SlideShare a Scribd company logo

Cyber attacks

A
Anuradha Moti T

Slides on Cyber Security:Overview of cyber attacks how attacks occurs and how to prevent helps IIIrd year students to learn about cyber security

Engineering
1 of 51
Download to read offline
Overview of Cyber Attacks Dr. Anuradha T Department of Computer Science and Engineering PDA College of Engineering, Kalaburagi17-Mar-19 1
Topics to Covered • What is a Cyber Attack • How does the Cyber Attacks Look Like • Cyber Attack Classified • Types of Cyber Attacks • How to Prevent Cyber Attacks • Security Attacks • Classification of Security Attacks • Network Management Tools • Research Areas 17-Mar-19 2
What is Cyber Attack? • Cyber is a prefix used in a growing number of technology and IT terms to describe new things that are being made possible by the spread of computers. • Cyber Attack is an attempt by hackers to damage or destroy a computer network or system. 17-Mar-19 3
How does the Cyber Attacks Look Like • It appears to come from your bank or credit card company. It seems urgent and includes a link to click. However, if you look closely at the email, you can find clues that it might not be real. • Another way is when you download a file that contains a malicious piece of code, usually a worm or Trojan horse. • This can happen by downloading e-mail files, but it can also happen when you download apps, videos, and music files online. • As soon as you open the file, your computer is infected and the virus, worm, or Trojan horse begins to spread. 17-Mar-19 4
Cyber Attacks Classified • Syntactic attacks • Semantic attacks • Syntactic attacks are different types of malicious software that attack your computer through various channels. • The most frequent types of software used in syntactic attacks include: Viruses • A virus is a piece of software that can attach itself to another file to reproduce. This type of software is often found in file downloads and email attachments, the virus is activated, it replicates, and sends itself to everyone in your contacts file. 17-Mar-19 5
• Worms: don't need another file to replicate and spread. These little bits of software are also more sophisticated and can collect and send data to a specified location using information about the network when it's on. • A worm infects a computer when it's delivered via another piece of software on a network. • A trojan horse could be an email that looks like it comes from a trusted company, when in fact, it's been sent by criminals or bad actors. • 17-Mar-19 6
Semantic Cyber Attacks • Semantic attacks are more about changing the perception or behavior of the person or organization that's being attacked. • There is less focus placed on the software involved. • Semantic Cyber attacks, also known as social engineering, manipulate human users’ perceptions and interpretations of computer-generated data in order to obtain valuable information (such as passwords, financial details, and classified government information) from the users through fraudulent means. Social-engineering techniques include phishing—in which attackers send seemingly… 17-Mar-19 7
Social Engineering • Social engineering, manipulate human users’ perceptions and interpretations of computer-generated data in order to obtain valuable information (such as passwords, financial details, and classified government information) from the users through fraudulent means. Social-engineering techniques include phishing—in which attackers send seemingly… 17-Mar-19 8
17-Mar-19 9Figure 1. Social Engineering Life Cycle
Types of Cyber Attacks Types of Cyber Attacks • Denial-of-service (DoS) and Distributed Denial-of- service(DDoS) • Man-in-the—middle (MitM) attack • Phishing and spear phising attacks • Drive-by-attack • Password attack • SQL injection attack • Cross-site scripting(XSS) attack • Eavesdropping attack • Birthday attack • Malware attack 17-Mar-19 10
Different Types of Cyber attacks 17-Mar-19 11 Figure 2. Types of Cyber Attacks.
Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks • A denial-of-service attack overwhelms a system’s resources so that it cannot respond to service requests. • A DDoS attack is also an attack on system’s resources, but it is launched from a large number of other host machines that are infected by malicious software controlled by the attacker. • Unlike attacks that are designed to enable the attacker to gain or increase access, denial-of-service doesn’t provide direct benefits for attackers. • There are different types of DoS and DDoS attacks; the most common are TCP SYN flood attack, teardrop attack, smurf attack, ping-of-death attack and botnets. 17-Mar-19 12
TCP SYN flood attack • In this attack, an attacker exploits the use of the buffer space during a Transmission Control Protocol (TCP) session initialization handshake. Teardrop attack • This attack causes the length and fragmentation offset fields in sequential Internet Protocol (IP) packets to overlap one another on the attacked host. Smurf attack • This attack involves using IP spoofing and the ICMP to saturate a target network with traffic. Ping of death attack • Ping of death attacks can be blocked by using a firewall that will check fragmented IP packets for maximum size. Botnets • Botnets are the millions of systems infected with malware under hacker control in order to carry out DDoS attacks. 17-Mar-19 13
Man-in-the-middle (MitM) attack • A MitM attack occurs when a hacker inserts itself between the communications of a client and a server. Example: Session hijacking • The attacker hijacks a session between a trusted client and network server. The attacking computer substitutes its IP address for the trusted client while the server continues the session, believing it is communicating with the client. Example: IP Spoofing • IP spoofing is used by an attacker to convince a system that it is communicating with a known, trusted entity and provide the attacker with access to the system. 17-Mar-19 14
• The attacker sends a packet with the IP source address of a known, trusted host instead of its own IP source address to a target host. The target host might accept the packet and act upon it. Example: Replay • A replay attack occurs when an attacker intercepts and saves old messages and then tries to send them later, impersonating one of the participants. 17-Mar-19 15
17-Mar-19 16 Figure 3. Session Hijacking
Phishing and spear phishing attacks • Phishing attack is the practice of sending emails that appear to be from trusted sources with the goal of gaining personal information. • It could involve an attachment to an email that loads malware onto your computer. • Attackers take the time to conduct research into targets and create messages that are personal and relevant. • One of the simplest way a hacker can conduct a spear phishing attack is email spoofing, which is when the information appears as if it is coming from someone you know very well.17-Mar-19 17
