T.E.

(E & TC) Network Security

SEMESTER-II (23-24)

CLASS: -TE [E&TC] SUBJECT:- EL-II-NS DATE:

Name of the student: Roll No.:

EXPERIMENT NO. 1
** Design and implement for the insecurity of default passwords, printed passwords, and
passwords transmitted in plain text. **

AIM: Write a program to Design and implement for the insecurity of default passwords, printed
passwords and passwords transmitted in plain text.

OBJECTIVE:

1. To understand the concept of insecurity of default passwords, printed passwords and passwords
transmitted in plain text.

THEORY:

A password, sometimes called a passcode is secret data, typically a string of characters, usually used
to confirm a user's identity. In general, a password is an arbitrary string of
characters including letters, digits, or other symbols. If the permissible characters are constrained to be
numeric, the corresponding secret is sometimes called a personal identification number (PIN).
1. Default passwords:

A default password is a standard pre-configured password for a device. Such passwords are
the default configuration for many devices and, if unchanged, present a serious security risk. Typical
examples of default passwords include admin, password and guest. Furthermore, a vendor generally
uses a single default password, which can be easily found online through search or on websites that
provide compiled lists.
Default passwords are commonly used for routers, access points, switches and firewalls. They are also
common in embedded systems, industrial control systems (ICS) and remote terminal interfaces such
as Telnet and SSH.
Left unchanged, default passwords provide an easy attack vector for home network equipment; if the
owner also connects to a corporate network that risk extends to the business as well. An attacker who
logs into a device successfully is likely to have administrative-level access.
The risk is also severe in the case of embedded systems and ICS security because these environments
were not originally intended to be accessible over the internet. However, in the burgeoning internet of
things (IoT) environment, almost anything can be made addressable and connected, and while there
are many benefits to IoT connectivity, enhanced security is not among them.

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

Default passwords are intended to be place holders and used only for the initial setup of hardware or
after a factory reset. The user enters the password and is usually prompted to change it as part of the
process, but not always.
To counteract the security issues of default passwords, device owners should change the default value
to a strong password when they first configure a device. Vendors can enforce that change upon first
use of the default password. Another option for the vendor is to employ secure unique default
passwords.

2. Printed Passwords:

Most applications do not display the real password in the login box for security reasons, and instead,
they show the asterisks (****). But often, there is a need to know the actual password, especially if
you have forgotten the password that you entered a while ago.

3. Plain Text Password:

If the password is transmitted from the user to the server as plaintext (what you see is exactly what
you get; it isn’t hidden in any way) – it could be intercepted as it travels across the network.
This is usually overcome by encrypting the communication between the user and the server. The most
common form of encryption is the Transport Layer Security (TLS) standard or the older SSL standard
(Secure Socket Layer). You’ll recognize that TLS or SSL is being used when you see ‘https’ at the
beginning of a web page address instead of ‘http’, and by a padlock symbol in your browser. (You’ll look
at encryption and TLS and SSL more fully in Week 4.)

Another problem occurs if a password is stored on a server as plaintext. In this case a successful attack on
the server would not only reveal the user’s password, but all the passwords for all the users of the system.
However, when a user enters a password the server needs to be able to confirm that this is the correct
password for that user before it grants access.
This second problem can also be solved using a technique called hashing. A hash with salt is the result of
processing plaintext to create a unique, fixed length identifier – you’ll find out more in Week 5. It cannot
be used to reconstruct the original data – even if the hash falls into hostile hands. In this scheme, a hashing
function is used to create a hash of a password, which is stored on the server – the password itself is
discarded. When the user enters a password, this is sent over the network and hashed on the server using
a copy of the same hashing function. The resulting hash is compared to the hash stored on the password
server. Only if they match will the user be granted access. Some implementations of this scheme will hash
the user’s password before sending it across the network to be compared with the hash stored on the server.
Almost all online services and computer systems store passwords as hashes – but surprisingly, errors still

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

happen.
To avoid insecurity of password use Strong Password.
A Strong Password is defined as a password that is reasonably difficult to guess in a short period of time
either through human guessing or the use of specialized software. The following are general
recommendations for creating a Strong Password:

A Strong Password should -

● Be at least 8 characters in length
● Contain both upper and lowercase alphabetic characters (e.g. A-Z, a-z)
● Have at least one numerical character (e.g. 0-9)
● Have at least one special character (e.g. ~!@#$%^&*()_-+=)

A Strong Passwords do

not -

● Spell a word or series of words that can be found in a standard dictionary

● Spell a word with a number added to the beginning and the end
● Be based on any personal information such as user id, family name, pet, birthday, etc.

Conclusion:

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

SEMESTER-II (23-24)

CLASS: -TE [E&TC] SUBJECT:- EL-II-NS DATE:

Name of the student: Roll No.:

EXPERIMENT NO. 2

** ENCRYPTION AND DECRYPTION**

AIM: Write a program for Encryption and Decryption.

