Shri Vaishnav Vidyapeeth

Vishwavidyalaya, Indore (M.P.)

Department of Computer Science Engineering

Lab Manual
Subject: Cyber and Network Security
Semester: V
Subject Code: BTCS503N
Roll No.: 21100BTCSE10038

Section: CS-K

Submitted By: Submitted to:

Vipin Kushwah Prof.Shubham Kothari
Shri Vaishnav Institute of Information
Technology, Indore (M.P.)

VISION

“To be renowned for excellence in Computer Science &

Engineering.”

MISSION

“To impart quality education, meeting the latest

industry requirements, futuristic research &
developments in Computer Science &Engineering.”
 SHRI VAISHNAV VIDYAPEETH VISHWAVIDYALAYA
Shri Vaishnav Institute of Information Technology
Department of Computer Science & Engineering

LIST OF EXPERIMENTS

S.no Name of Experment Page Date of Remarks

No. Experiment
1 Study of different wireless 1-3 04/08/2023
network components.
2 Study the features of any one 4-6 11/08/2023
of the Mobile Security Apps.
3 To understand the Caesar 7-9 18/08/2023
cipher.
4 Study of the features of 10-19 25/08/2023
firewall in providing network
security and to set Firewall
Security in Windows.
5 Steps to ensure security of 20-24 01/09/2023
any one web browser
(Mozilla Firefox/ Google
chrome).
6 Study of different types of 25-30 08/09/2023
vulnerabilities for hacking a
websites/ Web Applications.
7 Analysis the Security 31-35 15/09/2023
Vulnerabilities of E-
commerce services.
8 Analysis the security 36-39 22/09/2023
vulnerabilities of E-mail
Application.
BTCS503N CYBER AND NETWORK SECURITY

EXPERIMENT: 01
1.Aim: Study of different wireless network components.
2.Outcomes: At the end of the course, the student should be able to,
▪ Use different open source tools for network security and analysis.
▪ Perform data analytics in social media datasets to secure system from social attacks.
▪ Understanding the security and compatibility of components helps identify vulnerabilities
and ensures devices work seamlessly within the network.
▪ Evaluating component costs and total cost of ownership guides budget decisions for
efficient network design and management.
▪ Analysis reveals variations in signal strength, data transfer rates, and network coverage
based on component choices, enabling informed selection for specific applications.
3.Objectives: At the end of the session, you should be able to
▪ Know about the devices and components in a wireless network.
▪ Know about the network security issues in different types of network devices. Identify
a mobile security app and how it works for mobile security?
4.Solution:
4.1 Introduction: The infrastructure network is most likely the type of wireless setup
you have in your home or office. It’s laid out similarly to a wired network, but without
wires.

▪ Wireless Network Adapters: Wireless network adapters (also known as wireless NICs or
wireless network cards) are required for each device on a wireless network. All newer
laptop computers incorporate wireless adapters as a built-in feature of the system. No
wireless hardware other than adapters is required to build a small local network. However,

21100BTCSE10038 1|Page
BTCS503N CYBER AND NETWORK SECURITY

to increase the performance of network connections, accommodate more computers, and

increase the network's range, additional types of hardware can be deployed.

▪ Wireless Routers: Wireless routers function comparably to traditional routers for wired
Ethernet networks. One generally deploys wireless routers when building an allwireless
network from the ground up. Similar to routers, access points allow wireless networks to
join an existing wired network. One typically deploys access points when growing a
network that already has routers installed. In home networking, a single access point (or
router) possesses sufficient range to span most residential buildings. Businesses in office
buildings often must deploy multiple access points and/or routers.
▪ Wireless Antennas: Access points and routers often utilize a Wi-Fi wireless antenna that
significantly increase the communication range of the wireless radio signal. These antennas
are optional and removable on most equipment. It's also possible to mount aftermarket add-
on antennas on wireless clients to increase the range of wireless adapters.
▪ Wireless Repeaters: A wireless repeater connects to a router or access point. Often called
signal boosters or range expanders, repeaters serve as a two-way relay station for wireless
radio signals, helping clients otherwise unable to receive a network's wireless signal to join.
▪ Wireless Network Interface Cards (NICs): These are hardware components found in
devices like laptops and smartphones that allow them to connect to wireless networks. They
can be built-in or external.
▪ Wireless Channels: Wireless networks use specific channels in the 2.4 GHz and 5 GHz
frequency bands to transmit data. This helps reduce interference and congestion.
▪ SSID (Service Set Identifier): SSID is the network name that devices use to identify and
connect to a specific wireless network.
▪ Wireless Range and Coverage: The range of a wireless network is determined by the
reach of the access points. Extenders or repeaters can be used to extend coverage.

4.2 Result: Features of different wireless network components has been studied.

4.3 Viva Questions and quiz:

4.3.1 Viva Questions:
1. What are the advantages and disadvantages of using the 2.4 GHz and 5 GHz frequency
bands for Wi-Fi networks? When would you choose one over the other?
2. Can you explain the concept of network encryption in wireless networks? What are
some common encryption protocols, and why is encryption important for wireless
security?

21100BTCSE10038 2|Page
BTCS503N CYBER AND NETWORK SECURITY

3. What is the purpose of an omnidirectional antenna, and in what scenarios is it typically

used in wireless networking?

4.3.2 Quiz Questions:

1. Which of the following is not a wireless network component?
A) Router
B) Access Point
C) Switch
D) Wireless Network Card
2. What is the primary function of a wireless router in a home network?
A) Connect wired devices to the internet
B) Provide power to wireless devices
C) Manage and distribute wireless signals
D) Filter out unwanted wireless signals

3. Which wireless standard is commonly used for home Wi-Fi networks?

A) 4G
B) 5G
C) 802.11n
D) Bluetooth

21100BTCSE10038 3|Page
BTCS503N CYBER AND NETWORK SECURITY

EXPERIMENT: 02
1.Aim: To study the features of any one of the Mobile Security Apps.
2.Outcomes: At the end of the course, the student should be able to;
▪ Understanding the app's ability to detect and prevent various threats such as malware,
phishing, or ransomware. This insight helps in assessing the app's effectiveness in
safeguarding the mobile device.
▪ Use different open source tools for network security and analysis studying the app's
interface, ease of use, and additional user-friendly features. This analysis provides insights
into how accessible and convenient the app is for the average user.
▪ Assessing the impact of the app on the device's performance, including its usage of
resources such as battery life, CPU, and memory.

3.Objectives: At the end of the session you should be able to

▪ Identify a mobile security app and how it works for mobile security?

