Category Archives: Computer science

DIGITAL FORENSIC

Question

The final project will be placed in the Doc Sharing area at the beginning of Week 6. It is an individual project and you have Weeks 6 and 7 to complete it. Its name is ccsi460FinalProject.zip and is a 14.8MB compressed file. The zip file contains the disk image acquired through FTK Imager and the original FTK acquisition report. The image file is 15.5MB uncompressed so make sure your hard drive has that amount of space free.

Your case is to investigate the Intelligent Imaging Solutions (IIS) image and objectively report on the following.

Your determination of the IIS source code exposure, along with suspects and methods used for the exposure.
Your determination of other suspicious and/or illegal activity within IIS.
This investigation should incorporate all previous knowledge gained in the previous CCSI courses, including Digital Crime, Forensics I, and this course.

Your copy of FTK, that you downloaded and installed in the Week 1 Lab, will be used for the investigation. Since this is a senior-level course and the final course in the forensic track, your ingenuity, knowledge, professionalism, and resourcefulness are assumed.

Sample paper

DIGITAL FORENSIC

Digital forensic is a major branch of forensic science that entails the recovery and inquiry of tools that are found in digital devices. The digital forensic is mostly related to computer crimes and other illegal activities.  The digital forensic stores evidence that is reliable in court. The evidence stored in binary form is reliable in a court of law. The image or evidence is stored in a mobile phone, a computer hard drive, or a flash card in a camera. Information stored electronically is referred to as digital as it has broken down into digits: binary units of zeros (0) and one (1).

Computer images and videos are examples of data that is assembled from electronic devices and used efficiently as proof in the court of law. For example, mobile devices rely on online-based reserve structures to collect their information (Agarwal, R. et al. 2015). The structure is also referred to as cloud and provides investigators with access to images that is taken by a specific phone. Also, mobile phones stores location where the device have passed through and the time it was there. Thus, the investigators through gaining a subpoena of a definite mobile device account can assemble an abundant deal of history linked to the mobile device and the suspect that uses it.

To determine other suspicious activities, the investigator ought to seize mobile devices used for criminal activities. They should turn off the device and instantly remove the battery. The phone is then secluded to its cell tower by placing it a blocking material or Faraday bag to disallow alteration of material facts (Dezfoli, F. N. 2013). Also, they should seize standing alone computers and equipment.  The procedures will assist to determine any other suspicious activities of a criminal nature. The World Wide Web or the internet is a better technique of identifying any traffic of illegal image, reconnaissance, and information.

References

Agarwal, R., & Kothari, S. (2015). Review of digital forensic investigation frameworks. In Information Science and Applications (pp. 561-571). Springer Berlin Heidelberg.

Dezfoli, F. N., Dehghantanha, A., Mahmoud, R., Sani, N. F. B. M., & Daryabar, F. (2013). Digital forensic trends and future. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 2(2), 48-76.

Related:

BENEFITS AND HAZARDS TO ORGANIZATIONS THAT USE SOLID-STATE DRIVE (SSD) STORAGE DEVICES

 

Passwords, Access Control, and Distributed Systems

Question

An increasingly common mechanism is to ask for several pieces of security information ratherthan one. A call center might ask not just for your mother’s maiden name, a password, and theamount of your last purchase, but also your dog’s nickname and your favourite color. Suchschemes need careful evaluation of their usability and effectiveness using the tools of appliedpsychology. Design such a password protocol and evaluate its usability and effectiveness. (Averbal text description is enough.) (500 words)

Sample paper

Passwords, Access Control, and Distributed Systems

Password Protocol and its Usability & Effectiveness

Passwords are critical in ensuring security of data stored in computers and network systems. A poor choice of passwords may lead to unauthorized access of data which may be highly sensitive, leading to financial losses (Anderson, 2010). Users of various systems are responsible for creating strong passwords which are not vulnerable to security threats posed by hackers and unauthorized users. The following is a design of a password protocol and an analysis of its usability and effectiveness.

The following password protocol can be used in cases where the password cannot be sent in plain text.

Registration

  1. The JavaScript in the client browser should generate RSA (cryptosystem) keypair with a 2048 bit configuration.
  2. The client should be able to generate hash from user passwords by use of a password-based key derivation function of 2 (pbkdf2), and capable of handling 68,000 rounds.
  3. The client should be capable of using the aforementioned hash to encrypt the private key as a passphrase using an advanced encryprion standard (AES) 128 in the OpenSSH format. The OpenSSH format enhances connectivity during remote login while using the SSH protocol. This eliminates critical security issues such as connection hijacking and eavesdropping.
  4. Lastly under registration, the client should be able to pass the encrypted private key, password-based key derivation function 2 (pbkdf2), username and the public key to the specified server.