OBJECTIVE:

1. To understand the concept of encryption and decryption.

2. Write programs for encryption and decryption using Ceaser Cipher.

Link:- Virtual Lab

http:/:/ vlabs.iitb.ac.in/bootcamp/labs/dbms/exp13/exp/index.php

THEORY:

To carry sensitive information, such as military or financial data, a system must be able to assure
privacy. It is unlikely that any system can completely prevent unauthorized access to trans-mission
media. A more practical way to protect information is to alter it so that only an authorized receiver
can understand it.
Data tampering is not a new issue, nor is it unique to the computer era. In fact, efforts to make
information. Unreadable by unauthorized receivers The method used today is called the encryption
and decryption of information. Encryption means that the sender transforms the original
information to another form and sends the resulting unintelligible message out over the network.
Decryption reverses the encryption process in order to transform the message back to its original
form. Figure below shows the basic encryption/decryption process. The sender uses an encryption
algorithm and a key to transform the plaintext (as the original message is called) into a cipher text
(as the encrypted message is called). The receiver uses a decryption algorithm and a key to
transform the cipher text back to the original plaintext.

The Caesar Cipher technique is one of the earliest and simplest method of encryption
technique. It’s simply a type of substitution cipher, i.e., each letter of a given text is replaced

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

by a letter some fixed number of positions down the alphabet. For example with a shift of 1,
A would be replaced by B, B would become C, and so on. The method is apparently named
after Julius Caesar, who apparently used it to communicate with his officials. Thus to cipher
a given text we need an integer value, known as shift which indicates the number of position
each letter of the text has been moved down. The encryption can be represented using modular
arithmetic by first transforming the letters into numbers, according to the scheme, A = 0, B =
1,…, Z = 25. Encryption of a letter by a shift n can be described mathematically as.

(Encryption Phase with shift n)

(Decryption Phase with shift n)

Here is a Caesar cipher using a right rotation of three places, equivalent to a left shift of
23 (the shift parameter is used as the key):

Plain A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Ciph D E F G H I J K L MN OP Q R S T U V WX Y Z A B C
er

When encrypting, a person looks up each letter of the message in the "plain" line and writes
down the corresponding letter in the "cipher" line.
PROCEDURE:
To pass an encrypted message from one person to another, it is first necessary that both
parties have the 'key' for the cipher, so that the sender may encrypt it and the receiver may
decrypt it. For the caesar cipher, the key is the number of characters to shift the cipher
alphabet.
Here is a quick example of the encryption and decryption steps involved with the caesar cipher.
The text we will encrypt is 'defend the east wall of the castle', with a shift (key) of 1.

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

plaintext: defend the east wall of the castle

ciphertext: efgfoe uif fbtu xbmm pg uif dbtumf
It is easy to see how each character in the plaintext is shifted up the alphabet.
Decryption is just as easy, by using an offset of -1.
plain: abcdefghijklmnopqrstuvwxyz
cipher: bcdefghijklmnopqrstuvwxyza
If a different key is used, the cipher alphabet will be shifted a different amount.
First we translate all of our characters to numbers, 'a'=0, 'b'=1, 'c'=2, ... , 'z'=25. We can now
represent the caesar cipher encryption function, e(x), where x is the character we are
encrypting, as: Encryption E (Cipher Text) = (Plain Text P + Key K) mod 26
Where k is the key (the shift) applied to each letter. After applying this function the result is
a number which must then be translated back into a letter. The decryption function is:
Decryption D (Plain Text) = (Cipher Text E - Key K) mod 26

Conclusion:

SEMESTER-II (23-24)

CLASS: -TE [E&TC] SUBJECT:- EL-II-NS DATE:

E&TC Department, PCCOE&R, Ravet Pune-412101
T.E. (E & TC) Network Security

AIM: Write a program to perform encryption and decryption using the following algorithms:
Ceaser Cipher, and Substitution Cipher.

OBJECTIVE:

1. To understand the concept of Monoalphabetic Cipher Substitution Cipher.

2. Write programs for encryption and decryption using Monoalphabetic Cipher Substitution
Cipher.

THEORY:
Better than Caesar Cipher. If, instead the “cipher” line can be any permutation of the key 26
alphabetic characters, then there are 26! Or greater than 4 * 10 26 possible keys. This is 10 orders
of magnitude greater than the key space for DES and would seem to as a Mono-alphabetic
substitution cipher, because a single cipher alphabet is used per message. There is however,
another line of attack. If one analytically knows the nature of the plain text, then the analyst
can exploit the regularities of the language.

Example
For each character of alphabet, assign different-abrupt concerned character.

a b c d e f g h i j k l m

Z Y X W V U T S R Q P O N

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

n o p q r s t u v w x y z

M L K J I H G F E D C B A

Plain text: goodmorning

Cipher text: TLLWNLIMRMT

Limitations:-

Monoalphabetic ciphers are easy to break because they reflect the frequency data of the original
alphabet. A countermeasure is to provide multiple substitutes, known as homophones, for a single
letter.

Conclusion:

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

SEMESTER-II (23-24)

CLASS: -TE [E&TC] SUBJECT:- EL-II-NS DATE:

Name of the student: Roll No.:

EXPERIMENT NO. 4
*Implementation of Symmetric and Asymmetric Cryptography*

AIM : Implementation of Asymmetric cryptography.

