that are
using windows operating system. Spread via a vulnerability (Eternal Blue) in the
Microsoft server message block protocol, which allowed it to propagate rapidly across
network. Once infected with the malware encrypt the user’s file and ask for a ransom in
bitcoin to decrypt. It affected critical infrastructure such as hospital, businesses and
government institution.

(b) XML Bomb

Domain: Software and Web Security
Nature: Denial of Service (DoS) Attack
An XML Bomb, also known as a Billion Laughs Attack, is a type of attack that exploits
XML parsers by causing them to process a large, nested structure of data designed to
expand exponentially in memory. When an application attempts to parse this malicious
XML file, the excessive expansion of data can overwhelm system resources, leading to a
Denial of Service (DoS). XML Bombs are used to crash systems or make them
unresponsive, and they target services that rely on XML parsing, such as web services
or applications that exchange data using XML.

7. A) SELECT SUM(Salary) FROM table WHERE Gender = 'Female' AND School =

'Physics' AND Position = 'Lecturer';

SELECT SUM(Salary) FROM table WHERE Name = ‘Fran’

B)
SELECT SUM(Salary) FROM table WHERE Gender = 'Female' AND School =
'Computing';
It will return $77.000 (Total of Ivana and Diana)

SELECT SUM(Salary) FROM table WHERE Gender = 'Female' AND School =

'Computing' AND Position = 'Tutor';
It will return $12.000 (Ivana)
To find Ivana’s salary we can just minus the two results, $77.000 - $12.000 = $65.000