Download as PDF, PPTX
More Related Content
Similar to Cyber security review paper
Cyber security review paper
- 1. TITLE:A REVIEW PAPERON CYBER SECURITY- IJERT PRESENTED BY-MAHESH KUMAR, ROLL.NO.- 191506, DEPARTMENT OF BIOTECHNOLOGY, CUH PAPER INFORMATION- • PAPER ID- IJERTCONV5IS23011 • AUTHOR NAME-SALONI KHURANA • PUBLISHED-24-04-2018 • ISSN:2278-0181 • PUBLISHER NAME- IJERT
- 2. INTRODUCTION • CYBER SECURITY-THIS IS PROTECTING CYBER SPACE INCLUDING CRITICAL INFORMATION FROM INFRASTRUCTURE ATTACK,DAMAGE,MISUSE AND ECONOMIC ESPIONAGE. • CYBER SPACE- A GLOBAL DOMAIN WITHIN THE INFORMATION ENVIRONMENT CONSISTING OF THE INTERDEPENDENT NETWORK OF INFORMATION TECHNOLOGY, INFRASTRUCTURE INCLUDING THE INTERNET, TELECOMMUNICATION , NETWORK, COMPUTER SYSTEM AND EMBEDDED PROCESSES AND CONTROL.
- 3. NEED OF CYBERSECURITY? • WE NEED CYBER SECURITY IN MAINLY THREE AREAS: • 1.FOR INDIVIDUAL- PHOTOS , VIDEOS AND OTHER PERSONAL INFORMATION SHARED BY AN INDIVIDUAL ON SOCIAL NETWORKING SITES CAN BE APPROPRIATELY USED BY OTHER, LEADING TO SERIOUS AND EVEN LIFE THREATING INCIDENTS. • 2.FOR BUSINESS ORGANIZATION-COMPANIES HAVE A LOT OF DATA AND INFORMATION ON THEIR SYSTEMS.A CYBER ATTACK CAN LEAD TO LOSS OF COMPETITIVE INFORMATION (SUCH AS PATENTS OR ORIGINAL WORK),LOSS OF PUBLIC TRUST ON THE INTEGRITY OF THE ORGANISATION. • 3.FOR GOVERNMENT- A LOCAL STATE OR CENTRAL GOVERNMENT MAINTAINS HUGE AMOUNT OF CONFIDENTIAL DATA RELATED TO COUNTRY (GEOGRAPHICAL, MILITARY,STRATEGIC ASSETS ETC.)AND CITIZENS UNAUTHORIZED ACCESS TO THE DATA ON LEAD TO SERIOUS THREATS ON A COUNTRY.
- 4. OBJECTIVE • THE MAINOBJECTIVE OF CYBER SECURITY IS TO ACHIEVE THREE GOALS: • 1.CONFIDENTALITY. • 2.INTEGRITY. • 3.AVAILIBILITY. • THESE THREE THING ALSO KNOWN AS CIA.
