I & Science University in partial fulfilment
I want to dedicate this to my family members, lectures and my fellow colleagues that has been supporting and helping me throughout my studies in this programme and project. This is the thank you message for all of them. Thank You ! ACKNOWLEDGEMENTS Assalamualaikum W.B.T and Alhamdulillah. First and foremost, all praises to Allah S.W.T., The Most Greatest and The Most Merciful for His guidance and blessings, providing me and my fellow friends the opportunity and good health to completing this final year project.First of all, I would like to express my sincere thanks and gratitude to my project supervisor, Madam Siti Nazazihah Binti Rahmat , for her guidance and continuous support of my diploma final year project and research and also her patience, motivation, enthusiasm, and immense knowledge. I would like to express my deepest appreciation to all those who provided me the possibility to complete this report. A special gratitude I want give to our final year project coordinator, Madam Siti Nazazihah Binti Rahmat , for her support in giving out some suggestions and encouragement that helped me to coordinate my project especially in writing this thesis.I would also like to express my very great gratitude and appreciation to my parents, Mrs Aziah Binti Ujang and family members, for their guidance and support throughout building the system with me. Also, to my friends who help me by giving me support. Thank you so much. Lastly, I have to appreciate the guidance given by evaluators as well as the panels especially in my project presentation that has improved my presentation skills for the future sake and thanks to their great comments and advices that helps me to finish up my diploma final year project. Only Allah S.W.T can repay their kindness. InsyaAllah.ABSTRACT Abstract of project presented to the Senate of Management & Science University in partial fulfilment of the requirements for Diploma in Computer Forensic. VIDEO ENCRYPTION AND SHARINGByMOHD HAZIQ BIN SHAWALUDINSeptember 2017Faculty of Information Sciences and Engineering Nowadays, there are so many user that are very careless on protecting their data sending which the user think that their data already protected as long as no other user use their laptop. But in this era, many hacker and unethical user involve in hacking, cracking and also stole all the important and private information that is kept in the laptop for their own purpose and stole while the file is sending. For example, a user send a video data through networking platform to their friend, the video data can be stolen by the third party if there is no security that protect the data. The proposed of this project is to help the people who need to protect their file and information while sending the video data to others. So, this project has been decided to propose an application called “Video Encryption And Sharing”, which is using the AES and blowfish algorithms where all the data or file will be encrypt into another file that cannot be opened by another user except for the owner that has access to the application. This application is also built with a secure sign-in system which the user have to insert their username and password to using the application. This application also have a password recovery by TAC sms. TABLE OF CONTENTS ACKNOWLEDGEMENT ……………………………………………………….. vABSTRACT ………………………………………………………….………….. viABSTARK ……………………………………………………………………………… viiiLIST OF TABLES ……………………………………………………………….. xiiLIST OF FIGURES ………………………………………………………………. xiiiLIST OF APPENDIX …………………………………………………………… xv CHAPTERPAGEIINTRODUCTIONProject backgroundProblem statementObjectives of the projectScope of the projectSignificance of the projectLimitation of the project 14141515161718IILITERATURE REVIEWReview of Current SituationReview of Related ProductsComparison of The Systems191920 23 IIIMETHODOLOGY Project MethodologyHardware and Software RequirementSoftware RequirementHardware RequirementOperational FrameworkEntity Relationship Diagram3.5 Data Flow Diagram3.6 Project Schedule 252529 30 30 31 323334 IVCONCLUSION4.1 Conclusion4.2 References4.3 Appendices 4.3.1 Appendix A: Application Survey 4.3.2 Appendix B: Project Schedule 4.3.3 Appendix C: Application Interface 4.3.4 Appendix D: User Manual 3535363737383942 LIST OF TABLETABLE PAGE2.3.1 Software Comparison of Three Related Product 233.2.1 Software Review 303.2.2 Hardware Review 30 LIST OF FIGURESFIGURE PAGE 2.2.1 2.2.2 2.2.3 3.1.1 3.3.1 3.4.1 3.5.1 TrueCrypt CrossCrypt Encryption for the Masses(E4M) SDLC Steps Operational Framework for Project Methodology Entity Relationship Diagram Data Flow Diagram Level 0 20 21 22 26 31 32 33 LIST OF APPENDIX APPENDIX PAGE A B C D Application Survey Project Schedule Application Interface User Manual 37 38 39 42 CHAPTER I INTRODUCTION. 