PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

A MICRO-PROJECT REPORT

COURSE NAME- NETWORK INFORMATION SECURITY

COURSE CODE- 22620

DEPARTMENT OF COMPUTER ENGINEERING

(2022-23)

ROLL NO NAME OF STUDENTS

7 Shreya Shinde.
8 Aniket Boke.

UNDER THE GUIDANCE OF

MRS. Patil S.A.

1
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

PART -A
Title of Microproject: Cyber Security
*Aim of the Micro – Project

Details Of Activity Planned Planned Name of responsible

Save date Finish date Team member

1. We plan to form the group of 2 7/4/2022 8/4/2022 All project members

students
2. We can select the topic of micro 9/4/2022 11/04/2022 Aniket Boke.
project
3. We plan to study about 12/04/2022 15/04/2022 Aniket Boke.
programming with python
4. We plan to note the all important 16/04/2022 18/04/2022 Aniket Boke.
points of micro project

5. We plan to prepare a basic 19/04/2022 20/04/2022 Aniket Boke.

information of micro project
6. We plan to select the one line 21/04/2022 21/04/2022 Aniket Boke.
which is effective and meaning
full.
7. Make the report on micro project 22/04/2022 23/04//2022 Shreya Shinde.

8. Edit the report 24/04/2022 24/04/2022 Aniket Boke. &

Shreya Shinde.

1) Study about decision making.

2) Collect relevant data from different sources.
3) Attempts alternative solution for micro project.

2
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

CONTENTS OF TABLE

 Chapter-1

Intoduction To Cyber Security Definition Scope Of The Study Methodology Of The

Study Limitations Of The Study The Indian Cyber Space

 Chapter-2

Types Of Cyber Threats Cyber Laws In India Types Of Security Threats Cyber Security
Threats In Different Areas

 Chapter-3

Conclusion

Roll No. Student Name Marks out of for Marks out of 4for Total out
performance in performance in
Of 10
group activity oral

7. Shreya Shinde
8. Aniket Boke

3
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

CHAPTER-1

INTRODUCTION
‘Over the years, Information Technology has transformed the global economy and connected
people and markets in ways beyond imagination. With the Information Technology gaining
the centre stage, nations across the world are experimenting with innovative ideas for
economic development and inclusive growth. An increasing proportion of the world’s
population is migrating to cyberspace to communicate, enjoy, learn, and conduct commerce.
It has also created new vulnerabilities and opportunities for disruption.
The cyber security threats emanate from a wide variety of sources and manifest themselves in
disruptive activities that target individuals, businesses, national infrastructure and
Governments alike. Their effects carry significant risk for public safety, security of nation
and the stability of the globally linked economy as a whole. The origin of a disruption, the
identity of the perpetrator or the motivation for it can be difficult to ascertain and the act can
take place from virtually anywhere. These attributes facilitate the use of Information
Technology for disruptive activities. As such, cyber security threats pose one of the most
serious economic and national security challenges. Cyberspace is such a term, which is not
yet completely defined and also has no geographical limitation. It is a term associated with
application of the Internet worldwide. It is also called as a virtual space as physical existence
of cyberspace is not detectable at all. Cyberspace is “the total interconnectedness of human
beings through computers and telecommunication without regard to physical geography.”
Information through computers is transferred in the form of Ones (1) and Zeros (0), which do
not inherently carry any separate information along with them for authentication. For
authentication purposes, additional information needs to be carried with cyberspace
transactions for identity purposes. Providing extra information in digital communication
introduces the possibility for identity theft. Because nothing prevents the transmission of
false identity information, or the duplication of another’s identity information. The
seriousness of this problem is highlighted when you consider that future technologies will
allow extremely important identifiers, such as a retinal scan or a fingerprint, to be represented

4
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

digitally. These biometrics characteristics are protected in real space because they are
embedded in the physical body of the person. This is lost in cyberspace. Thus, cyberspace
needs a system that allows individuals to verify their identities to others without revealing to
them the digital representation of their identities.

