CSI6199 Cyber Security | Edith Cowan University
CSI6199 Cyber Security | Edith Cowan University
Module 4 Workshop Activities
Overview
This Workshop will consist of three Tasks. The first Task will be creating encrypted containers using the tool TrueCrypt. Task 2 will be cracking the TrueCrypt password using a tool called TrueCrack and Wordlists. Finally, Task 3 will be introducing the concept of steganography using the tool Steghide.
Task 1: TrueCrypt
You will be using the freely available (and no longer supported), TrueCrypt application to create an encrypted container. An encrypted container, often referred to as an encrypted disk image or encrypted volume, is a file, folder or a virtual storage space that is encrypted to protect its contents from unauthorised access. It serves as a secure way to store sensitive data such as documents, photos, or other files. You must use the Microsoft Azure Windows virtual machine for this activity. TrueCrypt will not work on the on-campus computers. TrueCrypt is no longer supported or considered secure by developers. However, the software and its capabilities are beneficial as a learning tool.
TrueCrypt was an extremely popular, open-source encryption utility used by individuals, commercial entities, and government organisation up until 2014. So Why did TrueCrypt cease to be used by everyone worldwide, so quickly? Perform a quick Google search to see why the best encryption program went from hero to zero overnight. Furthermore, what is the difference between TrueCrypt 7.1a and TrueCrypt 7.2?
Your Microsoft Azure instance does not come preinstalled/configured with TrueCrypt. Thus, you need to download and install the required software. The recommended location from which to download TrueCrypt 7.1a from is: https://www.truecrypt71a.com/downloads/Once downloaded, Install the software into a folder. The recommendation is that you install the software it into a folder on your desktop for ease of use/access.
Run the TrueCrypt application to commence creating your encrypted container.
Click on the Create Volume option and then select Create an encrypted file container.
Consider the following questions:
What is an encryption file container?
How does an encryption file container function?
How does an encryption file container differ from encrypting an entire hard drive?
Is a file container portable? i.e. can be moved and used on multiple workstations and operating systems?
You will be presented with the option of either a Standard or Hidden volume. You will create a Standard TrueCrypt volume.
TrueCrypt will ask you to select a Volume Location, click Select File and navigate to a specific location on your computer (preferably your desktop). Provide a name for your container think of this as a name you would typically provide to a Microsoft Word document or a graphics file you are working on. You will then be presented with a series of options with regards to an Encryption Algorithm and Hash Algorithm.
Use the opportunity to assess the different algorithms and read through the algorithm notes provided by TrueCrypt. The information will provide you with the base information for the following modules.
Having selected an Encryption and Hash Algorithm of your choice (it will make no difference in this activity as to which one you have selected), you will be prompted to select a Volume Size as per the image below. You may create a Volume Size as large or small as you like, but for this activity create a 10MB volume. The size of the volume represents the size of the data that your volume can hold.
Once you have progressed through the Volume Size selection, TrueCrypt will prompt you to create and confirm a password, which will be used to secure your encrypted container file. To simplify the subsequent cracking process in the next activity, choose a common password that you typically use for your everyday online accounts. For this activity as we are experimenting with encryption but in an ideal situation, you would choose a strong password.
Are you using symmetric or asymmetric encryption? This may not seem obvious at first, so jump onto Google and do a quick search of the differences between symmetric and asymmetric encryption. Once you know the answer, continue with this activity.
TrueCrypt will display the Volume Format option. You will see that there are different file system and cluster options. These are technical elements that fall beyond the scope of this unit, but if you are interested in learning more, then definitely do a little research on what these are and why they are important. Select the FAT file system and an 8 KB cluster size then finally click Format. Once the process finishes click through the remaining options.
So far you have created an encrypted container file. No files have been encrypted yet. Thus, you have not ensured the confidentiality of any files. Navigate to the location where you have created the container file. Note the size and location of the container file by viewing its properties.
Next, you will use the encrypted file container to encrypt some documents. Assuming you have completely closed down TrueCrypt, you will need to run TrueCrypt again.
