Vallurupalli Nageswara Rao Vignana Jyothi Institute of

Engineering &Technology

Department of Computer Science & Engineering

SUBJECT: (22PE1CS304) CYBER SECURITY

Dr.K.Srinivas

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 1

 COURSE OBJECTIVES:

▪ To summarize various types of cyber-a acks and cyber-crimes

▪ To understand cyber laws and the concepts of digital forensics
▪ To discuss safety measures for the protection of mobile and wireless devices
▪ To learn the organizational security implications and threats
▪ To study the impact of data privacy a acks on various domains

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 2

▪ COURSE OUTCOMES: After completion of the course, the student should be
able to
▪ CO-1: Identify the need of cyber security and various types of a acks
▪ CO-2: Understand national and international regulations of cyber security
and cyber
▪ forensics
▪ CO-3: Interpret the security challenges related to mobile and wireless
devices
▪ CO-4: Analyze the security and privacy implications of an organization
▪ CO-5: Examine the data privacy concepts and cybercrime in di erent
domains

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 3

 UNIT-1
▪ Introduction to Cyber Security: Basic Cyber Security Concepts, layers of
security,
▪ Vulnerability, threat, Harmful acts, Internet Governance Challenges and
Constraints,
▪ Computer Criminals, CIA Triad, Assets and Threat, motive of a ackers, active
a acks,
▪ passive a acks, Software a acks, hardware a acks, Cyber Threats-Cyber
Warfare,
▪ Cyber Crime, Cyber terrorism, Cyber Espionage, etc., Comprehensive Cyber
Security
▪ Policy.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 4

▪ UNIT-II:
▪ Cyberspace and the Law & Cyber Forensics: Introduction, Cyber Security
Regulations,
▪ Roles of International Law. The INDIAN Cyberspace, National Cyber Security
Policy,
▪ Historical background of Cyber forensics, Digital Forensics Science, The
Need for
▪ Computer Forensics, Cyber Forensics and Digital evidence, Forensics
Analysis of Email,
▪ Digital Forensics Lifecycle, Forensics Investigation, Challenges in Computer
Forensics

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 5

▪ UNIT-III:
▪ Cybercrime: Mobile and Wireless Devices: Introduction, Proliferation of Mobile
and
▪ Wireless Devices, Trends in Mobility, Credit card Frauds in Mobile and
Wireless
▪ Computing Era, Security Challenges Posed by Mobile Devices, Registry
Settings for
▪ Mobile Devices, Authentication service Security, Attacks on Mobile/Cell
Phones,
▪ Organizational security Policies and Measures in Mobile Computing Era,
Laptops

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 6

▪ UNIT-IV:
▪ Cyber Security: Organizational Implications: Introduction, cost of cybercrimes
and IPR
▪ issues, web threats for organizations, OWASP top 10 web application security
risks,
▪ social media marketing: security risks and perils for organizations, social
computing
▪ and the associated challenges for organizations

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 7

▪ UNIT-V:
▪ Privacy Issues: Basic Data Privacy Concepts: Fundamental Concepts, Data
Privacy
▪ Attacks, Data linking and profiling, privacy policies and their specifications,
privacy
▪ policy languages, privacy in different domains- medical, financial, etc
Cybercrime:
▪ Examples and Mini-Cases Examples: Official Website of Maharashtra
Government
▪ Hacked, Indian Banks Lose Millions of Rupees, Parliament Attack, Pune City
Police Bust
▪ Nigerian Racket, e-mail spoofing instances. Mini Cases: The Indian Case of
Online
▪ Gambling, An Indian Case of Intellectual Property Crime, Financial Frauds in
Cyber
▪ Domain.
Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 8
▪ TEXT BOOKS:
▪ 1. Cyber Security Understanding Cyber Crimes, Computer Forensics and
Legal
▪ Perspectives, Nina Godbole and Sunit Belpure, Wiley
▪ 2. Computer and Cyber Security: Principles, Algorithm, Applications, and
▪ Perspectives, B. B. Gupta, D. P. Agrawal, Haoxiang Wang, CRC Press

