1. Analyse the security threats that can arise in such an environment. State any assumptions that you are making.
Ransomware attack assuming some of the software and operating systems in use have not been updated which will lock the devices and demand payment before they can be unlocked failure to which the data from the devices will be destroyed
Phishing attacks occur when an attacker creates a fake email or websites that looks like an original to confuse the user who will then be redirected to their fake network
Pharming attacks refer to a situation when an attacker redirects traffic from a website to a fake website such that even manually entering the web address in the browser might still redirect to the fake site
Botnets these are a group of computers that have been taken over by an attacker remotely to create an army of computers that are infected
Spam which is one of the most common methods for sending out information and collecting information from unsuspecting people (Government of Canada, 2017)
Denial-of-service attack which occurs when an attacker takes over a device and locks out the owner or sends a large number of requests to a network to overload the server such that it cannot process other legitimate requests
1. Specify the types of security services that would be needed to counteract these security threats and what type of security mechanisms could support these services.
Authentication- This will ensure that a user’s identity is verified before they can perform certain action. This can be supported by an encipherment mechanism
Access control – controls incoming traffic into the network to allow only specified communication. It is supported by the access control mechanism
Data confidentiality – ensures that data is viewed and edited only by relevant parties. It is supported by both traffic padding mechanism and routing control mechanism
1. Identify the types of security components that can be used to provide these security services and mechanisms and where they would be placed.
Confidentiality placed under the traffic padding and routing control mechanism
Integrity is under the access control mechanism
Availability can be under the encipherment mechanism to ensure that data is available but only to those authorized to view it.
1. What is threat modelling and describe the steps involved in a threat modelling process?
Threat modeling is a process by which potential threats can be identified, enumerated, and prioritized (Wikipedia, 2017). This process is done from an attacker’s point of view to evaluate the most valuable and the most vulnerable part of an application. It is not a one-time only process (Microsoft Corporation, 2003).
This involves taking not of the different valuable components that should be protected by the system
This involves creating a model of the architecture of the application using tables and diagrams. The model should include the subsystems and dataflow and trust boundaries
Break down the application into smaller simpler parts in order to create a security profile which should highlight the vulnerabilities of the application
While looking at the application from the attackers point of view and with the security profile highlighting the vulnerabilities, identify the threats that could affect the application
Outline each and every threat identified in a common threat template defining the major attributes of a threat that should be recorded for each threat
Rate the identified threats in order to prioritize and identify which one has to be dealt with first. This should be done on the basis of the damage that a threat can cause.
1. What happens if the security tool vendor does not include UDP traffic and port 1434 in the attack pattern/signature? In other words, what happens if only the highlighted pattern in Figure 2 is used as the attack pattern/signature?
If the two are not included, any data with that pattern coming even from a different port or protocol will be treated the as is specified for that particular pattern
Find the cipher text corresponding to the following plaintext. (Treat both uppercase and lowercase characters to be the same). “SecurityIsPeaceOfMind”
Cipher text: gcwczimubcxaqowktwupw
Assume the above cipher text is transferred over a network to a receiver. If an error occurs during the transmission of this cipher text affecting one letter, how much of the decrypted plaintext will be in error.
The amount of error in the plaintext will depend on whether a 3×3 matrix was used or a 2×2 matrix. In this case a 3×3 matrix was used hence three of the plaintext characters will have errors
What is a dictionary attack on a block cipher, and how can we ensure that such an attack is infeasible?
Trying every word in the dictionary as a possible password for an encrypted message (Tech-FAQ, 2017). The solution is using a passphrase which cannot be guessed from a dictionary
Consider a general n-bit substitution block cipher. What is the size of the key (number of bits in the key) required for such a general block cipher? Explain how you arrive at the answer.
This because each possible input block is considered as one of 2n integers and each integer specifies an output that is n bits. Therefore, a codebook can be constructed by displaying just the output blocks in the order of the integers corresponding to the input blocks (Kak, 2017).
This results to: 2n * n bits
Hence the implication that the encryption key will be 2n * n bits.
1. Consider triple encryption by using E-D-E with CBC on the inside. If a single bit “x” of then cipher text block, say “c2” is modified, then how does it affect the decrypted plaintext?
The plaintext will not be properly decrypted and the resultant plaintext might be totally different from the original message due to the mutation during the chaining while the encryption ws taking place.
Show how the decryption works?
Ri = Dec[K] ⊕ Ci-1 Ci = Pi ⊕ Ri
If we use, Ri = Enc [K] ⊕Pi-1 for encryption instead of Ri = Enc[K] ⊕ Ci-1 then how would decryption work?
Ri = Dec[K] ⊕ Pi-1 Pi = Ci ⊕ Ri
Discuss the security of the above schemes
The major security advantage of this scheme is in its ability to hide the statistical ability to hide the plaintext blocks therefore the same plaintext can produce different ciphertexts
A system is designed to use the RSA public key scheme, where m is the modulus, (e, m) is the public key and (d, p, q) is the corresponding private key. The system developer discovers that the private key (d, p, q) is compromised and hence modifies the system by generating some new public and private key exponents (e1, d1) for the same modulus. Discuss the security of the modified system
The modified system is not secure since the original system can still compute the modified system’s private key and the same goes for the modified system
List and describe (in detail), the different types of memorable patterns that may be used by a human when selecting a four (4) digit PIN
Using four consecutive numbers such as 1234
Using the same number four times
Using consecutive odd or even numbers
Motor patterns which involve remembering the pattern your finger takes rather than the actual password (Lancet, 2013)
For each memorable pattern, quantify (using the correct notation), the reduction of keyspace and entropy
Four consecutive numbers: Entropy = 210 =1024bits
Using the same number four times. Entropy = 210 =1024bits
Using consecutive odd or even numbers. Entropy = 25 = 32bits
Once you have listed and described all memorable patterns, quantify (using the correct notation), the overall reduction of key space and entropy
(210 +210+25) / 3 = 693.33bits
Describe the differences in protection capabilities between operating systems that use the two processor-state model and those that use the four processor-state model.
A two processor-state model uses only two states for a process. A process is either running or in queue to be run when the current process is done. In this case a process is created, labeled as not running and put in queue. After some time the current process stops running and is labeled as not running where as a process is chosen from the queue, labeled as running and dispatched.
A four-processor-state model however has four nodes therefore a process is either in admission, dispatch, pause or exiting state. A newly created process is in admission. It changes to dispatched when it is chosen to start running. After some time, the process is paused to enable running other processes and after a process is complete, it exits.
Describe the benefits and drawbacks of the following platform management
Natively within an operating system.
Faster performance
Able to access and use a device’s built-in capabilities
Better user experience
Higher security
Little to no portability can only be used for the specific operating system
By extending the processor’s state model with an extra mode complimented by dedicated platform management kernel.
High user experience due to compatibility with native system
Performance is a bit slower
By adding a separate management processor to a platform
Portability- very portable applications that can be used in various operating systems
Cheaper origination costs
Access to various hardware and software capabilities using plug-ins
Does not provide the best user experience
Callari, F., n.d. Process states. [Online]
Available at: https://www.cim.mcgill.ca/~franco/OpSys-304-427/lecture-notes/node5.html
[Accessed 22 10 2017].
Courtois, N. T., 2012. Algebraic Complexity Reduction and Cryptanalysis of GOST. [Online]
Available at:
https://pdfs.semanticscholar.org/486d/c17d6dee3dda978bd241739a699282e2eab8.pdf
[Accessed 22 10 2017].
Dahshan, M. H., n.d. Block Ciphers and DES, n.a: n.a.
Government of Canada, 2017. Common threats to be aware of. [Online]
Available at:
https://www.getcybersafe.gc.ca/cnt/rsks/cmmn-thrts-en.aspx
[Accessed 22 10 2017].
Gutmann, A., Volkamer, M. & Renaud, K., 2016. Memorable And Secure: How Do You Choose Your PIN?, n.a: s.n.
Integrated Computer Solutions, n.a. Encryption. [Online]
Available at:
https://www.ics.uci.edu/~keldefra/teaching/fall2016/uci_compsci134/slides/LEC3-KED.pdf
[Accessed 22 10 2017].
Jain, R., 2009. Modes of Modes of Operation. [Online]
Available at:
https://www.cse.wustl.edu/~jain/cse571-09/ftp/l_06moo.pdf
[Accessed 22 10 2017].
Jain, R., 2009. Network Security Concepts, Saint Louis: n.a.
Kak, A., 2017. Lecture 3: Block Ciphers and the Data Encryption Standard. [Online]
Available at: https://engineering.purdue.edu/kak/compsec/NewLectures/Lecture3.pdf
[Accessed 23 10 2017].
Kumar, A. & Bawa, S., 2011. Network Security: Goals, Services and Mechanisms in Grid Computing Environments, n.a: n.a.
Lancet, Y., 2013. 7 Ways To Make Up Passwords That Are Both Secure & Memorable. [Online]
Available at:
https://www.makeuseof.com/tag/7-ways-to-make-up-passwords-that-are-both-secure-memorable/
[Accessed 22 10 2017].
Microsoft Corporation, 2003. Chapter 3 – Threat Modeling. [Online]
Available at: https://msdn.microsoft.com/en-us/library/ff648644.aspx
[Accessed 22 10 2017].
n.a, n.d. Network and Systems Security. [Online]
Available at:
https://csis.gmu.edu/ksun/AIT682-f17/notes/T03.2-4_SecKeyModeEtc-6spp.pdf
[Accessed 22 10 2017].
StackExchange, 2016. How should I calculate the entropy of a password. [Online]
Available at:
https://crypto.stackexchange.com/questions/374/how-should-i-calculate-the-entropy-of-a-password
[Accessed 22 10 2017].
Tech-FAQ, 2017. Dictionary Attacks. [Online]
Available at:
https://www.tech-faq.com/dictionary-attack.html
[Accessed 22 10 2017].
Tutorials Point, 2017. Operating System – Quick Guide. [Online]
Available at:
https://www.tutorialspoint.com/operating_system/os_quick_guide.htm
[Accessed 22 10 2017].
Wikipedia, 2017. Threat model. [Online]
Available at:
https://en.wikipedia.org/wiki/Threat_model
[Accessed 22 10 2017].
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download