Part A Anomaly detection involves actual software that works to detect intrusion attempts and notify the administrator. The system looks for any anomalous behavior. Any activity that does not match the pattern of normal user access is noted. Go to Google.com and search for information on how anomaly detection works and then using your own words answer the question: How does the IDS define -normal” use? A good place to find information about IDS system types is: http://searchsecurity.techtarget.com/essentialguide/Evaluating-intrusion-detection-and-preventionsystems-and-vendors
Part B: 1- Steganography This lab exercise reinforces the idea that most encrypted information requires a key to decode hidden information. The word steganography comes from the Greek name -steganos’ (hidden or secret) and “graphy” (writing or drawing) and literally means hidden writing. Steganography uses techniques to communicate information in a way that is hidden. In other words Steganography is the art of hidden writing. For this assignment the print screen of your work are essential. It is easy to use encryption to hide messages inside of other objects. Download Hide In Picture (HIP) from: http://sourceforge.net/projects/hide-in-picture/ You can then encrypt a message or even a program that can be extracted by using an encryption key. Unzip HIP and then run winhip_en.exe program. Copy the content of this document to a word document and save the file as Secret.docx. Open a bitmap file and hide the word document file within the picture, and send the picture to someone to see whether they can extract the secret message. Using the HIP program extract the file from your bitmap file. Print screen that shows a successful file recovery. Question: How could you detect hidden messages in web page images? Answer:
2- A BlowFish Application: Download and install the free Cryptainer LE 10 from: http://www.cypherix.com/cryptainer_le_download_center.htm This software sets up a 25-meg encrypted ‘virtual drive” on your computer using 448-bit Blowfish encryption or 256-bit AES encryption algorithm. Take a word document file and put it into the encrypted “drive.” Click Unload. Then try to access the encrypted disk file using MS Word.
Question: Do you see any of the word document file there? Can anyone read a file in this virtual drive if your laptop were stolen? Answer:
3- Secure Email Using Cryptainer LE 10 software send a secure email to someone (you can send a secure email to yourself by using two different email accounts from different vendors). Explain in detains your steps in sending a secure email.