OBJECTIVE:

1. To understand the concept of Asymmetric cryptography.

2. Write programs for encryption and decryption using RSA algorithm.

THEORY:

Symmetric cryptography and Asymmetric cryptography:

Symmetric cryptography uses a single key that needs to be shared among the people who need to
receive the message while asymmetric cryptography uses a pair of public key and a private key to
encrypt and decrypt messages when communicating.
RSA algorithm is based on difficulty of factorizing large number that have 2 and only 2 factors.
Works on public and private key system. The public key is made available to everyone, with this
key user can encrypt data but cannot decrypt it. The only person who can decrypt it is one who
passes the private key.
It is theoretically possible but extremely difficult to generate the private key for the public key. This
makes the RSA algorithm very popular choice in data encryption.

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

RSA algorithm:

RSA Key Setup:

• Each user generates a public/private key pair by:

• Selecting two large primes at random - p, q
• Computing their system modulus n=p.q
– note m=(p-1)(q-1)
• selecting at random the encryption key e
• where 1<e<m, gcd(e,m)=1
• Find d such that 1=de mod m
• 1=-km + de
• publish their public encryption key: PU={e,n}
• keep secret private decryption key: PR={d,n}

Encryption:

• To encrypt a message M the sender:

• obtains public key of recipient PU={e,n}
• computes: C = Me mod n, where 0≤M<n

Decryption:

• To decrypt the cipher text C the recipient:

• uses their private key PR={d,n}
• computes: M = Cd mod n

Note that the message M must be smaller than the modulus n

EXAMPLE:

We start by selecting primes p=3,q=11

n=p*q=33, m=(p-1)(q-1)=(2)(10)=20

trye=3

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

gcd(3,20)=1

Plain Text P = 9

e is co-prime form.

Find d such that 1=de mod em

1=-km + de, Where k = 1

Using the extended eluded algorithm we say,

1= -1(20)+d(3) d=7

Now late say that we want to encrypt the no x=a, we use the encryption function,

C=Pe mod n

C= 93mod 33

C = 729 mod 33

C=3

To decrypt we use the function,

P= Cd mod n

P=37 mod 33

P=2187 mod 33

P=9

Conclusion:

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

SEMESTER-II (23-24)

CLASS: -TE [E&TC] SUBJECT:- EL-II-NS DATE:

Name of the student: Roll No.:

EXPERIMENT NO. 5
*Implementation of Symmetric and Asymmetric cryptography*

AIM : Implementation of Symmetric cryptography.

OBJECTIVE:

1. To understand the concept of Symmetric cryptography.

2. Write programs for Diffie-Hellman key agreement.

THEORY:

Symmetric cryptography and Asymmetric cryptography:

Symmetric cryptography uses a single key that needs to be shared among the people who need to
receive the message while asymmetric cryptography uses a pair of public key and a private key to
encrypt and decrypt messages when communicating.

Diffie-Hellman key agreement:

Daffier-Hellman protocol allows two communication parties; say Alice and Bob to create a Symmetric
session key without need of KDC (key distribution centre)

Diffie-Hellman protocol:

Alice and Bob choose two numbers P&Q which are public.

‘p’ is large prime of the order of 1024 bits.

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

‘q’ is a generator of order R1 in the group 2*p

Alice chooses a large random number ‘x’ in the range 0 to p-1 and calculates R1=9 x mod p.

Bob chooses a large random number ‘y’ in the range 0 to p-1 and calculates R2=9 y mod p.

Alice sends R1 to Bob and Bob sends R2 to Alice

Alice calculates KA = (R2)xmod p

Bob calculates KB = (R1)y mod p

K= (9n mod p)y mod p=(gy mod p)x mod p

K=gxy mod p.

Where K is the symmetric key for the session.

Example:
• g=7
• p=23
• x=3
• y=6

Calculate:

1. R1=gx mod p.

2. R2=gy mod p.

3. Alice Key kA=(R2)xmod p

4. Bob Key kB=(R1)y mod p

5. K=gxymodp.

E&TC Department, PCCOE&R, Ravet Pune-412101

TE E&TC Network Security

Answers:

1. R1=gx mod p = 73mod23 = 343mod23 = 21

2. R2=gy mod p = 76 mod23 = 1,17,649 mod 23 =4

3 Alice Key kA =(R2)xmod p = 43 mod 23 = 18

4. Bob Key kB=(R1)y mod p = 216 mod 23 = 18

5. K=gxy mod p = 73*6 mod p = 18

Conclusion:
TE E&TC Network Security

SEMESTER-II (23-24)

CLASS: -TE [E&TC] SUBJECT:- EL-II-NS DATE:

Name of the student: Roll No.:

EXPERIMENT NO. 6
*Implementation of DES*

AIM: Implementation of DES.

