This document discusses several topics related to cyber security including:
1. Windows security features such as User Account Control, BitLocker Drive Encryption, and Windows Firewall.
2. Network security challenges such as verifying user identity, protecting against DDoS attacks, and securing web applications.
3. Limitations of today's security solutions and how the modern workplace has increased risks from factors like telecommuting and use of mobile devices.
4. Types of internet security protocols and cryptography techniques as well as common forms of malicious software like viruses, worms, and trojan horses.
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...ijtsrd
Millions of people worldwide have Internet access today. Intrusion detection technology is a modern wave of information technology monitoring devices to deter malicious activities. Malware development malicious software is a vital problem when it comes to designing intrusion detection systems IDS . The key challenge is to recognize unknown and hidden malware, because malware writers use various evasion techniques to mask information to avoid IDS detection. Malicious attacks have become more sophisticated and Furthermore, threats to security have increased, including a zero day attack on internet users. Through the use of IT in our daily lives, computer security has become critical. Cyber threats are becoming more complex and pose growing challenges when it comes to successful intrusion detection. Failure to prevent invading information, such as data privacy, integrity and availability can undermine the credibility of security services. Specific intrusion detection approaches were proposed in the literature to combat computer security threats. This paper consists of a literature survey of the IDS that uses program algorithms to use specific data collection and forensic techniques in real time. Data mining techniques for cyber research are introduced in support of intrusion detection. Mohammed I. Alghamdi "An Assessment of Intrusion Detection System (IDS) and Data-Set Overview: A Comprehensive Review of Recent Works" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-2 , February 2021, URL: https://www.ijtsrd.com/papers/ijtsrd35730.pdf Paper Url: https://www.ijtsrd.com/computer-science/computer-security/35730/an-assessment-of-intrusion-detection-system-ids-and-dataset-overview-a-comprehensive-review-of-recent-works/mohammed-i-alghamdi
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
Cloud computing is a computing paradigm that shifts drastically from traditional computing architecture. Although this new computing paradigm brings many advantages like utility computing model but the design in not flawless and hence suffers from not only many known computer vulnerabilities but also introduces unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users' systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other.
The Next Generation Cognitive Security Operations Center: Network Flow Forens...Konstantinos Demertzis
A Security Operations Center (SOC) can be defined as an organized and highly skilled team that uses advanced computer forensics tools to prevent, detect and respond to cybersecurity incidents of an organization. The fundamental aspects of an effective SOC is related to the ability to examine and analyze the vast number of data flows and to correlate several other types of events from a cybersecurity perception. The supervision and categorization of network flow is an essential process not only for the scheduling, management, and regulation of the network’s services, but also for attacks identification and for the consequent forensics’ investigations. A serious potential disadvantage of the traditional software solutions used today for computer network monitoring, and specifically for the instances of effective categorization of the encrypted or obfuscated network flow, which enforces the rebuilding of messages packets in sophisticated underlying protocols, is the requirements of computational resources. In addition, an additional significant inability of these software packages is they create high false positive rates because they are deprived of accurate predicting mechanisms.
For all the reasons above, in most cases, the traditional software fails completely to recognize unidentified vulnerabilities and zero-day exploitations. This paper proposes a novel intelligence driven Network Flow Forensics Framework (NF3) which uses low utilization of computing power and resources, for the Next Generation Cognitive Computing SOC (NGC2SOC) that rely solely on advanced fully automated intelligence methods. It is an effective and accurate Ensemble Machine Learning forensics tool to Network Traffic Analysis, Demystification of Malware Traffic and Encrypted Traffic Identification.
The spread of information networks in communities and organizations have led to a daily huge volume of information exchange between different networks which, of course, has resulted in new threats to the national organizations. It can be said that information security has become today one of the most challenging areas. In other words, defects and disadvantages of computer network security address irreparable damage for enterprises. Therefore, identification of security threats and ways of dealing with them is essential. But the question raised in this regard is that what are the strategies and policies to deal with security threats that must be taken to ensure the security of computer networks? In this context, the present study intends to do a review of the literature by using earlier researches and library approach, to provide security solutions in the face of threats to their computer networks. The results of this research can lead to more understanding of security threats and ways to deal with them and help to implement a secure information platform.
Comparative Study on Intrusion Detection Systems for Smartphonesiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
An Assessment of Intrusion Detection System IDS and Data Set Overview A Compr...ijtsrd
Millions of people worldwide have Internet access today. Intrusion detection technology is a modern wave of information technology monitoring devices to deter malicious activities. Malware development malicious software is a vital problem when it comes to designing intrusion detection systems IDS . The key challenge is to recognize unknown and hidden malware, because malware writers use various evasion techniques to mask information to avoid IDS detection. Malicious attacks have become more sophisticated and Furthermore, threats to security have increased, including a zero day attack on internet users. Through the use of IT in our daily lives, computer security has become critical. Cyber threats are becoming more complex and pose growing challenges when it comes to successful intrusion detection. Failure to prevent invading information, such as data privacy, integrity and availability can undermine the credibility of security services. Specific intrusion detection approaches were proposed in the literature to combat computer security threats. This paper consists of a literature survey of the IDS that uses program algorithms to use specific data collection and forensic techniques in real time. Data mining techniques for cyber research are introduced in support of intrusion detection. Mohammed I. Alghamdi "An Assessment of Intrusion Detection System (IDS) and Data-Set Overview: A Comprehensive Review of Recent Works" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-2 , February 2021, URL: https://www.ijtsrd.com/papers/ijtsrd35730.pdf Paper Url: https://www.ijtsrd.com/computer-science/computer-security/35730/an-assessment-of-intrusion-detection-system-ids-and-dataset-overview-a-comprehensive-review-of-recent-works/mohammed-i-alghamdi
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
Cloud computing is a computing paradigm that shifts drastically from traditional computing architecture. Although this new computing paradigm brings many advantages like utility computing model but the design in not flawless and hence suffers from not only many known computer vulnerabilities but also introduces unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users' systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other.
The Next Generation Cognitive Security Operations Center: Network Flow Forens...Konstantinos Demertzis
A Security Operations Center (SOC) can be defined as an organized and highly skilled team that uses advanced computer forensics tools to prevent, detect and respond to cybersecurity incidents of an organization. The fundamental aspects of an effective SOC is related to the ability to examine and analyze the vast number of data flows and to correlate several other types of events from a cybersecurity perception. The supervision and categorization of network flow is an essential process not only for the scheduling, management, and regulation of the network’s services, but also for attacks identification and for the consequent forensics’ investigations. A serious potential disadvantage of the traditional software solutions used today for computer network monitoring, and specifically for the instances of effective categorization of the encrypted or obfuscated network flow, which enforces the rebuilding of messages packets in sophisticated underlying protocols, is the requirements of computational resources. In addition, an additional significant inability of these software packages is they create high false positive rates because they are deprived of accurate predicting mechanisms.
For all the reasons above, in most cases, the traditional software fails completely to recognize unidentified vulnerabilities and zero-day exploitations. This paper proposes a novel intelligence driven Network Flow Forensics Framework (NF3) which uses low utilization of computing power and resources, for the Next Generation Cognitive Computing SOC (NGC2SOC) that rely solely on advanced fully automated intelligence methods. It is an effective and accurate Ensemble Machine Learning forensics tool to Network Traffic Analysis, Demystification of Malware Traffic and Encrypted Traffic Identification.
The spread of information networks in communities and organizations have led to a daily huge volume of information exchange between different networks which, of course, has resulted in new threats to the national organizations. It can be said that information security has become today one of the most challenging areas. In other words, defects and disadvantages of computer network security address irreparable damage for enterprises. Therefore, identification of security threats and ways of dealing with them is essential. But the question raised in this regard is that what are the strategies and policies to deal with security threats that must be taken to ensure the security of computer networks? In this context, the present study intends to do a review of the literature by using earlier researches and library approach, to provide security solutions in the face of threats to their computer networks. The results of this research can lead to more understanding of security threats and ways to deal with them and help to implement a secure information platform.
Comparative Study on Intrusion Detection Systems for Smartphonesiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
The Internet of Things (IoT) is thriving network of smart objects where one physical object can exchange information with another physical object. In today’s Internet of Things (IoT) the interest is the concealment and security of data in a network. The obtrusion into Internet of Things (IoT) exposes the extent with which the internet of things is vulnerable to attacks and how such attack can be detected to prevent extreme damage. It emphasises on threats, vulnerability, attacks and possible methods of detecting intruders to stop the system from further destruction, this paper proposes a way out of the impending security situation of Internet of things using IPV6 Low -power wireless personal Area Network.
