EASWARI ENGINEERINGCOLLEGE

(Autonomous)
DEPARTMENT OF INFORMATION TECHNOLOGY

191ITC711L-SECURITY LAB MANUAL

IV YEAR IT
July 2025 To Dec 2025

PREPARED BY APPROVED BY

Dr. M. Hema, AP(Sr.Gr)/IT HOD

Dr.B.Chandra,AP/IT
Dr.M.A. Gunavathie
 Periods per
week Credits
191ITC711L SECURITY LABORATORY L T P R
0 0 4 0 2

PREREQUISITES:
NIL

COURSE OBJECTIVES:
1. Be exposed to the different cipher techniques.
Learn to implement the algorithms DES, AES, RSA,
2.
and SHA-1.
3. Understand authentications scheme using Digital signature algorithm.
4. Use network security tools and vulnerability assessment tools.
5. To implement code for various authentication algorithms.

LIST OF PROGRAMS:

Perform encryption, decryption using the following substitution techniques (i) Ceaser
1.
cipher, (ii) playfair cipher iii) Hill Cipher iv) Vigenere cipher
Perform encryption and decryption using following transposition techniques (i) Rail
2.
fence (ii) row & Column Transformation
3. Apply DES algorithm for practical applications.
4. Apply AES algorithm for practical applications.
5. Implement RSA Algorithm using practical applications.
6. Implement the Diffie-Hellman Key Exchange algorithm for a given problem.
7. Calculate the message digest of a text using the SHA-1 algorithm.
8. Implement the SIGNATURE SCHEME – Digital Signature Standard.
Demonstrate how to provide secure data storage, secure data transmission and for
9.
creating digital signatures (GnuPG).
10. Demonstrate intrusion detection system (ids) using any tool eg. Snort or any other s/w.
Automated Attack and Penetration Tools Exploring N-Stalker, a Vulnerability Assessment
11.
Tool.
12. Defeating Malware (i) Building Trojans (ii) Rootkit Hunter
13. Setup a honey pot and monitor the honeypot on network (KF Sensor)

TOTAL PERIODS: 60
COURSE OUTCOMES:
Upon completion of this course, student will be able to:
CO1: Build code for classical Encryption Techniques to solve the real time problems.
CO2: Model cryptosystems by applying symmetric and Asymmetric algorithms.
Design Secure communication system by using various public key cryptography
CO3:
algorithms.
CO4: Construct code for authentication algorithms to improve security.
CO5: Apply various open source tools to create network security system.
CO6: Develop a signature scheme using Digital signature standard.

LIST OF EQUIPMENTS:

1. HARDWARE:
● Standalone desktops
2. SOFTWARE
o JDK/Turbo C for algorithm implementation.
o Python for scripting exercises.
o GnuPG for encryption/signing.
o Snort, Nmap, OpenVAS for security tools.
o Virtual Machines (for malware analysis).

Software Download Links:

● Visual Studio Code: https://code.visualstudio.com/download
● Snort - https://www.snort.org/downloads
● N-Stalker - https://www.nstalker.com/products/editions/free/download/
● GMER - http://www.gmer.net/
● JAVA - https://www.java.com/en/download/
 LIST OF EXPERIMENTS

Ex. No
Date Name of the Experiment
Mark Sign

1 Perform encryption, and decryption using the following substitution

techniques
i. Ceaser cipher
ii. Playfair cipher
iii. Hill Cipher
iv. Vigenere cipher
2 Perform encryption and decryption using the following transposition
techniques
i. Rail fence
ii. Row & Column Transformation
3 Apply DES algorithm for practical applications.
4 Apply AES algorithm for practical applications.
5 Implement RSA Algorithm using Practical Applications
6 Implement the Diffie-Hellman Key Exchange algorithm for a given
problem.
7 Calculate the message digest of a text using the SHA-1 algorithm.
8 Implement the SIGNATURE SCHEME - Digital Signature Standard.
9 Demonstrate how to provide secure data storage ,secure data
transmission and for creating digital signature(GnuPG)

10 Demonstrate intrusion detection system (ids) using any tool eg.

Snort or any
other s/w.
11 Automated Attack and Penetration Tools Exploring N-Stalker, a
Vulnerability Assessment Tool
12 Defeating Malware
i. Building Trojans
ii. Root kit Hunter
13 Setup a Honeypot and Monitor the Honeypot on network(KFsensor)
Software Download Links:

● Visual Studio Code:https://code.visualstudio.com/download

● Snort -https://www.snort.org/downloads
● N-Stalker -https://www.nstalker.com/products/editions/free/download/
● GMER -http://www.gmer.net/
● JAVA -https://www.java.com/en/download/

7
 EASWARI ENGINEERING COLLEGE
DEPARTMENT OF INFORMATION TECHNOLOGY
COURSE PLAN
Academic Year 2024-2025
Regulation – 2019 -V21
Course/Branch : B.TECH / IT Total no. of hours
given in syllabus:
Subject Code : 191ITC711L Lecture 0
Subject Title : Security Lab Tutorials 0
Year/Semester : IV/VII Practical 60
Faculty Name : Dr..M.Hema,AP(Sr.Gr)/IT TOTAL 60
Mrs.B.Chandra,AP/IT

COURSE OBJECTIVES:
1. Be exposed to the different cipher techniques.
2. Learn to implement the algorithms DES, AES, RSA, andSHA-1
3. Understand authentication scheme using digital signature algorithm.
4. Use network security tools and vulnerability assessment tools.
5. To implement code for various authentication algorithms.

