Ethical Hacking Using Penetration Testing

This thesis provides details of the hardware architecture and the software scripting, which are employed to demonstrate penetration testing in a laboratory setup. The architecture depicts an organizational computing asset or an environment.¬¬¬ With the increasing number of cyber-attacks throughout the world, the network security is becoming an important issue. This has motivated a large number of “ethical hackers” to indulge and develop methodologies and scripts to defend against the security attacks. As it is too onerous to maintain and monitor attacks on individual hardware and software in an organization, the demand for the new ways to manage security systems invoked the idea of penetration testing. Many research groups have designed algorithms depending on the size, type and purpose of application to secure networks [55]. In this thesis, we create a laboratory setup replicating an organizational infrastructure to study penetration testing on real time server-client atmosphere. To make this possible, we have used Border Gateway Protocol (BGP) as routing protocol as it is widely used in current networks. Moreover, BGP exhibits few vulnerabilities of its own and makes the security assessment more promising. Here, we propose (a) computer based attacks and (b) actual network based attacks including defense mechanisms. The thesis, thus, describes the way penetration testing is accomplished over a desired BGP network. The procedural generation of the packets, exploit, and payloads involve internal and external network attacks. In this thesis, we start with the details of all sub-fields in the stream of penetration testing, including their requirements and outcomes. As an informative and learning research, this thesis discusses the types of attacks over the routers, switches and physical client machines. Our work also deals with the limitations of the implementation of the penetration testing, discussing over the vulnerabilities of the current standards in the technology. Furthermore, we consider the possible methodologies that require attention in order to accomplish most efficient outcomes with the penetration testing. Overall, this work has provided a great learning opportunity in the area of ethical hacking using penetration testing

Forensic investigation of cooperative storage cloud service: Symform as a case study

Researchers envisioned Storage as a Service (StaaS) as an effective solution to the distributed management of digital data. Cooperative storage cloud forensic is relatively new and is an under-explored area of research. Using Symform as a case study, we seek to determine the data remnants from the use of cooperative cloud storage services. In particular, we consider both mobile devices and personal computers running various popular operating systems, namely Windows 8.1, Mac OS X Mavericks 10.9.5, Ubuntu 14.04.1 LTS, iOS 7.1.2, and Android KitKat 4.4.4. Potential artefacts recovered during the research include data relating to the installation and uninstallation of the cloud applications, log-in to and log-out from Symform account using the client application, file synchronization as well as their time stamp information. This research contributes to an in-depth understanding of the types of terrestrial artifacts that are likely to remain after the use of cooperative storage cloud on client devices

Raamistik mobiilsete asjade veebile

Internet on oma arengus läbi aastate jõudnud järgmisse evolutsioonietappi - asjade internetti (ingl Internet of Things, lüh IoT). IoT ei tähista ühtainsat tehnoloogiat, see võimaldab eri seadmeil - arvutid, mobiiltelefonid, autod, kodumasinad, loomad, virtuaalsensorid, jne - omavahel üle Interneti suhelda, vajamata seejuures pidevat inimesepoolset seadistamist ja juhtimist. Mobiilseadmetest nagu näiteks nutitelefon ja tahvelarvuti on saanud meie igapäevased kaaslased ning oma mitmekülgse võimekusega on nad motiveerinud teadustegevust mobiilse IoT vallas. Nutitelefonid kätkevad endas võimekaid protsessoreid ja 3G/4G tehnoloogiatel põhinevaid internetiühendusi. Kuid kui kasutada seadmeid järjepanu täisvõimekusel, tühjeneb mobiili aku kiirelt. Doktoritöö esitleb energiasäästlikku, kergekaalulist mobiilsete veebiteenuste raamistikku anduriandmete kogumiseks, kasutades kergemaid, energiasäästlikumaid suhtlustprotokolle, mis on IoT keskkonnale sobilikumad. Doktoritöö käsitleb põhjalikult energia kokkuhoidu mobiilteenuste majutamisel. Töö käigus loodud raamistikud on kontseptsiooni tõestamiseks katsetatud mitmetes juhtumiuuringutes päris seadmetega.The Internet has evolved, over the years, from just being the Internet to become the Internet of Things (IoT), the next step in its evolution. IoT is not a single technology and it enables about everything from computers, mobile phones, cars, appliances, animals, virtual sensors, etc. that connect and interact with each other over the Internet to function free from human interaction. Mobile devices like the Smartphone and tablet PC have now become essential to everyday life and with extended capabilities have motivated research related to the mobile Internet of Things. Although, the recently developed Smartphones enjoy the high performance and high speed 3G/4G mobile Internet data transmission services, such high speed performances quickly drain the battery power of the mobile device. This thesis presents an energy efficient lightweight mobile Web service provisioning framework for mobile sensing utilizing the protocols that were designed for the constrained IoT environment. Lightweight protocols provide an energy efficient way of communication. Finally, this thesis highlights the energy conservation of the mobile Web service provisioning, the developed framework, extensively. Several case studies with the use of the proposed framework were implemented on real devices and has been thoroughly tested as a proof-of-concept.https://www.ester.ee/record=b522498

