Knowledge Of Both Theoretical And Practical Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

System Security is a module where the knowledge of both theoretical and practical aspects of network and system security is being studied covering areas such as network security, operating systems security, web security and database security.

The coursework of this module System Security (A350CT) consists of two small projects. First section is on Systems Security and the second section covers Cryptography.

As per the requirements for the first part, in this report Telecommunication Industry has been chosen and has been analyzed the security threats and malware types that it can come across. Furthermore the vulnerabilities in telecommunication sector's and countermeasure that can be taken up against those vulnerabilities have been thoroughly researched and listed down.

In the second part for the coursework on Cryptography, RSA (Rivest-Shamir-Adleman) algorithm has been implemented using Java as per the requirement. This has been done after studying and researching the RSA algorithm and it's been successfully developed after going through requirement analysis, feasibility studying, designing and finally coding. The test has been done in order to ensure that all the functions are working efficiently and effectively to meet the requirements

PartI_Introduction

In this modern world information technology has made a rapid change in almost every industry in the globe. Whether it is Banking, Telecommunication industry, Health care or Agriculture Information Technology has made it easier to do business as well as communication. With the rapid development in information technology the security threats and vulnerabilities have become a major concern over the years.

When it comes to Telecommunication industry in order to achieve success in the marketing environment, each telecommunication sector is required to provide high quality and efficient services. In general telecommunication industry is a service provider (SP). Because of this reason one telecommunication sector has to be connected with many other networks. As example, in Sri-Lanka the main service provider Sri-Lanka Telecom has to be connected with other service provider such as Dialog Axiata, Airtel, Etisalat, and Hutch. Furthermore in telecom the IDC (Internet Data Center) carries another major role. Because it provide facilities like hosting services, the vulnerability to the outside attacks are high. For example in Sri-Lanka Telecom, one of the leading telecommunication sectors' in Sri-Lanka hosts caching servers of google, yahoo and facebook. Not only that, competing other networks always tries to send traffic from the neighbor connected networks because it is an interconnection of several networks.

Because of this reason security threats has become a very serious problem in recent years.

According to ITU-T X.800, a security threat could be a potential violation of security. This can be active or passive. Examples for active threats could be masquerading as an authorized person or a denial of service attack. Eavesdropping, Traffic analysis or data capturing are some of the examples for passive attack.

Furthermore malicious software or malwares are the other major security threats that a system can deal with. It is a program that exploits system vulnerabilities.

In a telecommunication network since the network runs on IP base protocol and it is an interconnection of different networks, the possibility of facing an outside attack is somewhat measureable.

In telecom the types of malware attacks that can be malicious to the network can be listed as below.

Viruses- Viruses are the m0st kn0wn malware type. It is a s0ftware that infects pr0grams. Viruses can spread thr0ugh d0cuments, script files and fr0m web applicati0ns

Bot- B0ts are s0ftware pr0grams that has been created t0 aut0matically perf0rm specific 0perations

R00tkit - Rootkit is a type 0f malici0us s0ftware designed t0 rem0tely access 0r c0ntrol a c0mputer with0ut being detected by users 0r security pr0grams.

Tr0jan H0rse - A Tr0jan h0rse, c0mm0nly kn0wn as a Tr0jan is a type 0f malware that will disguises itself as a n0rmal file 0r pr0gram t0 trick users int0 d0wnl0ading and installing malware. A Tr0jan can give a malici0us party rem0te access t0 an infected c0mputer.

W0rm - C0mputer w0rms are am0ng the m0st c0mmon types 0f malware. They spread 0ver c0mputer netw0rks by expl0iting 0perating system vulnerabilities. W0rms typically cause harm t0 their h0st netw0rks by c0nsuming bandwidth and 0verloading web servers.

Adware - Adware (sh0rt f0r advertising-supp0rted s0ftware) is a type 0f malware that aut0matically delivers advertisements. C0mm0n examples 0f adware include p0p-up ads 0n advertisements and websites that are c0mm0nly displayed by s0ftware. 