Ex. Allotted CO
No. Experiment Name
hours Mapping
Perform encryption, and decryption using the following substitution
techniques
1. Caesar cipher
 Implement encryption and decryption using Caesar cipher
 Allow user to input plaintext and shift value
 Handle both uppercase and lowercase letters
2.Play fair cipher
 Create a program to generate the 5x5 Playfair matrix from
1 a keyword 6 Hours CO1
 Implement encryption and decryption algorithms
3. Hill Cipher
 Implement matrix operations for Hill cipher
 Allow user to input plaintext and encryption matrix
 Handle padding for incomplete blocks
4. Vigenere cipher
 Create a Vigenère encryption/decryption program
 Implement keyword processing (repeating as needed)
Perform encryption and decryption using the following transposition
techniques
2 6 Hours CO2

8
 1. Rail fence
 Implement encryption using variable depth rail fence
 Create decryption algorithm to recover original text
 Visualize the rail fence pattern
2. Row & Column Transformation
 Implement encryption using row-column transposition
 Use a keyword to determine column order
 Handle padding for incomplete blocks
 Implement decryption process
Apply DES algorithm for practical applications.
 Implement basic DES encryption/decryption 3 Hours
3 CO2
 Demonstrate key generation process
 Show each round of Feistel network
Apply AES algorithm for practical applications.
 Implement AES-128 encryption
3 Hours
4  Demonstrate key expansion CO3
 Show each round transformation
 Compare with built-in cryptographic libraries
Implement RSA Algorithm using Practical Applications
 Generate RSA key pairs (p, q, n, φ(n), e, d)
5  Implement encryption and decryption 6 Hours CO3
 Demonstrate signing and verification
 Compare performance with different key sizes
Implement the Diffie-Hellman Key Exchange algorithm for a
given problem.
 Simulate key exchange between two parties
6 6 Hours CO3
 Demonstrate vulnerability to man-in-the-middle
 Show how shared secret is generated
 Compare with pre-shared key approaches
Calculate the message digest of a text using the SHA-1
algorithm.
7  Calculate message digest for sample texts 6 Hours CO3
 Demonstrate avalanche effect
 Compare with other hash functions (MD5, SHA-256)
Implement the SIGNATURE SCHEME - Digital Signature
Standard.
 Implement DSA signature generation
8 3 Hours CO5
 Create signature verification process
 Demonstrate tamper detection
 Compare with RSA signatures

9
 Demonstrate how to provide secure data storage, secure data
transmission and for creating digital signature(GnuPG)
 Generate PGP key pairs
9 3 Hours CO4
 Encrypt/decrypt files and messages
 Create and verify digital signatures
 Configure key trust levels

Demonstrate intrusion detection system (ids) using any tool

eg. Snort or any other s/w.
 Install and configure Snort IDS
10 3 Hours CO4
 Create custom detection rules
 Analyze network traffic logs
 Simulate attacks and monitor detection
Automated Attack and Penetration Tools Exploring N-
Stalker, a Vulnerability Assessment Tool 3 Hours
 Perform network scanning with Nmap
11 CO3
 Use N-Stalker or OpenVAS for vulnerability scanning
 Generate security assessment reports
 Recommend mitigation strategies
Defeating Malware
6 Hours
i) Building Trojans
 Analyze sample trojan behavior
12  Examine system changes made by malware CO4
ii) Root kit Hunter
 Use Rootkit Hunter for detection
 Examine system changes made by malware
 Implement prevention measures
Setup a Honey pot and Monitor the Honey pot on network
(KF sensor) 3 Hours
 Configure KF Sensor or similar honeypot
13 CO6
 Monitor attack patterns
 Analyze collected threat data
 Create incident response plan

Content Beyond Syllabus

Triple DES.
 Implement basic T-DES encryption/decryption
1. 3 Hours CO6 / PSO2
 Demonstrate key generation process
 Show each round of changes.

Course Outcome:

Course Name: Security Lab

10
 Build code for classical Encryption Techniques to solve the real time
C406.1
problems.
C406.2 Model cryptosystems by applying symmetric and Asymmetric algorithms.
SEM C406.3 Design Secure communication system by using various public key
VII cryptography algorithms.
C406.4 Construct code for authentication algorithms to improve security.
C406.5 Apply various open source tools to create network security system.
C406.6 Develop a signature scheme using Digital signature standard.

11
 Program Outcomes (PO)
[1] Engineering knowledge: Apply the knowledge of mathematics, science, engineering
fundamentals, and an engineering specialization to the solution of complex engineering
problems.
[2] Problem analysis: Identify, formulate, research literature, and analyze complex
engineering problems reaching substantiated conclusions using first principles of
mathematics, natural sciences, and engineering sciences.
[3] Design/development of solutions: Design solutions for complex engineering
problems and design system components or processes that meet the specified needs with
appropriate consideration for the public health and safety, and the cultural, societal, and
environmental considerations.
[4] Conduct investigations of complex problems: Use research-based knowledge and
research methods including design of experiments, analysis and interpretation of data, and
synthesis of the information to provide valid conclusions.
[5] Modern tool usage: Create, select, and apply appropriate techniques, resources, and
modern engineering and IT tools including prediction and modeling to complex
engineering activities with an understanding of the limitations.
[6] The engineer and society: Apply reasoning informed by the contextual knowledge to
assess societal, health, safety, legal and cultural issues and the consequent responsibilities
relevant to the professional engineering practice.
[7] Environment and sustainability: Understand the impact of the professional
engineering solutions in societal and environmental contexts, and demonstrate the
knowledge of, and need for sustainable development.
[8] Ethics: Apply ethical principles and commit to professional ethics and
responsibilities and norms of the engineering practice.
[9] Individual and team work: Function effectively as an individual, and as a member
or leader in diverse teams, and in multidisciplinary settings.
[10] Communication: Communicate effectively on complex engineering activities with the
engineering community and with society at large, such as, being able to comprehend and
write effective reports and design documentation, make effective presentations, and give
and receive clear instructions.
[11] Project management and finance: Demonstrate knowledge and understanding of the
engineering and management principles and apply these to one’s own work, as a member
and leader in a team, to manage projects and in multidisciplinary environments.
[12] Life-long learning: Recognizethe need for, and have the preparation and ability
to engage in independent and life-long learning in the broadestcontext of technological
change
Program Specific Outcomes (PSO)

[1] To create, select, and apply appropriate techniques, resources, modern engineering and
IT tools including prediction and modelling to complex engineering activities with an
understanding of the limitations.

