SlideShare a Scribd company logo

cyber security and forensic tools

Download as PPTX, PDF
S
Sonu Sunaliya
1 of 21
PRESENTED BY :-- 1->ROHIT PRAKASH 2->SONU SUNALIYA 3->RAUNAK MISHRA 4->SAURABH RATHORE Mr. PRATEEK DIWAN
What is cyber security? Cyber security is defined as the protection of systems, networks and data in cyberspace & is a critical issue for all businesses. Cyber security is also referred to as information technology security, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction.
WHY IS CYBER SECURITY IMPORTANT?Governments, military, corporations, financial institutions, hospitals and other businesses collect, process and store a great deal of confidential information on computers and transmit that data across networks to other computers. With the growing volume and sophistication of cyber attacks, ongoing attention is required to protect sensitive business and personal information, as well as safeguard national security.
Cyber risks can be divided into three distinct areas: 1.Cyber crime Conducted by individuals working alone, or in organised groups, intent on extracting money, data or causing disruption, cyber crime can take many forms, including the acquisition of credit/debit card data and intellectual property, and impairing the operations of a website or service. 2.Cyber war A nation state conducting sabotage and espionage against another nation in order to cause disruption or to extract data. 3.Cyber terror An organisation, working independently of a nation state, conducting terrorist activities through the medium of cyberspace.
ISO 27001 and cyber security :- As well as protecting your critical assets, customer details and your operating systems, effective cyber security can also help organisations win new business by providing assurances of their commitment to cyber security to their supply chain partners, stakeholders and customers. ISO 27001 is the internationally recognised best- practice Standard for information security management. It forms the backbone of every intelligent cyber security risk management strategy.
Introduction to cyber criminals:- Congruent with the rapid pace of technological change, the world of cyber crime never stops innovating either. Every month, Microsoft publishes a bulletin of the vulnerabilities of its systems, an ever-growing list of known threats, bugs and viruses.
CYBER SECURITY GLOSSARY OF TERMS:- • Phishing & Pharming • Drive-by & MITM • Active Attack • Access • Viruses • Spyware/Adware • Worms • Trojans
ACCESS:- Access to accounts can be enforced through four major types of controls: a). Mandatory Access Control (MAC) b). Discretionary Access Control (DAC) c). Role-Based Access Control (RBAC) d). Rule-Based Access Control
Viruses:- Aim:- Gain access to, steal, modify and corrupt information and files from a targeted computer system. Technique:- A small piece of software program that can replicate itself and spread from one computer to another by attaching itself to another computer file.
Spyware/Adware:- Aim:- To take control of your computer and/or to collect personal information without your knowledge. Technique:- By opening attachments, clicking links or downloading infected software, spyware/adware is installed on your computer.
Worms:- Aim: By exploiting weaknesses in operating systems, worms seek to damage networks and often deliver payloads which allow remote control of the infected computer. Technique: Worms are self-replicating and do not require a program to attach themselves to. Worms continually look for vulnerabilities and report back to the worm author when weaknesses are discovered.
Trojans:- Aim:- To create a ‘backdoor’ on your computer by which information can be stolen and damage caused. Technique:- A software program appears to perform one function (for example, virus removal) but actually acts as something else.
Phishing:- An attempt to acquire users’ information by masquerading as a legitimate entity. Examples include spoof emails and websites. Pharming:- An attack to redirect a website’s traffic to a different, fake website, where the individuals’ information is then compromised.
Drive-by:- Opportunistic attacks against specific weaknesses within a system. MITM:- ‘Man in the middle attack’ where a middleman impersonates each endpoint and is thus able to manipulate both victims.
ACTIVE ATTACK:- An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target. Types of active attacks:- Masquerade attack:- The intruder pretends to be a particular user of a system to gain access or to gain greater privileges than they are authorized for. Session replay attack:- A hacker steals an authorized user’s log in information by stealing the session ID. Message modification attack:- An intruder alters packet header addresses to direct a message to a different destination or modify the data on a target machine.
FORENSIC TOOLS:- Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime. The term digital forensics was originally used as a synonym for computer forensics but has expanded to cover investigation of all devices capable of storing digital data.
Forensic process:- A digital forensic investigation commonly consists of 3 stages:- *acquisition or imaging of exhibits *analysis * reporting. Ideally acquisition involves capturing an image of the computer's volatile memory (RAM) and creating an exact sector level duplicate (or "forensic duplicate") of the media, often using a write blocking device to prevent modification of the original.
TOOLS:- Some Forensic Tools are as follows:- 01. SANS SIFT 11. DEFT 12. Xplico 13. LastActivityView 14. DSi USB Write Blocker 15. Mandiant RedLine 16. PlainSight 17. HxD 18. HELIX3 Free 19.Paladin Forensic Suite 20. USB Historian 02. Pro Discover Basic 03.. Volatility 04 The Sleuth Kit (+Autopsy) 05. FTK Imager 06. Linux ‘dd’ 07. CAINE 08. Oxygen Forensic Suite 2013 Standard 09. Free Hex Editor Neo 10. Bulk Extractor
cyber security and forensic tools
cyber security and forensic tools