Drive by Attack • Drive-by download attacks are a common method of spreading malware. • Hackers look for insecure websites and plant a malicious script into HTTP code on one of the pages. • This script might install malware directly onto the computer of someone who visits the site. • To protect yourself from drive-by attacks, you need to keep your browsers and operating systems up to date and avoid to keep too many apps on your device. 17-Mar-19 18
Password Attack • Access to a person’s password can be obtained by looking around the person’s desk, ‘‘sniffing’’ the connection to the network to acquire unencrypted passwords, using social engineering, gaining access to a password database or outright guessing. • Brute-force password guessing means using a random approach by trying different passwords and hoping that one work. 17-Mar-19 19
• Dictionary attack: a dictionary of common passwords is used to attempt to gain access to a user’s computer and network. One approach is to copy an encrypted file that contains the passwords, apply the same encryption to a dictionary of commonly used passwords, and compare the results. • In order to protect yourself from dictionary or brute-force attacks, you need to implement an account lockout policy that will lock the account after a few invalid password attempts. 17-Mar-19 20
SQL injection attack • SQL injection has become a common issue with database- driven websites. • It occurs when a malefactor executes a SQL query to the database via the input data from the client to server. • SQL commands are inserted into data-plane input in order to run predefined SQL commands. • A successful SQL injection exploit can read sensitive data from the database, modify (insert, update or delete) database data, execute administration operations (such as shutdown) on the database, recover the content of a given file, and, in some cases, issue commands to the operating system.17-Mar-19 21
Cross-site scripting (XSS) attack • XSS attacks use third-party web resources to run scripts in the victim’s web browser or scriptable application. • Specifically, the attacker injects a payload with malicious JavaScript into a website’s database. • When the victim requests a page from the website, the website transmits the page, with the attacker’s payload as part of the HTML body, to the victim’s browser, which executes the malicious script. • It might send the victim’s cookie to the attacker’s server, and the attacker can extract it and use it for session hijacking. 17-Mar-19 22
17-Mar-19 23 Figure 4. XSS attack
Eavesdropping attack • Eavesdropping attacks occur through the interception of network traffic. • By eavesdropping, an attacker can obtain passwords, credit card numbers and other confidential information that a user might be sending over the network. • Eavesdropping can be passive or active: • Passive eavesdropping — A hacker detects the information by listening to the message transmission in the network. 17-Mar-19 24
• Active eavesdropping — A hacker actively grabs the information by disguising himself as friendly unit and by sending queries to transmitters. This is called probing, scanning or tampering. • Detecting passive eavesdropping attacks is often more important than spotting active ones, since active attacks requires the attacker to gain knowledge of the friendly units by conducting passive eavesdropping before. 17-Mar-19 25
Birthday Attack • Birthday attacks are made against hash algorithms that are used to verify the integrity of a message, software or digital signature. • A message processed by a hash function produces a message digest (MD) of fixed length, independent of the length of the input message; this MD uniquely characterizes the message. 17-Mar-19 26
• The birthday attack refers to the probability of finding two random messages that generate the same MD when processed by a hash function. • If an attacker calculates same MD for his message as the user has, he can safely replace the user’s message with his, and the receiver will not be able to detect the replacement even if he compares MDs. 17-Mar-19 27
Malware attack • Malicious software can be described as unwanted software that is installed in your system without your consent. It can attach itself to legitimate code and propagate; it can lurk in useful applications or replicate itself across the Internet. Here are some of the most common types of malware: • Macro viruses — • File infectors — • System or boot-record infectors — • Polymorphic viruses — These viruses conceal • Stealth viruses • Trojans — • Logic bombs • Worms — • Droppers — • Ransomware — 17-Mar-19 28
How to Prevent Cyber Attacks Steps you can take to reduce your risk of falling victim to a costly cyber attack: • Train employees in cyber security principles. • Install, use and regularly update antivirus and antispyware software on every computer used in your business. • Use a firewall for your Internet connection. • Download and install software updates for your operating systems and applications as they become available. 17-Mar-19 29
• Make backup copies of important business data and information. • Control physical access to your computers and network components. • Secure your Wi-Fi networks. If you have a Wi-Fi network for your workplace make sure it is secure and hidden. • Require individual user accounts for each employee. • Limit employee access to data and information and limit authority to install software. • Regularly change passwords 17-Mar-19 30
• Use patches. All it takes is a tiny hole in your system for hackers to poke their way in • Protect outbound data. Just as you protect your system from incoming malware and bots with a firewall, you need to make sure certain data never leaves your system. It’s important to focus on egress filtering, to prevent rogue employees or employees making honest mistakes from releasing sensitive data or malicious software from your network. • Raise awareness. It’s important for everyone in the organization to be savvy and alert about security issues. • Be smart about passwords. • Don’t ignore physical security. • Encrypt data. • Purchase a Cyber Insurance policy 17-Mar-19 31
Classification of security attacks • The attacks can be classified into two broad categories, namely, active and passive attacks. • An attacker can exploit the network either as internal or external and as active or passive. • Active attack: The aim of active attack is to adapt the data being exchanged in the network and thus disrupt the regular functioning of the network. The intruder can alter the packets, inject the packets, and drop the packet. Such attacks are very dangerous. • without disturbing normal network operation. 20-10-2018 32
• Passive attack: The aim of passive attack is to snoop the confidential information about routing, which shall be kept secret during the communication. It obtains such information. • The active attacks can be external and internal attacks, as discussed below: • External attack: External attackers mainly exist outside the networks. They want to get access to the network. Once they get access, they start sending bogus packets and perform denial of service in order to disrupt the performance of the whole network. 20-10-2018 33