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 9

PRIMARY TEXT BOOK

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 10

 UNIT-1
1. Introduction to Cyber Security: Basic Cyber Security Concepts,
2. layers of security,
3. Vulnerability,
4. threat,
5. Harmful acts,
6. Internet Governance Challenges and Constraints,
7. Computer Criminals,
8. CIA Triad,
9. Assets and Threat,
10. motive of a ackers,
11. active a acks,passive a acks,
12. Software a acks, hardware a acks,
13. Cyber Threats-Cyber Warfare,Cyber Crime,
14. Cyber terrorism, Cyber Espionage, etc.,
15. Comprehensive Cyber Security Policy.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 11

 What is computer security?

▪ ⚪ protection of computer systems from the theft of or damage to their

hardware, software, or electronic data, as well as from the disruption or

⚫
misdirection of the services they provide
▪
⚪
What is network security?
▪ protection of the access to files and directories in a computer network

⚫
against hacking, misuse and unauthorized changes to the system.
▪
⚪
What is meant by cyber security?
▪ techniques to protect computers, networks, programs and data from
unauthorized access or attacks that are aimed for exploitation

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 12

 Cyber security introduction:

▪ • Cyber security is the most concerned and matter as cyber threats and
attacks
▪ overgrowing.
▪ • Attackers are now using more sophisticated techniques to target the
systems.
▪ • Individuals and small scale businesses and large scale businesses all are
being
▪ impacted.
▪ • So all these are understood the importance of cyber security and adopting
all
▪ possible measures to deal with cyber threats

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 13

Cyber security introduction:

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 14

 Why is cyber security important?

▪ Cyber attacks can be extremely expensive for

▪ businesses to endure.
▪ • In addition to financial damage suffered by the
▪ business, a data breach can also inflict untold
▪ reputational damage.
▪ • Cyber-attacks these days are becoming progressively
▪ destructive. Cybercriminals are using sophisticated
▪ ways to initiate cyber attacks.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 15

Cyber security introduction:

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 16

 Cyber security
▪ Cyber security is a subset of information security which deals with

security of data at storage and transit, whereas network security is a

subset of cyber security which is concerned with protecting the IT

infrastructure of an organization and restricts access to it.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 17

 CIA
▪
⚪
Confidentiality
▪
⚫
The assets are accessible only by authorized parties.
▪
⚪
Integrity
▪ The assets are modified only by authorized parties, and only in authorized

⚫
ways.
▪
⚪
Availability
▪ Assets are accessible to authorized parties

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 18

 PASSIVE ATTACK
▪ Passive Attack - A Passive attack attempts to learn or make use of
information from the system but does not affect system resources. Passive
Attacks are in the nature of eavesdropping on or monitoring of transmission.
The goal of the opponent is to obtain information is being transmitted. Types
of passive attacks are
▪ Tapping, Encryption, Scanning and Traffic Analysis

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 19

 ACTIVE ATTACK
▪ Active Attack - An Active attack attempts to alter system resources or effect

their operations. Active attack involve some modification of the data stream or

creation of false statement. Types of active attacks are:

▪ oMasquerade, Replay, Modification of messages, Denial of Service (DOS)

Attacks

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 20

 PASSIVE ATATCKS

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 21

 ACTIVE ATTACKS
▪ Masquerade - is a type of attack where the attacker pretends to be an
authorized user of a system in order to gain access to it or to gain greater
privileges than they are authorized for.
▪ Replay - It occurs when a cybercriminal eavesdrops on a secure network
communication, intercepts it and then fraudulently delays or resends it to
misdirect the receiver into doing what the hacker wants.