Recommended

CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
Network forensic
Network forensicNetwork forensic
Network forensicManjushree Mashal
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensicspranjal dutta
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigationProf. (Dr.) Tabrez Ahmad
 
computer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolscomputer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolsN.Jagadish Kumar
 

Recommended

CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber ForensicsKathirvel Ayyaswamy
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
Network forensic
Network forensicNetwork forensic
Network forensicManjushree Mashal
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensicspranjal dutta
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigationProf. (Dr.) Tabrez Ahmad
 
computer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolscomputer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolsN.Jagadish Kumar
 
Digital investigation
Digital investigationDigital investigation
Digital investigationunnilala11
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics abdullah roomi
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsyash sawarkar
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Incident response process
Incident response processIncident response process
Incident response processBhupeshkumar Nanhe
 
Cyber forensics and auditing
Cyber forensics and auditingCyber forensics and auditing
Cyber forensics and auditingSweta Kumari Barnwal
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics OverviewYansi Keim
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic toolsParsons Corporation
 
Social Media Forensics
Social Media ForensicsSocial Media Forensics
Social Media ForensicsJohn J. Carney, Esq.
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logsanilinvns
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - NotesKranthi
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsRoberto Ellis
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 
Digital Forensic
Digital ForensicDigital Forensic
Digital ForensicCleverence Kombe
 
Legal aspects of digital forensics
Legal aspects of digital forensics Legal aspects of digital forensics
Legal aspects of digital forensics KakshaPatel3
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Cyber crime and forensic
Cyber crime and forensicCyber crime and forensic
Cyber crime and forensicSANTANU KUMAR DAS
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 

More Related Content

What's hot

Digital investigation
Digital investigationDigital investigation
Digital investigationunnilala11
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics OverviewYansi Keim
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsSCREAM138
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logsanilinvns
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - NotesKranthi
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 
Legal aspects of digital forensics
Legal aspects of digital forensics Legal aspects of digital forensics
Legal aspects of digital forensics KakshaPatel3
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 

What's hot (20)

Digital investigation
Digital investigationDigital investigation
Digital investigation
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidence
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 
Incident response process
Incident response processIncident response process
Incident response process
 
Cyber forensics and auditing
Cyber forensics and auditingCyber forensics and auditing
Cyber forensics and auditing
 
Cyber Forensics Overview
Cyber Forensics OverviewCyber Forensics Overview
Cyber Forensics Overview
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Digital forensic tools
Digital forensic toolsDigital forensic tools
Digital forensic tools
 
Social Media Forensics
Social Media ForensicsSocial Media Forensics
Social Media Forensics
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logs
 
04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenes
 
Digital Forensic
Digital ForensicDigital Forensic
Digital Forensic
 
Legal aspects of digital forensics
Legal aspects of digital forensics Legal aspects of digital forensics
Legal aspects of digital forensics
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Email investigation
Email investigationEmail investigation
Email investigation
 

