Short Questions

I) Short Questions:

1
	What is computer security? Computer security basically is the protection of computer systems and information from harm, theft, and unauthorized use. It is the process of preventing and detecting unauthorized use of your computer system. There are various types of computer security which is widely used to protect the valuable information of an organization. What is Computer Security and its types? One way to ascertain the similarities and differences among Computer Security is by asking what is being secured. For example, Information security is securing information from unauthorized access, modification & deletion Application Security is securing an application by building security features to prevent from Cyber Threats such as SQL injection, DoS attacks, data breaches and etc. Computer Security means securing a standalone machine by keeping it updated and patched Network Security is by securing both the software and hardware technologies Cybersecurity is defined as protecting computer systems, which communicate over the computer networks
Video

2

Computer security threats Computer security threats are possible dangers that can possibly hamper the normal functioning of your computer. In the present age, cyber threats are constantly increasing as the world is going digital. The most harmful types of computer security are: Viruses A computer virus is a malicious program which is loaded into the user’s computer without user’s knowledge. It replicates itself and infects the files and programs on the user’s PC. The ultimate goal of a virus is to ensure that the victim’s computer will never be able to operate properly or even at all.  Computer Worm A computer worm is a software program that can copy itself from one computer to another, without human interaction. The potential risk here is that it will use up your computer hard disk space because a worm can replicate in greate volume and with great speed. Phishing Disguising as a trustworthy person or business, phishers attempt to steal sensitive financial or personal information through fraudulent email or instant messages. Phishing in unfortunately very easy to execute. You are deluded into thinking it’s the legitimate mail and you may enter your personal information.

Video

3
Video

4

Computer Security Challenges : Security is not simple it requires a lot of research and mone.y Potential attacks on the security features need to be considered. Procedures used to provide particular services are often counter-intuitive. It is necessary to decide where to use the various security mechanisms. Requires constant monitoring. Security mechanisms typically involve more than a particular algorithm or protocol. Security is essentially a battle of wits between a perpetrator and the designer. Little benefit from security investment is perceived until a security failure occurs. Strong security is often viewed as an impediment to efficient and user-friendly operation

Video

5.

Electronic Code Book (ECB) is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value and vice versa. In other words, the same plaintext value will always result in the same ciphertext value. Electronic Code Book is used when a volume of plaintext is separated into several blocks of data, each of which is then encrypted independently of other blocks. In fact, Electronic Code Book has the ability to support a separate encryption key for each block type. However, Electronic Code Book is not a good system to use with small block sizes (for example, smaller than 40 bits) and identical encryption modes. This is because some words and phrases may be reused often enough so that the same repetitive part-blocks of ciphertext can emerge, laying the groundwork for a codebook attack where the plaintext patterns are fairly obvious. However, security may be improved if random pad bits are added to each block. On the other hand, 64-bit or larger blocks should contain enough unique characteristics (entropy) to make a codebook attack unlikely to succeed.

6	What is the OSI model? The Open Systems Interconnection (OSI) model is a conceptual model created by the International Organization for Standardization which enables diverse communication systems to communicate using standard protocols. In plain English, the OSI provides a standard for different computer systems to be able to communicate with each other. The OSI model can be seen as a universal language for computer networking. It’s based on the concept of splitting up a communication system into seven abstract layers, each one stacked upon the last.
Video

7

A passive attack is a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. The purpose is solely to gain information about the target and no data is changed on the target. Passive attacks include active reconnaissance and passive reconnaissance. In passive reconnaissance, an intruder monitors systems for vulnerabilities without interaction, through methods like session capture. In active reconnaissance, the intruder engages with the target system through methods like port scans. Methods of passive attacks: War driving detects vulnerable Wi-Fi networks by scanning them from nearby locations with a portable antenna. The attack is typically carried out from a moving vehicle, sometimes with GPS systems that hackers use to plot out areas with vulnerabilities on a map. War driving can be done just to steal an Internet connection or as a preliminary activity for a future attack. In dumpster diving, intruders look for information stored on discarded computers and other devices or even passwords in trash bins. The intruders can then use this information to facilitate covert entry to a network or system. An intruder might masquerade as an authorized network user and spy without interaction. With that access, an intruder might monitor network traffic by setting the network adapter to promiscuous mode. A passive attack contrasts with an active attack, in which an intruder attempts to alter data on the target system or data en route for the target system. =============================================== An active attack is considered an assault on a network or system. In such an attack, the threat actor interferes with how a network or system works by changing the target data or introducing new data. An active attack refers to all kinds of activities that occur when a person tries to “hack” into a server or computer. In contrast to passive attacks, wherein hackers do not make modifications but rather listen in or monitor activities, active attacks involve introducing unwanted changes. In some cases, hackers use the data they gathered from a passive attack to carry out an active attack. In a nutshell, an active attack refers to actual “hacking,” while a passive attack can be likened more to “spying.” What Are the Different Active Attack Types? Masquerade Attack In a masquerade attack, intruders pretend to be legitimate computer users to gain access to the network they are connected to. Hackers initiate masquerade attacks after stealing login usernames and passwords via vulnerability exploitation or bypassing authentication procedures. Session Replay Attack A session replay attack happens when hackers steal legitimate users’ login details through session ID theft. Also known as “playback attacks” or “replay attacks,” attackers “repeat” or “delay” data transmissions, allowing them to steal a target’s credentials so they can pretend to be him or her in network communications. Message Modification In message modification, attackers change packet header addresses. As such, they can send the message to a different target or alter data on a target machine to get into a network. Denial-of-Service Attack A denial-of-service (DoS) attack causes a network resource to become unavailable to users. Hackers initiate such an attack by overwhelming a target computer with more traffic than it can handle. Distributed Denial-of-Service Attack A distributed DoS (DDoS) attack directs overwhelming amounts of traffic from multiple compromised devices that make up a botnet to a target computer.