OBJECTIVE:

1. To understand the concept of block cipher and symmetric key cryptography.

2. Write program for encryption and decryption using DES algorithm

THEORY:

Description of DES:

DES is a block cipher; it encrypts data in 64-bit blocks. A 64-bit block of plaintext goes in one end
of the algorithm and a 64-bit block of cipher text comes out the other end. DES is a symmetric
algorithm: The same algorithm and key are used for both encryption and decryption, the key length
is 56 bits. (The key is usually expressed as a 64-bit number, but every eighth bit is used for parity
checking and is ignored. These parity bits are the least- significant bits of the key bytes. The key can
be any 56-bit number and can be changed at any time.

Outline of the Algorithm:

DES operates on a 64-bit block of plaintext. After an initial permutation, the block is broken into a
right half and a left half, each 32 bits long. Then there are 16 rounds of identical operations called
Function f, in which the data are combined with the key. After the sixteenth round, the right and left
halves are joined, and a final permutation (the inverse of the initial permutation) finishes off the
algorithm. In each round (see Figure 1'), the key hits are shifted, and then 48 bits are selected from
the 56 bits of the key. The right half of the data is expanded to 48 bits via an expansion permutation,
combined with 48 bits of a shifted and permuted key via an XOR, sent through 8 S-boxes producing
32 new bits, and permuted again. These four operations make up Function f. The output of Function
f is then combined with the left half via another XOR. The result of these operations becomes the
TE E&TC Network Security

new half; the old half becomes the new left half. These operations are repeated 16 times, making 16
rounds of DES.
If B; is the result of the ith iteration, L, and R: are the left and right halves of B, K is the 48-bit key
for round i, and f is the function that does all the substituting and permuting and XORing via the key,
then a round looks like:

Fig 1.DES algorithm

The Initial Permutation:

The initial permutation occurs before round 1; For example the initial permutation moves bit 58 of
the plaintext to bit position 1, bit 50 to bit position 2, bit 42 to bit position 3, and so on. The initial
permutation and the corresponding final permutation do not affect DES’s security. Its primary
purpose is to make it easier to load plaintext and cipher text data into a DES chip in byte-sized pieces.
TE E&TC Network Security

The Expansion Permutation:

This operation expands the half of the data, RI. From 32 bits to 48 bits. Because this operation
changes the order of the bits as well as repeating certain bits, it is known as an expansion permutation.

The S-BOX Substitution:

After the compressed key is XORed with the expanded block, the 48-bit result moves to a substitution
operation. The substitutions are performed by eight substitution boxes, or S-boxes. Each S-box has a
6-bit input and a a-bit output, and there are different S-boxes. (The total memory requirement for the
eight DES S.boxes is 256 bytes.) The 48 bits are divided into eight 6.bit sub-blocks. Each separate
block is operated on by a separate S-box: The first block is operated on by S-box l, the second block
is operated on by S-box 2, and so on.
Each S-box is a table of 4 rows and 16 columns. Each entry in the box is 16 bit number. The 6 input
bits of the S-box specify under which row and column number to look for the output.
TE E&TC Network Security

Fig 2. S-boxes

The P-Box Permutation

The 32-bit output of the S-box substitutions permuted according to a P-box. This permutation maps
each Input bit to an output position; no bits are used twice and no bits are ignored. This is called a
straight permutation or just a permutation. the position to which each bit moves. For example, bit 21
moves to bit 4, while bit 4 moves to bit 31.

The Final Permutation

The final permutation is the inverse of the initial permutation the left and right halves are not
exchanged after the last round of DES; instead the concatenated block R16L16 is used as the input
to the final permutation. There's nothing going on exchanging the halves and shifting around the
permutation would yield exactly the same result. This is so that the algorithm can be used to both
encrypt and decrypt.

Conclusion:
TE E&TC Network Security

AIM : Implementation of Steganography.

OBJECTIVE:

1. To understand the concept of Steganography.

2. Write programs for concealing a message within another message (image file).

TOOLS: Xiao Stenography tool

THEORY:
Steganography is the process of hiding a secret message within a larger one in such a way that
someone cannot know the presence or contents of the hidden message. The purpose of
Steganography is to maintain secret communication between two parties. Unlike cryptography,
which conceals the contents of a secret message, steganography conceals the very fact that a
message is communicated. Although steganography differs from cryptography, there are many
analogies between the two, and some authors classify steganography as a form of cryptography
since hidden communication is a type of secret message.

Advantage of using Steganography over Cryptography?

Up to now, cryptography has always had its ultimate role in protecting the secrecy between the
sender and the intended receiver. However, nowadays steganography techniques are used
increasingly besides cryptography to add more protective layers to the hidden data. The advantage
of using steganography over cryptography alone is that the intended secret message does not attract

attention to itself as an object of scrutiny. Plainly visible encrypted messages, no matter how
unbreakable they are, arouse interest and may in themselves be incriminating in countries in which
encryption is illegal.

E&TC Department, PCCOE&R, Ravet Pune-412101

TE E&TC Network Security
Types of Steganography
Steganography works have been carried out on different transmission media like images, video,

text, or audio.