▪ Message modification is an attack in which an attacker intercepts messages

and changes their contents.
▪ Denial-of-Service (DoS) attack is an attack meant to shut down a machine
or network, making it inaccessible to its intended users

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 22

 Computing System Vulnerabilities

▪
⚫
Hardware vulnerabilities
▪
⚫
Software vulnerabilities
▪
⚫
Data vulnerabilities
▪ Human vulnerabilities

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 23

 WHAT IS CYBER SECURITY
▪ "Cyber security is primarily about people, processes, and
technologies working together to encompass the full range of threat
reduction, vulnerability reduction, deterrence, international
engagement, incident response, resiliency, and recovery policies and
activities, including computer network operations, information
assurance, law enforcement, etc."Cyber security is the body of
technologies, processes, and practices designed to protect networks,
computers, programs and data from a ack, damage or unauthorized
access.The term cyber security refers to techniques and practices
designed to protect digital data.The data that is stored, transmi ed
or used on an information system.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 24

 WHY WE NEED CYBER SECURITY
▪ Listed below are the reasons why cyber security is so important in
what’s become a predominant digital world:i. Cyber a acks can be
extremely expensive for businesses to endure.ii. In addition to
nancial damage su ered by the business, a data breach can also
in ict untold reputational damage.iii. Cyber-a acks these days are
becoming progressively destructive. Cybercriminals are using more
sophisticated ways to initiate cyber-a acks.iv. Regulations such as
GDPR are forcing organizations into taking be er care of the
personal data they hold.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 25

 Fundamental Objectives of Cyber
security
▪ Substandard backup and recovery
▪ 2. Weak authentication management
▪ 3. poor network monitoring
▪ 4. end – user errors and/or misuses
▪ 5. inadequate end point security

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 26

 Fundamental Objectives of Cyber
security
▪ Confidentiality, integrity, and availability, also known
▪ as the CIA triad, is a model designed to guide companies
▪ and organizations to form their security policies.
▪ • Technically, cyber security means protecting information
▪ from unauthorized access, unauthorized modification,
▪ and unauthorized deletion in order to
▪ provide confidentiality, integrity, and availability.
▪ • Let’s explore these components and some of the
▪ information security measures which are designed to
▪ assure the safety of each component

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 27

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 28
 Confidentiality

▪ • Confidentiality is about preventing the disclosure of data

▪ to unauthorized parties.
▪ • It also means trying to keep the identity of authorized
▪ parties involved in sharing and holding data private and
▪ anonymous.
▪ • Standard measures to establish confidentiality include:
▪ Data encryption
▪ Two-factor authentication
▪ Biometric verification
▪ Security tokens

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 29

 Integrity

▪ • Integrity refers to protecting information from being

▪ modified by unauthorized parties.
▪ • It is a requirement that information and programs are
▪ changed only in a specified and authorized manner.
▪ • Malicious Malware Software attacks a computer or
▪ network in the form of viruses, worms, trojans, spyware,
▪ adware or rootkits.
▪ • Their mission is often targeted at accomplishing unlawful
▪ tasks such as robbing protected data, deleting
▪ confidential documents or add software without the
▪ user consent.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 30

 Availability

▪ • The ability of a computer system to ensure that the authorized user has
▪ used the file. Only the authorized system or user can use the information in
▪ files.
▪ • Standard measures to guarantee availability include:
▪ Backing up data to external drives
▪ Implementing firewalls Having backup power
▪ supplies
▪ Data redundancy is a condition created within a database or data storage
▪ technology in which the same piece of data is held in two separate places.
▪ This can mean two different fields within a single database