Video

8	What is Authentication? In computing, authentication is the process of verifying the identity of a person or device. A common example is entering a username and password when you log in to a website. Entering the correct login information lets the website know 1) who you are and 2) that it is actually you accessing the website. While a username/password combination is a common way to authenticate your identity, many other types of authentication exist. For example, you might use a four or six-digit passcode to unlock your phone. A single password may be required to log on to your laptop or work computer. Every time you check or send email, the mail server verifies your identity by matching your email address with the correct password. This information is often saved by your web browser or email program so you do not have to enter it each time. Biometrics may also be used for authentication. For example, many smartphones have a fingerprint sensor that allows you to unlock your phone with a simple tap of your thumb or finger. Some facilities have retinal scanners, which require an eye scan to allow authorized individuals to access secure areas. Apple's Face ID (introduced with the iPhone X) authenticates users by facial recognition.
Video

9

Symmetric Cipher Model: (uses a single secret key for both encryption & decryption) Where, K= Secret Key X = Plaintext/Message Ciphertext Y = E(X,K) Decrypted/Plaintext X = D(Y,K) A symmetric encryption scheme has five components: Plaintext: This is the original intelligible message or data that is fed into the algorithm as input. Encryption algorithm: The encryption algorithm performs various substitutions and transformations on the plaintext. Secret key: The secret key is also input to the encryption algorithm.The key is a value independent of the plaintext and of the algorithm. The algorithm will produce a different output depending on the specific key being used at the time.The exact substitutions and transformations performed by the algorithm depend on the key. Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the secret key. For a given message, two different keys will produce two different ciphertexts. The ciphertext is an apparently random stream of data and, as it stands, is unintelligible. Decryption algorithm: This is essentially the encryption algorithm run in reverse. It takes the ciphertext and the secret key and produces the original plaintext.

Feistel Cipher is not a specific scheme of block cipher. It is a design model from which many different block ciphers are derived. DES is just one example of a Feistel Cipher. A cryptographic system based on Feistel cipher structure uses the same algorithm for both encryption and decryption. Encryption Process The encryption process uses the Feistel structure consisting multiple rounds of processing of the plaintext, each round consisting of a “substitution” step followed by a permutation step. Feistel Structure is shown in the following illustration − The input block to each round is divided into two halves that can be denoted as L and R for the left half and the right half. In each round, the right half of the block, R, goes through unchanged. But the left half, L, goes through an operation that depends on R and the encryption key. First, we apply an encrypting function ‘f’ that takes two input − the key K and R. The function produces the output f(R,K). Then, we XOR the output of the mathematical function with L. In real implementation of the Feistel Cipher, such as DES, instead of using the whole encryption key during each round, a round-dependent key (a subkey) is derived from the encryption key. This means that each round uses a different key, although all these subkeys are related to the original key. The permutation step at the end of each round swaps the modified L and unmodified R. Therefore, the L for the next round would be R of the current round. And R for the next round be the output L of the current round. Above substitution and permutation steps form a ‘round’. The number of rounds are specified by the algorithm design. Once the last round is completed then the two sub blocks, ‘R’ and ‘L’ are concatenated in this order to form the ciphertext block. The difficult part of designing a Feistel Cipher is selection of round function ‘f’. In order to be unbreakable scheme, this function needs to have several important properties that are beyond the scope of our discussion. Decryption Process The process of decryption in Feistel cipher is almost similar. Instead of starting with a block of plaintext, the ciphertext block is fed into the start of the Feistel structure and then the process thereafter is exactly the same as described in the given illustration. The process is said to be almost similar and not exactly same. In the case of decryption, the only difference is that the subkeys used in encryption are used in the reverse order. The final swapping of ‘L’ and ‘R’ in last step of the Feistel Cipher is essential. If these are not swapped then the resulting ciphertext could not be decrypted using the same algorithm. What is DES? The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST). DES is an implementation of a Feistel Cipher. It uses 16 round Feistel structure. The block size is 64-bit. Though, key length is 64-bit, DES has an effective key length of 56 bits, since 8 of the 64 bits of the key are not used by the encryption algorithm (function as check bits only). General Structure of DES is depicted in the following illustration − Since DES is based on the Feistel Cipher, all that is required to specify DES is − Round function Key schedule Any additional processing − Initial and final permutation