There are different ways to hide a message. When a file or image is created, some bytes in the
file or image are not necessary and can be replaced with a message without destroying the
original message. In this way the secret message is hidden. There are different types of
steganography. The most common are:
A) Steganography in Images
Digital images are used widely and since they are available in various formats the algorithm
used differs completely. Some common kinds are:
● Least significant bit insertion.
● Masking and filtering.
● Redundant Pattern Encoding.
● Encrypt and Scatter.
● Algorithms and transformations.
● Least significant bit insertion.
B) Steganography in Audio
Implanting a secret message in audio is most difficult as the human brain has a wide
range of auditory capacity. A few methods used are:
● LSB coding.
● Parity coding.
● Phase coding.
● Spread spectrum.
● Echo hiding.
C) Steganography in Video
In this, a video file will be embedded with supplementary data that will hide the secret
message. Some widely known approaches are

E&TC Department, PCCOE&R, Ravet Pune-412101

TE E&TC Network Security
● Least Significant Bit Insertion.
● Real-time Video Steganography.
D) Steganography in Documents
This involves focusing on altering the characteristics of documents. Most people can read
documents and therefore there are several ways in which this can be achieved. A few ways
this is done are:
● Hiding information in plain text by adding white space and tabs to the end of the
lines of documents.
● Using a widely available cover source like a book or newspaper and using a code
comprising of a combination of numbers, letters, or line number. This way the
information inside the cover source will not reveal the hidden message and the only
way to decode is to gain the key.
● The use of background color and font is another widely used technique for steganography. It
is widely used in Microsoft Word documents.

Basic Steganographic Model

E&TC Department, PCCOE&R, Ravet Pune-412101

TE E&TC Network Security

As seen in the above image, both the original image file(X) and secret message (M) that needs to
be hidden are fed into a steganographic encoder as input. Steganographic Encoder function,
f(X,M,K) embeds the secret message into a cover image file by using techniques like least
significant bit encoding. The resulting stego image looks very similar to your cover image file,
with no visible changes. This completes encoding. To retrieve the secret message, stego object is
fed into Steganographic Decoder.

1. TECHNIQUES
Steganography techniques used help in concealing the message to the best possible extent to
ensure that it is revealed only at the destination. Some of the techniques used are:
A) Least Signi icant bit
The attacker identifies the least significant bits of information in the carrier file and
substitutes it with the secret message, in most cases, malicious code. Once the target
downloads the file, the malware is introduced in the computer that allows the hacker or
attacker to access the device.
Sandboxes are sued to detect these corrupt files but hackers have invented ways like sleep
patching to bypass these. Sleep patched malware is not detected by sandbox as it is benign and
takes time to be detected.
B) Palette Based Technique
This uses digital images as malware carriers where attackers first encrypt the message, hide
it in a wide palette of the cover image. It can carry only limited amounts of data but still
frustrates cyber security professionals as the data is encrypted and takes time to decrypt.
C) Secure Cover Selection
A very complex technique, cybercriminals have to compare blocks of the carrier image to
specific blocks of specific malware. It involves finding the right match to carry the malware.
The identical match is fitted carefully into the carrier image. With the resulting image being
identical to the original it becomes even more difficult to detect by software applications and
cybersecurity software.
2. EXAMPLES
Steganography is more an art than a science. It involves using careful techniques to hide the
message and execute it. There is no limit to the ways steganography can be used with such a
wide range of technology available today. A few examples are:
1. Playing a video at a faster frame rate to unveil a hidden message.
2. Inserting a message in the red, green, or blue channel of an RGB image.
3. Playing an audio track backward to reveal a hidden message.
4. Encrypting a message or image within a photo through the addition of noise or sound.
5. Hiding information with the file header or metadata.

E&TC Department, PCCOE&R, Ravet Pune-412101

TE E&TC Network Security
A simple example of steganography would be a message in plain text. For example, the
following sentence:

“This example comprises higher technical evidence regarding modern situations”. ( The first
letter of each word reveals the phrase “TechTerms”.

Steganography uses are primarily restricted to hackers who use steganographic applications
to embed a malicious code. A hacker alters the least significant bit of any file and encrypts it
with malicious code. Once this code is downloaded by the user either by opening a file or
image the malware is activated. This can in turn help the attacker to gain control over the
network of the user or destroy any intended content. The difference between the original file
or image or stenographed image or file is so subtle and it cannot be detected by the naked
eye.
Procedure:
1) Start the latest version of any steganography tool.

2) Load any target image, which is used to hide the plain text (Secret message). Press Next.

E&TC Department, PCCOE&R, Ravet Pune-412101

TE E&TC Network Security

3) Add plain text file to the image file. Press Next

4) Choose one of the given encryption and hashing algorithm. Also give password for the stego
image. Press next.

E&TC Department, PCCOE&R, Ravet Pune-412101

TE E&TC Network Security

5) Save the new stego image file at desired location. The process is finished.

E&TC Department, PCCOE&R, Ravet Pune-412101

TE E&TC Network Security

Output:
Encrypted image:

Decrypted file:

E&TC Department, PCCOE&R, Ravet Pune-412101

TE E&TC Network Security

Conclusion:

E&TC Department, PCCOE&R, Ravet Pune-412101

 T.E. (E & TC) Network Security

SEMESTER-II (23-24)

CLASS: -TE [E&TC] SUBJECT:- EL-II-NS DATE:

Name of the student: Roll No.:

EXPERIMENT NO. 8
*Web Browser Security*

AIM : Steps to ensure Security of any one web browser (Mozilla Firefox/Google Chrome).