Click the Select File button and locate the container file that you created previously.
The location and file container name should be displayed just next to the key logo (as depicted by #1, below). Next, click on a drive letter (i.e. K: or L: or T: etc.), (as depicted by #2, below) and then click the Mount button, you should be prompted for a password. Type in the password that you used when you created the container file.
Once the container file has been mounted successfully, you can access the container file as though it was a physical drive connected to the computer. Using My Computer, Computer or Windows Explorer you should see a drive, which is 10MB in size (assuming you created a 10MB volume as per the previous instruction).
From here, you can drag and drop, delete, move, and copy files that you would like to encrypt into the drive (container file) as if it were a hard disk, USB drive etc. Whilst the container file is mounted, the contents of the container file is always decrypted. This means that anyone or anything that has access to your computer could access your confidential files.
Once you have moved a couple of files into the container file, you should now encrypt the files. Make sure no file is still copying to the container (drive). Once you are comfortable that files are not being copied click the Dismount button. You may be prompted to force a dismount in which case you should agree. You could then take your container file and move it from disk to disk, onto a USB stick, email it yourself or someone else, put it in OneDrive or simply delete it.
Lastly, a few questions to get you thinking about what you just did, the usefulness of TrueCrypt and its limitations.
What is VeraCrypt? Why does VeraCrypt look like TrueCrypt? Is VeraCrypt secure?
What happens to the drive/file container (in My Computer, Computer or Windows Explorer) when it is dismounted?
Did the size of the TrueCrypt container file increase, decrease or remain the same after files were copied into it? What caused the container to react in this manner?
What happens if you put a file into your file container that is larger than the container itself? How does TrueCrypt reacte?
If you delete the encrypted file container what will happen to the files inside?
Task 2: Cracking TrueCrypt
The next part of this activity will make use of Kali Linux to crack the password that was created to secure your TrueCrypt container. You are going to try and use the file container that you created in Task 1, AND the two file containers that are on Canvas i.e. the simpleCrypt and difficultCrypt files.
At this stage your Microsoft Azure instance should already be running.
Run the Hyper-V Manager and then Boot your Kali Linux virtual machine.
You need to move your file container (from Task 1), and download the workshop4-files.zip from Canvas, into your Kali Linux instance. There are a few ways you can do this:
Use the Shared folder in Windows that you created in earlier modules.
Use OneDrive.
Use a web browser within Kali Linux to access Canvas and download your files.
Assuming you have the required files on the desktop within Kali Linux, open a Terminal window in Kali Linux.
The approach that will be used to crack the TrueCrypt container will be based on a dictionary attack. One of the obvious requirements for a dictionary attack is, a dictionary. However, it is not a dictionary in its traditional form. Rather it is a large file, containing a long list of words. Kali Linux has a large wordlist (a dictionary) that can be used to carry out the dictionary attack.
Using the menu function click Applications > 05 Password Attacks > wordlists, as per the screenshot below.
The preceding step should result in a Terminal window popping up, which places you within the /usr/share/wordlists directory as shown in the graphical image below. The FIRST time you run the wordlists application, you will be prompted for permission to extract the wordlist file. You should confirm that you wish to proceed by pressing Y.
You will then be prompted for the sudo password for Kali. You should be able to figure out what this password is. If not, a quick Google search will reveal you with answers.
You can perform a directly listing of the current directory by using the skills learnt from the earlier modules. Depending on your previous usage of your Kali Linux virtual machine, the wordlist file may already be decompressed and shown as rockyou.txt file. In contrast, if you are seeing a rockyou.txt.gz file then it needs to be decompressed. Use the command sudo gunzip rockyou.txt.gz to decompress the file.
Everything for this activity is going to be undertaken using the Terminal Emulator within the Desktop directory i.e. /home/kali/Desktop. Thus, you will need to copy the rockyou.txt file to the desktop using the following command:
cp rockyou.txt /home/kali/Desktop/
ensuring an uppercase D is used to spell the word Desktop.
