Computer Science & Engineering (Cyber Security)

Laboratories

Digital Forensic Lab

Digital forensics is the process of storing, analyzing, retrieving, and preserving electronic data that may be useful in an investigation. It includes data from hard drives in computers, mobile phones, smart appliances, vehicle navigation systems, electronic door locks, and other digital devices. The process’s goal of digital forensics is to collect, analyze, and preserve evidence.

Digital forensics is the process of storing, analyzing, retrieving, and preserving electronic data that may be useful in an investigation. It includes data from hard drives in computers, mobile phones, smart appliances, vehicle navigation systems, electronic door locks, and other digital devices. The process’s goal of digital forensics is to collect, analyze, and preserving. Digital forensics or digital forensic science is a branch of cybersecurity focused on the recovery and investigation of material found in digital devices and cybercrimes. Digital forensics was originally used as a synonym for computer forensics but has expanded to cover the investigation of all devices that store digital data.

As society increases its reliance on computer systems and cloud computing, digital forensics becomes a crucial aspect of law enforcement agencies and businesses. Digital forensics is concerned with the identification, preservation, examination, and analysis of digital evidence, using scientifically accepted and validated processes, to be used in and outside of a court of law.
While its roots stretch back to the personal computing revolution in the late 1970s, digital forensics began to take shape in the 1990s and it wasn’t until the early 21st century that countries like the United States began rolling out nationwide policies.

Today, the technical aspect of an investigation is divided into five branches that encompass seizure, forensic imaging, and analysis of digital me

Digital Forensics Used For?

Digital forensics is used in both criminal and private investigations.

Traditionally, it is associated with criminal law where evidence is collected to support or negate a hypothesis before the court. Collected evidence may be used as part of intelligence gathering or to locate, identify or halt other crimes. As a result, data gathered may be held to a less strict standard than traditional forensics.

In civil cases, digital forensic teams may help with electronic discovery (eDiscovery). A common example is following unauthorized network intrusion. A forensics examiner will attempt to understand the nature and extent of the attack, as well as try to identify the attacker.
As encryption becomes more widespread, the forensic investigation becomes harder, due to the limited laws compelling individuals to disclose encryption keys.al

Objectives of Digital Forensics

Knowing the primary objectives of using digital forensics is essential for a complete understanding of what is digital forensics:

  • It aids in the recovery, analysis, and preservation of computers and related materials for the investigating agency to present them as evidence in a court of law
  • It aids in determining the motive for the crime and the identity of the primary perpetrator.
  • Creating procedures at a suspected crime scene to help ensure that the digital evidence obtained is not tainted.
  • Data acquisition and duplication: The process of recovering deleted files and partitions from digital media in order to extract and validate evidence.
  • Assists you in quickly identifying evidence and estimating the potential impact of malicious activity on the victim.
  • Creating a computer forensic report that provides comprehensive information on the investigation process.
  • Keeping the evidence safe by adhering to the chain of custody.

Tools Used For Digital Forensics

Digital forensic tools were developed to examine data on a device without causing damage to it. Digital forensic tools can also assist ICT managers in proactively identifying risk areas. Digital forensic tools are currently classified as digital forensic open-source tools, digital forensic hardware tools, and various others.

Popular instruments include:

  • Forensic disc controllers: enable the investigator to read the data from a target device while preventing it from being modified, corrupted, or erased.
  • Hard-drive duplicators: enable the investigator to copy data from a suspect thumb drive, hard drive, or memory card to a clean drive for analysis.
  • Password recovery devices: crack password-protected storage devices using machine learning algorithms.

Here are some of the most popular digital investigation tools:

  • The SleuthKit
  • OSForensic
  • FTK Imager
  • Hex Editor Neo
  • Bulk Extractor

Practicals

  • Study of Digital Forensics and different tools used for forensic investigation.
  • Study of Network Related Commands (Windows).
  • Study of Network related Commands (Linux).
  • How to Recover Deleted Files using Forensics Tools.
  • Study the steps for hiding and extract any text file behind an image file/ Audio file using Command Prompt.
  • How to make the forensic image of the hard drive using EnCase Forensics.
  • How to Restoring the Evidence Image using EnCase Forensics.
  • How to Collect Email Evidence in Victim PC.
  • Comparison of two Files for forensics investigation by Compare IT software.
  • Collecting Information about given Domain.
  • Crawling through Websites and Banner Grabbing using Google Search in Information Collection.
  • Live Forensics Case Investigation using Autopsy.
Cryptanalysis Lab

Cryptanalysis is the study and process of analyzing and decrypting ciphers, codes, and encrypted text without using the real key. Alternately, we can say it’s the technique of accessing a communication’s plain text content when you don’t have access to the decryption key. Put simply, cryptanalysis is the practice, science, or art of decrypting encrypted messages.

