Professional Documents
Culture Documents
Module 1:
Steganography:
Symmetric encryption:
● Uses the same secret key for both encryption and decryption.
● Examples include DES, AES, and RC4.
● Fast and efficient for bulk data encryption.
● Key management is a challenge, as the same key must be securely
shared between communicating parties.
● Vulnerable to key distribution attacks.
Asymmetric encryption:
● Uses a pair of mathematically related keys: a public key for
encryption and a private key for decryption.
● Examples include RSA, ElGamal, and ECC.
● Enables secure key exchange without requiring a pre-shared secret.
● Slower than symmetric encryption due to the computational
complexity of key generation and encryption.
● Provides enhanced security through digital signatures, key
distribution, and key agreement protocols.
Cryptanalysis:
● Cryptanalysis is the science of breaking cryptographic systems or
finding weaknesses in their design.
● Types of cryptanalysis techniques:
● Brute-force attacks: Exhaustively trying all possible keys until the
correct one is found.
● Frequency analysis: Exploiting patterns in the frequency distribution
of letters or symbols in the ciphertext.
● Known-plaintext attacks: Leveraging knowledge of a
plaintext-ciphertext pair to deduce the key or decrypt other
messages.
● Chosen-plaintext attacks: Gaining access to both plaintext and
ciphertext pairs to deduce the key or decrypt other messages.
● Differential and linear cryptanalysis: Statistical techniques to exploit
patterns in the behavior of encryption algorithms.
● Cryptanalysis helps identify vulnerabilities in encryption algorithms,
implementation flaws, or weaknesses in key management.
Block cipher:
Modes of operation:
Hash functions:
Digital signature:
Malware:
Social Engineering:
● Social engineering is the manipulation of individuals to gain
unauthorized access or sensitive information.
● It exploits human psychology, trust, and social interactions.
● Attackers often impersonate trusted individuals or entities.
● Pretexting involves creating a fabricated scenario to deceive targets.
● Phishing emails and phone calls are common social engineering
techniques.
● Baiting involves leaving infected devices or media in strategic
locations to entice targets.
● Shoulder surfing is the act of observing someone's sensitive
information without their knowledge.
● Tailgating refers to unauthorized individuals following someone to
gain physical access to secure areas.
● The objective of social engineering is to exploit human vulnerabilities
rather than technical ones.
● Awareness, skepticism, and education are essential defenses against
social engineering attacks.
DDOS:
● DDoS attacks are malicious attempts to disrupt the normal
functioning of a website or online service.
● The objective of a DDoS attack is to overwhelm the target system
with a flood of traffic or resource requests.
● Attackers typically employ multiple compromised devices or a botnet
to launch the attack.
● DDoS attacks can result in service downtime, slow website
performance, and financial losses for businesses.
● Attackers may use different attack vectors to target network
bandwidth, server resources, or application layers.
● Flood-based attacks, such as UDP or ICMP floods, flood the target
with a high volume of traffic to exhaust its resources.
● SYN flood attacks exploit the TCP handshake process to consume
server resources and prevent legitimate connections.
● DNS amplification attacks use vulnerable DNS servers to amplify
traffic, overwhelming the target with a large volume of data.
● Application layer attacks, like HTTP floods or Slowloris, target the
web application layer to exhaust server resources or connections.
● DDoS attacks can be mitigated using various techniques, such as
traffic filtering, rate limiting, or employing DDoS protection services.
Module 4:
IPsec:
● IPsec is a network protocol suite used to secure IP communication.
● It provides confidentiality, integrity, and authentication for IP packets.
● IPsec can be used to establish secure VPN connections between
networks or remote users.
● It operates at the network layer, ensuring end-to-end security.
● IPsec uses cryptographic algorithms to encrypt and authenticate
data.
● It can protect against threats like eavesdropping, tampering, and IP
spoofing.
● IPsec can be implemented in tunnel mode or transport mode for
different security requirements.
Module 5:
SNMPv3 (Simple Network Management Protocol version 3):
● SNMPv3 is a network management protocol used to monitor and
manage network devices.
● It provides secure access to network information by incorporating
authentication and encryption mechanisms.
● SNMPv3 supports user-based authentication and message integrity
checking.
● It helps protect against unauthorized access and tampering of
network management data.
● SNMPv3 provides enhanced security features compared to earlier
versions, such as SNMPv1 and SNMPv2.
Module 6:
IDS (Intrusion Detection System):
● IDS is a security technology that monitors network traffic for malicious
activities and policy violations.
● It analyzes network packets, system logs, and other data to detect
potential security breaches.
● IDS can identify known attack patterns, abnormal behavior, and
suspicious activities.
● It provides alerts or takes action when threats are detected, helping to
protect against unauthorized access or attacks.
● IDS can be network-based or host-based, depending on the
deployment and scope of monitoring.
Firewalls:
● Firewalls are security devices or software that monitor and control
incoming and outgoing network traffic.
● They establish a barrier between internal and external networks,
enforcing security policies.
● Firewalls examine packets and apply rules to allow or block traffic
based on predefined criteria.
● They can prevent unauthorized access, protect against network
attacks, and enforce network segmentation.
● Firewalls can be hardware-based, software-based, or cloud-based,
depending on the deployment scenario.
Classification of Firewalls:
● Firewalls can be classified into several types, including packet
filtering firewalls, stateful inspection firewalls, and application-level
gateways (proxy firewalls).
● Packet filtering firewalls examine packets based on specific criteria,
such as source/destination IP addresses or ports.
● Stateful inspection firewalls track the state of network connections to
make more informed decisions about packet filtering.
● Application-level gateways act as intermediaries between internal and
external networks, inspecting application-layer protocols for improved
security.