Assignment Sample on CTEC5801 Foundation of Cyber Security
Task1
The ‘C’ program to implement a Vigenere cipher.
Vigenere Cipher is type of poly-alphabetic substitution technique exercised for encrypting the alphabetic text. To encrypt and decrypt the “Vigenere Cipher Table” is brought into play where the alphabets from ‘A’ to ‘Z’ are written in 26 rows.
Vigenere Cipher Table
This appears to be unbreakable because of the exercise of up to 26 different cipher alphabets that is the reason for the name Poly-alphabetic Ciphers (Subandi, 2017).
Program for Vigenere Cipher
#include<stdio.h>
#include<string.h>
#include<ctype.h>
#include<stdlib.h>
#include<stdio.h>
#include<conio.h>
main()
{
int choice;
int i,j;
char passphrase[256]; char keyword[33];
int value;
while(1)
{
printf(“/n1.Encrypt /n”);
printf(“/n 2.Decrypt /n”);
scanf(“%d”,& choice);
if (choice == 1)
{
printf(“Please Enter Message to be encrypted /n”);
scanf(“%s”,&passphrase);
printf(“Please Enter keyword /n”);
scanf(“%s”,&keyword);
for(i=0,j=0;i
{
if(j>=strlen(keyword))
{
j=0;
}
value = (((passphrase[i])-97)+((keyword[j])-97)); //logic (passphrase+key)%26
printf(“%c”, 97+ (value %26));
}
}
else if (select == 2)
{
printf(“Please Enter Encrypted Message to be Decrypted /n”);
scanf(“%s”,&passphrase);
printf(“Please Enter key /n”);
scanf(“%s”,&keyword);
for(i=0,j=0;i
{
if(j>=strlen(keyword))
{
j=0;
}
value = ((passphrase[i])-96)-(keyword[j]-96);
if( value < 0)
{
value = value * -1; // to make the value positive
}
printf(“%c”,97 + (value % 26));
}
}
else
printf(“Please Choose a correct choice /n”);
}
}
Integrated Development Environment (IDE) employed in this program development is a standard “gcc” compiler for compilation. The user choice is encrypting / decrypting the given message. The user is asked to enter the passphrase and the keyword to be applied in the cipher. The output is supposed to be text printed at “stdout”.
The Vigenere Cipher is extremely tricky to decipher, owing to their resistance to alphabet frequency breakdown. This is unsusceptible to frequency analysis owing to the fact that the cipher rotates happens in unusual shifts, thus the same plaintext letter never gets encrypted to the same ciphertext letter. The weakness is if the key length is smaller than that of a plaintext length, then the key gets repeated, since it mainly produces the same ciphertext length that of the plaintext (Dian Rachmawati, 2018).
So, it is sufficient to use for the communication involving colleagues of the non-technical environment.
2. Policy Creation to Secure Data
I am the Information Security Specialist for Global Designs Ltd. The task assigned to me is to create set of policies to secure the data.
Security policies aim to endorse protections and restrict the distribution of data to authorized personnel only by access restrictions. An efficient data security policy that meets up all compliance necessities is a significant step in preventing security incidents such as data leaks / data breaches (Alqahtani, 2017).
Data Security
So , I create Operating System (OS) security policy.
OS Security Policies
This policy enclosed with the information outlining the processes of guaranteeing that the OS is maintaining a definite level of Confidentiality, Integrity, and Availability (CIA). This protects systems and data from intimidation, virus, worm, malware, ransom-ware, and back-door infringement. Security policies include defensive measures to safeguard OS, network, and the data that can be stolen, edited or deleted.
There are different kinds of security policies for the OS that could be brought in depending upon the business. The security policy of OS is having information that is providing the processes of making sure that the security of OS protects the systems and data from the intrusion. This in turn made up of 7 set of data security policies.