The working directory needs to be changed to the Desktop; this can be achieved by executing the command:
cd /home/kali/Desktop/
ensuring an uppercase D is used to spell the word Desktop.
The software that will be used to perform the subsequent activity is called Truecrack. It is notinstalled by default, so you will need to install it using the following commands:
sudo apt update
sudo apt install truecrack
Running the truecrack command within terminal will present you with a series of options as per the following screenshot.
You are now going to try and crack your first TrueCrypt volume. Use the following command and substitute containerName with the actual name of the TrueCrypt container you are trying to crack.
truecrack -t containerName -w rockyou.txt
Did truecrack management to crack the container successfully? Replicate the process for your other container files. You may find that the program takes considerable time if you have chosen a complex password.
Lastly, using the skills and knowledge obtained from both this and preceding modules, how would you check if the rockyou.txt wordlist contains a specific password?
Task 3: Steganography
Steganography is a process of hiding a secret message in plain sight. Instead of encrypting the message, you hide it within something else, like a picture or a song. It's a way to send messages without anyone knowing that there is even a message there. It's like writing a secret note in invisible ink or hiding a treasure map in a painting. Steganography can be used used in various contexts, for instance; digital watermarking and covert communication. However, it is not commonly used, as it requires specific tools and techniques to hide and extract information.
Learning about steganography provides insight into how information can be hidden and transmitted covertly, contributing to a deeper understanding of cyber security concepts. It encourages critical thinking and problem-solving skills, as students must consider various techniques and methods for concealing and revealing information. Learning about steganography raises awareness about ethical considerations surrounding privacy, surveillance, and digital rights, empowering students to make informed decisions about technology use. Lastly, knowledge of steganography can be beneficial for students pursuing careers in cybersecurity, digital forensics, cryptography, law enforcement, or intelligence analysis. For this activity you are going to examine two graphical files and then extract hidden data.
Steghide is a popular open-source command-line tool used for steganography. It enables users to embed hidden data within various types of files, such as images and audio files. Steghide uses the Least Significant Bit (LSB) technique to hide information.
Examine the two graphical images within this week's module i.e. StatueOriginal.jpg and StatueSteg.jpg. You first impression should be that they look identical and on the surface they are.
Using Linux commands from previous modules, evaluate the size of both files. Do both files have the same size?
The first thing you are going to do is install steghide within terminal using the following command:
sudo apt install steghide
Run the following command to obtain a list of functions and options for the steghide program:
steghide
Using the information available to you, attempt to extract the hidden file from the StatueSteg.jpg file. The password required to decrypt (and extract) the file from the image is test1
Examine the extracted content and evaluate how such a utility would have practical uses for cyber criminals.
The second portfolio submission, requires you to submit a Microsoft Word document containing eight (8) portfolio entries. Your second portfolio submission should clearly demonstrate advanced knowledge and skillset, coupled with the ability to reflect on your achievements at a higher level. As a result, you second portfolio submission, should show that your attitudes, perspectives and worldview with respect to cyber security have evolved in line with the knowledge and skillset you have acquired, by progressing through this unit. You should follow the same requirements as per thePORTFOLIO - READ ME FIRSTpage, with each page encompassing the following:
Thefirst partof each of your remaining weekly entries requires that you;Develop a mind map (using Mindmeister) that brings together your interpretation and connections with all topics, themes and ideas that were covered within thePowerPoint files and Video Vignettes, for that module only.
The mind map should include connections to cyber security events and/or incidents that have occurred in 2024, which extend the topics and themes covered in that module.
The mind map shouldnotinclude the workshop related tasks/activities.
Each node within the mind map should include a few words, up to 1-2 sentences.
Each mind map should at the very least contain 25 nodes.
Thesecond partof the portfolio consists of weekly reflections thatdemonstratecompletion of each workshop activity, by;Evaluatingwhat skills and knowledge you attained through completion of the workshop. How are these skills and knowledge attained beneficial to you as a student and for your career?
