辅导program、辅导SQL编程设计

- 首页 >> CS
August 27, 2022 [8INF135, CYBERSIRURITY, PROJECT: ELECTION SERURITY] 8INF135, Cybersecurity, Project: Election
Security
1. Overview
Election cybersecurity or election security refers to the protection of elections and voting infrastructure from cyberattack or cyber threat – including the tampering with or infiltration of voting mechanism (including people and voting procedures), machines and equipment, election office networks and practices, and voter registration databases.
This project must be implemented in the SEEDUbuntu Version 20.04 as Lab02 SQL Injection Attack.
The objectives of this project are: (1). Review the common vulnerability, threats and attacks of an election. (2). Design a voting system with two parts: a password protected web application of voting system; it will allow a web user to login to the system, and vote his/her candidate. Each voter can only vote one candidate once only. Voters should be able to view the voting result but they should not change the result. And an SQL database with a table of 10 voters and a table of 3 candidates. (3). Plan and launch SQL Injection attacks to temper the voting results. (4). Plan and implement countermeasures (Prepared Statement) to prevent the attack.
This project is done by a group of 6 students. 2 for the task of Designing your voting system in PhP and MySQL on server side(Task 1); 2 for the task of implementing SQL Injection attack on client side(Task 2); and 2 for implementing and test countermeasure (Task 3) on server side. At the end, one report should be submitted.
2. Tasks
Besides other stuff which must be included into your final report, such as literature review, design description, analysis and drawbacks, conclusion, references, the main tasks of this project is listed as followings.
[Task 1] Using PhP, MySQL and JavaScript to build a voting system. It will allow a web user to login to the system, and vote his/her candidate. Each voter can only vote one candidate. Voters should be able to view the voting result but they should not change the result. And an SQL database must be built with a table of 10 voters and a table of 3 candidates.
[Task 2] With the help of SQL Injection to attack the voting system built in Task 1 in order to change the vote results.
Dr. Yawei Liang Page 1

August 27, 2022 [8INF135, CYBERSIRURITY, PROJECT: ELECTION SERURITY] [Task 3] Implement to countermeasure (Prepared Statement) to prevent the attack mentioned in
Task 2.
[Task 4] Write and submit one report for your group. For its contents, check the following evaluation scheme.
3. Evaluation Scheme
 Final Project Presentation (30%)
A final project presentation session will be held at the end of the second term, each presentation is expected to last for about 10 to 15 minutes in front of all students who take this course and some professors and students who are available during the time of presentations.
The project presentation will have four categories:
o Review (5) – Your presentation explains important part of your literature review.
o Design and implementation (10) - Your design of the system/program is well planned and implemented.
o Analysis and Documentation (5) - Analysis what you find in this research, provide inside of your conclusions.
o Countermeasure Implementation and result analysis (5) – Discuss the way your group implemented of countermeasure and demonstrate the effect of the countermeasure.
o Presentation (5) – Your presentation is easy to be understood by general audience. You have enough details if an expert in your field will examine you in depth. Make sure that the text, code and figures are laid out well, and your writing/printing is legible.
 Final Project Report (70%)
You are expected to write a final report based on your experience. You should describe
what you planned to do, what you did and why it was interesting, worthwhile, and/or provided a good learning experience. While marking your report, the professor may find it necessary to adjust your proposal and presentation grades (either up or down). This is done to ensure fairness in marking and catch things that may have been missed.
The total length of your report should be no more than 3000 words, including any tables; diagrams and pseudo code needed to illustrate your work (do not include them in the word count). Shorter is OK, as long as you feel you've said what needs to be said. Your report should have the following sections and an appendix, as described below:
(1). Cover Page. (5%) The Grading Form, followed by your completed proposal. (2). Introduction, Motivation and Literature Review. (10%) What you're doing and why it is interesting, worthwhile, and/or provides a good learning experience.
Dr. Yawei Liang Page 2

August 27, 2022 [8INF135, CYBERSIRURITY, PROJECT: ELECTION SERURITY]
Explore who else are doing the similar research in the field chosen and how they did it.
(3). Design and implementation. (30%) Describe the major components and their goal, how your system/program works, and how they interact. To protect your voting system, describe the countermeasure implemented, and demonstrate if the countermeasure works.
(4). Analysis with Shortcomings. (5%) Describe any known bugs, errors, or omissions in your program. Like all scientific work, it is your duty to be honest. You will not have marks deducted for honesty.
(5). Conclusions. (5%) Summarize your project in a few words, state your achievements in your project, your contributions as well, and say what you would do differently if you were going to do it all over again.
(6). Teamwork contribution description. (5%) If the project is fulfilled by a group of students, a clear description of each member’s contribution must be provided. The final mark for each member might vary depending on how much contribution he/she made for the project.
(7). References. (5%) A list of references should be provided at the end of your report.
(8). Appendix. (5%) All your source code, including comments, should be attached to your final report.
4. Deliverables and Deadline
A final report, a final demo ppt (we might not do the demo this year due to my absence from Tianjin), and your code involved should be delivered by the end of the second week.
5. Marking Scheme
Item
Presentation
Description
Marks assigned
Marks obtained
Review – Your presentation explains important part of 5 your literature review.
Design and implementation - Your design of the 10 system/program is well planned and implemented.
Analysis and Documentation - Analysis what you find 5 in this research, provide inside of your conclusions.
Countermeasure Implementation and result analysis – Discuss the way your group implemented of countermeasure and demonstrate the effect of the countermeasure.
Page 3

August 27, 2022 [8INF135, CYBERSIRURITY, PROJECT: ELECTION SERURITY]
Presentation – Your presentation is easy to be understood by general audience. You have enough details if an expert in your field will examine you in depth. Make sure that the text, code and figures are laid out well, and your writing/printing is legible.
5
Subtotal: 30 Cover Page. The Grading Form, followed by your 5
completed proposal.
Introduction, Motivation and Literature Review.
What you're doing and why it is interesting, worthwhile, and/or provides a good learning experience. Explore who else are doing the similar research in the field chosen and how they did it.
10
Design and implementation. Describe the major components and their goal, how your system/program works, and how they interact. To protect your voting system, describe the countermeasure implemented, and demonstrate if the countermeasure works.
30
Analysis with Shortcomings. Describe any known bugs, errors, or omissions in your program. Like all scientific work, it is your duty to be honest. You will not have marks deducted for honesty.
5
Conclusions. Summarize your project in a few words, state your achievements in your project, your contributions as well, and say what you would do differently if you were going to do it all over again.
5
Teamwork contribution description. If the project is fulfilled by a group of students, a clear description of each member’s contribution must be provided. The final mark for each member might vary depending on how much contribution he/she made for the project.
5
Report
References. A list of references should be provided at 5 the end of your report.
Appendix. All your source code, including comments, 5 should be submitted as well.
Subtotal: 70 Total: 100