Rans0mware - Rans0mware is a f0rm of malware that essentially h0lds a c0mputer system captive while demanding a rans0m. This malware restricts user access t0 the c0mputer either by encrypting files 0n the hard drive 0r l0cking d0wn the system.

So to overcome and to mitigate from these security threats and malwares, an organization should introduce a security conceptual framework. The requirement for a network security framework has been implemented due to different parties.

Customers/Subscribers need assurance and confidence in the services that they offered and in the network that they use.

Public authorities and bodies demand security in order to ensure the quality and the availability of services to keep standards and to protect privacy.

Service providers and networks operates themselves need to have security to safeguard their business and operations to meet customer recognition and to gain reputation.

Vulnerabilities

In telecommunication industry the main growth engine is the value added services (voice) and rapid internet service. To provide high quality customer services, telecom provides a large number of value added services like Fixed line broadband operation, Broadband storage, Dedicated line, VoIP, Video, Broadband storage, IP data etc. But to reduce the cost and increase revenue in the competitive market is becoming a practical problem. In order to ensure that quality and standards are not effected while seizing these challenges and opportunity, telecom must carry an effective and well planned network structure and the security control of the company is a key point in the business success. Due to the vulnerabilities and security bleaches telecommunication industries face great damage and as a result it will lead to issues such as revenue loss, unnecessary maintenance costs and reduce customer loyalty.

Vulnerabilities that certainly come across in most networks are as below

Vulnerabilities to Eavesdropping

Eavesdropping is one such threat model vulnerability in telecommunication. Hackers are in a state where they could exploits vulnerabilities in VoIP phones from anywhere in the world. VoIP phones are generally used in every office. According to Cisco, it is not aware for any type of attack

Application Vulnerability

When it comes to an organization, there may be a plenty of applications that uses in day to day life. It could be desktop application, embedded application, web application etc.

In telecommunication there are a lot of servers running to handle various tasks. So there could be a vulnerability to face a SQL injection attack due to vulnerability in a SQL application.

Vulnerability in encryption mechanisms

Vulnerability in encryption mechanism could be listed as below.

Bruce F0rce Cracking- "Brute f0rce" is an0ther way 0f saying "trial and err0r." With this meth0d, a "cracker" tries every p0ssible key until he 0r she stumbles up0n the c0rrect 0ne. N0 encrypti0n s0ftware pr0gram it is entirely safe fr0m the brute f0rce meth0d, but if the number 0f p0ssible keys is high en0ugh, it can make a pr0gram astr0n0mically difficult t0 crack using brute f0rce.

Back D00rs- A "back d00r" is a security h0le in a piece 0f s0ftware. A "back d00r" may be present because s0me0ne created it in the s0ftware with malici0us intent, 0r by accident. Whatever the reas0n, if a malici0us cracker discovers a "back d00r" in a pr0gram, he 0r she may be able t0 disc0ver y0ur key 0r passw0rd.

Making G00d Keys- In every kind 0f encrypti0n s0ftware, there is s0me kind 0f passw0rd that must be created s0 that the intended recipients 0f the inf0rmation can read it. Creating a passw0rd that "hackers" 0r 0ther malici0us parties cann0t easily guess is just as imp0rtant as ch00sing a g00d alg0rithm 0r str0ng encryption s0ftware.

Configuration vulnerabilities

Configuration vulnerabilities are originated by improper usage and implementations of weak policies. (e.g- Selection of a weak cipher by Server Administrator)

Design and Specification vulnerabilities

Design and Specification vulnerabilities are the errors or drawbacks when designing protocols that inherently make it vulnerable. (e.g- IEEE 802.11b a.k.a WiFi of WEP).

Furthermore the threats and vulnerabilities to the telecommunication networks can be listed as in the below table.

Vulnerability/Threat

Can Result in

Unauthorized physical access to telecom switching infrastructure, underground cable infrastructure and other telecom network equipment.

(e.g- AuC, VLR, HLR)

Illegal tapping, tampering and interception of the telecom network traffic.