Analytical survey of active intrusion detection techniques in mobile ad hoc n...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
1. Cyber Ethics and Cyber Crime
2. Security in Social Media & Risk of Child Internet
3. Social media in Schools and photo privacy
4. Risk of OSNs and Security, Privacy of Facebook
5. Risk and Security of Social Networking site Facebook and Twitter
6. Risk analysis of Government and Online Transaction
Modern Cyber Threat Protection techniques for EnterprisesAbhinav Biswas
Presentation delivered for Management Development Programme on "Information and Cyber Security" at Institute of Public Enterprise, Hyderabad on 12th September, 2015.
Commissioned by ForeScout, the IoT Enterprise Risk Report
employed the skills of Samy Kamkar, one of the world’s leading ethical hackers, to investigate the security risks posed by the Internet of Things (IoT) devices in enterprise environments. Check out his findings.
For more information visit: http://resources.forescout.com/insecurity_of_things_lp_social.html.
Using a smart building as their case study, Forescout Research Labs investigated how IoT devices can be leveraged as an entry point to a building’s network, where legacy OT assets, IT systems and IoT devices all intersect. Key findings from our research include:
• How the IoT is impacting the organizational threat landscape
• The additional risks that IoT devices introduce
• How to evolve your cybersecurity strategy for the age of IoT
Enabling Data Protection through PKI encryption in IoT m-Health DevicesCharalampos Doukas
Short presentation about a gateway-based solution for medical data encryption and the Internet of Things. Paper presented at 12th IEEE International Conference on BioInformatics and BioEngineering
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICEEditor IJMTER
Practical requirements for securely demonstrating identities between two handheld
devices are an important concern. The adversary can inject a Man-In- The-Middle (MITM) attack to
intrude the protocol. Protocols that employ secret keys require the devices to share private
information in advance, in which it is not feasible in the above scenario. Apart from insecurely
typing passwords into handheld devices or comparing long hexadecimal keys displayed on the
devices’ screen, many other human-verifiable protocols have been proposed in the literature to solve
the problem. Unfortunately, most of these schemes are unsalable to more users. Even when there are
only three entities attempt to agree a session key, these protocols need to be rerun for three times.
So, in the existing method a bipartite and a tripartite authentication protocol is presented using a
temporary confidential channel. Besides, further extend the system into a transitive authentication
protocol that allows multiple handheld devices to establish a conference key securely and efficiently.
But this method detects only the outsider attacks. Method does not consider the insider attacks. So,
in the proposed method trust score based method is introduced which computes the trust values for
the nodes and provide the security. The trust score is computed has a positive influence on the
confidence with which an entity conducts transactions with that node. Network the behavior of the
node will be monitored periodically and its trust value is also updated .So depending on the behavior
of the node in the network trust relation will be established between two nodes.
Explore common vulnerabilities in building automation systems (BAS), how these vulnerabilities could be exploited, and steps that organizations can take to improve the cybersecurity of their BAS.
Keylogging, one of the unsafe malware, is the movement of recording the keys struck on a console with the end goal that the individual utilizing the console is obscure about the way that their activities are being watched. It has legitimate use in examination of human PC collaboration and is considered as the primary danger for business and individual exercises. It tends to be utilized to catch passwords and other secret data entered by means of the console. Subsequently, counteraction of keylogging is significant and severe validation is needed for it. Planning of secure confirmation conventions is very testing, taking into account that different sorts of root units dwell in Personal Computers to watch clients conduct. There are different keylogging procedures, stretching out from equipment and programming based techniques to acoustic assessment. Human contribution in confirmation conventions, however ensuring, isnt straightforward. This paper surveys different examination regions which spread convention confirmations utilized safely forestalling the representation of keylogging assaults. Dr. C. Umarani | Rajrishi Sengupta "Keyloggers: A Malicious Attack" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd35776.pdf Paper URL : https://www.ijtsrd.com/engineering/computer-engineering/35776/keyloggers-a-malicious-attack/dr-c-umarani
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...IJNSA Journal
Network defense implies a comprehensive set of software tools to preclude malicious entities from conducting activities such as exfiltration of data, theft of credentials, blocking of services and other nefarious activities. For most enterprises at this time, that defense builds upon a clear concept of the fortress approach. Many of the requirements are based on inspection and reporting prior to delivery of the communication to the intended target. These inspections require decryption of packets and this implies that the defensive suite either impersonates the requestor, or has access to the private cryptographic keysof the servers that are the target of communication. This is in contrast to an end-to-end paradigm where known good entities can communicate directly and no other entity has access to the content unless that content is provided to them. There are many new processes that require end-to-end encrypted communication, including distributed computing, endpoint architectures, and zero trust architectures and enterprise level security. In an end-to-end paradigm, the keys used for authentication, confidentiality, and integrity reside only with the endpoints. This paper examines a formulation that allows unbroken communication, while meeting the inspection and reporting requirements of a network defense. This work is part of a broader security architecture termed Enterprise Level Security (ELS)framework.
IoT Hardware Teardown, Security Testing & Control DesignPriyanka Aash
The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within the existing Internet infrastructure.
- ‘Interconnection’ refers to (wireless) networking
- ‘Uniquely identifiable’ reminds (IPv6) addressing
- ‘Embedded’ reminds reduced size and full integration of components ‘Computing’ reminds processing capabilities
Threats have never been more relevant than they are today. Nation states, adversaries, corporate and government espionage, hackers, etc. are all on the hunt for valuable information. The information they seek includes enterprise and individual details. Networks are only as secure as their weakest components. With the hyper-growth in connected devices including smart phones, tablets, wearables and Internet of Things (IoT) devices, networks are very vulnerable.
The Internet of Things (IoT) is thriving network of smart objects where one physical object can exchange information with another physical object. In today’s Internet of Things (IoT) the interest is the concealment and security of data in a network. The obtrusion into Internet of Things (IoT) exposes the extent with which the internet of things is vulnerable to attacks and how such attack can be detected to prevent extreme damage. It emphasises on threats, vulnerability, attacks and possible methods of detecting intruders to stop the system from further destruction, this paper proposes a way out of the impending security situation of Internet of things using IPV6 Low -power wireless personal Area Network.
Analytical survey of active intrusion detection techniques in mobile ad hoc n...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
1. Cyber Ethics and Cyber Crime
2. Security in Social Media & Risk of Child Internet
3. Social media in Schools and photo privacy
4. Risk of OSNs and Security, Privacy of Facebook
5. Risk and Security of Social Networking site Facebook and Twitter
6. Risk analysis of Government and Online Transaction
Modern Cyber Threat Protection techniques for EnterprisesAbhinav Biswas
Presentation delivered for Management Development Programme on "Information and Cyber Security" at Institute of Public Enterprise, Hyderabad on 12th September, 2015.
Commissioned by ForeScout, the IoT Enterprise Risk Report
employed the skills of Samy Kamkar, one of the world’s leading ethical hackers, to investigate the security risks posed by the Internet of Things (IoT) devices in enterprise environments. Check out his findings.
For more information visit: http://resources.forescout.com/insecurity_of_things_lp_social.html.
Using a smart building as their case study, Forescout Research Labs investigated how IoT devices can be leveraged as an entry point to a building’s network, where legacy OT assets, IT systems and IoT devices all intersect. Key findings from our research include:
• How the IoT is impacting the organizational threat landscape
• The additional risks that IoT devices introduce
• How to evolve your cybersecurity strategy for the age of IoT
Enabling Data Protection through PKI encryption in IoT m-Health DevicesCharalampos Doukas
Short presentation about a gateway-based solution for medical data encryption and the Internet of Things. Paper presented at 12th IEEE International Conference on BioInformatics and BioEngineering
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICEEditor IJMTER
Practical requirements for securely demonstrating identities between two handheld
devices are an important concern. The adversary can inject a Man-In- The-Middle (MITM) attack to
intrude the protocol. Protocols that employ secret keys require the devices to share private
information in advance, in which it is not feasible in the above scenario. Apart from insecurely
typing passwords into handheld devices or comparing long hexadecimal keys displayed on the
devices’ screen, many other human-verifiable protocols have been proposed in the literature to solve
the problem. Unfortunately, most of these schemes are unsalable to more users. Even when there are
only three entities attempt to agree a session key, these protocols need to be rerun for three times.
So, in the existing method a bipartite and a tripartite authentication protocol is presented using a
temporary confidential channel. Besides, further extend the system into a transitive authentication
protocol that allows multiple handheld devices to establish a conference key securely and efficiently.
But this method detects only the outsider attacks. Method does not consider the insider attacks. So,
in the proposed method trust score based method is introduced which computes the trust values for
the nodes and provide the security. The trust score is computed has a positive influence on the
confidence with which an entity conducts transactions with that node. Network the behavior of the
node will be monitored periodically and its trust value is also updated .So depending on the behavior
of the node in the network trust relation will be established between two nodes.
