SECURING NETWORK AND

IT INFRASTRUCTURE
(Laboratory)

CAP791 CA-2
Q.1 What are the differences between substitution and
transposition techniques? Explain with example.

SOLUTION:

Substitution technique and transposition technique are the fundamental

methods of codifying the plaintext message to acquire the respective
ciphertext. These two methods are the basic building blocks of the
encryption techniques and can also be used together, which is called a
product cipher.

The essential difference between the substitution technique and

transpositional technique is that the substitution technique substitutes the
letters of the plaintext from other letters, number and symbols. On the
other hand, the transposition techniques do not replace the letter, instead
changes the position of the symbol.

BASIS FOR SUBSTITUTION TRANSPOSITION

COMPARISON TECHNIQUE TECHNIQUE

Basic Replaces the plaintext Rearranges the position

characters with other of the characters of the

characters, numbers and plaintext.

symbols.

Forms Monoalphabetic and Keyless and keyed

polyalphabetic transpositional cipher.

substitution cipher.

Alterations The identity of the The position of the

character is changed character is changed in

while its position remains spite of its identity.

unchanged.

Demerit The letter with the low Keys near to the correct

frequency can discern the key can disclose the

plaintext. plaintext.

Example Caesar Cipher Reil Fence Cipher

Key Differences Between Substitution Technique and Transposition

Technique

1. The substitution technique uses a substitute for the plaintext

characters to convert it into ciphertext. On the other hand, the
 transposition technique basically rearranges the characters of
the plaintext.
2. Monoalphabetic, polyalphabetic substitution cipher, Playfair
cipher are some of the algorithms which use the substitution
technique. As against, the forms of transposition technique are
keyed and keyless transpositional cipher.
3. The substitution technique aims to alter the identity of the entity
while the transposition technique alters the position of the
entity, rather than its identity.
4. With the help of the low-frequency letter, the plaintext can be
easily discerned in the substitution technique. On the contrary,
in the transposition technique, the keys near to the right key lead
to the detection of the plaintext.

Q.2 Write a program to perform encryption and decryption

using RSA Algorithm.

SOLUTION: RSA algorithm is asymmetric cryptography algorithm.

Asymmetric actually means that it works on two different keys i.e. Public
Key and Private Key. As the name describes that the Public Key is given to
everyone and Private key is kept private

// C program for RSA asymmetric cryptographic

#include<stdio.h>
#include<math.h>

// Returns gcd of a and b

int gcd(int a, int h)

int temp;

while (1)

temp = a%h;

if (temp == 0)

return h;
 a = h;

h = temp;

// Code to demonstrate RSA algorithm

int main()

// Two random prime numbers

double p = 3;

double q = 7;
// First part of public key:

double n = p*q;

// Finding other part of public key.

// e stands for encrypt

double e = 2;

double phi = (p-1)*(q-1);

while (e < phi)

// e must be co-prime to phi and

 // smaller than phi.

if (gcd(e, phi)==1)

break;

else

e++;

// Private key (d stands for decrypt)

// choosing d such that it satisfies

// d*e = 1 + k * totient

int k = 2; // A constant value

double d = (1 + (k*phi))/e;

// Message to be encrypted

double msg = 20;

printf("Message data = %lf", msg);

// Encryption c = (msg ^ e) % n

double c = pow(msg, e);

c = fmod(c, n);

printf("\nEncrypted data = %lf", c);

 // Decryption m = (c ^ d) % n

double m = pow(c, d);

m = fmod(m, n);

printf("\nOriginal Message Sent = %lf", m);

return 0;

Q.3 Perform a Case Study on different types of malicious codes that

lead to cyberattacks.

SOLUTION:

1.MALWARE
Malware is malicious software such as spyware, ransomware, viruses and worms. Malware
is activated when a user clicks on a malicious link or attachment, which leads to installing
dangerous software. Cisco reports that malware, once activated, can:

● Block access to key network components (ransomware)

● Install additional harmful software

● Covertly obtain information by transmitting data from the hard drive (spyware)

● Disrupt individual parts, making the system inoperable

2. Emotet

The Cybersecurity and Infrastructure Security Agency (CISA) describes Emotet as “an
advanced, modular banking Trojan that primarily functions as a downloader or dropper of
other banking Trojans. Emotet continues to be among the most costly and destructive
malware.”

3. Denial of Service

A denial of service (DoS) is a type of cyber attack that floods a computer or network so it
can’t respond to requests. A distributed DoS (DDoS) does the same thing, but the attack
originates from a computer network. Cyber attackers often use a flood attack to disrupt the
“handshake” process and carry out a DoS. Several other techniques may be used, and some
cyber attackers use the time that a network is disabled to launch other attacks. A botnet is a
type of DDoS in which millions of systems can be infected with malware and controlled by a
hacker, according to Jeff Melnick of Netwrix, an information technology security software
company. Botnets, sometimes called zombie systems, target and overwhelm a target’s
processing capabilities. Botnets are in different geographic locations and hard to trace.

4. Man in the Middle

A man-in-the-middle (MITM) attack occurs when hackers insert themselves into a

two-party transaction. After interrupting the traffic, they can filter and steal data,
according to Cisco. MITM attacks often occur when a visitor uses an unsecured public Wi-Fi
network. Attackers insert themselves between the visitor and the network, and then use
malware to install software and use data maliciously.

5. Phishing

Phishing attacks use fake communication, such as an email, to trick the receiver into
opening it and carrying out the instructions inside, such as providing a credit card number.
“The goal is to steal sensitive data like credit card and login information or to install
malware on the victim’s machine,” Cisco reports.

6. SQL Injection
A Structured Query Language (SQL) injection is a type of cyber attack that results from
inserting malicious code into a server that uses SQL. When infected, the server releases
information. Submitting the malicious code can be as simple as entering it into a vulnerable
website search box.

7. Password Attacks

With the right password, a cyber attacker has access to a wealth of information. Social
engineering is a type of password attack that Data Insider defines as “a strategy cyber
attackers use that relies heavily on human interaction and often involves tricking people
into breaking standard security practices.” Other types of password attacks include
accessing a password database or outright guessing.

Malicious code examples:

Backdoor Attacks

With a backdoor attack, the offending code can take over an application to extract trade
secrets from business databases, steal employee information for identity theft, erase
critical files, and spread from one server to another. Seeds can be planted that go unnoticed
for days or even months, gathering information and sending it back to the attacker without
detection.

Scripting Attacks

Script injection can modify application functionality to reroute applications to another

server, use different databases, retrieve additional unauthorized data, and modify web
pages.

Trojan Horse and Spyware

Malicious code may go undetected on infected computers, simply monitoring applications

and websites accessed. Once critical information is stolen, such as bank accounts or
passwords, the information is forwarded to the perpetrator.
Worms

Worm attacks are designed to self-replicate across multiple computers or enterprise

networks, often stealing or even destroying files and critical data.

Examples:
Hackers are continuously working to compromise technical defenses against malicious
code. Some of the better-known examples of malicious attacks include:

● Trojan Horse – Emotet – appears as applications a user would benefit from

● Worms – Stuxnet – replicated through network computers
● Bots – Echobot – launched a flood of attacks
● Ransomware – RYUK – disables access to company assets until the ransom is paid

How Do You Know You Have Malicious Code?

For computer users, there are several hints that malicious code is lurking on the system:

● Performance issues for no known reason (no new software loaded)

● Frequent system crashes
● Changes to browser home page or account passwords
● Unfamiliar programs running in the taskbar or at system startup