Modification of messages received via the radio interfaces through exploiting weaknesses in the authentication by using modified mobile stations.

User de-registration and other un-wanted behaviors like location update requests by spoofing, would leads to disruption/unreliable service.

Interception of voice traffic in PSTN networks due to message encryption issues such as inadequate authentication, confidentiality and integrity which should be included according to the ITU-T SS7 specification.

Unauthorized tapping of the network traffic, Eavesdropping.

Use of illegal modified base stations.

Denial of service attacks, interception of network traffic

Unauthorized use of the lawful interception mechanism

Unauthorized interception/tapping of telecom network traffic

Deployment of the malicious software applications on devices which has always-on capabilities like Tablet PCs and smart phones

Attacks to the target operator's network (e.g Setting up a Botnet to carry a DDoS attack )

Intrusion into the telecom operations network

Unauthorized and illegal changes to the user profiles, billing systems, routing systems which leads to fraud and unreliable services.

Traffic monitor and analysis

Illegal monitoring of calls, call numbers and call talk times which leads to inference of activities which can be used against the company and brings damage to company reputation.

Social engineering attacks to the employee network and operations.

Unauthorized access to the confidential data of the organization

Intrusion to the network database which contains customer information

Unauthorized access to personal data which is confidential

Vulnerabilities in traffic management function

Will not be able to effectively protect the IDC server from attacks and abnormal traffic appears

Vulnerabilities in load balancing function

Could bring unreliable services and poor customer satisfaction

By using social engineering tools, malware, hacking tools, masquerading as authorized users.

Gain illegal access and greater privileges to network systems which could be used to launch various dangerous attacks

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\Telecom attacks.JPG

Countermeasures

Adopting a Security Frame-work

To manage telecommunication security without degrading the quality of the services and with higher success rate in the business various countermeasures should be taken. So risk assessment plays a vital role in any organization especially in telecommunication sector ensuring that the resources are being well allocated in the most effective and efficient way to support the business.

Figure 000 illustrates the possible risk management and countermeasure process for vulnerabilities and threats in telecommunication industry

Implementing a Security Infrastructure

The implementation of Information Security Management System policies and processes is a very good solution which should be supported by a multi layered security infrastructure. The "Defense in Depth" is one possible approach that ensures one security layers does not expose to network attacks alone.

Some security countermeasures that can be deployed according to prevention, detection and correction across the various layers are as below.

Cabling infrastructure that is Interference and tamper-proof.

Security guards and CCTV camera monitoring for operator premises.

Physical access control methods/mechanisms such as biometric readers and smartcardsC:\Users\Achintha\Desktop\Final Year\A350CT_CW\Defense in Depth.JPG

Firewalls at the DMZ and network perimeter for publicly accessible network systems

Host-based and Network-based Intrusion Detection (IDS)/Intrusion Prevention (IPS) Systems

Security Inf0rmation and Event Management (SIEM) systems t0 handle security events and l0gs in the organizati0n which is generated by multiple systems

Malware management by depl0yment 0f antivirus, antispyware techn0l0gies 0n internal syst0ms and mail serves

Secure applicati0n devel0pment practices

Security testing 0f the telec0m equipment, perimeters, critical netw0rk c0mponents and applicati0ns

Encrypti0n and data masking techniques f0r both data at rest and when transit

Security awareness

Conducting Security Testing

Maintaining the security posture in an organization's network with the rapid technological development is somewhat complex and a time consuming task. But frequent security testing and auditing plays a major role in enhancing and assessing the security of network systems.

Telecom Equipment Testing

Telecommunication networks are equipped with various kinds of equipment from various vendors and suppliers. But highly reliable and trusted certification programs must be conducted to assess, identify and evaluate the security weaknesses and vulnerabilities in those equipment, firmware, software, and hardware implementation in order to ensure that they meet ISO 15408 standard.

IT and Telecommunication Network Vulnerability Assessment

With the increasing number of threats, attacks and large number of vulnerabilities it is turning difficult to ensure that elements which are critical in telecommunication network systems are not vulnerable to all the attacks. Because of this reason vulnerability assessments should be done in time to time.