• These attacks can be prevented by implementing security measures such as firewall, where the access of unauthorized person to the network can be mitigated. • Internal attack: In internal attack, the attacker wants to have normal access to the network as well as participate in the normal activities of the network. • The attacker gains access to the network as a new node either by compromising a current node or by malicious impersonation. • Impact of the internal attack is more severe than that of external attacks. The common examples of such attacks are blackhole and wormhole attacks, which are explained below.17-Mar-19 34
Security in different layers of protocol stack • Application programs do not interact with the network hardware directly. Rather, it interacts with protocol software. • The concept of layered protocol gives a theoretical basis for knowing how a collection of protocols work mutually with the hardware to provide a strong powerful communication system. • Different studies suggest different methods or techniques to handle security issues in many ways. 20-10-2018 35
Table 1. shows different layers in the protocol stack of the network. 17-Mar-19 36
Blackhole attack • The blackhole attack is one among the active and severe attack in MANETS. The node 1 is the source node and the node 4 represents the destination node. Node 3 is a node which acts as a blackhole (BH) node. • The attacker replies with the false reply RREP having higher modified sequence number. Therefore, node 1 erroneously judges the route discovery process with completion and starts to send data packets to node 3, which probably drops or consumes all the packets. 20-10-2018 37 RREQ Malicious RREP Figure 5. A blackhole attack in the mobile ad-hoc network
Network Management Tools • Wireshark • • Tshark • Dumpcap • NetStumbler • Honeypot • Snort 17-Mar-19 38
What is Wireshark? • Wireshark is a network packet analyzer. A network packet analyzer will try to capture network packets and tries to display that packet data as detailed as possible. • Network packet analyzer as a measuring device used to examine what's going on inside a network cable, just like a voltmeter is used by an electrician to examine what's going on inside an electric cable. • In the past, such tools were either very expensive, proprietary, or both. However, with the advent of Wireshark, all that has changed. • Wireshark is perhaps one of the best open source packet analyzers available today. 17-Mar-19 39
Some intended purposes • Network administrators use it to troubleshoot network problems • Network security engineers use it to examine security problems • Developers use it to debug protocol implementations • People use it to learn network protocol internals 17-Mar-19 40
What Wireshark is not • Wireshark isn’t an intrusion detection system. It will not warn you when someone does strange things on your network that he/she isn’t allowed to do. • However, if strange things happen, Wireshark might help you figure out what is really going on. • Wireshark will not manipulate things on the network, it will only “measure” things from it. • Wireshark doesn’t send packets on the network or do other active things (except for name resolutions, but even that can be disabled). 17-Mar-19 41
• Wireshark and TShark share a powerful filter engine that helps remove the noise from a packet trace and lets you see only the packets that interest you. • If a packet meets the requirements expressed in your filter, then it is displayed in the list of packets. • Display filters let you compare the fields within a protocol against a specific value, compare fields against fields, and check the existence of specified fields or protocols. • Wireshark can capture traffic from many different network media types - and despite its name - including wireless LAN as well. • Installing steps for Downloading Wireshark 17-Mar-19 42
Dumpcap • Dumpcap is a network traffic dump tool. It lets you capture packet data from a live network and write the packets to a file. • Dumpcap's native capture file format is libpcap format, which is also the format used by Wireshark, tcpdump and various other tools. • Without any options set it will use the pcap library to capture traffic from the first available network interface and writes the received raw packet data, along with the packets' time stamps into a libpcap file. 17-Mar-19 43
• If the -w option is not specified, Dumpcap writes to a newly created libpcap file with a randomly chosen name. • If the -w option is specified, Dumpcap writes to the file specified by that option. • Packet capturing is performed with the pcap library. The capture filter syntax follows the rules of the pcap library. 17-Mar-19 44
NetStumbler (Network Stumbler • It is one of the Wi-Fi hacking tool which only compatible with windows it freely available. • With this program, we can search for wireless network which open and infiltrate the network. • Its having some compatibility and network adapter issues 17-Mar-19 45
Key features of NetStumbler • Verify that your network is set up the way you intended. • Find locations with poor coverage in your WLAN. • Detect other networks that might be causing interference with your network. • Detect unauthorized “rogue” access points in your workplace. 17-Mar-19 46
Netstrumbler can provide the user • MAC address • SSID • Access point name • Channel • Vendor • Security (WEP on or off) • Signal strength and GPS coordinates (if GPS device is attached) 17-Mar-19 47
Honeypot • A honeypot is a device placed on a computer network specifically designed to capture malicious network traffic. • The logging capability of a honeypot is far greater than any other network security tool and captures raw packet level data even including the keystrokes and mistakes made by hackers. • The captured information is highly valuable as it contains only malicious traffic with little to no false positives. • Honeypots are becoming one of the leading security tools used to monitor the latest tricks and exploits of hackers by recording their every move so that the security community can more quickly respond to new exploits. 17-Mar-19 48
Snort • Snort is one of the network management tool used to give alarm when someone tries to enter into your own network specially used for intrusion detection system (IDS). 17-Mar-19 49
Topics for Research To be taken • The secure routing protocols based on graphs and cluster classification can be explored. • The proposed secure aware schemes to be applied to a proactive, hybrid protocol and compare with the performance to that for reactive protocols. • The secure routing protocols attacks can also be examined using honeypots. • The proposed protocols can also be applied to various types of security attacks. 17-Mar-19 50
Thanku for Patience Listening 17-Mar-19 51

