SlideShare une entreprise Scribd logo

Cyber security

Télécharger en tant que PPTX, PDF
J
JahirUddinKomol

A presentation on cybersecurity.

Internet
1  sur  42
CYBER SECURITY WORKSHOP Organized By: RIGHT Org.
OUTLINE • Network Fundamentals • OSI • TCP/IP • Protocols • Information security • Overview • Components • Common Attacks • Cryptography • Traditional • Modern • Authorization & Authentication • Firewall • Access control • Next Generation • Hack The Box • Tools • VM • Packet Tracer • Kali & Nethunter
NETWORK FUNDAMENTALS INTRODUCTION A network is a set of devices (often referred to as nodes) connected by communication links. A node can be a computer, printer, or any other device capable of sending and/or receiving data generated by other nodes on the network. Standards: De facto standards that have not been approved by an organized body but have been adopted as standards through widespread use. De jure those standards that have been legislated by an officially recognized body. ISO, IEEE, ANSI, TIA, IETF, ITU-T
LAYERED TASKS
OSI REFERENCE MODEL • De Jure Standard Established in 1947, the International Standards Organization (ISO) is a multinational body dedicated to worldwide agreement on international standards. An ISO standard that covers all aspects of network communications is the Open Systems Interconnection (OSI) model. It was first introduced in the late 1970s.
AN EXCHANGE USING THE OSI MODEL
TCP/IP MODEL • Open De Facto Standard • Governed by IETF Working • Support for a flexible architecture • Adding more system to a network is easy. • In TCP/IP, the network remains intact until the source, and destination machines were functioning properly. • TCP is a connection-oriented protocol. • TCP offers reliability and ensures that data which arrives out of sequence should put back into order. • TCP allows you to implement flow control, so sender never overpowers a receiver with data.
INFORMATION SECURITY OVERVIEW • What is security? • In general, security is “The quality or state of being secure that is to be free from danger”. • To be protected from adversaries from those • who would do harm, intentionally or otherwise • A successful organization should have • Physical security is to protect • physical objects, or areas of an organization from unauthorized access and misuse • Personal Security is to protect • individual or group who are authorized to access the organization and its operations • Operations Security is to protect • details of a particular operation or series of activities • Communications Security is to protect • an organization’s communications media, technology, and content • Network security is to protect • networking components ,connections, and contents • Information Security is to protect • information, critical elements, including the systems and hardware.
INFORMATION SECURITY An Information System is much more than computer hardware. It is the security of entire set: • software, hardware, data, people, and procedures necessary to use information as a resource • within and outside the organization Briefly, information security is a work of • Securing the component • computer as a subject of attack (compute used as active tools for attack) • computer as a object of attack (it is the entity being attack) • Security and Access Balancing • Perfect security is not possible • Security should be considered a balance between protection and availability • Security must allow reasonable access • yet protect against threat
INFORMATION SECURITY COMPONENTS CIA Triad: C.I.A. triad is considered the industry standard for security. It is solely based on three components
COMPONENTS OF InfoSec • Confidentiality • concealment of information or resources • only seen by people who have the right to see it • keeping information secret from unauthorized access • Integrity • refers to the trustworthiness of data or resources • preventing improper or unauthorized change • ensuring that information remains intact and unaltered • includes both the correctness and the trustworthiness of the data • Availability • ability to use the information or resource desired • having access to your information when you need it • no person or event is able to block legitimate or timely access to information • Information is useless if it is not available • In some cases information needs to be changed constantly • it must be accessible to those authorized to access it
ADDITIONAL OBJECTIVES • Authenticity • being genuine and able to be verified or trust • to ensure that the data, transactions, communications or documents • are genuine • authenticity to validate that both parties involved are who they claim to be • Accountability • involves actions of an entity can be traced uniquely • nonrepudiation, deterrence, fault isolation, intrusion, detection and prevention • one party of a transaction cannot deny having received a transaction • nor can the other party deny having sent a transaction • Non-repudiation implies one’s intention to fulfill their obligations to a contract
COMMON SECURITY ATTACKS • Attacks Threatening Confidentiality • snooping and traffic analysis • Snooping refers to unauthorized access to or interception of data • Traffic analysis: information collected by an intruder by monitoring online traffic • Attacks Threatening Integrity • modification, masquerading, replaying and repudiation of information • Attacks Threatening Availability • Denial of Service (DOS) attack • Make system so busy that it might collapses • intercept message sent in one direction such that • Sending system believe that other party or message has lost • It should be resent
COMMON SECURITY ATTACKS • Interruption: This is an attack on availability • Disrupting traffic • Physically breaking communication line • Interception: This is an attack on confidentiality • Overhearing, eavesdropping over a communication line • Modification: This is an attack on integrity • Corrupting transmitted data or tampering with it before it reaches its destination • Fabrication: This is an attack on authenticity • Faking data as if it were created by a legitimate and authentic party
CRYPTOGRAPHY Cryptography!! • Greek word, means “Secret Writing” • Cryptography is used for information security • To protect information from unauthorized or accidental disclosure • Transform usable information to a for that renders • unusable by anyone other than an authorized user • this process is called encryption • original message is known as plain text • message sent through channel is referred to as cypher text • Encrypted information can be transformed back into original usable form • known as decryption • done by cryptographic key