4.Solutions:
4.1 Features of Norton Mobile Security: Norton Mobile Security is a comprehensive
mobile security app designed to protect Android and iOS devices from a range of security
threats. Here are some of its key features:
▪ Antivirus and Malware Protection: Norton Mobile Security scans for and detects
malware and viruses on your mobile device, ensuring that your device remains safe from
malicious software.
▪ Anti-Phishing: The app includes anti-phishing protection, warning you about potentially
dangerous websites and emails that may attempt to steal your personal information.
▪ App Advisor: Norton Mobile Security provides insights into the privacy and security of
apps you download, helping you make informed decisions about which apps to install.
▪ Wi-Fi Security: It scans Wi-Fi networks for potential security risks, ensuring that you
connect to safe and trustworthy networks, protecting you from threats like man-in-
themiddle attacks.
▪ Device Location and Anti-Theft: The app offers anti-theft features, allowing you to track
your device's location, remotely lock it, and even erase data if it's lost or stolen.
▪ Web Protection: Norton's Web Protection feature safeguards your device's online activities
and provides warnings about potentially harmful websites.
▪ Secure VPN: Some Norton Mobile Security packages include a secure VPN (Virtual
Private Network) for encrypting your online connections and protecting your data from
prying eyes on public networks.

21100BTCSE10038 4|Page
BTCS503N CYBER AND NETWORK SECURITY

▪ Parental Control: It offers parental control features to help parents monitor and manage
their children's device usage and internet activities.
▪ Privacy Protection: Norton Mobile Security helps protect your personal data and online
activities, safeguarding your privacy.
▪ Secure Messaging: It protects against malicious messages and offers call filtering to block
spam and unwanted calls.
▪ Data Backup: Some packages include data backup functionality, enabling you to securely
back up your mobile device's data.
▪ Real-Time Scanning: Norton Mobile Security provides real-time scanning to ensure
immediate protection against threats.

4.2 Result: Features of the Mobile Security Apps has been studied successfully.

4.3 Quiz and Viva Questions:

4.3.1 Viva questions:
1. Describe the functionality of the "App Permissions Scanner" in a mobile security app.
How can it benefit users in terms of privacy and security?
2. What is the purpose of the "Safe Browsing" feature in a mobile security app, and how
does it protect users while browsing the internet?
3. Explain the concept of "Wi-Fi Security Scan" in a mobile security app. What are the
potential risks associated with using unsecured Wi-Fi networks, and how does this
feature mitigate those risks?
4. How does the "VPN Protection" feature in a mobile security app work to ensure online
privacy and security? What are some common use cases for using a VPN on a mobile
device?
4.3.2 Quiz Questions:

21100BTCSE10038 5|Page
BTCS503N CYBER AND NETWORK SECURITY

1. Which feature in a mobile security app is designed to secure your personal photos,
videos, and other sensitive files?
A) Secure Vault B)
Data Backup
C) App Permissions Scanner
D) Battery Saver
2. What does the "Wi-Fi Security Scan" feature in a mobile security app help with?
A) Block unwanted calls and messages
B) Secure your internet connection from hackers
C) Optimize battery usage
D) Clean up unnecessary files on your device

3. Which feature in a mobile security app encrypts your internet connection and provides
online privacy and anonymity?
A) Anti-Theft
B) VPN Protection
C) Data Backup
D) Safe Browsing

21100BTCSE10038 6|Page
BTCS503N CYBER AND NETWORK SECURITY

EXPERIMENT: 03
1. Aim: To understand the encryption of message using Caesar cipher in a secure message
exchange.
2. Outcomes: The primary goal of this experiment is to gain a comprehensive understanding of
the Caesar cipher, a basic encryption technique, and its application in achieving secure message
exchange. The outcome will involve successfully encrypting and decrypting messages using the
Caesar cipher, assessing the effectiveness of the encryption in ensuring confidentiality, and
identifying potential vulnerabilities.

3. Objectives:
▪ To comprehend the fundamentals of encryption and its importance in secure
communication.
▪ To explore the Caesar cipher as a simple encryption method.
▪ To implement the Caesar cipher for encrypting and decrypting messages.
▪ To analyze the strengths and weaknesses of the Caesar cipher in secure message exchange.
▪ To propose and evaluate potential improvements or modifications to enhance the security
of the Caesar cipher.

4. Solutions:

4.1. Implementation:
• Choose a key for the Caesar cipher.
• Develop algorithms for both encryption and decryption.
• Apply the encryption algorithm to a given plaintext message and decrypt the
resulting ciphertext to ensure the process is reversible.

21100BTCSE10038 7|Page
BTCS503N CYBER AND NETWORK SECURITY

4.2. Analysis:
• Evaluate the security of the encrypted message.
• Assess the vulnerability of the Caesar cipher to brute force attacks.
• Consider potential improvements, such as key management strategies or
combining the Caesar cipher with other encryption techniques.
4.3. Conclusion:
• Summarize the effectiveness and limitations of the Caesar cipher for secure
message exchange.
• Discuss the practical implications of the experiment's findings and propose
recommendations for enhancing the security of the encryption process.

4.3 Result: Successful implementation of Caesar cipher encryption and decryption with
an evaluation of vulnerabilities and proposed enhancements.

4.4 Quiz and Viva questions:

4.4.1 Viva questions:
1. How did you choose the key for encrypting and decrypting messages in the Caesar
cipher experiment?
2. Can you explain the significance of the symmetric key property in the context of the
Caesar cipher?
3. What challenges did you encounter in the encryption and decryption processes, and
how did you address them?
4. How did you assess the security of the encrypted message, and what factors
contribute to the vulnerability of the Caesar cipher to brute force attacks?
5. What are the potential limitations of the Caesar cipher in practical secure
communication scenarios?

21100BTCSE10038 8|Page
BTCS503N CYBER AND NETWORK SECURITY

4.4.2 Quiz questions:

1. What is the fundamental principle behind the Caesar cipher?
A. Substitution
B. Transposition
C. Permutation
D. Rotation
2. Why is encryption important in the context of secure message exchange?
A. Aesthetic improvement
B. Ensures confidentiality.
C. Speeds up communication.
D. Reduces message length.
3. Explain the process of encrypting a message using the Caesar cipher.
A. Shifting each letter by a random amount
B. Substituting each letter with the next one
C. Rotating each letter by a fixed number of positions
D. Reversing the order of letters
4. What is a symmetric key algorithm, and how does it relate to the Caesar cipher?
A. Uses two different keys; Caesar cipher is asymmetric
B. Uses the same key for both encryption and decryption; Caesar cipher is symmetric
C. Uses no key; Caesar cipher is keyless
D. Uses a public and private key; Caesar cipher is hybrid

21100BTCSE10038 9|Page
BTCS503N CYBER AND NETWORK SECURITY

EXPERIMENT: 04
1.Aim: To study the features of firewall in providing network security and to set Firewall Security
in windows.

2.Outcomes: At the end of the course, the student should be able to;
▪ Understanding how firewalls can filter incoming and outgoing traffic based on predefined
rules, helping to mitigate various threats like unauthorized access, malware, and network
attacks.
▪ Learning how modern firewalls offer application-level control, allowing you to manage
which software and services can access the network, enhancing security and productivity.
▪ Exploring the firewall's logging and reporting capabilities, which enable the monitoring of
network traffic, identifying security incidents, and ensuring compliance with security
policies.