Recommended

Cyber security
Cyber securityCyber security
Cyber security
Bhavin Shah
 
Cyber attack
Cyber attackCyber attack
Cyber attack
Manjushree Mashal
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
sommerville-videos
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
krishh sivakrishna
 
cyber security
cyber securitycyber security
cyber security
BasineniUdaykumar
 
Cyber security
Cyber securityCyber security
Cyber security
Rishav Sadhu
 
Types of Cyber Attacks
Types of Cyber AttacksTypes of Cyber Attacks
Types of Cyber Attacks
Rubal Sagwal
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
Mark Silver
 

Recommended

Cyber security
Cyber securityCyber security
Cyber security
Bhavin Shah
 
Cyber attack
Cyber attackCyber attack
Cyber attack
Manjushree Mashal
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
sommerville-videos
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
krishh sivakrishna
 
cyber security
cyber securitycyber security
cyber security
BasineniUdaykumar
 
Cyber security
Cyber securityCyber security
Cyber security
Rishav Sadhu
 
Types of Cyber Attacks
Types of Cyber AttacksTypes of Cyber Attacks
Types of Cyber Attacks
Rubal Sagwal
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
Mark Silver
 
Ethical hacking Presentation
Ethical hacking PresentationEthical hacking Presentation
Ethical hacking Presentation
AmbikaMalgatti
 
Cyber security
Cyber securityCyber security
Cyber security
Samsil Arefin
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
sweetpeace1
 
Cyber security
Cyber securityCyber security
Cyber security
manoj duli
 
Network security
Network securityNetwork security
Network security
Estiak Khan
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
Sharath Raj
 
Phishing awareness
Phishing awarenessPhishing awareness
Phishing awareness
PhishingBox
 
Hacking and Hacktivism
Hacking and HacktivismHacking and Hacktivism
Hacking and Hacktivism
rashidirazali
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
Self-employed
 
Cyber Crime and Cyber Security
Cyber Crime and Cyber SecurityCyber Crime and Cyber Security
Cyber Crime and Cyber Security
Sazed Salman
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Dipesh Waghela
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
Cloudflare
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ramiro Cid
 
Denial of service
Denial of serviceDenial of service
Denial of service
garishma bhatia
 
Hacking
HackingHacking
Hacking
Sharique Masood
 
Data Security - English
Data Security - EnglishData Security - English
Data Security - English
Data Security
 
Information security
Information securityInformation security
Information security
avinashbalakrishnan2
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Bhandari Hìmáñßhü
 
types of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtypes of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptx
taufiq463421
 
Malware attack Social engineering attack
Malware attack Social engineering attackMalware attack Social engineering attack
Malware attack Social engineering attack
taufiq463421
 

More Related Content

What's hot

Ethical hacking Presentation
Ethical hacking PresentationEthical hacking Presentation
Ethical hacking Presentation
AmbikaMalgatti
 
Cyber security
Cyber securityCyber security
Cyber security
Samsil Arefin
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
sweetpeace1
 
Cyber security
Cyber securityCyber security
Cyber security
manoj duli
 
Network security
Network securityNetwork security
Network security
Estiak Khan
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
Sharath Raj
 
Phishing awareness
Phishing awarenessPhishing awareness
Phishing awareness
PhishingBox
 
Hacking and Hacktivism
Hacking and HacktivismHacking and Hacktivism
Hacking and Hacktivism
rashidirazali
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
Self-employed
 
Cyber Crime and Cyber Security
Cyber Crime and Cyber SecurityCyber Crime and Cyber Security
Cyber Crime and Cyber Security
Sazed Salman
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Dipesh Waghela
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
Cloudflare
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ramiro Cid
 
Denial of service
Denial of serviceDenial of service
Denial of service
garishma bhatia
 
Hacking
HackingHacking
Hacking
Sharique Masood
 
Data Security - English
Data Security - EnglishData Security - English
Data Security - English
Data Security
 
Information security
Information securityInformation security
Information security
avinashbalakrishnan2
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Bhandari Hìmáñßhü
 

What's hot (20)

Ethical hacking Presentation
Ethical hacking PresentationEthical hacking Presentation
Ethical hacking Presentation
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
 
Cyber security
Cyber securityCyber security
Cyber security
 
Network security
Network securityNetwork security
Network security
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Phishing awareness
Phishing awarenessPhishing awareness
Phishing awareness
 
Hacking and Hacktivism
Hacking and HacktivismHacking and Hacktivism
Hacking and Hacktivism
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
 
Cyber Crime and Cyber Security
Cyber Crime and Cyber SecurityCyber Crime and Cyber Security
Cyber Crime and Cyber Security
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Denial of service
Denial of serviceDenial of service
Denial of service
 
Hacking
HackingHacking
Hacking
 
Data Security - English
Data Security - EnglishData Security - English
Data Security - English
 
Information security
Information securityInformation security
Information security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 