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 31

 There are the 5 cyber security
vulnerabilities
▪ 1. Substandard backup and recovery
▪ 2. Weak authentication management
▪ 3. poor network monitoring
▪ 4. end – user errors and/or misuses
▪ 5. inadequate end point security
There are many causes of vulnerabilities
including:
▪ Complexity: Complex systems increase the probability of a flaw, misconfiguration or
unintended access.
▪ Familiarity: Common code, software, operating systems and hardware increase the
probability that an attacker can find or has information about known vulnerabilities.
▪ Connectivity: The more connected a device is the higher the chance of a vulnerability.
▪ Poor password management: Weak passwords can be broken with brute force and
reusing passwords can result in one data breach becoming many.
▪ Operating system flaws: Like any software, operating systems can have flaws. Operating
systems that are insecure by default and give all users full access can allow viruses and
malware to execute commands.
▪ Internet usage: The Internet is full of spyware and adware that can be installed
automatically on computers.
▪ Software bugs: Programmers can accidentally or deliberately leave an exploitable bug in
software.
▪ Unchecked user input: If your website or software assume all input is safe it may execute
unintended SQL commands.
▪ People: The biggest vulnerability in any organization is the human at the end of the system.
Social engineering is the biggest threat to the majority of organizations.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 33

 What is vulnerability management?

▪ Vulnerability management is a cyclical practice of identifying, classifying,

remediating and mitigating security vulnerabilities.

▪ The essential elements of vulnerability management include vulnerability

detection, vulnerability assessment and remediation (or) Mitigation.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 34

 vulnerability assessment process:
Once a vulnerability is found, it goes through the
▪ Identify vulnerabilities: Analyzing network scans, pen test results, firewall
logs, and vulnerability scan results to find anomalies that suggest a cyber
attack could take advantage of a vulnerability.
▪ Verify vulnerabilities: Decide whether the identified vulnerability could be
exploited and classify the severity of the exploit to understand the level of
risk
▪ Mitigate vulnerabilities: Decide on countermeasures and how to measure
their effectiveness in the event that a patch is not available.
▪ Remediate vulnerabilities: Update affected software or hardware where
possible.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 35

 What is vulnerability scanning?

▪ A vulnerability scanner is software designed to assess computers, networks

or applications for known vulnerabilities. They can identify and detect
vulnerabilities rising from misconfiguration and flawed programming within
a network and perform authenticated and unauthenticated scans.
▪ Penetration testing, also known as pen testing or ethical hacking, is the
practice of testing an information technology asset to find security
vulnerabilities an attacker could exploit. Penetration testing can be
automated with software or performed manually.
▪ Either way, the process is to gather information about the target, identify
possible vulnerabilities and attempt to exploit them and report on the
findings.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 36

 Vulnerabilities can be classified into six
broad categories:
▪ Hardware: Susceptibility to humidity, dust, soiling, natural disaster,
poor encryption or firmware vulnerability.
▪ Software: Insufficient testing, lack of audit trail, design flaws, memory safety
violations (buffer overflows, over-reads, dangling pointers), input validation errors
(code injection, cross-site scripting (XSS), directory traversal, email injection,
format string attacks, HTTP header injection, HTTP response splitting, SQL
injection), privilege-confusion bugs (clickjacking, cross-site request forgery, FTP
bounce attack), race conditions (symlink races, time-of-check-to-time-of-use bugs),
side channel attacks, timing attacks and user interface failures (blaming the victim,
race conditions, warning fatigue).
▪ Network: Unprotected communication lines, man-in-the-middle attacks, insecure
network architecture, lack of authentication or default authentication.
▪ Personnel: Poor recruiting policy, lack of security awareness and training, poor
adherence to security training, poor password management or downloading
malware via email attachments.
▪ Physical site: Area subject to natural disaster, unreliable power source or no
keycard access.
▪ Organizational: Lack of audit, continuity plan, security or incident response plan.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 37

 THREATS
▪ A cyber or cyber security threat is a malicious act that seeks to damage data,
steal data, or disrupt digital life in general. Cyber threats include computer
viruses, data breaches, Denial of Service (DoS) attacks and other attack
vectors.
▪ Cyber threats also refer to the possibility of a successful cyber attack that
aims to gain unauthorized access, damage, disrupt, or steal an information
technology asset, computer network, intellectual property or any other form
of sensitive data. Cyber threats can come from within an organization by
trusted users or from remote locations by unknown parties.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 38

 What are examples of cyber threats?