Reflectingon the challenges you faced when undertaking the workshop. Explain how you solved and/or completed all stages of the workshop. Some workshops will naturally be more difficult and/or time consuming than others. What processes, tools, information sources or support, did you use to complete the workshop.
Respondingto the weekly workshop question(s) that will appear under theEvaluatepage within each module.
Submission Requirements:
In order for your assessment to be graded, you must submit one (1) Microsoft Word document, beforethe due date. Any other file will not be graded and will be awarded a zero. Your final portfolio submission should include eight (8) portfolio entries (modules 4-11).Do notinclude the portfolio entries for modules 1-3, or a table of contents.
View rubric
Completeness and Quality of Weekly Mind Maps Each mind map effectively and logically presents content, objectives, and purpose of each module, with frequent and relevant connections to contemporary events or incidents. Comprehensively addresses mind map task instructions. 12 to >7.5 pts
Satisfactory
Each mind map is crafted in accordance with assessment criteria, adequately showcasing the content, objectives, and purposes of each module, with some alignment to contemporary events or incidents. 7.5 to >0 pts
Need Improvement
The mind maps are constructed to some extent in alignment with assessment criteria, offering a basic presentation of the content, objectives, and purposes of each module. There is no/minimal alignment with contemporary events or incidents.
Evaluating Skills and Knowledge in Written Reflection 10 to >8 pts
Excellent
The student has generated an insightful reflection, delving deeply into the skills and knowledge acquired during the workshop, effectively aligning them with their future career aspirations. The reflection demonstrates a profound understanding of the challenges encountered during the workshop, offering comprehensive insights into the complexities faced. The student effectively explains the strategies employed to overcome these challenges, showcasing a high level of critical thinking and problem-solving skills. 8 to >5 pts
Satisfactory
The evaluation sufficiently addresses the skills and knowledge acquired during the workshop, offering some insights into their acquisition and relevance. The evaluation attempts to articulate how the acquired skills and knowledge benefit the student's academic growth and personal development, demonstrating a basic understanding of their relevance. 5 to >0 pts
Need Improvement
The evaluation lacks depth in exploring the skills and knowledge acquired during the workshop, providing limited insights into their acquisition and relevance. The evaluation struggles to articulate how the acquired skills and knowledge benefit the student's academic growth and personal development, demonstrating a superficial understanding of their relevance.
Reflecting on Workshop Challenges in Written Reflection 10 to >8 pts
Excellent
The reflection offers comprehensive insights into the challenges faced in the workshop . The student effectively explains the strategies employed to overcome these challenges, showcasing a high level of critical thinking and problem-solving skills. Additionally, the reflection demonstrates a keen awareness of the varying difficulty levels of workshops and provides detailed explanations of the processes, tools, information sources, or support utilised to successfully complete the tasks. 8 to >5 pts
Satisfactory
The reflection identifies some of the challenges faced during the workshop and offers basic explanations of the strategies employed to tackle them. However, the depth of analysis and problem-solving skills demonstrated are somewhat limited. The student provides a general overview of the processes, tools, information sources, or support used, but the explanation may lack specificity or detail. 5 to >0 pts
Needs Improvement
The reflection minimally addresses the challenges faced during the workshop and provides vague or unclear explanations of the strategies used to address them. The student demonstrates little to no understanding of problem-solving concepts or processes. Additionally, there is minimal to no mention of the processes, tools, information sources, or support utilised to complete the workshop tasks.
Responding to Weekly "Evaluate" Questions 10 to >8 pts
Excellent
The response demonstrates a thorough understanding of the weekly question(s) within the "Evaluate" page, providing insightful analysis, detailed explanations, and comprehensive exploration of relevant concepts. 8 to >5 pts
Satisfactory
The response exhibits a satisfactory understanding of the weekly question(s) within the "Evaluate" page, offering some insightful analysis, explanations with moderate detail, and a somewhat comprehensive exploration of relevant concepts. 5 to >0 pts
Needs Improvement
The response lacks a thorough understanding of the weekly questions within the "Evaluate" page, offering limited analysis, explanations lacking in detail, and minimal exploration of relevant concepts.