3.Objectives: At the end of the session you should be able to

▪ Know how to setup a firewall on Operating System.
▪ Know about the Windows Firewall with Advanced Security.
▪ Know the Connection Security Rules
4.Solutions:
4.1 Introduction: A firewall is a network security device, either hardware or software-based,
which monitors all incoming and outgoing traffic and based on a defined set of security rules it
accepts, rejects or drops that specific traffic.
▪ Accept : allow the traffic
▪ Reject : block the traffic but reply with an “unreachable error”
▪ Drop : block the traffic with no reply A firewall establishes a barrier between secured
internal networks and outside untrusted network, such as the Internet.

21100BTCSE10038 10 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

4.1.1 Working of Firewall: Firewall match the network traffic against the rule set
defined in its table. Once the rule is matched, associate action is applied to the
network traffic. For example, Rules are defined as any employee from HR
department cannot access the data from code server and at the same time another
rule is defined like system administrator can access the data from both HR and
technical department. Rules can be defined on the firewall based on the necessity
and security policies of the organization. From the perspective of a server,
network traffic can be either outgoing or incoming. Firewall maintains a distinct
set of rules for both the cases. Mostly the outgoing traffic, originated from the
server itself, allowed to pass. Still, setting a rule on outgoing traffic is always
better in order to achieve more security and prevent unwanted communication.
Incoming traffic is treated differently. Most traffic which reaches on the firewall
is one of these three major Transport Layer protocols- TCP, UDP or ICMP. All
these types have a source address and destination address. Also, TCP and UDP
have port numbers. ICMP uses type code instead of port number which identifies
purpose of that packet. Default policy: It is very difficult to explicitly cover
every possible rule on the firewall. For this reason, the firewall must always have
a default policy. Default policy only consists of action (accept, reject or drop).
Suppose no rule is defined about SSH connection to the server on the firewall.
So, it will follow the default policy. If default policy on the firewall is set to
accept, then any computer outside of your office can establish an SSH connection
to the server. Therefore, setting default policy as drop (or reject) is always a
good practice.
4.1.2 Generations of Firewall:
▪ First Generation- Packet Filtering Firewall: Packet filtering firewall is used to control
network access by monitoring outgoing and incoming packets and allowing them to pass
or stop based on source and destination IP address, protocols, and ports. It analyses traffic
at the transport protocol layer (but mainly uses first 3 layers). Packet firewalls treat each
packet in isolation. They have no ability to tell whether a packet is part of an existing stream
of traffic.

21100BTCSE10038 11 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

▪ Second Generation- Stateful Inspection Firewall: Stateful firewalls (performs Stateful

Packet Inspection) are able to determine the connection state of packet, unlike Packet
filtering firewall, which makes it more efficient. It keeps track of the state of networks
connection travelling across it, such as TCP streams. So the filtering decisions would not
only be based on defined rules, but also on packet’s history in the state table.
▪ Third Generation- Application Layer Firewall : Application layer firewall can inspect
and filter the packets on any OSI layer, up to the application layer. It has the ability to block
specific content, also recognize when certain application and protocols (like HTTP, FTP)
are being misused. In other words, Application layer firewalls are hosts that run proxy
servers. A proxy firewall prevents the direct connection between either side of the firewall,
each packet has to pass through the proxy. It can allow or block the traffic based on
predefined rules. Note: Application layer firewalls can also be used as Network Address
Translator(NAT).
▪ Next Generation Firewalls (NGFW): Next Generation Firewalls are being deployed these
days to stop modern security breaches like advance malware attacks and application-layer
attacks. NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH
inspection and many functionalities to protect the network from these modern threats.

4.1.3 Types of Firewall: Firewalls are generally of two types: Host-based and
Networkbased.
▪ Host- based Firewalls : Host-based firewall is installed on each network node which
controls each incoming and outgoing packet. It is a software application or suite of
applications, comes as a part of the operating system. Host-based firewalls are needed
because network firewalls cannot provide protection inside a trusted network. Host firewall
protects each host from attacks and unauthorized access.
▪ Network-based Firewalls : Network firewall function on network level. In other words,
these firewalls filter all incoming and outgoing traffic across the network. It protects the
internal network by filtering the traffic using rules defined on the firewall. A Network
firewall might have two or more network interface cards (NICs). A network-based firewall
is usually a dedicated system with proprietary software installed.

4.1.4 Features of Firewall:

▪ Access Control: Firewalls use access control mechanisms, such as Access Control Lists
(ACLs), to specify which network traffic is allowed or denied based on predefined criteria.
This control helps restrict access to sensitive resources and services.
▪ Packet Filtering: Firewalls can inspect and filter individual data packets as they pass
through the network. This allows them to make decisions based on source and destination
IP addresses, port numbers, and protocol types, providing an initial layer of defense.

21100BTCSE10038 12 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

▪ Application Layer Filtering: Next-generation firewalls (NGFWs) can inspect traffic at

the application layer, which enables them to identify and control specific applications or
services. This helps in enforcing more granular security policies.
▪ Intrusion Detection and Prevention: Some firewalls include intrusion detection and
prevention systems (IDPS) to detect and respond to suspicious or malicious network
activity, including known attack patterns.
▪ VPN Support: Firewalls with VPN capabilities allow for secure remote access and
encrypted communication over public networks, ensuring data confidentiality and integrity.
▪ Logging and Monitoring: Firewalls log network activity, enabling administrators to
review historical data for security analysis and compliance reporting. Real-time monitoring
provides visibility into network traffic, aiding in the detection of anomalies.
▪ User Authentication: Firewalls can enforce user authentication, requiring individuals to
log in with valid credentials before accessing specific resources. This helps in ensuring that
only authorized users can access the network.
▪ Content Filtering: Firewalls can filter web content, blocking access to websites or content
categories based on defined policies. This feature is especially useful for enforcing
acceptable use policies and maintaining productivity.
▪ Security Policy Management: Administrators can define and manage security policies
and rules that dictate how the firewall should handle traffic. This feature allows for
finegrained control over network security.
▪ Network Address Translation (NAT): Firewalls often employ NAT to hide internal
network addresses, making it more challenging for external entities to identify the internal
structure of the network.
▪ Threat Intelligence Integration: Some firewalls integrate with threat intelligence feeds to
stay updated on emerging threats and vulnerabilities, allowing them to adapt their security
rules accordingly.

4.2 Setting Firewall Security in windows.

Windows Firewall: Windows Firewall is a stateful firewall that comes installed with most modern
versions of Windows by default. On Windows 2008 Server machines, the firewall is enabled by
default, blocking many of the ports that cause so much trouble in otherwise unprotected Windows
systems. On virtual servers, the Windows Firewall ensures that only the services necessary for the
chosen function are exposed (the firewall will automatically configure itself for new server roles,
for instance, and when certain server applications are installed). As members of your domain, the
Windows Firewall of your virtual servers can be managed remotely, or through Group Policy.

21100BTCSE10038 13 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

4.2.1 Steps:

Restart the Windows firewall on the control panel and perform the following operations to
configure the firewall:
a. Go to Control Panel, and choose System Security > Windows Firewall.

b. In the Windows Firewall window, click Turn Windows Firewall on or off on the left.
c. In the Customize Settings window, select Turn Windows Firewall on in Private
network settings and Public network settings.