Comparison of Forensic Acquisition and Analysis on an iPhone over an Android Mobile Through multiple forensic methods

Mobile phones are most widely used as mini laptops as well as personal digital devices one could have. The dependency on mobiles for every single person on every single aspect has increased day by day. Depending on the operating systems, storage capacity, user interface developed by various manufacturers, there are numerous mobile phones designed with diverse computing capabilities. Among all the distinct kinds of smart mobile devices that are available in the mobile market, iPhone became one of the most popularly used smart mobiles across the world due to its complex logical computing capabilities, striking touch interface, optimum screen resolutions. People started relying on iPhone by utilizing its functionalities including storing sensitive information, capturing pictures, making online payments by providing credentials. These factors made iPhone to be one of the best resources for the forensic department to retrieve and analyze sensitive information and provide supporting evidence. Thus, the rise of iPhone forensics took place where the data is retrieved and analyzed with the help of various iPhone forensic tool kits. The agenda of this paper is to give overview of iPhone forensics and mainly focuses on analysis done, and challenges faced while retrieving the sensitive information on iPhone by means of distinct forensic tools when compare to Android mobile device forensic

Web based home automation

This thesis report is submitted in partial fulfillment of the requirements for the degree of Bachelor of Science in Electrical and Electronic Engineering, 2015.This project is developed by using a real time database that can be accessed and modified through internet. For hardware components Ethernet shield, ATmega32A microcontroller and little circuitry is incorporated. In attempt to control appliances, motion from surrounding environment and command from real time server is required. The main focus of our work is to control appliances in a time range through internet and sensing motion of a particular area. Based upon this the whole system is developed. Now-a-days people have desire to make a system which can be managed and upgraded from distant place. For accomplishing that web based Home automation is established. Signal from web database and motion of a certain area provide signals to ATmega32A microcontroller. Further, processing and using logics the incoming signals are sent to control the connected appliances through relay. The database is developed using PHP, HTML, CSS and some other scripting languages. On the other hand, microcontroller codes are developed in its AVR studio. In the whole system database along with Atmega32A microcontroller and motion sensor control the connected appliances with the circuit

BCBU + handbook : a guide to establish virtual cross-border campus for BCBU network

Vertaisarviointia edeltävä käsikirjoitu

A private cloud infrastructure for desktop virtualization & application delivery based on Xen