Explore common vulnerabilities in building automation systems (BAS), how these vulnerabilities could be exploited, and steps that organizations can take to improve the cybersecurity of their BAS.
Keylogging, one of the unsafe malware, is the movement of recording the keys struck on a console with the end goal that the individual utilizing the console is obscure about the way that their activities are being watched. It has legitimate use in examination of human PC collaboration and is considered as the primary danger for business and individual exercises. It tends to be utilized to catch passwords and other secret data entered by means of the console. Subsequently, counteraction of keylogging is significant and severe validation is needed for it. Planning of secure confirmation conventions is very testing, taking into account that different sorts of root units dwell in Personal Computers to watch clients conduct. There are different keylogging procedures, stretching out from equipment and programming based techniques to acoustic assessment. Human contribution in confirmation conventions, however ensuring, isnt straightforward. This paper surveys different examination regions which spread convention confirmations utilized safely forestalling the representation of keylogging assaults. Dr. C. Umarani | Rajrishi Sengupta "Keyloggers: A Malicious Attack" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd35776.pdf Paper URL : https://www.ijtsrd.com/engineering/computer-engineering/35776/keyloggers-a-malicious-attack/dr-c-umarani
RESOLVING NETWORK DEFENSE CONFLICTS WITH ZERO TRUST ARCHITECTURES AND OTHER E...IJNSA Journal
Network defense implies a comprehensive set of software tools to preclude malicious entities from conducting activities such as exfiltration of data, theft of credentials, blocking of services and other nefarious activities. For most enterprises at this time, that defense builds upon a clear concept of the fortress approach. Many of the requirements are based on inspection and reporting prior to delivery of the communication to the intended target. These inspections require decryption of packets and this implies that the defensive suite either impersonates the requestor, or has access to the private cryptographic keysof the servers that are the target of communication. This is in contrast to an end-to-end paradigm where known good entities can communicate directly and no other entity has access to the content unless that content is provided to them. There are many new processes that require end-to-end encrypted communication, including distributed computing, endpoint architectures, and zero trust architectures and enterprise level security. In an end-to-end paradigm, the keys used for authentication, confidentiality, and integrity reside only with the endpoints. This paper examines a formulation that allows unbroken communication, while meeting the inspection and reporting requirements of a network defense. This work is part of a broader security architecture termed Enterprise Level Security (ELS)framework.
IoT Hardware Teardown, Security Testing & Control DesignPriyanka Aash
The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within the existing Internet infrastructure.
- ‘Interconnection’ refers to (wireless) networking
- ‘Uniquely identifiable’ reminds (IPv6) addressing
- ‘Embedded’ reminds reduced size and full integration of components ‘Computing’ reminds processing capabilities
Threats have never been more relevant than they are today. Nation states, adversaries, corporate and government espionage, hackers, etc. are all on the hunt for valuable information. The information they seek includes enterprise and individual details. Networks are only as secure as their weakest components. With the hyper-growth in connected devices including smart phones, tablets, wearables and Internet of Things (IoT) devices, networks are very vulnerable.
Make presence in a building or area a policy in accessing network resources by integrating physical and network access through the Trusted Computing Group's IF-MAP communications standard.
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing
Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated
infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application
Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage,
Account, Service, Traffic Hijacking and Unknown Risk Profile
Discuss how a successful organization should have the followin.docxcuddietheresa
Discuss how a successful organization should have the following layers of security in place for the protection of its operations: information security management, data security, and network security.
Multiple Layers of Security
Marlowe Rooks posted Mar 13, 2020 9:54 AM
Looking at Vacca”s book chapter 1, “Information security management as a field is ever increasing in demand and responsibility because most organizations spend increasingly larger percentages of their IT budgets in attempting to manage risk and mitigate intrusions, not to mention the trend in many enterprises of moving all IT operations to an Internet-connected infrastructure, known as enterprise cloud computing (John R. Vacca, 2014)”. It is the organization responsibility to protect its business and its client information at all times. With that said I’m going to break down why companies need to have multiple layers of security and what types they should implement below.
The first layer is Information security management which can be from Physical Security, or Personnel Security. Physical Security can range from physical items, objects, or areas from unauthorized access and misuse. Personnel Security is to protect the individual or group of individuals who are authorized to access the organization and its operations. Some of the reason to implement Information Security is as follow:
· Decrease in downtime of IT systems
· Decrease in security related incidents
· Increase in meeting an organization's compliance requirements and standards
· Increase in customer satisfaction, demonstrating that security issues are tackled in the most appropriate manner
· Increase in quality of service
· Process approach adoption, which helps account for all legal and regulatory requirements
· More easily identifiable and managed risks
· Also covers information security (IS) (in addition to IT information security)
· Provides a competitive edge to an organization with the help of tackling risks and managing resources/processes
The second layer would be Data Security which can be refers to the process of protecting data from unauthorized access and data corruption throughout its lifecycle. Data security includes data encryption, tokenization, and key management practices that protect data across all applications and platforms. Some of the reason to implement Data Security is as follow:
· Cloud access security – Protection platform that allows you to move to the cloud securely while protecting data in cloud applications.
· Data encryption – Data-centric and tokenization security solutions that protect data across enterprise, cloud, mobile and big data environments.
· Web Browser Security - Protects sensitive data captured at the browser, from the point the customer enters cardholder or personal data, and keeps it protected through the ecosystem to the trusted host destination.
· Mobile App Security - Protecting sensitive data in native mobile apps while safeguarding the data end-to-end.
· eMai ...
Discuss how a successful organization should have the followin.docxsalmonpybus
Discuss how a successful organization should have the following layers of security in place for the protection of its operations: information security management, data security, and network security.
Multiple Layers of Security
Marlowe Rooks posted Mar 13, 2020 9:54 AM
Looking at Vacca”s book chapter 1, “Information security management as a field is ever increasing in demand and responsibility because most organizations spend increasingly larger percentages of their IT budgets in attempting to manage risk and mitigate intrusions, not to mention the trend in many enterprises of moving all IT operations to an Internet-connected infrastructure, known as enterprise cloud computing (John R. Vacca, 2014)”. It is the organization responsibility to protect its business and its client information at all times. With that said I’m going to break down why companies need to have multiple layers of security and what types they should implement below.
The first layer is Information security management which can be from Physical Security, or Personnel Security. Physical Security can range from physical items, objects, or areas from unauthorized access and misuse. Personnel Security is to protect the individual or group of individuals who are authorized to access the organization and its operations. Some of the reason to implement Information Security is as follow:
· Decrease in downtime of IT systems
· Decrease in security related incidents
· Increase in meeting an organization's compliance requirements and standards
· Increase in customer satisfaction, demonstrating that security issues are tackled in the most appropriate manner
· Increase in quality of service
· Process approach adoption, which helps account for all legal and regulatory requirements
· More easily identifiable and managed risks
· Also covers information security (IS) (in addition to IT information security)
· Provides a competitive edge to an organization with the help of tackling risks and managing resources/processes
The second layer would be Data Security which can be refers to the process of protecting data from unauthorized access and data corruption throughout its lifecycle. Data security includes data encryption, tokenization, and key management practices that protect data across all applications and platforms. Some of the reason to implement Data Security is as follow:
· Cloud access security – Protection platform that allows you to move to the cloud securely while protecting data in cloud applications.
· Data encryption – Data-centric and tokenization security solutions that protect data across enterprise, cloud, mobile and big data environments.
· Web Browser Security - Protects sensitive data captured at the browser, from the point the customer enters cardholder or personal data, and keeps it protected through the ecosystem to the trusted host destination.
· Mobile App Security - Protecting sensitive data in native mobile apps while safeguarding the data end-to-end.
· eMai.
Mobile Devices & BYOD Security – Deployment & Best PracticesCisco Canada
Subjects covered will include mobile devices OS security, state of malware on mobile devices, data loss prevention, VPN and remote access, 802.1x and certificate deployment, profiling, posture, web security, MDMs and others. For more information please visit our website: http://www.cisco.com/web/CA/index.html
Final Project – Incident Response Exercise SAMPLE.docxlmelaine
Final Project – Incident Response Exercise
SAMPLE
1. Contact Information for the Incident Reporter and Handler
– Mruga Patel
– Cyber Incident Response Team Lead
– Organizational Information - Sifers-Grayson Corporation (Blue Team), Information Technology Department
– [email protected]
– 410-923-9221
– Location - 100 Fairway Ave, Suite 101, Catonsville, MD 21228
2. Incident Details
– The attack occurred during off-hours at 22:00 EST. Incident was discovered when the system became unusable due to high volume traffic from an unauthorized IP Address. The incident ended at approximately 22:45 EST.