DEFINITION

Cyber Security is “the security of information and its communicating channels as applied
to computing devices such as computers and smart phones, as well as computer networks
such as private and public networks, including the Internet as a whole.” The field covers
all the processes and mechanisms by which computer-based equipment, information and
services are protected from unintended or unauthorized access, change or destruction.
Computer security also includes protection from unplanned events and natural disasters.
Cyber security is a complex issue that cuts across multiple domains and calls for
multidimensional, multilayered initiatives and responses. It has proved a challenge for
governments all around the world. The task is made difficult by the inchoate and diffuse
nature of the threats and the inability to frame an adequate response in the absence of
tangible perpetrators. The rapidity in the development of information technology (IT) and
the relative ease with which applications can be commercialized has seen the use of
cyberspace expand dramatically in its brief existence. From its initial avatar as a N/W
created by academics for the use of the military, it has now become a global
communications platform for socio-economic issues as well as for commercial and social
purposes. The increasing centrality of cyberspace to human existence is exemplified by
facts and figures brought out recently by the International Telecommunications Union
(ITU), according to which,

 The number of Internet users has doubled between 2005 and 2010 and surpasses
5
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

2billion.
 Users are connecting through a range of devices from the personal computer (PC)
to themobile phone, and using the Internet for a variety of purposes from
communication to ecommerce, to data storage for several services.

The rise in the Internet population has meant that while the threats and vulnerabilities
inherent to the Internet and cyberspace might have remained more or less the same as
before, the probability of disruption has grown apace with the rise in the number of users.
While such disruptions are yet to cause permanent or grievous damage worldwide, they
serve as a wake-up call to the authorities concerned to initiate measures to improve the
security and stability of cyberspace in terms of their own security. Governments are
constrained in their responses by pressures exerted by politico-military-national security
actors at one end and economic-civil society actors at the other.

SCOPE OF THE STUDY:

To understand the awareness among the public regarding cyber security issues in India. The
study is restricted to the 50 respondents who are randomly selected with in the twin cities of
Hyderabad and Secunderabad.

METHODOLOGY:
Sources of data collection:
 Primary data
 Secondary data
6
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

The main source of primary data is questionnaire consisting of simple questions

prepared and distributed to respondents for collection of data on awareness in public
regarding web search engines.
SECONDARY DATA:
The main source of secondary data includes Books, Magazines, Newspapers, Articles and
Journals and websites. SAMPLE SIZE:
For the present study, 50 respondents were selected at random.

LIMITATIONS OF THE STUDY

 The study is conducted in Hyderabad and Secunderabad only.

 The study is restricted to the users of web search engine only.

 Time perspective is also one of the elements in limiting the scope of this study.

INDIAN CYBER SPACE

• The National Informatics Centre (NIC) was set up as early as 1975 with the goal
of providing IT solutions to the government.
• Between 1986 and 1988, three N/Ws were set up:
• INDONET, connecting the IBM mainframe installations that made up India’s
computer infrastructure;
• NICNET (the NIC Network), being a nationwide very small aperture terminal
(VSAT) N/W for public sector organizations as well as to connect the central
government with the state governments and district administrations;
• The Education and Research Network (ERNET), to serve the academic and research
communities.
7
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

• Policies such as the New Internet Policy of 1998 paved the way for multiple
Internet service providers (ISPs) and saw the Internet user base grow from 1.4
million in 1999 to over 15 million by 2003.

• By June2012, Internet users in India were approx. 12.5% of the total population (approx.

137 million).

 According to the Internet and Mobile Association of India (IAMAI),

 The internet user base in India is projected to touch 243 million by June 2014, with
a year-on-year growth of 28%.

This exponential growth is again expected to continue in recent future with more and
more people accessing the web through mobile phones and tablets, with the government
making a determined push to increase broadband(>4mbps) penetration from its present
level of about 6%. bEven though the Indian government was a late convert to
computerization, there has been an increasing thrust on e-governance, seen as a cost
effective way of taking public services to the masses across the country.

