News
Guidance for MAID Reports
Written on 04.02.2019 20:06 by Christian Rossow
Dear Alice,
About 4 weeks to go until the final submission deadline for your MAID report. You may start to wonder about the report itself. We would like to give you some ideas on what level of detail and what contents we expect from you in this document.
Please note that the reports make up 50% of your overall project grade. This means that we do not only expect correct results and annotated reversing database for each project, but also a detailed (yet concise) description of the technical workings. Put serious efforts in the reports. Past experience has shown that you will loose points mainly because the report lacks findings, rather than submitting wrong solutions.
For each project, this means the following:
- p2png: We expect that you document the P2P protocol in such a detail that shows that you have understood how the network works. This includes bootstrapping the network, the types of exchanged messages, message formats, encryption, and peering details. Also, you should also describe how you identified the peers, and what challenges needed to be solved first.
- ransomware: We are obviously interested in the en-/decryption routine, but also in the core technical details of the obfuscation engine. How on earth did it work, why, and why so complex?
- RAT: Please describe dat evil RAT, but in particular, also highlight how a Suricata module helps to detect it (and also explain why standard rules are insufficient).
Good luck!
Bernd