[2] Manage complex IT projects with consideration of ethical, environmental and risk
factors with sustainability and operational implications.

12
 MAPPING OF COURSE OUTCOMES WITH THE PROGRAM OBJECTIVES:

CO/PO PO1 PO2 PO3 PO4 PO5 PO6 PO7 PO8 PO9 PO10 PO11 PO12 PSO1 PSO2
CO1 3 3 3 3 3 2 2 2 2 2 3 2 3 2
CO2 3 3 3 3 3 2 2 2 2 2 3 2 3 2
CO3 3 3 3 3 3 2 3 2 2 2 3 2 3 2
CO4 3 3 3 3 3 2 3 2 2 3 3 2 3 2
CO5 3 3 3 3 3 2 3 2 2 3 3 2 3 2
CO6 3 3 3 3 3 2 3 2 2 3 3 2 3 2
3 3 3 3 3 2 3 2 2 3 3 2 3 2
Justification
Comparing the various Cryptographic Techniques enable the students to apply the
same to the solution of complex engineering problems hence it maps strongly
with PO1 Implementing the various Cryptographic Techniques will enable the
students to design solutions for complex engineering problems to meet the
specified needs with appropriate consideration for the public safety hence it
C406.1
maps strongly with PO3 Students will be able to apply Cryptographic Techniques
to complex engineering activities and to analyze the impact of technology on
individuals, organizations and society and hence it strongly maps strongly with
PSO1
C406.2 Implementing the algorithms like DES, RSA,MD5,SHA-1 will enable the students to
design solutions for complex engineering problems to meet the specified needs
with appropriate consideration for the public safety hence it maps strongly with PO3

C406.3 Encrypting and decrypting files or data using GNUPG will enable the students to
utilize modern engineering and IT tools including prediction and modeling to
complex engineering activities and hence maps with PO5
C406.4 To use honey pot Intrusion detection system with the help of KFSensot to detect
hackers will enable the students to assess societal and safety issues and the
consequent responsibilities relevant to the professional engineering practice and
hence strongly maps with PO6.
To use honey pot Intrusion detection system with the help of KFSensot to detect
hackers will enable the students to utilize modern engineering and IT tools
including prediction and modeling to complex engineering activities and hence maps
with PO5
C406.5 To detect Wireless Local Area Networks (WLANs) using 802.11b with Net Stumbler
enable the students to apply the same to the solution of complex engineering
problems hence it maps strongly with PO1 To detect
Wireless Local Area Networks (WLANs) using 802.11b with Net Stumbler will
enable the students to utilize modern engineering and IT tools
including prediction and modeling to complex engineering activities and hence maps
with PO5
C406.6 Implementing the Digital signature Schemes will enable the students to design
solutions for complex engineering problems to meet the specified needs with
appropriate consideration for the public safety hence it maps strongly with PO3

13
Ex. No :
Encryption and Decryption Using Ceaser Cipher
1(a) Date
:

AIM:

To encrypt and decrypt the given message by using Ceaser Cipher

encryption algorithm.

ALGORITHMS:

1. In Ceaser Cipher each letter in the plaintext is replaced by a lettersome

fixed number of positions down the alphabet.
2. For example, with a left shift of 3, D would be replaced by A, E would become
B, and soon.
3. The encryption can also be represented using modular arithmetic by first
transforming the letters into numbers, according to the scheme, A = 0, B = 1, Z
=25.
4. Encryption of a letter x by a shift n can be described ,
En(x) = (x + n) mod26
5. Decryption is performedsimilarly,
Dn (x)=(x - n) mod26

PROGRAM:

14
OUTPUT:
Simulating Caesar Cipher

Input : Anna University

Encrypted Message : Dqqd
Xqlyhuvlwb Decrypted Message :
Anna University

RESULT:
Thus the program for ceaser cipher encryption and decryption algorithm has
been implemented and the output verified successfully.

15
Ex. No :
Play Fair Cipher
1(a) Date
:
AIM:
To implement a program to encrypt a plain text and decrypt a cipher text
using play fair Cipher substitution technique.

ALGORITHM:
1. To encrypt a message, one would break the message into digrams (groups of
2 letters)
2. For example, "HelloWorld" becomes "HE LL OW ORLD".
3. These digrams will be substituted using the keytable.
4. Since encryption requires pairs of letters, messages with an odd number of
characters usually append an uncommon letter, such as "X", to
completethe finaldigram.
5. The two letters of the digram are considered opposite corners of arectangle in the
key table. To perform the substitution, apply the following 4 rules,in order, to each
pair of letters in theplaintext:

PROGRAM:

16
OUTPUT:
Simulating Playfair Cipher

Input Message : Security Lab

Encrypted Message : EABPUGYANSEZ Decrypted
Message : SECURITYLABX

RESULT:
Thus the program for playfair cipher encryption and decryption algorithm has
been implemented and the output verified successfully.

