This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Ans: : Network security starts from authenticating the user, commonly with a username and a password. Since this requires just one thing besides the user name, i.e. the password which is something you 'know', this is sometimes termed one factor authentication. With two factor authentication something you 'have' is also used (e.g. a security token or 'dongle', an ATM card, or your mobile phone), or with three factor authentication something you 'are' is also used (e.g. a fingerprint or retinal scan). Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or Trojans being transmitted over the network
Security aspects come into play when it is necessary to protect information transmission from an opponent who may present a threat to confidentiality, authenticity, and so on.
In this model:
Sender who generates the message or plaintext.
A security-related transformation on the information to be sent. Examples include the encryption of the messages, which scrambles the message so that it is unreadable by the opponent, and the addition of the code based on the contents of the message, which can be used to verify the identity of the sender.
Some secret information can be shared by the two principals and, it is hoped, unknown to the opponent. Example an encryption key used in conjunction with the transformation to scramble the message before transmission and unscramble it on reception.
A trusted third party may be needed to achieve secure transmission. For example, a third party may be responsible for distributing the secret information to the two principals while keeping it from any opponent.
This general model shows that there are four basic tasks in designing a particular security service:
Design an algorithm for performing the security -related transformation. The algorithm should be such that an opponent can't defeat its purpose.
Generate the secret information to be used with the algorithm.
Develop methods for the distribution and sharing of the secret information.
Specify a protocol to be used by the principals that makes use of the security algorithm and the secret information to achieve a particular security service.
Q2: Why is polyalphabetic substitution superior to monoalphabetic substitution?
Ans: In a polyalphabetic cipher, multiple cipher alphabets are used. To facilitate encryption, all the alphabets are usually written out in a largeÂ table, traditionally called aÂ tableau. The tableau is usually 26Ã-26, so that 26 full ciphertext alphabets are available. The method of filling the tableau, and of choosing which alphabet to use next, defines the particular polyalphabetic cipher. All such ciphers are easier to break than once believed, as substitution alphabets are repeated for sufficiently large plaintexts. In this
A set of related monoalphabetic substitution rules are used.
A key determines which particular rule is chosen for a given transformation.
This is an improvement over the Caesar cipher. Here the relationship between a character in plaintext and a character in the ciphertext is always one-to-many. Of polyalphabetic substitution is the Vigenere cipher. In this case, a particular character is substituted by different characters in the ciphertext depending on its position in the plaintext. explains the polyalphabetic substitution. Here the top row shows different characters in the plaintext and the characters in different bottom rows show the characters by which a particular character is to be replaced depending upon its position in different rows from row-0 to row-25.
Key feature of this approach is that it is more complex and the code is harder to attack successfully.
AÂ monoalphabetic cipherÂ uses fixed substitution over the entire message, whereas aÂ polyalphabetic cipherÂ uses a number of substitutions at different times in the message, where a unit from the plaintext is mapped to one of several possibilities in the ciphertext and vice-versa.
One simple example of symmetric key cryptography is the Monoalphabetic substitution. In this case, the relationship between a character in the plaintext and a character in the ciphertext is always one-to-one. An example Monoalphabetic substitution is the Caesar cipher. As shown in F, in this approach a character in the ciphertext is substituted by another character shifted by three places, e.g. A is substituted by D. Key feature of this approach is that it is very simple but the code can be attacked very easily.
Q3: Why are conventional encryption/decryption methods not suitable for a bank?
Ans: The encryption technology and security mechanism of transaction layer is not enough to protect the safety of banking. Current relatively good security encryption and authentication measures require more powerful computing power and storage capacity to support. Only clients of Internet banking have a very powerful PC can apply the complex encryption and authentication technologies to ensure safety. With low capacity of operation of mobile terminal, the complex encrypted authentication technology can not applied to defend against security risks. In order to reduce the calculation strength of the encryption and guarantee the higher safety, present mobile devices start to use a symmetric encryption algorithm AES and asymmetric encryption algorithm ECC. That is , AES is a "core" and ECC "shell", The data on wireless transmission is encrypted with AES, The encryption key use ECC to encrypt, This method not only ensures that data security but also increase the speed of encryption and decryption. The AEC and the ECC are currently the most powerful encryption technology to protect hackers. When the hackers attack cryptograph, they need to directly attack against the AES 128. It is extremely difficult under the conditions of the existing technology; If they choose to attack the session key of ECC, they will meet the thorny problem of ECDLP. In addition, the use of a session key is effective only for first time, so even if they get the session key, there is not much value. Meanwhile, this hybrid algorithm has a very small key management to decrease the volume of key management and improve its security.
