T1 2019 MN502 Network Security Report: Digital Security Analysis

Verified

Added on 2023/03/20

AI Summary

This report provides an analysis of several key aspects of digital security, encompassing Google Dorking search operators, encryption methods, cloud computing service models, and protocol analyzers. The report begins by outlining various Google Dorking operators like allintext, allintitle, allinurl, filetype, and inanchor, along with their potential security threats and recommended protective measures. It then delves into encryption and cryptoperiods, detailing different hashing algorithms, symmetric and asymmetric key algorithms (AES, TDEA, RSA, ECC), and their respective key types and average cryptoperiods. Furthermore, the report explores cloud computing service models such as IaaS, PaaS, and SaaS, and highlights leading cloud computing solutions like Microsoft Azure and Amazon Web Services (AWS). Finally, the report discusses the role of protocol analyzers, particularly Wireshark, in network monitoring and performance analysis, emphasizing their importance in identifying network issues and preventing service disruptions. The report concludes by summarizing the key findings and emphasizing the significance of these topics in the context of network security.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

A presentation on Digital
Security

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Google Dorking search
operators, part 1
Allintext: The advanced search
operator finds texts and pages
containing terms entered by user.
Allintitle: This search operator
presents an efficient method for
finding blogs based on keywords
present in their title.

Google Dorking search
operators, part 2
Allinurl: This search operator
enables people in finding pages with
respective keywords present in URLs
web pages – internal search engine
Cache: The cache operator makes
people capable of viewing the latest
cache contents.

Google Dorking search
operators, part 3
Filetype: The filetype operator is
used to obtain contents of specific
file types.
Inanchor: This google dorking search
operator is used for identifying
webpages having inbound links [2].
These web pages contain anchor
texts.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Google Dorking Security Threats
 Malicious cyber actors make use
of advanced Google Dorking
search operators.
 These cyber criminals target
SCADA, VoIP, ICS as well as
router and switch information.
 This is how sensitive data gets
stolen to aid in further
compromising the systems

Recommended Protection from
Dorking
 The Google Hacking Database
must be consulted and premade
dorking queries to be fetched.
 The queries should be run on
existing domains of businesses
to know about the web
presence.
 The information should then be
erased using the Google
Webmaster Tool.

Encryption and Cryptoperiods part 1
The hashing algorithms identified in
the table are:
Hash A algorithm involving digital
signatures
Hash B algorithm involving hash
based message authentication
code
Encryption
Algorithm
Type of Key Cryptoperiod Average
time
Hash A (Digital
Signatures)
Private signature
key
1 to 3 years 2 years
Hash B (HMAC) Private Key
Transport Key
2 years
Symmetric
Cryptography
(AES)
Symmetric
Master Key
1 years 3 years
Symmetric
Cryptography
(TDEA)
Symmetric Data
Encryption Key
5 years
Asymmetric
cryptography
(RSA)
Public signature
key
7 years 4 to 5 years
Asymmetric
cryptography
(ECC)
Private
Authorization Key
2 years

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Encryption and Cryptoperiods part 2
 Symmetric key algorithms
identified from the table are:
 AES or Advanced Encryption
Standard using symmetric
master key[4].
 TDEA or Triple Data Encryption
Algorithm using symmetric data
encryption key.
Encryption
Algorithm
Type of Key Cryptoperiod Average
time
Hash A (Digital
Signatures)
Private signature
key
1 to 3 years 2 years
Hash B (HMAC) Private Key
Transport Key
2 years
Symmetric
Cryptography
(AES)
Symmetric
Master Key
1 years 3 years
Symmetric
Cryptography
(TDEA)
Symmetric Data
Encryption Key
5 years
Asymmetric
cryptography
(RSA)
Public signature
key
7 years 4 to 5 years
Asymmetric
cryptography
(ECC)
Private
Authorization Key
2 years

Encryption and Cryptoperiods part 3
 Asymmetric key algorithms
identified in the table are:
 RSA encryption algorithm
Encryption
Algorithm
Type of Key Cryptoperiod Average
time
Hash A (Digital
Signatures)
Private signature
key
1 to 3 years 2 years
Hash B (HMAC) Private Key
Transport Key
2 years
Symmetric
Cryptography
(AES)
Symmetric
Master Key
1 years 3 years
Symmetric
Cryptography
(TDEA)
Symmetric Data
Encryption Key
5 years
Asymmetric
cryptography
(RSA)
Public signature
key
7 years 4 to 5 years
Asymmetric
cryptography
(ECC)
Private
Authorization Key
2 years

Cloud Computing Service models
 In IaaS model users are given
access to computing resources of
cloud infrastructure.
 In PaaS model, the users are
supplied with an environment for
building applications and platforms.
 In SaaS model, users are supplied
with web based solutions for
accessing cloud services [3].
 In SaaS, Users are not required to
install applications or tools for
access.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Cloud Computing Products – Azure
and AWS
 Microsoft Azure is a cloud
computing solution from
Microsoft
 The solution offers all the
service models - IaaS, PaaS and
SaaS
 Amazon Web Services or
Amazon (AWS) is the cloud
computing solution from
Amazon.
 AWS provides services for both
IaaS and PaaS service models.

Protocol Analyzer
The protocol analysers are used by
the IT staff of businesses and
enterprises for monitoring the
network traffic and performance.
By detailed analysis of the data,
experienced network admins can
identify the problems and faults that
are present in the network.
Such network analysis is extremely
important in order to prevent
network outages, abnormal network
behaviour and disruption of
services[5].

Wireshark – Network Analysis in
Virtual Machine
 Wireshark can be used to view
the packets that have been
transferred over the network [1].
 It shows the type of
communication and protocols
used.
 Wireshark can also be used to
look at the flow graph of the
network.
 The flow graph shows in which
areas of the network, the
communications are occurring.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Conclusion
 This report successfully analyses the advanced search operators for google
dorking, cryptoperiods in encryption, cloud computing and protocol
analysers.
 These operators are identified to be used by researchers, marketers as well
as hackers and other cyber criminals.
 The report also includes cryptoperiods for the different encryption
algorithms used by hashing, symmetric cryptography and asymmetric
cryptography.
 The different cloud computing service models are found to be IaaS, PaaS
and SaaS, and leading cloud computing solutions are Azure and AWS.
 Protocol Analysers are important in ensuring stable network and leading
solutions are Wireshark and WMA.

References
 A.Y. El Sheikh, Evaluation of the capabilities of Wireshark as network intrusion
system. Journal of Global Research in Computer Science, 9(8), pp.01-08. , 2018.
 G. Horsman, A forensic examination of online search facility URL record
structures. Journal of forensic sciences, 64(1), pp.236-242. , 2019.
 L.Wu, S.K. Garg, and R. Buyya, Service level agreement (SLA) based SaaS cloud
management system. In 2015 IEEE 21st International Conference on Parallel and
Distributed Systems (ICPADS) (pp. 440-447). IEEE. , 2015, December.
 M. Bellare, and B. Tackmann, The multi-user security of authenticated encryption:
AES-GCM in TLS 1.3. In Annual International Cryptology Conference (pp. 247-276).
Springer, Berlin, Heidelberg. , 2016, August.
 R.P. Jover, LTE security, protocol exploits and location tracking experimentation
with low-cost software radio. arXiv preprint arXiv:1607.05171. , 2016.