OBJECTIVE:
1. To understand the concept of web security.
2. Secure Mozilla Firefox web browser for various aspects.

TOOLS: Mozilla Firefox, uBlock Origin (open-source, cross-platform browser extension)

THEORY:
To provide the security to this internet various protocols have been used like SSL (Secure
Socket Layer), TLS (Transport Layer Security), etc.

a) SSL Protocol
SSL Protocol stands for Secure Socket Layer protocol, which is an internet security protocol
used for exchanging the information between a web browser and a web server in a secure
manner. It provides two basic security services like authentication and confidentiality. SSL
protocol has become the world’s most popular web security mechanism, all major web
browsers support SSL. Secure socket layer protocol is considered as an additional layer in
TCP/IP protocol
suite. It is located between the application layer and the transport layer. SSL has three sub
protocols namely Handshake Protocol, Record Protocol, and Alert Protocol.

b) TLS Protocol
TLS stands for Transport Layer Security, which is an internet security protocol. Transport layer
security protocol uses a pseudo random function to create a master secret. TLS also has three
sub protocols same as SSL protocol – Handshake Protocol, Record Protocol, and Alert
Protocol. In Handshake Protocol some details are changed, Record Protocol uses HMAC, Alert
protocol newly added features like record overflow, Unknown CA, Decryption failed, Decode
error, Access denied, Export restrictions, Protocol version, insufficient security, internal error.
Transport layer security is defined in RFC 2246.

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

c) SHTTP
SHTTP stands for Secure Hyper Text Transfer Protocol, is a set of security mechanism defined
for protecting internet traffic. It also includes data entry forms and internet based transaction.
Secure Hyper Text Transfer Protocol works at the application layer, and therefore tightly
coupled with HTTP. SHTTP supports both authentication and encryption of HTTP traffic
between the client and the server.
d) SET Protocol
SET Protocol stands for Secure Electronic Transaction protocol is an open encryption and
security mechanism designed for protecting the eCommerce transaction over the internet. SET
is not a payment system, it is a security protocol used over the internet for secure transaction.
e) PEM Protocol
PEM Protocol stands for privacy enhanced mail, used for email security over the internet.
Enhanced Mail protocol is described in four specific documents RFC 1421, RFC 1422, RFC
1423, and RFC 1424. It supports cryptographic functions namely encryption, nonrepudiation,
and message integrity.
f) PGP Protocol
PGP Protocol stands for Pretty Good Privacy, which we developed by Phil Zimmerman. PGP
protocol is easy to use and free including its source code documentation. It also supports the
basic requirements of cryptography. PGP protocol becomes extremely popular and more
widely used as compared to PEM protocol. PGP protocol support cryptography like encryption,
Non- repudiation, and message integrity.

1. Web Browser Security

Web browser security consists of all measures, procedures, and policies necessary to protect
users accessing the Internet from a web browser application. Almost everyone who is online
has a web browser available on their computer or mobile device. Since it is so common, hackers
and other cybercriminals prefer to launch compromising attacks on this client-side application.
A web browser can store information for your convenience, but others may eventually access
the information. Therefore, it provides a large surface area for exposure to email accounts,
usernames, all sorts of passwords, and personal or corporate information. Attackers often target
the web browser to hijack or sniff on the web traffic from it. They may also use it as a means
to access the device itself or any files available on it.

2. Why Secure Your Browser

Today, web browsers such as Microsoft Internet Explorer, Mozilla Firefox, and Apple Safari
are installed on almost all computers. Because web browsers are used so frequently, it is vital

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

to configure them securely. Often, the web browser that comes with an operating system is not
set up in a secure default configuration. Not securing your web browser can lead quickly to a
variety of computer problems caused by anything from spyware being installed without your
knowledge to intruders taking control of your computer.
Ideally, computer users should evaluate the risks from the software they use. Many computers
are sold with software already loaded. Whether installed by a computer manufacturer, operating
system maker, Internet service provider, or by a retail store, the first step in assessing the
vulnerability of your computer is to find out what software is installed and how programs will
interact with each other. Unfortunately, it is not practical for most people to perform this level
of analysis.
There is an increasing threat from software attacks that take advantage of vulnerable web
browsers. We have observed new software vulnerabilities being exploited and directed at web
browsers through use of compromised or malicious websites. This problem is made worse by
a number of factors, including the following:
● Many users have a tendency to click on links without considering the risks of their actions.
● Web page addresses can be disguised or take you to an unexpected site.
● Many web browsers are configured to provide increased functionality at the cost of decreased

security.
● New security vulnerabilities are often discovered after the software is configured.
● Computer systems and software packages may be bundled with additional software, which
increases the number of vulnerabilities that may be attacked.
● Third-party software may not have a mechanism for receiving security updates.
● Many websites require that users enable certain features or install more software, putting the
computer at additional risk.
● Many users do not know how to configure their web browsers securely.
● Many users are unwilling to enable or disable functionality as required to secure their web
browser.
As a result, exploiting vulnerabilities in web browsers has become a popular way for attackers
to compromise computer systems.
3. How Attackers Target the Browser
The web browser can display text documents, play multimedia files, and allow users to play
games or interact with forms and all other content on the Internet. The versatility of the web
browser is good, but this also makes it more challenging to secure since there are more “weak
points” an attacker could exploit. The most vulnerable parts of a web browser are as follows:
a) Connections to DNS servers, websites, and other online resources