17
Ex. No :
Hill Cipher
1(c) Date
:
AIM:
To implement a program to encrypt and decrypt using the Hill cipher
substitution technique

ALGORITHM:
1. In the Hill cipher Each letter is represented by a number modulo 26.
2. To encrypt a message, each block of n letters is multiplied by an invertible n x n
matrix, again modulus26.
3. To decrypt the message, each block is multiplied by the inverse of the matrix
used forencryption.
4. The matrix used for encryption is the cipher key, and it should be
chosen randomly from the set of invertible n × n matrices
(modulo26).
5. The cipher can, be adapted to an alphabet with any number ofletters.
6. All arithmetic just needs to be done modulo the number of letters
insteadof modulo 26.

PROGRAM:
HillCipher.java

18
OUTPUT:
Simulating Hill Cipher

Input Message : SecurityLaboratory

Padded Message : SECURITYLABORATORY Encrypted
Message : EACSDKLCAEFQDUKSXU Decrypted Message :
SECURITYLABORATORY

RESULT:
Thus the program for hill cipher encryption and decryption algorithm has been
implemented and the output verified successfully.

19
Ex. No :
Vigenere Cipher
1(d) Date
:
AIM:
To implement a program for encryption and decryption using vigenere
cipher substitution technique

ALGORITHM:
1. The Vigenere cipher is a method of encrypting alphabetic text by usinga
series of different Caesar ciphers based on the letters of akeyword.
2. It is a simple form of polyalphabeticsubstitution.
3. To encrypt, a table of alphabets can be used, termed a Vigenere square,
or Vigeneretable.
4. It consists of the alphabet written out 26 times in different rows, each
alphabet shifted cyclically to the left compared to the previousalphabet,
corresponding to the 26 possible Caesarciphers.
5. At different points in the encryption process, the cipher uses
adifferent alphabet from one of the rowsused.
6. The alphabet at each point depends on a repeatingkeyword.

PROGRAM:

20
OUTPUT:
Simulating Vigenere Cipher

Input Message : SecurityLaboratory

Encrypted Message : NMIYEMKCNIQVVROWXC Decrypted
Message : SECURITYLABORATORY

RESULT:
Thus the program for vigenere cipher encryption and decryption algorithm has

21
been implemented and the output verified successfully.

22
Ex. No :
Rail Fence Cipher Transposition
2(a) Date
Technique
:
AIM:
To implement a program for encryption and decryption using rail fence
transposition technique.

ALGORITHM:
1. In the rail fence cipher, the plaintext is written downwards and diagonally on
successive "rails" of an imaginary fence, then moving up when we reach the
bottomrail.
2. When we reach the top rail, the message is written downwards again until the
whole plaintext is writtenout.
3. The message is then read off inrows.

PROGRAM:

23
OUTPUT:
Simulating Railfence Cipher
-
Input Message : Anna University, Chennai
Encrypted Message : An nvriy hnanaUiest,Ceni
Decrypted Message : Anna University, Chennai

RESULT:
Thus the java program for Rail Fence Transposition Technique has been
implemented and the output verified successfully.

24
Ex. No :
Row and Column Transformation
2(b) Date
Technique
:
AIM:
To implement a program for encryption and decryption by using row and
column transformation technique.

ALGORITHM:
1. Consider the plain text hello world, and let us apply the
simplecolumnar transposition technique as shownbelow

h e l l
o w o r
l d

2. The plain text characters are placed horizontally and the cipher
textis created with vertical format as: holewdlolr.
3. Now, the receiver has to use the same table to decrypt the cipher
textto plaintext.

PROGRAM:

25
OUTPUT:
Enter the plain text
Security Lab
SecurityLab Sreictuy

RESULT:
Thus the java program for Row and Column Transposition Technique has been
implemented and the output verified successfully.

26
Ex. No : 3 Data Encryption Standard (DES)
Date : Algorithm (User Message
Encryption )
AIM:
To use Data Encryption Standard (DES) Algorithm for a practical
application like User Message Encryption.

ALGORITHM:
1. Create a DESKey.
2. Create a Cipher instance from Cipher class, specify
thefollowing information and separated by a slash(/).
a. Algorithmname
b. Mode(optional)
c. Padding scheme(optional)
3. Convert String into Byte[] arrayformat.
4. Make Cipher in encrypt mode, and encrypt it with Cipher.doFinal()method.
5. Make Cipher in decrypt mode, and decrypt it with Cipher.doFinal()method.

PROGRAM:

27
OUTPUT:
Message Encryption Using DES Algorithm

Message [Byte Format] :[B@4dcbadb4

Message : Secret Information Encrypted
Message: [B@504bae78 Decrypted
Message: SecretInformation

RESULT:
Thus the java program for DES Algorithm has been implemented and the output
verified successfully.

28
Ex. No : 4 Advanced Encryption Standard (DES) Algorithm ( URL
Date : Encryption )

AIM:
To use Advanced Encryption Standard (AES) Algorithm for a practical
application like URL Encryption.

ALGORITHM:
1. AES is based on a design principle known as asubstitution–permutation.
2. AES does not use a Feistel network like DES, it uses variant ofRijndael.
3. It has a fixed block size of 128 bits, and a key size of 128, 192, or 256bits.
4. AES operates on a 4 × 4 column-major order array of bytes, termed thestate

PROGRAM:

29
OUTPUT:
URL Encryption Using AES Algorithm
-
Original URL :www.annauniv.edu
Encrypted URL : vibpFJW6Cvs5Y+L7t4N6YWWe07+JzS1d3CU2h3mEvEg= Decrypted URL
: www.annauniv.edu

RESULT:
Thus the java program for AES Algorithm has been implemented for URL
Encryption and the output verified successfully.

30
Ex. No : 5
RSA Algorithm
Date :

AIM:
To implement RSA (Rivest–Shamir–Adleman) algorithm by using HTML
and Javascript.