▪ Common cyber threats include:

▪ Malware: Malware is software that does malicious tasks on a device or
network such as corrupting data or taking control of a system.
▪ Spyware: Spyware is a form of malware that hides on a device providing real-
time information sharing to its host, enabling them to steal data like bank
details and passwords.
▪ Phishing attacks: Phishing is when a cybercriminal attempts to lure
individuals into providing sensitive data such as personally identifiable
information (PII), banking and credit card details and passwords.
▪ Distributed denial of service (DDoS) attacks: Distributed denial of service
attacks aim to disrupt a computer network by flooding the network with
superfluous requests to overload the system and prevent legitimate requests
being fulfilled.
▪ Ransomware: Ransomware is a type of malware that denies access to a
computer system or data until a ransom is paid.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 39

 Harmful acts
▪ This is general term that covers crimes such as phishing, spoofing, DoS
(Denial of Service) attack, credit card fraud, online transaction fraud,
cyber defamation, child pornography, kidnapping a person using chat rooms,
stalking a person using Internet as medium, unauthorised access
to computer system, cyber terrorism.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 40

 Internet Governance – Challenges
and Constraints
▪ “Internet governance is the development and application of shared
principles, norms, rules, decision-making procedures, and programs that
shape the evolution and use of the Internet”
▪ Internet governance includes activities of a variety of stakeholders, including
governments, private and civil society organizations.
▪ It is characterized by “shared global ownership without central control,
innovations based on open and interoperable frameworks”.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 41

 Computer Criminals
▪ Computer crime is an act performed by a knowledgeable computer user,
sometimes referred to as a hacker that illegally browses or steals a
company's or individual's private information. In some cases, this person or
group of individuals may be malicious and destroy or otherwise corrupt
the computer or data files.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 42

 ASSETS AND THREATS
▪ In information security, computer security and network security, an asset is
any data, device, or other component of the environment that supports
information-related activities. Assets generally include hardware (e.g. servers
and switches), software (e.g. mission critical applications and support
systems) and confidential information. Assets should be protected from illicit
access, use, disclosure, alteration, destruction, and/or theft, resulting in loss
to the organization.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 43

 MOTIVE OF ATTACKERS
▪ The motivations for cyber criminals can be quite simple. The two that make
up the huge majority are money and information. According to a Verizon
Enterprise report, financial and espionage-driven motivation make up a full
93% of motivation for attacks.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 44

 Types of Cyber Attacks
▪ A cyber-attack is an exploitation of computer
▪ systems and networks.
▪ • It uses malicious code to alter computer code,
▪ logic or data and lead to cybercrime
▪ • Cyber-attacks can be classified into the
▪ following categories:
▪ • 1) Web-based attacks 2) System-based attacks

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 45

 Types of Cyber Attacks
▪ Web-based attacks These are the attacks
▪ which occur on a website or web applications.
▪ Some of the important web-based attacks are
▪ as follows
▪ occur on a website or web applications.
▪ Some of the important web-based attacks are as
▪ follows:
▪ Injection attacks
▪ It is the attack in which some data will be
▪ injected into a web application to manipulate the
▪ application and fetch the required information.
▪ Example- SQL Injection, code Injection, log
▪ Injection, XML Injection etc

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 46

 Types of Cyber Attacks
▪ 2. DNS Spoofing
▪ • DNS Spoofing is a type of computer security
▪ hacking.
▪ • Whereby a data is introduced into a DNS
▪ resolver's cache causing the name server to
▪ return an incorrect IP address, diverting traffic to
▪ the attackers computer or any other computer.
▪ • The DNS spoofing attacks can go on for a long
▪ period of time without being detected and can
▪ cause serious security issues

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 47

 Types of Cyber Attacks
▪ 3.Session Hijacking
▪ • It is a security attack on a user session over a
▪ protected network.
▪ • Web applications create cookies to store the
▪ state and user sessions.
▪ • By stealing the cookies, an attacker can have
▪ access to all of the user data