Similar to Cyber attacks

types of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtypes of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptx
taufiq463421
 
Malware attack Social engineering attack
Malware attack Social engineering attackMalware attack Social engineering attack
Malware attack Social engineering attack
taufiq463421
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
What are various types of cyber attacks
What are various types of cyber attacksWhat are various types of cyber attacks
What are various types of cyber attacks
kanika sharma
 
Attacks Types
Attacks TypesAttacks Types
Attacks Types
RajuPrasad33
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
PraphullaShrestha1
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
parveen837153
 
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
Kaukau9
 
Internet Security
Internet SecurityInternet Security
Internet Security
Mitesh Gupta
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
ANIKETKUMARSHARMA3
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
SohamChakraborty61
 
Cyber Security Introduction project comprehensive
Cyber Security Introduction project comprehensiveCyber Security Introduction project comprehensive
Cyber Security Introduction project comprehensive
sidraasif9090
 
Computer Security
Computer SecurityComputer Security
Computer Security
Vaibhavi Patel
 
hacking.ppt
hacking.ppthacking.ppt
hacking.ppt
ssuserec53e73
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
Arnav Chowdhury
 
ppt pdf ajay.pdf
ppt pdf ajay.pdfppt pdf ajay.pdf
ppt pdf ajay.pdf
AmolKumarPandey2
 
E Commerce security
E Commerce securityE Commerce security
E Commerce security
Mayank Kashyap
 

Similar to Cyber attacks (20)

types of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtypes of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptx
 
Malware attack Social engineering attack
Malware attack Social engineering attackMalware attack Social engineering attack
Malware attack Social engineering attack
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
What are various types of cyber attacks
What are various types of cyber attacksWhat are various types of cyber attacks
What are various types of cyber attacks
 
Attacks Types
Attacks TypesAttacks Types
Attacks Types
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
 
Cyber Security Introduction project comprehensive
Cyber Security Introduction project comprehensiveCyber Security Introduction project comprehensive
Cyber Security Introduction project comprehensive
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
hacking.ppt
hacking.ppthacking.ppt
hacking.ppt
 
2hacking.ppt
2hacking.ppt2hacking.ppt
2hacking.ppt
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
ppt pdf ajay.pdf
ppt pdf ajay.pdfppt pdf ajay.pdf
ppt pdf ajay.pdf
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
E Commerce security
E Commerce securityE Commerce security
E Commerce security
 

Recently uploaded

Unbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptxUnbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptx
ChristineTorrepenida1
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Sreedhar Chowdam
 
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
obonagu
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
SyedAbiiAzazi1
 
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTSHeap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Soumen Santra
 
space technology lecture notes on satellite
space technology lecture notes on satellitespace technology lecture notes on satellite
space technology lecture notes on satellite
ongomchris
 
Investor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptxInvestor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptx
AmarGB2
 
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdfHybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
fxintegritypublishin
 
DESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docxDESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docx
FluxPrime1
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
MdTanvirMahtab2
 
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
zwunae
 
English lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdfEnglish lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdf
BrazilAccount1
 
weather web application report.pdf
weather web application report.pdfweather web application report.pdf
weather web application report.pdf
Pratik Pawar
 
6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)
ClaraZara1
 
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
ydteq
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
gestioneergodomus
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
AJAYKUMARPUND1
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
WENKENLI1
 
Gen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdfGen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdf
gdsczhcet
 
Railway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdfRailway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdf
TeeVichai
 

Recently uploaded (20)

Unbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptxUnbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptx
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
 
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
 
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTSHeap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
 
space technology lecture notes on satellite
space technology lecture notes on satellitespace technology lecture notes on satellite
space technology lecture notes on satellite
 
Investor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptxInvestor-Presentation-Q1FY2024 investor presentation document.pptx
Investor-Presentation-Q1FY2024 investor presentation document.pptx
 
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdfHybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
 
DESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docxDESIGN A COTTON SEED SEPARATION MACHINE.docx
DESIGN A COTTON SEED SEPARATION MACHINE.docx
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
 
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
 
English lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdfEnglish lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdf
 
weather web application report.pdf
weather web application report.pdfweather web application report.pdf
weather web application report.pdf
 
6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)6th International Conference on Machine Learning & Applications (CMLA 2024)
6th International Conference on Machine Learning & Applications (CMLA 2024)
 
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
 
Gen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdfGen AI Study Jams _ For the GDSC Leads in India.pdf
Gen AI Study Jams _ For the GDSC Leads in India.pdf
 
Railway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdfRailway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdf
 

