Foundation of Cyber Security
VerifiedAdded on 2023/06/03
|23
|5334
|304
AI Summary
This guide covers topics such as cyber security, data deletion, data recovery, and encrypted email solutions. It provides expert insights and recommendations on how to protect your data and ensure privacy. The guide includes a Vigenère Cipher C program, encryption and decryption methods, and the current state of encrypted email solutions.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
FOUNDATION OF CYBER SECURITY 1
Foundation of Cyber Security
VENKATA THOTA
Institutional Affiliation
Foundation of Cyber Security
VENKATA THOTA
Institutional Affiliation
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
FOUNDATION OF CYBER SECURITY 2
Table of Contents
Question 1........................................................................................................................................4
Introduction..................................................................................................................................4
Vigenère Cipher C Program.........................................................................................................4
Program Output........................................................................................................................7
Encryption and Decryption Methods...........................................................................................8
Vigenère Cipher Robustness........................................................................................................8
Question 2........................................................................................................................................9
Data Deletion...............................................................................................................................9
Data Recovery..............................................................................................................................9
Securely Destroying Data..........................................................................................................10
Importance of Data Destruction.................................................................................................11
Question 3......................................................................................................................................12
Current State of Encrypted E-Mail Solutions............................................................................12
Extracting Information from Intercepted Emails.......................................................................13
Solution......................................................................................................................................14
Question 4......................................................................................................................................16
Start frame..................................................................................................................................16
Host Initiating Connection Mac Address...................................................................................16
Mac Address of Destination Host..............................................................................................17
Source and Destination IP Addresses........................................................................................18
Source and Destination Ports.....................................................................................................19
Conclusion.....................................................................................................................................20
Reference List................................................................................................................................22
Table of Contents
Question 1........................................................................................................................................4
Introduction..................................................................................................................................4
Vigenère Cipher C Program.........................................................................................................4
Program Output........................................................................................................................7
Encryption and Decryption Methods...........................................................................................8
Vigenère Cipher Robustness........................................................................................................8
Question 2........................................................................................................................................9
Data Deletion...............................................................................................................................9
Data Recovery..............................................................................................................................9
Securely Destroying Data..........................................................................................................10
Importance of Data Destruction.................................................................................................11
Question 3......................................................................................................................................12
Current State of Encrypted E-Mail Solutions............................................................................12
Extracting Information from Intercepted Emails.......................................................................13
Solution......................................................................................................................................14
Question 4......................................................................................................................................16
Start frame..................................................................................................................................16
Host Initiating Connection Mac Address...................................................................................16
Mac Address of Destination Host..............................................................................................17
Source and Destination IP Addresses........................................................................................18
Source and Destination Ports.....................................................................................................19
Conclusion.....................................................................................................................................20
Reference List................................................................................................................................22
FOUNDATION OF CYBER SECURITY 3
FOUNDATION OF CYBER SECURITY 4
Question 1
Introduction
The program provides the users with the options to enter a message and either encrypt or decrypt
it. When the program executes, the user is prompted to enter the keyword to be used in the cipher
and the paraphrase. Vigenère cipher is a type of cryptography that employs the technique of
polyalphabetic substitution for encrypting a plain message (Dey, 2012). Caesar cipher approach
can better explain the Vigenère cipher because in Caesar cipher every character of the plain
message is reshuffled to a different place while in Vigenère cipher the characters are shifted
based on distinct shift values (MushtaqSherAli and Hassan-Sarhan, 2014).
Vigenère Cipher C Program
#include<stdio.h>
#include<string.h>
#include<ctype.h>
#include<stdlib.h>
main()
{
int i,j,k,numberstring[100],numberkey[100],numbercipher[100]; //declaring variables
char str[100],key[100];
printf("Enter a string\n");
gets(str);
//converting entered string to Capital letters
for(i=0,j=0;i<strlen(str);i++)
{
if(str[i]!=' ')
{
str[j]=toupper(str[i]);
Question 1
Introduction
The program provides the users with the options to enter a message and either encrypt or decrypt
it. When the program executes, the user is prompted to enter the keyword to be used in the cipher
and the paraphrase. Vigenère cipher is a type of cryptography that employs the technique of
polyalphabetic substitution for encrypting a plain message (Dey, 2012). Caesar cipher approach
can better explain the Vigenère cipher because in Caesar cipher every character of the plain
message is reshuffled to a different place while in Vigenère cipher the characters are shifted
based on distinct shift values (MushtaqSherAli and Hassan-Sarhan, 2014).