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 48

 Types of Cyber Attacks
▪ 4. Phishing
▪ • Phishing is a type of attack which attempts to
▪ steal sensitive information like user login
▪ credentials and credit card number

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 49

 Types of Cyber Attacks
▪ 5. Brute force
▪ • It is a type of attack which uses a trial and
▪ error method.
▪ • This attack generates a large number of
▪ guesses and validates them to obtain actual
▪ data like user password and personal
▪ identification number.
▪ • This attack may be used by criminals to crack
▪ encrypted data, or by security, analysts to test
▪ an organization's network security

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 50

 Types of Cyber Attacks
▪ 6. Denial of Service
▪ • It is an attack which meant to make a server or network resource
▪ unavailable to the users. I
▪ • t accomplishes this by flooding the target with traffic or sending it
▪ information that triggers a crash.
▪ • It uses the single system and single internet connection to attack
▪ a server.
▪ • It can be classified into the following:
▪ • Volume-based attacks- Its goal is to saturate the bandwidth of the
▪ attacked site, and is measured in bit per second. Protocol attacks-
▪ It consumes actual server resources, and is measured in a packet.
▪ • Application layer attacks- Its goal is to crash the web server and is
▪ measured in request per second.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 51

 Types of Cyber Attacks
▪ 7. Dictionary attacks
▪ • This type of attack stored the list of a
▪ commonly used password and validated them
▪ to get original password
▪ 8. URL Interpretation
▪ • URL stands for Uniform Resource Locator. It is
▪ the address of a resource, which can be a
▪ specific webpage or a file, on the internet. It is
▪ also known as web address when it is used
▪ with http.
▪ • It is a type of attack where we can change the
▪ certain parts of a URL, and one can make a
▪ web server to deliver web pages for which he
▪ is not authorized to browse.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 52

 Types of Cyber Attacks
▪ 9. File Inclusion attack
▪ • It is a type of attack that allows an attacker to
▪ access unauthorized or essential files which is
▪ available on the web server or to execute
▪ malicious files on the web server by making
▪ use of the include functionality

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 53

 Types of Cyber Attacks
▪ 10. Man in the middle attacks
▪ • It is a type of attack that allows an attacker to
▪ intercepts the connection between client and
▪ server and acts as a bridge between them.
▪ • Due to this, an attacker will be able to read,
▪ insert and modify the data in the intercepted
▪ connection.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 54

 System-based attacks
▪ • These are the attacks which are intended to compromise a
▪ computer or a computer network. Some of the important
▪ system-based attacks are as follows:
▪ 1. Virus: It is a type of malicious software program that
▪ spread throughout the computer files without the
▪ knowledge of a user.
▪ 2. It is a self-replicating malicious computer program that
▪ replicates by inserting copies of itself into other computer
▪ programs when executed.
▪ 3. It can also execute instructions that cause harm to the
▪ system

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 55

 Types of Cyber Attacks
▪ 2. Worm
▪ • It is a type of malware whose primary function
▪ is to replicate itself to spread to uninfected
▪ computers.
▪ • It works same as the computer virus. Worms
▪ often originate from email attachments that
▪ appear to be from trusted senders

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 56

 System-based attacks
▪ 3. Trojan horse
▪ • It is a malicious program that occurs
▪ unexpected changes to computer setting and
▪ unusual activity, even when the computer
▪ should be idle.
▪ • It misleads the user of its true intent. It
▪ appears to be a normal application but when
▪ opened/executed some malicious code will
▪ run in the background.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 57

 System-based attacks
▪ 4. Backdoors
▪ • It is a method that bypasses the normal
▪ authentication process.
▪ • A developer may create a backdoor so that an
▪ application or operating system can be
▪ accessed for troubleshooting or other
▪ purposes.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 58