– Catonsville, MD
– Attack has ended
– The attack occurred from an IP address of 11.125.22.198 with no host name. The cause of the incident has yet to be determined.
– The attack was discovered when the system became unusable due to high levels of latency. It was detected using logging information from a server from the Task Manager.
– The system remains unaffected. Only data was stolen from our company. The server which was extracted from the Employee server. IP address- 192.168.1.0, hotname SifersHouston.com.
– N/A
– The system resumed to normal function after attacked occurred.
– Data stolen was from the server containing employee information.
– Network was turned off once attack was discovered. The system logged all necessary information for forensic evidence.
– N/A
3. Cause of Incident was from an unsecured network which was uses to steal company information.
4. The cost of the incident has yet to be determined. PII stolen has no calculated price. However, estimated person hours are about 200. It would cost around $100 per hour for IT staff to perform “clean-up” activities. As of now it would cost around $20,000.00.
5. The impact of the incident is significant. The necessary measures to combat this problem has yet to be determined.
6. General Comments- Our network poses a lot of security risks. Going forward, we need to implement certain security measures from further incidents from taking place.
Background
The Sifers-Grayson company has hired an outside organization to penetrate our network and report on vulnerabilities found within the network. Upon penetration testing and weeks of trying to exploit our system, the red team (testing team) has been successful. Holding a government contract, the Department of Defense (DoD) requires additional security requirements for the R&D and SCADA lab operations. Both of which hold classified and secret information and happen to be where the red team was able to exploit.
The company is now required to use the NIST publications for protection controlled unclassified information in Nonfederal information systems and organizations. Failure to comply can result in fines and even contract termination. The (DFARS) Defense Federal Acquisition Regulations also outlines the safeguarding of Cyber Security Incident Reporting. Fortunately, identifying these risks before hacke ...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
Hierarchical Digital Twin of a Naval Power SystemKerry Sado
A hierarchical digital twin of a Naval DC power system has been developed and experimentally verified. Similar to other state-of-the-art digital twins, this technology creates a digital replica of the physical system executed in real-time or faster, which can modify hardware controls. However, its advantage stems from distributing computational efforts by utilizing a hierarchical structure composed of lower-level digital twin blocks and a higher-level system digital twin. Each digital twin block is associated with a physical subsystem of the hardware and communicates with a singular system digital twin, which creates a system-level response. By extracting information from each level of the hierarchy, power system controls of the hardware were reconfigured autonomously. This hierarchical digital twin development offers several advantages over other digital twins, particularly in the field of naval power systems. The hierarchical structure allows for greater computational efficiency and scalability while the ability to autonomously reconfigure hardware controls offers increased flexibility and responsiveness. The hierarchical decomposition and models utilized were well aligned with the physical twin, as indicated by the maximum deviations between the developed digital twin hierarchy and the hardware.
Saudi Arabia stands as a titan in the global energy landscape, renowned for its abundant oil and gas resources. It's the largest exporter of petroleum and holds some of the world's most significant reserves. Let's delve into the top 10 oil and gas projects shaping Saudi Arabia's energy future in 2024.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
The Benefits and Techniques of Trenchless Pipe Repair.pdf
Cyber security and cyber law
1. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
Cyber Security
WINDOWS SECURITY FEATURES
User Account Control is a new infrastructure that requires user consent before
allowing any action that requires administrative privileges. With this feature, all users,
including users with administrative privileges, run in a standard user mode by default,
since most applications do not require higher privileges. When some action is attempted
that needs administrative privileges, such as installing new software or changing system
settings, Windows will prompt the user whether to allow the action or not.
BitLocker Drive Encryption
Formerly known as "Secure Startup", this feature offers full disk encryption for the system
volume. Using the command-line utility, it is possible to encrypt additional volumes.
Bitlocker utilizes a USB key or Trusted Platform Module (compliant with the version 1.2 of
the TCG specifications) to store its encryption key. It ensures that the computer running
Windows Vista starts in a known-good state, and it also protects data from unauthorized
access. Data on the volume is encrypted with a Full Volume Encryption Key (FVEK), which is
further encrypted with a Volume Master Key (VMK) and stored on the disk itself.
Windows firewall.
The firewall to address a number of concerns around the flexibility of Windows Firewall in
a corporate environment:
* IPv6 connection filtering
* Outbound packet filtering, reflecting increasing concerns about spyware and viruses
that attempt to "phone home".
* With the advanced packet filter, rules can also be specified for source and destination
IP addresses and port ranges.
* Rules can be configured for services by its service name chosen by a list, without
needing to specify the full path file name.
* IPsec is fully integrated, allowing connections to be allowed or denied based on
security certificates, Kerberos authentication, etc. Encryption can also be required for any
kind of connection. A connection security rule can be created using a wizard that handles
the complex configuration of IPsec policies on the machine. Windows Firewall can allow
traffic based on whether the traffic is secured by IPsec.
* A new management console snap-in named Windows Firewall with Advanced Security
which provides access to many advanced options, including IPsec configuration, and
enables remote administration.
* Ability to have separate firewall profiles for when computers are domain-joined or
connected to a private or public network. Support for the creation of rules for enforcing
server and domain isolation policies.
2. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
Windows Defender
Windows Vista and windows 7 includes Windows Defender, Microsoft's anti-spyware
utility. According to Microsoft, it was renamed from 'Microsoft AntiSpyware' because it not
only features scanning of the system for spyware, similar to other free products on the
market, but also includes Real Time Security agents that monitor several common areas of
Windows for changes which may be caused by spyware. These areas include Internet
Explorer configuration and downloads, auto-start applications, system configuration
settings, and add-ons to Windows such as Windows Shell extensions. Windows Defender
also includes the ability to remove ActiveX applications that are installed and block startup
programs. It also incorporates the SpyNet network, which allows users to communicate
with Microsoft, send what they consider is spyware, and check which applications are
acceptable.
Cryptographic API
Windows Vista and windows 7 features an update to the Crypto API known as
Cryptography API: Next Generation (CNG). The CNG API is a user mode and kernel mode
API that includes support for elliptic curve cryptography (ECC) and a number of newer
algorithms that are part of the National Security Agency (NSA) Suite B. It is extensible,
featuring support for plugging in custom cryptographic APIs into the CNG runtime. It also
integrates with the smart card subsystem by including a Base CSP module which
implements all the standard backend cryptographic functions that developers and smart
card manufacturers need, so that they do not have to write complex CSPs. The Microsoft
Certificate Authority can issue ECC certificates and the certificate client can enroll and
validate ECC and SHA-2 based certificates.
Network Access Protection
Windows introduces Network Access Protection (NAP), which makes sure that computers
connecting to a network or communicating over a network conform to a required level of
system health as has been set by the administrator of the network. Depending on the
policy set by the administrator, the computers which do not meet the requirements will
either be warned and granted access or allowed a limited access to network resources or
completely denied access. NAP can also optionally provide software updates to a noncompliant
computer to upgrade itself to the level as required to access the network, using
a Remediation Server. A conforming client is given a Health Certificate, which it then uses
to access protected resources on the network.
(2) nETWORK SECURITY cHALLENGES
1. Verifying User Identity
How can others know it's you? Communication is approaching near continuous between
3. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
friends, family, businesses & services. With current authentication standards, often we
take on faith that we're being contacted by the "real" sender the message claims. It's one
thing if the imposter is just sending e-mails, but what if it's your bank or retirement
account that doesn't know it's not you? Challenges five and three tie in closely with this,
the top challenge.
2. Protecting Against DDoS Attacks
Distributed denial of service attacks (DDoS) use force of numbers to overwhelm targets
with data and connection attempts. Individual users may be the target of such attacks, or
their systems may be usurped to use in such an attack against a company or organization.
Bots on infected machines may lie dormant until an attack is triggered.
3. Preventing User System Hijacking
Even with better and better firewalls and anti-malware software for users, malicious
programs (like viruses, worms or trojans) that take control of a user's computer and
programs are an ever-present threat. Once the malicious program has control it can wreak
havoc acting as the user, attacking friends, family, and other contacts while masquerading
as the hapless victim.
4. Protecting User Confidential Data
More and more services are moving to the Internet. Interoperation between the various
services is becoming more frequent and more complex. Financial transactions from sales
to investments online are becoming ubiquitous. The risk of sensitive & high-value data
exposure and criminal access to that data increases all the time.
5. Securing Web Applications
Developers and application providers want their applications to be available quickly and
easily to anyone in the world, from any platform from a phone to a kiosk. Having users
hassle with anything more than a simple password seems too much to ask. I'm asking it!
At least consider the option for certificates, multi-factor authentication, multi-stage
authentication and so forth.
