MODULE 1:
PRE-REQUISITES IN INFORMATION AND
NETWORK SECURITY
#SaeeJoshi
#CyberSecurity#SaeeJoshi 1
OVERVIEW OF
NETWORKING CONCEPTS #CyberSecurity
#CyberSecurity#SaeeJoshi 2
Agenda
Basics of Communication Systems
Transmission Media
Topology and Types of Networks
TCP/IP Protocol Stacks
Wireless Networks
The Internet
#CyberSecurity#SaeeJoshi 3
Basics of Communication Systems • The communication system is a system which describes the
information exchange between two points.
• The process of transmission and reception of information is
called communication.
• The major elements of communication are
the Transmitter of information, Channel or medium of
communication and the Receiver of information.
#CyberSecurity#SaeeJoshi 4
Block Diagram of Communication Systems
#CyberSecurity#SaeeJoshi 5
Elements Of Communication Systems
• Information
• Message or information is the entity that is to be transmitted. It can be in
the form of audio, video, temperature, picture, pressure, etc.
• Signal
• The single-valued function of time that carries the information. The
information is converted into an electrical form for transmission.
• Transducer
• A device or an arrangement that converts one form of energy to the
other. An electrical transducer converts physical variables such as
pressure, force, temperature into corresponding electrical signal
variations. Example: Microphone – converts audio signals into electrical
signals. Photodetector – converts light signals into electrical signals.
CyberSecurity#SaeeJoshi 6
Elements Of Communication Systems • Amplifier
• The electronic circuit or device that increases the amplitude or the strength of the transmitted signal is called an amplifier. When the signal strength becomes less than the required value, amplification can be done anywhere in between transmitter and receiver. A DC power source will provide for the amplification.
• Modulator • As the original message signal cannot be transmitted over a large
distance because of their low frequency and amplitude, they are superimposed with high frequency and amplitude wave called carrier wave. This phenomenon of superimposing of message signal with a carrier wave is called modulation. And the resultant wave is a modulated wave which is to be transmitted.
• Again there are different types of Modulation.
• Amplitude Modulation (AM)
• Frequency Modulation (FM)
• Phase Modulation (PM)
CyberSecurity#SaeeJoshi 7
Elements Of Communication Systems
• Transmitter
• It is the arrangement that processes the message signal into a suitable
form for transmission and subsequently reception.
• Antenna
• An Antenna is a structure or a device that is radiate and receive
electromagnetic waves. So, they are used in both transmitters and
receivers. An antenna is basically a metallic object, often a collection of
wires. The electromagnetic waves are polarized according to the
position of the antenna.
• Channel
• A channel refers to a physical medium such as wire, cables, space
through which the signal is passed from transmitter to the receiver.
There are many channel impairments that affect the channel
performance to a pronounced level. Noise, Attenuation and distortion to
mention the major impairments.
CyberSecurity#SaeeJoshi 8
Transmission Media • Transmission media is a communication channel that
carries the information from the sender to the receiver.
• It is a physical path between transmitter and receiver in
data communication.
• The main functionality of the transmission media is to carry
the information in the form of bits through network. Data is
transmitted through the electromagnetic signals.
• The electrical signals can be sent through the copper wire,
fiber optics, atmosphere, water, and vacuum.
• he characteristics and quality of data transmission are
determined by the characteristics of medium and signal.
CyberSecurity#SaeeJoshi 9
Transmission Media • Transmission media is of two types are wired media and
wireless media. In wired media, medium characteristics are more important whereas, in wireless media, signal characteristics are more important.
• Different transmission media have different properties such as bandwidth, delay, cost and ease of installation and maintenance. • Bandwidth: All the factors are remaining constant, the greater the
bandwidth of a medium, the higher the data transmission rate of a signal.
• Transmission impairment: When the received signal is not identical to the transmitted one due to the transmission impairment. The quality of the signals will get destroyed due to transmission impairment.
• Interference: An interference is defined as the process of disrupting a signal when it travels over a communication medium on the addition of some unwanted signal.
CyberSecurity#SaeeJoshi 10
Classification Of Transmission Media
CyberSecurity#SaeeJoshi 11
Transmission Impairment
CyberSecurity#SaeeJoshi 12
• Attenuation: Attenuation means the loss of energy, i.e., the strength of
the signal decreases with increasing the distance which causes the loss
of energy.
• Distortion: Distortion occurs when there is a change in the shape of the
signal. This type of distortion is examined from different signals having
different frequencies. Each frequency component has its own
propagation speed, so they reach at a different time which leads to the
delay distortion.
• Noise: When data is travelled over a transmission medium, some
unwanted signal is added to it which creates the noise.
Network Topology
• In computer networks, there are mainly two types of
topologies, they are:
• Physical Topology: A physical topology describes the way in
which the computers or nodes are connected with each other in a
computer network. It is the arrangement of various elements(link,
nodes, etc.), including the device location and code installation of a
computer network. In other words, we can say that it is the physical
layout of nodes, workstations, and cables in the network.
• Logical Topology: A logical topology describes the way, data flow
from one computer to another. It is bound to a network protocol and
defines how data is moved throughout the network and which path
it takes. In other words, it is the way in which the devices
communicate internally.
CyberSecurity#SaeeJoshi 13
There are mainly six types of physical topology, they
are:
• Bus Topology
• Ring Topology
• Star Topology
• Mesh Topology
• Tree Topology
• Hybrid Topology
Now let us learn these topologies one by one
CyberSecurity#SaeeJoshi 14
Network Topology : Types
• Bus topology is the simplest kind of topology in which a
common bus or channel is used for communication in the
network. The bus is connected to various taps and drop
lines.
• Taps are the connectors, while drop lines are the cables
connecting the bus with the computer. In other words,
there is only a single transmission line for all nodes.
CyberSecurity#SaeeJoshi 15
Network Topology : Bus
• Ring topology is a topology in which each computer is
connected to exactly two other computers to form the
ring.
• The message passing is unidirectional and circular in
nature.
CyberSecurity#SaeeJoshi 16
Network Topology : Ring
• Star topology is a computer network topology in which all
the nodes are connected to a centralized hub.
• The hub or switch acts as a middleware between the
nodes. Any node requesting for service or providing
service, first contact the hub for communication.
CyberSecurity#SaeeJoshi 17
Network Topology : Star
• Mesh topology is a computer network topology in which nodes are interconnected with each other.
• In other words, direct communication takes place between the nodes in the network.
• There are mainly two types of Mesh: • Full Mesh: In which each node is connected to every other node in the
network.