CYPHER TEXT GENERATION Types of cypher text • Traditional Ciphers: hiding information from intruders • Substitution Ciphers • Replace one symbol with another • plain text characters are replaced by other characters • Transposition Ciphers • Does not substitute • change the position of the symbols • Modern symmetric key cyphers • traditional cypher is no longer secure ?? • thus, modern symmetric-key ciphers have been developed • combination of substitution, transposition and some other complex transformations • Examples • DES: Data Encryption Standard: developed by NIST in 1977; • AES: Advanced Encryption Standard: NIST in 2001 (shortcoming of DES)
CRYPTOGRAPHY ASYMMETRIC KEY Asymmetric Key Cryptography • used for confidentiality • Unlike symmetric key cryptography; distinctive keys are used • Private key and public key • A public key encryption is only decrypt by private key Both symmetric and asymmetric exist in parallel • In symmetric key cryptography a secret token is shared between two parties • in asymmetric key cryptography: token is unshared by two parties. Creates their own token • issues are: performance?? Key transfer?? Complement of each other(!!) • advantage of one compensate the disadvantage of others
CRYPTOGRAPHY TERMINOLOGIES • Plaintext – original text • Cipher Text – Encrypted text • Cryptology – the art and science of making and breaking “secret codes.” • Cryptography – the making of “secret codes.” • Cryptanalysis – the breaking of “secret codes.” • Crypto — a synonym for any or all of the above (and more), where the precise meaning should be clear from context • Decrypt – cipher text to plain text We will discuss on • Classical Crypto-system • Symmetric key cryptography • Public key cryptography • Hash functions • Advanced Cryptanalysis
OBJECTIVES OF CRYPTOSYSTEM Objectives of the Cryptosystem • make it infeasible to recover plain text from ciphertext However, According to Kerckhoffs’ Principle • Inner working mechanisms of cryptography are completely known to the attacker • Design of cipher is not secret • cipher – must not require to be secret Why? • Reverse engineering may discover the technique • crypto algorithm must be tested with extensive public analysis • without rigorous public testing – it may failed (ex. microsoft) Security?: Best known attack on the system is impractical, in the sense of being computationally impossible.
CLASSICAL CRYPTO SYSTEM SUBSTITUTION Cryptography for Confidentiality • Substitution • Transposition Substitution Method • cipher text generated by substituting the letter of n places ahead of current letter • By looking each plain text letter and substitute by another letter Convention: plain text in lowercase. cipher text in uppercase Brute-force attack and exhaustive key search How large the keyspace is?. If 240 per second • keyspace of 256 can be exhausted in 216 seconds, 264 would take more than half a year; 2128 requires nine quintillion years.
CLASSICAL CRYPTO SYSTEM SUBSTITUTION Other efficient way to break • english letter frequency count • match with cipher text frequency count
CLASSICAL CRYPTO SYSTEM TRANSPOSITION Double Transposition Method • Write the plain text into an array or matrix • permute rows and columns • suppose plain text in 3 × 4 matrix Now, if we permute the rows according to (1, 2, 3) → (3, 2, 1) and then transpose the columns according to (1, 2, 3, 4) → (4, 2, 1, 3) we obtain, Cipher text is the final array Bad news are in transposition symbols are there Good news is – to break statistical information is not helpful
SYMMETRIC CRYPTOGRAPHY BLOCK CIPHER Block Cipher • Splits plain text in fixed-sized blocks • generated fixed-sized blocks of cipher • an iterating function F is used for some number of round • The function F is depends of output of the previous round and key K • F is known as round function • Example: Feistel Cipher describe the general principle
DATA ENCRYPTION STANDARD Data Encryption Standard • Developed in 1970 by IBM called Lucifer cipher • For commercial use US NBS (now NIST) issues a request for cipher • NBS has little number of crypto expert, therefore they turned to Gov secret agency NSA. NSA design and use cipher and it is super secret • But NSA was reluctant to get involved with DES • Under pressure they agreed to study the Lucifer cipher provided that its role would not be public • eventually, people think NSA may placed backdoor so NSA along can break the code • NSA changes the original Lucifer cipher to design DES • Key length reduced to 64 from 128 • Also, found that 8-bits of 64-bits key was effectively discarded • exhaustive key search reduce from 2127 to 255
DES STRUCTURE • Change was made in Lucifer to involve substitution box or S-boxes • 16-round • 64-bit block length • 56-bit key • 48-bit subkey from 56-bit key • eight S-boxes map 6-bits to • 4-bits. 48-bits to 32-bits. • Lookup table • round function as • Ri = Li−1⊕[F(Ri−1,Ki) = P−box(S−boxes(Exapnd(Ri−1)⊕Ki))] • Li = Ri−1
DES: DISCUSSION Comments on DES • Mathematicians are very good at solving linear equations • only part S-Box is non-linear of DES and it is the fundamental security component • DES is today vulnerable because of the key is too small • In theory, less work or computation is needed for exhaustive key search • It was designed to process in a system with small (byte) sized words • Variation is triple-DES with large key is more effective
PUBLIC KEY CRYPTOGRAPHY In Symmetric Cryptography • Same key is used for encryption and decryption • Need secure distribution of key!! – important problem Asymmetric Key Cryptography • Two different keys are used for encryption and decryption • Eliminate most vexing problem to distribute symmetric key • Public key for encryption • Private key for decryption • Some public keys are used only to transfer symmetric key
PUBLIC KEY ENCRYPTION BACKGROUND Background • Is invented by GCHQ (British equivalent of NSA) in late 1960-70 and Academic researcher shortly thereafter. • Government cannot grasp the full potential of Public key encryption • Compared to symmetric key, public key is recent. • it was a revolution of cryptography • it lay dormant until the academicians pushed it into the limelight Based on very special mathematical structure. It also based on trapdoor one way function. Compute one direction but hard to compute other directions. • A trap door feature ensure that attacker cannot use public information to recover the private information