Critical sectors such as Defence, Energy, Finance, Space, Telecommunications,

Transport, Land Records, Public Essential Services and Utilities, Law Enforcement and
Security all increasingly depend on N/Ws to relay data, for communication purposes and
for commercial transactions.
The National e-governance Program (Ne GP) is one of the most ambitious in the world
and seeks to provide more than 1200 governmental services online. Schemes like ‘Rajiv
Gandhi scheme for broadband to PRIs’ and National Optic Fiber Network (NOFN)
missionare already dedicated to accelerate cyber connectivity in far reaching areas of
country.

• Under The National Broadband Plan, the target for broadband is 160 million
8
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

householdsby 2016. Despite the low numbers in relation to the population, Indians have
been active users of the Internet across various segments.

• Similar level of penetration has also been seen in the social networking arena,
which isthe most recent entrant to the cyber platform. India currently has the fastest
growing user base for Facebook and Twitter, the two top social networking sites.

CHAPTER-2

TYPES OF CYBER THREATS

As we grow more dependent on the Internet for our daily activities, we also become more
vulnerable to any disruptions caused in and through cyberspace. The rapidity with which
this sector has grown has meant that governments and private companies are still trying to
figure out both the scope and meaning of security in cyberspace and apportioning
responsibility.

Cyber threats can be disaggregated, based on the perpetrators and their motives, into four
baskets:

1. Cyber Espionage,

2. Cyber Crime

3. Cyber Terrorism

4. Cyber Warfare

Cyber Espionage:

Cyber espionage, is “the act or practice of obtaining secret information without the
9
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

permission of the holder of the information (personal, sensitive, proprietary or of

classified nature), from individuals, competitors, rivals, groups, governments and enemies
for personal, economic, political or military advantage using methods on the Internet,
networks or individual computers through the use of cracking techniques and malicious
software including Trojan horses and spyware.”

Simply said, Cyber espionage is “The use of computer networks to gain illicit access to
confidential information, typically that held by a government or other organization.”

India: Victim of Chinese Cyber Espionage

1. Cyber-attack by Chinese crackers at the computers in the Prime Minister’s Office

(PMO) was reported in 2009.
2. In August 2015, security firm Fire Eye revealed an intense activity of hackers
based inChina particularly interested in entities and organization linked to the
Indian Government as well as in information on Tibetan activists. The cyber
espionage group sent targeted spear-phishing e-mails to its intended victims, with
Microsoft Word attachments containing information on regional diplomatic issues
.It said that collecting intelligence on India remains a key strategic goal for China-
based APT groups, and these attacks on India and its neighboring countries reflect
growing interest in its foreign affairs.

Cyber Crime/ Cyber Attacks :

Cyber-attack is “any type of offensive maneuver employed by individuals or whole

organizations that targets computer information systems, infrastructures, computer
networks with an intention to damage or destroy targeted computer network or system.”

These attacks can be labeled either as Cyber-campaign, Cyber-warfare or Cyber-terrorism

depending upon the context, scale and severity of attacks. Cyber-attacks can range from
10
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

installing spyware on a PC to attempts to destroy the critical infrastructure of entire

nations.The increasing online population has proved a happy hunting ground for cyber
criminals, with losses due to cyber- crime being in billions of dollars worldwide.

While other countries are reporting enormous losses to cyber-crime, as well as threats to
enterprises and critical information infrastructure (CII), there are hardly any such reports
coming out of India other than those relating to cyber espionage.

 Though the report of the National Crime Records Bureau (NCRB) in 2010
reported anincrease of 50% in cyber-crime over the previous year, the numbers
were quite small in absolute terms.
 On 12 July 2012, a high profile cyber-attack breached the email accounts of
about12,000 people, including those of officials from the Ministry of External
Affairs, Ministry of Home Affairs, Defence Research and Development
Organization (DRDO), and the IndoTibetan Border Police (ITBP).

 In February 2013, The Executive Director of the Nuclear Power Corporation of

India(NPCIL) stated that his company alone was forced to block up to ten targeted
attacks a day.

Cyber Terrorism:

Acts of Terrorism related to cyber space and /or executed using Cyber technologies are
popularly known as ‘cyber terrorism’.