• Partial Mesh: In which, some nodes are not connected to every node in the network.
CyberSecurity#SaeeJoshi 18
Network Topology : Mesh
• Tree topology is a computer network topology in which all the
nodes are directly or indirectly connected to the main bus cable.
• Tree topology is a combination of Bus and Star topology.
• In a tree topology, the whole network is divided into segments,
which can be easily managed and maintained.
• There is a main hub and all the other sub-hubs are connected to
each other in this topology.
CyberSecurity#SaeeJoshi 19
Network Topology : Tree
• A Hybrid topology is a computer topology which is a combination of two or more topologies. In practical use, they are the most widely used.
• In this topology, all topologies are interconnected according to the needs to form a hybrid. All the good features of each topology can be used to make an efficient hybrid topology.
CyberSecurity#SaeeJoshi 20
Network Topology : Hybrid
………BREAK TIME……….. See You all in 5 min…….
CyberSecurity#SaeeJoshi 21
Types of Network
• A communication network can be categorized by their size.
A communiction network is mainly of four types:
• LAN(Local Area Network)
• PAN(Personal Area Network)
• MAN(Metropolitan Area Network)
• WAN(Wide Area Network)
CyberSecurity#SaeeJoshi 22
Types of Network :LAN(Local Area Network)
• Local Area Network is a group of computers connected to each other in a small area such as building, office.
• LAN is used for connecting two or more personal computers through a communication medium such as twisted pair, coaxial cable, etc.
• It is less costly as it is built with inexpensive hardware such as hubs, network adapters, and Ethernet cables.
• The data is transferred at an extremely faster rate in Local Area Network.
• Local Area Network provides higher security.
CyberSecurity#SaeeJoshi 23
Types of Network :LAN(Local Area Network)
CyberSecurity#SaeeJoshi 24
• LAN examples:
• Small company network
• Educational Labs
• Housing complex networks
Types of Network : PAN(Personal Area Network)
• Personal Area Network is a network arranged within an individual person, typically within a range of 10 meters.(typically called Home Networks )
• Personal Area Network is used for connecting the computer devices of personal use is known as Personal Area Network.
• Thomas Zimmerman was the first research scientist to bring the idea of the Personal Area Network.
• Personal Area Network covers an area of 30 feet.
• Personal computer devices that are used to develop the personal area network are the laptop, mobile phones, media player and play stations.
CyberSecurity#SaeeJoshi 25
Types of Network : PAN(Personal Area Network)
CyberSecurity#SaeeJoshi 26
• There are two types of Personal Area Network: • Wired Personal Area Network
• Wireless Personal Area Network
Types of Network : MAN(Metropolitan Area Network)
CyberSecurity#SaeeJoshi 27
• A metropolitan area network is a network that covers a larger geographic area by interconnecting a different LAN to form a larger network.
• Government agencies use MAN to connect to the citizens and private industries.
• In MAN, various LANs are connected to each other through a telephone exchange line.
• The most widely used protocols in MAN are RS-232, Frame Relay, ATM, ISDN, OC-3, ADSL, etc.
• It has a higher range than Local Area Network(LAN).
Types of Network : MAN(Metropolitan Area Network)
CyberSecurity#SaeeJoshi 28
Types of Network : WAN(Wide Area Network)
CyberSecurity#SaeeJoshi 29
• A Wide Area Network is a network that extends over a large
geographical area such as states or countries.
• A Wide Area Network is quite bigger network than the LAN.
• A Wide Area Network is not limited to a single location, but
it spans over a large geographical area through a telephone
line, fiber optic cable or satellite links.
• The internet is one of the biggest WAN in the world.
• A Wide Area Network is widely used in the field of Business,
government, and education.
Types of Network : WAN(Wide Area Network)
CyberSecurity#SaeeJoshi 30
• Examples Of Wide Area Network:
• Mobile Broadband
• A telecom company
• Private Network
TCP/IP Protocol Stacks • A network protocol is an established set of rules that
determine how data is transmitted between different devices in the same network.
• Essentially, it allows connected devices to communicate with each other, regardless of any differences in their internal processes, structure or design.
• TCP/IP is the world's most widely-used non-proprietary protocol suite because it enables computers using diverse hardware and software platforms, on different types of networks, to communicate.
• The protocols work equally well in both LANs and WANs.
CyberSecurity#SaeeJoshi 31
TCP/IP Protocol Stacks • TCP/IP is a collection of protocols named after its two
best-known and most important protocols,
the Transmission Control Protocol (TCP) and the Internet
Protocol (IP).
• TCP/IP also includes several higher level protocols that
facilitate common applications such as electronic mail,
terminal emulation, and file transfer.
• The TCP/IP protocol suite can be modeled as a layered
protocol stack.
• It divides the protocols in four layers depending upon at
what level of data transfer processes they are used.
CyberSecurity#SaeeJoshi 32
TCP/IP Protocol Stacks The TCP/IP model has four layers. From lowest to highest,
these are the link layer, the internet layer, the transport layer,
and the application layer, as shown below.
CyberSecurity#SaeeJoshi 33
TCP/IP Protocol Layers
CyberSecurity#SaeeJoshi 34
Wireless Networks • Wireless networks are computer networks that are not connected
by cables of any kind.
• The use of a wireless network enables enterprises to avoid the costly process of introducing cables into buildings or as a connection between different equipment locations.
• The basis of wireless systems are radio waves, an implementation that takes place at the physical level of network structure.
• There are four main types of wireless networks: • Wireless Local Area Network (LAN): Links two or more devices using a
wireless distribution method, providing a connection through access points to the wider Internet.
• Wireless Metropolitan Area Networks (MAN): Connects several wireless LANs.
• Wireless Wide Area Network (WAN): Covers large areas such as neighboring towns and cities.
• Wireless Personal Area Network (PAN): Interconnects devices in a short span, generally within a person’s reach.
CyberSecurity#SaeeJoshi 35
Elements of Wireless Networks • Wireless Access Point
• A wireless communications hardware device that creates a central point of wireless connectivity. A wireless access point behaves much like a "hub" in that the total bandwidth is shared among all users for which the device is maintaining an active network connection.
• Wireless Port • Wireless ports provide both data and power service to the wireless
access point and are clearly distinguished from ordinary network ports by an affixed yellow warning label.
• Because wireless ports carry both data and electrical power, ordinary end-user devices could be severely damaged if they are connected to this type of port.
• Coverage Area • The geographical area in which acceptable wireless service quality is
attainable. Coverage areas for similar devices can vary significantly due to the presence of building materials, interference, obstructions, and access point placement.