Todays computing environment requires IT departments to confront more PC management challenges than they did just a few years ago. With the increment in the complexity of software, more computing power is required for their execution resulting in cost and maintenance to surge up. Additional challenges stem from the need to access applications and data anywhere and from any device. To reduce maintenance, cost and time, desktop virtualization and application delivery come handy. Desktop virtualization prospects to offer a new, cost efficient paradigm shift to cater the demand for resources while amplifying the return on investment. Additionally, desktop virtualization can provide more dynamic streamlined management by isolating the elements of the traditional desktop computing stack. So, virtualized desktop is the key to progress towards a pervasive computing in cloud computing era. As the pace of cloud adoption accelerates, a high degree of flexibility will be the clue to architecting environments that provide for highly secure and available application delivery. This thesis describes the design, installation and deployment of a private cloud using Xen open sourced software solutions within the organization. A private cloud is setup in a virtualized environment of VMware hypervisor for virtual desktop delivery and application streaming to remote users on the LAN through a browser interface over a secured connection. The users of this service would be able to remotely login and access the virtual environment using the given authorized id over the browser

Business and E-commerce in Drupal

Abstract The aim of this Bachelor’s thesis was to introduce the usage of an open source content management system Drupal in building small or medium scale web applications. In this thesis Drupal was used to build an application for an e-commerce site for Hmcraft. This Thesis depicts how Hmcraft will be established, their business strategy, product strategy and the marketing strategy. The thesis identifies the advantages and disadvantages of e-commerce business and the future plans of the Hmcraft. Drupal is a content management system that can be used to create simple web pages or complex multi-site online systems. It has an active community of several thousand members all around the world constantly developing and providing technical support for other users. We will be using Drupal's Content management system (CMS) and Ubercart e-commerce modules for Drupal to allow us add products, generate reports, and process credit card payments. We will roll out our own themes, and we will integrate the Drupal model to a Finnish bank payment service.TIIVISTELMÄ Tämän opinnäytetyön tavoitteena on esitellä Drupalin julkaisujärjestelmän käyttöä pienillä ja keskisuurilla web-selaimilla.Tässä opinnäytetyössä Drupalia on käytetty Hmcraft-verkkokaupan sivuston ohjelman luomiseen. Tämä opinnäytetyö havainnollistaa kuinka Hmcraft perustetaan, sen yritys-, tuote- ja mainosstrategian. Työ erittelee verkkokaupan hyödyt ja haitat sekä Hmcraft:in tulevaisuuden suunnitelmat. Drupal on sisällönhallintajärjestelmä, jota voidaan käyttää yksinkertaisten web-sivujen tai monimutkaisten online sivustojen luomisessa. Järjestelmällä on aktiivinen, tuhansista jäsenistä ympäri maailmaa koostuva yhteisö, joka jatkuvasti kehittää ja tarjoaa teknistä tukea muille käyttäjille. Me tulemme käyttämään Drupalin sisällönhallintajärjestelmää (CMS) sekä Drupalin Ubercart verkkokaupan mallia, jonka kautta voimme lisätä tuotteita, luoda raportteja ja käsitellä luottokorttimaksuja. Me esittelemme myös meidän omat teemat, ja yhdistymme Drupalin mallin kautta suomalaiseen pankkimaksu palveluun

Using AR and VR characters for enhancing user experience in a museum

Museums and cultural heritage institutions have used technology to create interactive exhibits and pedagogical tools that help spark visitors’ interests. The rise of Augmented, Virtual and Mixed Reality Systems has further enabled the creation of a new generation of immersive experiences that can engage and educate visitors. These technologies can be used to develop digital characters that can serve as virtual tour guides and improve user engagement by answering questions and forming social bonds with the users. While such tour guides have been deployed as exhibits at many museums, the implementation is usually limited to a single exhibit or a section of the museum space. We believe that visitors will be better served if the virtual guide not only enriches the onsite experience but also provides a take-home experience for users to encourage future visits. This thesis explores the enhancement in user experience that such a system can bring by offering onsite and offsite AR and WebVR technologies to create a virtual tour guide that assists visitors at the Genesee Country Village & Museum through interactive dialog as they explore the historic village on the museum campus