Definitions of cyber terrorism

“Cyber terrorism is the convergence of terrorism and cyber space. It is generally
understood to mean unlawful attacks and threats of attacks against computers, networks,
and information stored therein when done to intimidate or coerce a government or its
people in furtherance of political or social objectives, Further, to qualify as cyber terrorism,

11
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

an attack should result in violence against persons or property or at least cause enough
harm to generate fear, Serious attacks against critical infrastructures could be acts of cyber
terrorism depending upon their impact.”

This is one of the most comprehensive definitions of cyber terrorism. But even this has a
limitation. It states that for an attack to qualify as a cyber-terrorism it should lead to
violence. This is more conventional. Terrorist may direct an attack only to disrupt key
services, If they create panic by attacking critical systems/infrastructure there is no need
for it to lead to violence. In fact such attacks can be more dangerous. In the last couple of
decades India has carved a niche for itself in IT. Most of the Indian banking industry and
financial institutions have embraced IT to its full optimization.
Reports suggest that cyber-attacks are understandably directed toward economic and
financial institutions. Given the increasing dependency of the Indian economic and
financial institutions on IT, a cyber-attack against them might lead to an irreparable
collapse of our economic structures. And the most frightening thought is the
ineffectiveness of reciprocal arrangements or the absence of alternatives.

Cyber Warfare:

The Fifth domain of warfare the evolution of technology impacts the nature of conflict
and war. Cyber Warfare is a very recent yet evolving phenomenon.

In the absence of a formal definition of cyber warfare, we may define it as “actions by a

nation-state or its proxies to penetrate another nation’s computers or networks for the
purposes of espionage, causing damage or disruption”. These hostile actions against a
computer system or N/W can take two forms: cyber exploitation and cyber-attacks.

Types of Security threats: -

12
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

Cybercrimes consist of specific crimes dealing with computers and networks, such as
hacking, phishing and the facilitation of traditional crime through the use of computers
(child pornography, hate crimes, telemarketing/internet fraud). A brief introduction to
some common cyber related violations, or cybercrimes as they are more commonly
referred to are discussed below:
 Hacking
Hacking in simple terms means an illegal intrusion into a computer system and/or
network. There is an equivalent term to hacking i.e. cracking, but from Indian legal
perspective there is no difference between the term hacking and cracking. Every act
committed towards breaking into a computer and/or network is hacking. Hackers write
or use ready-made computer programs to attack the target computer.
 Child Pornography
The Internet is extensively used for sexual abuse of children. As more homes have access
to internet, more children are accessing it and this enhances their vulnerability of falling
victims to the aggression of paedophiles. Paedophiles (a person who is sexually attracted
to children) lure the children by distributing pornographic material and then pursue them
for sexual exploitation. Sometimes paedophiles contact children in chat rooms posing as
teenagers or children of similar age; they win the confidence of these children, and then
induce them into sexually provocative discussions. Then begins the actual exploitation of
children.
 Cyber Stalking
This term is used to refer to the use of the internet, e-mail, or other electronic
communications devices to stalk another person. Cyber stalking can be defined as the
repeated acts of harassment or threatening behavior of the cyber-criminal towards the
victim by using internet.
 Denial of Service
This is a technology driven cyber intrusion, where by the influencer floods the bandwidth

13
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

or blocks the user’s mails with spam mails depriving the user, access to the Internet and
the services provided there from. A DoS Attack (as it is commonly known) can be
perpetrated in a number of ways.
 Dissemination of Malicious Software (Malware)
Malware is defined as software designed to perform an unwanted illegal act via the
computer network. It could be also defined as software with malicious intent. Malware
can be classified based on how they get executed, how they spread, and/or what they do.
Some of them are discussed below.