CyberSecurity#SaeeJoshi 36
Elements of Wireless Networks • Interference
• Degradation of a wireless communication radio signal caused by electromagnetic radiation from another source including other wireless access points, cellular telephones, microwave ovens, medical and research equipment, and other devices that generate radio signals. Interference can either degrade a wireless transmission or completely eliminate it entirely depending on the strength of the signal generated by the offending device.
• Privacy • The condition that is achieved by successfully maintaining the
confidentiality of personal, student, employee, and/or patient information transmitted over a wireless network.
• Security • Security is particularly important in wireless networks because data is
transmitted using radio signals that, without implementation of specific data encryption mechanisms, can easily be intercepted.
CyberSecurity#SaeeJoshi 37
The Internet • The Internet is the most commonly used term in today’s world and
plays a very important role in the everyday life of people.
• Definition : “A global system of interconnected computers, using a
standardized Internet Protocol suite for communication and
sharing information is called the Internet.”
• The Internet completely revolutionized communication and
technology across the Globe. Initially, computerized devices were
only used for large industries but later its usage increased
massively.
• It is also mandatory for people to know that it is not possible for a
single person to develop something as broad and wide as the
Internet all by himself/herself.
• It was a combined effort of multiple researchers and programmers
that the Internet was discovered.
CyberSecurity#SaeeJoshi 38
Ways To Connect To Internet The different ways in which one can connect to the Internet are discussed below in brief:
• Dial-Up – In such connections, users are required to link their phone line to a computer to access the Internet. Under this connection, the user cannot make or receive phone calls through tier home phone service
• Broadband – Provided either through cable or phone companies, Broadband is a high-speed internet connection which is widely used today
• Wireless Connection – Wi-fi and Mobile service providers fall under this category. Internet connectivity is made via radio waves and the Internet can be connected anywhere, irrespective of the location. Given below are a few examples of wireless connection: • Wi-fi – Wireless Fidelity or wi-fi allows high-speed internet connectivity without the
use of wires
• Mobile Phones – All smartphones are now equipped with an option for Internet connectivity which can be availed using Internet vouchers and packs. No external connection or wire is required for these
• Satellite – Where broadband connections are unavailable, satellites are used for wireless Internet connectivity
• Integrated Services Digital Network – ISDN allows users to sent audio or video data using telephone lines
CyberSecurity#SaeeJoshi 39
Facts to know • The WWW
• The terms World Wide Web (WWW) and the Internet are so often used interchangeably that the fundamental difference between the two is easily forgotten.
• In simple words, WWW is just a common point of connectivity for information sharing that is facilitated by a global network of computers.
• The internet, on the other hand, is a connection between computers and countless other devices that form a huge network of systems.
• IP Address : • The Internet Protocol address is a numerical identification code assigned
for any device connected to a network. It acts as an identification interface for Internet users.
• Web Browser • A web browser is a software application for accessing the information on
the World Wide Web. The commonly used web browsers include Google Chrome, Internet Explorer, Mozilla Firefox, etc.
CyberSecurity#SaeeJoshi 40
THANK YOU ALL ……….
Questions??????
CyberSecurity#SaeeJoshi 41
MODULE 1:
PRE-REQUISITES IN INFORMATION AND
NETWORK SECURITY
#SaeeJoshi
#CyberSecurity#SaeeJoshi 1
INFORMATION SECURITY
CONCEPTS #CyberSecurity
#CyberSecurity#SaeeJoshi 2
Agenda
Information Security Overview: Background and Current Scenario
Types of Attacks
Goals for Security
E-commerce Security
Computer Forensics
Steganography
#CyberSecurity#SaeeJoshi 3
Information Security • What is Information?
• Information can be anything like Your details or we can say your profile
on social media, your data in mobile phone, your biometrics etc.
• Information Security
• Information Security is not only about securing information from
unauthorized access.
• Information Security is basically the practice of preventing
unauthorized access, use, disclosure, disruption, modification,
inspection, recording or destruction of information.
• Thus Information Security spans so many research areas like
Cryptography, Mobile Computing, Cyber Forensics, Online Social
Media etc.
#CyberSecurity#SaeeJoshi 4
Information Security : History • Information security has come a very long way over the past
half a century.
• 1960s: Password protection
• It was during the 1960s when organizations first started to become more
protective of their computers. During this time, there was no internet or
network to worry about.
• So security was largely focused on more physical measures, and
preventing access to people with enough knowledge about how to work a
computer.
• 1970s: From CREEPER to Reaper
• New cyber history began with a research project during the 1970s, on what
was then known as the ARPANET (The Advanced Research Projects
Agency Network).
• A researcher named Bob Thomas created a computer program which was
able to move ARPANET‘s network, leaving a small trail wherever it went.
• This was edited by ―Ray Tomlinson‖ to create first computer virus. This
reviled many security flaws in ARPANET.
#CyberSecurity#SaeeJoshi 5
Information Security : History • Information security has come a very long way over the past
half a century. • 1980s: The internet goes mad
• During the 1980s, the ARPANET network also became more commonly known as the internet, and became available to the public as the worldwide web during 1989.
• With wide use of internet computer viruses became more advanced, and information security systems could not keep up with the constant barrage of innovative hacking approaches.
• 1990s: The rise of firewalls
• With the internet becoming available to the public, more and more people began putting their personal information online.
• Because of this, organized crime entities saw this as a potential source of revenue, and started to steal data from people and governments via the web.
• Firewalls and antivirus programs went some way to minimizing the risk of attacks, computer viruses and worms kept coming thick and fast, so hackers definitely had the upper hand at the time.
#CyberSecurity#SaeeJoshi 6
Information Security : History • Information security has come a very long way over the past
half a century.
• 2000s: Proper punishment
• In the early 2000s, governments began to clamp down on the criminality of
hacking, giving much more serious sentences to those culpable – including
extensive jail time and large fines.
• 2010s: The era of major breaches
• Due to the consistent rise of technology, hacking became ever more
complicated over the years that followed, and a number of major data
breaches now largely define the era.
• Information security is constantly improving, and many companies are
designing a vast array of novice attack mitigation options which utilize
things like Network Behavioral Analysis (NBA), web application firewalls
(WAF), and Denial of Service (DoS) protection.
#CyberSecurity#SaeeJoshi 7
Types of Cyber Attacks • A cyber attack is any type of offensive action that targets
computer information systems, infrastructures, computer networks
or personal computer devices, using various methods to steal,
alter or destroy data or information systems.