 System-based attacks
▪ 5. Bots
▪ • A bot (short for "robot") is an automated
▪ process that interacts with other network
▪ services.
▪ • Some bots program run automatically, while
▪ others only execute commands when they
▪ receive specific input.
▪ • Common examples of bots program are the
▪ crawler, chatroom bots, and malicious bots

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 59

 CYBER ATTACKS

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 60

 Cyber atatcks

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 61

 CYBER ATTACKS
▪ Malware:A malware attack is a common cyberattack where malware
(normally malicious software) executes unauthorized actions on the victim’s
system.
▪ Phishing:Phishing attacks are the practice of sending fraudulent
communications that appear to come from a reputable source. It is usually
done through email. The goal is to steal sensitive data like credit card and
login information, or to install malware on the victim’s machine.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 62

 CYBER ATTACKS
▪ Password A acks:A password a ack is simply when a hacker tries to
steal your password. In 2020, 81% of data breaches were due to
compromised credentials. Because passwords can only contain so
many le ers and numbers, passwords are becoming less safe.DDoS:
DDoS stands for distributed denial-of-service a ack. DDoS a acks
occur when servers and networks are ooded with an excessive
amount of tra c. The goal is to overwhelm the website or server with
so many requests that the system crashes

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 63

 CYBER ATTACKS
▪ Man in the Middle:A man-in-the-middle (MITM) a ack is a form of
eavesdropping where communication between two users is
monitored and modi ed by an unauthorized party. Generally, the
a acker actively eavesdrops by intercepting a public key message
exchange and retransmits the message while replacing the
requested key with his own.Drive-by download:Drive-by download
means two things, each concerning the unintended download of
computer software from the internet:Downloads which a person has
authorized but without understanding the consequences (e.g.
downloads which install an unknown or counterfeit executable
program, ActiveX component, or Java applet).Any download that
happens without a person's knowledge, often a computer virus,
spyware, malware, or crimeware.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 64

 Hardware Vulnerabilities

▪ A computing system: a collection of hardware, software, data, and people

⚫
that an organization uses to do computing tasks
▪ Any piece of the computing system can become the target of a computing
crime.
▪ Software Vulnerabilities
▪
⚫
Destroyed (deleted) software
▪
⚫
Stolen (pirated) software
▪
⚪
Altered (but still run) software
▪
⚪
Logic bomb
▪
⚪
Trojan horse
▪
⚪
Virus
▪
⚪
Trapdoor
▪ Information leaks

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 65

 Logic bomb

▪ A logic bomb is a piece of code intentionally inserted into a software system

⚫
that will set off a malicious function when specified conditions are met.
▪ For example, a programmer may hide a piece of code that starts deleting
files (such as a salary database trigger), should they ever be terminated from
the company
▪ Trojan horse, or Trojan, is any malicious computer program which is used

⚫
to hack into a computer by misleading users of its true intent.
▪ It is a program designed to breach the security of a computer system while
ostensibly performing some innocuous function
▪ A computer virus is a malware that, when executed, replicates by

⚫
reproducing itself or infecting other programs by modifying them.
▪ Infecting computer programs can include as well, data files, or the boot

⚫
sector of the hard drive.
▪ When this replication succeeds, the affected areas are then said to be
"infected

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 66

 backdoor
▪ A backdoor is a method, often secret, of bypassing normal authentication in

⚫
a product, computer system, cryptosystem or algorithms, etc.
▪ Backdoors are often used for securing unauthorized remote access to a
computer, or obtaining access to plaintext in cryptographic systems.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 67

 What is Cyberspace?