Vigenère Cipher C Program
#include<stdio.h>
#include<string.h>
#include<ctype.h>
#include<stdlib.h>
main()
{
int i,j,k,numberstring[100],numberkey[100],numbercipher[100]; //declaring variables
char str[100],key[100];
printf("Enter a string\n");
gets(str);
//converting entered string to Capital letters
for(i=0,j=0;i<strlen(str);i++)
{
if(str[i]!=' ')
{
str[j]=toupper(str[i]);
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
FOUNDATION OF CYBER SECURITY 5
j++;
}
}
str[j]='\0';
printf("Entered string is : %s \n",str);
//Storing string in terms of ascii
for(i=0;i<strlen(str);i++)
{
numberstring[i]=str[i]-'A';
}
printf("Enter a key\n");
gets(key);
//converting entered key to Capital letters
for(i=0,j=0;i<strlen(key);i++)
{
if(key[i]!=' ')
{
key[j]=toupper(key[i]);
j++;
}
}
key[j]='\0';
//Assigning key to the string
for(i=0;i<strlen(str);)
{
for(j=0;(j<strlen(key))&&(i<strlen(str));j++)
{
numberkey[i]=key[j]-'A';
j++;
}
}
str[j]='\0';
printf("Entered string is : %s \n",str);
//Storing string in terms of ascii
for(i=0;i<strlen(str);i++)
{
numberstring[i]=str[i]-'A';
}
printf("Enter a key\n");
gets(key);
//converting entered key to Capital letters
for(i=0,j=0;i<strlen(key);i++)
{
if(key[i]!=' ')
{
key[j]=toupper(key[i]);
j++;
}
}
key[j]='\0';
//Assigning key to the string
for(i=0;i<strlen(str);)
{
for(j=0;(j<strlen(key))&&(i<strlen(str));j++)
{
numberkey[i]=key[j]-'A';
FOUNDATION OF CYBER SECURITY 6
i++;
}
}
for(i=0;i<strlen(str);i++)
{
numbercipher[i]=numberstring[i]+numberkey[i];
}
for(i=0;i<strlen(str);i++)
{
if(numbercipher[i]>25)
{
numbercipher[i]=numbercipher[i]-26;
}
}
printf("Vigenere Cipher text is\n");
for(i=0;i<strlen(str);i++)
{
printf("%c",(numbercipher[i]+'A'));
}
printf("\n");
}
i++;
}
}
for(i=0;i<strlen(str);i++)
{
numbercipher[i]=numberstring[i]+numberkey[i];
}
for(i=0;i<strlen(str);i++)
{
if(numbercipher[i]>25)
{
numbercipher[i]=numbercipher[i]-26;
}
}
printf("Vigenere Cipher text is\n");
for(i=0;i<strlen(str);i++)
{
printf("%c",(numbercipher[i]+'A'));
}
printf("\n");
}
FOUNDATION OF CYBER SECURITY 7
Program Output
Figure 1: Enter String to Encrypt or Decrypt
Figure 2: Enter Ecryption or Decryption Key
Program Output
Figure 1: Enter String to Encrypt or Decrypt
Figure 2: Enter Ecryption or Decryption Key
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
FOUNDATION OF CYBER SECURITY 8
Figure 3: See Encrypted or Decrypted Message
Encryption and Decryption Methods
In the C program, repeating keyword and modular addition of plain message in using Vigenère
cipher to obtain the cipher text. The encryption formula used is as follows (Rahmani, 2012):
T(i) + K(i) (Mod 26) = C(i), where T(i) is the plain message, K(i) is the keyword, and C(i) is the
cipher text.
Correspondingly, the encrypted message can be decrypted by applying the following logic:
C(i) – K(i) (mod 26) = T(i), where C(i) is the cipher text, K(i) is the keyword, and T(i) is the
plain message.
Vigenère Cipher Robustness
Initially, it was difficult to breakdown vigenere cipher because it used 26 cipher alphabet hat
were different. It is difficult to decipher a polyalphabetic cipher such as vinegere cipher because
it allows for similar key to be used more than once and are resistant to letter frequency analysis
(Ahmad, Beg, Abbas, Ahmad and Atif, 2010). The repetition of the key is what makes vigenere
cipher vulnerable. Secondly, when a word in the plain message repeats itself severally it provides
hints to the key length and once the length of the key has been identified, it is simple to crack the
vinegere cipher.
Figure 3: See Encrypted or Decrypted Message
Encryption and Decryption Methods
In the C program, repeating keyword and modular addition of plain message in using Vigenère
cipher to obtain the cipher text. The encryption formula used is as follows (Rahmani, 2012):
T(i) + K(i) (Mod 26) = C(i), where T(i) is the plain message, K(i) is the keyword, and C(i) is the
cipher text.
Correspondingly, the encrypted message can be decrypted by applying the following logic:
C(i) – K(i) (mod 26) = T(i), where C(i) is the cipher text, K(i) is the keyword, and T(i) is the
plain message.
Vigenère Cipher Robustness
Initially, it was difficult to breakdown vigenere cipher because it used 26 cipher alphabet hat
were different. It is difficult to decipher a polyalphabetic cipher such as vinegere cipher because
it allows for similar key to be used more than once and are resistant to letter frequency analysis
(Ahmad, Beg, Abbas, Ahmad and Atif, 2010). The repetition of the key is what makes vigenere
cipher vulnerable. Secondly, when a word in the plain message repeats itself severally it provides
hints to the key length and once the length of the key has been identified, it is simple to crack the
vinegere cipher.
FOUNDATION OF CYBER SECURITY 9
Recommendation
Vinegere cipher can be used in non-technical colleges and environments because it is difficult to
crack, has a complex encryption method, and the message cannot be decrypted without the key.
Question 2
Data Deletion
Deleting files or data using the delete function provided by the operating system does not
necessarily mean that the data has been completed destroyed or deleted because they can still be
recovered. As such, it is important to ensure that if the data has been deleted it should remain
deleted (Keele, 2009). Since Global Designs Limited has set the lifetime of data at one year, a lot
of data need to be destroyed to ensure that no other person can access such data after it has been
destroyed. Many of the employees at Global Design are non-technical and sometimes they
consider that by just pressing the delete button and emptying the recycle, they have completely
and permanently deleted the data. This is not the case because if another person was to get access
to the hard disk, he/she could still recover the data deleted from the recycle bin (Shu, Zhang, Li,
Li and Gu, 2017).
Data Recovery
There exist several ways that such data can be recovered:
Data that have been deleted and are currently in the recycle bin can be recovered by moving the
back using the restore option provided by the recycle bin (McCrea, Morgan, Brown and
Robinson, 2012).
If data was also deleted from recycle bin, it can be recovered using several recovery or undelete
utilities available. In reality, the “delete” option does not necessarily mean that the data has been
completely deleted because it does not overwrite the data files. As such, it is possible for data
recovery tools to reconstruct and rediscover it from the trail left by the deleted data (Salimath,
2016). An example of such recovery tool is Recuva.
Recommendation
Vinegere cipher can be used in non-technical colleges and environments because it is difficult to
crack, has a complex encryption method, and the message cannot be decrypted without the key.
Question 2
Data Deletion
Deleting files or data using the delete function provided by the operating system does not
necessarily mean that the data has been completed destroyed or deleted because they can still be
recovered. As such, it is important to ensure that if the data has been deleted it should remain
deleted (Keele, 2009). Since Global Designs Limited has set the lifetime of data at one year, a lot
of data need to be destroyed to ensure that no other person can access such data after it has been
destroyed. Many of the employees at Global Design are non-technical and sometimes they
consider that by just pressing the delete button and emptying the recycle, they have completely
and permanently deleted the data. This is not the case because if another person was to get access
to the hard disk, he/she could still recover the data deleted from the recycle bin (Shu, Zhang, Li,
Li and Gu, 2017).