HOW DOES IT WORK? General Idea • Generates two prime numbers p and p provides very large N where N = pq • for a given sufficiently large N, it is difficult to find factors p and q • Two large key pair Public Key and Private Key. • Any one want to transfer data to receiver must use receiver public key to encrypt • Only receiver’s private key can decrypt the message • For digital signature – sender use it’s private key to encrypt and any one can verify (integrity) sender’s message (decrypt) by using sender’s public key. • sender’s digital signature is attached with the message therefore copy of signature is not possible • example: knapsack cryptography – one of the first practical example of public key encryption
KNAPSACK PUBLIC KEY CRYPTOGRAPHY Knapsack Public Key Cryptography • Diffie and Hellman conjectured that public cryptography is possible • They only offer key exchange policy • nearly at the same time: Merkle-Hellman proposed a cryptosystem based on NP-Hard problem • For the cryptosystem Knapsack problem is defined as, Definition (Knapsack Problem) Given a set (n) of weight as W0, W1, · · · , Wn−1 and desired sum S, find a0, a1, a2, · · · , an−1 for each ai ∈ {0, 1}. So that S = a0W0 + a1W1 + a2W2 + · · · + an−1Wn−1 with a maximum number of elements
KNAPSACK PROBLEM EXAMPLE Suppose the weights are: 85, 13, 9, 7, 47, 27, 99, 86 and S = 172 then the solution exists and given by, a = (a0, a1, a2, a3, a4, a5, a6, a7) = (11001100) since, 85 + 13 + 47 + 27 = 172 • Knapsack problem is NP-Complete but special Knapsack superincreasing knapsack can be solved in linear time • Definition (Superincreasing Knapsack) • It is variant of general Knapsack where weights are arranged in increasing order such that each weight is greater than sum of previous weights as, Wi> 𝑗=0 𝑖−1 𝑊𝑗 Example: 3, 6, 11, 25, 46, 95, 200, 411
KNAPSACK CRYPTOGRAPHY Steps of Knapsack Cryptography • Generate a superincreasing Knapsack, example: (2, 3, 7, 14, 30, 57, 120, 251) • Convert the superincreasing knapsack into a general knapsack. • Choose n and m relatively prime; • where m is a multiplier and n is greater sum of all elements • convert general knapsack to superincreasing knapsack • The public key is the general knapsack. • The private key is the superincreasing knapsack together with the conversion factors
CONVERT TO SUPERINCREASING KNAPSACK Let multiplier m = 41 and modulus n = 491 then for the following superincreasing Knapsack: (2, 3, 7, 14, 30, 57, 120, 251), the general Knapsack is 2m = 2 × 41 = 82 mod 491 3m = 3 × 41 = 123 mod 491 7m = 7 × 41 = 287 mod 491 14m = 14 × 41 = 83 mod 491 30m = 30 × 41 = 248 mod 491 57m = 57 × 41 = 373 mod 491 120m = 120 × 41 = 10 mod 491 251m = 251 × 41 = 471 mod 491 ≡ {82, 123, 287, 83, 248, 373, 10, 471} Therefore, the public key is {82, 123, 287, 83, 248, 373, 10, 471} and the private key is {2, 3, 7, 14, 30, 57, 120, 251, 12} and multiplicative inverse(modulo) 41−1 mod 491 = 12. Which can be determined 12 = (w × 491)/41 + 1, w > 0 such that (w × 491) is divisible by m = 41.
EXAMPLE Example (public key encryption) Let M = 11001011, and public and private keys are show as above, then, encrypt message M: C = 82 + 123 + 248 + 10 + 471 = 934 Decrypt cipher text C: C.𝑚−1mod n = (934 × 12) mod 491 = 406 Now solve the super increasing Knapsack problem as, and the solution is 2 × 1 + 3 × 1 + 7 × 0 + 14 × 0 + 30 × 1 + 57 × 0 + 120 × 1 + 251 × 1 = 2 + 3 + 30 + 120 + 251 = 406 and the message is 11001011
DOWNSIDE OF KNAPSACK CIPHER Downside of Knapsack cipher • General Knapsack is a NP-Complete problem • The bottom line is that the general Knapsack which is generated from superincreasing Knapsack is not really a General Knapsack • In 1983 Shamir broke it using apple II computer • The lattice reduction attack take the advantages of such structure • lattice reduction attack – easily recover plain text from cipher text • Therefore, it is not secure There are variant of Knapsack cipher, that are more secure, but people are reluctant to use them since the name “knapsack” is forever tainted
CRYPTOGRAPHIC HASH FUNCTION A cryptographic hash function h(x) must have the following features • Compression: for a input x, the output length of y = h(x) is small. In practice the length is fixed (e.g., 160 bits), regardless of the input • Efficiency: Must be easy to computer h(x) regardless of the input • On way: Not invertible; For a give y = h(x), for any x’ it is infeasible to compute y from h(x’) • Weak collision resistance: It is infeasible to change message without changing the hash. • For a given x and h(x), it is infeasible to find any y, with y 6= x such that h(y) = h(x) • Strong collision resistance: It’s infeasible to find any x and y, such that x != y and h(x) = h(y). Cannot find two input producing same output Let 128-bit hash calculated from 150-bits input, then there are 222 collision on average. The collision resistance property states that it should be computationally hard to calculate.
BIRTHDDAY ATTACK Birthday attack • recall the birthday problem we can find √2^N = 2^n/2different input, we can expect a collision or two input that hash the same value • the attacker can find the same value as h(M) = h(M’) (!!) • It is a brute-force attack similar to exhaustive key search
AUTHORIZATION Authorization • Authentication is the issue which establish identity • Authorization deals with situation where we already authenticated • The decision of authentication is binary permitted to enter the system or not • authorization can be a much more ne grained process • Firewall { is the form of access control for the network. • CAPTCHA which is a form of access control to restrict access to human • Intrusion detection come on scene when rewall fails • Authorization was often considered the heart of information security • today it seems like quaint notion.
ACCESS CONTROL MATRIX Lampson's access control matrix • this matrix contains all of the relevant information needed by an operating system • Make decision which user allowed to do and what to do • ACL and Capabilities (C-Lists) are derived from Lampson's access control matrix Subject: is the user of the system and Object is the system resources. An example: (Row present the subject, on the other hand column tells about objects)
FIREWALL Firewall -What does it mean? • A firewall acts a lot like a secretary for your network. • The firewall examines requests for access to your network, and it decides whether they pass a reasonableness test. • If so, they are allowed through, and, if not, they are refused. Firewall Terminology and Types • Packet Filter • Stateful packet filter • Application Proxy
HACK THE BOX
TOOLS • Virtual Machine • Oracle • Vmware • Packet Tracer • Cisco Packet Tracer • Wireshark • OS • KALI • Nethunter(for Mobile)