1.1 Project BackgroundIn the cyber age of the twenty first century, the act of cross examining information is necessary to come up with a an unbiased outcome for the good of a project. A developer might need the expertise of another developer for many reasons such as lacks experience, field expertise and many more. This concept also can be applied in everyday content sharing. On a daily basis, video content is shared constantly especially in the age of social media and a internet crime. Such a concept is important because in the era of privacy , because if such data ends up in the wrong hands, said video evidence could become less reliable; and might cause the investigation to be completely compromised. In the act of sharing video data, there are many ways an individual’s data can be compromised. For example, emails containing data can be intercepted from a third party that is clandestinely observing the interaction; while physical storage drives can either be stolen, destroyed, or even accessed when the owner of said drive is distracted. This is why users of private video sharing need a platform to share and pass video data without the risk of compromising the important data in question.In this project, the researcher has chosen to create a system that will help user. Secure video encryption and sharing is one of the system for the PC for sending and receiving video securely by encrypting the video data while the video is being sent and stores said video data into an online webhosting cloud to store the encrypted data and will be decrypted when the receiver downloads the data. In this system, both user sender and receiver must install the software and create a username and password. This System will use AES and Blowfish algorithm. The data will be shared only for the specific users only and with this system there is no third party or unauthorized user will steal the data clandestinely. This system will also have password recovery through email if the user forgets their username or password.This System will become useful because it is safe to be used; even if the user’s PC or Laptop is becomes damaged or stolen, the video data can be recovered from the cloud, since it was stored in a secure webhosting site. 1.2 Problem StatementThe problem statement that are found in this project is :i. Currently, existing application applied only one encryption algorithm to secure the data.ii. No existing application provide forgot password using TAC SMS on the step of password recovery. 1.3 Objective of the Project The main objective of this project are :i. To apply AES and blowfish encryption algorithm in secure the data from been stolen from others unauthorized user.ii. To provide forgot password using TAC SMS on password recovery step. 1.4 Scope of the Projecti. AES algorithm is used for the encryption.ii. Blowfish algorithm is used for the encryption.iii. Use sms (TAC) for the password recovery.iv. Upload data to webhosting to send the data.v. Download the data from webhosting to receive. 1.5 Significance of the Projecti. The significance of this project is to Provides solution for user without fear losing the video data to public.ii. Protect the application that contain all the video data from unauthorized access or intrusion.iii. Provide data stored online so can avoid data lost if PC corrupted or damage. 1.6 Limitation of the Projecti. Must have internet connection. CHAPTER II LITERATURE REVIEW 2.1 Review of Current Situation In today’s current situation a less of software and tools for computers are invented by developers for security purposes. In the same criteria the product are not fully satisfied for the users by the demand is there. Simple protection is not enough to make sure the safety of the data. The developer need to point more into security purpose for the user protection. Security of sending and receiving data is important to everyone. Protection of our data is more important because there is a lots of confidential and private data that we shared to others. The current situation of this project is the program has features which is the recovery scenarios. The usage of encrypt and decrypt software is rapidly spread in real life system. The efficiency can be achieved by doing simple and accurate system and the goals of this system is to secure user private data that will be send to other user. 2.2 Review of Related ProductEach program that is developed has its own advantages and disadvantages, and each of them has its own security. To get ideas and to develop guideline of the software development, there are three other software that can be made comparison with my project which is VdoCipher, BoxCryptor and VIPole. 2.2.1 VdoCipher VdoCipher is the internet as a place with rich and quality content, where the artists are not afraid to share their creation with the world, an internet where the contributors are recognized and have incentive for creating great content. Un-authorized distribution of media has alienated quality contributors. Premium video creators are afraid of releasing their content on the internet. The vision of open and rich internet is based upon the idea that the content creator can choose how and where to use the content. VdoCipher mission is to contribute to the video playback technology in making the internet a more content-rich place. Figure 2.2.1 Example VdoCipher Software 2.2.2 BoxCryptorBox Cryptor vision is to enable people benefit from new technology while keeping control of their data. We make complex security solutions easy to use and the mission is to become the service of choice for everyone who wants to secure files in the cloud. Today, cloud computing is part of our everyday lives and it is continuously changing and evolving. The influence that cloud computing has on our personal and business lives will have a lasting impact on our world. Therefore, data security in the cloud is of highest priority. Personal and sensitive information are valuable property that must be protected today and always. Boxcryptor was born inspired by our passion for cloud computing security and our wish to find new solutions to make our lives a