Q4: Define types of attacks based on what is known to the attacker.
Ans: Classes of attack might include passive monitoring of communications, active network attacks, close-in attacks, exploitation by insiders, and attacks through the service provider. Information systems and networks offer attractive targets and should be resistant to attack from the full range of threat agents, from hackers to nation-states. A system must be able to limit damage and recover rapidly when attacks occur.
Network attacks can be classified into the following four types of attacks:
Threats to the network can be initiated from a number of different sources, hence the reason why network attacks are classified as either external network attacks/threats, or internal network attacks/threats:
External threats: External threats or network attacks are carried out by individuals with no assistance from internal employees or contractors. These attacks are typically performed by a malicious experienced individual, a group of experienced individuals, an experienced malicious organization, or by inexperienced attackers (script kiddies). External threats are usually performed by using a predefined plan and the technologies (tools) or techniques of the attacker(s). One of the main characteristics of external threats is that it usually involves scanning and gathering information. You can therefore detect an external attack by scrutinizing existing firewall logs. You can also install an Intrusion Detection System to quickly identify external threats.
External threats can be further categorized into either structured threats or unstructured threats:
Structured external threats: These threats originate from a malicious individual, a group of malicious individual(s) or from a malicious organization. Structured threats are usually initiated from network attackers that have a premeditated thought on the actual damages and losses which they want to cause. Possible motives for structured external threats include greed, politics, terrorism, racism and criminal payoffs. These attackers are highly skilled on network design, the methods on avoiding security measures, Intrusion Detection Systems (IDSs), access procedures, and hacking tools. They have the necessary skills to develop new network attack techniques and the ability to modify existing hacking tools for their exploitations. In certain cases, the attacker could be assisted by an internal authorized individual.
Unstructured external threats: These threats originate from an inexperienced attacker, typically from a script kiddie. A script kiddie is the terminology used to refer to an inexperienced attacker who uses cracking tools or scripted tools readily available on the Internet, to perform a network attack. Script kiddies are usually inadequately skilled to create the threats on their own. Script kiddies can be considered as being bored individuals seeking some form of fame by attempting to crash Web sites and other public targets on the Internet.
External attacks can also occur either remotely or locally:
Remote external attacks: These attacks are usually aimed at the services which an organization offers to the public. The various forms which remote external attacks can take are listed here:
Remote attacks aimed at the services available for internal users. This remote attack usually occurs when there is no firewall solution implemented to protect these internal services.
Remote attacks aimed at locating modems to access the corporate network.
Denial-of-service (DoS) attacks to place an exceptional processing load on servers in an attempt to prevent authorized user requests from being serviced.
War-dialing of the corporate private branch exchange (PBX).
Attempts to brute force password authenticated systems.
Local external attacks: These attacks typically originate from situations where computing facilities are shared, and access to the system can be obtained.
Internal threats: Internal attacks originate from dissatisfied or unhappy inside employees or contractors. Internal attackers have some form of access to the system and usually try to hide their attack as a normal process. For instance, internal disgruntled employees have local access to some resources on the internal network already. They could also have some administrative rights on the network. One of the best means to protect against internal attacks is to implement an Intrusion Detection System, and to configure it to scan for both external and internal attacks. All forms of attacks should be logged and the logs should be reviewed and followed
There are five types of attack:
A passive attack monitors unencrypted traffic and looks for clear-text passwords and sensitive information that can be used in other types of attacks. Passive attacks include traffic analysis, monitoring of unprotected communications, decrypting weakly encrypted traffic, and capturing authentication information such as passwords. Passive interception of network operations enables adversaries to see upcoming actions. Passive attacks result in the disclosure of information or data files to an attacker without the consent or knowledge of the user.