Viewers also liked

01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsZyxware Technologies
 
Creating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisationCreating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisationJacqueline Fick
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - NotesKranthi
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsOldsun
 
Cyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fickCyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fickJacqueline Fick
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeAung Thu Rha Hein
 
Cyber forensic standard operating procedures
Cyber forensic standard operating proceduresCyber forensic standard operating procedures
Cyber forensic standard operating proceduresSoumen Debgupta
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - NotesKranthi
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsLalit Garg
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentationprashant3535
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 

Viewers also liked (15)

Cyber crime and forensic
Cyber crime and forensicCyber crime and forensic
Cyber crime and forensic
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensics
 
Creating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisationCreating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisation
 
05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes05 Duplication and Preservation of Digital evidence - Notes
05 Duplication and Preservation of Digital evidence - Notes
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Cyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fickCyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fick
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Digital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research ChallengeDigital Forensic: Brief Intro & Research Challenge
Digital Forensic: Brief Intro & Research Challenge
 
Cyber forensic standard operating procedures
Cyber forensic standard operating proceduresCyber forensic standard operating procedures
Cyber forensic standard operating procedures
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Computer forensics
Computer forensicsComputer forensics
Computer forensics
 
Digital Crime & Forensics - Presentation
Digital Crime & Forensics - PresentationDigital Crime & Forensics - Presentation
Digital Crime & Forensics - Presentation
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 

Similar to cyber security and forensic tools

SEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptxSEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptxGauravWankar2
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hackingchakrekevin
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSrausdeen anfas
 
CYBERSECURITY | Why it is important?
CYBERSECURITY | Why it is important?CYBERSECURITY | Why it is important?
CYBERSECURITY | Why it is important?RONIKMEHRA
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 
Cyber Crime and Security
Cyber Crime and Security Cyber Crime and Security
Cyber Crime and Security Sanguine_Eva
 
The Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresThe Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresCarl B. Forkner, Ph.D.
 
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxChap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxSharmilaMore5
 

Similar to cyber security and forensic tools (20)

Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
 
Cyber security
Cyber securityCyber security
Cyber security
 
SEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptxSEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptx
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
 
C018131821
C018131821C018131821
C018131821
 
E Commerce security
E Commerce securityE Commerce security
E Commerce security
 
CYBERSECURITY | Why it is important?
CYBERSECURITY | Why it is important?CYBERSECURITY | Why it is important?
CYBERSECURITY | Why it is important?
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
 
module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security Concepts
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
cyber security
cyber security cyber security
cyber security
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)
 
Cyber Crime and Security
Cyber Crime and Security Cyber Crime and Security
Cyber Crime and Security
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docx
 
The Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresThe Threat Landscape & Network Security Measures
The Threat Landscape & Network Security Measures
 
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptxChap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
 
Cyber crime & security
Cyber crime & security Cyber crime & security
Cyber crime & security
 