21100BTCSE10038 14 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

Add firewall exception sites in Windows 2012.

a. On the Windows Firewall page, click Advanced settings.
b. Choose Inbound Rules from the navigation tree on the left of the window that is displayed.

c. Click New Rule at the upper right corner.

d. On the right of the window that is displayed, select Port and click Next

21100BTCSE10038 15 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

e. In the window that is displayed, perform the following operations to set related parameters:
Select TCP.
Select Specific local ports and enter 8080 in the text box.

f.
Click Next.
g. In the window that is displayed, select Allow the connection and click Next.

21100BTCSE10038 16 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

h. In the window that is displayed, ensure that the following check boxes are selected:
▪ Domain
▪ Private
▪ Public

i. Click Next.

21100BTCSE10038 17 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

j. In the window that is displayed, enter a rule name in the Name text box, for
example, TCPPortin.

k. Click Finish to create an inbound rule.

l. Close the windows one by one.
4.3 Assumptions:
▪ Diverse Network Environments: Assume that your computer may connect to various
network environments, including public Wi-Fi, home networks, and corporate networks.
This assumption highlights the need for flexible firewall rules that can adapt to different
contexts.
▪ Unauthorized Access Attempts: Assume that malicious actors may attempt to gain
unauthorized access to your computer by exploiting network vulnerabilities. This
assumption underscores the need for access controls and intrusion detection.
▪ Network Traffic Diversity: Assume that network traffic is diverse, including web
browsing, email, file transfers, and application communication. This assumption highlights
the need for firewall rules that can accommodate different types of traffic.
4.4 References:
▪ https://www.geeksforgeeks.org/introduction-of-firewall-in-computer-network/
▪ https://support.huawei.com/enterprise/en/doc/EDOC1100044388/1b831a74/how-do-
iconfigure-the-firewall-of-the-windows-operating-system

21100BTCSE10038 18 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

4.5 Result: The firewall for the windows has been successfully configured.
4.6 Viva Questions and quiz:
4.6.1 Viva Questions:
1. What is a firewall in the context of Windows operating systems?
2. Explain the primary purpose of a firewall in Windows.
3. Can you name the built-in firewall in Windows? What versions of Windows have it?
4. What is the role of the Windows Firewall in network security?
4.6.2 Quiz questions:
1. What is the primary purpose of a firewall in network security?
A) To protect against physical intrusions
B) To prevent malware infections on endpoints
C) To filter and control network traffic
D) To encrypt data transmission
2. Which of the following is a common type of firewall that operates at the application
layer of the OSI model and inspects data packets to make access decisions?
A) Stateful Firewall
B) Proxy Firewall
C) Packet Filtering Firewall
D) NAT Firewall
3. What is the main function of a stateful firewall?
A) It monitors network traffic and logs all data packets.
B) It filters traffic based on application layer protocols.
C) It keeps track of the state of active connections and makes access decisions.
D) It performs deep packet inspection for malware detection.

21100BTCSE10038 19 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

EXPERIMENT: 05
1.Aim: Steps to ensure Security of any one web browser (Mozilla Firefox/Google Chrome).
2.Outcomes: At the end of the course, the student should be able to;
▪ By configuring Firefox's privacy settings, regularly clearing cookies and history, and using
private browsing mode, you can significantly enhance your online privacy and reduce the
risk of tracking and data exposure.
▪ Regularly reviewing and updating Firefox add-ons and extensions ensures that they don't
introduce vulnerabilities or pose security risks. It helps maintain a secure browsing
experience.
▪ Using Firefox's built-in password manager or a trusted password manager extension, you
can secure and manage your login credentials, enhancing protection against unauthorized
access to your accounts.
3.Objectives: At the end of the session you will be able to
▪ Understand the security and privacy features and operation of browsers.
▪ Know the security vulnerabilities of browsers.
▪ Explore, how to browsers hacks and there steps for better security.
▪ Learn, how to stop advertisers from tracking you
▪ Learn to stop your browser from automatically downloading malware.
▪ Learn to block pop-ups and ads
▪ Know , how to avoid unsafe websites
▪ Learn how to manage cookies
4.Solutions:
4.1 Firefox: Mozilla Firefox, commonly known as Firefox, is a popular web browser
developed by the Mozilla Foundation and its subsidiary, Mozilla Corporation. It is a free and
open-source web browser that is available for various operating systems, including Windows,
macOS, and Linux. Firefox is known for its focus on user privacy and security, as well as its
support for web standards and customization through extensions and themes.
4.1.1 Steps to implement security in Mozilla Firefox:
▪ Setting the default browser: For both Mac and PC - go to Firefox menu > Preferences
(Mac) Options (PC) > General tab. Check the box “Always check to see if Firefox is default
browser on startup”.
▪ Auto-install updates: For both Mac and PC - go to Firefox menu > Preferences (Mac)
Options (PC) General tab > Firefox Updates section. Select "Automatically install updates
(Recommended)".

21100BTCSE10038 20 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

▪ Block unwanted pop-ups: For both Mac and PC - go to Firefox menu > Preferences (Mac)
Options (PC) > Privacy & Security > Permissions section. Check "Block pop-up windows".
▪ Block unwanted add-ons: For both Mac and PC - go to Firefox menu > Preferences (Mac)
Options (PC) > Privacy & Security > Permissions section. Check "Warn you when websites
try to insall add-ons".

▪ Don't save passwords: For both Mac and PC - go to Firefox menu > Preferences (Mac)
Options (PC) > Privacy & Security > Browser Privacy section. Uncheck the "Ask to save
logins and passwords for websites" box.

21100BTCSE10038 21 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

▪ Using a master password: If you do save passwords, set a Master password so they aren't
easily accessible to anyone with access to the system. For both Mac and PC - go to Firefox
menu > Preferences (Mac) Options (PC) > Privacy & Security > Browser Privacy section.
Check "Use a master password". Set a master password that is compliant with campus
Password Standards Note: The master password setting is not appropriate for passwords
that provide access to P3 or P4 sensitive data.
▪ Java/javascript: Java is now disabled by default in Firefox, but can be activated for trusted
sites. More info here.
▪ Cookies and Site Data: For both Mac and PC - go to Firefox menu > Preferences (Mac)
Options (PC) > Privacy & Security > CContent Blocking. Select "Custom" and set Cookies
to block "Third-party trackers". Also place checks to block Cryptominers and
Fingerprinters.
▪ Tracking Protection: For both Mac and PC - go to Firefox menu > Preferences (Mac)
Options (PC) > Privacy & Security > Content Blocking. Check "Always" under "Send
websites a “Do Not Track” signal that you don’t want to be tracked".
▪ Deceptive Content and Dangerous Software Protection: For both Mac and PC - go to
Firefox menu > Preferences (Mac) Options (PC) > Privacy & Security > Security section.
Check "Block dangerous and deceptive content", "Block dangerous downloads" and "Warn
you about unwanted and uncommon software".
▪ Firefox Data Collection and Use: For both Mac and PC - go to Firefox menu > Preferences
(Mac) Options (PC) > Privacy & Security > Firefox Data Collection and Use section.
Uncheck "Allow Firefox to send technical and interaction data to Mozilla", "Allow Firefox
to install and run studies" and "Allow Firefox to send backlogged crash reports on your
behalf".
▪ Install uBlock Origin (Ad-blocker) - Add-ons > “uBlock Origin”
4.2 Assumptions:

21100BTCSE10038 22 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

▪ Frequent Updates: Assume that web browsers will release frequent security updates and
patches to address vulnerabilities. This assumption highlights the importance of keeping
your browser up to date.
▪ Third-Party Risks: Assume that browser extensions and plugins may introduce additional
security risks. This assumption emphasizes the need to carefully vet and update third-party
extensions for security.
4.3 Result: Security of any one Mozilla Firefox wweb browser has been implemented
successfully.
4.4 References: https://its.ucsc.edu/software/release/browser-secure.html
4.5 Quiz and Viva questions:
4.5.1 Viva questions:
1. What security features does Mozilla Firefox offer to protect users while browsing the
web?
2. Can you explain how Enhanced Tracking Protection in Firefox enhances user privacy
and security?
3. How does Mozilla Firefox handle security updates and patches to protect against
vulnerabilities?
4. Describe the role of add-ons and extensions in enhancing the security of Firefox. Are
there any security risks associated with them?
5. What measures does Firefox take to protect users from phishing attacks and malicious
websites?

4.5.2 Quiz questions:

1. Which feature in Mozilla Firefox provides protection against malicious websites and
phishing attempts by checking the website's reputation and warning users if a site is
potentially harmful?
A) Tracking Protection B)
HTTPS-Only Mode
C) Safe Browsing
D) InPrivate Browsing
2. What does the "Content Security Policy" (CSP) in Mozilla Firefox aim to do?
A) Block all third-party content on websites
B) Prevent cross-site scripting (XSS) attacks
C) Encrypt all web traffic using HTTPS
D) Restrict the use of certain web fonts

21100BTCSE10038 23 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

3. Which of the following is a feature in Firefox that allows users to create, store, and
manage complex, unique passwords for various websites while improving overall
security?
A) History Sync
B) Firefox Monitor
C) Firefox Lockwise
D) Private Browsing

21100BTCSE10038 24 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

EXPERIMENT: 06
1.Aim: Study of different types of vulnerabilities for hacking a websites / Web Applications.

2.Outcomes: At the end of the course, the student should be able to;
▪ By studying various vulnerabilities, one can identify potential weaknesses in web
applications, such as SQL injection, cross-site scripting (XSS), or insecure authentication.
▪ Understanding the different types of vulnerabilities helps assess the level of risk associated
with a web application.
▪ Perform data analytics in social media datasets to secure system from social attacks.
▪ It empowers organizations to proactively safeguard their online assets against potential
threats.

3.Objectives: After going through this session, you should be able to:
▪ Know the reasons for attacking web applications
▪ Identify different types of Web Application Vulnerability

4.Solutions:
4.1 Web Application Vulnerabilities:

S. No. Attack/Vulnerability Used % of use

1. SQL Injection 20 %

2. Unintentional Information Disclosure 17 %

3. Known Vulnerability 15 %

4. Cross Site Scripting (XSS) 12 %

5. Insufficient Access Control 10 %

6. Credential/Session Prediction 08 %

7. OS Commanding 03 %

8. Security Misconfiguration 03 %

9. Insufficient Ant automation 03 %

10. Denial Of Service 03 %

21100BTCSE10038 25 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

11. Redirection 02 %

12. Insufficient Session Expiration 02 %

13. Cross Site Request Forgery(CSRF) 02 %

▪ SQL Injection Attack: A SQL injection attack is a security exploit that occurs when an
attacker manipulates a web application's input fields to inject malicious SQL code into the
database queries. This allows the attacker to potentially access, modify, or delete data in
the database, and it's a significant threat to web applications. Preventing SQL injection
involves using parameterized queries, input validation, and other security measures to
block unauthorized SQL code execution. This helps protect against data breaches and
unauthorized access to databases.
• Union Based SQL Injection
• String Based SQL Injection
• Error Based SQL Injection

▪ Cross Site Scripting (XSS): Cross-Site Scripting (XSS) is a common web application
security vulnerability that occurs when malicious scripts are injected into web pages
viewed by other users. These scripts are executed in the context of a user's web browser,
potentially allowing an attacker to steal sensitive information, like cookies or session
tokens, or manipulate web content on the victim's browser. There are three main types of
XSS attacks: stored, reflected, and DOM-based. To prevent XSS, developers should
validate and sanitize user input, use output encoding, and implement security headers, like
Content Security Policy (CSP), to mitigate the risk of these attacks.
• Stored XSS
• Reflected XSS

21100BTCSE10038 26 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

• Dom based XSS

▪ Broken Authentication / Session Management: A Broken Authentication and Session
Management attack is a security vulnerability that occurs when an application fails to
properly authenticate and manage user sessions. This can lead to unauthorized access or
tampering with user accounts and data. Attackers can exploit weaknesses in login
mechanisms, session tokens, and password management to gain unauthorized access to an
application. To prevent such attacks, developers should implement secure authentication
processes, manage session tokens carefully, and follow best practices for password storage
and reset procedures. Effective security measures are crucial in guarding against these types
of security breaches.

▪ Cross site request forgery (CSRF): A Cross-Site Request Forgery (CSRF) attack is when
an attacker tricks a user into unwittingly performing actions on a different website where
the user is logged in. The attacker exploits the user's active session to execute unauthorized
actions, like changing settings or making transactions, without the user's knowledge. To
prevent CSRF, developers use anti-CSRF tokens and secure authentication methods to
ensure that only legitimate actions are accepted, safeguarding users from unintended
manipulations.

▪ Insecure Direct Object References: Insecure Direct Object References (IDOR) is a

security vulnerability that occurs when a web application does not properly validate and
authorize user access to objects or resources. Attackers can exploit this by manipulating
object references (e.g., file names, database keys) to gain unauthorized access to sensitive
data or functionality. To prevent IDOR attacks, developers should implement proper access
controls, validate user input, and ensure that users can only access resources for which they
have proper authorization, effectively safeguarding against unauthorized data access or
manipulation.

▪ Security Misconfiguration: Security misconfiguration is a common web application

security issue that arises when system configurations, settings, or permissions are
improperly implemented or left in an insecure state. These misconfigurations can leave
vulnerabilities that attackers can exploit to gain unauthorized access, view sensitive
information, or execute malicious actions. To mitigate security misconfiguration risks,
administrators and developers should follow security best practices, regularly audit and
review system configurations, and limit access to only those who need it, thus ensuring that
systems are properly configured and secure.