• We define 10 most common cyber attack types
• Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks
• Man-in-the-middle (MitM) attack
• Phishing and spear phishing attacks
• Drive-by attack
• Password attack
• SQL injection attack
• Cross-site scripting (XSS) attack
• Eavesdropping attack
• Birthday attack
• Malware attack
#CyberSecurity#SaeeJoshi 8
Cyber Attack : DoS & DDoS • 1. Denial-of-service (DoS) and distributed denial-of-service (DDoS)
attacks
• A denial-of-service attack overwhelms a system‘s resources so that it cannot respond to service requests.
• A DDoS attack is also an attack on system‘s resources, but it is launched from a large number of other host machines that are infected by malicious software controlled by the attacker.
• Unlike attacks that are designed to enable the attacker to gain or increase access, denial-of-service doesn‘t provide direct benefits for attackers.
• For some of them, it‘s enough to have the satisfaction of service denial. However, if the attacked resource belongs to a business competitor, then the benefit to the attacker may be real enough.
• Another purpose of a DoS attack can be to take a system offline so that a different kind of attack can be launched. One common example is session hijacking,
• There are different types of DoS and DDoS attacks; the most common are TCP SYN flood attack, teardrop attack, smurf attack, ping-of-death attack and botnets
#CyberSecurity#SaeeJoshi 9
Cyber Attack : DoS & DDoS • TCP SYN flood attack
• In this attack, an attacker exploits the use of the buffer space during a Transmission Control Protocol (TCP) session initialization handshake.
• The attacker‘s device floods the target system‘s small in-process queue with connection requests, but it does not respond when the target system replies to those requests.
• This causes the target system to time out while waiting for the response from the attacker‘s device, which makes the system crash or become unusable when the connection queue fills up.
• Smurf attack • This attack involves using IP spoofing and the ICMP to saturate a target
network with traffic. This attack method uses ICMP echo requests targeted at broadcast IP addresses. These ICMP requests originate from a spoofed ―victim‖ address. For instance, if the intended victim address is 10.0.0.10, the attacker would spoof an ICMP echo request from 10.0.0.10 to the broadcast address 10.255.255.255. This request would go to all IPs in the range, with all the responses going back to 10.0.0.10, overwhelming the network. This process is repeatable, and can be automated to generate huge amounts of network congestion.
#CyberSecurity#SaeeJoshi 10
Cyber Attack : DoS & DDoS • Ping of death attack
• This type of attack uses IP packets to ‗ping a target system with an IP size
over the maximum of 65,535 bytes. IP packets of this size are not allowed,
so attacker fragments the IP packet. Once the target system reassembles
the packet, it can experience buffer overflows and other crashes.
• Botnets
• Botnets are the millions of systems infected with malware under hacker
control in order to carry out DDoS attacks. These bots or zombie systems
are used to carry out attacks against the target systems, often
overwhelming the target system‘s bandwidth and processing capabilities.
These DDoS attacks are difficult to trace because botnets are located in
differing geographic locations
• Teardrop attack
• This attack causes the length and fragmentation offset fields in sequential
Internet Protocol (IP) packets to overlap one another on the attacked host;
the attacked system attempts to reconstruct packets during the process
but fails. The target system then becomes confused and crashes.
#CyberSecurity#SaeeJoshi 11
Cyber Attack : MitM • Man-in-the-middle (MitM) attack
• A MitM attack occurs when a hacker inserts itself between the communications of a client and a server. Here are some common types of man-in-the-middle attacks:
• Here are some common types of man-in-the-middle attacks: • Session hijacking
• an attacker hijacks a session between a trusted client and network server. The attacking computer substitutes its IP address for the trusted client while the server continues the session, believing it is communicating with the client.
• IP Spoofing
• IP spoofing is used by an attacker to convince a system that it is communicating with a known, trusted entity and provide the attacker with access to the system. The attacker sends a packet with the IP source address of a known, trusted host instead of its own IP source address to a target host. The target host might accept the packet and act upon it.
• Replay
• A replay attack occurs when an attacker intercepts and saves old messages and then tries to send them later, impersonating one of the participants. This type can be easily countered with session timestamps or nonce (a random number or a string that changes with time).
#CyberSecurity#SaeeJoshi 12
Cyber Attack : Phishing • Phishing and spear phishing attacks
• Phishing attack is the practice of sending emails that appear to be
from trusted sources with the goal of gaining personal information or
influencing users to do something.
• It combines social engineering and technical trickery. It could involve
an attachment to an email that loads malware onto your computer.
• It could also be a link to an illegitimate website that can trick you into
downloading malware or handing over your personal information.
• Spear phishing is a very targeted type of phishing activity. Attackers
take the time to conduct research into targets and create messages
that are personal and relevant.
• Because of this, spear phishing can be very hard to identify and even
harder to defend against.
#CyberSecurity#SaeeJoshi 13
Cyber Attack : Drive-by • Drive-by download attacks are a common method of
spreading malware.
• Hackers look for insecure websites and plant a malicious script into
HTTP or PHP code on one of the pages. This script might install
malware directly onto the computer of someone who visits the site, or it
might re-direct the victim to a site controlled by the hackers.
• Drive-by downloads can happen when visiting a website or viewing an
email message or a pop-up window.
• Unlike many other types of cyber security attacks, a drive-by doesn‘t
rely on a user to do anything to actively enable the attack — you don‘t
have to click a download button or open a malicious email attachment
to become infected.
#CyberSecurity#SaeeJoshi 14
Cyber Attack : Password • Because passwords are the most commonly used mechanism to
authenticate users to an information system, obtaining passwords is a common and effective attack approach.
• Access to a person‘s password can be obtained by looking around the person‘s desk, ‗‗sniffing‘‘ the connection to the network to acquire unencrypted passwords, using social engineering, gaining access to a password database or outright guessing
• The last approach can be done in either a random or systematic manner: • Brute-force password guessing means using a random approach by
trying different passwords and hoping that one work Some logic can be applied by trying passwords related to the person‘s name, job title, hobbies or similar items.
• In a dictionary attack, a dictionary of common passwords is used to attempt to gain access to a user‘s computer and network. One approach is to copy an encrypted file that contains the passwords, apply the same encryption to a dictionary of commonly used passwords, and compare the results.
#CyberSecurity#SaeeJoshi 15
Cyber Attack : SQL injection • SQL injection has become a common issue with database-
driven websites.
• It occurs when a malefactor executes a SQL query to the
database via the input data from the client to server.
• SQL commands are inserted into data-plane input (for
example, instead of the login or password) in order to run
predefined SQL commands.
