Biblio

Cyber attacks are increasing at a rapid pace targeting financial institutions and the corporate sector, especially during pandemics such as COVID-19. Honeypots are implemented in data centers and servers, to capture these types of attacks and malicious activities. In this work, an experimental prototype is created simulating the attacker and victim environments and the results are consolidated. Attacker information is extracted using the Meterpreter framework and uses reverse TCP for capturing the data. Normal honeypots does not capture an attacker and his identity. Information such as user ID, Internet Protocol(IP) address, proxy servers, incoming and outgoing traffic, webcam snapshot, Media Access Control(MAC) address, operating system architecture, and router information of the attacker such as ARP cache can be extracted by this honeypot with "biteback" feature.

Cryptography is the science of encryption and decryption of data using the techniques of mathematics to achieve secure communication. This enables the user to send the data in an insecure channel. These channels are usually vulnerable to security attacks due to the data that they possess. A lot of work is being done these days to protect data and data communication. Hence securing them is the utmost concern. In recent times a lot of researchers have come up with different cryptographic techniques to protect the data over the network. One such technique used is DNA cryptography. The proposed approach employs a DNA sequencing-based encoding and decoding mechanism. The data is secured over the network using a secure authentication and key agreement procedure. A significant amount of work is done to show how DNA cryptography is secure when compared to other forms of cryptography techniques over the network.

The advent of 5G, one of the most recent and promising technologies currently under deployment, fulfills the emerging needs of mobile subscribers by introducing several new technological advancements. However, this may lead to numerous attacks in the emerging 5G networks. Thus, to guarantee the secure transmission of user data, 5G Authentication protocols such as Extensible Authentication Protocol - Authenticated Key Agreement Protocol (EAP-AKA) were developed. These protocols play an important role in ensuring security to the users as well as their data. However, there exists no guarantees about the security of the protocols. Thus formal verification is necessary to ensure that the authentication protocols are devoid of vulnerabilities or security loopholes. Towards this goal, we formally verify the security of the 5G EAP-AKA protocol using an automated verification tool called ProVerif. ProVerif identifies traces of attacks and checks for security loopholes that can be accessed by the attackers. In addition, we model the complete architecture of the 5G EAP-AKA protocol using the language called typed pi-calculus and analyze the protocol architecture through symbolic model checking. Our analysis shows that some cryptographic parameters in the architecture can be accessed by the attackers which cause the corresponding security properties to be violated.