Cryptanalysis experts study ciphers, cryptosystems, and ciphertext to understand their functions. Then, they use that knowledge to find or improve techniques to weaken or defeat them. However, as we’re about to see, it can be used for good or nefarious purposes.

So, a cryptographer is someone who writes encryption code used in cybersecurity, while a cryptoanalyst is someone who tries to crack those encryption codes. Two opposing sides of the cybersecurity coin, locked in conflict, trying to one-up the other, constantly inventing new measures and countermeasures. This rivalry drives the innovation found in the cybersecurity field.

Cryptology has two parts namely, Cryptography which focuses on creating secret codes and Cryptanalysis which is the study of the cryptographic algorithm and the breaking of those secret codes. The person practicing Cryptanalysis is called a Cryptanalyst. It helps us to better understand the cryptosystems and also helps us improve the system by finding any weak point and thus work on the algorithm to create a more secure secret code. For example, a Cryptanalyst might try to decipher a ciphertext to derive the plaintext. It can help us to deduce the plaintext or the encryption key. Conduct penetration testing as directed by organizations that hire them to test their security.

Cryptanalysis is the decryption and inquiry of codes, ciphers or encrypted text. Cryptanalysis need numerical rule to search for algorithm susceptibility and divide into cryptography or information security systems.

The main objective of cryptanalysis is to discover weaknesses in or otherwise defeat encryption algorithms. This research can be used by cryptographers to enhance and strengthen or else restore irreparably flawed algorithms.

These type of attack exploits the nature of the algorithm to acquire the plaintext or the key being utilized from the encrypted message.

Cryptanalysis generally require a direct examination of the cryptosystem in place, frequently an advanced focused mathematical effort at decryption using data that is known about the encryption design.

These can involve intercepted encrypted messages (ciphertext), intercepted full, partial, likely, or associated initial messages (plaintext), or they can use data that is known for use adaptively in successive trials

Who Uses Cryptanalysis?

Unsurprisingly, hackers use cryptanalysis. Would-be hackers use cryptanalysis to root out cryptosystem vulnerabilities rather than a brute force attack. Governments use cryptanalysis to decipher the encrypted messages of other nations. Companies specializing in cybersecurity products and services use cryptanalysis to test their security features. Even the world of academia gets in on the action, with researchers and academicians looking for weaknesses in cryptographic algorithms and protocols.

Speaking of hackers, we should point out that both black and white-hat hackers use cryptanalysis. Black-hat hackers use it to commit cybercrimes, and white-hat hackers use it to.

Cryptanalysis Attacks and Techniques

There are many different forms of cryptanalysis attacks. However, the two most common techniques are:

Ciphertext-Only Attack 

The would-be attacker only has access to at least one encrypted message but does not know the plaintext data, any cryptographic key data used, or the encryption algorithm being employed. Intelligence agencies often face this challenge when they’ve intercepted encrypted communications from a target. However, this is a formidable attack to pull off, thanks to the lack of target data.

Known Plaintext Attack

This attack is easier to implement, compared to the ciphertext-only attack. With a known plaintext attack, the analyst most likely has access to some or all the ciphertext’s plaintext. The cryptanalyst’s goal is to discover the key the target uses to encrypt the message and use the key to decrypt the message. Once the key is discovered, the attacker can decrypt every message encrypted with that specific key. Known plaintext attacks rely on the attacker finding or guessing all or part of an encrypted message, or alternately, even the original plaintext’s format.

And here are some other attack types and techniques cybersecurity experts potentially must guard against:

Differential Cryptanalysis Attack

This plaintext attack variant targets block ciphers that analyze plaintext in pairs rather than individually. This approach lets the analyst determine how the algorithm in question works when it runs into different data types.

Man-in-the-Middle Attack

This attack occurs when the intruder finds a way to insert themselves into an otherwise secure channel between two parties that want to exchange keys. The cryptanalyst conducts the key exchange with each end-user, with the latter believing that they’re conducting the exchange with each other. Thus, the involved parties are none the wiser and are now using a key that the attacker knows.

Integral Cryptanalysis Attack

The integral cryptanalysis attack is like the differential cryptanalysis attack, but rather than using pairs of plaintexts, the attack relies on plaintext sets where part of the plaintext remains constant, and the remainder is modified.

Practicals

  • Write a program to perform encryption and decryption 3 using the following algorithms: a) Ceaser Cipher b) Substitution Cipher c) Hill Cipher
  • Implementation of various Stream Ciphers, such as, additive cipher, multiplicative cipher, and affine cipher with cryptanalysis.
  • Write a program to implement the DES and AES algorithm logic
  • Implementation of Euclidean’s algorithm, Chinese reminder theorem, Primality test, Fermat’s algorithms, Euler algorithm.
  • Write a program to implement the Blowfish algorithm
  • Using Cryptography, encrypt the text “Hello world” using Blow Fish.
  • Create your own key using Java key tool.
  • Write a program to implement RSA Algoithm,
  • Implement the Diffie Hellman Key Exchange mechanism using HTML and JavaScript.
  • Configure SSH (Secure Shell) and send/receive a file on this connection to verify the I correctness of this system using the configured parameters.
  • Calculate the message digest of a text using the SHA,1 algorithm in JAVA.
  • Calculate the message digest of a text using the MD5 algorithm in JAVA.
Cloud Security Lab

Cloud Security is the technology and best practices designed to protect data and information within a cloud architecture. Cloud security is  a critical component of any IT infrastructure strategy that uses the cloud. Cloud security ensures data privacy and compliance around data stored in the cloud.

Private clouds, public clouds, and hybrid clouds (combinations of both private and public cloud platforms have all grown in popularity, as well as the use of multiple public clouds in a multi-cloud strategy. Because of cloud computing’s distributed and dynamic nature, there are unique considerations when it comes to securing data within the cloud.

Cloud security is the set of strategies and practices for protecting data and applications that are hosted in the cloud. Like cyber security, cloud security is a very broad area, and it is never possible to prevent every variety of attack. However, a well-designed cloud security strategy vastly reduces the risk of cyber attacks.

Even with these risks, cloud computing is often more secure than on-premise computing. Most cloud providers have more resources for keeping data secure than individual businesses do, which lets cloud providers keep infrastructure up to date and patch vulnerabilities as soon as possible. A single business, on the other hand, may not have enough resources to perform these tasks consistently.

Note: Cloud security is not the same thing as Security-as-a-Service (SECaaS or SaaS), which refers to security products hosted in the cloud.

Why Security in the Cloud?

Cloud security includes controls and process improvements that strengthen the system, warn of potential attackers, and detect incidents when they do occur. Cloud security considerations should also include a business continuity plan and data backup plan in case of a security breach or other catastrophe. There are various cloud security solutions for the public cloud, private cloud and hybrid cloud involving a wide range of tools.

In public cloud environments, cloud security takes a shared responsibility model, which means that the cloud provider is responsible for the security of hardware and software, while the customer is responsible for the security of their own assets, including virtual machines, applications, and data.

Benefits of Cloud Security

Cloud security offers a variety of benefits, including:

  • Protection against attacks: A primary purpose of cloud security is to defend enterprises against hackers and distributed denial of service (DDoS) attacks.
  • Data security:Robust cloud security also protects sensitive data with precautions such as encryption to avoid information falling into the wrong hands.
  • Improved availability: Many cloud security services offer live monitoring and support, which improves availability in addition to addressing security concerns.
  • Increased reliability: A thoughtful cloud security approach includes built-in redundancy, leading to a more reliable experience.
  • Improved Scalability:If an attack strikes, secure cloud architecture allows for faster disaster recovery of your most vital resources and data.
  • Regulatory compliance: It can be tough to ensure that a complex cloud architecture meets industry regulatory requirements. Cloud providers help ensure compliance by providing security and support.some of the key technologies for cloud security?

A cloud security strategy should include all of the following technologies:

Encryption: Encryption is a way of scrambling data so that only authorized parties can understand the information. If an attacker hacks into a company’s cloud and finds unencrypted data, they are able to do any number of malicious actions with the data: leak it, sell it, use it to carry out further attacks, etc. However, if the company’s data is encrypted, the attacker will only find scrambled data that cannot be used unless they somehow discover the decryption key (which should be almost impossible). In this way, encryption helps prevent data leakage and exposure, even when other security measures fail.

Practicals

  • Installation and configuration of Microsoft Azure/AWS/Cloud Stack environment.
  • Implement Service deployment & Usage over.
  • Perform Management actions of cloud resources and prepare.
  • Using existing cloud characteristics & Service models deploy various.
  • Perform Cloud Security Management Operations.
  • Performance evaluation of services over.
Information Theory and Coding Lab

An Information Theory and Coding lab using MATLAB typically focuses on hands-on experiments and simulations to reinforce theoretical concepts and develop practical skills. This lab provides information about computing entropy and mutual information for different channel types. In this lab, students gain hands-on experience with coding and decoding algorithms, learn to analyze and interpret simulation results, and develop proficiency in using MATLAB for information theory and coding applications.

Practicals

  • Determination of entropy of a given source.
  • Determination of various entropies and mutual information of a given channel (Noise free channel).
  • Determination of various entropies and mutual information of a given channel (Binary symmetric channel).
  • Generation and evaluation of variable length source coding using MATLAB (Huffman Coding and decoding)
  • Coding & decoding of Linear block codes 6 Coding & decoding of Cyclic codes
  • Coding and decoding of convolution codes 8 Coding and decoding of BCH codes.
© PIET 2022 Developed and Maintained by City Innovates Pvt. Ltd.
Skip to content
Downloads
PMSSS (J&K)
Panipat Institute of Engineering & Technology (PIET)