• A successful SQL injection exploit can read sensitive data
from the database, modify (insert, update or delete)
database data, execute administration operations (such as
shutdown) on the database, recover the content of a given
file, and, in some cases, issue commands to the operating
system.
#CyberSecurity#SaeeJoshi 16
Cyber Attack : Cross-site scripting (XSS)
• XSS attacks use third-party web resources to run scripts in
the victim‘s web browser or scriptable application.
#CyberSecurity#SaeeJoshi 17
Cyber Attack : Eavesdropping • Eavesdropping attacks occur through the interception of
network traffic.
• By eavesdropping, an attacker can obtain passwords, credit
card numbers and other confidential information that a user
might be sending over the network.
• Eavesdropping can be passive or active
• Passive eavesdropping — A hacker detects the information by
listening to the message transmission in the network.
• Active eavesdropping — A hacker actively grabs the information by
disguising himself as friendly unit and by sending queries to
transmitters. This is called probing, scanning or tampering
#CyberSecurity#SaeeJoshi 18
Cyber Attack : Birthday • Birthday attacks are made against hash algorithms that are
used to verify the integrity of a message, software or digital
signature.
• A message processed by a hash function produces a
message digest (MD) of fixed length, independent of the
length of the input message; this MD uniquely characterizes
the message.
• The birthday attack refers to the probability of finding two
random messages that generate the same MD when
processed by same hash function.
#CyberSecurity#SaeeJoshi 19
Cyber Attack : Malware • Malicious software can be described as unwanted software
that is installed in your system without your consent.
• Here are some of the most common types of malware: • Macro viruses — These viruses infect applications such as Microsoft
Word or Excel. Macro viruses attach to an application‘s initialization sequence. When the application is opened, the virus executes instructions before transferring control to the application. The virus replicates itself and attaches to other code in the computer system.
• File infectors — File infector viruses usually attach themselves to executable code, such as .exe files. The virus is installed when the code is loaded. Another version of a file infector associates itself with a file by creating a virus file with the same name, but an .exe extension. Therefore, when the file is opened, the virus code will execute.
• System or boot-record infectors — A boot-record virus attaches to the master boot record on hard disks. When the system is started, it will look at the boot sector and load the virus into memory, where it can propagate to other disks and computers.
#CyberSecurity#SaeeJoshi 20
Goals of Information Security • Information Security programs are build around 3 objectives,
commonly known as CIA – Confidentiality, Integrity, Availability. • Confidentiality – means information is not disclosed to unauthorized
individuals, entities and process.
• For example if we say I have a password for my Gmail account but someone saw while I was doing a login into Gmail account. In that case my password has been compromised and Confidentiality has been breached.
• Integrity – means maintaining accuracy and completeness of data. This means data cannot be edited in an unauthorized way.
• For example if an employee leaves an organization then in that case data for that employee in all departments like accounts, should be updated to reflect status to JOB LEFT so that data is complete and accurate and in addition to this only authorized person should be allowed to edit employee data.
• Availability – means information must be available when needed.
• For example if one needs to access information of a particular employee to check whether employee has outstand the number of leaves, in that case it requires collaboration from different organizational teams like network operations, development operations, incident response and policy/change management.
#CyberSecurity#SaeeJoshi 21
Goals of Information Security • Apart from this there are more principles that governs
information security programs.
• Non repudiation – means one party cannot deny receiving a message
or a transaction nor can the other party deny sending a message or a
transaction.
• Authenticity – means verifying that users are who they say they are
and that each input arriving at destination is from a trusted source. This
principle if followed guarantees the valid and genuine message received
from a trusted source through a valid transmission.
• Accountability – means that it should be possible to trace actions of an
entity uniquely to that entity.
#CyberSecurity#SaeeJoshi 22
E-commerce Security • Security is an essential part of any transaction that takes place over the
internet. Customers will lose his/her faith in e-business if its security is compromised.
• Following are the essential requirements for safe e-payments/transactions : • Confidentiality − Information should not be accessible to an unauthorized person. It
should not be intercepted during the transmission.
• Integrity − Information should not be altered during its transmission over the network.
• Availability − Information should be available wherever and whenever required within a time limit specified.
• Authenticity − There should be a mechanism to authenticate a user before giving him/her an access to the required information.
• Non-Reputiability − It is the protection against the denial of order or denial of payment. Once a sender sends a message, the sender should not be able to deny sending the message. Similarly, the recipient of message should not be able to deny the receipt.
• Encryption − Information should be encrypted and decrypted only by an authorized user.
• Auditability − Data should be recorded in such a way that it can be audited for integrity requirements.
CyberSecurity#SaeeJoshi 23
E-commerce Security
• Major security measures taken by all e-commerce website are
following −
• Encryption − It is a very effective and practical way to safeguard the
data being transmitted over the network. Sender of the information
encrypts the data using a secret code and only the specified receiver can
decrypt the data using the same or a different secret code.
• Digital Signature − Digital signature ensures the authenticity of the
information. A digital signature is an e-signature authenticated through
encryption and password.
• Security Certificates − Security certificate is a unique digital id used to
verify the identity of an individual website or user.
CyberSecurity#SaeeJoshi 24
E-commerce Security : Security Protocols • Secure Socket Layer (SSL)
• It is the most commonly used protocol and is widely used across the industry. It meets following security requirements −
• Authentication
• Encryption
• Integrity
• Non-reputability
• "https://" is to be used for HTTP urls with SSL, where as "http:/" is to be used for HTTP urls without SSL.
• Secure Hypertext Transfer Protocol (SHTTP) • SHTTP extends the HTTP internet protocol with public key encryption,
authentication, and digital signature over the internet.
• Secure HTTP supports multiple security mechanism, providing security to the end-users.
• SHTTP works by negotiating encryption scheme types used between the client and the server.
CyberSecurity#SaeeJoshi 25
Computer Forensics
• Computer forensics is the process of methodically examining
computer media (hard disks, diskettes, tapes, etc.) for
evidence.
• In other words, computer forensics is the collection,
preservation, analysis, and presentation of computer-related
evidence.
• Computer forensics also referred to as computer forensic
analysis, electronic discovery, electronic evidence discovery,
digital discovery, data recovery, data discovery, computer
analysis, and computer examination.
• Computer evidence can be useful in criminal cases, civil
disputes, and human resources/ employment proceedings.
CyberSecurity#SaeeJoshi 26
Computer Forensics
• Computer forensics assists in Law Enforcement. This can
include:
• Recovering deleted files such as documents, graphics, and photos.