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

A DNS server is the bridge between the browser and the content from any site. It points the
browser to the correct website, and the site makes the appropriate content available to the
browser. Many attacks compromise and intercept this communication, and it can occur at one
of several points. The goal is often to redirect the browser to a malicious website, where the
browser (and by implication, the user) encounters drive by downloads, exploit kits, and
unwanted content.

b) Browser plugins
Browsers are frameworks on which users can install third-party tools to be more
comprehensive. However, such plugins may contain vulnerabilities that cyber-attacks can
exploit to snoop on the browser’s web traffic, hijack it, and install malware or carry out harmful
actions on the device. Finance-related data is lucrative for such browser attacks.

c) Browser-specific vulnerabilities
Flaws in a browser can enable attackers to sniff sensitive data passing through the web browser,
such as when the user fills web forms. These flaws may also give criminal elements
unwarranted access to devices.

4. How to Improve Web Browser Security

In computing circles, this is also called “hardening the browser” by taking measures to improve
security and prevent attacks. Note that it’s nearly impossible to achieve 100% impenetrability,
but attackers will have a much harder time succeeding.

a) Use the latest web browser version

Users should get the latest updates of their web browser software. Vendors often release updates
of their browsers, adding new functionality or improving existing features. The most critical
security features include:

● Anti-phishing: Assess and filter suspicious links in search results or on a webpage.

● Anti-malware: Scan and block downloading of suspicious files.
● Pluginsecurity: Analyze and block insecure plugins.
● Sandbox: Build a fence around web browser processes to prevent access to the operating

system. A few browsers include an auto-update function, notifying the user of updates.

b) Restrict user access

It is advisable to use the web browser from a limited user account without administrator
privileges. It limits the ability of any malware that succeeds in infecting the machine to have

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

little to no room to operate within the machine.

c) Use custom security settings
Even though the controls differ, modern browsers often allow some customisation of security-
related settings. The recommendation is to set the following settings as high as possible:
● Block fake sites: Always enable this feature to prevent unplanned visits to malicious websites.
● Camera & Microphone: These should never run automatically. The browser should confirm

if the user wants to use the camera or microphone at any time.

● Cookies: Completely disable cookies. Users should only enable cookies if a trusted site needs

them.
● JavaScript: Same rule as for cookies.
● Plugins/Add-ons: Same rule as for cookies and JavaScript
● Pop-up windows: Same rule as for cookies, JavaScript, and Plugins/Add-ons.

d) Only include plugins that improve security or those you will use
The best thing users can do with plugins is to remove them if they are not using them regularly.
With a few clicks, it is easy to re-enable or re-install them when needed. The advantage of
removing them is that they can minimize potential points for compromise. Some plugins
improve web browser security. Security professionals recommend the following for all
browsers:

● Flash block: This add-on will prevent Flash ads from playing until the user opts to allow them.
● HTTPS Everywhere: This plugin encrypts a user’s web browsing traffic.
● No Script or Script Safe: These programs are popular and block scripts on websites unless
the user explicitly accepts to run them.
e) Other steps users can take to harden the browser
All of these actions focus on manipulating the browser to be more secure. It is also advisable
to add another layer of security such as implementing firewalls, installing antivirus software,
and avoiding unsafe behaviour, the Home Network Security Incident document outlines.
5. Using Multiple Browsers
A user may install multiple web browsers as a way to improve security. Document viewers and
email clients may use another browser or offer various functionalities depending on the browser
in use. Specific browsers may be necessary to open certain file types. The point is that one web
browser will not necessarily fit all of a user’s applications and purposes. It is therefore essential
to securely configure each web browser available on a computer. There is a distinctive
advantage in dedicating one web browser for sensitive activities such as online banking while
dedicating another for general-purpose web browsing. The use of multiple browsers greatly

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

minimizes the probability of compromising sensitive information in a specific browser,

website, or software.
Improving internet security for web browsers will protect networked data and computer devices
from malware or privacy breaches.
Procedure:
1) Install add on uBlock Origin (or uBlock₀) to Mozilla browser.
It is not an ad blocker; it's a general-purpose blocker. uBlock Origin blocks ads through its
support of the Adblock Plus filter syntax. uBlock Origin extends the syntax and is designed to
work with custom rules and filters. Furthermore, advanced mode allows uBlock Origin to work
in default-deny mode, which mode will cause all 3rd-party network requests to be blocked by
default, unless allowed by the user.

https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/

With uBlock origin installed but turned OFF both legitimate and non-legitimate
advertisements are visible.