ALGORITHM:
1. Choose two prime number p andq
2. Compute the value of n andp
3. Find the value of e (publickey)
4. Compute the value of d (private key) usinggcd()
5. Do the encryption and decryption
a. Encryption is givenas,
c = te mod n
b. Decryption is givenas,
t = cd mod n

PROGRAM:

31
 OUTPUT:

RESULT:
Thus the RSA algorithm has been implemented using HTML & CSS and the output has
32
been verified successfully.

33
Ex. No : 6
Diffie-Hellman key exchange algorithm
Date :

AIM:
To implement the Diffie-Hellman Key Exchange algorithm for a given
problem .

ALGORITHM:

1. Alice and Bob publicly agree to use a modulus p = 23 and base g = 5(which is
a primitive root modulo23).
2. Alice chooses a secret integer a = 4, then sends Bob A = ga
modp o A = 54mod 23 =4
3. Bob chooses a secret integer b = 3, then sends Alice B = gb
modp o B = 53mod 23 =10
4. Alice computes s = Ba
modp o s = 104mod 23
=18
5. Bob computes s = Ab mod p
o s = 43mod 23 =18
6. Alice and Bob now share a secret (the number18).

PROGRAM:

34
OUTPUT:
simulation of Diffie-Hellman key exchange algorithm

Alice Sends : 4.0 Bob

Computes : 18.0 Bob
Sends : 10.0
Alice Computes :
18.0 Shared Secret :
18.0
Success: Shared Secrets Matches! 18.0

RESULT:
Thus the Diffie-Hellman key exchange algorithm has been implemented using Java
Program and the output has been verified successfully.

35
Ex. No : 7
SHA-1 Algorithm
Date :

AIM:
To Calculate the message digest of a text using the SHA-1 algorithm.

ALGORITHM:
1. Append PaddingBits
2. Append Length - 64 bits are appended to theend
3. Prepare ProcessingFunctions
4. Prepare ProcessingConstants
5. InitializeBuffers
6. Processing Message in 512-bit blocks (L blocks in totalmessage)

PROGRAM:

36
OUTPUT:
Message digest object info:
-
Algorithm=SHA1
Provider=SUN version 12
ToString=SHA1 Message Digest from SUN, <initialized>

SHA1("")=DA39A3EE5E6B4B0D3255BFEF95601890AFD80709

SHA1("abc")=A9993E364706816ABA3E25717850C26C9CD0D89D

SHA1("abcdefghijklmnopqrstuvwxyz")=32D10C7B8CF96570CA04CE37F2A19
D84240D3A89

RESULT:
Thus the Secure Hash Algorithm (SHA-1) has been implemented and the output
has been verified successfully.

37
Ex. No : 8
Digital Signature Standard
Date :

AIM:
To implement the SIGNATURE SCHEME - Digital Signature Standard.

ALGORITHM:
1. Create a KeyPairGeneratorobject.
2. Initialize the KeyPairGeneratorobject.
3. Generate the KeyPairGenerator....
4. Get the private key from thepair.
5. Create a signatureobject.
6. Initialize the Signatureobject.
7. Add data to the Signatureobject
8. Calculate theSignature

PROGRAM:

38
OUTPUT:
Enter some text Hi how
are you
Digital signature for given text: 0=@gRD???-?.???? /yGL?i??a!?

RESULT:
Thus the Digital Signature Standard Signature Scheme has been
implemented and the output has been verified successfully.
Ex. No : 9 Secure Data Storage, Secure Data Transmission
Date :
and Creating Digital Signatures (Gnupg)

AIM:

Demonstratehowtoprovidesecuredatastorage,securedatatransmissionan
dforcreating digital signatures(GnuPG).

INTRODUCTION:

➢ Here’sthefinalguideinmyPGPbasicsseries,thistimefocusingonWindows
➢ TheOSinquestionwillbeWindows7,butitshouldworkforWin8andWin8.1aswe
ll
➢ Obviouslyit’snotrecommendedtobeusingWindowstoaccesstheDNM,butIwon
’ tgointo thereasonshere.
➢ ThetoolwellbeusingisGPG4Win

INSTALLINGTHESOFTWARE:

1. Visitwww.gpg4win.org.Clickonthe“Gpg4win2.3.0”button

2. Onthefollowingscreen,clickthe“DownloadGpg4win”button.
3. Whenthe“Welcome”screenisdisplayed,clickthe“Next”button

4. Whenthe“LicenseAgreement”pageisdisplayed,clickthe“Next”button

5. Setthecheckboxvaluesasspecifiedbelow,thenclickthe“Next”button
6. Setthelocationwhereyouwantthesoftwaretobeinstalled.Thedefaultlocatio
nisfine.Then,clickthe“Next”button.

7. Specifywhereyouwantshortcutstothesoftwareplaced,thenclickthe“Next”b
utton.

8. If you selected to have a GPG shortcut in your Start Menu, specify the
folder inwhich it will be placed. The default “Gpg4win” is OK. Click the
“Install” buttontocontinue

9. AwarningwillbedisplayedifyouhaveOutlookorExploreropened.Ifthisoccur
s,clickthe“OK”button.

10. Theinstallationprocesswilltellyouwhenitiscomplete.
Clickthe“Next”button

11. OncetheGpg4winsetupwizardiscomplete,thefollowingscreenwillbedispla
yed.Clickthe“Finish”button
 12. Ifyoudonotuncheckthe“ShowtheREADMEfile”checkbox,theREADMEfilew
illbedisplayed.Thewindowcanbeclosedafteryou’vereviewedit.