▪ Sensitive Data Exposure: Sensitive data exposure is a security vulnerability in which

confidential or private information, such as personal details, credit card numbers, or
passwords, is unintentionally or maliciously disclosed to unauthorized individuals. This
exposure can occur due to weak encryption, poor data storage practices, or other security

21100BTCSE10038 27 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

weaknesses. To prevent sensitive data exposure, organizations should use strong encryption
methods, follow data protection regulations, and employ secure data handling procedures,
ensuring that sensitive information remains confidential and safeguarded from
unauthorized access or leaks.

▪ Using Components with known vulnerabilities: "Using Components with Known

Vulnerabilities" is a security issue that arises when software applications or systems
incorporate third-party components, libraries, or frameworks that have known security
flaws or vulnerabilities. These vulnerabilities may be publicly documented and can be
exploited by attackers to compromise the security of the application. To mitigate this risk,
organizations should regularly monitor and update the components they use, ensuring that
any known vulnerabilities are patched or replaced with secure versions to protect against
potential security breaches.

▪ Invalidated Redirects forwards: Invalidated Redirects and Forwards refer to a security

vulnerability in web applications where user-supplied input is used to construct URLs for
redirects or forwards, but the input is not properly validated or sanitized. Attackers can
exploit this vulnerability by crafting malicious URLs that trick users into unknowingly
navigating to a different website or performing unintended actions on the same website. To
prevent this issue, developers should validate and sanitize user input, and avoid relying on
user-generated data to construct redirection URLs, ensuring that the redirects and forwards
are authorized and secure. This helps protect users from potential phishing or manipulation.

▪ Missing function level access control: Missing Function Level Access Control is a
security vulnerability found in web applications when there is insufficient validation and
authorization in place to control access to various functions or features. This vulnerability
may allow unauthorized users to access or perform actions that should only be available to
privileged users or administrators. To address this issue, developers should implement
proper access control mechanisms to ensure that users can only access the functions or
features they are authorized to use, thereby preventing unauthorized access and maintaining
security.

4.2 Assumptions:
▪ Human Error: Assume that many vulnerabilities are introduced due to human errors in
development and configuration. This assumption highlights the importance of thorough
code reviews and proper security training for developers.
▪ Regulatory Compliance: Assume that websites and web applications must comply with
various data protection and privacy regulations. This assumption underscores the need for
legal and regulatory considerations in vulnerability assessments.

21100BTCSE10038 28 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

▪ Third-Party Risks: Assume that third-party components, libraries, and integrations in web
applications may introduce additional security risks. This assumption emphasizes the
importance of conducting vendor risk assessments.
▪ Zero-Day Vulnerabilities: Assume that unknown or unpatched vulnerabilities may exist
in web applications. This assumption highlights the need for strong security practices and
monitoring to detect and respond to emerging threats.

4.3 Result: Vulnerabilities for web applications has been studied successfully.

4.4References:https://www.toptal.com/cyber-security/10-most-common-web-
securityvulnerabilities

4.5 Quiz and Viva questions:

4.5.1 Viva questions:
1. What is a web application vulnerability, and why are they a concern for cybersecurity?
2. Can you explain the difference between a security vulnerability and an exploit in the
context of web applications?
3. Describe some common categories of web application vulnerabilities, such as injection
attacks and broken authentication.
4. Explain what Cross-Site Scripting (XSS) is, and how it can be prevented or mitigated.
5. What is Cross-Site Request Forgery (CSRF), and how can developers defend against
it?

4.5.2 Quiz questions:

1. What is the name of the vulnerability where an attacker inserts malicious code into a
website, which is then executed by unsuspecting users' browsers?
A) Cross-Site Request Forgery (CSRF)
B) SQL Injection
C) Cross-Site Scripting (XSS)
D) Distributed Denial of Service (DDoS)
2. Which vulnerability allows an attacker to manipulate and modify data in a web
application's database by injecting malicious SQL queries?
A) Cross-Site Scripting (XSS)
B) Cross-Site Request Forgery (CSRF)

21100BTCSE10038 29 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

C) SQL Injection
D) Clickjacking
3. What type of attack involves an attacker intercepting and eavesdropping on the
communication between a user and a web application to steal sensitive information like
login credentials?
A) Man-in-the-Middle (MitM) Attack
B) Distributed Denial of Service (DDoS) Attack
C) Brute Force Attack
D) Phishing Attack

21100BTCSE10038 30 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

EXPERIMENT: 07
1.Aim: Analysis the Security Vulnerabilities of E-commerce services.
2.Outcomes: At the end of the course, the student should be able to;
▪ Identifying and understanding security vulnerabilities enables E-commerce businesses
to take proactive measures to mitigate risks.
▪ Addressing vulnerabilities enhances compliance with data protection regulations and
industry standards.
▪ Analyzing vulnerabilities prepares E-commerce services to respond effectively to
security incidents.
3.Objectives: After going through this session, you should be able to:
Know about Security Vulnerabilities of E-commerce services.
▪ Identify the vulnerabilities input validations and database servers.
▪ Point out the vulnerabilities in TCP/IP Protocols used for communications.

4.Solutions:
4.1 Security Vulnerability in E-commerce: A "security vulnerability" in
e-commerce is a weakness or gap in the security of an online shopping platform
that, if exploited, can lead to data breaches, financial fraud, or unauthorized
access, potentially compromising customer data and trust. These vulnerabilities
may arise from software flaws, misconfigurations, or other weaknesses that need
to be addressed to maintain a secure e-commerce environment.

21100BTCSE10038 31 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

4.1.1 Types of Security Vulnerabilities in E commerce:

▪ Financial Frauds or Payment Frauds: This type is one of the most typical for
eCommerce and dates back to the very first attempts of the businesses going online. Often,
scammers used to make unauthorized transactions and immediately wipe out the trails. Or
else, they can use the fake emails, accounts, and names, and even IP addresses to look like
the real customer. After they have requested a refund with, for instance, a fake screenshot,
most eCommerce platforms basically give them money for nothing, especially if they’re
not aware of this financial trick. With being reported in over 70% of all attacks, payment
frauds are still one of the top reasons why companies experience huge cost losses. Solution:
Make sure your eCommerce platform cooperates only with verified and authoritative
payment systems. Additionally, some companies make it possible to conduct a transaction
only after logging in to the individual account before any purchase, which minimizes the
risks of financial fraud and prevents common security vulnerabilities as well.