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

With uBlock origin installed and turned ON both legitimate and non-legitimate
advertisements are blocked.

Pop ups are commonly used by threat actors as a means to infect computers with malicious
code. The pop up may try to coerce users into accessing unsafe web pages, or downloading
malware. There are various techniques for forcing users to interact with the popup—attackers
may create a popup that cannot be closed, or include a warning that will urge the user to
download a malicious payload.

2) Go To dashboard of uBlock Origin and choose preferences.

E&TC Department, PCCOE&R, Ravet Pune-412101

 T.E. (E & TC) Network Security

3) Open Mozilla Firefox Browser, Go to settings, then go to Privacy &

Security. Privacy and security settings | Firefox Help (mozilla.org)

4) To keep your information safe and secure with Firefox's private browsing, password features
and other security settings, configure the following preferences;
a) HTTPS-Only Mode in Firefox
b) When you use HTTPS-Only Mode, this ensures all of your connections are encrypted and
secure. So you have peace of mind that no one can snoop on the content of the pages you visit
or hack into your connection to a website to steal your passwords, credit card information, or
other personal information. This is especially useful when you are using a public WiFi where
you can’t be sure of the integrity of your internet connection.

Some websites only support HTTP and the connection cannot be upgraded. If HTTPS-Only Mode is
enabled and a HTTPS version of a site is not available, you will see a “Secure Connection Not
Available” page: If you click Continue to HTTP Site you accept the risk and then will visit a HTTP
version of the site. HTTPS-Only Mode will be turned off temporarily for that site. Click the Go Back
button if you want to avoid any unencrypted connections.

E&TC Department, PCCOE&R, Ravet Pune-412101

T.E. (E & TC) Network Security

b) Does Firefox share my location with websites?

Firefox doesn’t share your location without your permission, by default, Firefox uses Google
Location Services to determine your location by sending:
● your computer’s IP address,
● information about the nearby wireless access points, and a random client identifier, which is
assigned by Google, that expires every 2 weeks.

Google Location Services then returns your estimated geolocation. The information is
exchanged over an encrypted connection to protect your privacy. Once Firefox has your
location information, it passes it to the website that requested it. The name and location of the
website you are visiting are never shared with Google Location Services.

c) Manage your camera and microphone permissions with Firefox

d) Smart Block for Enhanced Tracking Protection

Smart Block stands in for common tracking scripts, which are blocked by private browsing
mode and strict tracking protection. By doing so, it lets pages load more fully, with less
breakage, without you having to do anything — all while keeping those tracking scripts
blocked.

E&TC Department, PCCOE&R, Ravet Pune-412101

 T.E. (E & TC) Network Security

e) Enhanced Tracking Protection & Total Cookie Protection in Firefox

Enhanced Tracking Protection in Firefox automatically protects your privacy while you
browse. It blocks cookies & trackers that follow you around online to collect information about
your browsing habits and interests without breaking site functionality. It also includes
protections against harmful scripts, such as malware that drains your battery. Enabling Total
Cookie Protection within Enhanced Tracking Protection will block third-party cookies to
prevent tracking companies from tracking your browsing from site to site. However, this may
cause some websites not to work correctly, which is referred to as site breakage. By default,
Firefox blocks the following types of trackers and scripts.
● Social media trackers
● Cross-site tracking cookies (also isolates remaining cookies)
● Fingerprinters

● Cryptominers

● Tracking content: These trackers are hidden in ads, videos, and other in-page content. In
Standard mode, tracking content is blocked in Private Windows. To add this protection in
all windows, visit your privacy preferences and select Strict or Custom.

f) Site Information panel

E&TC Department, PCCOE&R, Ravet Pune-412101

 T.E. (E & TC) Network Security

The Site Information panel in Firefox tells you about a website's connection security and identity.
A padlock icon in the address bar will indicate whether the connection to the website is fully secure. For more
information, click the padlock to open the Site Information panel. This panel shows you whether the current
connection is classified as secure.

g) Autofill logins on Firefox

Firefox lets you control whether or not to auto fill your logins and passwords. Disable auto save for
specific websites.
To prevent Firefox from saving logins and passwords for a certain website:

1. Click on the menu button to open the menu panel.

2. Click Passwords. The Firefox about:logins page will open in a new tab.
3. Click the Firefox logins menu (three dots), then click Options.

E&TC Department, PCCOE&R, Ravet Pune-412101

 T.E. (E & TC) Network Security

h) Telemetry collection and deletion

Firefox collects telemetry data by default to help improve the performance and stability
of Firefox. Telemetry data is made up of two data sets: interaction data and technical data.

i) Automatically fill in credit card data on Web forms

Manage credit card autofill settings in Firefox version 81 and above. Firefox lets you automatically fill
in your saved credit card information on Web forms (for example, when you're ordering something
online). As a precaution, your CVV number is not saved. You can also choose to password protect your
credit card data for an additional layer of protection.

Note: Many other security and privacy settings are available with the browser. Privacy and security settings
| Firefox Help (mozilla.org)

Conclusion:

E&TC Department, PCCOE&R, Ravet Pune-412101