Cyber attacks

  • 1. Overview of Cyber Attacks Dr. Anuradha T Department of Computer Science and Engineering PDA College of Engineering, Kalaburagi17-Mar-19 1
  • 2. Topics to Covered • What is a Cyber Attack • How does the Cyber Attacks Look Like • Cyber Attack Classified • Types of Cyber Attacks • How to Prevent Cyber Attacks • Security Attacks • Classification of Security Attacks • Network Management Tools • Research Areas 17-Mar-19 2
  • 3. What is Cyber Attack? • Cyber is a prefix used in a growing number of technology and IT terms to describe new things that are being made possible by the spread of computers. • Cyber Attack is an attempt by hackers to damage or destroy a computer network or system. 17-Mar-19 3
  • 4. How does the Cyber Attacks Look Like • It appears to come from your bank or credit card company. It seems urgent and includes a link to click. However, if you look closely at the email, you can find clues that it might not be real. • Another way is when you download a file that contains a malicious piece of code, usually a worm or Trojan horse. • This can happen by downloading e-mail files, but it can also happen when you download apps, videos, and music files online. • As soon as you open the file, your computer is infected and the virus, worm, or Trojan horse begins to spread. 17-Mar-19 4
  • 5. Cyber Attacks Classified • Syntactic attacks • Semantic attacks • Syntactic attacks are different types of malicious software that attack your computer through various channels. • The most frequent types of software used in syntactic attacks include: Viruses • A virus is a piece of software that can attach itself to another file to reproduce. This type of software is often found in file downloads and email attachments, the virus is activated, it replicates, and sends itself to everyone in your contacts file. 17-Mar-19 5
  • 6. • Worms: don't need another file to replicate and spread. These little bits of software are also more sophisticated and can collect and send data to a specified location using information about the network when it's on. • A worm infects a computer when it's delivered via another piece of software on a network. • A trojan horse could be an email that looks like it comes from a trusted company, when in fact, it's been sent by criminals or bad actors. • 17-Mar-19 6
  • 7. Semantic Cyber Attacks • Semantic attacks are more about changing the perception or behavior of the person or organization that's being attacked. • There is less focus placed on the software involved. • Semantic Cyber attacks, also known as social engineering, manipulate human users’ perceptions and interpretations of computer-generated data in order to obtain valuable information (such as passwords, financial details, and classified government information) from the users through fraudulent means. Social-engineering techniques include phishing—in which attackers send seemingly… 17-Mar-19 7
  • 8. Social Engineering • Social engineering, manipulate human users’ perceptions and interpretations of computer-generated data in order to obtain valuable information (such as passwords, financial details, and classified government information) from the users through fraudulent means. Social-engineering techniques include phishing—in which attackers send seemingly… 17-Mar-19 8
  • 9. 17-Mar-19 9Figure 1. Social Engineering Life Cycle
  • 10. Types of Cyber Attacks Types of Cyber Attacks • Denial-of-service (DoS) and Distributed Denial-of- service(DDoS) • Man-in-the—middle (MitM) attack • Phishing and spear phising attacks • Drive-by-attack • Password attack • SQL injection attack • Cross-site scripting(XSS) attack • Eavesdropping attack • Birthday attack • Malware attack 17-Mar-19 10
  • 11. Different Types of Cyber attacks 17-Mar-19 11 Figure 2. Types of Cyber Attacks.
  • 12. Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks • A denial-of-service attack overwhelms a system’s resources so that it cannot respond to service requests. • A DDoS attack is also an attack on system’s resources, but it is launched from a large number of other host machines that are infected by malicious software controlled by the attacker. • Unlike attacks that are designed to enable the attacker to gain or increase access, denial-of-service doesn’t provide direct benefits for attackers. • There are different types of DoS and DDoS attacks; the most common are TCP SYN flood attack, teardrop attack, smurf attack, ping-of-death attack and botnets. 17-Mar-19 12
  • 13. TCP SYN flood attack • In this attack, an attacker exploits the use of the buffer space during a Transmission Control Protocol (TCP) session initialization handshake. Teardrop attack • This attack causes the length and fragmentation offset fields in sequential Internet Protocol (IP) packets to overlap one another on the attacked host. Smurf attack • This attack involves using IP spoofing and the ICMP to saturate a target network with traffic. Ping of death attack • Ping of death attacks can be blocked by using a firewall that will check fragmented IP packets for maximum size. Botnets • Botnets are the millions of systems infected with malware under hacker control in order to carry out DDoS attacks. 17-Mar-19 13
  • 14. Man-in-the-middle (MitM) attack • A MitM attack occurs when a hacker inserts itself between the communications of a client and a server. Example: Session hijacking • The attacker hijacks a session between a trusted client and network server. The attacking computer substitutes its IP address for the trusted client while the server continues the session, believing it is communicating with the client. Example: IP Spoofing • IP spoofing is used by an attacker to convince a system that it is communicating with a known, trusted entity and provide the attacker with access to the system. 17-Mar-19 14
  • 15. • The attacker sends a packet with the IP source address of a known, trusted host instead of its own IP source address to a target host. The target host might accept the packet and act upon it. Example: Replay • A replay attack occurs when an attacker intercepts and saves old messages and then tries to send them later, impersonating one of the participants. 17-Mar-19 15
  • 16. 17-Mar-19 16 Figure 3. Session Hijacking
  • 17. Phishing and spear phishing attacks • Phishing attack is the practice of sending emails that appear to be from trusted sources with the goal of gaining personal information. • It could involve an attachment to an email that loads malware onto your computer. • Attackers take the time to conduct research into targets and create messages that are personal and relevant. • One of the simplest way a hacker can conduct a spear phishing attack is email spoofing, which is when the information appears as if it is coming from someone you know very well.17-Mar-19 17
