1. INTRODUCTION TO
CYBERCRIME AND
SECURITY
BY PANKAJ R. KUMAWAT

2. WHAT IS CYBERCRIME?
• USING THE INTERNET TO COMMIT A CRIME.
• IDENTITY THEFT
• HACKING
• VIRUSES
• FACILITATION OF TRADITIONAL CRIMINAL ACTIVITY
• STALKING
• STEALING INFORMATION
• CHILD PORNOGRAPHY

3. CYBERCRIME COMPONENTS
• COMPUTERS
• CELL PHONES
• PDA’S
• GAME CONSOLES

4. HIGH-PROFILE CYBERCRIME-
RELATED CASES
• TJ MAXX DATA BREACH
• 45 MILLION CREDIT AND DEBIT CARD NUMBERS STOLEN
• KWAME KILPATRICK
• CELL PHONE TEXT MESSAGES
• BTK SERIAL KILLER
• KEVIN MITNICK

5. COMPUTER SECURITY
• CONFIDENTIALITY
• ONLY THOSE AUTHORIZED TO VIEW INFORMATION
• INTEGRITY
• INFORMATION IS CORRECT AND HASN’T BEEN ALTERED BY UNAUTHORIZED USERS OR
SOFTWARE
• AVAILABILITY
• DATA IS ACCESSIBLE TO AUTHORIZED USERS

6. COMPUTER SECURITY
Figure 1.0 – CIA Triangle

7. COMPUTER SECURITY - THREATS
• MALWARE
• SOFTWARE THAT HAS A MALICIOUS PURPOSE
• VIRUSES
• TROJAN HORSE
• SPYWARE

8. COMPUTER SECURITY - THREATS
• INTRUSIONS
• ANY ATTEMPT TO GAIN UNAUTHORIZED ACCESS TO A SYSTEM
• CRACKING
• HACKING
• SOCIAL ENGINEERING
• WAR-DRIVING

9. COMPUTER SECURITY - THREATS
• DENIAL-OF-SERVICE (DOS)
• PREVENTION OF LEGITIMATE ACCESS TO SYSTEMS
• ALSO DISTRIBUTED-DENIAL-OF-SERVICE (DDOS)
• DIFFERENT TYPES:
• PING-OF-DEATH
• TEARDROP
• SMURF
• SYN

10. COMPUTER SECURITY - THREATS
Figure 1.1 – DoS and DDoS Models

11. COMPUTER SECURITY - TERMINOLOGY
• PEOPLE
• HACKERS
• WHITE HAT – GOOD GUYS. REPORT HACKS/VULNERABILITIES TO APPROPRIATE
PEOPLE.
• BLACK HAT – ONLY INTERESTED IN PERSONAL GOALS, REGARDLESS OF IMPACT.
• GRAY HAT – SOMEWHERE IN BETWEEN.

12. COMPUTER SECURITY - TERMINOLOGY
• SCRIPT KIDDIES
• SOMEONE THAT CALLS THEMSELVES A ‘HACKER’ BUT REALLY ISN’T
• ETHICAL HACKER
• SOMEONE HIRED TO HACK A SYSTEM TO FIND VULNERABILITIES AND REPORT ON
THEM.
• ALSO CALLED A ‘SNEAKER’

13. COMPUTER SECURITY - TERMINOLOGY
• SECURITY DEVICES
• FIREWALL
• BARRIER BETWEEN NETWORK AND THE OUTSIDE WORLD.
• PROXY SERVER
• SITS BETWEEN USERS AND SERVER. TWO MAIN FUNCTIONS ARE TO IMPROVE
PERFORMANCE AND FILTER REQUESTS.
• INTRUSION DETECTION SYSTEMS (IDS)
• MONITORS NETWORK TRAFFIC FOR SUSPICIOUS ACTIVITY.

14. COMPUTER SECURITY - TERMINOLOGY
• ACTIVITIES
• PHREAKING
• BREAKING INTO TELEPHONE SYSTEMS (USED IN CONJUNCTION WITH WAR-DIALING)
• AUTHENTICATION
• DETERMINES WHETHER CREDENTIALS ARE AUTHORIZED TO ACCESS A RESOURCE
• AUDITING
• REVIEWING LOGS, RECORDS, OR PROCEDURES FOR COMPLIANCE WITH STANDARDS

15. COMPUTER SECURITY - CAREERS
• INFORMATION SECURITY ANALYST
US NATIONAL AVERAGE SALARY
Figure 1.2 – Median salary courtesy cbsalary.com

16. COMPUTER SECURITY -
CERTIFICATIONS
• ENTRY-LEVEL
• SECURITY+ HTTP://WWW.COMPTIA.ORG/CERTIFICATIONS/LISTED/SECURITY.ASPX
• CIW SECURITY ANALYST WWW.CIWCERTIFIED.COM
• INTERMEDIATE
• MSCE SECURITY
HTTP://WWW.MICROSOFT.COM/LEARNING/EN/US/CERTIFICATION/MCSE.ASPX#TAB3
• PROFESSIONAL
• CISSP WWW.ISC2.ORG
• SANS WWW.SANS.ORG

17. COMPUTER SECURITY - EDUCATION
• COMMUNITY-COLLEGE
• WASHTENAW COMMUNITY COLLEGE
• COMPUTER SYSTEMS SECURITY
HTTP://WWW4.WCCNET.EDU/ACADEMICINFO/CREDITOFFERINGS/PROGRAMS/DEG
REE.PHP?CODE=APCSS
• COMPUTER FORENSICS
HTTP://WWW4.WCCNET.EDU/ACADEMICINFO/CREDITOFFERINGS/PROGRAMS/DEG
REE.PHP?CODE=APDRAD

18. COMPUTER SECURITY - EDUCATION
• 4-YEAR COLLEGE
• EASTERN MICHIGAN UNIVERSITY
• INFORMATION ASSURANCE
• APPLIED
• NETWORK
• CRYPTOGRAPHY
• MANAGEMENT
• HTTP://WWW.EMICH.EDU/IA/UNDERGRADUATE.HTML

19. Any Queries ????

20. THANK YOU !!THANK YOU !!