1. AUP – Acceptable Use Policy
This policy is supposed to be a typical on-boarding certificate which each and every member of staff signs ahead of being permitted to right to use the organization’s digital assets. This outlines the limitations and performs that a member of staff has to tag along while accessing the organization’s set of connections. The contents included in the AUP may perhaps be different based on the organization. Irrespective of the contents, the file ought to be reviewed no less than annually by the information Technology (IT), precautions, cyber, lawful and Human Resources (HR) departments to execute whichever changes that might have took place in recent times in the organization (Doherty, 2011).
2. ACP – Access Control Policy
This policy defines the contents that the employee can access. A number of subjects that possibly will be covered in the ACP consist of access control principles, pass-code complexity system, pass-code change guidelines, user and network admittance controls, user network admittance screening, workstation protection standards, and standards for deletion of organizational tools.
RAP – Remote Access Policy
A study reveals that the remote work during covid 19 rooted to the increase in data breach expenses. Organizations are supposed to put a remote access policy into practice to outline and identify procedures to distantly access the organization’s in-house networks. Organizations have need of this policy while there are detached networks with the capability to expand into unsecured system locations, for instance residence networks or airport.
3. CMP – Change Management Policy
This policy outlines the appropriate procedures for making a modification to the organization’s network, IT tools, software, precautions and equipped procedures. The idea of the change management policy is to make sure that an organization suitably tracks while changes to infrastructure take place, and that they are prepared with the least enveloping methods, particularly if those alteration openly impact the human resources and clients. Management has a huge part in executing the change management policy. They are typically the ones making the concluding decisions on changes occurrence taking place. They are supposed to increase the awareness and appreciate several change requests anticipated all through the organization.
4. ISP -Information Security Policy
The key objective of this security policy is to notify users that there are guiding principles around handling insightful data, and that they may perhaps be detained answerable for policy observance. These policies are divided into a lot of classes and cover numerous areas that take account of things like usage of the IT assets by the member of staff, network handling and Internet usage of the business (Mutlaq Alotaibi, 2016).
5. IRP – Incident Response Policy
The idea of the IR policy is to sketch out the response procedures while incidents come about. This consists of the steps that have to be taken to pull through from things like network downs, data loss, and damage to standard business functions, and worker or client issues. This will facilitate the reduction in recovery time and with lesser the collision expenditure.
DBRP – Data Breach Response Policy
The aim of the data breach response policy is to explain the process of dealing an occurrence and remediating the blow on business operations and consumers. This policy in general defines employees’ roles and responsibilities in dealing an event, principles and metrics, event reporting, remediation labors, and response mechanisms (Telang, 2015).
6. DRP – Disaster Recovery Policy
A disaster recovery plan is built-up as division of the bigger business continuity plan that is in inclusion with cyber security in addition to IT teams’ suggestions. There need to consigned teams to deal with an incident all the way through the data breach reaction policy. On the other hand, the business continuity plan is turned on only while the incident has a noteworthy impact on the business.
7. BCP – Business Continuity Policy
This policy describes the organizations’ response operation in an urgent situation and coordination efforts all through the organization. In addition, BCP possibly perform in cooperation with the disaster recovery plan to re-establish hardware, services, and data that are measured as indispensable for business stability (Fani, 2019).