  • 18. Drive by Attack • Drive-by download attacks are a common method of spreading malware. • Hackers look for insecure websites and plant a malicious script into HTTP code on one of the pages. • This script might install malware directly onto the computer of someone who visits the site. • To protect yourself from drive-by attacks, you need to keep your browsers and operating systems up to date and avoid to keep too many apps on your device. 17-Mar-19 18
  • 19. Password Attack • Access to a person’s password can be obtained by looking around the person’s desk, ‘‘sniffing’’ the connection to the network to acquire unencrypted passwords, using social engineering, gaining access to a password database or outright guessing. • Brute-force password guessing means using a random approach by trying different passwords and hoping that one work. 17-Mar-19 19
  • 20. • Dictionary attack: a dictionary of common passwords is used to attempt to gain access to a user’s computer and network. One approach is to copy an encrypted file that contains the passwords, apply the same encryption to a dictionary of commonly used passwords, and compare the results. • In order to protect yourself from dictionary or brute-force attacks, you need to implement an account lockout policy that will lock the account after a few invalid password attempts. 17-Mar-19 20
  • 21. SQL injection attack • SQL injection has become a common issue with database- driven websites. • It occurs when a malefactor executes a SQL query to the database via the input data from the client to server. • SQL commands are inserted into data-plane input in order to run predefined SQL commands. • A successful SQL injection exploit can read sensitive data from the database, modify (insert, update or delete) database data, execute administration operations (such as shutdown) on the database, recover the content of a given file, and, in some cases, issue commands to the operating system.17-Mar-19 21
  • 22. Cross-site scripting (XSS) attack • XSS attacks use third-party web resources to run scripts in the victim’s web browser or scriptable application. • Specifically, the attacker injects a payload with malicious JavaScript into a website’s database. • When the victim requests a page from the website, the website transmits the page, with the attacker’s payload as part of the HTML body, to the victim’s browser, which executes the malicious script. • It might send the victim’s cookie to the attacker’s server, and the attacker can extract it and use it for session hijacking. 17-Mar-19 22
  • 24. Eavesdropping attack • Eavesdropping attacks occur through the interception of network traffic. • By eavesdropping, an attacker can obtain passwords, credit card numbers and other confidential information that a user might be sending over the network. • Eavesdropping can be passive or active: • Passive eavesdropping — A hacker detects the information by listening to the message transmission in the network. 17-Mar-19 24
  • 25. • Active eavesdropping — A hacker actively grabs the information by disguising himself as friendly unit and by sending queries to transmitters. This is called probing, scanning or tampering. • Detecting passive eavesdropping attacks is often more important than spotting active ones, since active attacks requires the attacker to gain knowledge of the friendly units by conducting passive eavesdropping before. 17-Mar-19 25
  • 26. Birthday Attack • Birthday attacks are made against hash algorithms that are used to verify the integrity of a message, software or digital signature. • A message processed by a hash function produces a message digest (MD) of fixed length, independent of the length of the input message; this MD uniquely characterizes the message. 17-Mar-19 26
  • 27. • The birthday attack refers to the probability of finding two random messages that generate the same MD when processed by a hash function. • If an attacker calculates same MD for his message as the user has, he can safely replace the user’s message with his, and the receiver will not be able to detect the replacement even if he compares MDs. 17-Mar-19 27
  • 28. Malware attack • Malicious software can be described as unwanted software that is installed in your system without your consent. It can attach itself to legitimate code and propagate; it can lurk in useful applications or replicate itself across the Internet. Here are some of the most common types of malware: • Macro viruses — • File infectors — • System or boot-record infectors — • Polymorphic viruses — These viruses conceal • Stealth viruses • Trojans — • Logic bombs • Worms — • Droppers — • Ransomware — 17-Mar-19 28
  • 29. How to Prevent Cyber Attacks Steps you can take to reduce your risk of falling victim to a costly cyber attack: • Train employees in cyber security principles. • Install, use and regularly update antivirus and antispyware software on every computer used in your business. • Use a firewall for your Internet connection. • Download and install software updates for your operating systems and applications as they become available. 17-Mar-19 29
  • 30. • Make backup copies of important business data and information. • Control physical access to your computers and network components. • Secure your Wi-Fi networks. If you have a Wi-Fi network for your workplace make sure it is secure and hidden. • Require individual user accounts for each employee. • Limit employee access to data and information and limit authority to install software. • Regularly change passwords 17-Mar-19 30
  • 31. • Use patches. All it takes is a tiny hole in your system for hackers to poke their way in • Protect outbound data. Just as you protect your system from incoming malware and bots with a firewall, you need to make sure certain data never leaves your system. It’s important to focus on egress filtering, to prevent rogue employees or employees making honest mistakes from releasing sensitive data or malicious software from your network. • Raise awareness. It’s important for everyone in the organization to be savvy and alert about security issues. • Be smart about passwords. • Don’t ignore physical security. • Encrypt data. • Purchase a Cyber Insurance policy 17-Mar-19 31
  • 32. Classification of security attacks • The attacks can be classified into two broad categories, namely, active and passive attacks. • An attacker can exploit the network either as internal or external and as active or passive. • Active attack: The aim of active attack is to adapt the data being exchanged in the network and thus disrupt the regular functioning of the network. The intruder can alter the packets, inject the packets, and drop the packet. Such attacks are very dangerous. • without disturbing normal network operation. 20-10-2018 32
  • 33. • Passive attack: The aim of passive attack is to snoop the confidential information about routing, which shall be kept secret during the communication. It obtains such information. • The active attacks can be external and internal attacks, as discussed below: • External attack: External attackers mainly exist outside the networks. They want to get access to the network. Once they get access, they start sending bogus packets and perform denial of service in order to disrupt the performance of the whole network. 20-10-2018 33