• Searching unallocated space on the hard drive, places where an
abundance of data often resides.
• Tracing artifacts, those tidbits of data left behind by the operating
system. Our experts know how to find these artifacts and, more
importantly, they know how to evaluate the value of the information
they find.
• Processing hidden files — files that are not visible or accessible to the
user — that contain past usage information. Often, this process
requires reconstructing and analyzing the date codes for each file and
determining when each file was created, last modified, last accessed
and when deleted.
• Running a string-search for e-mail, when no e-mail client is obvious.
CyberSecurity#SaeeJoshi 27
Steganography • Given the amount of data that is being generated and transmitted
electronically in the world today, it‘s no surprise that numerous methods of protecting that data have evolved. One of the rapidly growing methods is steganography.
• Steganography is the art and science of embedding secret messages in a cover message in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message
CyberSecurity#SaeeJoshi 28
Steganography Techniques
• Depending on the Steganography Techniques
• nature of the cover object(actual object in which secret data
is embedded), steganography can be divided into five types:
• Text Steganography : Text Steganography is hiding information inside
the text files.
• It involves things like changing the format of existing text, changing
words within a text, generating random character sequences or using
context-free grammars to generate readable texts
• Image Steganography : Hiding the data by taking the cover object as
the image is known as image steganography.
• In digital steganography, images are widely used cover source
because there are a huge number of bits present in the digital
representation of an image.
CyberSecurity#SaeeJoshi 29
Steganography Techniques
• Audio Steganography : In audio steganography, the secret message is embedded into an audio signal which alters the binary sequence of the corresponding audio file.
• Hiding secret messages in digital sound is a much more difficult process when compared to others, such as Image Steganography.
• Video Steganography : In Video Steganography you can hide kind of data into digital video format.
• The advantage of this type is a large amount of data can be hidden inside and the fact that it is a moving stream of images and sounds.
• You can think of this as the combination of Image Steganography and Audio Steganography.
• Two main classes of Video Steganography include: • Embedding data in uncompressed raw video and compressing it later
• Embedding data directly into the compressed data stream
• Network Steganography / Protocol Steganography :
• It is the technique of embedding information within network control protocols used in data transmission such TCP, UDP, ICMP etc.
• You can use steganography in some covert channels that you can find in the OSI model. For Example, you can hide information in the header of a TCP/IP packet in some fields that are either optional.
CyberSecurity#SaeeJoshi 30
THANK YOU ALL ……….
Questions??????
CyberSecurity#SaeeJoshi 31
MODULE 1:
PRE-REQUISITES IN INFORMATION AND
NETWORK SECURITY
#SaeeJoshi
#CyberSecurity#SaeeJoshi 1
SECURITY THREATS AND
VULNERABILITIES #CyberSecurity
#CyberSecurity#SaeeJoshi 2
Agenda Overview of Security threats
Weak / Strong Passwords and Password Cracking
Insecure Network connections
Malicious Code
Programming Bugs
Cyber crime and Cyber terrorisme
Information Warfare and Surveillance
#CyberSecurity#SaeeJoshi 3
Overview of Security threats • A network security threat is an effort to obtain illegal admission to
your organization’s network, to take your data without your knowledge, or execute other malicious pursuits.
• Your network security is at risk or vulnerable if or when there is a weakness or vulnerability within your computer network.
• Some network security threats are intended to upset your organization’s processes and functionality instead of noiselessly collecting information for espionage or financial motives.
• With the extensive use and accessibility of the internet, comes the increase in all kinds of threats. The most prevalent technique is the Denial of Service (DoS) attack.
• Having the essential mechanisms and tools to identify and categorize network security threats and irregularities in your system or network is critical.
#CyberSecurity#SaeeJoshi 4
What are network vulnerabilities? • Network vulnerabilities are known flaws or weaknesses in
hardware, software, or other organizational assets, which can be exploited by attackers.
• When your network security is compromised by a threat, it can lead to a severe security breach.
• Most network security vulnerabilities are often abused by computerized attackers rather than human typing on your network.
• There are four main types of network security threats • Structured threats
• Unstructured threats
• External threats
• Internal threats
• Lets see some major security threats that make systems vurnerable.
#CyberSecurity#SaeeJoshi 5
Weak / Strong Passwords • Weak passwords always play a major role in any hack. For the
ease of user, sometime applications do not enforce password complexity and as a result of that users use simple passwords such as :
password, password123, Password@123, 12345, god, own mobile number etc.
• Strong password is one that is more secure by virtue of being difficult for a machine or a human to guess.
• Password strength can be achieved by incorporating the following characteristics; the more characteristics you incorporate into your password, the stronger it will be. • At least 8 characters—the more characters, the better
• A mixture of both uppercase and lowercase letters
• A mixture of letters and numbers
• Inclusion of at least one special character, e.g., ! @ # ? ] Note: do not use < or > in your password, as both can cause problems in Web browsers
#CyberSecurity#SaeeJoshi 6
Password cracking
• Application authentication that only requires a login and password is inherently unsecure, because an attacker only needs to obtain “one factor” to masquerade as a legitimate user.
• Often it is easy to guess legitimate login ids by doing some reconnaissance on the target of the attack.
• Many companies will re-use employee’s email ids (without the domain name) as a universal login for other systems in the company. Email addresses can be discovered from many online sources.
• Additionally, users will often use unsecure passwords, because they are easier to remember. A company will often dictate rules for password complexity, but users will still tend to follow those rules in such a way that their passwords will be easier for them to remember.
#CyberSecurity#SaeeJoshi 7
Insecure Network connections • In the world of Wi-Fi, there are two types of networks, secured and
unsecured. The primary difference between secure and unsecure networks is the ability to connect without a password. This means virtually anyone with proximity to the network can connect.
• Unsecure networks often lack any sort of anti-virus or firewall protection and any information transmitted across the network is floating around unencrypted for someone to grab.
• The threats an Unsecure Network pose : • Information Vulnerability
• Malware Distribution
• Wi-Fi Honeypots (fake wireless network)
• Man in the Middle (MITM) Attack
• To avoid these threats avoid using open Wi-Fi connections, also following may help : • Personal Antivirus or Firewall
• Virtual Desktop Infrastructure (VDI) govern by central server.
CyberSecurity#SaeeJoshi 8
Malicious Code • What is malicious code?
• Malicious code is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses. • Viruses have the ability to damage or destroy files on a computer system and are
spread by sharing an already infected removable media, opening malicious email attachments, and visiting malicious web pages.