Data Recovery
There exist several ways that such data can be recovered:
Data that have been deleted and are currently in the recycle bin can be recovered by moving the
back using the restore option provided by the recycle bin (McCrea, Morgan, Brown and
Robinson, 2012).
If data was also deleted from recycle bin, it can be recovered using several recovery or undelete
utilities available. In reality, the “delete” option does not necessarily mean that the data has been
completely deleted because it does not overwrite the data files. As such, it is possible for data
recovery tools to reconstruct and rediscover it from the trail left by the deleted data (Salimath,
2016). An example of such recovery tool is Recuva.
FOUNDATION OF CYBER SECURITY 10
For the securely deleted data, it is nearly impossible to recover such data but there are some
special cases such is if the data is overwritten only once by the securely deleted data, expensive
and advanced data recovery approaches can be employed that uses previous data residual
magnetic fields to try restore it (Yang, 2013).
Securely Destroying Data
Destroying data is one of the critical phase in the life cycle of data when it useful period is over.
For Global Design limited, data is normally destroyed after 1 year. This step should never be
overlooked because it may have dire consequence. Every technique of destroying data is
dependent of the medium that the data is stored such as hard drives, magnetic media, tables,
DVDs/CDs, and flash drives (Omprakash, 2017).
The technique of securely destroying the data depends on the level of data sensitivity or paranoia
being destroyed. For Global Design LTD, most of the users are novice, that is, non-technical and
they consider the combination of permanent delete and recycle bin as sufficient to securely
destroy the data which is may not be the case. There are several methods to securely destroy data
including:
Dban is one tool than can be used to fully erase the data from the hard drive before handing over
the hard drive or computer that may have had very sensitive data. Secondly, secure delete utility
is another reasonable approach that can be used to periodically wipe free space on the hard disk
(Zoubek and Sack, 2017). By doing so the data that has not been overwritten by other data
cannot be recovered.
Shredding is another approach that can be used to securely destroy data by literally shredding the
hard drive that contains the information to be destroyed. This renders impossible to recover data
from hard drive debris.
Degaussing is an approach of destroying data securely through removing the magnetic glue in
the hard drive thus creating a breakdown and scrambling the bits and bytes making it difficult to
recover and restore. Bits and bytes can be destroyed at user level to facilitate reusability of the
degaussing device (Schembri, 2018). Users have often considered degaussing as a way of erasing
a drive but it is a mechanism of destroying data.
For the securely deleted data, it is nearly impossible to recover such data but there are some
special cases such is if the data is overwritten only once by the securely deleted data, expensive
and advanced data recovery approaches can be employed that uses previous data residual
magnetic fields to try restore it (Yang, 2013).
Securely Destroying Data
Destroying data is one of the critical phase in the life cycle of data when it useful period is over.
For Global Design limited, data is normally destroyed after 1 year. This step should never be
overlooked because it may have dire consequence. Every technique of destroying data is
dependent of the medium that the data is stored such as hard drives, magnetic media, tables,
DVDs/CDs, and flash drives (Omprakash, 2017).
The technique of securely destroying the data depends on the level of data sensitivity or paranoia
being destroyed. For Global Design LTD, most of the users are novice, that is, non-technical and
they consider the combination of permanent delete and recycle bin as sufficient to securely
destroy the data which is may not be the case. There are several methods to securely destroy data
including:
Dban is one tool than can be used to fully erase the data from the hard drive before handing over
the hard drive or computer that may have had very sensitive data. Secondly, secure delete utility
is another reasonable approach that can be used to periodically wipe free space on the hard disk
(Zoubek and Sack, 2017). By doing so the data that has not been overwritten by other data
cannot be recovered.
Shredding is another approach that can be used to securely destroy data by literally shredding the
hard drive that contains the information to be destroyed. This renders impossible to recover data
from hard drive debris.
Degaussing is an approach of destroying data securely through removing the magnetic glue in
the hard drive thus creating a breakdown and scrambling the bits and bytes making it difficult to
recover and restore. Bits and bytes can be destroyed at user level to facilitate reusability of the
degaussing device (Schembri, 2018). Users have often considered degaussing as a way of erasing
a drive but it is a mechanism of destroying data.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
FOUNDATION OF CYBER SECURITY 11
Smelting is a data destruction technique where users have put in efforts to securely destroy the
data by wiping the magnetic field of the hard drive or physically destroying it. The hard drive
will remain in the same physical state but without the magnetic field no data can be recovered.
Smelting involve changing the state of the hard drive from solid to liquid state. This is an
extreme approach but it is an effective one when it involves extremely confidential and sensitive
data. Smelting involves subjecting high temperatures to the hard disk magnetic fields in order to
destroy the magnetic fields that were holding the data.
Encryption is an approach that is destructive in nature and involves encrypting the data from the
beginning to protect it from prying eyes during destruction or deletion. The decryption key is
stored away from the storage media, however, compared to the other destruction techniques; it is
not 100% because it still gives sophisticated and skilled data recovery scientists a chance to
recover data using advanced tools, but the attacker will need physical access to the operating
system of the computer.
Importance of Data Destruction
Global Designs LTD should implement a data destruction policy when disposing off data storage
media, old computers, or other computing devices that contains company’s data. It is not
effective to simply employ the use of data deletion functions provided by the operating system
because they still give options for the attackers preying on the company’s data a chance to
recover it. Having data destruction policies greatly minimizes the chances of breaching
confidentiality and privacy. In case of data breaches, the company may be liable making
investment on data destruction techniques worth. The company can implement data destruction
policies by overwriting or destroying all media and devices that the company no longer uses
(Sagar, 2016). It is the responsibility of the Global Designs to ensure that all the employees have
undergone training and have been educated on data destruction policies of the company. The
company should also ensure that the data destruction policy is in compliance with the state,
industry, and federal laws, standards, and regulation.