Login Information

  1. In the initial step, the client should request the private key (encrypted) when providing login name. In addition, the client should request the pbkdf2 salt also when providing the login name.
  2. In this step, the client should produce hash from password, and by making use of the pbkdf2 and 68000 rounds as well as the salt all derived from the server.
  3. The client uses the pbkdf hash in the decryption of the private key.
  4. The client at this point should ask for a particular challenge from the respective server.
  5. In this step the server should respond by sending a challenge that was requested in the previous part. The challenge should be encrypted by application of a user public key. This uses the cryptography.
  6. At this point the client should decrypt the sent challenge to plaintext which is the forwarded to the server.
  7. The server at this point generates token directed to the client for use.

 

This design of password protocol can be used in cases where there is need for user authentication without the need to send the actual password. In applying this protocol, the user would not be able to receive the password in plaintext for authentication purposes. The effectiveness of this protocol is that it cannot allow eavesdropping. Therefore, the system is immune to any dictionary attacks that may be instituted by an eavesdropper. Another effectiveness of this kind of protocol is that it can enable users to provide authentication details by themselves to the server. Lastly, it is possible to control the number of password guesses that a user can make (Anderson, 2010).

In conclusion, password protection is critical in the current environment where hackers are developing new tricks on a daily basis. The use of hashing has become a common method of enhancing password protection. The password protocol above utilizes the hashing technique to enhance security of passwords.

 

Reference

Anderson, R. (2010). Security Engineering: A Guide to Building Dependable Distributed Systems (2nd Edition). Hoboken, NJ: John Wiley & Sons.

BENEFITS AND HAZARDS TO ORGANIZATIONS THAT USE SOLID-STATE DRIVE (SSD) STORAGE DEVICES

BENEFITS AND HAZARDS TO ORGANIZATIONS THAT USE SOLID-STATE DRIVE (SSD) STORAGE DEVICES

BENEFITS AND HAZARDS TO ORGANIZATIONS THAT USE SOLID-STATE DRIVE (SSD) STORAGE DEVICES

BENEFITS AND HAZARDS TO ORGANIZATIONS THAT USE SOLID-STATE DRIVE (SSD) STORAGE DEVICES

Introduction

According to Anderson, Gagliardi, May, McCright, Tlusty & Varela (2009), Solid State Drive (SSD) storage devices have several benefits over traditional hard disk drives (HDDs). Anderson et al (1999) further noted that with no rotational or seek time delays, SSDs have the potential to deliver considerably better I/O performance than HDDs. Pham & Emami (2012) have also pointed out that SSDs deliver reliability, performance, space, as well as energy efficiencies for data centers that run applications with greater input/output operations per second (IOPS) requirements. However, one of the greatest shortcomings of SSD is cost. Additionally, SSDs do not display warning signs before failing, and their reliability or longevity, as well as their long term performance is questionable (Pham & Emami, 2012).  

Speed

One of the primary advantages of SSDs is that they are faster. Pham & Emami (2012) have noted that HDDs have for long served as the main storage medium for enterprise data centers. Their ability to execute hundreds of IOPS and superb per-gigabyte value for average workloads has earned HDDs a place in the corporate computing environment. However, there is an increasing pressure on IT managers to deliver greater or improved performance for applications that are data intensive, such as data analytics, data warehousing, virtualization, as well as other applications that can over-utilize HDD solutions (Pham & Emami, 2012).

Pham & Emami (2012) have further written that enterprise SSDs within high-performance storage arrays provide unique advantages in both value and performance for applications that need substantially high IOPS. Due to these advantages, organizations are progressively deploying SSD solutions that have the potential to deliver tens of thousands of IOPS per SSD device and use up fewer data center resources (Pham & Emami, 2012).

For instance, Sliwa (2012) has pointed out that Baron Capital Inc. uses single-level cell (SLC) SSDs for the top line of its Dell Compellent Series 3 array primarily to boost the performance of their SQL server. Sliwa (2012) further pointed out that a senior systems administrator at the financial services firm acknowledged that SSDs are particularly helpful when it comes to database transaction logs. According to the senor systems administrator, most of the read/writes occur in the database transaction logs, and placing them on SSD dramatically enhanced the performance of the database (Sliwa, 2012).    