▪ Spam Attacks: Though emails are considered to be the most powerful marketing channel
for eCommerce, they are also the typical web security vulnerabilities hackers can easily
take advantage of. The random comments left on the product pages, under your blog posts,
or the contact forms can not only harm the customers’ trust but also slow down your
platform as well. Needless to say, that one infected link left by a spammer is more than
enough to affect your site’s speed, provide access to personal customer information and
other sensitive data. Additionally, the spamming activity can become a serious threat to the
customers’ security as well, which can easily undermine your site’s credibility. Solution:
Use anti-spamming software for security vulnerabilities detection and its successful
removal. Such software can easily spot the infected URLs and safely remove them from
your site so that no one can see them. Typically, such software type uses various algorithms
to filter the comments and detect the computer-generated links which can be potentially
dangerous for your site’s security, and even provide you with the details about the email of
the actual sender if it is possible.
▪ Triangulation Fraud: This stands for creating a fake site with an identical interface and
products at a cheaper price. After the customers complete the transaction, they basically
donate the money to the criminals, as the products they wanted to purchase simply don’t
exist and never be shipped to them. The reason why this type of fraud is harmful to your
eCommerce platform is that you can lose your new clients, loyal customers, and their trust
as well: no one wants to go back to the site (even with the slight differences in a brand’s
name or interface) after being cheated there at once. Solution: Basically, no one can stop
scammers from creating a platform that looks just like your online store. However, it’s
possible to prevent your customers from being fooled by simply informing them about this
issue and pointing out the real domain of your eCommerce platform. Even a simple
information letter can in fact prevent your customers from money loss and also strengthen
your store’s authority as well.

21100BTCSE10038 32 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

▪ Web Application Security Vulnerabilities: At present, the level of competition in

different business areas makes companies do their best to meet all the customers’ needs.
For online stores, web applications are simply a must to attract more clients to their
platform. For instance, it’s essential for eCommerce clients to create the wish lists of the
products they want to buy next, look for the featured products, check the special offers and
get the personalized list of products they are probably interested in. The use of smartphones
has only enhanced the demand for web app creation. However, having created one is still
not that easy as to maintain and update it regularly.
▪ Bot Attack: Some criminals also attack eCommerce sites with bots, that basically act like
real users and can hardly be detected by the security system. This is why bot attack is
considered to be one of the common security vulnerabilities you should always keep in
mind. Usually, you can check the bot traffic in the site’s analytics and get the records about
the exact time and details of their behavior. Solution: To make sure your site is secure
enough and won’t go down during any of the hacking attempts, always introduce a
CAPTCHA test for critical actions such as logging in or products’ purchase. In addition,
track the traffic and block the one generated from the suspicious sources, analyze the failed
log-in attempts and protect your mobile apps. Large companies also consider employing
bot migration software - the perfect solution for minimizing IT security vulnerabilities.
▪ Brute Force Attacks: Brute-force attacks refer to the hacking method of guessing the
system passwords. So far that’s one of the most dangerous security vulnerability types that
can attack your online store’s panel and attempt to get full access to it. During this attack,
the various programs and complex algorithms are used to generate any possible
combination to crack your site’s password. After that, any scenario is possible: criminals
can ask for the reward or steal the client’s personal data, send spam offers, etc — all they
planned to do since the site owner has lost access to the admin panel. Solution: This attack
can’t be predicted but can be prevented instead. For minimizing the site’s security
vulnerability, developers recommend using strong, complex passwords and do not store
them on your digital files, computer documents, browsers, etc. In addition to that, you can
protect the site by changing the password regularly (for instance, on a monthly basis or
once a quarter).
▪ Vulnerabilities due to input valdation: Vulnerabilities arising from inadequate input
validations occur when software fails to properly check and sanitize the data it receives
from external sources. These vulnerabilities can lead to a range of security issues, including
code injection, data breaches, and application malfunction. Solution: To mitigate such
risks, thorough input validation processes should be integrated into software development
to ensure that incoming data is safe and conforms to expected formats and values.
▪ Buffer overflow: A buffer overflow is a security vulnerability that occurs when a program
writes data beyond the bounds of a fixed-size buffer, often in memory. This can lead to the
corruption of adjacent data or the execution of malicious code, potentially compromising
the security and stability of a computer system. Solution: To prevent buffer overflows,
developers should implement proper input validation, bounds checking, and use secure
coding practices. Additionally, operating systems and compilers offer various security
mechanisms to mitigate these vulnerabilities.

21100BTCSE10038 33 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

▪ Log Forging: Log forging, also known as log injection or log manipulation, is a
cybersecurity attack where an attacker manipulates or forges log entries in system or
application logs. This can be done to hide malicious activities, create a false narrative, or
deceive security personnel and automated monitoring systems. Log forging can undermine
the reliability of log data and hinder the detection of security incidents. Solution: To
mitigate this threat, organizations should implement proper access controls, log integrity
measures, and secure log storage practices to ensure the accuracy and trustworthiness of
log records.
▪ Missing XML Validation: Missing XML validation refers to a security vulnerability
where an application or system does not properly validate the structure and content of XML
(Extensible Markup Language) data it receives. This oversight can lead to security risks
such as XML injection attacks, where malicious XML data is used to exploit vulnerabilities
in the target system, potentially compromising data integrity and system security. Solution:
To address this vulnerability, developers should implement robust XML validation checks
to ensure that incoming XML data adheres to expected formats and doesn't contain
malicious elements or code.
▪ Vulnerabilities in database server: Vulnerabilities in a database server refer to security
weaknesses and flaws in the server software or its configuration that can be exploited by
attackers to gain unauthorized access, manipulate, or compromise the data stored in the
database. These vulnerabilities can result from various factors, including software bugs,
misconfigurations, weak authentication, and inadequate access controls. Solution: It's
essential to identify and patch these vulnerabilities to protect sensitive data and maintain
the security of the database server. Regular security updates, access controls, and security
assessments can help mitigate these risks.
4.2 Assumptions:
▪ Regulatory Compliance: Assume that e-commerce services must comply with various
data protection and privacy regulations. This assumption highlights the importance of
legal and regulatory considerations.
▪ Supply Chain Risks: Assume that third-party vendors and suppliers in the e-commerce
ecosystem may introduce additional security risks. This assumption underscores the
need for vendor risk assessments.
▪ Insider Threats: Assume that insider threats, whether intentional or accidental, are a
possibility within the organization. This assumption highlights the need for access
controls, monitoring, and employee education.
▪ Payment Security: Assume that payment processing and financial transactions within
e-commerce services are a target for cybercriminals. This assumption underscores the
need for strong payment security measures.
4.3 Result: The security Vulnerabilities for E commerce website has been studied
successfully.
4.5 References:

21100BTCSE10038 34 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

https://community.broadcom.com/symantecenterprise/viewdocument/commonsecurity-
vulnerabilities-in?CommunityKey=1ecf5f55-9545-44d6-b0f4-
4e4a7f5f5e68&tab=librarydocuments
4.6 Quiz and Viva questions:
4.3.1 Viva Questions:
1. Describe the risks and consequences of cross-site scripting (XSS) in the context of e-
commerce.
2. What role do inadequate authentication and authorization mechanisms play in
ecommerce security vulnerabilities?
3. How can e-commerce platforms defend against Distributed Denial of Service (DDoS)
attacks?
4. Discuss the security challenges related to insecure APIs in e-commerce services.