Vulnerability assessments can be done to

Identify vulnerabilities

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\Vulnerabilites Assessment.JPG

Report, assess and analyze the vulnerabilities and its overall consequences

Recommend mitigations strategies such as safeguards or workarounds.

Ensure that organization's security policies are done by auditing the network and system configurations

Provide recommended input to handle security issues and incidents

Fuzz Testing

Vulnerability assessments helps to identify and mitigate vulnerabilities that are known, but it won't be a practical solution for the dangerous exploitation of vulnerabilities that are unknown that most likely in complex networks such as telecom networks.

Fuzz Testing can be used to address these unknown vulnerabilities which is a method of simulating attacks where abnormal behaviors and inputs are being triggered in vulnerabilities.

Model based fuzzing is one approach which can be used to test protocol specification vulnerabilities. Another approach is Traffic capture fuzzing which captures traffic to create fuzzers that are being used for testing.

Radio Access Path Security Testing

One security testing that is unique for a telecommunication network is the radio access path security test.The to0ls that are being used t0 do this test are modified Mobile Stations (MS) and custom radio traffic injecti0n scripts. In order to ensure that customer confidential data is protected, a second should be done using an unmodified Mobile Station. This is done to unsure that there won't be any service interruption and to prevent legitimate users from associating modified equipment.

Penetration Testing

Penetration testing gives the hacker's point of view to a vulnerability in a system or inside and outside network perimeter. The network security specialist do this testing by trying to infiltrate the client's network, system and application using various technologies, techniques and sometime using tools and unexpected methods such as combined techniques ("multi-vector" attacks). The result of doing such test will be a detailed report of key vulnerabilities and potential areas to take actions and to improve organization's security posture.

Conducting Network Security Audits

Netw0rk security audits can be c0nducted t0 disc0ver, assess, test and rep0rt the existing security infrastructure implementati0ns. This audits sh0uld be d0ne acc0rding t0 the internati0nal standards like ISO 27001 and COBIT.

Figure 5 illustrates a meth0d0logy f0r netw0rk security audits which c0nsists of f0ur phases

1. Sc0pe and Plan- This inv0lves defining the audit objective, determining the audit sc0pe, understanding the business threats/risks and defining the pr0ject plan.

2. Inf0rmati0n Gathering-Inf0rmati0n gathering ab0ut security p0licies, pr0cesses and security c0ntr0ls that have been implemented, and als0 industry, standard, guidelines and best practices that are applicable.

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\Auditing.JPG

3. Assessment- This is perf0rmed t0 disc0ver the vulnerabilities that are existing in the system. The impact 0f any disc0vered vulnerability 0n the telec0m 0perator business is used t0 determine a risk rating.

4. D0cumentation - This includes the analysis and rep0rting 0f data and test results. The rep0rt d0cuments the results and findings 0f the security assessment and includes a discussion 0f the risk analysis arising fr0m the assessment, implications t0 the telec0m 0perat0r's systems and netw0rks and rec0mmendations f0r impr0ving the security p0sition 0f the 0perat0r's applicati0ns, systems and netw0rks.

Part II_Introduction

When it comes to network security authentication is one of the key concerns. Authenticati0n means verifying the identity 0f a user, device 0r an entity wh0 needs t0 access 0r retrieve data, res0urces 0r applicati0ns. Validating that identity establishes a trust relationship f0r further interactions. Authentication als0 enables acc0untability by making it p0ssible t0 link access and acti0ns t0 specific identities. After authenticati0n, authorization pr0cesses can all0w 0r limit the levels 0f access and acti0n permitted t0 that entity.

Authentication applies and defines according to the user, data and applications use.

Tw0 specific authenticati0n services that are defined in X.800 are

Peer entity authenticati0n- This type 0f authenticati0n is pr0vided during a data transfer of a c0nnection.

Data 0rigin authentication-This type 0f authenticati0n is pr0vided where there are n0 prior interacti0ns between the c0mmunicating entities.