Throwing the storage media that contains confidential data poses immense security risks to the
partners doing business with the company and the company itself. It is recommended that such
media be shredded by NAID certified and licensed data destruction company. Shredding is the
Smelting is a data destruction technique where users have put in efforts to securely destroy the
data by wiping the magnetic field of the hard drive or physically destroying it. The hard drive
will remain in the same physical state but without the magnetic field no data can be recovered.
Smelting involve changing the state of the hard drive from solid to liquid state. This is an
extreme approach but it is an effective one when it involves extremely confidential and sensitive
data. Smelting involves subjecting high temperatures to the hard disk magnetic fields in order to
destroy the magnetic fields that were holding the data.
Encryption is an approach that is destructive in nature and involves encrypting the data from the
beginning to protect it from prying eyes during destruction or deletion. The decryption key is
stored away from the storage media, however, compared to the other destruction techniques; it is
not 100% because it still gives sophisticated and skilled data recovery scientists a chance to
recover data using advanced tools, but the attacker will need physical access to the operating
system of the computer.
Importance of Data Destruction
Global Designs LTD should implement a data destruction policy when disposing off data storage
media, old computers, or other computing devices that contains company’s data. It is not
effective to simply employ the use of data deletion functions provided by the operating system
because they still give options for the attackers preying on the company’s data a chance to
recover it. Having data destruction policies greatly minimizes the chances of breaching
confidentiality and privacy. In case of data breaches, the company may be liable making
investment on data destruction techniques worth. The company can implement data destruction
policies by overwriting or destroying all media and devices that the company no longer uses
(Sagar, 2016). It is the responsibility of the Global Designs to ensure that all the employees have
undergone training and have been educated on data destruction policies of the company. The
company should also ensure that the data destruction policy is in compliance with the state,
industry, and federal laws, standards, and regulation.
Throwing the storage media that contains confidential data poses immense security risks to the
partners doing business with the company and the company itself. It is recommended that such
media be shredded by NAID certified and licensed data destruction company. Shredding is the
FOUNDATION OF CYBER SECURITY 12
most effective data destruction technique because it leaves no trails that attackers can use to
recover data. Shredding ensure that the company adheres to ethical and legal responsibilities in
regard to protecting privacy. Additionally, it is important for the company to have several data
backups just in case data that was not supposed to be destroyed can be recovered.
Classified equipment refers to any media or computer device that is regarded sensitive because
of the data stored on it. They include mobile devices, computers, hard drives, tablets, backup
tapes, and flash drives. It is necessary to dispose the equipment properly to ensure security of the
company along with clients’ data. Legal and ethical responsibilities apply when it comes to
disposal and destruction of classified equipment.
Question 3
Current State of Encrypted E-Mail Solutions
For several decades, e-mail communication has been regarded as the most secure means of
communication but is employs security measure like that of sending post card in the email. Email
companies have made lots of progress in ensuring safety of the mail through encryption while
sending an email (Calinawan, 2015). Many people would want to keep private, personal, and
sensitive information, file and conversations secret indefinitely. Emails are scanned for
advertising if you are using free email service.
It is important for Data Storage Solutions to know that many email providers are using
encryption to secure email communication using the PGP standard. But this standard has been
faced with numerous challenges rendering it undependable. It relies on the key security and in
case the key is compromised the all the previous mails can be decrypted. This standard lacks
forward secrecy. It is quite a hassle to manage the keys and thus, the company needs to take extra
care of their private key. It is essential to store the keys on devices such as YubiKey but
configuring such a device to handle PGP is quite difficult. Storing the on the local machine or in
the cloud makes it more vulnerable. The mail server spam cannot parse encrypted email to apply
server-side search or intelligent filtering.
This make it difficult for Data Storage Solution to adopt PGP standard because the non-technical
users will lose the needed properties to manage mailbox. One approach that mail providers often
most effective data destruction technique because it leaves no trails that attackers can use to
recover data. Shredding ensure that the company adheres to ethical and legal responsibilities in
regard to protecting privacy. Additionally, it is important for the company to have several data
backups just in case data that was not supposed to be destroyed can be recovered.
Classified equipment refers to any media or computer device that is regarded sensitive because
of the data stored on it. They include mobile devices, computers, hard drives, tablets, backup
tapes, and flash drives. It is necessary to dispose the equipment properly to ensure security of the
company along with clients’ data. Legal and ethical responsibilities apply when it comes to
disposal and destruction of classified equipment.
Question 3
Current State of Encrypted E-Mail Solutions
For several decades, e-mail communication has been regarded as the most secure means of
communication but is employs security measure like that of sending post card in the email. Email
companies have made lots of progress in ensuring safety of the mail through encryption while
sending an email (Calinawan, 2015). Many people would want to keep private, personal, and
sensitive information, file and conversations secret indefinitely. Emails are scanned for
advertising if you are using free email service.
It is important for Data Storage Solutions to know that many email providers are using
encryption to secure email communication using the PGP standard. But this standard has been
faced with numerous challenges rendering it undependable. It relies on the key security and in
case the key is compromised the all the previous mails can be decrypted. This standard lacks
forward secrecy. It is quite a hassle to manage the keys and thus, the company needs to take extra
care of their private key. It is essential to store the keys on devices such as YubiKey but
configuring such a device to handle PGP is quite difficult. Storing the on the local machine or in
the cloud makes it more vulnerable. The mail server spam cannot parse encrypted email to apply
server-side search or intelligent filtering.
This make it difficult for Data Storage Solution to adopt PGP standard because the non-technical
users will lose the needed properties to manage mailbox. One approach that mail providers often
FOUNDATION OF CYBER SECURITY 13
use is using your public PGP key to encrypt all incoming email to facilitate ensure that all the
messages are encrypted in storage. However, this approach faces some challenges for example,
being incapable of encrypting the “Sent Mail’ folder. Using PGP is basically unworkable given
all the above limitations with mobile access and modern workflows.