Recommandé

Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentalsManesh T
 
Session Slide
Session SlideSession Slide
Session SlideMuralidharan Radhakrishnan
 
Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Security Innovation
 
Incident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresIncident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresJose L. Quiñones-Borrero
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)Sam Bowne
 
Protecting Sensitive Data using Encryption and Key Management
Protecting Sensitive Data using Encryption and Key ManagementProtecting Sensitive Data using Encryption and Key Management
Protecting Sensitive Data using Encryption and Key ManagementStuart Marsh
 
CISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementCISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementSam Bowne
 

Recommandé

Security in computer systems fundamentals
Security in computer systems fundamentalsSecurity in computer systems fundamentals
Security in computer systems fundamentalsManesh T
 
Session Slide
Session SlideSession Slide
Session SlideMuralidharan Radhakrishnan
 
Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Protecting Sensitive Data (and be PCI Compliant too!)
Protecting Sensitive Data (and be PCI Compliant too!)Security Innovation
 
Incident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresIncident response, Hacker Techniques and Countermeasures
Incident response, Hacker Techniques and CountermeasuresJose L. Quiñones-Borrero
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)CISSP Prep: Ch 4. Security Engineering (Part 2)
CISSP Prep: Ch 4. Security Engineering (Part 2)Sam Bowne
 
Protecting Sensitive Data using Encryption and Key Management
Protecting Sensitive Data using Encryption and Key ManagementProtecting Sensitive Data using Encryption and Key Management
Protecting Sensitive Data using Encryption and Key ManagementStuart Marsh
 
CISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementCISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementSam Bowne
 
Crypto academy
Crypto academyCrypto academy
Crypto academyPaul Gillingwater, MBA
 
Pki 201 Key Management
Pki 201 Key ManagementPki 201 Key Management
Pki 201 Key ManagementNCC Group
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCUJose L. Quiñones-Borrero
 
CNIT 125 6. Identity and Access Management
CNIT 125 6. Identity and Access ManagementCNIT 125 6. Identity and Access Management
CNIT 125 6. Identity and Access ManagementSam Bowne
 
Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...
Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...
Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...Gurbir Singh
 
Network security
Network securityNetwork security
Network securityRaaz Karkee
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Positive Hack Days
 
CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYJyothishmathi Institute of Technology and Science Karimnagar
 
Paper1
Paper1Paper1
Paper1SpacSec
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionSachintha Gunasena
 
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)Sam Bowne
 
IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15Benjamin D. Brooks, CISSP
 
Security fundamentals
Security fundamentalsSecurity fundamentals
Security fundamentalsSofoklisEfremidisAIT
 
Security Issues in Internet of Things
Security Issues in Internet of ThingsSecurity Issues in Internet of Things
Security Issues in Internet of ThingsLohith Haravu Chandrashekar
 
CNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksCNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksSam Bowne
 
Security framework
Security frameworkSecurity framework
Security frameworkA-Seem C-Resta
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...EC-Council
 
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Digital Bond
 
Six steps for securing offshore development
Six steps for securing offshore developmentSix steps for securing offshore development
Six steps for securing offshore developmentgmaran23
 
Network security & cryptography
Network security & cryptographyNetwork security & cryptography
Network security & cryptographyKiran Patil
 
Cryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxCryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxSamiDan3
 
Cryptography
CryptographyCryptography
CryptographySourabh Badve
 

Contenu connexe

Tendances

Pki 201 Key Management
Pki 201 Key ManagementPki 201 Key Management
Pki 201 Key ManagementNCC Group
 
CNIT 125 6. Identity and Access Management
CNIT 125 6. Identity and Access ManagementCNIT 125 6. Identity and Access Management
CNIT 125 6. Identity and Access ManagementSam Bowne
 
Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...
Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...
Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...Gurbir Singh
 
Network security
Network securityNetwork security
Network securityRaaz Karkee
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Positive Hack Days
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionSachintha Gunasena
 
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)Sam Bowne
 
IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15Benjamin D. Brooks, CISSP
 
CNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksCNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksSam Bowne
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...EC-Council
 
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Digital Bond
 
Six steps for securing offshore development
Six steps for securing offshore developmentSix steps for securing offshore development
Six steps for securing offshore developmentgmaran23
 
Network security & cryptography
Network security & cryptographyNetwork security & cryptography
Network security & cryptographyKiran Patil
 

Tendances (20)

Crypto academy
Crypto academyCrypto academy
Crypto academy
 
Pki 201 Key Management
Pki 201 Key ManagementPki 201 Key Management
Pki 201 Key Management
 
Cryto Party at CCU
Cryto Party at CCUCryto Party at CCU
Cryto Party at CCU
 
CNIT 125 6. Identity and Access Management
CNIT 125 6. Identity and Access ManagementCNIT 125 6. Identity and Access Management
CNIT 125 6. Identity and Access Management
 
Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...
Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...
Prof. Fred Piper: Professor Fred Piper -: Cryptography - From Black Art to Po...
 