Other types of authentication such as network authentications can be listed as below,

Kerber0s private-key authenticati0n service

X.509 public-key directory authenticati0n

Message authenticati0n type could be defined as,

Symmetric (secret key) cryptography

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\private.JPG

Asymmetric (public key) cryptography

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\public.JPG

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\PKI.JPG

Public key infrastructure

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\PMI.JPG

Privilege management infrastructure

RSA Algorithm

RSA is the best and most widely used public key algorithm. It uses exponentiation of integer modular of a prime.

For encryption: C=M^e mod n

For decryption: M= C^d mod n

Both sender and receiver knows the value of n and e and only receiver knows the value of d.

Program Layout

To develop the RSA algorithm basic software development life cycle has been used.

Requirement analysis

First the requirements for the RSA algorithm has been analyzed. To develop the algorithm, following software and tool have been used

Java Development Kit (JDK) 7

NetBeans 7.2

Feasibility Studying

In this stage, literature review of the RSA algorithm has been studied.

Designing

Program Testing

To test the program following steps have been taken

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\correctly set ports.JPG

First of all the IP address of both Client and Server should be set correctly.

This can be inside the same local host or different connections (Client machine-Server machine) inside a Local Area Network. (LAN)

In this scenario settings are as below

Client

Server

Receiver IP

127.0.0.1

127.0.0.1

Incoming Port

5001

5000

Outgoing Port

5000

5001

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\wrong ip.JPG

If the IP addresses of sending and receiving ends are wrong, connection will be terminated and the above message will display.

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\wrong port.JPG

If the incoming and outgoing ports of sending and receiving ends are wrong, connection will be terminated and the above message will display.

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\Çlient start.JPG

Then when the connection is properly established, client should be started.

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\Client test1.JPG

This is the folder of client machine(s).

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\Server start.JPG

Then the server should be started.

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\Send key done.JPG

When server is being started, it will generate the Private Key and the Public Key of the server

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\Server send key.jpg

When keys are being generated, Sever should send the Public Key to the relevant connected client machine(s) by pressing the "Send key" button

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\Send publice key.JPG

When the key is being sent correctly to the Client machine(s), it will be acknowledged by the Client machine(s) and the above message will display.

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\Client recieved key.JPG

This is the Folder of the Client machine(s) when the Public is being received.

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\send message to alice.JPG

Now it is possible by client(s) to send a message to the server where it will be encrypted using the server's Public Key.

For instance Bob is sending the message "Hello Alice, I have deposited 1,000,000$ to your bank account # 987654321..." to Alice using a plain text.

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\send message to alice encryption.JPG

It will be encrypted to a cipher text by Bob using Alice's Public Key according to the RSA algorithm before sending to Alice.

Cipher text will be as in the above format.

C:\Users\Achintha\Desktop\Final Year\A350CT_CW\RSA\decrypty and read.JPG

Alice will decrypt the cipher text which is being sent by Bob to a plain text by using the Private Key of Alice. So Alice will be receiving the same message "Hello Alice, I have deposited 1,000,000$ to your bank account # 987654321..." as a plain text.

Source Code

Comparison and Analysis

RSA

DSA

Slower than secret Secret Key Encryption

Exchanging keys in complete secrecy is difficult

Can be used in both SSH 1 and 2 protocols

Can only be used with SSH protocol 2

Can be used for both encrypting and signing

Can only be used for encrypting

Conclusion

With the rapid development of telecommunication technology, next generation networks (NGNs) are deploying widely and people are most tend to depend on service providers when it comes to mobility services. So it is required that these networks and services are reliable, efficient and effective. As new vulnerabilities are compromising new threats are emerging. So it is important that telecommunication sectors have frequent assessments and vulnerability tests on their networks and systems.

In addition when it comes to internet and network systems authentication is the key concern in all the time. For this authentication algorithms helps to establish a secure connection between network systems as well as in message sharing. RSA (Rivest-Shamir-Adleman) is one Public Key Cryptography where it uses two keys and it will be useful for both encrypting and signing.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.