- 5. TYPE OF CYBERTHREATS • CYBER ATTACK-IT IS A MALICIOUS AND DELIBERATE ATTEMPT BY AN INDIVIDUAL OR ORGANISATION TO BREECH THE INFORMATION SYSTEM OF ANOTHER INDIVIDUAL OR ORGANISATION. • MOTIVE -TO SEEK COMMERCIAL GAIN BY HACKING SITES ,TO OBTAIN MILITARY DATA AND CORPORATE DATA TO OBTAIN PLANS AND INTELLIGENCE. • TYPE OF CYBER ATTACK OR THREATS- • 1.MALWARE • 2.PHISHING. • 3.KEYSTOKE LOGGING (TYPES-A.SOFTWARE BASED KEY LOGGER’S. • B.HARDWARE BASED KEY LOGGER’S)
- 6. MALWARE • MALWARE ORMALICIOUS IS A SOFTWARE THAT IS HARMFUL FOR OUR COMPUTER NETWORK. • IT IS ALSO KNOWN FOR MALICIOUS CODE. EXAMPLE-RANSOMWARE • IT HAS MAINLY THREE TYPES ACCORDING TO THIS PAPER- • 1.VIRUS. • 2.TROZEN HORSE • 3.WORMS. • 1.VIRUS-IT IS A MALICIOUS SOFTWARE THAT IS REPLICATES ITSELF IN OUR COMPUTER SYSTEM BY MODIFYING OTHER PROGRAMS.THEY DAMAGE THE SYSTEM,CORREPTING DATA ,INCRESING MAINTENANCE DATA. • EXAMPLE-RANSOMWARE VIRUS. • 2.TROZEN HORSE- IT IS ALSO A MALICIOUS SOFTWARE THAT INTENDS TO BE HARMFUL. • TROJEN ALLOW ATTACKERS TO HACK PERSONAL INFORMATION SUCH AS BANKING INFORMATION, EMAIL, PASSWORD, PERSONAL I’D. • IT ALSO AFFECTS THE OTHER DEVICE IN OUR SYSTEM. 3.WORMS– IT IS ALSO A MALICIOUS INTENT PROGRAM THAT REPLICATES ITSELF IN ORDER TO SPREAD TO OTHER PROGRAMME..THEY DO NOT CHANGE THE SYSTEM IN WHICH THEY PASS THROUGH. REFERENCE: HTTP://YOUTU.BE/QUOHLN-UOY
- 7. CONTINUOUS.....• PHISHING- ITIS THE ATTEMPT TO OBTAIN SENSITIVE INFORMATION SUCH AS CREDIT CARD DETAILS, USERNAME, PASSWORD ETC. FOR MALICIOUS REASONS. • PHISHING IS TYPICALLY CARRIED OUT BY THE MESSAGING OR EMAIL SPOOFING AND IT OFTEN DIRECT USERS TO ENTER PERSONAL DETAILS AT A FAKE WEBSITE. THIS WEBSITE MAY CONTAIN MALICIOUS SOFTWARE. • EXAMPLE-SOCIAL ENGINEERING TECHNIQUES. • TYPES OF PHISHING- • 1.SPEAR PHISHING • 2.CLONE PHISHING. • 3.WHALE PHISHING. • REFERENCE-HTTP://YOUTU.BE/X-C4TDOKH5Q
- 8. CONTINUOUS.... SPEAR FISHING PHISHING ATTACKSWITH INDIVIDUAL OR COMPANIES DIRECTLY. SUCCESSFUL RATE – 91% IN THIS ATTACK,THE ATTACKERS TARGET THE INDIVIDUAL COMPANY TO GAIN INFORMATION AND THEN THEY WANT TO COMPLETE THEIR INTENTION BASED ON COMPANY INFORMATION. CLONE PHISHING IT IS TYPE OF FISHING ATTACK WHERE AN EMAIL CONTAINING LINK OR ATTACHMENT HAS HAD IT’S CONTENT AND RECIPIENT ADDRESS. TAKEN AND USED TO CLONE IDENTICAL EMAIL. WHALING SEVERAL PHISHING ATTACKS HAVE BEEN DIRECTED SPECIFICALLY AT SENIOR EXECUTIVE AND ITHER PEOPLE WITH HIGH PROFILE TARGETS WITHIN A BUSINESS.SO TYPES OF ATTACKS ARE CALLED WHALING ATTACKS.
