6 Advance Network and Infrastructure Security Case Study for NPB Bank

Verified

Added on 2022/12/30

AI Summary

This case study examines the network and infrastructure security of National People's Bank (NPB), a major financial institution in Melbourne. The analysis focuses on vulnerabilities within the bank's online and mobile banking systems, including the use of HTTP protocol, password security, and data storage practices. The assignment explores the need for HTTPS migration, strong hashing algorithms, and normalization of data. It delves into cryptographic methods like AES and RSA, and discusses potential threats such as brute force and dictionary attacks. Furthermore, it addresses risk management strategies, including identifying areas of risk, implementing mitigation techniques, and establishing auditing processes. The study also highlights the importance of user awareness, policy enforcement, and the use of security protocols like IPsec (Transport and Tunnel modes), along with tools like network mappers and authentication servers. Finally, it touches on cryptographic algorithms like 3DES and their role in data encryption, providing a comprehensive overview of the bank's security posture and potential areas for improvement.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

[Document Title] 1
Advance Network and Infrastructure Security
TASK 1
1.
 Protocol – HTTP protocol does not encrypt all the communications and traffic between the
client and the server. The communication could be sniffed by an attacker to get plain login
credentials. Migrating to HTTPS would secure and encrypt all the communications between the
client and the server.
 Password – All the passwords for both the mobile and the internet bank online should be highly
encrypted using some form of a hashing algorithm.
2. The inputs are divided into blocks of data of fixed size. Each of the input is accepted by the hash
function as parameters. The hash function is then used to generate values from the blocks of data. The
values generated are the hashed text of data.
3. Required improvement. The current system could allow leakage of information through passwords
that are not hashed and unencrypted network traffic. The credentials for both the mobile and the web
are different. This is a poor management technique of storing data. The data needs to be normalized.
4. AES AND RSA.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

[Document Title] 2

[Document Title] 3
FIG: RSA
FIG: AES
5.
 Brute force - a trial and error technique against a series of known hashes (Bernstein, 2005)
 Dictionary – use of a large set of word to check against the hashes.

[Document Title] 4
6.
 General areas of risk – identify the major areas that are likely to affected by a risk occurrence.
 Ways of addressing the risk – identify ways in which the risks can be resolved.
 Auditing – auditing the systems to ensure compliance with the risk rules and guidelines.
7.
 Awareness – creating awareness among the members to inform about possible risks and
mitigation techniques.
 Policies and guidelines
 Enforcement – Ensuring that the setup policies are adhered to.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

[Document Title] 5
TASK 2
1. Transport mode is used for encrypting end to end communications while Tunnel mode is used to
encrypting communication between gateways or an end station connected to a gateway.
2.
3. Crafting packets with an internet address that has been modified to impersonate a computer system.
The header of the source address is different from that of the actual address.
4. A network mapper that is used to discover hosts and identify services of a computer system by
sending a series of data packets and analyzing the response from the target system.
5. An implementation of a simple central server for authentication, authorization and accountability of
logons enhanced by the use of routers and switches. The logons are managed by the network devices.

[Document Title] 6
6.
3DES is a cryptographic algorithm that is used to encrypt and decrypt blocks of data using fixed
lengths. 3DES applies DES three times during encryption (Singh, 2013).
Both DES and 3DES uses the same key both the encryption and decryption process (Mandal, 2012).
DES uses a key size of 56 bits during encryption while 3DES uses 18 bits.
7. An algorithm that is used during the operations of process such as encryption and decryption. The
process is divided into a series of well define steps. Each of the given steps is followed as a procedure
or a routine.

[Document Title] 7
References
Bernstein, D.J., 2005, May. Understanding brute force. In Workshop Record of ECRYPT STVL
Workshop on Symmetric Key Encryption, eSTREAM report (Vol. 36, p. 2005).
Mandal, P.C., 2012. Evaluation of performance of the Symmetric Key Algorithms: DES, 3DES, AES
and Blowfish. Journal of Global Research in Computer Science, 3(8), pp.67-70.
Singh, G., 2013. A study of encryption algorithms (RSA, DES, 3DES and AES) for information
security. International Journal of Computer Applications, 67(19).