Recommendations for Data Protection
- make sure systems are patched or updated on a regular basis
- Install and update antivirus software
- set up a firewall and ensure it is configured appropriately to keep an eye on all inward and departing traffic
- place user management procedures into practice to protect user accounts and privileges
- classify the data is into 5 levels to dictate the call for protection such as
- level-1 as apublic information
- level-2 as a information of an organization need to be selected for keeping it as confidential however revelation will not grounds substance harm
- level-3 as ainformation is with the risk of substance harm to individuals / the organization if made known to others
- level-4 as a information is with the higher risk of causing severe harm to individuals / the organization if made known to others
- level-5 as a information may perhaps grounds rigorous harm to individuals / the organization if made known to others
- Outline the data back-up techniques along with the level of encryption to be used and the third party service providers to be employed (Ruivo, 2014)
- Personally Identifiable Information (PII) and perceptive data are required to be protected in accordance with organizational principles, best observance, business compliance principles and guideline
- Data should be firmly communicated with encryption and not transferred through public networks to steer clear of assault
Recommendation for Data Deletion
- bring sanitization techniques into play with 3 classes of action termed clear, purge, and destroy
- physically destroy the drive and render it to be unusable
- degauss the drive to randomize the captivating domains by means of representing the drive unusable in the course of action
- overwriting the drive’s data so that it cannot be recovered (Cachin, 20132)
- apply a file-shredding application for example eraser
- eraser is a tool seeking restoring the balance via repeatedly overwriting each bit of data in files or folders selected for deletion
- securely wipe out recycle bin
- apply secure data deletion that makes sure that the deleted file is never be retrieved so as to protect sensitive data properly.
- remove ways of outsiders to extract discarded storage hardware for records
- format the hard disk drive
- opt for secure empty trash
- use Installation disc and reboot the computer
- exercise policy based deletion mechanism
- physically demolish the drive(Lim, 2010)
Thus the recommendations are decided by me and offered to the Global Designs Ltd.
3. The Current State of the Art Encrypted E-Mail Solution
I am the Consultant for the Data Storage Solutions. IN this report I am giving the current state of the art encrypted e-mail solutions.
Presently, the e-mail encryption is becoming the mainly important in the context of public cloud services host the greater part of digital world communications. The hacking of the information by worldwide organizations is not very much transparent however very money-spinning the primary as well as essential concern is. These transits of off the record information all the way through e-mail, for instance personal identifiable data, fiscal transactions or deliberate projects are becoming the intention of hackers.
The realization of the General Data Protection Regulation (GDPR) in recent times tremendously contributed to sensitize consumer and, along with a range of protection measures that are to be put into operation. This called for the mail encrypted messages considerable increase.
The challenges in the specialized ground are to come up with the money for trouble-free solutions to exercise with a controlled capacity for change management, in addition to ensuring the privacy of the substance contained inside the messages. At present, the exploit of e-mail encryption is being forced in a number of sectors; particularly those that deal with data interrelated to wellbeing, economics or real estate.
The primary principles of e-mail encryption as well as the vital building blocks of the application in the certified context are discussed in this report.
E-mail encryption is composed of the content of an e-mail that is made unreadable therefore nobody, apart from the addressee, is able to read the communication. Once the detail is encrypted, a key will be considered necessary to decrypt the same along with include right to use the content. There are quite a lot of e-mail encryption protocols, such as OpenPGP, TLS or S/MIME, the most widely utilized in the present day.
Encryption is able to be carried out in several ways. They are given as follows (Al-Shabi, 2019)
Symmetric cryptography algorithms with the secret key
In this method the same key has been used to encrypt as well as decrypt the message. This means the call for to transferring the key to the letter writer that is making the realization extra difficult and uncertain, in view of the fact that the key is capable of interception.
Algorithms of asymmetric cryptography with the public and private key
In this method there are 2 keys, namely a public key to encrypt the messages and a private key to decipher the same. In this technique merely the addressee of the message is capable of deciphering the content. This method in addition guarantees the genuineness of a message via the digital signature so as to make sure that the correspondent is the writer of the message. The majority of the companies that at present recommend encryption services rely on this most recent type of cryptography, well thought-out as the safer among the two.
The Professional E-Mail Encryption
This type of encryption services implemented use asymmetric cryptography, combining public key along with private key, to assure higher level security of message exchanges. This particular solution is based on Secure – Multipurpose Internet Mail Extensions (S-MIME), a standard that is derived from X.509 electronic certificates for indication and encryption of e-mail. This guarantees the integrity and confidentiality of the data, whereas the electronic signature guarantees the non-repudiation and confirmation of the content (Choudhary, 2013).