Extracting Information from Intercepted Emails
It is possible to extract information when an unencrypted email is intercepted through web traffic
by carrying out an attack called man-in-the-middle attack. This attack is carried out by
redirecting the encrypted connection to a malicious software or website pretending to be the
target or requested website. The attacker the creates a new encrypted connection to the target
proxy or website and retrieves being transmitted via the two connection back and forth and
retrieving the unencrypted data without being noticed (Bellovin, 2016). Since the attacker/
interceptor has access to the unencrypted data, he/she can read, modify, or block the content
received or sent by the client. There exist to major methods that the interceptor can use to
intercept web traffic and connection: remotely and locally.
Remote interception is where the attacker carries our interception by inserting a monitoring
software in the connection between the sender and the receiver so as to redirect the web traffic
carrying the data to the interceptor by utilizing the firewall rules. Attackers use a ‘security box’
to perform network interception that monitors and detects data exfiltration and attacks on the
computers connected to a network. The boxes are also used to analyze and intercept emails.
Local interception is where the attacker has direct access to the victim’s computer. The
interceptor modifies the operating system network stack to redirect and intercept web traffic to
the intercepting software (Jyothi, Verma and Shanker, 2010). Antiviruses often employs this
technique to identify any malicious malware trying to inject ads or steal credentials.
One way that interceptors are able to successfully extract data on the email is by impersonating
websites that the users often use to send emails without the knowledge of the users. The browser
often confirms the website identity once establishing HTTPS connection by validating the
certificate provided by the web server. If the validation process fails, the browser will issue a
warning to the user that the connection is not secure. Through impersonation, intercepting
software is able to trick the browser is that the connection is secure thus allowing the
use is using your public PGP key to encrypt all incoming email to facilitate ensure that all the
messages are encrypted in storage. However, this approach faces some challenges for example,
being incapable of encrypting the “Sent Mail’ folder. Using PGP is basically unworkable given
all the above limitations with mobile access and modern workflows.
Extracting Information from Intercepted Emails
It is possible to extract information when an unencrypted email is intercepted through web traffic
by carrying out an attack called man-in-the-middle attack. This attack is carried out by
redirecting the encrypted connection to a malicious software or website pretending to be the
target or requested website. The attacker the creates a new encrypted connection to the target
proxy or website and retrieves being transmitted via the two connection back and forth and
retrieving the unencrypted data without being noticed (Bellovin, 2016). Since the attacker/
interceptor has access to the unencrypted data, he/she can read, modify, or block the content
received or sent by the client. There exist to major methods that the interceptor can use to
intercept web traffic and connection: remotely and locally.
Remote interception is where the attacker carries our interception by inserting a monitoring
software in the connection between the sender and the receiver so as to redirect the web traffic
carrying the data to the interceptor by utilizing the firewall rules. Attackers use a ‘security box’
to perform network interception that monitors and detects data exfiltration and attacks on the
computers connected to a network. The boxes are also used to analyze and intercept emails.
Local interception is where the attacker has direct access to the victim’s computer. The
interceptor modifies the operating system network stack to redirect and intercept web traffic to
the intercepting software (Jyothi, Verma and Shanker, 2010). Antiviruses often employs this
technique to identify any malicious malware trying to inject ads or steal credentials.
One way that interceptors are able to successfully extract data on the email is by impersonating
websites that the users often use to send emails without the knowledge of the users. The browser
often confirms the website identity once establishing HTTPS connection by validating the
certificate provided by the web server. If the validation process fails, the browser will issue a
warning to the user that the connection is not secure. Through impersonation, intercepting
software is able to trick the browser is that the connection is secure thus allowing the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
FOUNDATION OF CYBER SECURITY 14
unsuspecting users to send web traffic (Email) which can be intercepted by the attacker. If the
emails are not encrypted, as mentioned above, the interceptor will have access to email data and
can read, modify, or block it from reaching the destination.
Interception makes the email to lose integrity and causes the users to receive modified message
or completely block it from reaching the intended destination. However, it is still quite a mystery
how interceptors are able to generate valid certificates of unforgeable websites. They are able to
achieve this by adding root certificate to the trust store of the computers making it easy for them
to forge certificates making it possible for the browsers to trust the certificate that the interceptor
signed. It is quite difficult to measure interception because the attackers do not advertise
themselves. TLS fingerprinting can be used to determine if a connection was intercepted and
allows the users to identify the software making the interception.
Solution
The best method to protect communications through the web is by employing high level
encryption which basically involves scrambling and encoding data being sent using complex
mathematical algorithms so as to make it difficult for the interceptors to extract the information
upon interception. One of the mostly used type of encryption is public key cryptography where
users, organizations, ISPs, or business enterprises offer public key that any user can use to
encrypt data sent to them and the data can be decrypted using the private key confidential to
them only (Kundalakesi, Magesh-Babu and Chakarvarthy, 2015). Public key cryptography
employs to major ways of securing emails: network encryption and message encryption.
Message encryption is where users send scrambles gobbledegook instead of plain messages to
the target client who can only read the message. One of the popular tools for email encryption is
PGP which is a product from Symantec. Message encryption allows the sent message to be
encrypted across servers and networks even if the connection is compromised the message will
still remain secured. One of the challenges of message encryption is that, the user has to have
public key for every recipient you want to securely communicate.
Network encryption is where the connection between two communicating parties is encrypted
using transport layer security (TSL) (Kurt and Duru, 2015). TSL also has the ability to take care
of connection keys, nevertheless, many computing devices are pre-installed with certificate
unsuspecting users to send web traffic (Email) which can be intercepted by the attacker. If the
emails are not encrypted, as mentioned above, the interceptor will have access to email data and
can read, modify, or block it from reaching the destination.
Interception makes the email to lose integrity and causes the users to receive modified message
or completely block it from reaching the intended destination. However, it is still quite a mystery
how interceptors are able to generate valid certificates of unforgeable websites. They are able to
achieve this by adding root certificate to the trust store of the computers making it easy for them
to forge certificates making it possible for the browsers to trust the certificate that the interceptor
signed. It is quite difficult to measure interception because the attackers do not advertise
themselves. TLS fingerprinting can be used to determine if a connection was intercepted and
allows the users to identify the software making the interception.