More Value

Pham & Emami (2012) have also suggested that SSDs offer better value for numerous high-IOPS workloads. Enterprises can substitute as many as 20 HDDs with one SSD that offers greater or equivalent performance in a significantly smaller footprint for data-intensive applications. For a needed level of input/output intensity, there is a peak disk drive solution, either flash or hard disk. The performance intensity requirements will determine the mark at which single-level-cell (SLC) SSDs deliver more value than either Serial Advanced Technology Attachment (SATA) SSD or Serial-attached SCSI (SAS). Due to the fact that more HDDs would be needed to satisfy the higher IOPS (workload) requirements, SSDs offer the better value when the needs hit approximately 120 IOPS/GB.

For instance, Sliwa (2012) wrote that a storage administrator at a major retailer acknowledged that the organization’s IT department bought a couple of SSDs for its Compellent array instead of purchasing 20 or more 15,000 rpm drives after getting information from an Exchange Server expert on the IOPS needs for the transaction logs in the new version of the mail server. 

            Pham & Emami (2012) have noted the value of SSD in the real world. According to Pham & Emami (2012), flash memory SSDs provide the best value for the applications having high IOPS intensity. Storage and platform vendors utilize flash memory SSDs for resolute storage or posthaste to develop expanded caching devices. Flash memory technology has the ability to assist eliminating I/O bottlenecks and enhance overall performance. For example, NetApp uses an SSD cache to speed up read I/O performance Pham & Emami, 2012).

Reliability

With SATA and SAS interface, as well as form factor compatibility, SSDs have the capacity to be used with the existing disk back-planes, protocols and storage controllers (Pham & Emami, 2012). SSDs do not have moving parts, electromechanical arms, spinning platters, and motors. SSDs boast of greater mean time between failure (MTBF) with innate resistance to vibration, temperature variances and shock. According to parts stress analysis tests, there is a MTBF of 2 million hours for Lightning Write-Intensive SAS SSDs. On the contrary, HHD vendors can typically claim a mean time between failures (MTBF) of 1.2 million hours. Nevertheless, HDD vendors acknowledge the fact that in the real world setting, this figure might be significantly lower than the actual number (Pham & Emami, 2012).

SSD Hazards

According to Pham & Emami (2012) , there are several disadvantages or hazards to SSDs. To begin with, the price tag for SSDs per gigabyte is far much greater than HDDs. This means that an upgrade to a similar GB capacity has the potential to incur some significant costs. Another disadvantage of SSDs that has been noted by Pham & Emami (2012) is that while SSDs have the ability to withstand movement, they are vulnerable to loss of power and magnetic or electrical currents much in the same manner as flash cards. Currently, the number of large capacity SSD models is limited. However, this situation is expected to change dramatically over the course of the next few years. Pham & Emami (2012) has also noted that SSDs have a limited write cycle when compared to HDDs. According to the most recent estimates, these write cycles will continue to exist until long after the system is still under use. In fact, there is a possibility that some files could utilize write cycles frequently enough that the owner or user is affected. Moreover, despite the fact that SSDs need less power, many SSDs still use more power than the currently existing standard HDDs. This is particularly true when the device is idle. This can cause the particular device to use up energy at a faster rate (Pham & Emami, 2012). 

References

Anderson, M. Gagliardi, R. May, H. McCright, G. Tlutsy, S. & Varela W. (2009) Performance Value of Solid State Drives using IBM i. Retrieved from: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwjj597r1c_KAhWBAxoKHTGfCjwQFggcMAA&url=http%3A%2F%2Fwww.ibm.com%2Fsystems%2Fresources%2Fssd_ibmi.pdf&v6u=https%3A%2F%2Fs-v6exp1-ds.metric.gstatic.com%2Fgen_204%3Fip%3D197.211.11.118%26ts%3D1454092811842348%26auth%3Dacnmvxexbw3h7gfuvxwsnoqkjfjzv7cs%26rndm%3D0.7033630063481217&v6s=2&v6t=2834&usg=AFQjCNHnLQQZH1AJA972X6O8cgNcUQ7Bcw&bvm=bv.113034660,d.d2s

 

 Pham, D. & Emami, D. (2012) Enterprise SSD Storage Solutions: Engineered for Reliability, Speed, and Predictable Endurance for Maximum Application Value. Retrieved from:    https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwjfj9Xu18_KAhVMuBQKHSumCYUQFggcMAA&url=http%3A%2F%2Fwww.sandisk.com%2Fassets%2Fdocs%2FNetApp%2520Write-Intensive%2520SSD%2520White%2520Paper.pdf&usg=AFQjCNEpNaGJRlQmV1uUekh1Bm6IraXwDQ&bvm=bv.113034660,d.bGQ

Sliwa, . (2012) “Enterprise IT Shops now choose SSD Storage”. Retrieved from: http://searchsolidstatestorage.techtarget.com/feature/Enterprise-IT-shops-now-choose-SSD-storage

Related:

Passwords, Access Control, and Distributed Systems