In an active attack, the attacker tries to bypass or break into secured systems. This can be done through stealth, viruses, worms, or Trojan horses. Active attacks include attempts to circumvent or break protection features, to introduce malicious code, and to steal or modify information. These attacks are mounted against a network backbone, exploit information in transit, electronically penetrate an enclave, or attack an authorized remote user during an attempt to connect to an enclave. Active attacks result in the disclosure or dissemination of data files, DoS, or modification of data.
A distributed attack requires that the adversary introduce code, such as a Trojan horse or back-door program, to a "trusted" component or software that will later be distributed to many other companies and users Distribution attacks focus on the malicious modification of hardware or software at the factory or during distribution. These attacks introduce malicious code such as a back door to a product to gain unauthorized access to information or to a system function at a later date.
An insider attack involves someone from the inside, such as a disgruntled employee, attacking the network Insider attacks can be malicious or no malicious. Malicious insiders intentionally eavesdrop, steal, or damage information; use information in a fraudulent manner; or deny access to other authorized users. No malicious attacks typically result from carelessness, lack of knowledge, or intentional circumvention of security for such reasons as performing a task
A close-in attack involves someone attempting to get physically close to network components, data, and systems in order to learn more about a network Close-in attacks consist of regular individuals attaining close physical proximity to networks, systems, or facilities for the purpose of modifying, gathering, or denying access to information. Close physical proximity is achieved through surreptitious entry into the network, open access, or both.
One popular form of close in attack is social engineering in a social engineering attack, the attacker compromises the network or system through social interaction with a person, through an e-mail message or phone. Various tricks can be used by the individual to revealing information about the security of company. The information that the victim reveals to the hacker would most likely be used in a subsequent attack to gain unauthorized access to a system or network.
In phishing attack the hacker creates a fake web site that looks exactly like a popular site such as the SBI bank or paypal. The phishing part of the attack is that the hacker then sends an e-mail message trying to trick the user into clicking a link that leads to the fake site. When the user attempts to log on with their account information, the hacker records the username and password and then tries that information on the real site.
Hijack attack In a hijack attack, a hacker takes over a session between you and another individual and disconnects the other individual from the communication. You still believe that you are talking to the original party and may send private information to the hacker by accident.
Q6: .Encrypted the following plaintext by Playfair substitution.
Remove any punctuation or characters that are not present in the key square (this may mean spelling out numbers, punctuation etc.).
Identify any double letters in the plaintext and replace the second occurence with an 'x' e.g. 'hammer' -> 'hamxer'.
If the plaintext has an odd number of characters, append an 'x' to the end to make it even.
Break the plaintext into pairs of letters, e.g. 'hamxer' -> 'ha mx er'
The algorithm now works on each of the letter pairs.
Locate the letters in the key square, (the examples given are using the key square above)
If the letters are in different rows and columns, replace the pair with the letters on the same row respectively but at the other pair of corners of the rectangle defined by the original pair. The order is important - the first encrypted letter of the pair is the one that lies on the same row as the first plaintext letter. 'ha' -> 'bo', 'es' -> 'il'
If the letters appear on the same row of the table, replace them with the letters to their immediate right respectively (wrapping around to the left side of the row if a letter in the original pair was on the right side of the row). 'ma' -> 'or', 'lp' -> 'pq'
If the letters appear on the same column of the table, replace them with the letters immediately below respectively (wrapping around to the top side of the column if a letter in the original pair was on the bottom side of the column). 'rk' -> 'dt', 'pv' -> 'vo'
Q6: Write a Program to implement polyalphabetic substitution ciphers
unsigned char ch;
printf("\nCannot Open File");
printf("\nEnter Few Lines Of Text\n\n");
printf("How Many Keys(Periods)=");
printf("Enter %d Key Elements\n",n);
if(ch>=97 && ch<=122)
else if(ch>=65 && ch<=90)
printf("\n\nCipher Message After Polyalphabetic Substitution Is:\n");
if(ch>=97 && ch<=122)
else if(ch>=65 && ch<=90)
printf("\n\nMessage Sent From Sender Side Is\n");