CREATING YOUR PUBLIC AND PRIVATE KEYS

GPG encryption and decryption is based upon the keys of the person who
will bereceiving the encrypted file or message.Any individual who wants to send
the person anencrypted file or message must possess the recipient’s public key
certificate to encrypt
themessage.Therecipientmusthavetheassociatedprivatekey,whichisdifferentthanth
epublic key, to be able to decrypt the file. The public and private key pair for an
individual isusually generated by the individual on his or her computer using the
installed GPG program,called“Kleopatra”andthefollowingprocedure:

1. Fromyourstartbar,selectthe“Kleopatra”icontostarttheKleopatracertificatema
nagementsoftware
2. Thefollowingscreenwillbedisplayed

3. Fromthe“File”dropdown,clickonthe“NewCertificate”option

4. Thefollowingscreenwillbedisplayed.Clickon“CreateapersonalOpenGPGkey
pair”and the“Next”button
5. TheCertificateCreationWizardwillstartanddisplaythefollowing:

6. Enteryournameande-mailaddress.Youmayalsoenteranoptionalcomment.The
n,clickthe“Next”button

7. Reviewyourenteredvalues.IfOK,clickthe“CreateKey”button

8. Youwillbeaskedtoenterapassphrase
9. Thepassphraseshouldfollowstrongpasswordstandards.Afteryou’veenteredy
ourpassphrase,clickthe“OK”button.

10.Youwillbeaskedtore-enterthepassphrase
11.Re-enterthepassphrasevalue.Thenclickthe“OK”button.Ifthepassphrasesmatch,
thecertificatewillbecreated.

12.Once the certificate is created, the following screen will be displayed.You can
save abackup of your public and private keys by clicking the “Make a backup
Of Your
KeyPair”button.Thisbackupcanbeusedtocopycertificatesontootherauthorized
computers.

13.Ifyouchoosetobackupyourkeypair,youwillbepresentedwiththefollowings
creen:
 14.Specifythefolderandnamethefile.Thenclickthe“OK”button.

Afterthekeyisexported,thefollowingwillbedisplayed.Clickthe“OK”button.

15.Youwillbereturnedtothe“KeyPairSuccessfullyCreated”screen.Clickthe“
Finish”button.

16.Beforetheprogramcloses,youwillneedtoconfirmthatyouwanttoclosethe
programbyclickingonthe“QuitKleopatra”button

DECRYPTINGANENCRYPTEDE-MAILTHATHASBEENSENTTOYOU:
1. Openthee-mailmessage

2. SelecttheGpgOLtab

3. Clickthe“Decrypt”button

4. AcommandwindowwillopenalongwithawindowthatasksforthePassphrasetoyo
urprivatekeythatwillbeused todecrypttheincomingmessage.
 5. Enteryourpassphraseandclickthe“OK”button

Theresultswindowwilltellyouifthedecryptionsucceeded.Clickthe“Finish”buttontopclosethewindo w

6. Yourunencryptede-mailmessagebodywillbedisplayed.

7. Whenyouclosethee-mailyouwillbeaskedifyouwanttosavethee-mailmessageinits
unencrypted form. For maximum security, click the “No” button. This will
keep themessageencryptedwithinthee-
mailsystemandwillrequireyoutoenteryourpa ssphraseeachtimeyoureopenthee-
mailmessage
 RESULT:
Thusthesecuredatastorage,securedatatransmissionandfor creating dgital signature
Ex. No : 10
Demonstration of Intrusion Detection System(IDS)
Date :

AIM:
To demonstrate Intrusion Detection System (IDS) using Snort software tool.

STEPS ON CONFIGURING AND INTRUSION DETECTION:

1. Download Snort from the Snort.org website.(http://www.snort.org/snort-

downloads)
2. Download Rules(https://www.snort.org/snort-rules). You must register to getthe
rules. (You should download theseoften)
3. Double click on the .exe to install snort. This will install snort in the “C:\
Snort” folder.It is important to have WinPcap
(https://www.winpcap.org/install/)installed
4. Extract the Rules file. You will need WinRAR for the .gzfile.
5. Copy all files from the “rules” folder of the extracted folder. Now paste
the rules into “C:\Snort\rules”folder.
6. Copy “snort.conf” file from the “etc” folder of the extracted folder. You must
paste it into “C:\Snort\etc” folder.Overwriteany existing file. Remember if you
modify your snort.conf file and download a new file, you must modify it for Snort
towork.
7. Open a command prompt (cmd.exe) and navigate to folder“C:\Snort\
bin” folder. ( at the Prompt, typecd\snort\bin)
8. To start (execute) snort in sniffer mode use
followingcommand: snort -dev -i3
-i indicates the interface number. You must pick the correct interface number. In my case,
it is 3.
-dev is used to run snort to capture packets on your network.

To check the interface list, use following command: snort

-W
Finding an interface

You can tell which interface to use by looking at the Index number and finding Microsoft.
As you can see in the above example, the other interfaces are for VMWare. My interface
is 3.

9. To run snort in IDS mode, you will need to configure the

file“snort.conf” according to your networkenvironment.
10. To specify the network address that you want to protect in snort.conf file,look
for the followingline.
var HOME_NET 192.168.1.0/24 (You will normally see any here)
11. You may also want to set the addresses ofDNS_SERVERS, if you have some
on yournetwork.