Solution
The best method to protect communications through the web is by employing high level
encryption which basically involves scrambling and encoding data being sent using complex
mathematical algorithms so as to make it difficult for the interceptors to extract the information
upon interception. One of the mostly used type of encryption is public key cryptography where
users, organizations, ISPs, or business enterprises offer public key that any user can use to
encrypt data sent to them and the data can be decrypted using the private key confidential to
them only (Kundalakesi, Magesh-Babu and Chakarvarthy, 2015). Public key cryptography
employs to major ways of securing emails: network encryption and message encryption.
Message encryption is where users send scrambles gobbledegook instead of plain messages to
the target client who can only read the message. One of the popular tools for email encryption is
PGP which is a product from Symantec. Message encryption allows the sent message to be
encrypted across servers and networks even if the connection is compromised the message will
still remain secured. One of the challenges of message encryption is that, the user has to have
public key for every recipient you want to securely communicate.
Network encryption is where the connection between two communicating parties is encrypted
using transport layer security (TSL) (Kurt and Duru, 2015). TSL also has the ability to take care
of connection keys, nevertheless, many computing devices are pre-installed with certificate
FOUNDATION OF CYBER SECURITY 15
authorities keys allowing users to communicate without worrying about authentication keys.
Network encryption ensures that no one can be able to view email messages you receive or send
between your email provider and you because it is gobbledegook protecting your communication
from interceptors and secret government taps.
Message encryption is better used when you are communication with less than 10 people you
have to generate public key for each one of them and this won’t apply where you have several
contacts that you have to send emails. This applies mostly for personal communications. When
you are communicating with many people employing network/ connection encryption is the
preferred option because you don’t need to generate individual public key for every user
(Schöttle, 2014). This mostly applies to organizations and businesses that have to communicate
with many clients and employees.
authorities keys allowing users to communicate without worrying about authentication keys.
Network encryption ensures that no one can be able to view email messages you receive or send
between your email provider and you because it is gobbledegook protecting your communication
from interceptors and secret government taps.
Message encryption is better used when you are communication with less than 10 people you
have to generate public key for each one of them and this won’t apply where you have several
contacts that you have to send emails. This applies mostly for personal communications. When
you are communicating with many people employing network/ connection encryption is the
preferred option because you don’t need to generate individual public key for every user
(Schöttle, 2014). This mostly applies to organizations and businesses that have to communicate
with many clients and employees.
FOUNDATION OF CYBER SECURITY 16
Question 4
In this section, the use of Wireshark will be employed to analyze the network traffic
interceptions and connections. It captures real-time packets and display them in a format that can
be interpreted by humans. It includes color coding and filters that can be used to inspect and
analyze network traffic deeply. Wireshark will be used to capture, inspect, and filter packets to
determine any malicious network traffic or programs on the network and troubleshoot any
problems identified.
Start frame
By loading the packet into the software, several packet details can be generated. Some of the
details that can be identified from the packet include encapsulation type, arrival time, epoch
time, number and the length of the frame among other details. This means that if an attacker get
hold of the packet being transmitted over a network crucial information can be lot or modified if
proper encryption techniques have not been employed when transmitting the packet.
Figure 4: Starting Frame
Host Initiating Connection Mac Address
Question 4
In this section, the use of Wireshark will be employed to analyze the network traffic
interceptions and connections. It captures real-time packets and display them in a format that can
be interpreted by humans. It includes color coding and filters that can be used to inspect and
analyze network traffic deeply. Wireshark will be used to capture, inspect, and filter packets to
determine any malicious network traffic or programs on the network and troubleshoot any
problems identified.
Start frame
By loading the packet into the software, several packet details can be generated. Some of the
details that can be identified from the packet include encapsulation type, arrival time, epoch
time, number and the length of the frame among other details. This means that if an attacker get
hold of the packet being transmitted over a network crucial information can be lot or modified if
proper encryption techniques have not been employed when transmitting the packet.
Figure 4: Starting Frame
Host Initiating Connection Mac Address
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
FOUNDATION OF CYBER SECURITY 17
The Mac address of the host initiating the connection can be identified by analyzing the packet
being transmitted. Any packet being transmitted on a network contains the mac address of the
computer sending the packet and can be determined by analyzing the packet. Mac address is a
crucial information that attackers can use to attack host initiating connection of the packet is not
encrypted well. The diagram below shows the mac address of the host initiating connection.
Figure 5: Mac Address of the Host Initiating Connection
Mac Address of Destination Host
Before a packet is sent the host initiating connection and the destination host should be able to
connect and communicate and this means that the packet being sent contains both destination IP
and Mac Address to ensure that the destination host is reachable. When eavesdroppers get hold
of the packet being transmitted they can be able to acquire the details of the destination host.
Attacker may not need the contents of the packet but need the details of the destination host so
that they can load and attack it. Therefore, it is necessary to ensure that the best encryption
algorithms have been employed to secure both the packet being transmitted and the
communicating hosts.
The Mac address of the host initiating the connection can be identified by analyzing the packet
being transmitted. Any packet being transmitted on a network contains the mac address of the
computer sending the packet and can be determined by analyzing the packet. Mac address is a
crucial information that attackers can use to attack host initiating connection of the packet is not
encrypted well. The diagram below shows the mac address of the host initiating connection.
Figure 5: Mac Address of the Host Initiating Connection
Mac Address of Destination Host
Before a packet is sent the host initiating connection and the destination host should be able to
connect and communicate and this means that the packet being sent contains both destination IP
and Mac Address to ensure that the destination host is reachable. When eavesdroppers get hold
of the packet being transmitted they can be able to acquire the details of the destination host.
Attacker may not need the contents of the packet but need the details of the destination host so
that they can load and attack it. Therefore, it is necessary to ensure that the best encryption
algorithms have been employed to secure both the packet being transmitted and the
communicating hosts.