Limitations of Today‟s Security Solutions
As threats become more sophisticated and workplace data leaks grow more prevalent,
today‟s security solutions struggle to keep up. Conventional technologies like firewalls,
IDS systems, and VPNs may prevent outside threats but fail to protect “inside threats”
from employees who accidentally infect the network.
Security solutions such as Network Access Controls (NAC) focus on initial posture
4. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
assessment and authentication of the employee‟s endpoint. Once a user is authenticated,
he or she is no longer monitored and can act in ways harmful to the network. In addition,
today‟s "borderless" organizations freely share information globally between employees
and partners. These enterprises attempt to balance openness and flexibility with security
risks as employees work from home, airports, and from other, non-secure, off-site
locations.
Workplace Changes
Greater numbers of telecommuting and traveling employees and the blurring between
home and work offices have increased mobile device use, creating the need for better
protection against the loss of sensitive corporate and user data. This mobile workforce
makes it harder for IT departments to maintain updated antivirus and software patches on
all computers, making it increasingly difficult to control how and where users connect.
Storage devices, such as USB sticks, and music players add new channels for infection. In
addition, inadequate remote office security, lack of security personnel, and lax policy
enforcement negatively impact security.
Unprotected channels, such as Web mail or wireless networks, and easily exploited
technologies, such as P2P file sharing, streaming media, and instant messaging, allow
malware to enter the network while draining valuable network bandwidth. In addition, hardto-
detect, zero-day malware require immediate attention and are beyond the means of most
antivirus applications, which rely on a pattern-based approach. Once inside, malware can
leak data to cybercriminals, posing problems both for the consumers who lose confidential
data and for businesses whose reputations are irreparably damaged when data is lost.
Damage clean-up costs and lost productivity create the need for a better solution to protect
against insider threats. Forrester Research estimates that up to 85 percent of enterprise
security breaches involve internal people and resources. And according to Gartner,
“organizational costs of a sensitive data breach will increase 20 percent per year over the
next two years.”
Lack of Information About Your Local Threat Environment
Today‟s security environment is ready for a new approach. Lack of visibility into the exact
location and cause of infections prevents your IT department from determining the most
appropriate remedy. To achieve more holistic coverage, security personnel need more
information to better understand how threats occur and exactly where they enter the
network.
Most security systems show that malware was detected—for example that irc bot activity
occurred— however, no information is provided about how or where the infection
happened. This creates a lack of visibility into the overall security threat posture, which
hampers the ability of IT personnel to identify network pain points and the origin of threats,
such as a company‟s marketing department or an organization‟s remote office. Companies
need greater detail about the threat environment, such as the type of threats residing in the
network, or the percentage that are malware or hacking attempts or that are caused by
disruptive applications. Determining the root cause of how these threats entered the
5. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
network helps IT formulate better security policies.
Internet Security
Network layer security
TCP/IP can be made secure with the help of cryptographic methods and protocols that
have been developed for securing communications on the Internet. These protocols
include SSL and TLS for web traffic, PGP for email, and IPsec for the network layer
security.
IPsec Protocol
This protocol is designed to protect communication in a secure manner using TCP/IP. This
is a set of security extensions developed by IETF and it provides security and
authentication at the IP layer by using cryptography. To protect the content, the data is
transformed using encryption techniques. There are two main types of transformation that
form the basis of IPsec: the Authentication Header (AH) and Encapsulating Security
Payload (ESP). These two protocols provide data integrity, data origin authentication, and
anti-reply service. These protocols can be used alone or in combination to provide desired
set of security services for the Internet Protocol (IP) layer.
The basic components of the IPsec security architecture are described in terms of the
following functionalities:
* Security protocols for AH and ESP
* Security association for policy management and traffic processing
* Manual and automatic key management for the internet key exchange (IKE)
* Algorithms for authentication and encryption.
Malicious software
Malwares :- Malware, short for malicious software, is software designed to secretly access
a computer system without the owner's informed consent. The expression is a general
term used by computer professionals to mean a variety of forms of hostile, intrusive, or
annoying software or program code. Software is considered to be malware based on the
perceived intent of the creator rather than any particular features. Malware includes
computer viruses, worms, trojan horses, spyware, dishonest adware, scareware,
crimeware, most rootkits, and other malicious and unwanted software or program. In law,
malware is sometimes known as a computer contaminant.
Viruses :-A computer virus is a computer program that can copy itself and infect a computer.
The term "virus" is also commonly but erroneously used to refer to other types of malware,
including but not limited to adware and spyware programs that do not have the
reproductive ability. A true virus can spread from one computer to another (in some form
of executable code) when its host is taken to the target computer; for instance because a
user sent it over a network or the Internet, or carried it on a removable medium such as a
floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to
6. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
other computers by infecting files on a network file system or a file system that is
accessed by another computer.
Trojen Horse
A Trojan horse, or Trojan, is malware that appears to perform a desirable function for the
user prior to run or install but instead facilitates unauthorized access of the user's
computer system. "It is a harmful piece of software that looks legitimate. Users are
typically tricked into loading and executing it on their systems", as Cisco describes. Trojan
horses may allow a hacker remote access to a target computer system. Once a Trojan
horse has been installed on a target computer system, a hacker may have access to the
computer remotely and perform various operations, limited by user privileges on the target
computer system and the design of the Trojan horse.
Spyware :- Spyware is a type of malware that can be installed on computers, and which
collects small pieces of information about users without their knowledge. The presence of
spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware
is secretly installed on the user's personal computer. Sometimes, however, spywares such
as keyloggers are installed by the owner of a shared, corporate, or public computer on
purpose in order to secretly monitor other users.
Worm :- A computer worm is a self-replicating malware computer program. It uses a
computer network to send copies of itself to other nodes (computers on the network) and it
may do so without any user intervention. This is due to security shortcomings on the
target computer. Unlike a virus, it does not need to attach itself to an existing program.
Worms almost always cause at least some harm to the network, even if only by consuming
bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
Buffer Overflow :- In computer security and programming, a buffer overflow, or buffer
overrun, is an anomaly where a program, while writing data to a buffer, overruns the
buffer's boundary and overwrites adjacent memory. Buffer overflows can be triggered by
inputs that are designed to execute code, or alter the way the program operates. This may
result in erratic program behavior, including memory access errors, incorrect results, a
crash, or a breach of system security. They are thus the basis of many software
vulnerabilities and can be maliciously exploited.
Botnet :- A botnet is a collection of software agents, or robots, that run autonomously and
automatically. The term is most commonly associated with IRC bots and more recently
malicious software, but it can also refer to a network of computers using distributed
computing software. The main drivers for botnets are for recognition and financial gain.
The larger the botnet, the more „kudos‟ the herder can claim to have among the
underground community. The bot herder will also „rent‟ the services of the botnet out to
third parties, usually for sending out spam messages, or for performing a denial of service
attack against a remote target. Due to the large numbers of compromised machines within
the botnet huge volumes of traffic (either email or denial of service) can be generated.
7. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
Cryptography
Cryptography can be defined as the conversion of data into a scrambled code that can be
deciphered and sent across a public or private network. Cryptography uses two main
styles or forms of encrypting data; symmetrical and asymmetrical. Symmetric encryptions,
or algorithms, use the same key for encryption as they do for decryption. Other names for
this type of encryption are secret-key, shared-key, and private-key. The encryption key can
be loosely related to the decryption key; it does not necessarily need to be an exact copy.
Symmetric Encryption
Symmetric encryption is the oldest and best-known technique. A secret key, which can be
a number, a word, or just a string of random letters, is applied to the text of a message to
change the content in a particular way. This might be as simple as shifting each letter by a
number of places in the alphabet. As long as both sender and recipient know the secret
key, they can encrypt and decrypt all messages that use this key.
Asymmetric Encryption
In Asymmetric encryption there are two related keys - a key pair. A public key is made
freely available to anyone who might want to send you a message. A second, private key is
kept secret, so that only you know it. Any message (text, binary files, or documents) that
are encrypted by using the public key can only be decrypted by applying the same
algorithm, but by using the matching private key. Any message that is encrypted by using
the private key can only be decrypted by using the matching public key. This means that
you do not have to worry about passing public keys over the Internet (the keys are
supposed to be public). A problem with asymmetric encryption, however, is that it is
slower than symmetric encryption. It requires far more processing power to both encrypt
and decrypt the content of the message.
Digital Signatures:-
A digital signature (not to be confused with a digital certificate) is an electronic signature
that can be used to authenticate the identity of the sender of a message or the signer of a
document, and possibly to ensure that the original content of the message or document
that has been sent is unchanged. Digital signatures are easily transportable, cannot be
imitated by someone else, and can be automatically time-stamped. The ability to ensure
that the original signed message arrived means that the sender cannot easily repudiate it
later.