Network security
Network securityNetwork security
Network security
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
 
CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITY
 
Paper1
Paper1Paper1
Paper1
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
 
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
 
IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15IMA - Anatomy of an Attack - Presentation- 28Aug15
IMA - Anatomy of an Attack - Presentation- 28Aug15
 
Security fundamentals
Security fundamentalsSecurity fundamentals
Security fundamentals
 
Security Issues in Internet of Things
Security Issues in Internet of ThingsSecurity Issues in Internet of Things
Security Issues in Internet of Things
 
CNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer AttacksCNIT 123: Ch 3: Network and Computer Attacks
CNIT 123: Ch 3: Network and Computer Attacks
 
Security framework
Security frameworkSecurity framework
Security framework
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
 
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Incubation of ICS Malware (English)
Incubation of ICS Malware (English)
 
Six steps for securing offshore development
Six steps for securing offshore developmentSix steps for securing offshore development
Six steps for securing offshore development
 
Network security & cryptography
Network security & cryptographyNetwork security & cryptography
Network security & cryptography
 

Similaire à Cyber security

Cryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxCryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxSamiDan3
 
Security in Computer System
Security in Computer SystemSecurity in Computer System
Security in Computer SystemManesh T
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniquesMohitManna
 
information technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdfinformation technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdfwondimagegndesta
 
Information-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxInformation-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxanbersattar
 
Remote forensics fsec2016 delija draft
Remote forensics fsec2016 delija draftRemote forensics fsec2016 delija draft
Remote forensics fsec2016 delija draftDamir Delija
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYDEEPAK948083
 
Review of Information Security Concepts
Review of Information Security ConceptsReview of Information Security Concepts
Review of Information Security Conceptsprimeteacher32
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)Sam Bowne
 
Security issues in e business
Security issues in e businessSecurity issues in e business
Security issues in e businessRahul Kumar
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityAparnaSunil24
 
Data Network Security
Data Network SecurityData Network Security
Data Network SecurityAtif Rehmat
 

Similaire à Cyber security (20)

Cryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptxCryptography and Network Security-ch1-4.pptx
Cryptography and Network Security-ch1-4.pptx
 
Cryptography
CryptographyCryptography
Cryptography
 
Security in Computer System
Security in Computer SystemSecurity in Computer System
Security in Computer System
 
Network Security
Network SecurityNetwork Security
Network Security
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniques
 
Encrytion ppt
Encrytion pptEncrytion ppt
Encrytion ppt
 
Cryptography
CryptographyCryptography
Cryptography
 
chapter 1-4.pdf
chapter 1-4.pdfchapter 1-4.pdf
chapter 1-4.pdf
 
information technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdfinformation technology cryptography Msc chapter 1-4.pdf
information technology cryptography Msc chapter 1-4.pdf
 
Information-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptxInformation-Security-Lecture-8.pptx
Information-Security-Lecture-8.pptx
 
Remote forensics fsec2016 delija draft
Remote forensics fsec2016 delija draftRemote forensics fsec2016 delija draft
Remote forensics fsec2016 delija draft
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
 
Review of Information Security Concepts
Review of Information Security ConceptsReview of Information Security Concepts
Review of Information Security Concepts
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)
 
Security in e commerce
Security in e commerceSecurity in e commerce
Security in e commerce
 
Security issues in e business
Security issues in e businessSecurity issues in e business
Security issues in e business
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
cyber security.pptx
cyber security.pptxcyber security.pptx
cyber security.pptx
 
Module-1.ppt cryptography and network security
Module-1.ppt cryptography and network securityModule-1.ppt cryptography and network security
Module-1.ppt cryptography and network security
 
Data Network Security
Data Network SecurityData Network Security
Data Network Security
 

Dernier

Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...tanu pandey
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...kajalverma014
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"growthgrids
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdfMatthew Sinclair
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...SUHANI PANDEY
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查ydyuyu
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...roncy bisnoi
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...singhpriety023
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...SUHANI PANDEY
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftAanSulistiyo
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...nirzagarg
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
 
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋nirzagarg
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...Neha Pandey
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...nilamkumrai
 

Dernier (20)

Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
 
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
 
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
 

Cyber security

  • 2. OUTLINE • Network Fundamentals • OSI • TCP/IP • Protocols • Information security • Overview • Components • Common Attacks • Cryptography • Traditional • Modern • Authorization & Authentication • Firewall • Access control • Next Generation • Hack The Box • Tools • VM • Packet Tracer • Kali & Nethunter
  • 3. NETWORK FUNDAMENTALS INTRODUCTION A network is a set of devices (often referred to as nodes) connected by communication links. A node can be a computer, printer, or any other device capable of sending and/or receiving data generated by other nodes on the network. Standards: De facto standards that have not been approved by an organized body but have been adopted as standards through widespread use. De jure those standards that have been legislated by an officially recognized body. ISO, IEEE, ANSI, TIA, IETF, ITU-T
  • 5. OSI REFERENCE MODEL • De Jure Standard Established in 1947, the International Standards Organization (ISO) is a multinational body dedicated to worldwide agreement on international standards. An ISO standard that covers all aspects of network communications is the Open Systems Interconnection (OSI) model. It was first introduced in the late 1970s.
  • 6. AN EXCHANGE USING THE OSI MODEL
  • 7. TCP/IP MODEL • Open De Facto Standard • Governed by IETF Working • Support for a flexible architecture • Adding more system to a network is easy. • In TCP/IP, the network remains intact until the source, and destination machines were functioning properly. • TCP is a connection-oriented protocol. • TCP offers reliability and ensures that data which arrives out of sequence should put back into order. • TCP allows you to implement flow control, so sender never overpowers a receiver with data.
  • 8. INFORMATION SECURITY OVERVIEW • What is security? • In general, security is “The quality or state of being secure that is to be free from danger”. • To be protected from adversaries from those • who would do harm, intentionally or otherwise • A successful organization should have • Physical security is to protect • physical objects, or areas of an organization from unauthorized access and misuse • Personal Security is to protect • individual or group who are authorized to access the organization and its operations • Operations Security is to protect • details of a particular operation or series of activities • Communications Security is to protect • an organization’s communications media, technology, and content • Network security is to protect • networking components ,connections, and contents • Information Security is to protect • information, critical elements, including the systems and hardware.
  • 9. INFORMATION SECURITY An Information System is much more than computer hardware. It is the security of entire set: • software, hardware, data, people, and procedures necessary to use information as a resource • within and outside the organization Briefly, information security is a work of • Securing the component • computer as a subject of attack (compute used as active tools for attack) • computer as a object of attack (it is the entity being attack) • Security and Access Balancing • Perfect security is not possible • Security should be considered a balance between protection and availability • Security must allow reasonable access • yet protect against threat
  • 10. INFORMATION SECURITY COMPONENTS CIA Triad: C.I.A. triad is considered the industry standard for security. It is solely based on three components
  • 11. COMPONENTS OF InfoSec • Confidentiality • concealment of information or resources • only seen by people who have the right to see it • keeping information secret from unauthorized access • Integrity • refers to the trustworthiness of data or resources • preventing improper or unauthorized change • ensuring that information remains intact and unaltered • includes both the correctness and the trustworthiness of the data • Availability • ability to use the information or resource desired • having access to your information when you need it • no person or event is able to block legitimate or timely access to information • Information is useless if it is not available • In some cases information needs to be changed constantly • it must be accessible to those authorized to access it
  • 12. ADDITIONAL OBJECTIVES • Authenticity • being genuine and able to be verified or trust • to ensure that the data, transactions, communications or documents • are genuine • authenticity to validate that both parties involved are who they claim to be • Accountability • involves actions of an entity can be traced uniquely • nonrepudiation, deterrence, fault isolation, intrusion, detection and prevention • one party of a transaction cannot deny having received a transaction • nor can the other party deny having sent a transaction • Non-repudiation implies one’s intention to fulfill their obligations to a contract
  • 13. COMMON SECURITY ATTACKS • Attacks Threatening Confidentiality • snooping and traffic analysis • Snooping refers to unauthorized access to or interception of data • Traffic analysis: information collected by an intruder by monitoring online traffic • Attacks Threatening Integrity • modification, masquerading, replaying and repudiation of information • Attacks Threatening Availability • Denial of Service (DOS) attack • Make system so busy that it might collapses • intercept message sent in one direction such that • Sending system believe that other party or message has lost • It should be resent
  • 14. COMMON SECURITY ATTACKS • Interruption: This is an attack on availability • Disrupting traffic • Physically breaking communication line • Interception: This is an attack on confidentiality • Overhearing, eavesdropping over a communication line • Modification: This is an attack on integrity • Corrupting transmitted data or tampering with it before it reaches its destination • Fabrication: This is an attack on authenticity • Faking data as if it were created by a legitimate and authentic party
  • 15. CRYPTOGRAPHY Cryptography!! • Greek word, means “Secret Writing” • Cryptography is used for information security • To protect information from unauthorized or accidental disclosure • Transform usable information to a for that renders • unusable by anyone other than an authorized user • this process is called encryption • original message is known as plain text • message sent through channel is referred to as cypher text • Encrypted information can be transformed back into original usable form • known as decryption • done by cryptographic key