a) Virus
A virus is a program that can infect other programs by modifying them to include a
possible evolved copy of itself. A virus can spread throughout a computer or network
using the authorization of every user using it to infect their program. Every program
so infected may also act as a virus and thus the infection grows. Viruses normally
affect program files, but in some cases they also affect data files disrupting the use of
data and destroying them completely.
b) Worms
Worms are also disseminated through computer networks, unlike viruses, computer
worms are malicious programs that copy themselves from system to system, rather than
infiltrating legitimate files. For example, a mass mailing e-mail worm is a worm that
sends copies of itself via e-mail. A network worm, on the other hand makes copies of
itself throughout a network, thus disrupting an entire network.
c) Trojans
Trojan is another form of Malware; trojans do things other than what is expected by the
user. Trojan or trojan horse is a program that generally impairs the security of a system.
Trojans are used to create back-doors (a program that allows outside access into a secure
network) on computers belonging to a secure network so that a hacker can have access to
the secure network. Unlike viruses, Trojan horses do not replicate themselves but they can
14
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

be just as destructive. One of the most insidious types of Trojan horse is a program that
claims to rid your computer of viruses but instead introduces viruses onto your computer.
d) Hoax
Hoax is an e-mail that warns the user of a certain system that is harming the computer. The
message thereafter instructs the user to run a procedure (most often in the form of a
download) to correct the harming system.
When this program is run, it invades the system and deletes an important file.

e) Spyware
Spyware invades a computer and, as its name implies, monitors a user’s activities
without consent. Spywares are usually forwarded through unsuspecting e-mails with
bonafide email i.ds. Spyware continues to infect millions of computers globally.

 Phishing
Phishers lure users to a phony web site, usually by sending them an authentic appearing
email. Once at the fake site, users are tricked into divulging a variety of private information,
such as passwords and account numbers.

Cyber Security Issues In India:-

The Current And Present Dangers Of Aadhaar Hacking

15
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

Cyber security is a complicated field to manage and even the most ardent players of cyber
security are aware that absolute cyber security is a myth. So if anybody is claiming that
his/her system, software or project is 100% cyber secure, he/she is simply ignorant of the
ground realities as exist in the cyberspace. Till sometime back, cyber warfare was
considered as a fiction and not reality. But with growing incidences of cyber espionage,
cyber terrorism and even cyber warfare, countries have started taking their critical
infrastructures seriously. Nevertheless, the task to secure these critical infrastructures is
next to impossible as the bad guys are always many steps ahead of the government and its
agencies. Aadhaar is one such highly sensitive and highly insecure project of India
government that is neither prudent nor secure. It only has a false sense of security that
government is projecting to divert the attention of critics of Aadhaar. But real cyber
security professionals are well aware of the dangers of Aadhaar project that has put the
lives and properties of Indians in great peril.

In reality, Aadhaar has created serious constitutional anomaly and irresolvable cyber
security issues that would always jeopardise rule of law and personal safety and security
of Indians. No matter whatever Indian government tells you, stay away from Aadhaar.
And if you have already made an Aadhaar, deseed it from all services and block your
biometric as soon as possible so that it cannot be abused by government and private
individuals.

16
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

CHAPTER-5

CONCLUSION:

Community in cyberspace is based on the interaction between people. Cyberspace has an

important social aspect to it that must not be overlooked. Cyberspace can be treated as a
channel touching portion of real space at key points. Ideas are passed through the
channel, and business is transacted through this channel. The cyberspace communities are
members of the global community interacting on a different plane than in real space.

With the huge growth in the number of Internet users all over the world, the security of
data and its proper management plays a vital role for future prosperity and potentiality. It
is concerned with people trying to access remote service is that they are not authorized to
use.

Rules for compulsory wearing of helmet for bikers by government authorities, has no
benefit for them, it is for our own safety and life. Same we should understand our
responsibilities for our own cyberspace and should at least take care of safety for our
personal devices. These steps include installation of antivirus software and keeping it
updated, installing personal firewalls and keeping rules updated. We should monitor and
archive all security logs. We should have backup of important data. Our devices should
17
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

be protected by passwords and there should be restricted access to sensitive data on our
devices. And above all, we should aspire for more computer literacy to understand the
safety issues related to our cyberspace. At the same time we need to utilize the
specialization of private sector in the field of cyber security and government should
promote more PPP projects for the national cyberspace.

18