• Worms are a type of virus that self-propagates from computer to computer. Its functionality is to use all of your computer’s resources, which can cause your computer to stop responding.
• Trojan Horses are computer programs that are hiding a virus or a potentially damaging program. It is not uncommon that free software contains a Trojan horse making a user think they are using legitimate software, instead the program is performing malicious actions on your computer.
• Malicious data files are non-executable files—such as a Microsoft Word document, an Adobe PDF, a ZIP file, or an image file—that exploits weaknesses in the software program used to open it. Attackers frequently use malicious data files to install malware on a victim’s system, commonly distributing the files via email, social media, and websites.
CyberSecurity#SaeeJoshi 9
Malicious Code
• How can you protect yourself against malicious code?
• Install and maintain antivirus software
• Use caution with links and attachments
• Block pop-up advertisements
• Use an account with limited permissions
• Disable external media AutoRun and AutoPlay features
• Change your passwords periodically
• Keep software updated
• Back up data regularly
• Install or enable a firewall
• Use anti-spyware tools
• Monitor accounts
• Avoid using public Wi-Fi
CyberSecurity#SaeeJoshi 10
Programming Bugs
• A programming bug or software bug is nothing like a pesky
worm or virus. Instead, it's an error or mistake that causes a
computer program to misbehave.
• These bugs are generally the result of mistakes made by
the programmer either in the design or the source code.
• Some are caused by compilers that generated invalid code.
• While programming bugs themselves aren't malicious, they
can be very dangerous.
• They can make your entire system weak and vulnerable to
cyber attacks.
• The computer software industry has taken note of this with
strides to become more efficient at development.
CyberSecurity#SaeeJoshi 11
Programming Bugs
• Some of these measures include the following. • Programming Style
• Although common mistakes such as typos are usually found by the compiler, a programming bug often appears when logical errors are made. Innovations in defense programming and programming style are intended to make these errors less likely and easier to notice.
• Programming Techniques
• Various techniques are employed to immediately halt a program when inconsistencies are encountered. This is a quick procedure that enables the bug to be identified and fixed. Other methods involve attempting to correct the bug while allowing the program to continuously run.
• Language Support
• The new programing languages and frameworks are equipped with inbuilt error handing and bug tracking capacities. Use of these languages is highly recommended.
CyberSecurity#SaeeJoshi 12
Cyber crime
• There is no universally accepted definition of cybercrime.
However, the following definition includes elements
common to existing cybercrime definitions.
“Cybercrime is an act that violates the law, which is
perpetrated using information and communication
technology (ICT) to either target networks, systems, data,
websites and/or technology or facilitate a crime”
• Cybercrime differs from traditional crime in that it "knows
no physical or geographic boundaries" and can be
conducted with less effort, greater ease, and at greater
speed than traditional crime
CyberSecurity#SaeeJoshi 13
Types of Cyber crime
• There are no universally defined crime types but here is an attempt to identify some commonly occurring themes and characteristics
• science community view cybercrime primarily in terms of the level of transformation Internet technologies where the crime is either • assisted ( cyber-assisted crime)
• enabled ( cyber-enabled crime)
• dependent ( cyber-dependent crime)
• The legal and criminological communities, tend to see it more in terms of the different criminal actions or modus operandi (i.e., method of operation) involved. • crime against the computer (hacking)
• crime using the computer (e.g. fraud, bullying)
• crime in the computer (extreme sexual, hate or terrorism materials)
• The political scientists, on the other hand, view cybercrime in terms of the impacts of cybercrime on, • Politics or the political system
• Governments or government agencies
• Private Organizations
• Common citizens or individuals.
CyberSecurity#SaeeJoshi 14
Cyber terrorism
• Cyber terrorism is the use of the Internet to conduct violent acts that result in, or threaten, loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation.
• The aim of cyber terrorism can be ; “The use of computer network tools to shut down critical national infrastructures (such as energy, transportation, government operations) or to coerce or intimidate a government or civilian population.”
• The premise of cyber terrorism is that as nations and critical infrastructure became more dependent on computer networks for their operation, new vulnerabilities are created
• A hostile nation or group could exploit these vulnerabilities to penetrate a poorly secured computer network and disrupt or even shut down critical functions.
CyberSecurity#SaeeJoshi 15
Cyber terrorism
What types of information are at risk?
1. Power delivery
2. Communications
3. Aviation
4. Financial services
5. Medical records
6. Criminal records
7. Business plans
CyberSecurity#SaeeJoshi 16
Information warfare
• Information Warfare: Any action to deny, exploit, corrupt, or
destroy the enemy’s information and its functions; protecting
ourselves against those actions; and exploiting our own
military information functions.
• Direct Information Warfare changes the adversary’s information without involving the intervening perceptive and analytical functions.
• Indirect Information Warfare changes the adversary’s information by creating phenomena that the adversary must then observe and analyze.
CyberSecurity#SaeeJoshi 17
Computer network Surveillance
• Computer and network surveillance is the monitoring of
computer activity and data stored on a hard drive, or data being
transferred over computer networks such as the Internet.
• This monitoring is often carried out covertly and may be
completed by governments, corporations, criminal organizations,
or individuals.
• It may or may not be legal and may or may not require
authorization from a court or other independent government
agencies.
• Computer and network surveillance programs are widespread
today and almost all Internet traffic can be monitored.
• Surveillance allows governments and other agencies to
maintain social control, recognize and monitor threats or any
suspicious activity, and prevent and investigate criminal activities.
CyberSecurity#SaeeJoshi 18
THANK YOU ALL ……….
Questions??????
CyberSecurity#SaeeJoshi 19
MODULE 1:
PRE-REQUISITES IN INFORMATION AND
NETWORK SECURITY
#SaeeJoshi
#CyberSecurity#SaeeJoshi 1
CRYPTOGRAPHY /
ENCRYPTION #CyberSecurity
#CyberSecurity#SaeeJoshi 2
Agenda
Introduction to Cryptography / Encryption
Digital Signatures
Public Key infrastructure
Applications of Cryptography
Tools and techniques of Cryptography
#CyberSecurity#SaeeJoshi 3
Introduction to Cryptography / Encryption
• Definition Cryptography is the science of using mathematics
to encrypt and decrypt data.
Phil Zimmermann
• Cryptography is the art and science of keeping messages
secure.
Bruce Schneier
“The art and science of concealing the messages to introduce
secrecy in information security is recognized as cryptography.”
• A message is plaintext (sometimes called cleartext). The
process of disguising a message in such a way as to hide its
substance is encryption. An encrypted message is
ciphertext. The process of turning ciphertext back into
plaintext is decryption.