little easier and more secure. As BoxCryptor grow and will continue to protect information across devices in the cloud and to develop services and solutions as needs and wants evolve. Figure 2.2.2 Example BoxCryptor Software2.2.3 VIPoleVIPole is a Premium Secure Instant Messenger for secure messaging, secure calls and encrypted file storage. VIPole uses encryption algorithms to protect all user communications and data. Outstanding feature of VIPole security system is that all user data is encrypted in such a way that it can only be decrypted by the user. VIPole technology protects user information even from server managers, such as operators and administrators. Figure 2.2.3 Example VIPole software 2.3 Comparison of the Software VdoCipherBox CryptorVIPoleSecure Video Encryption And SharingLOGO FEATURESi. Encrypted streamingii. Dynamic watermarkiii. Buffer retentionSupport providerTechnical overviewFile transfer and storagePassword managerWebhosting cloudTwo Secure Encryption Free Unlimited ALGORITHM-AES-RSA-AES -AES-BLOWFISHPRICING-Starter $349-Value $499-Express $799-Pro $1599-Stater (FREE)-Personal $48-Business $96-PRO $5.99(monthly)-Team $9(monthly)-FREE Unlimited Table 2.3: Comparison of the Software Based on my research when completing this thesis I did a comparisons between my product Private Disk Pocket with the related product which are VdoCipher, Box Cryptor and VIPole as show. 2.3 Summary of literature reviewSharing data between system users are protected with AES an BLOWFISH encryption protocol so that third parties and unauthorized user cannot get the data and so that the data can only be decrypted by the recipient. Secure Video Transfer and Sharing use e-mail password recovery to recover the forgot password. There are pros and cons in each individual system. CHAPTER III METHODOLOGY 3.1 Project Methodology A methodology is a set of ideas or guidelines about how to proceed in gathering and validating knowledge of a subject matter. Different areas of science have developed very different bodies of methodology on the basis of which to conduct their research. The waterfall model is a linear sequential (non-iterative) design approach for software development, in which progress flows in one direction downwards (like a waterfall) through the phases of requirement, design, implementation, verification and maintenance. The waterfall development model originated in the manufacturing and construction industries highly structured physical environment in which after the fact changes are impossible or at least prohibitively expensive. At the time it was adopted for software development, there were no recognised alternative for knowledge based creative work.Steve McConnell was the first one to describe the Modified waterfall model back in 1996. The modified waterfall model uses the same phases as the pure waterfall model. In response to the perceived problems with the pure waterfall model, modified waterfall model have been introduced. This enables the phases to overlap when needed. The modified waterfall can also split into subproject at an appropriate phase (such as after the hardware design and software design). In response to the perceived problems with the pure waterfall model, many modified waterfall models have been introduced. 3.2 Modified Waterfall Methodology Figure 3.2.1: Waterfall Model Diagram Advantages More flexible than the pure waterfall model. If there is personnel continuity between the phases, documentation can be substantially reduced. Implementation of easy areas does not need to wait for the hard ones.Disadvantages Milestone are more ambiguous than the pure waterfall and the activities performed in parallel are subject to miss communication and mistaken assumption. Unforeseen inter dependencies can create problems.
3.1.1 Requirement In this phase, first it need to capture all the requirements and do research. Then, do brainstorming and walk through to understand the requirements. Next do the requirements feasibility test to ensure that the requirements are testable or not. This can produces a high level overview document of the project which related to the project requirements and scope. This involvers detailed study of various operations performed by a system and their relationships within and outside the system. During this process, data are collected on the available files, decision points and transactions handled by the present system. It includes planning for the new system, analysis of requirement, system constraints, functions and proposed system architecture, prototype of the proposed system and its analysis. 3.1.2 Design Based on the user requirements and the detailed analysis of a new system, the new system must be designed. This is phase of system designing. It is the most crucial phase in the development of a system. The logical system design arrived at as a result of analysis and is converted into physical system design. Data structure, control process, equipment source, workload and limitation of the system, interface, documentation, training, procedures of using the system, taking backups and staffing requirement are decided at this stage. Then, document the designs. 