Example:

example snort
12. Change the RULE_PATH variable to the path of rulesfolder.
var RULE_PATHc:\snort\rules

path to rules
13. Change the path of all library files with the name and path on your system.and
you must changethepath of snort_dynamicpreprocessorvariable. C:\Snort\lib\
snort_dynamiccpreprocessor
You need to do this to all library files in the “C:\Snort\lib” folder. The old path might
be: “/usr/local/lib/…”. you willneedto replace that path with
yoursystem path. Using C:\Snort\lib
14. Change the path of the “dynamicengine” variable value in the“snort.conf” file..
Example:
dynamicengine C:\Snort\lib\snort_dynamicengine\sf_engine.dll

15 Add the paths for “include classification.config” and “include reference.config” files.
include c:\snort\etc\classification.config include
c:\snort\etc\reference.config
16. Remove the comment (#) on the line to allow ICMP rules, if it iscommented
with a#.
include $RULE_PATH/icmp.rules
17. You can also remove the comment of ICMP-info rules comment, if it
is commented.
include$RULE_PATH/icmp-info.rules
18. To add log files to store alerts generated by snort, search for the “output log”
test in snort.conf and add the followingline:
output alert_fast: snort-alerts.ids
19. Comment (add a #) the whitelist $WHITE_LIST_PATH/white_list.rules
and theblacklist

Change the nested_ip inner , \ to nested_ip inner #, \

20. Comment out (#) following
lines: #preprocessornormalize_ip4
#preprocessor normalize_tcp: ips ecnstream
#preprocessor normalize_icmp4
#preprocessornormalize_ip6
#preprocessor normalize_icmp6
21. Save the “snort.conf”file.
22. To start snort in IDS mode, run the followingcommand:

snort -c c:\snort\etc\snort.conf -l c:\snort\log -i 3

(Note: 3 is used for my interface card)

If a log is created, select the appropriate program to open it. You can use
WordPard or NotePad++ to read the file.

To generate Log files in ASCII mode, you can use following command while running
snort in IDS mode:
snort -A console -i3 -c c:\Snort\etc\snort.conf -l c:\Snort\log -K ascii

23. Scan the computer that is running snort from another computer by usingPING
or NMap (ZenMap).

After scanning or during the scan you can check the snort-alerts.ids file in the log folder
to insure it is logging properly. You will see IP address folders appear.

Snort monitoring traffic –

RESULT:
Thus the Intrusion Detection System(IDS) has been demonstrated by using the
Open Source Snort Intrusion Detection Tool.
Ex. No : 11
Exploring N-Stalker, a Vulnerability Assessment Tool
Date :

AIM:
To download the N-Stalker Vulnerability Assessment Tool and exploring the
features.

EXPLORING N-STALKER:

● N-Stalker Web Application Security Scanner is a Web security assessmenttool.

● It incorporates with a well-known N-Stealth HTTP Security Scanner and35,000
Web attack signaturedatabase.
● This tool also comes in both free and paidversion.
● Before scanning the target, go to “License Manager” tab, perform theupdate.
● Once update, you will note the status as up todate.
● You need to download and install N-Stalker fromwww.nstalker.com.

1. Start N-Stalker from a Windows computer. The program is installed

under Start➪Programs➪N-Stalker ➪N-StalkerFreeEdition.
2. Enter a host address or a range of addresses toscan.
3. Click StartScan.
4. After the scan completes, the N-Stalker Report Manager willprompt
5. you to select a format for the resulting report as choose GenerateHTML.
6. Review the HTML report forvulnerabilities.

Now goto “Scan Session”, enter the target URL.

In scan policy, you can select from the four options,

● Manual test which will crawl the website and will be waiting formanual attacks.
● full xssassessment
● owasp policy
● Web server infrastructureanalysis.

Once, the option has been selected, next step is “Optimize settings” which will crawl the
whole website for further analysis.
In review option, you can get all the information like host information,
technologies used, policy name, etc.

Once done, start the session and start the scan.

The scanner will crawl the whole website and will show the scripts, broken pages, hidden
fields, information leakage, web forms related information which helps to analyze further.

Once the scan is completed, the NStalker scanner will show details like severity level,
vulnerability class, why is it an issue, the fix for the issue and the URL which is
vulnerable to the particular vulnerability?

RESULT:
Thus the N-Stalker Vulnerability Assessment tool has been downloaded, installed
and the features has been explored by using a vulnerable website.
Ex. No : 12(a)
Defeating Malware - Building Trojans
Date :

AIM:

To build a Trojan and know the harmness of the trojan malwares in a computer
system.

PROCEDURE:
1. Create a simple trojan by using Windows Batch File(.bat)
2. Type these below code in notepad and save it asTrojan.bat
3. Double click on Trojan.batfile.
4. When the trojan code executes, it will open MS-Paint, Notepad,Command
Prompt, Explorer, etc.,infinitely.
5. Restart the computer to stop the execution of thistrojan.

TROJAN:

● In computing, a Trojan horse,or trojan, is any malware which misleads users of

its trueintent.

● Trojans are generally spread by some form of social engineering, for example
where a user is duped into executing an email attachmentdisguised to appear not
suspicious, (e.g., a routine form to be filled in), or by clicking on some fake
advertisement on social media or anywhereelse.

● Although their payload can be anything, many modern forms act as a

backdoor, contacting a controller which can then have unauthorizedaccess to
the affectedcomputer.
● Trojans may allow an attacker to access users' personal information
suchas banking information, passwords, or personalidentity.

● Example: Ransomware attacks are often carried out using atrojan.

 CODE:
Trojan.bat
@echooff
:x
start mspaint
start notepad
start cmd
start explorer
start control
start calc goto
x

OUTPUT
(MS-Paint, Notepad, Command Prompt, Explorer will open infinitely)

RESULT:
Thus a trojan has been built and the harmness of the trojan viruses has been explored.
Ex. No : 12(b)
Defeating Malware - Rootkit hunter
Date :

AIM:
To install a rootkit hunter and find the malwares in a computer.

ROOTKIT HUNTER:
● rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits,
backdoors and possible localexploits.
● It does this by comparing SHA-1 hashes of important files with knowngood ones in
online databases, searching for default directories (of rootkits), wrong permissions,
hidden files, suspicious strings in kernel modules, and special tests for Linux
andFreeBSD.
● rkhunter is notable due to its inclusion in popular operating systems (Fedora, Debian,etc.)
● The tool has been written in Bourne shell, to allow for portability. It canrun on almost
all UNIX-derivedsystems.