4.3.2 Quiz questions:

1. What is the primary objective of implementing security practices like encryption, secure
payment gateways, and access controls in e-commerce services?
A) To enhance website aesthetics
B) To improve website search engine optimization
C) To protect customer data and ensure secure transactions
D) To reduce website load times
2. What security mechanism helps protect e-commerce services from phishing attacks
aimed at stealing customer login credentials?
A) Two-factor authentication (2FA)
B) Secure Socket Layer (SSL) certificates
C) Public Key Infrastructure (PKI)
D) Cookie tracking
3. Which type of security vulnerability is related to storing customer passwords in an
insecure or plaintext format, making them vulnerable to theft?
A) SQL Injection
B) Brute Force Attack
C) Insecure password storage
D) Cross-Site Scripting (XSS)

21100BTCSE10038 35 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

EXPERIMENT: 08
1.Aim: Analysis the Security Vulnerabilities of E-mail applications.
2.Outcomes: At the end of the course, the student should be able to;
▪ Identifying and understanding security vulnerabilities in email applications allows for
proactive measures to mitigate risks, such as implementing encryption, spam filters, and
authentication protocols to protect sensitive email content from unauthorized access and
phishing attacks.
▪ Addressing vulnerabilities in email applications helps safeguard the privacy and integrity
of email communications.
▪ Analyzing vulnerabilities prepares organizations to respond effectively to email security
incidents.
3. Objectives: At the end of the session you should be able to
▪ Understand the security issues and vulnerability in Email system.
▪ Identify the threats in Email Communication
▪ Point out the limitations exists in currently used protocols.
4.Solutions:
4.1 Threats in E mail communication: Email communication, while an essential and
widely used method of correspondence, is susceptible to various threats and security risks.
These threats can compromise the confidentiality, integrity, and availability of email content.
Here are some common threats associated with email communication:
▪ Phishing: Phishing emails attempt to trick recipients into revealing sensitive information
such as login credentials, financial data, or personal information. Attackers often
impersonate trusted entities, making it challenging for users to discern the authenticity
of the email.
▪ Email Spoofing: Attackers can forge the sender's email address to make it appear as if
an email is coming from a legitimate source. This tactic is often used to deceive
recipients into taking specific actions or revealing information.
▪ Man-in-the-Middle (MitM) Attacks: In transit, email communications can be
intercepted and eavesdropped upon by attackers. This can lead to data theft, unauthorized
access, or content manipulation.
▪ Data Leakage: Sensitive information can be unintentionally exposed through email,
especially when users forward, reply to, or inadvertently send emails to the wrong
recipients.
▪ Email Interception: Government agencies, hackers, or unauthorized third parties can
intercept emails as they traverse the internet or email servers, violating privacy and
potentially exposing confidential content.

21100BTCSE10038 36 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

▪ Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks: Email
servers can become overwhelmed with excessive incoming email traffic, causing service
disruption and potentially rendering email accounts inaccessible.
▪ Social Engineering: Attackers may use psychological manipulation techniques to
deceive email users into revealing sensitive information or taking harmful actions.
▪ Email Account Compromise: Weak passwords, lack of multi-factor authentication
(MFA), and other security weaknesses can lead to unauthorized access to email accounts,
allowing attackers to impersonate the account holder.
▪ Email Forwarding and Filtering Abuse: Attackers can manipulate email forwarding
and filtering rules to redirect or hide important emails, making it difficult for users to
detect suspicious activity.
▪ Unencrypted Email: Email content that is not properly encrypted is vulnerable to
eavesdropping during transmission, potentially exposing confidential information.
▪ Email Harvesting: Email addresses can be harvested from public sources and used for
spam or targeted attacks.
▪ Eavesdropping: E-mail messages pass through networks which are part of big picture
i.e. Internet with a lot of people on it. So it is very easy for someone to track or capture
your message and read it.

▪ Identity theft: Identity theft is a crime in which someone fraudulently acquires and
misuses another person's personal information for financial or other fraudulent purposes,
often leading to financial losses and legal complications for the victim.

4.2 Limitations exist in currently used protocols: Any Network service like email
system must provide following five services for security reasons:

21100BTCSE10038 37 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

▪ Message Confidentiality: It promotes privacy that is the message transfer between sender
and receiver is secure and no one can read or track the message while transferring.
▪ Message Integrity: It says that the same message/data should arrive at receiver end as it
can be sent by sender. No alteration intentionally or accidentally takes place during transfer.
▪ Message Authentication: It ensures that message can be received from the sender only or
from the trusted source. In this receiver must be sure about the identity of sender.
▪ Message Non-repudiation: It ensures that anytime sender should not be able to deny
sending of message which originally sends by him/her.
▪ Entity Authentication: It ensures identification of user; the user must be verified before
accessing the resources and services. This is done by asking login-id and password.
▪ SMTP: SMTP does not encrypt messages. So, the communication between SMTP servers is in
plain text so eavesdropping takes place. If you are login to SMTP server using your username and
password that is also pass in plain text so again anyone stole your information during transfer.
Messages sent through SMTP also contains information about sending computer and software used
which when capture can be used for malicious intent.
▪ POP and IMAP: POP and IMAP are pull protocols, Request is sent to mail server to access the
mailbox and for that login using username and password is required. These details are not encrypted
before sending unless SSL is used. So, our confidential information is at stake.

4.3 Assumptions:
▪ Continuous Threats: Assume that email applications will always be under the threat of
various cyberattacks, such as phishing, malware, and spam. This assumption emphasizes
the need for constant vigilance and security measures.
▪ User Vulnerability: Assume that end-users are a common weak point in email security.
Users may inadvertently click on malicious links or download harmful attachments. This
assumption underscores the importance of user awareness and training.
▪ Evolving Attack Techniques: Assume that attackers will continually develop new
tactics and techniques. This assumption highlights the need for staying up to date with
the latest threats and vulnerabilities.
▪ Data Sensitivity: Assume that emails may contain sensitive information. This
assumption emphasizes the importance of protecting data during transmission and
storage.
4.4 Result: Security Vulnerabilities of E-mail applications has been studied successfully.
4.5 References:
https://www.cybertalk.org/2023/01/19/15-email-security-risks-and-how-to-addressthem-
2023/

4.6 Quiz and Viva questions:

21100BTCSE10038 38 | P a g e
BTCS503N CYBER AND NETWORK SECURITY

4.6.1 Viva Questions:

1. What are the common security vulnerabilities associated with email applications?
2. What is email spoofing, and how can it be prevented within email applications?
3. Explain the concept of email interception and its potential consequences for email
security.
4.6.2 Quiz Questions:
1. What is a common security vulnerability that can expose sensitive information in email
applications?
A) Cross-Site Scripting (XSS)
B) SQL Injection
C) Spear Phishing
D) Distributed Denial of Service (DDoS)
2. Which type of email attack aims to trick recipients into revealing sensitive
information, such as login credentials or financial details, by posing as a legitimate
source?
A) Malware attachments
B) Man-in-the-Middle (MitM) attack
C) Phishing
D) Email spoofing
3. What security vulnerability is primarily addressed by the use of end-to-end email
encryption?
A) Password theft
B) Unauthorized email access
C) Email interception and eavesdropping
D) Email attachment security

21100BTCSE10038 39 | P a g e