Analysis report based on two network scenarios

It is an analysis report based on two scenarios,,you should examine the evidence file which i uploaded and do the part 1 as the given part 2 assignment u should create a new network architecture which should comparatively possess more professional than the sample network architecture..Ms word presentation

Part 1 – Analysis (20%)

Attached Files:
evidence-network-tunneling.pcap (105.776 KB)

This assessable involves a scenario where you will need to use a variety of tools and approaches in the forensic analysis.

Security analysts at a critical infrastructure facility have received an alert indicating that some type of suspicious activity is occurring in the network, involving the IP address
Specifically, unusual DNS traffic is either originating or terminating at this particular host.

As a forensic investigator, you are assigned the following mission:

• Analyze the DNS traffic and determine the trail of suspicious activity, if at all such activity exists.
• Determine the purpose of the unusual traffic generated as part of the the anomalous activity associated with the above IP address.
• Upon confirmation of suspicious activity, recover as much information as possible about the local and remote systems involved.
• Collect and/or recover as many statistics as possible from the suspicious data.
• Write up a report enlisting the summarized points of the case that you have studied through the analysis exercise.

Network architecture details:
The internal network is
The IP range must be treated as the ‘Internet’ is the internal DNS server
Evidence is provided in the evidence-network-tunneling.pcap file

Create a timeline and place the identified incidents within it.
Do a protocol-specific classification of the suspicious traffic.
Do not rely on a single tool such as Wireshark, diversity your test setup and use other tools for network traffic analysis.

Part 2 – Analysis (20%)


1. Perform a formal risk assessment of a computer network of your choice (A sample network architecture will be provided for your reference). Locate references that assist in these assumptions and have a minimal architecture of dimensions equivalent to the provided sample;
2. You must model the expected network traffic between each and every pair of network devices i.e., links, in your network;
3. Download and install the R binaries from : R Binaries
4. Based on the network traffic model from Step 2 above, generate a dataset of network traffic values with the following TCP/IP header content: {Sequence ID, Source IP address, Destination IP address, Source Port number, Destination Port number, Protocol} – The dataset should have a minimum of 10K rows (data samples)
5. Run statistical analysis on the generated dataset using the R language. Common statistics collected on data include: Mean, Median and Variance of Occuring values for each header componet of the dataset.
6. Using R, plot Source IP address vs Protocol, Destination IP address vs. Protocol, Source Port number vs. Protocol, Destination Port number vs. Protocol.
7. Writeup an analysis of the data based on the results obtained above.
8. Recommend improvements to the architecture to help mitigate the effects of a network traffic-intensive attack.


Place your order now to enjoy great discounts on this or a similar topic.

People choose us because we provide:

Essays written from scratch, 100% original,

Delivery within deadlines,

Competitive prices and excellent quality,

24/7 customer support,

Priority on their privacy,

Unlimited free revisions upon request, and

Plagiarism free work,


Unlike most other websites we deliver what we promise;

  • Our Support Staff are online 24/7
  • Our Writers are available 24/7
  • Most Urgent order is delivered with 6 Hrs
  • 100% Original Assignment Plagiarism report can be sent to you upon request.

GET 15 % DISCOUNT TODAY use the discount code PAPER15 at the order form.

Type of paper
Academic level
Subject area
Number of pages
Paper urgency
Cost per page: