Cybersecurity lab maual PDF

Preview

Summary

lab manual of cyber security...

Description

LAB MANUAL

Lab Name

:

CYBER SECURITY LAB

Lab Code

:

7CS4-22

Branch

:

Computer Science and Engineering

Year

:

4th Year

Jaipur Engineering College and Research Centre, Jaipur Department of Computer Science& Engineering (Rajasthan Technical University, KOTA)

INDEX S.NO

CONTENTS

PAGE NO.

1

VISION AND MISION

4

2.

PEOs

4

3.

Pos

5

4.

Cos

6

5.

MAPPING OF COs & Pos

6

6.

SYLLABUS

7

7.

BOOKS

8

8.

INSTRUCTIONAL METHODS

8

9.

LEARNING MATERIALS

9

10.

ASSESSMENT OF OUTCOMES

9

LIST OF EXPERIMENTS (RTU SYLLABUS) Exp:- 1

Objectives: -1. Implement the following Substitution & Transposition Techniques concepts: a) Caesar Cipherb) Rail fence row & Column Transformation.

12

Exp:- 2

Objectives: -2. Implement the Diffie-Hellman Key Exchange mechanism using HTML and JavaScript. Consider the end user as one of the parties (Alice) and the JavaScript application as other party (bob). Objectives:-3. Implement the following Attack: a) Dictionary Attack b) Brute Force Attack. Objectives:-4.Installation of Wire shark, tcpdump, etc and observe data transferred in client server communication using UDP/TCP and identify the UDP/TCP datagram.

14

Exp:-3 Exp:-4

Exp:-5

Objectives:-5. Installation of rootkits and study about the variety of options.

Exp:-6

Objectives:-6. Perform an Experiment to Sniff Traffic using ARP Poisoning. Objectives:-7. Demonstrate intrusion detection system using any tool (snort or any other s/w). Objectives:-8. Demonstrate how to provide secure data storage, secure data transmission and for creating digital signatures.

Exp:-7 Exp:-8

16

JAIPUR ENGINEERING COLLEGE AND RESEARCH CENTER Department of Computer Science and Engineering Branch: Computer Science and Engineering Semester: 7th Course Name: CYBER Security LAB

Code: 7CS4-22

External Marks: 40

Practical hrs: 4hr/week

Internal Marks: 60

Total Marks: 100

Credit:2 1. VISION & MISSION VISION: To become renowned Centre of excellence in computer science and engineering and make

competent engineers & professionals with high ethical values prepared for lifelong learning. MISSION:

M1: To impart outcome based education for emerging technologies in the field of computer science and engineering. M2: To provide opportunities for interaction between academia and industry. M3: To provide platform for lifelong learning by accepting the change in technologies M4: To develop aptitude of fulfilling social responsibilities 2. PROGRAM EDUCATIONAL OBJECTIVES (PEOs) PEO1: To provide students with the fundamentals of Engineering Sciences with more emphasis in Computer Science & Engineering by way of analyzing and exploiting engineering challenges. PEO2: To train students with good scientific and engineering knowledge so as to comprehend, analyze, design, and create novel products and solutions for the real life problems in Computer Science and Engineering PEO3: To inculcate professional and ethical attitude, effective communication skills, teamwork skills, multidisciplinary approach, entrepreneurial thinking and an ability to relate engineering issues with social issues for Computer Science & Engineering. PEO4: To provide students with an academic environment aware of excellence, leadership, written ethical codes and guidelines, and the self-motivated life-long learning needed for a successful professional career in Computer Science & Engineering. PEO5: To prepare students to excel in Industry and Higher education by Educating Students along with High moral values and Knowledge in Computer Science & Engineering.

3. PROGRAM OUTCOMES (POs) 1. Engineering knowledge: Apply the knowledge of mathematics, science, engineering fundamentals, and Computer Science & Engineering specialization to the solution of complex Computer Science & Engineering problems. 2. Problem analysis: Identify, formulate, research literature, and analyze complex Computer Science and Engineering problems reaching substantiated conclusions using first principles of mathematics, natural sciences, and engineering sciences. 3. Design/development of solutions: Design solutions for complex Computer Science and Engineering problems and design system components or processes that meet the specified needs with appropriate consideration for the public health and safety, and the cultural, societal, and environmental considerations. 4. Conduct investigations of complex problems: Use research-based knowledge and research methods including design of Computer Science and Engineering experiments, analysis and interpretation of data, and synthesis of the information to provide valid conclusions. 5. Modern tool usage: Create, select, and apply appropriate techniques, resources, and modern engineering and IT tools including prediction and modeling to complex Computer Science Engineering activities with an understanding of the limitations. 6. The engineer and society: Apply reasoning informed by the contextual knowledge to assess societal, health, safety, legal and cultural issues and the consequent responsibilities relevant to the professional Computer Science and Engineering practice. 7. Environment and sustainability: Understand the impact of the professional Computer Science and Engineering solutions in societal and environmental contexts, and demonstrate the knowledge of, and need for sustainable development. 8. Ethics: Apply ethical principles and commit to professional ethics and responsibilities and norms of the Computer Science and Engineering practice. 9. Individual and team work: Function effectively as an individual, and as a member or leader in diverse teams, and in multidisciplinary settings in Computer Science and Engineering. 10. Communication: Communicate effectively on complex Computer Science and Engineering activities with the engineering community and with society at large, such as, being able to comprehend and write effective reports and design documentation, make effective presentations, and give and receive clear instructions. 11. Project management and finance: Demonstrate knowledge and understanding of the Computer Science and Engineering and management principles and apply these to one’s own work, as a member and leader in a team, to manage projects and in multidisciplinary environments. 12. Life-long learning: Recognize the need for, and have the preparation and ability to engage in independent and life-long learning in the broadest context of technological change in Computer Science and Engineering.

4. COURSE OUTCOMES (COs) Graduates would be able: CO1: Understand the implementation of various techniques and security algorithms. CO2: Apply different tools used for secure data transmission and for creating digital signature.

5. MAPPING OF COs & POs

Sem

Subject

Code

L/T/P

P

VII

Cyber Security Lab

CO

1.Understand the implementation of various techniques and security algorithms.

PO1

PO2

PO3

PO4

PO5

PO6

PO7

PO8

PO9

PO10

PO11

PO12

3

3

2

2

3

3

2

2

3

2

2

3

3

2

3

3

3

3

3

3

3

3

3

3

7CS422

P

2. Apply different tools used for secure data transmission and for creating digital signature.

6. SYLLABUS

Outcomes: At the end of the semester, the students should have clearly understood and implemented the following: • Implement the cipher techniques • Develop the various security Algorithms • Use different open source tools for network security and analysis

List of Hardware Requirements & Software Requirements Software Requirements  C  C++  Java or equivalent Compiler GnuPG  Snort Hardware Requirements 

Standalone Desktops (or) Server supporting 30 terminals or more

7. INSTRUCTIONAL METHODS

Direct Instructions: •

White board presentation

Interactive Instruction: •

coding

Indirect Instructions: •

Problem solving

8. LEARNING MATERIALS Text/Lab Manual

9. ASSESSMENT OF OUTCOMES:1. End term Practical exam (Conducted by RTU, KOTA) 2. Daily Lab interaction. OUTCOMES WILL BE ACHIEVED THROUGH FOLLOWING:1. Lab Teaching (through chalk and board). 2. Discussion on website. INSTRUCTIONS OF LAB DO’s • • •

Please switch off the Mobile/Cell phone before entering Lab. Enter the Lab with complete source code and data. Check whether all peripheral are available at your desktop before proceeding for program. Intimate the Lab In Charge whenever you are incompatible in using the system or in case software get corrupted/ infected by virus. Arrange all the peripheral and seats before leaving the lab. Properly shutdown the system before leaving the lab. Keep the bag outside in the racks. Enter the lab on time and leave at proper time. Maintain the decorum of the lab. Utilize lab hours in the corresponding experiment. Get your CD / Pen Drive checked by lab In charge before using it in the lab.

• • • • • • • •

DON’TS • • • • • • • • •

Don’t mishandle the system. Don’t leave the system on standing for long Don’t bring any external material in the lab. Don’t make noise in the lab. Don’t bring the mobile in the lab. If extremely necessary then keep ringers off. Don’t enter in the lab without permission of lab Incharge. Don’t litter in the lab. Don’t delete or make any modification in system files. Don’t carry any lab equipments outside the lab.

We need your full support and cooperation for smooth functioning of the lab.

INSTRUCTIONS FOR STUDENTS

BEFORE ENTERING IN THE LAB

•

All the students are supposed to prepare the theory regarding the next program.

•

Students are supposed to bring the practical file and the lab copy.

•

Previous programs should be written in the practical file.

•

Any student not following these instructions will be denied entry in the lab.

WHILE WORKING IN THE LAB •

Adhere to experimental schedule as instructed by the lab incharge.

•

Get the previously executed program signed by the instructor.

•

Get the output of the current program checked by the instructor in the lab copy.

•

Each student should work on his/her assigned computer at each turn of the lab.

•

Take responsibility of valuable accessories.

•

Concentrate on the assigned practical and do not play games.

•

If anyone caught red handed carrying any equipment of the lab, then he will have to face serious consequences.

LIST OF EXPERIMENTS

Experiment No.-1 1(a) Implement the following Substitution & Transposition Techniques concepts: a) Caesar Cipher b) Rail fence row & Column Transformation AIM: To implement a program for encrypting a plain text and decrypting a cipher text using Caesar Cipher (shift cipher) substitution technique

ALGORITHM DESCRIPTION: It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet. For example, with a left shift of 3, D would be replaced by A, E would become B, and so on. The method is named after Julius Caesar, who used it in his private correspondence. The transformation can be represented by aligning two alphabets; the cipher alphabet is the plain alphabet rotated left or right by some number of positions. The encryption can also be represented using modular arithmetic by first transforming the letters into numbers, according to the scheme, A = 0, B = 1, Z = 25. Encryption of a letter x by a shift n can be described mathematically as, En(x) = (x + n) mod26 Decryption is performed similarly, Dn (x)=(x - n) mod26

PROGRAM: import java.util.*; class caesarCipher { public static String encode(String enc, int offset) { offset = offset % 26 + 26; StringBuilder encoded = new StringBuilder(); for (char i : enc.toCharArray()) { if (Character.isLetter(i)) { if (Character.isUpperCase(i)) { encoded.append((char) ('A' + (i - 'A' + offset) % 26 )); }

else { encoded.append((char) ('a' + (i - 'a' + offset) % 26 )); } } else { encoded.append(i); } } return encoded.toString(); } public static String decode(String enc, int offset) { return encode(enc, 26-offset); } public static void main (String[] args) throws java.lang.Exception { String msg = "Hello welcome to Security Laboratory"; System.out.println("simulation of Caesar Cipher"); System.out.println("input message : " + msg); System.out.printf( "encoded message : "); System.out.println(caesarCipher.encode(msg, 12)); System.out.printf( "decoded message : "); System.out.println(caesarCipher.decode(caesarCipher.encode(msg, 12), 12)); } }

stdin: Standard input is empty

stdout: simulation of Caesar Cipher input message : Hello welcome to Security Laboratory encoded message : Tqxxa iqxoayq fa Eqogdufk Xmnadmfadk decoded message : Hello welcome to Security Laboratory

RESULT: Thus the program was executed and verified successfully.

1(b) To implement a program for encryption and decryption using rail fence transposition technique.

ALGORITHM DESCRIPTION: In the rail fence cipher, the plaintext is written downwards and diagonally on successive "rails" of an imaginary fence, then moving up when we reach the bottom rail. When we reach the top rail, the message is written downwards again until the whole plaintext is written out. The message is then read off in rows.

PROGRAM : import java.util.*; class railfenceCipherHelper { int depth; String encode(String msg, int depth) throws Exception { int r = depth; int l = msg.lengt h(); int c = l/depth; int k = 0; char mat[][] = new char[r][c]; String enc = ""; for (int i=0; i...