CyberSecurity#SaeeJoshi 4
Introduction to Cryptography / Encryption
• A cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure
• A cryptosystem is an implementation of cryptographic techniques and their accompanying infrastructure to provide information security services.
• A cryptosystem is also referred to as a cipher system.
CyberSecurity#SaeeJoshi 5
Introduction to Cryptography / Encryption
• The set of rules used for encrypting any message is called
as “”key”. We also need a key to decrypt the message.
• There are three types of cryptography:
• Symmetric Key Cryptography
• Also known as Secret Key Cryptography or Conventional
Cryptography, Symmetric Key Cryptography is an encryption system in
which the sender and receiver of a message share a single, common
key that is used to encrypt and decrypt the message.
• The Algorithm use is also known as a secret key algorithm or
sometimes called a symmetric algorithm.
• A key is a piece of information (a parameter) that determines the
functional output of a cryptographic algorithm or cipher.
CyberSecurity#SaeeJoshi 6
Introduction to Cryptography / Encryption
• Asymmetric Key Cryptography
• Asymmetric Key Cryptography Asymmetric cryptography , also known
as Public-key cryptography, refers to a cryptographic algorithm which
requires two separate keys, one of which is private and one of which is
public.
• The public key is used to encrypt the message and the private one is
used to decrypt the message.
• Hash Functions
• A cryptographic hash function is a hash function that takes an arbitrary
block of data and returns a fixed-size bit string, the cryptographic hash
value, such that any (accidental or intentional) change to the data will
(with very high probability) change the hash value.
• The data to be encoded are often called the message, and the hash
value is sometimes called the message digest or simply digest.
CyberSecurity#SaeeJoshi 7
Digital Signatures
• Example of Asymmetric Key Cryptography: DSS
• Digital Signature Standard (DSS) is the digital signature
algorithm (DSA) developed by the U.S. National Security
Agency (NSA) to generate a digital signature for the
authentication of electronic documents.
• DSS was put forth by the National Institute of Standards and
Technology (NIST) in 1994, and has become the United
States government standard for authentication of electronic
documents.
• DSS is specified in Federal Information Processing Standard
(FIPS) 186.
CyberSecurity#SaeeJoshi 8
Public Key infrastructure • A public key infrastructure (PKI) is a set of roles, policies,
hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.
• A public key infrastructure relies on digital signature technology, which uses public key cryptography.
• The basic idea is that the secret key of each entity is only known by that entity and is used for signing. This key is called the private key.
• There is another key derived from it, called the public key, which is used for verifying signatures but cannot be used to sign. This public key is made available to anyone, and is typically included in the certificate document.
• The trusted party signing the document associating the key with the device is called a certificate authority (CA).
• The certificate authority also has a cryptographic key that it uses for signing these documents. These documents are called Digital certificates.
CyberSecurity#SaeeJoshi 9
Applications of Cryptography • Authentication/Digital Signatures :
• Before decrypting message using public key one should need authentication that the message is coming from trusted resource.
• To address this weakness, the standards community has invented an objects like certificate and Digital signature.
• Time Stamping • Time stamping is a technique that can certify that a certain electronic
document or communication existed or was delivered at a certain time.
• Electronic Money • Encryption is used in electronic money schemes to protect
conventional transaction data like account numbers and transaction amounts, digital signatures can replace handwritten signatures or a credit-card authorizations, and public-key encryption can provide confidentiality.
• Secure Network Communications. • A public-key protocol called Secure Socket Layer (SSL) for providing
data security layered between TCP/IP and application protocols (such as HTTP, Telnet, NNTP, or FTP).
CyberSecurity#SaeeJoshi 10
Applications of Cryptography • Kerberos is an authentication service developed by MIT which uses
secret-key ciphers for encryption and authentication. Kerberos was designed to authenticate requests for network resources and does not authenticate authorship of documents.
• Anonymous Remailers • A remailer is a free service that strips off the header information from
an electronic message and passes along only the content.
• Thus only the person to whom you have sent mail knows your identity not entire chain.
• Disk Encryption. • Disk encryption programs encrypt your entire hard disk so that you
don't have to worry about leaving any traces of the unencrypted data on your disk.
• Cryptography can also be used to encrypt files. In this case, Pretty Good Privacy (PGP) uses the user's private key along with a user-supplied password to encrypt the file. The same password and key are used to unlock the file.
CyberSecurity#SaeeJoshi 11
Tools and Techniques of Cryptography • Cyber security professionals can use multiple cryptography tools to build
and fortify their computer system defenses. Here’s a look at five key tools that cyber security specialists can integrate into their strategies.
• Security Tokens
• A security token is a physical device that holds information that authenticates a person’s identity. The owner plugs the security token into a system — via a computer’s USB port, for example — to gain access to a network service. It’s like swiping a security card to get into an office. A bank might issue security tokens to customers to use as an extra layer of security when they log in to their accounts.
• Key-Based Authentication
• Key-based authentication is a method that employs asymmetric algorithms to confirm a client’s identity and can be an effective substitute for using passwords to verify a client. The key factors at play in key-based authentication are public and private keys that confirm identity.
• In public key authentication, each user is given a pair of asymmetric keys. Users store their public keys in each system they want access to, while the private keys are safely maintained on the device with which the user connects to the secured systems.
• When connecting, the server authenticates the user with the public key and asks the user to decrypt it using the corresponding private key.
CyberSecurity#SaeeJoshi 12
Tools and Techniques of Cryptography • Docker
• The Docker software platform builds applications based on containers: small self-contained environments that share an operating system kernel but otherwise run in isolation from one another. By their nature, Docker containers are secure. More security can be added by enabling one of several applications that fortify the system.
• Java Cryptography Architecture
• The popular Java programming language has built-in cryptographic functions. The Java Cryptography Architecture (JCA) is integrated with the core Java application programming interface (API). The JCA contains APIs that handle security functions that include encryption, managing keys, generating random numbers securely and validating certificates. These APIs provide a way for developers to build security into application code.
• SignTool
• Another security tool embedded in an operating system is Microsoft SignTool (SignTool.exe). A command-line tool, SignTool can digitally sign and time-stamp files and verify signatures in files. It’s automatically installed with Microsoft Visual Studio, a software development environment. SignTool allows software developers to certify that the code they developed is theirs and that it hasn’t been tampered with since it was published.
CyberSecurity#SaeeJoshi 13
THANK YOU ALL ……….
Questions??????
CyberSecurity#SaeeJoshi 14
Top Related