A digital signature can be used with any kind of message, whether it is encrypted or not,
simply so that the receiver can be sure of the sender's identity and that the message
arrived intact. A digital certificate contains the digital signature of the certificate-issuing
authority so that anyone can verify that the certificate is real.
Assume you were going to send the draft of a contract to your lawyer in another town. You
want to give your lawyer the assurance that it was unchanged from what you sent and that
it is really from you.
1. You copy-and-paste the contract (it's a short one!) into an e-mail note.
2. Using special software, you obtain a message hash (mathematical summary) of the
8. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
contract.
3. You then use a private key that you have previously obtained from a public-private key
authority to encrypt the hash.
4. The encrypted hash becomes your digital signature of the message. (Note that it will
be different each time you send a message.)
At the other end, your lawyer receives the message.
1. To make sure it's intact and from you, your lawyer makes a hash of the received
message.
2. Your lawyer then uses your public key to decrypt the message hash or summary.
3. If the hashes match, the received message is valid.
SSL
The Secure Sockets Layer (SSL) is a commonly-used protocol for managing the security of
a message transmission on the Internet. SSL has recently been succeeded by Transport
Layer Security (TLS), which is based on SSL. SSL uses a program layer located between
the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP)
layers. SSL is included as part of both the Microsoft and Netscape browsers and most Web
server products. Developed by Netscape, SSL also gained the support of Microsoft and
other Internet client/server developers as well and became the de facto standard until
evolving into Transport Layer Security. The "sockets" part of the term refers to the sockets
method of passing data back and forth between a client and a server program in a network
or between program layers in the same computer. SSL uses the public-and-private key
encryption system from RSA, which also includes the use of a digital certificate. TLS and
SSL are an integral part of most Web browsers (clients) and Web servers. If a Web site is
on a server that supports SSL, SSL can be enabled and specific Web pages can be
identified as requiring SSL access. Any Web server can be enabled by using Netscape's
SSLRef program library which can be downloaded for noncommercial use or licensed for
commercial use.
HTTPS
HTTPS (HTTP over SSL or HTTP Secure) is the use of Secure Socket Layer (SSL) or
Transport Layer Security (TLS) as a sublayer under regular HTTP application layering.
HTTPS encrypts and decrypts user page requests as well as the pages that are returned by
the Web server. The use of HTTPS protects against eavesdropping and man-in-the-middle
attacks. HTTPS was developed by Netscape. HTTPS and SSL support the use of X.509
digital certificates from the server so that, if necessary, a user can authenticate the sender.
Unless a different port is specified, HTTPS uses port 443 instead of HTTP port 80 in its
interactions with the lower layer, TCP/IP. Suppose you visit a Web site to view their online
catalog. When you're ready to order, you will be given a Web page order form with a
Uniform Resource Locator (URL) that starts with https://. When you click "Send," to send
the page back to the catalog retailer, your browser's HTTPS layer will encrypt it. The
acknowledgement you receive from the server will also travel in encrypted form, arrive with
9. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
an https:// URL, and be decrypted for you by your browser's HTTPS sublayer. The
effectiveness of HTTPS can be limited by poor implementation of browser or server
software or a lack of support for some algorithms. Furthermore, although HTTPS secures
data as it travels between the server and the client, once the data is decrypted at its
destination, it is only as secure as the host computer. According to security expert Gene
Spafford, that level of security is analogous to "using an armored truck to transport rolls of
pennies between someone on a park bench and someone doing business from a
cardboard box."
FIREWALL
A firewall is a set of related programs located at a network gateway server that protects the
resources of a private network from potential intruders. Firewalls do not verify that
information is coming from a secure source. Instead, they enforce a set of rules that
determine what information is allowed to pass.
There are several types of firewall techniques:
1. Packet filter:
Packet filtering inspects each packet passing through the network and accepts or rejects
it based on user-defined rules. Although difficult to configure, it is fairly effective and
mostly transparent to its users. It is susceptible to IP spoofing. This type of packet filtering
pays no attention to whether a packet is part of an existing stream of traffic (i.e. it stores no
information on connection "state"). Instead, it filters each packet based only on
information contained in the packet itself. Packet filtering firewalls work mainly on the first
three layers of the OSI reference model, which means most of the work is done between
the network and physical layers, with a little bit of peeking into the transport layer to figure
out source and destination port numbers. When a packet originates from the sender and
filters through a firewall, the device checks for matches to any of the packet filtering rules
that are configured in the firewall and drops or rejects the packet accordingly. When the
packet passes through the firewall, it filters the packet on a protocol/port number basis
(GSS). For example, if a rule in the firewall exists to block telnet access, then the firewall
will block the IP protocol for port number
2. Application gateway:
Applies security mechanisms to specific applications, such as FTP and Telnet servers.
This is very effective, but can impose a performance degradation. The key benefit of
application layer filtering is that it can "understand" certain applications and protocols
(such as File Transfer Protocol, DNS, or web browsing), and it can detect if an unwanted
protocol is sneaking through on a non-standard port or if a protocol is being abused in any
harmful way. An application firewall is much more secure and reliable compared to packet
filter firewalls because it works on all seven layers of the OSI reference model, from the
application down to the physical Layer. This is similar to a packet filter firewall but here we
can also filter information on the basis of content.
3. Circuit-level gateway:
10. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
Applies security mechanisms when a TCP or UDP connection is established. Once the
connection has been made, packets can flow between the hosts without further checking.
A circuit-level gateway is a type of firewall, circuit level gateways work at the session layer
of the OSI model, or as a "shim-layer" between the application layer and the transport layer
of the TCP/IP stack. They monitor TCP handshaking between packets to determine whether
a requested session is legitimate. Information passed to a remote computer through a
circuit level gateway appears to have originated from the gateway. This is useful for hiding
information about protected networks. Circuit level gateways are relatively inexpensive
and have the advantage of hiding information about the private network they protect. On
the other hand, they do not filter individual packets.
4. Proxy server:
Intercepts all messages entering and leaving the network. The proxy server effectively
hides the true network addresses. In computer networks, a proxy server is a server (a
computer system or an application program) that acts as an intermediary for requests from
clients seeking resources from other servers. A client connects to the proxy server,
requesting some service, such as a file, connection, web page, or other resource, available
from a different server. The proxy server evaluates the request according to its filtering
rules. For example, it may filter traffic by IP address or protocol. If the request is validated
by the filter, the proxy provides the resource by connecting to the relevant server and
requesting the service on behalf of the client. A proxy server may optionally alter the
client's request or the server's response, and sometimes it may serve the request without
contacting the specified server. In this case, it 'caches' responses from the remote server,
and returns subsequent requests for the same content directly.
INTRUSION DETECTION SYSTEM
An intrusion detection system (IDS) is a device or software application that monitors
network and/or system activities for malicious activities or policy violations and produces
reports to a Management Station. Intrusion prevention is the process of performing
intrusion detection and attempting to stop detected possible incidents. Intrusion detection
and prevention systems (IDPS) are primarily focused on identifying possible incidents,
logging information about them, attempting to stop them, and reporting them to security
administrators. In addition, organizations use IDPSs for other purposes, such as
identifying problems with security policies, documenting existing threats, and deterring
individuals from violating security policies. IDPSs have become a necessary addition to the
security infrastructure of nearly every organization. IDPSs typically record information
related to observed events, notify security administrators of important observed events,
and produce reports. Many IDPSs can also respond to a detected threat by attempting to
prevent it from succeeding. They use several response techniques, which involve the IDPS
stopping the attack itself, changing the security environment (e.g., reconfiguring a
firewall), or changing the attack‟s content.
IDS Terminology
* Alert/Alarm: A signal suggesting that a system has been or is being attacked.
11. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
* True Positive: A legitimate attack which triggers an IDS to produce an alarm.
* False Positive: An event signaling an IDS to produce an alarm when no attack has
taken place.
* False Negative: A failure of an IDS to detect an actual attack.
* True Negative: When no attack has taken place and no alarm is raised.
* Noise: Data or interference that can trigger a false positive.
* Site policy: Guidelines within an organization that control the rules and configurations
of an IDS.
* Site policy awareness: The ability an IDS has to dynamically change its rules and
configurations in response to changing environmental activity.
* Confidence value: A value an organization places on an IDS based on past
performance and analysis to help determine its ability to effectively identify an attack.
* Alarm filtering: The process of categorizing attack alerts produced from an IDS in order
to distinguish false positives from actual attacks.
* Attacker or Intruder: An entity who tries to find a way to gain unauthorized access to
information, inflict harm or engage in other malicious activities.
* Masquerader: A user who does not have the authority to a system, but tries to access
the information as an authorized user. They are generally outside users.