- 9. KEYSTROKE LOGGING... • ITIS OFTEN REFERRED AS KEY LOGGING OR KEYBOARD CAPTURING. • IN THIS,THE PERSON USING THE KEYBOARD,THIS PERSON DID NOT KNOW WHO IS MONITORING THEIR KEY BOARD. • IT IS BASICALLY THE ACTION OF RECORDING KEYS STRUCK ON KEYBOARD. • THESE ARE TWO TYPES- • 1.SOFTWARE BASED KEY LOGGER’S- THESE ARE THE COMPUTER PROGRAMS DESIGNED TO WORK ON THE TARGET COMPUTER SOFTWARE.THEY ARE USED IN IT INDUSTRY. • 2.HARDWARE BASED KEY LOGGER’S- THEY DON’T DEPEND UPON ANY SOFTWARE PROGRAMS. • THEY EXIST AT A HARDWARE LEVEL IN A COMPUTER
- 10. REMEDIES • FIREWALL- ACOMPUTER FIREWALL CONTROLS THE ACCESS BETWEEN NETWORK. • IT CONTAINS FILTER DEPENDING UPON ONE FIREWALL TO OTHER. • THIS IS NOTHING BUT BASICALLY IT IS SECURITY PROGRAMME THAT CONTROLS INCOMING AND OUTGOING NETWORK TRAFFIC BASED ON SECURITY RULES. • A FIREWALL BASICALLY ESTABLISHES A BARRIER BETWEEN A TRUSTED, SECURE INTERNET NETWORK AND OTHER OUTSIDE NETWORK SUCH AS INTERNET THAT IS NOT CONSIDERED SECURED OR TRUSTED. REFERENCE IMAGE-HTTP://YOU.BE/X-C4DOKH5Q
- 11. INTERNET SECURITY PRODUCTS •THERE ARE DIFFERENT INTERNET SECURITY PRODUCT AVAILABLE IN THE MARKET.SOME OF ARE- • 1.ANTIVIRUS-ANTIVIRUS SOFTWARE AND INTERNET SECURITY PROGRAMS ARE ABLE TO PROJECT A PROGRAMMABLE DEVICE FROM ATTACK BY DETECTING AND ELIMINATING THE VIRUSES. • ANTIVIRUS ARE USED IN THE EARLY YEARS OF INTERNET BUT NOW A DAYS THERE ARE DIFFERENT- DIFFERENT SEQURITY PROGRAM ARE AVAILABLE IN THE MARKET.
- 12. 2.PASSWORD MANAGERS • THISIS A SOFTWARE APPLICATION THAT IS USED TO ORGANISE AND STORAGE THE PASSWORDS. • PASSWORD MANAGERS USUALLY STORE PASSWORD ENCRYPTED, REQUIRING THE PERSON TO A CREATE A MASTER PASSWORD . • MASTER PASSWORD-A SINGLE, IDEALLY A STRONG PASSWORD WHICH ALLOWS THE USER TO ACCESS TO ENTIRE THEIR PASSWORD DATABASE. • REFERENCE- • HTTP://IMAGES.APP.GOO.LE/PG8BKXZS2BEXJ4L17
- 13. 3.SEQURITY TOKENS • SOMEONLINE SITES OFFERS THE USERS TO ABILITY TO USE THE SIX DIGIT CODE WHICH RANDOMLY CHANGES AFTER EVERY 30-60 SECONDS ON A SEQURITY TOKEN. • THE KEY ON THE TOKEN HAVE BUILT COMPUTATION AND MANIPULATED NUMBERS BASED ON THE CURRENT TIME BUILT INTO THE DEVICE . • THIS MEANS AFTER EVERY 30 SECONDS THERE IS ONLY A SEQUENCE OF NUMBER POSSIBLE WHICH WOULD BE CORRECT TO ACCESS THE ONLINE ACCOUNT.
- 14. 4.SECURITY SUITS • THESEQURITY SUIT CONTAINS THE SUITS OF FIREWALL, ANTIVIRUS,ANTISPYWARE AND MANY OTHERS. • THET ALSO GIVES THE THEFT PROTECTION, PORTABLE STORAGE DEVICE SAFETY CHECK,PRIVATE INTERNET BROWSING OR MAKE SEQURITY RELATED DECISIONS AND ARE FREE OF CHARGE.
- 15. CONCLUSION • THIS PAPERIS BASICALLY TRYING US TO TELL US THE IMPORTANCE OF CYBER SECURITY AND THIS IMPORTANCE. • THIS ALSO TRYING TO TELL US ABOUT THE VARIOUS TYPES OF CYBER THREATS AND VARIOUS METHODS THAT CAN BE USED TO PREVENT OUR DEVICE GETTING ATTACKING CONCLUSION. • THIS IS ALSO HELPS US TO OVERCOME SEVERAL LAPHOLES ON THEIR COMPUTER OPERATION.
- 16. REFERENCE • HTTP://EN.WIKIPEDIA.ORG/WIKI/INTERNETSEQURITY#PHISHING. • HTTPS://EN.WIKIPEDIA.ORG/WIKI/MALWARE. •HTTPS://EN.WIKIPEDIA.ORG/WIKI/PHISHING.
- 17.