Cyber Security

(AUC-002)
Unit-1

12/19/16

Introduction
Data and information stored in a computer can be used
with both positive and negative intentions.
Networks traps can be used by other networks to harm
the status and reputation of business.
Violations of rights is also a major threat.

12/19/16

Information System
Information System was derived from IT to support
necessary information for Business Operation
There are Two terms in Information System
1.Information
2.System
Information is a well structured data with a specific meaning
System is an arrangement that takes input and provides
output after completing the required process
So Information System is an arrangement that processes
data and provides meaningful information.
12/19/16

Continues
It can also be defined as a set of interrelated
components that collect store, process, generate and
disseminate information for effective business function
It also supports in decision making

12/19/16

IS Model
End
User

End
User

Databa
se
12/19/16

End
User
5

IS components
IS has various components, which are mainly grouped
under two heads:
System Resources:
System Activities
1- People(IS Speci,End User)
2- Hardware(Machine,media)
stocks/Vendor)
3-Software(Programs,Procedures)
Analyze,calculate,compare)

1-Input (Stock,Vendors)
2- Storage(Details of
3-Process(Classify,

4- Data(Database,Knowledgebase) 4-Output(Report of analysis)

5- Network(Comm and Support)
5-Control and
maintenance(Supply
chain control,supply)
12/19/16

Types of Information System

12/19/16

12/19/16

Types of IS
1.
2.
3.
4.
5.

Transaction Processing Systems (Operation Level)

Management Information System (Tactical )
Decision Support Systems (Tactical)
Executive Information Systems (Strategic )
Expert Systems (Strategic)

12/19/16

Expert- System

12/19/16

10

EVOLUTIONARY DEVELOPMENT
MODELS
1.1 Prototype Model
1.2 Spiral Model

12/19/16

11

PROTOTYPE MODEL

12/19/16

12

12/19/16

13

12/19/16

14

SPIRAL MODEL

12/19/16

15

INFORMATION SECURITY
(ISS-Concept , Components, Threat & Need)

12/19/16

16

Information Security
Concept
Protecting Information Resources and
Systems From
Unauthorized Use and Access
Unauthorized Disclosure and Modification
Damage and Destruction

12/19/16

17

KEY-TERMS
Assets resource to be protected.
Risk probability that something may happen
Attack- an intentional or unintentional attempt that
may cause danger.
Threats category of object that pose a potential
danger to an asset.
Threat Agent
Vulnerability - weakness
Exposure
12/19/16

18

Components Of Information security

Confidentiality
Integrity
Availability
Privacy
Authentication
Accuracy.

12/19/16

19

Sources
of
Likely
Information Systems.

12/19/16

Threat

for

Insiders for fun or revenge

Enemies of the Nation
Faults and Malfunction
Insiders and Outsiders for Profit
Acts of God

20

Need For Information Security

1. Protects the Organizations ability to FUNCTION.
2. Enables Safe Operation
3. Protects the data that Organization collects and
use.
4. Safeguards the technology Assets in use at
Organization.

12/19/16

21

INFORMATION
ASSURANCE
12/19/16

22

Information Assurance
The measures that protect and defend information and IS by
ensuring
1.Availability
2. Integrity
3. Authentication
4. Confidentiality
5. Non-Repudiation
The measures that provides for restoring information systems after
an attack by putting in place proper protection, detection and
reaction abilities.

12/19/16

23

INFORMATION ASSURANCE

12/19/16

24

Information Assurance
Vs.
Information Security

12/19/16

s.no. Information Assurance

Information Security

1.

More Strategy Focused

More Tools and Tactics

Focused

2.

Broader Spectrum of
Information Management &
Protection

Stresses Technology and

Operations

3.

Concerned with Organizations

Overall Risk

Concerned with Security

Applications and
Infrastructure

4.

Example : Security Audits

Example : Antivirus ,
Firewalls, VPN

25

Attributes Of Information Assurance

Authentication
Access Control
Information & Data Integrity
Intrusion Detection System (IDS)
Cryptography
Security Verification
Risk Analysis & Management

12/19/16

26

CYBER-SECURITY
(Protection Against Cyber-Crime)
12/19/16

27

Cyber-Security
Cyber Security defines the protection of information
and information system against the potential
threats on internet.
Cyber Security involves information Security but
Information Security does not involve cyber security
Cyber Security is meant for proactive Detection of
Loop-holes in the security policies of the computer
Systems.
12/19/16

28

Cyber-Crime
Criminal activities carried out by means of computers or
the Internet.

12/19/16

29

Challenges in Cyber-Security
Cyber Security tactics recognize the fact that
attacking a system is easier than defending it.
Attacker needs only a single weak point or
opportunity to penetrate through the defenses.
But the defender must view the
entire system and ensure the security of the
system as a whole.

12/19/16

30

12/19/16

31

SECURITY RISK
ANALYSIS
12/19/16

32

Risk Analysis Terminology

Asset
Threat
Vulnerability
CounterMeasure
Expected Loss
Impact

12/19/16

33

Security Risk Analysis Indicates

WHAT??