* Misfeasor: They are commonly internal users and can be of two types:
1. An authorized user with limited permissions.
2. A user with full permissions and who misuses their powers.
* Clandestine user: A user who acts as a supervisor and tries to use his privileges so as
to avoid being captured.
Limitations
Noise
Noise can severely limit an Intrusion detection systems effectiveness. Bad packets
generated from software bugs, corrupt DNS data, and local packets that escaped can
create a significantly high false-alarm rate.
Too few attacks
It is not uncommon for the number of real attacks to be far below the false-alarm rate.
Real attacks are often so far below the false-alarm rate that they are often missed and
ignored.
Signature updates
Many attacks are geared for specific versions of software that are usually outdated. A
constantly changing library of signatures is needed to mitigate threats. Outdated signature
databases can leave the IDS vulnerable to new strategies.
Cyber Forensic Tools
Cyber forensic is a field that is increasingly getting noted on higher levels so be it for
solving a local crime or be it that interests the security factors of a country. Let us look at
12. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
some of the best forensic tools used to investigate cases related to cyber crime or those
that are used for scientific purposes. Cyber forensic is an interesting domain which is
coupled with technical advances and the ability to use them effectively. Cyber forensic
primarily is used in the investigation of cyber crimes (i.e., crimes that occur over and on
the technology front). However this need not be the case, since most forensic techniques
and tools are also used for scientific purposes and research. With serious issues like
terrorism that threaten the national integrity of a country it is only wise to learn and know
the tools of the trade that terrorists use against the state. Cyber forensic tools aid not only
in investigating crime cases but also for drafting and creating hard evidences for the same.
Let us evaluate just some of these tools that have been used since long by forensic
investigators, scientists and some notorious elements alike:
X-Ways WinHex
WinHex is used as a universal hexadecimal editor and is primarily useful in low-level data
processing, file inspection, digital camera card recovery, recovery of files even from
corrupt files systems, etc. This is one heck of a powerful tool and can especially be used in
gathering digital evidence.
FirstOnScene (FOS)
FOS is the only one tool of its kind. It is rather a visual basic script code than a executable
binary file. First On Scene works with other tools such as PSTools, LogonSessions, FPort,
NTLast, PromiscDetect, FileHasher, etc. to gather an evidence log report. This log report
can further be analyzed by forensic experts to extract important information.
Rifiuti
Rifiuti is a unique tool that aids investigators in finding the very last details of your
system's recycle bin folders. Rifiuti is useful to gather critical information on all your delete
and undelete activities.
Pasco
Pasco is a Latin word for "browse". Pasco helps in the analysis of the contents of internet
explorer's cache. So in short it can be particularly useful to gather internet activity records
from a target computer.
Galleta
Galleta is a Spanish word that means "cookie". Galleta is useful in examining the contents
of cookie files on your machine. Cookie files are basically temporary internet files used by
websites to maintain their indigenous logs for tracking and other such purposes.
Forensic Acquisition Utilities (FAU)
Forensic Acquisition Utilities is a set of forensic tools such as md5 checker, file wiper, etc.
used for assorted purposes in research and investigation.
NMap
NMap is particularly associated with network security. NMap is a port scanner tool that
helps find open ports on a remote machine. What separates NMap from other tools is its
13. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
ability to evade source machine identity and to work without causing any Intrusion
Detection System (IDS) alarms to go of.
Ethereal
Ethereal is another network security tool which is not a port scanner but rather a network
packet sniffer. Ethereal sniffs data packets over the network and can provide investigators
with incoming/outgoing data that is sent over a network. However, ethereal itself cannot be
useful in cases where strong encryption algorithms are in place at the source and
destination computers.
BinText
BinText does not directly investigate but can be useful to browse through gathered
evidence files such as that of log files generated by other forensic tools. BinText can be
used for pattern matching and filtering these log files.
PyFlag Tools
PyFlag are a couple of tools used for log analysis and can be a very effective tool for
investigators if coupled and used with other forensic tools.
Miscellaneous Steganography Tools
Steganography is out of the scope of this article however they cannot be ruled out from the
forensic dimension. Steganography is an art to deceive by embedding text or data files in
an image file. Various steganography tools help achieve just that. There are some tools
however that help in detecting such injections. Recently, hackers and malicious users
have been coming up with ideas to inject data files not just in image files but also music
and video files and to our much discomfort they have been sucessful with these attempts.
Implement Cyber Security Plan
A computer network assessment will help you begin a cyber security plan to mitigate the
largest risks to your business. A cyber security plan needs to be developed by an
employee or a contractor that has a basic understanding of cyber security.
A comprehensive cyber security plan needs to focus on three key areas:
* Prevention. Solutions, policies and procedures need to be identified to reduce the risk
of attacks.
* Resolution. In the event of a computer security breach, plans and procedures need to
be in place to determine the resources that will be used to remedy a threat.
* Restitution. Companies need to be prepared to address the repercussions of a
security threat with their employees and customers to ensure that any loss of trust or
business is minimal and short-lived.
PART 'B' CYBER LAW
Scope of Cyber Law
Cyber law is gaining a stronger foothold and there are several job opportunities for those
14. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
who would like to be Sherlock Holmes" on the Internet. Everything is becoming cyber and
the concerns of maintaining security of the information on the internet is also growing.
Therefore there are tremendous career opportunities in almost every field, from law to the
IT Industry. You may be working in any field, knowledge of cyber law will definitely give
you an edge over the rest. Apart from being a full-fledged lawyer, one can get the job of
Cyber Consultant in an IT firm, police department or in banks, Research assistants in a law
firm, Research assistants in a technology firm, Advisors to the web developers, Advisors
in the Ministry of Information and Technology or in Corporate Houses, Security Auditors
and Network Administrators in Technology firms, Trainers in law schools and Multinational
Corporations. Since a cyber lawyer has to inevitably deal with criminal law, intellectual
property law, commercial and civil law in his cyber law cases, it is best to have a sound
and in-depth knowledge of these laws apart from cyber laws to give your practice a real
edge. Talwant Singh, Additional District and Sessions Judge, Delhi says, “Scope of cyber
law increases when combined with intellectual property rights laws as in many cyber law
cases, the question of violation of copy rights is also involved.” As far as job opportunities
are concerned, the field of cyber law is full of them. For example, you can choose from
private practice, litigation, corporate advising and international cyber law work. Although
litigation may take some time to firm its roots, consultancy has a lot of instant money to
offer.
ESSENCE OF DIGITAL CONTRACTS
* Quality, first and foremost - legal contracts and documents you'd expect from a top law
firm.
* You know the draftsman (not an unnamed "leading attorney").
* It's online, quick, and easy; no software to download and install.
* Free assistance with contract selection.
* Pay only once; then draft unlimited legal contracts and documents during your
subscription.
* Easy-to-use "Intelligent" wizard guides your drafting.
* "Intelligent" document assembly produces near-custom agreements.
* Free updates and new documents as they're released (unlike downloadable forms).
* You own your agreements - copy to your word processor; edit and customize as you
like.
* Safe and secure - your document data archived for limited time.
Digital Signature System ----- refer to digital signatures.....
Domain Name Issues
# Having a great domain name can be a valuable commodity. In 2008 the domain pizza.com
sold for $2.6 million and the year before that business.com sold for $350 million. There is a
lot of money in the domain business so sometimes people are willing to walk the line
between legal and illegal.
Cyber Squatting
# When someone registers a domain with trademarked phrases they do not own in bad
faith or to make a profit, it is called cyber-squatting. When someone who owns the
15. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
trademark sees they've been cyber-squatted, he can file a dispute with ICANN, the Internet
Corporation for Assigned Names and Numbers, which oversees domain names. Courts can
also handle domain disputes but because of the international nature of the Internet
jurisdiction isn't clear. Sometimes it's unclear whether the domain was registered in good
faith in the case of a man named Uzi Nissan, who owns a computer company, versus
Nissan Motor Company, who fought over nissan.com. As of 2010, Mr. Uzi Nissan still owns
the domain, but they've been fighting since 1999. Famous actors will also fight over
domains that have their name, as the singer Madonna did over madonna.com in the year
2000 when it became a pornography site.
Typo-Squatting
# Typo-squatting is when someone registers a domain for the purpose of getting visitors
who mistype a webpage name. Using the original domain name microsoft.com as an
example, a typo squatter could register wwwmicrosoft.com as one word to gain visitors
who forget to type a period between www and microsoft. The squatter could then place
advertisements on the page for profit or make a fake page replicating the original one for
the purpose of identity theft in the form of logins and other personal data. In 2008,
Microsoft sued a company called Domain Investments for typo-squatting on the domains
zunedrivers.com, windoesmobile.com, microsoft-games.com and wwwhotmajl.com.