  • 16. CYPHER TEXT GENERATION Types of cypher text • Traditional Ciphers: hiding information from intruders • Substitution Ciphers • Replace one symbol with another • plain text characters are replaced by other characters • Transposition Ciphers • Does not substitute • change the position of the symbols • Modern symmetric key cyphers • traditional cypher is no longer secure ?? • thus, modern symmetric-key ciphers have been developed • combination of substitution, transposition and some other complex transformations • Examples • DES: Data Encryption Standard: developed by NIST in 1977; • AES: Advanced Encryption Standard: NIST in 2001 (shortcoming of DES)
  • 17. CRYPTOGRAPHY ASYMMETRIC KEY Asymmetric Key Cryptography • used for confidentiality • Unlike symmetric key cryptography; distinctive keys are used • Private key and public key • A public key encryption is only decrypt by private key Both symmetric and asymmetric exist in parallel • In symmetric key cryptography a secret token is shared between two parties • in asymmetric key cryptography: token is unshared by two parties. Creates their own token • issues are: performance?? Key transfer?? Complement of each other(!!) • advantage of one compensate the disadvantage of others
  • 18. CRYPTOGRAPHY TERMINOLOGIES • Plaintext – original text • Cipher Text – Encrypted text • Cryptology – the art and science of making and breaking “secret codes.” • Cryptography – the making of “secret codes.” • Cryptanalysis – the breaking of “secret codes.” • Crypto — a synonym for any or all of the above (and more), where the precise meaning should be clear from context • Decrypt – cipher text to plain text We will discuss on • Classical Crypto-system • Symmetric key cryptography • Public key cryptography • Hash functions • Advanced Cryptanalysis
  • 19. OBJECTIVES OF CRYPTOSYSTEM Objectives of the Cryptosystem • make it infeasible to recover plain text from ciphertext However, According to Kerckhoffs’ Principle • Inner working mechanisms of cryptography are completely known to the attacker • Design of cipher is not secret • cipher – must not require to be secret Why? • Reverse engineering may discover the technique • crypto algorithm must be tested with extensive public analysis • without rigorous public testing – it may failed (ex. microsoft) Security?: Best known attack on the system is impractical, in the sense of being computationally impossible.
  • 20. CLASSICAL CRYPTO SYSTEM SUBSTITUTION Cryptography for Confidentiality • Substitution • Transposition Substitution Method • cipher text generated by substituting the letter of n places ahead of current letter • By looking each plain text letter and substitute by another letter Convention: plain text in lowercase. cipher text in uppercase Brute-force attack and exhaustive key search How large the keyspace is?. If 240 per second • keyspace of 256 can be exhausted in 216 seconds, 264 would take more than half a year; 2128 requires nine quintillion years.
  • 21. CLASSICAL CRYPTO SYSTEM SUBSTITUTION Other efficient way to break • english letter frequency count • match with cipher text frequency count
  • 22. CLASSICAL CRYPTO SYSTEM TRANSPOSITION Double Transposition Method • Write the plain text into an array or matrix • permute rows and columns • suppose plain text in 3 × 4 matrix Now, if we permute the rows according to (1, 2, 3) → (3, 2, 1) and then transpose the columns according to (1, 2, 3, 4) → (4, 2, 1, 3) we obtain, Cipher text is the final array Bad news are in transposition symbols are there Good news is – to break statistical information is not helpful
  • 23. SYMMETRIC CRYPTOGRAPHY BLOCK CIPHER Block Cipher • Splits plain text in fixed-sized blocks • generated fixed-sized blocks of cipher • an iterating function F is used for some number of round • The function F is depends of output of the previous round and key K • F is known as round function • Example: Feistel Cipher describe the general principle
  • 24. DATA ENCRYPTION STANDARD Data Encryption Standard • Developed in 1970 by IBM called Lucifer cipher • For commercial use US NBS (now NIST) issues a request for cipher • NBS has little number of crypto expert, therefore they turned to Gov secret agency NSA. NSA design and use cipher and it is super secret • But NSA was reluctant to get involved with DES • Under pressure they agreed to study the Lucifer cipher provided that its role would not be public • eventually, people think NSA may placed backdoor so NSA along can break the code • NSA changes the original Lucifer cipher to design DES • Key length reduced to 64 from 128 • Also, found that 8-bits of 64-bits key was effectively discarded • exhaustive key search reduce from 2127 to 255
  • 25. DES STRUCTURE • Change was made in Lucifer to involve substitution box or S-boxes • 16-round • 64-bit block length • 56-bit key • 48-bit subkey from 56-bit key • eight S-boxes map 6-bits to • 4-bits. 48-bits to 32-bits. • Lookup table • round function as • Ri = Li−1⊕[F(Ri−1,Ki) = P−box(S−boxes(Exapnd(Ri−1)⊕Ki))] • Li = Ri−1
  • 26. DES: DISCUSSION Comments on DES • Mathematicians are very good at solving linear equations • only part S-Box is non-linear of DES and it is the fundamental security component • DES is today vulnerable because of the key is too small • In theory, less work or computation is needed for exhaustive key search • It was designed to process in a system with small (byte) sized words • Variation is triple-DES with large key is more effective
  • 27. PUBLIC KEY CRYPTOGRAPHY In Symmetric Cryptography • Same key is used for encryption and decryption • Need secure distribution of key!! – important problem Asymmetric Key Cryptography • Two different keys are used for encryption and decryption • Eliminate most vexing problem to distribute symmetric key • Public key for encryption • Private key for decryption • Some public keys are used only to transfer symmetric key
  • 28. PUBLIC KEY ENCRYPTION BACKGROUND Background • Is invented by GCHQ (British equivalent of NSA) in late 1960-70 and Academic researcher shortly thereafter. • Government cannot grasp the full potential of Public key encryption • Compared to symmetric key, public key is recent. • it was a revolution of cryptography • it lay dormant until the academicians pushed it into the limelight Based on very special mathematical structure. It also based on trapdoor one way function. Compute one direction but hard to compute other directions. • A trap door feature ensure that attacker cannot use public information to recover the private information