Computer security
Computer securityComputer security
Computer security
 

cyber security and forensic tools

  • 1. PRESENTED BY :-- 1->ROHIT PRAKASH 2->SONU SUNALIYA 3->RAUNAK MISHRA 4->SAURABH RATHORE Mr. PRATEEK DIWAN
  • 2.
  • 3. What is cyber security? Cyber security is defined as the protection of systems, networks and data in cyberspace & is a critical issue for all businesses. Cyber security is also referred to as information technology security, focuses on protecting computers, networks, programs and data from unintended or unauthorized access, change or destruction.
  • 4. WHY IS CYBER SECURITY IMPORTANT?Governments, military, corporations, financial institutions, hospitals and other businesses collect, process and store a great deal of confidential information on computers and transmit that data across networks to other computers. With the growing volume and sophistication of cyber attacks, ongoing attention is required to protect sensitive business and personal information, as well as safeguard national security.
  • 5. Cyber risks can be divided into three distinct areas: 1.Cyber crime Conducted by individuals working alone, or in organised groups, intent on extracting money, data or causing disruption, cyber crime can take many forms, including the acquisition of credit/debit card data and intellectual property, and impairing the operations of a website or service. 2.Cyber war A nation state conducting sabotage and espionage against another nation in order to cause disruption or to extract data. 3.Cyber terror An organisation, working independently of a nation state, conducting terrorist activities through the medium of cyberspace.
  • 6. ISO 27001 and cyber security :- As well as protecting your critical assets, customer details and your operating systems, effective cyber security can also help organisations win new business by providing assurances of their commitment to cyber security to their supply chain partners, stakeholders and customers. ISO 27001 is the internationally recognised best- practice Standard for information security management. It forms the backbone of every intelligent cyber security risk management strategy.
  • 7. Introduction to cyber criminals:- Congruent with the rapid pace of technological change, the world of cyber crime never stops innovating either. Every month, Microsoft publishes a bulletin of the vulnerabilities of its systems, an ever-growing list of known threats, bugs and viruses.
  • 8. CYBER SECURITY GLOSSARY OF TERMS:- • Phishing & Pharming • Drive-by & MITM • Active Attack • Access • Viruses • Spyware/Adware • Worms • Trojans
  • 9. ACCESS:- Access to accounts can be enforced through four major types of controls: a). Mandatory Access Control (MAC) b). Discretionary Access Control (DAC) c). Role-Based Access Control (RBAC) d). Rule-Based Access Control
  • 10. Viruses:- Aim:- Gain access to, steal, modify and corrupt information and files from a targeted computer system. Technique:- A small piece of software program that can replicate itself and spread from one computer to another by attaching itself to another computer file.
  • 11. Spyware/Adware:- Aim:- To take control of your computer and/or to collect personal information without your knowledge. Technique:- By opening attachments, clicking links or downloading infected software, spyware/adware is installed on your computer.
  • 12. Worms:- Aim: By exploiting weaknesses in operating systems, worms seek to damage networks and often deliver payloads which allow remote control of the infected computer. Technique: Worms are self-replicating and do not require a program to attach themselves to. Worms continually look for vulnerabilities and report back to the worm author when weaknesses are discovered.
  • 13. Trojans:- Aim:- To create a ‘backdoor’ on your computer by which information can be stolen and damage caused. Technique:- A software program appears to perform one function (for example, virus removal) but actually acts as something else.
  • 14. Phishing:- An attempt to acquire users’ information by masquerading as a legitimate entity. Examples include spoof emails and websites. Pharming:- An attack to redirect a website’s traffic to a different, fake website, where the individuals’ information is then compromised.
  • 15. Drive-by:- Opportunistic attacks against specific weaknesses within a system. MITM:- ‘Man in the middle attack’ where a middleman impersonates each endpoint and is thus able to manipulate both victims.
  • 16. ACTIVE ATTACK:- An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target. Types of active attacks:- Masquerade attack:- The intruder pretends to be a particular user of a system to gain access or to gain greater privileges than they are authorized for. Session replay attack:- A hacker steals an authorized user’s log in information by stealing the session ID. Message modification attack:- An intruder alters packet header addresses to direct a message to a different destination or modify the data on a target machine.
  • 17. FORENSIC TOOLS:- Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime. The term digital forensics was originally used as a synonym for computer forensics but has expanded to cover investigation of all devices capable of storing digital data.
  • 18. Forensic process:- A digital forensic investigation commonly consists of 3 stages:- *acquisition or imaging of exhibits *analysis * reporting. Ideally acquisition involves capturing an image of the computer's volatile memory (RAM) and creating an exact sector level duplicate (or "forensic duplicate") of the media, often using a write blocking device to prevent modification of the original.
  • 19. TOOLS:- Some Forensic Tools are as follows:- 01. SANS SIFT 11. DEFT 12. Xplico 13. LastActivityView 14. DSi USB Write Blocker 15. Mandiant RedLine 16. PlainSight 17. HxD 18. HELIX3 Free 19.Paladin Forensic Suite 20. USB Historian 02. Pro Discover Basic 03.. Volatility 04 The Sleuth Kit (+Autopsy) 05. FTK Imager 06. Linux ‘dd’ 07. CAINE 08. Oxygen Forensic Suite 2013 Standard 09. Free Hex Editor Neo 10. Bulk Extractor