GMER ROOTKIT TOOL:

● GMER is a software tool written by a Polish researcherPrzemysław Gmerek, for
detecting and removingrootkits.
● It runs on Microsoft Windows and has support for Windows NT, 2000, XP, Vista, 7, 8 and
10. With version 2.0.18327 full support for Windows x64 is added.

Step 1

Visit GMER's website (see Resources) and download the GMER executable.

Click the "Download EXE" button to download the program with a random file name, as
some rootkits will close “gmer.exe” before you can open it.

Step 2
Double-click the icon for the program.

Click the "Scan" button in the lower-right corner of the dialog box. Allow the program to scan your
entire hard drive.
Step 3

When the program completes its scan, select any program or file listed in red. Right-click it
and select "Delete."

If the red item is a service, it may be protected. Right-click the service and select "Disable."
Reboot your computer and run the scan again, this time selecting "Delete" when that service is
detected.

When your computer is free of Rootkits, close the program and restart your PC.

RESULT:
In this experiment a rootkit hunter software tool has been installed and the rootkits have
been detected.
 Ex. No : 13 Working With KF Sensor Tool for Creating and Monitoring Honey
pot Date :

AIM:

Honey Pot is a device placed on Computer Network specifically designed to

capturemalicious network traffic.KFSensor isthe tool to setup ashoneypot when KFSensor
isrunning it places a siren icon in the windows system tray in the bottom right of the
screen. I iftherearenoalerts thengreeniconsisdisplayed.

INTRODUCTION:

HONEYPOT:

Ahoneypotisacomputersystemthatissetuptoactasadecoytolurecyberattackers, and to
detect, deflect or study attempts to gain unauthorized access to
informationsystems.Generally,itconsistsofacomputer,applications,anddatathatsimulatethe
behavior of arealsystemthat appears to bepartof a networkbut is actually isolated
andclosely monitored. All communications with a honeypot are considered hostile, as
there's
noreasonforlegitimateuserstoaccessahoneypot.Viewingandloggingthisactivitycanprovidea
ninsightintotheleveland types ofthreat anetworking infrastructure faces whiledistracting
attackersawayfromassetsof real value.Honeypots
canbeclassifiedbasedontheirdeployment(use/action)andbasedontheirlevelofinvolvement.
Basedondeployment,:
1. Productionhoneypots
2. Researchhoneypots
Productionhoneypotsareeasytouse,captureonlylimitedinformation,andareusedprimarily
bycompaniesorcorporations.Productionhoneypotsareplacedinsidetheproduction network
with other production servers by an organization to improve their overallstate of security.
Normally, production honeypots are low-interaction honeypots, which
areeasiertodeploy.Theygivelessinformationabouttheattacksorattackersthanresearchhoney
pots.
Research honeypots are run to gather information about the motives and tactics of the Black
that community targeting different networks. These honeypots do not add direct value to
aspecificorganization;instead,theyareusedtoresearchthethreatsthat to
organizationsfaceandto learnhowtobetterprotectagainstthosethreats.

KF SENSOR:

KFSensor is a Windows based honeypot Intrusion DetectionSystem (IDS).It actsasa

honeypot to attract and detect hackers and worms by simulating vulnerable system
servicesandtrojans.Byactingasadecoyserveritcandivertattacksfromcriticalsystemsandprovi
deahigher level of information than can be achievedby using firewalls andNIDSalone.
KFSensor is a system installed in a network in order to divert and study an
attacker’sbehavior.Thisisanewtechniquethatisveryeffectiveindetecting attacks.

The main feature of KF Sensor is that every connection it receives is a suspect hence
It results in very few false alerts. At the heart of KF Sensor sits a powerful internet daemon
service that is built to handle multiple ports and IP addresses. It is written to resist denial
of service and buffer overflow attacks. Building on this flexibility KF Sensor can respond to
connections in a variety of ways, from simple port listening and basic services(such as
echo), to complex simulations of standard system services. For the HTTP protocol KF
Sensor accurately simulates the way Microsoft’s web server (IIS) responds to both valid
and invalid requests. As well as being able to host a website it also handles complexities
such as range requests and client side cache negotiations. This makes it extremely difficult
for an attacker to finger print ,or identify KF Sensor as a honeypot.

PROCEDURE:

STEP-1:DownloadKFSensorEvaluationSetupFilefromKFSensorWebsite.
STEP-2:InstallwithLicenseAgreementandappropriatedirectorypath.
STEP-3:ReboottheComputernow.TheKFSensorautomaticallystartsduringwindowsboot.
STEP-4:ClickNexttosetupwizard.
STEP-5:SelectallportclassestoincludeandClickNext.
STEP-6:“Send the email and, enter the ID and Click Next.
STEP-
7:SelecttheoptionssuchasDenialofService[DOS],PortActivity,ProxyEmulsion,NetworkP
ortAnalyzer,Click Next.
STEP-8:SelectInstallasSystemserviceandClickNext.
STEP-9:Clickfinish.

SCREENSHOTS:
RESULT:
Thusthestudyofsetupahotspotandmonitorthehotspotonnetworkhasbeendeveloped
successfully.
 Ex. No : 14 Triple DES
Date :
AIM:
To implement the TRIPLE DES in
java. ALGORITHM:
1. Start the program.
2. Encrypt the plaintext blocks using single DES with key K1.
3. Now decrypt the output of step 1 using single DES with key K2.
4. Finally, encrypt the output of step 2 using single DES with key K3.
5. The output of step 3 is the ciphertext.
6. Decryption of a ciphertext is a reverse process. User first decrypt using K3,
then encrypt with
K2, and finally decrypt with K1.
7. Stop the
program.
PROGRAM:

RESULT:
Thus the program to implement the TRIPLE DES in java has been executed and the output
was verified successfully