  • 29. HOW DOES IT WORK? General Idea • Generates two prime numbers p and p provides very large N where N = pq • for a given sufficiently large N, it is difficult to find factors p and q • Two large key pair Public Key and Private Key. • Any one want to transfer data to receiver must use receiver public key to encrypt • Only receiver’s private key can decrypt the message • For digital signature – sender use it’s private key to encrypt and any one can verify (integrity) sender’s message (decrypt) by using sender’s public key. • sender’s digital signature is attached with the message therefore copy of signature is not possible • example: knapsack cryptography – one of the first practical example of public key encryption
  • 30. KNAPSACK PUBLIC KEY CRYPTOGRAPHY Knapsack Public Key Cryptography • Diffie and Hellman conjectured that public cryptography is possible • They only offer key exchange policy • nearly at the same time: Merkle-Hellman proposed a cryptosystem based on NP-Hard problem • For the cryptosystem Knapsack problem is defined as, Definition (Knapsack Problem) Given a set (n) of weight as W0, W1, · · · , Wn−1 and desired sum S, find a0, a1, a2, · · · , an−1 for each ai ∈ {0, 1}. So that S = a0W0 + a1W1 + a2W2 + · · · + an−1Wn−1 with a maximum number of elements
  • 31. KNAPSACK PROBLEM EXAMPLE Suppose the weights are: 85, 13, 9, 7, 47, 27, 99, 86 and S = 172 then the solution exists and given by, a = (a0, a1, a2, a3, a4, a5, a6, a7) = (11001100) since, 85 + 13 + 47 + 27 = 172 • Knapsack problem is NP-Complete but special Knapsack superincreasing knapsack can be solved in linear time • Definition (Superincreasing Knapsack) • It is variant of general Knapsack where weights are arranged in increasing order such that each weight is greater than sum of previous weights as, Wi> 𝑗=0 𝑖−1 𝑊𝑗 Example: 3, 6, 11, 25, 46, 95, 200, 411
  • 32. KNAPSACK CRYPTOGRAPHY Steps of Knapsack Cryptography • Generate a superincreasing Knapsack, example: (2, 3, 7, 14, 30, 57, 120, 251) • Convert the superincreasing knapsack into a general knapsack. • Choose n and m relatively prime; • where m is a multiplier and n is greater sum of all elements • convert general knapsack to superincreasing knapsack • The public key is the general knapsack. • The private key is the superincreasing knapsack together with the conversion factors
  • 33. CONVERT TO SUPERINCREASING KNAPSACK Let multiplier m = 41 and modulus n = 491 then for the following superincreasing Knapsack: (2, 3, 7, 14, 30, 57, 120, 251), the general Knapsack is 2m = 2 × 41 = 82 mod 491 3m = 3 × 41 = 123 mod 491 7m = 7 × 41 = 287 mod 491 14m = 14 × 41 = 83 mod 491 30m = 30 × 41 = 248 mod 491 57m = 57 × 41 = 373 mod 491 120m = 120 × 41 = 10 mod 491 251m = 251 × 41 = 471 mod 491 ≡ {82, 123, 287, 83, 248, 373, 10, 471} Therefore, the public key is {82, 123, 287, 83, 248, 373, 10, 471} and the private key is {2, 3, 7, 14, 30, 57, 120, 251, 12} and multiplicative inverse(modulo) 41−1 mod 491 = 12. Which can be determined 12 = (w × 491)/41 + 1, w > 0 such that (w × 491) is divisible by m = 41.
  • 34. EXAMPLE Example (public key encryption) Let M = 11001011, and public and private keys are show as above, then, encrypt message M: C = 82 + 123 + 248 + 10 + 471 = 934 Decrypt cipher text C: C.𝑚−1mod n = (934 × 12) mod 491 = 406 Now solve the super increasing Knapsack problem as, and the solution is 2 × 1 + 3 × 1 + 7 × 0 + 14 × 0 + 30 × 1 + 57 × 0 + 120 × 1 + 251 × 1 = 2 + 3 + 30 + 120 + 251 = 406 and the message is 11001011
  • 35. DOWNSIDE OF KNAPSACK CIPHER Downside of Knapsack cipher • General Knapsack is a NP-Complete problem • The bottom line is that the general Knapsack which is generated from superincreasing Knapsack is not really a General Knapsack • In 1983 Shamir broke it using apple II computer • The lattice reduction attack take the advantages of such structure • lattice reduction attack – easily recover plain text from cipher text • Therefore, it is not secure There are variant of Knapsack cipher, that are more secure, but people are reluctant to use them since the name “knapsack” is forever tainted
  • 36. CRYPTOGRAPHIC HASH FUNCTION A cryptographic hash function h(x) must have the following features • Compression: for a input x, the output length of y = h(x) is small. In practice the length is fixed (e.g., 160 bits), regardless of the input • Efficiency: Must be easy to computer h(x) regardless of the input • On way: Not invertible; For a give y = h(x), for any x’ it is infeasible to compute y from h(x’) • Weak collision resistance: It is infeasible to change message without changing the hash. • For a given x and h(x), it is infeasible to find any y, with y 6= x such that h(y) = h(x) • Strong collision resistance: It’s infeasible to find any x and y, such that x != y and h(x) = h(y). Cannot find two input producing same output Let 128-bit hash calculated from 150-bits input, then there are 222 collision on average. The collision resistance property states that it should be computationally hard to calculate.
  • 37. BIRTHDDAY ATTACK Birthday attack • recall the birthday problem we can find √2^N = 2^n/2different input, we can expect a collision or two input that hash the same value • the attacker can find the same value as h(M) = h(M’) (!!) • It is a brute-force attack similar to exhaustive key search
  • 38. AUTHORIZATION Authorization • Authentication is the issue which establish identity • Authorization deals with situation where we already authenticated • The decision of authentication is binary permitted to enter the system or not • authorization can be a much more ne grained process • Firewall { is the form of access control for the network. • CAPTCHA which is a form of access control to restrict access to human • Intrusion detection come on scene when rewall fails • Authorization was often considered the heart of information security • today it seems like quaint notion.
  • 39. ACCESS CONTROL MATRIX Lampson's access control matrix • this matrix contains all of the relevant information needed by an operating system • Make decision which user allowed to do and what to do • ACL and Capabilities (C-Lists) are derived from Lampson's access control matrix Subject: is the user of the system and Object is the system resources. An example: (Row present the subject, on the other hand column tells about objects)
  • 40. FIREWALL Firewall -What does it mean? • A firewall acts a lot like a secretary for your network. • The firewall examines requests for access to your network, and it decides whether they pass a reasonableness test. • If so, they are allowed through, and, if not, they are refused. Firewall Terminology and Types • Packet Filter • Stateful packet filter • Application Proxy
  • 42. TOOLS • Virtual Machine • Oracle • Vmware • Packet Tracer • Cisco Packet Tracer • Wireshark • OS • KALI • Nethunter(for Mobile)