12/19/16

34

Step-wise Procedure of
Security Risk Analysis

12/19/16

35

Risk Analysis Process

Risk Analysis Process involves three main elements:
1`. Impact Statement:It describe the damages that
may be caused
2. Effective measures: It gives the calculated
effectiveness of individual actions taken to counter
the impact of threats
3. Recommended countermeasures: It involves possible
actions that are cost effective and maintain security
of assets in a proper manner
12/19/16

36

Security Threats
Virus
o Polymorphic
o Stealth
o Macro Virus
Trojan Horse
Logic Bomb
Trapdoors
12/19/16

37

Trapdoors
Trap doors, also referred to asbackdoors, are bits of code
embedded in programs by the programmer(s) to quickly gain
access at a later time, often during the testing or debugging phase.
Hackers often plant a backdoor on previously compromised systems
to gain later access. Trap doors can be almost impossible to remove
in a reliable manner. Often, reformatting the system is the only sure
way.
It requires a userid and password to gain administrative rights
Some of the tools used to create trapdoor attacks are Back Orifice
and NetBus

12/19/16

38

E-mail Virus

E-mail virus is forwarded as a email attachment to its users

The dangers include remailing of attachments to all the contacts,destruction of
the files on computer system
So never open attachment from unknown sender
Have antivirus software installed and scan thew file before opening
Files with .EXE or .VBS extensions are always suspect, because once the file
name is clicked, the program is run, SHS files, a somewhat obscure file type,
can also contain executable code.
12/19/16

39

Malicious Software

Malicious software, commonly known as malware, is anysoftwarethat brings harm to

a computer system. Malware can be in the form of worms, viruses, trojans which steal
protected data, delete documents or addsoftwarenot approved by a user.
Malicious code can be categorized into :
a) Code that cause access violations: It can steal passwords,files and other confidential
data
b) Code that enable DOS attacks: It may prevent the user from using the system.It may
destroy the files that are open at the time of attack

12/19/16

40

Spoofing

Spoofing is always done with a intention

It means providing false information about ur identity to gain
unauthorized access
IP spoofing and DNS spoofing are the popular attacks
The objective of IP spoofing is to make the data look as if it had
come from a trusted source
The objective of DNS spoofing is to send the user to some other site
other than the one they want to visit
12/19/16

41

Other form of Spoofing

IP spoofing: It is the action of masking a computer
IP address so that it looks like it is
authentic.During this masking process the fake ip
address sends what appear to be a valid message

12/19/16

42

Other spoofing
Content Spoofing:It refers to hacking technique used to lure a user on a
website that looks legitimate.Hackers create a similar type of website by
using dynamic HTML and frames and let the user enter its personal data
Caller-id spoofing:It makes a call appear to have come from any phone
number the caller wishes(crazycall.net)(smsglobal.com)(Afreesms.com)
(freecallingfriends.com)
E-mail spoofing: It refers yo forgery of email header so that message appears
to have originated from a someone or somewhere other than actual sender
E-mail spoofing is possible because the SMTP protocol which is the main
protocol does not include authentication mechanism
To send spoofed email sendrs insert commands in header that will alter
message information
12/19/16

43

DOS attack
Denial of Service attack: (DoS) is any type of attack where the attackers
(hackers) attempt to prevent legitimate users from accessing the service. In a
DoS attack, the attacker usually sends excessive messages on the network
Although a DoS attack does not usually result in the theft of information or other
security loss, it can cost the target person or company a great deal of time and
money. DoS attacks have forced Web sites accessed by millions of people to
temporarily cease operation.
Common forms of denial of service attacks are:
Buffer Overflow Attacks
The most common kind of DoS attack is simply to send more traffic to a network
address The attacker may be aware that the target system has a weakness that
can be exploited or the attacker may simply try the attack in case it might work
12/19/16

44

Active vs Passive attack

An active attack is a network exploit in which a hacker attempts to make changes
to data on the target .There are many types of active attacks which are given
below:
In a masquerade attack, the intruder pretends to be a particular user of a system
to gain access or to gain greater privileges than they are authorized for. A
masquerade may be attempted through the use of stolen login IDs and passwords,
through finding security gaps in programs or through bypassing the authentication
mechanism.
In a session replay attack, a hacker steals an authorized users log in information
by stealing the session ID. The intruder gains access and the ability to do anything
the authorized user can do on the website.
In a message modification attack, an intruder alters packet header addresses to
direct a message to a different destination or modify the data on a target machine.

12/19/16

45

Passive Attacks
Passive attack:A passive attack is a network attack in which a system is
monitored and sometimes scanned for open ports and vulnerabilities. The
purpose is solely to gain information about the target and no data is changed on
the target.
Passive attacks include active reconnaissance and passive reconnaissance. In
passive reconnaissance, an intruder monitors systems for vulnerabilities without
interaction, through methods like session capture. In active reconnaissance, the
intruder engages with the target system through methods like port scans.
Another popular form of attack is the JavaScript or SQL injection. These attacks
make their related applications display information, which is not intended to be
displayed, to the user. These particular methods may be employed in either
passive network security attacks (reconnaissance), or active network security
attacks.

12/19/16

46