The S-MIME protocol is well-matched with most of the e-mail regulars, for instance Microsoft Outlook, Thunder-bird, Apple / iPhone Mail, Lotus Notes, Gmail on Android, and so on.
Encryption On-premise
This facilitates trouble-free deployment and user friendly access. A great representative of the insurance business encrypted the Office365 e-mail service in which the human resources mail health records of regulars to doctors by means of public G-mail / hotmail accounts. The e-mail of this private information need to be made in a safe and sound way, in view of the fact it is exactingly off the record information. As the human resources of the insurer were not skilled in the exploit of computer tackle, a straightforward solution was desired that did not have need of any profound installation (Gastermann, 2015).
Net-mail Encrypt solution would be very much apt in this situation and was implemented, in such a way that, from Office365, it is simply required to create a routing regulation with the intention that sensitive messages are encrypted. To accomplish this, the client has no more than to describe the message as top secret by inserting a tag for example “encrypted” in the theme of the e-mail. As well, the officer moreover has the likelihood to form shipping guiding principle derived from the metadata of the e-mail in terms of both the addressee and the correspondent. At the end of the recipient, by means of G-mail, Hotmail or some supplementary solution, there is nil to install. The very early time the client receives an encrypted e-mail, will be requested to form his individual pass-code. Subsequent to that, will gain right to use to the encrypted e-mails and be able to read the content and add-on, in addition to act in response to communication.
For that reason, one of the most important advantages of Net-mail Encrypt is the effortlessness in the execution and in the day by day administration, composing it extremely apt for companies with non-technical users and functioning with Office365 or supplementary commercial solutions.
Cloud Encryption
The security and flexibility for small and medium sized companies who are all the time maintaining the maximum level of security, encryption task have need of adapting to the requirements of companies of whichever size and segment. But the simple need is to not to set the installation aside of a devoted server for grounds of funds or resources. They demand solutions that are trouble-free to implement and skilled of adapting to meticulous situations (Soofi, 2014).
The clinic with above 130 users with the need of encryption in the course of special health certificates such as Health Info Network (HIN) with the Cleanmail Sign plus Encrypt solution. For this situation a cloud encryption check was put into practice to allow integrating the option of this certificate for consumer. The solution is derived from the technology SEPP-mail incorporated in the anti-spam and anti-spam filter of Clean-mail. These without human intervention manage safety measures certificates and make the execution and management simpler of the service.
This competence of computerization allows to effort with companies of unusual sizes and segment from the Health Sector to Consultant / Private Corporation of each and every class. This solution permit organizations to take the edge off the risks linked to authoritarian violations, data beating and hackers by evidently shielding off the record or private information.
The Protocols for E-Mail Encryption
Encryption of an e-mail in-transit
The encryption at Transport Layer Security (TLS) is brought into play by the service providers of e-mail like Google for securing the e-mails they progress from the correspondent to addressee. It stops while e-mail gets comprehend subsequent to they are threw but not delivered. Prior to the protocol of TLS (Parmar, 2015), it is regular for the cyber criminal will be able to interpret the e-mails when in-transmit and not protected. The confidential information send through e-mail such as data with private, transactions of money or venture with strategic plan are becoming the hacker’s mark. The GDPR execution contributed to the client with sensitive details and surrounded by the diverse measures of protection. The specialized field offers effortless solutions to exercise with the capability restricted for the change of management and the confidentiality of the messages substance termed the Man in the Middle (MITM) attack immensely smashed the business. While TLS is offering the fortification exceptionally strong alongside the explicit attacks, the e-mails are merely secure while they are in-transit and cyber criminal are clever to finding the middle ground of an e-mail account by phishing / reading e-mail / attachments.
The e-mails holding highly sensitive information cannot be dealt by means of the TLS encryption that lacks in adequate level of security. A lot of businesses are getting directed towards the enterprise e-mail a solution called end-end encryption.