it is critically important that you read through all the following information. If you have any questions or concerns, youmustask your facilitator or unit coordinator and resolve them as soon as possible. The entire "portfolio" for this unit, has a combined value of 70% of your final semester grade. The following diagrams shows the overall structure and submission points:
A portfolio is typically a collection of written pieces, undertaken by a student to demonstrate their beliefs, skills, qualifications, education, training and/or experiences towards a given subject. It enables a student to reflect on a topic learnt or a task completed, to then demonstrate mastery and a thorough understanding of a topic. The major assessment within this unit, requires you to develop a portfolio comprising of weekly, module entries. Each portfolio entry will require you to demonstrate adeep understandingof the PowerPoints and Video Vignettes, andcompletionof the weekly workshops. The portfolio submissions points are as per the following:
The first portfolio submission will consist ofthree(3) entries (modules 1 to 3) and is made up of; Part 1a - a Portfolio Presentation and Part 1b - a Portfolio Written Submission.
The second portfolio submission will consist ofeight(8) entries (modules 4-11). Your second portfolio submissionmustnotinclude any content from your first portfolio submission.
Each weekly portfolio entry will be made up of two (2) parts. Thefirst partrequires that you;Develop a mind map (using Mindmeister) that brings together your interpretation and connections with all topics, themes and ideas that were covered within thePowerPoint files and Video Vignettes, for that module only.
The mind map should include connections to cyber security events and/or incidents that have occurred in 2024, which extend the topics and themes covered in that module.
The mind map shouldnotinclude the workshop related tasks/activities.
Each node within the mind map should include a few words, up to 1-2 sentences.
Each mind map should at the very least contain 25 nodes.
Thesecond partof the portfolio consists of weekly reflections thatdemonstratecompletion of each workshop activity, by;Evaluatingwhat skills and knowledge you attained through completion of the workshop. How are these skills and knowledge attained beneficial to you as a student and for your career?
Reflectingon the challenges you faced when undertaking the workshop. Explain how you solved and/or completed all stages of the workshop. Some workshops will naturally be more difficult and/or time consuming than others. What processes, tools, information sources or support, did you use to complete the workshop.
Respondingto the weekly workshop question(s) that will appear under theEvaluatepage within each module.
The portfolio must be created and submitted as aMicrosoft Word file.
Each weekly portfolio entry must consist of a maximum of two (2), A4 pages. The first page should include your exported Mindmeister mind map. The second page should include your personal reflection, of no more than400 words.
The mind map must be created usingHYPERLINK "https://courses.ecu.edu.au/courses/8492/pages/mindmeister" o "MindMeister"Mindmeister.Each ECU student has access to aHYPERLINK "https://courses.ecu.edu.au/courses/8492/pages/mindmeister" o "MindMeister"Mindmeisteraccount, by signing up using your ECU student email address. You must export your mind map into your Microsoft Word file.
Once you submit your portfolio, you will not be able to view your Turnitin similarity score, until after the due date of the assessment. Thus is it critical that your portfolio contains your work only.
The use of generative AI (such as Chat GPT) arestrictlyprohibitedand must not be used to complete the portfolio. Obtaining help from other people is alsoprohibited. Remember, the portfolio is designed to enable you to showcase how you understood all the topics, themes and completed the workshop tasks.
It is imperative that you thoroughly complete every single workshop and go through all the videos and PowerPoints. It will be impossible for you to evaluate and identify challenges experienced each week if you have not undertaken all the required tasks.
Some "Evaluate" tasks and associated reflection may require you to refer to third party resources. You should use appropriate referencing aligning to the ECU requirements where appropriate.
Lastly, the portfolio should not be a simple summary of what you have done. The portfolio requires you to demonstrate your brilliance and in-depth understanding of the subject matter.
The following diagram should assist you with developing your weekly, portfolio entry.
INCLUDEPICTURE "https://courses.ecu.edu.au/courses/47184/files/6953480/preview" * MERGEFORMATINET