3.1.3 Implementation The system design needs to be implemented to make it a workable system. It demands the coding of design into computer language programming language. This is also called the programming phase in which the programmer converts the program specifications into computer instructions, which we refer to as programs. It is an important stage where the defined procedures are transformed into control specifications by the help of a computer language. The programs coordinate the data movements and control the entire process in a system. Before actually implementing the new system into operations, a test run of the system is done removing all the bugs, if any. After codifying the whole programs of the system, a test plan should be developed and run on a given set of test data. The output of the test run should match the expected results. Sometimes, system testing is considered as a part of implementation process. After having the user acceptance of the new system developed, the implementation phase begins. Implementation is the stage of a project during which theory is turned into practice. The hardware and the relevant software required for running the system must be made fully operational before implementation. The conversion is also one of the most critical and expensive activities in the system development life cycle. 3.1.4 System TestThe system testing part of a testing methodology involves testing the entire system for errors and bugs. This test is carried out by interfacing the hardware and software components of the entire system (that have been previously unit tested and integration tested), and then testing it as a whole. This testing is listed under the black-box testing method, where the software is checked for user-expected working conditions as well as potential exception and edge conditions. 3.1.5 Maintenance Maintenance is necessary to eliminate errors in the system during its working life and to tune the system to any variations in its working environments. It must meet the scope of any future enhancement, future functionality and any other added functional features to cope up with the latest future needs. It has been seen that there are always some errors found in the systems that must be noted and corrected. It also means the review of the system from time to time. 3.2 Hardware And Software Requirement The hardware and software requirement are the important thing in this project because we must know the type of hardware and software that computer system need to meets the requirement of the application to run smoothly. Usually the software manufacturer will list down all the requirement of the application. Sometimes, the application that usually being used by the user has a minimum requirement that we must follow to make the application run without any problem. Also, the application need to support most platform such as Windows, Linux and etc. SoftwareSpecifications Visual Studio • 1.6GHz• 1 GB (32 Bit) or 2 GB (64 Bit) RAM • 3GB of available hard disk • DirectX 9 capable video card running at 1024 x 768 or higher• DVD-ROM DriveDatabase MySqlWebhosting• Quad-core x64 architecture 2 GHz CPU • 16-GB RAM• SAS RAID 5 or RAID 10 hard disk array Table 3.1: Software Requirements for project HardwareSpecificationsPersonal laptop· Model: ACER NITRO 5· Technical details: Intel® core i5· 12GB memory · 500GB hard drive · Operating system : Windows 10 Table 3.2: Hardware Requirements for project3.3 Class Diagram Figure 3.3 Operational Framework for Project Methodology 3.4 Entity Relationship Diagram Figure 3.4 Entity Relationship Diagram 3.5 Data Flow Diagram Level 0Register Figure 3.5 Data Flow Diagram Level 0 Login Add Friend Send Video File 3.6 Project Scheduler The project schedule is the tool that communicates what work needs to be performed, which resources of the organization will perform the work and the timeframes in which that work needs to be performed. The project schedule should reflect all of the work associated with delivering the project on time. Without a full and complete schedule, the project manager will be unable to communicate the complete effort, in terms of cost and resources, necessary to deliver the project. (Project Insight, 2015). In this project I used Gantt chart, commonly used in project management, is one of the most popular and useful ways of showing activities (tasks or events) displayed against time. On the left of the chart is a list of the activities and along the top is a suitable time scale. Each activity is represented by a bar; the position and length of the bar reflects the start data, duration and end date of the activity. (Gantt, 2015) Gantt chart can be refer to Appendix B. CHAPTER IV CONCLUSION4.1 Conclusion The conclusion of this proposal is to show and create a project of application based on the level of knowledge of computer forensic student and the purpose of develop this application is to know the function of the system and to give hand other user on how to protect our data by using the system that user created. User has to use this system to protect their data. By installing this system, , register username and password. This system also allow user to recovery password by using TAC sms. The password will help the user secure the data too. The important thing about the password is, the user should not share with other user for avoid data being hack or cracked by other. Each program that have been made has its own disadvantages, so we as a user must know that every program has its own limitation which soon this limitation will overcome with the good solution and to reach high level of security. So we have to help each other but making a comment on the product and what thing that can be done to help the system be more secure and highly protected.