End-End encryption of e-mail
The businesses configuring their e-mail encryption systems manually are facing massive difficulty and complexity involved in configuration process frequently associated with vulnerabilities. The end-end encryption confirms that the messages of e-mail are encrypted by the correspondent and decrypted by the addressee on the piece of equipments. This is protected at every stage of release and incapable to comprehend by the e-mail server too. It is extremely hard for the cyber criminals to find the middle ground of the information that is perceptive as well as attachments. The end-end encryption makes use of the public keys for making the e-mail safe. The correspondent encrypts the messages by means of the public key of addressee. The addressee decrypts the communication by means of the private key. Both the methods implemented by the businesses are Pretty Good Privacy (PGP) and S-MIME (Abdulnabi, 2013).
4. Assessment of Traffic Analysis
In general, there are 2 techniques to perform traffic-analysis attack. They are passive and active. In passive traffic-analysis, the invaders pull out features from the traffic of a detailed flow on one surface of the network and checks for those features on another surface of the set of connections. Network Traffic Analysis (NTA) is an indispensable means to screen network accessibility and movement to recognize anomalies, capitalize on performance, and observe the attacks.
Regular use cases for NTA take account of
- accumulation of real-world and past record of happening on the set of connections
- become aware of malware like ransomware action
- identifying the exploit of susceptible protocol and cipher
- Troubleshooting a time-consuming set-up
- Improving inner visibility and get rid of shade spots
This continuously monitors the network traffic to optimize network presentation by lessening the attack surface, add to security, and get better the administration of resources. On the other hand, merely perceptive on monitoring network traffic is insufficient. It is significant to furthermore judge the data sources for the network screening tool (Mohammed, 2013).
The network is a significant element in the attack surface that gains visibility keen on the network data providing an additional area to detect attacks and prevent them in the early hours. The key benefits are
- enhanced visibility into piece of equipments connecting to the network such as Internet of Things (IoT) devices, healthcare visitors
- meet up the compliance necessities
- Troubleshoot functional and safety measures issues
- act in response to investigations quicker with prosperous feature and supplementary network framework
The Key Step
The key step in setting up NTA is making sure of collection of data from the correct sources. Stream data is immense to decide on traffic volumes and drawing the drive of a network packet from the source to the destination. This rank of information is able to lend a hand in detecting unauthorized Wide Area Network (WAN) traffic and make the most of network resources and presentation, however it is lacking in prosperous detail and perspective to look at cyber security issues.
Packet data pulled out from network packets is able to lend a hand in network management and understanding the users’ implementation / operational services, tracking procedure on WAN links, and monitoring for mistrustful malware or further security incidents. Deep packet inspection (DPI) tackle endow with 100% visibility above the network with transforming the unrefined metadata into a decipherable format and facilitating the network and security managers to bore down to the smallest detail (Ruckshana, 2019).
The importance of NTA
Monitoring the network perimeter is forever fine practice. Even the powerful firewalls primed may realize mistakes happening and rogue traffic possibly will wear out. Client may perhaps in addition pull methods like tunneling, outer anonymizer, and Virtual Private Networks (VPN) to become known on firewall policy.
Furthermore, the increase of ransomware as a widespread attack form in current years creates network traffic screening doubly important. A network screening solution is supposed to be competent to become aware of activity pinpointing of ransomware attacks through unconfident protocols. Take WannaCry ransomeware attack is an example, in which attackers aggressively scanned for set of connections with TCP port-445 open, and then exploited a vulnerability in SMBv1 to contact network file shares. The source, destination protocol is shown
Make sure to ensure the network data for several devices execuing unencrypted administration protocols like Telnet, Hypertext Transport Protocol (HTTP, port-80), Simple Network Management Protocol (SNMP, ports-161/162), and Cisco Smart Install (SMI port-4786).All address is shown below
The Purpose of Analyzing and Monitoring Network Traffic
The purpose is to
- Detect ransomware activity
- Monitor data exfiltration / Internet activity
- Monitor admittance to files on File Servers or MS-SQL databases
- Track a user’s movement on the set-up, although client forensics reporting
- endow with an inventory on contrivances, servers and applications running on the set of connections
- emphasize and make out root cause of band-width peaks on the system
- make real-world dashboards available for focusing on net and consumer activity
- produce network activity reports for administration and assessor for every time period(Wang, 2011)
NTA is an indispensable way to keep an eye on network availability and goings-on to spot anomalies, and take advantage of performance. In conjunction with log aggregation, and end-point data, network traffic is a center section of the wide-ranging visibility and defense analysis to find out threats before time and turn off them quickly.