  • 34. • These attacks can be prevented by implementing security measures such as firewall, where the access of unauthorized person to the network can be mitigated. • Internal attack: In internal attack, the attacker wants to have normal access to the network as well as participate in the normal activities of the network. • The attacker gains access to the network as a new node either by compromising a current node or by malicious impersonation. • Impact of the internal attack is more severe than that of external attacks. The common examples of such attacks are blackhole and wormhole attacks, which are explained below.17-Mar-19 34
  • 35. Security in different layers of protocol stack • Application programs do not interact with the network hardware directly. Rather, it interacts with protocol software. • The concept of layered protocol gives a theoretical basis for knowing how a collection of protocols work mutually with the hardware to provide a strong powerful communication system. • Different studies suggest different methods or techniques to handle security issues in many ways. 20-10-2018 35
  • 36. Table 1. shows different layers in the protocol stack of the network. 17-Mar-19 36
  • 37. Blackhole attack • The blackhole attack is one among the active and severe attack in MANETS. The node 1 is the source node and the node 4 represents the destination node. Node 3 is a node which acts as a blackhole (BH) node. • The attacker replies with the false reply RREP having higher modified sequence number. Therefore, node 1 erroneously judges the route discovery process with completion and starts to send data packets to node 3, which probably drops or consumes all the packets. 20-10-2018 37 RREQ Malicious RREP Figure 5. A blackhole attack in the mobile ad-hoc network
  • 38. Network Management Tools • Wireshark • • Tshark • Dumpcap • NetStumbler • Honeypot • Snort 17-Mar-19 38
  • 39. What is Wireshark? • Wireshark is a network packet analyzer. A network packet analyzer will try to capture network packets and tries to display that packet data as detailed as possible. • Network packet analyzer as a measuring device used to examine what's going on inside a network cable, just like a voltmeter is used by an electrician to examine what's going on inside an electric cable. • In the past, such tools were either very expensive, proprietary, or both. However, with the advent of Wireshark, all that has changed. • Wireshark is perhaps one of the best open source packet analyzers available today. 17-Mar-19 39
  • 40. Some intended purposes • Network administrators use it to troubleshoot network problems • Network security engineers use it to examine security problems • Developers use it to debug protocol implementations • People use it to learn network protocol internals 17-Mar-19 40
  • 41. What Wireshark is not • Wireshark isn’t an intrusion detection system. It will not warn you when someone does strange things on your network that he/she isn’t allowed to do. • However, if strange things happen, Wireshark might help you figure out what is really going on. • Wireshark will not manipulate things on the network, it will only “measure” things from it. • Wireshark doesn’t send packets on the network or do other active things (except for name resolutions, but even that can be disabled). 17-Mar-19 41
  • 42. • Wireshark and TShark share a powerful filter engine that helps remove the noise from a packet trace and lets you see only the packets that interest you. • If a packet meets the requirements expressed in your filter, then it is displayed in the list of packets. • Display filters let you compare the fields within a protocol against a specific value, compare fields against fields, and check the existence of specified fields or protocols. • Wireshark can capture traffic from many different network media types - and despite its name - including wireless LAN as well. • Installing steps for Downloading Wireshark 17-Mar-19 42
  • 43. Dumpcap • Dumpcap is a network traffic dump tool. It lets you capture packet data from a live network and write the packets to a file. • Dumpcap's native capture file format is libpcap format, which is also the format used by Wireshark, tcpdump and various other tools. • Without any options set it will use the pcap library to capture traffic from the first available network interface and writes the received raw packet data, along with the packets' time stamps into a libpcap file. 17-Mar-19 43
  • 44. • If the -w option is not specified, Dumpcap writes to a newly created libpcap file with a randomly chosen name. • If the -w option is specified, Dumpcap writes to the file specified by that option. • Packet capturing is performed with the pcap library. The capture filter syntax follows the rules of the pcap library. 17-Mar-19 44
  • 45. NetStumbler (Network Stumbler • It is one of the Wi-Fi hacking tool which only compatible with windows it freely available. • With this program, we can search for wireless network which open and infiltrate the network. • Its having some compatibility and network adapter issues 17-Mar-19 45
  • 46. Key features of NetStumbler • Verify that your network is set up the way you intended. • Find locations with poor coverage in your WLAN. • Detect other networks that might be causing interference with your network. • Detect unauthorized “rogue” access points in your workplace. 17-Mar-19 46
  • 47. Netstrumbler can provide the user • MAC address • SSID • Access point name • Channel • Vendor • Security (WEP on or off) • Signal strength and GPS coordinates (if GPS device is attached) 17-Mar-19 47
  • 48. Honeypot • A honeypot is a device placed on a computer network specifically designed to capture malicious network traffic. • The logging capability of a honeypot is far greater than any other network security tool and captures raw packet level data even including the keystrokes and mistakes made by hackers. • The captured information is highly valuable as it contains only malicious traffic with little to no false positives. • Honeypots are becoming one of the leading security tools used to monitor the latest tricks and exploits of hackers by recording their every move so that the security community can more quickly respond to new exploits. 17-Mar-19 48
  • 49. Snort • Snort is one of the network management tool used to give alarm when someone tries to enter into your own network specially used for intrusion detection system (IDS). 17-Mar-19 49
  • 50. Topics for Research To be taken • The secure routing protocols based on graphs and cluster classification can be explored. • The proposed secure aware schemes to be applied to a proactive, hybrid protocol and compare with the performance to that for reactive protocols. • The secure routing protocols attacks can also be examined using honeypots. • The proposed protocols can also be applied to various types of security attacks. 17-Mar-19 50
  • 51. Thanku for Patience Listening 17-Mar-19 51