FOUNDATION OF CYBER SECURITY 18
Figure 6: Mac Address of Destination Host
Source and Destination IP Addresses
Any packet contains source and destination IP addresses attached to it so that it specifies the path
and the source and destination hosts. This information is very important because it ensures that
the packet reaches the intended destination host and the destination host can be able to identify
the source of the packet (validate). If such information gets into the hands of the attackers then
the communicating hosts are rendered vulnerable because the attackers can attack the hosts of
they don’t have proper and strong security measures and create great damage which include loss
of data and information.
Figure 6: Mac Address of Destination Host
Source and Destination IP Addresses
Any packet contains source and destination IP addresses attached to it so that it specifies the path
and the source and destination hosts. This information is very important because it ensures that
the packet reaches the intended destination host and the destination host can be able to identify
the source of the packet (validate). If such information gets into the hands of the attackers then
the communicating hosts are rendered vulnerable because the attackers can attack the hosts of
they don’t have proper and strong security measures and create great damage which include loss
of data and information.
FOUNDATION OF CYBER SECURITY 19
Figure 7: Source and Destination IP Addresses
Source and Destination Ports
Source and destination ports specify the port where the packet originates and the destination port.
The packet must have these details for the packet to be sent or received. Ports should be kept
secured always because if ports are left open, attackers may take advantage of the and attack the
hosts either to steal, destroy, or modify data and information. The diagram below shows the
source and destination ports.
Figure 7: Source and Destination IP Addresses
Source and Destination Ports
Source and destination ports specify the port where the packet originates and the destination port.
The packet must have these details for the packet to be sent or received. Ports should be kept
secured always because if ports are left open, attackers may take advantage of the and attack the
hosts either to steal, destroy, or modify data and information. The diagram below shows the
source and destination ports.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
FOUNDATION OF CYBER SECURITY 20
Figure 8: Source and Destination Ports
Conclusion
It is difficult to decipher a polyalphabetic cipher such as vinegere cipher because it allows for
similar key to be used more than once and are resistant to letter frequency analysis. Vinegere
cipher can be used in non-technical colleges and environments because it is difficult to crack, has
a complex encryption method, and the message cannot be decrypted without the key. Data that
have been deleted and are currently in the recycle bin can be recovered by moving the back using
the restore option provided by the recycle bin. For the securely deleted data, it is nearly
impossible to recover such data but there are some special cases such is if the data is overwritten
only once by the securely deleted data, expensive and advanced data recovery approaches can be
employed that uses previous data residual magnetic fields to try restore it
Figure 8: Source and Destination Ports
Conclusion
It is difficult to decipher a polyalphabetic cipher such as vinegere cipher because it allows for
similar key to be used more than once and are resistant to letter frequency analysis. Vinegere
cipher can be used in non-technical colleges and environments because it is difficult to crack, has
a complex encryption method, and the message cannot be decrypted without the key. Data that
have been deleted and are currently in the recycle bin can be recovered by moving the back using
the restore option provided by the recycle bin. For the securely deleted data, it is nearly
impossible to recover such data but there are some special cases such is if the data is overwritten
only once by the securely deleted data, expensive and advanced data recovery approaches can be
employed that uses previous data residual magnetic fields to try restore it
FOUNDATION OF CYBER SECURITY 21
The technique of securely destroying the data depends on the level of data sensitivity or paranoia
being destroyed. For Global Design LTD, most of the users are novice, that is, non-technical and
they consider the combination of permanent delete and recycle bin as sufficient to securely
destroy the data which is may not be the case. Encryption is an approach that is destructive in
nature and involves encrypting the data from the beginning to protect it from prying eyes during
destruction or deletion. It is essential to store the keys on devices such as YubiKey but
configuring such a device to handle PGP is quite difficult. Storing the on the local machine or in
the cloud makes it more vulnerable. The mail server spam cannot parse encrypted email to apply
server-side search or intelligent filtering
It is possible to extract information when an unencrypted email is intercepted through web traffic
by carrying out an attack called man-in-the-middle attack. This attack is carried out by
redirecting the encrypted connection to a malicious software or website pretending to be the
target or requested website. The attacker the creates a new encrypted connection to the target
proxy or website and retrieves being transmitted via the two connection back and forth and
retrieving the unencrypted data without being noticed.
The technique of securely destroying the data depends on the level of data sensitivity or paranoia
being destroyed. For Global Design LTD, most of the users are novice, that is, non-technical and
they consider the combination of permanent delete and recycle bin as sufficient to securely
destroy the data which is may not be the case. Encryption is an approach that is destructive in
nature and involves encrypting the data from the beginning to protect it from prying eyes during
destruction or deletion. It is essential to store the keys on devices such as YubiKey but
configuring such a device to handle PGP is quite difficult. Storing the on the local machine or in
the cloud makes it more vulnerable. The mail server spam cannot parse encrypted email to apply
server-side search or intelligent filtering
It is possible to extract information when an unencrypted email is intercepted through web traffic
by carrying out an attack called man-in-the-middle attack. This attack is carried out by
redirecting the encrypted connection to a malicious software or website pretending to be the
target or requested website. The attacker the creates a new encrypted connection to the target
proxy or website and retrieves being transmitted via the two connection back and forth and
retrieving the unencrypted data without being noticed.
FOUNDATION OF CYBER SECURITY 22
Reference List
Ahmad, S., beg, D., Abbas, D., Ahmad, J. and Atif, S. (2010). Comparative Study between
Stream Cipher and Block Cipher using RC4 and Hill Cipher. International Journal of Computer
Applications, 1(25), pp.15-21.
Bellovin, S. (2016). Easy Email Encryption. IEEE Security & Privacy, 14(6), pp.96-96.
Calinawan, C. (2015). Hybrid Encryption Algorithm Implementation on Electronic Mail
Service. SMCC Higher Education Research Journal.
Dey, S. (2012). SD-AREE-I Cipher: Amalgamation of Bit Manipulation, Modified VERNAM
CIPHER & Modified Caesar Cipher (SD-AREE). International Journal of Modern Education
and Computer Science, 4(6), pp.43-49.