Front Running
# Domain front running is when a domain registrar temporarily or permanently registers a
domain that someone recently searched to register when using their website. Although
this practice can be legal, it's frowned upon by those registering domains. A popular
domain registrar, Network Solutions, was accused of this in 2008. Whenever users
searched for a potential domain on their websites, Network Solutions registered the
domain for four days with a message in the whois data saying they can register it at
Network Solutions website. This forced users to register the domain with them instead of
their normal registrar or risk the registration of the domain by someone else. Some smaller
domain availability websites might outright register themselves permanently for your
domain they see you searching for, so search for your domain where you wish to register
and buy it right away so front runners won't have time to see if it's a good idea.
Copyright Laws for Digital Media
As more and more material gets digitized for preservation and for easier access by a
wider number of people, it's important to remember that the U.S. Copyright Office has a set
of laws pertaining exclusively to digital media. Digital media in this case has a number of
definitions, but most commonly it refers to a digital audio copied recording--that is,
digitally recorded music or sound.
Basic Copyright Law
The law that deals with digital media is Title 17. This states that copyright for creative
works lasts for the life of the author or creator plus 75 years. The Copyright Term
Extension Act is a controversial law, as it was amended in 1998 with help of musicianturned-
politician Sonny Bono. After the creator is dead for 75 years, the work passes into
the public domain, meaning that no one individual owns it and everyone can use it free of
16. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
charge. If a person is caught using a copyrighted work before it enters the public domain,
he is subject to injunction, fines and possibly jail time depending on the severity of the
infringement.
Reproduction and Distribution
Reproduction and distribution of copyrightedS works without permission is illegal.
Under provisions of copyright law, a person who is not the legal owner of a piece of digital
media is prohibited from copying or sharing that media. It is also illegal to import,
manufacture or distribute any device that allows others to copy digital media for purposes
of distribution. Persons seeking to use copyrighted material must be approved by the legal
owner before proceeding with copying.
Royalty Payments
Any person who obtains permission to copy and distribute copyrighted works of digital
media must pay royalties to the copyright holder. Royalties are defined under Section 1003
of the copyright code as three percent of the transfer price, but not less than one dollar.
Anyone found violating royalty agreements must cease distribution of all works until the
case is reviewed by a copyright royalty judge. The judge withholds the amount of money in
question until the case is resolved.
E-Governance
Under e-governance scenario, the
Government and its citizens/business houses should be able to transact all their activities
or at least majority of activities without meeting each other using Information technology
tools such as internet, public kiosks etc. For example, when a citizen wants to get a ration
card, he/she should be able to apply and get the ration card without physically going to the
Taluka office. Similarly, when a widow wants to get a widow pension she should be able to
get it by applying through the village or block level internet centre.
Or, a farmer wanting to get a land extract / cultivation extract should be able to do it
without going to any government official through the internet or public kiosks.
Going to the Government offices and waiting there to get these services should be only an
optional one. The citizens should have a choice of going to the internet centres or the
government offices to get their works done with the Government.
This can be achieved only through the following steps:
1. Government offices should be computerised using online workflow procedure. That
means all the paper based registers have to be given up and all government works have to
be carried out only through computers.
2. All Government employees working in the areas where e-governance is proposed have
to be computer trained and each one should be given user ID and password to operate the
system.
3. All these government employees have to be trained in their area of operation in the
software.
4. The Government servers should be connected to the internet so that the citizens and
business houses are enabled to access the Government information at any time and also
17. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
enabled to file all their requests/applications online. The scope for meeting government
officials should be reduced to the extent that only where statutorily such physical
presence is required they should be asked to meet the government officials.
5. All applications or requests from citizens/business houses should be received only
through online procedure using internet as medium.
6. STD booths or similar public kiosks should be authorised to intermediate between the
citizens and the government. This includes online remittance facility too.
A similar facility should be made available to the business houses too.
Cyber Crimes
Spam
Spam, or the unsolicited sending out of junk e-mails for commercial purposes, which is
unlawful. New anti-spam laws are being passed in various countries which will hopefully
limit the use of unsolicited electronic communications.
Fraud
Computer fraud refers to the fallacious misrepresentation of fact conveyed with an
intention of inducing another to do or refrain from doing something that will ultimately lead
to some major kind of loss.
Obscene or Offensive Content
The contents of some of the websites and other electronic communications over the net
can be really distasteful, obscene or offensive for a variety of reasons. In many countries
such communications are considered illegal. It can be very troubling if your children are
exposed to adult content.
Harassment
This cyber crime encompasses all the obscenities and derogatory comments directed
towards a specific individual or individuals focusing for example on gender, race, religion,
nationality, and sexual orientation. Harassment is the cybercrime most commonly
encountered in chat rooms or through newsgroups.
Drug Trafficking
Drug traffickers use the Internet as a medium for trading their illegal substances by
sending out enciphered e-mail and other Internet Technology. Most of the drug traffickers
can be found arranging their illegal deals at internet cafes, using courier websites for the
delivery of illegal packages containing drugs, and sharing formulas for amphetamines in
restricted-access chat rooms.
Cyber Terrorism
Due to the increase in cyber terrorism, the hacking into official websites or the crashing of
official websites, government officials and Information Technology security specialists
have recently begun a significant increase their mapping of potential security holes in
18. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
critical systems in order to better protect information sensitive sites.
Common Sources of Cybercrime
Researchers at Sophos Labs claim to have created a language software that can figure out
the host country of malicious software by tracing the default language of the computer on
which it was programmed. According to their analysis of the default language linked up
with about 19,000 samples at the end of last year, Americans and other non-British English
speakers, surprisingly, produced a large proportion of malware. China produced 30%,
Brazil with 14.2% and Russia produced 4.1% of the world's malware.
Child Abuse Law USA
* ABA Center on Children and the Law
The ABA Center on Children and the Law, a program of the Young Lawyers Division, aims
to improve children's lives through advances in law, justice, knowledge, practice and
public policy. Our areas of expertise include child abuse and neglect, child welfare and
protective services system enhancement, foster care, family preservation, termination of
parental rights, parental substance abuse, adolescent health, and domestic violence.
* Chapter 419B — Juvenile Code: Dependency - Reporting Child Abuse
The Legislative Assembly finds that for the purpose of facilitating the use of protective
social services to prevent further abuse, safeguard and enhance the welfare of abused
children, and preserve family life when consistent with the protection of the child by
stabilizing the family and improving parental capacity, it is necessary and in the public
interest to require mandatory reports and investigations of abuse of children and to
encourage voluntary reports.
* Child Abuse Prevention and Treatment Act as Amended by the Keeping Children and
Families Safe Act of 2003
The basis for government's intervention in child maltreatment is grounded in the
concept of parens patriae—a legal term that asserts that government has a role in
protecting the interests of children and in intervening when parents fail to provide proper
care. Beginning in the late 19th century, States and local jurisdictions started initiating
mechanisms to assist and protect children. Then in 1912, the Federal Government
established the Children's Bureau to guide Federal programs that were designed to
support State child welfare programs as well as to direct Federal aid to families, which
began with the passage of the Social Security Act (SSA) in 1935. The child welfare policy of
the SSA layered Federal funds over existing State-supervised and administered programs
that were already in place.
* Definitions of Child Abuse and Neglect - Child Welfare Information Gateway
Child abuse and neglect are defined by Federal and State laws. The Child Abuse
Prevention and Treatment Act (CAPTA) is the Federal legislation that provides minimum
standards that States must incorporate in their statutory definitions of child abuse and
neglect. The CAPTA definition of "child abuse and neglect" refers to: * "Any recent act or
failure to act on the part of a parent or caretaker, which results in death, serious physical
or emotional harm, sexual abuse, or exploitation, or an act or failure to act which presents
an imminent risk of serious harm"
19. Cyber Security and Cyber Law
By:-
D!vy@nk Gupt@
CR [ITESM]
IIT DWARKA
2012-2013
*
Megan's Law
The U.S. Congress has passed several laws that require states to implement sex
offender and crimes against children registries: the Jacob Wetterling Crimes Against
Children and Sexually Violent Offender Registration Act, the Pam Lychner Sexual Offender
Tracking and Identification Act, and Megan's Law. On March 5, 2003, the United States
Supreme Court ruled that information about potential predators may be publicly posted on
the Internet.
* Sex Offender Registration and Notification Act
To provide for the registration of sex offenders and for appropriate notification of their
whereabouts, and for other purposes.
* US Code, Title 42, 13031 - Child Abuse Reporting
A person who, while engaged in a professional capacity or activity described in subsection
(b) of this section on Federal land or in a federally operated (or contracted) facility, learns
of facts that give reason to suspect that a child has suffered an incident of child abuse,
shall as soon as possible make a report of the suspected abuse to the agency designated
under subsection (d) of this section.