References
Abdulnabi, M. &. M. K. M. L. &. Z. A. &. B. B., 2013. Suitability of adopting S/MIME and OpenPGP email messages protocol to secure electronic medical records.. s.l., FGCT, pp. 93-97..
Alqahtani, F., 2017. Developing an Information Security Policy: A Case Study Approach.. Procedia Computer Science., pp. 691-697..
Al-Shabi, M., 2019. A Survey on Symmetric and Asymmetric Cryptography Algorithms in information Security.. International Journal of Scientific and Research Publications.
Cachin, C. &. H. K. &. H. H.-C. &. S. A., 20132. Policy-based secure deletion. Proceedings of the ACM. s.l., ACM, pp. 259-270..
Choudhary, S., 2013. E-mail Security: Issues and Solutions.. International Journal of Computer Information Systems., pp. 42-46. .
Dian Rachmawati, M. A. B., 2018. Enhancing File Security by using Vigenere Cipher and Even Rodeh Code Algorithm. s.l., IC3INA.
Doherty, N. &. A. L. &. F. H., 2011. Reinforcing the security of corporate information resources: A critical review of the role of the acceptable use policy.. International Journal of Information Management, pp. 201-209.
Fani, S. &. S. A., 2019. Trend of Business Continuity Plan: A Systematic Literature Review.. Sidoarjo, Indonesia, ICBLP .
Gastermann, B. &. S. M. &. K. A. &. K. B. 1. 1., 2015. Secure Implementation of an On-premises Cloud Storage Service for Small and Medium-sized Enterprises.. Procedia Engineering. .
Lim, T.-H. &. S. J.-S. &. K. S.-Y., 2010. A Study on the Guideline for the Data Deletion.. Journal of Information Management.
Mohammed, A., 2013. Network Traffic Analysis: A Case Study of ABU Network.. Intelligent Systems Engineering.
Mutlaq Alotaibi, S. F. a. N. C., 2016. Information security policies: A review of challenges and influencing factors. s.l., ICITST.
Parmar, H. &. G. A., 2015. Analysis and Study of Network Security at Transport Layer.. International Journal of Computer Applications., pp. 35-40..
Ruckshana, K. &. R. G., 2019. Network Traffic Analysis in Cloud: A Survey.. Asian Journal of Computer Science and Technology, pp. 61-65.
Ruivo, P. &. S. V. &. O. T., 2014. Data Protection in Services and Support Roles – a Qualitative Research amongst ICT Professionals.. Procedia Technology., pp. 710-717.
Soofi, A. &. K. M. &. A. F.-e., 2014. Encryption Techniques for Cloud Data Confidentiality.. International Journal of Grid and Distributed Computing., pp. 11-20.
Subandi, A. &. M. R. &. S. C. &. S. R. W., 2017. Three-Pass Protocol Implementation in Vigenere Cipher Classic Cryptography Algorithm with Keystream Generator Modification.. Advances in Science, Technology and Engineering System.
Telang, R., 2015. Policy Framework for Data Breaches.. IEEE Security & Privacy., pp. 77-79. .
Wang, W. &. Z. X. &. S. W. &. L. S. &. F. D., 2011. Network Traffic Monitoring, Analysis and Anomaly Detection.. IEEE Network., pp. 6-7..
Great blog you have here.. Itís hard to find good quality writing like yours nowadays. I honestly appreciate individuals like you! Take care!!
https://suba.me/