Jyothi, M., Verma, D. and Shanker, D. (2010). Implementation and Analysis of Email Messages
Encryption and Image Steganography Schemes for Image Authentication and
Verification. International Journal of Computer Applications, 5(5), pp.22-27.
Keele, T. (2009). Privacy by Deletion: The Need for a Global Data Deletion Principle. Indiana
Journal of Global Legal Studies, 16(1), p.363.
Kundalakesi, M., Magesh-Babu, v. and Chakarvarthy, N. (2015). Email Privacy with Encryption
Standards. IARJSET, 2(12), pp.160-163.
Kurt, M. and Duru, N. (2015). Email Encryption using RC4 Algorithm. International Journal of
Computer Applications, 130(14), pp.25-29.
McCrea, R., Morgan, B., Brown, D. and Robinson, R. (2012). Conditional modelling of ring-
recovery data. Methods in Ecology and Evolution, 3(5), pp.823-831.
MushtaqSherAli, F. and Hassan-Sarhan, F. (2014). Enhancing Security of Vigenere Cipher by
Stream Cipher. International Journal of Computer Applications, 100(1), pp.1-4.
Omprakash, B. (2017). A Self or Manual Destruction of Data and its Secure Migration among
Different Clouds. International Journal for Research in Applied Science and Engineering
Technology, V(II), pp.699-704.
Reference List
Ahmad, S., beg, D., Abbas, D., Ahmad, J. and Atif, S. (2010). Comparative Study between
Stream Cipher and Block Cipher using RC4 and Hill Cipher. International Journal of Computer
Applications, 1(25), pp.15-21.
Bellovin, S. (2016). Easy Email Encryption. IEEE Security & Privacy, 14(6), pp.96-96.
Calinawan, C. (2015). Hybrid Encryption Algorithm Implementation on Electronic Mail
Service. SMCC Higher Education Research Journal.
Dey, S. (2012). SD-AREE-I Cipher: Amalgamation of Bit Manipulation, Modified VERNAM
CIPHER & Modified Caesar Cipher (SD-AREE). International Journal of Modern Education
and Computer Science, 4(6), pp.43-49.
Jyothi, M., Verma, D. and Shanker, D. (2010). Implementation and Analysis of Email Messages
Encryption and Image Steganography Schemes for Image Authentication and
Verification. International Journal of Computer Applications, 5(5), pp.22-27.
Keele, T. (2009). Privacy by Deletion: The Need for a Global Data Deletion Principle. Indiana
Journal of Global Legal Studies, 16(1), p.363.
Kundalakesi, M., Magesh-Babu, v. and Chakarvarthy, N. (2015). Email Privacy with Encryption
Standards. IARJSET, 2(12), pp.160-163.
Kurt, M. and Duru, N. (2015). Email Encryption using RC4 Algorithm. International Journal of
Computer Applications, 130(14), pp.25-29.
McCrea, R., Morgan, B., Brown, D. and Robinson, R. (2012). Conditional modelling of ring-
recovery data. Methods in Ecology and Evolution, 3(5), pp.823-831.
MushtaqSherAli, F. and Hassan-Sarhan, F. (2014). Enhancing Security of Vigenere Cipher by
Stream Cipher. International Journal of Computer Applications, 100(1), pp.1-4.
Omprakash, B. (2017). A Self or Manual Destruction of Data and its Secure Migration among
Different Clouds. International Journal for Research in Applied Science and Engineering
Technology, V(II), pp.699-704.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
FOUNDATION OF CYBER SECURITY 23
Rahmani, M. (2012). Alpha-Qwerty Cipher: An Extended Vigenere Cipher. Advanced
Computing: An International Journal, 3(3), pp.107-118.
Sagar, N. (2016). Preserving Data Privacy without Secure Channel. International Journal Of
Engineering And Computer Science.
Salimath, M. (2016). Secure Data Retrieval Of Attribute Based Encryption Policy
System. International Journal Of Engineering And Computer Science.
Schembri, F. (2018). Florence, Mangkhut bring data and destruction to coastal
scientists. Science.
Schöttle, H. (2014). Bavarian DPA takes tough line on email encryption. Journal of Direct, Data
and Digital Marketing Practice, 16(2), pp.140-142.
Shu, J., Zhang, Y., Li, J., Li, B. and Gu, D. (2017). Why Data Deletion Fails? A Study on
Deletion Flaws and Data Remanence in Android Systems. ACM Transactions on Embedded
Computing Systems, 16(2), pp.1-22.
Yang, D. (2013). Fast recovery method of effective data based on FAT32. Journal of Computer
Applications, 32(9), pp.2500-2503.
Zoubek, C. and Sack, K. (2017). Selective deletion of non-relevant data. Digital Investigation,
20, pp.S92-S98.
Rahmani, M. (2012). Alpha-Qwerty Cipher: An Extended Vigenere Cipher. Advanced
Computing: An International Journal, 3(3), pp.107-118.
Sagar, N. (2016). Preserving Data Privacy without Secure Channel. International Journal Of
Engineering And Computer Science.
Salimath, M. (2016). Secure Data Retrieval Of Attribute Based Encryption Policy
System. International Journal Of Engineering And Computer Science.
Schembri, F. (2018). Florence, Mangkhut bring data and destruction to coastal
scientists. Science.
Schöttle, H. (2014). Bavarian DPA takes tough line on email encryption. Journal of Direct, Data
and Digital Marketing Practice, 16(2), pp.140-142.
Shu, J., Zhang, Y., Li, J., Li, B. and Gu, D. (2017). Why Data Deletion Fails? A Study on
Deletion Flaws and Data Remanence in Android Systems. ACM Transactions on Embedded
Computing Systems, 16(2), pp.1-22.
Yang, D. (2013). Fast recovery method of effective data based on FAT32. Journal of Computer
Applications, 32(9), pp.2500-2503.
Zoubek, C. and Sack, K. (2017). Selective deletion of non-relevant data. Digital Investigation,
20, pp.S92-S98.
1 out of 23
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.