▪ The interdependent network of information technology infrastructures,

which includes the Internet, telecommunications networks, computer
systems, and embedded processors and controllers.
❖ Rapid Growth Of Internet.
❖ Crime Increased.
❖ Email.
❖ Inject Virus Into System.
❖ Mobile, Laptops.
❖ Cloud.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 68

 introduction
❖ Key Logger Software.
❖ ATM Scam.
❖ Amazon offers duplicate websites.
❖ Fraud websites for applying govt jobs.
❖ Bahubali cinema booking.
❖ IF NO INTERNET NO CYBER CRIME

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 69

 introduction
▪ Cyber
❖ Computer System(hardware)
❖ Programs or data
❖ Network(wireless or wired)

▪ Security
❖ System security
❖ Security for Programs or data
❖ Network security

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 70

 Cybersecurity
▪ Cybersecurity is the practice of protecting systems, networks, and programs
from digital attacks. These cyberattacks are usually aimed at accessing,
changing, or destroying sensitive information; extorting money from users
through ransomware; or interrupting normal business processes.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 71

 Cyber security
▪ Cyber Security is a process to protect the network and devices from
damages and unauthorized attacks

▪ Why Cyber security ?

❖ Confidentiality

❖ Integrity

❖ Availability

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 72

 Confidentiality

▪ The purpose of ‘Confidentiality’ is to ensure the protection of data by

preventing the unauthorized disclosure of information

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 73

 Integrity
▪ Integrity refers to the accuracy and completeness of data. Security
controls focused on integrity are designed to prevent data from being
modified or misused by an unauthorized party.
▪ SYSTEM A------------HELLO---------------SYSTEM B

▪
▪ Unauthorized user HE123LLO23

▪
 Availability

▪ Availability refers to information being accessible to authorized personnel

as and when it is needed.
 1.1 INRODUCTION
The internet in India is growing rapidly. It has given
rise to new opportunities in every field we can think of
be it entertainment, business, sports or education.

There’re two sides to a coin. Internet also has it’s own

disadvantages is Cyber crime- illegal activity
committed on the internet.
 Another definition
“Cybercrime (computer crime) is any illegal
behavior, directed by means of electronic
operations, that target the security of computer
systems and the data processed by them”.
Hencecybercrime can sometime be calledas
s crime, E-
Internet crime, High-
computer-related crime, crime,
techcrime
computer ….
Cybercrime specifically can be
defined in number of ways…
A crime committed using a computer and the internet to steal a person’s
identity(identity theft) or sell contraband or stalk victims or disrupt operations
with malevolentprograms.
Crimes completed either on or with a computer
Any illegal activity through the Internet or on the computer.

All criminal activities done using the medium of computers, the Internet,
cyberspace and the WWW.
2 layers of security
 2 layers of security
The 7 layers of cybersecurity should center on the mission critical assets
you are seeking to protect.
1. Mission Critical Assets – This is the data you need to protect*
2. Data Security – Data security controls protect the storage and
transfer of data.
3. Application Security – Applications security controls protect access to
an application, an application’s access to your mission critical assets,
and the internal security of the application.
4. Endpoint Security – Endpoint security controls protect the
connection between devices and the network.
5. Network Security – Network security controls protect an
organization’s network and prevent unauthorized access of the
network.
6. Perimeter Security – Perimeter security controls include both the
physical and digital security methodologies that protect the business
overall.
7. The Human Layer – Humans are the weakest link in any cybersecurity
posture. Human security controls include phishing simulations and
access management controls that protect mission critical assets from
a wide variety of human threats, including cyber criminals, malicious
insiders, and negligent users.
 2 layers of security
• 7 layers of cyber security
• • 1: Mission Critical Assets – This is the data you need to
• protect
• • 2: Data Security – Data security controls protect the
• storage and transfer of data.
• • 3: Application Security – Applications security controls
• protect access to an application, an application’s access
• to your mission critical assets, and the internal security
• of the application.
• • 4: Endpoint Security – Endpoint security controls protect
• the connection between devices and the network
 2 layers of security
• 5: Network Security – Network security controls protect an
• organization’s network and prevent unauthorized access of the
• network.
• • 6: Perimeter Security – Perimeter security controls include
• both the physical and digital security methodologies that
• protect the business overall.
• • 7: The Human Layer – Humans are the weakest link in any
• cyber security posture. Human security controls include
• phishing simulations and access management controls that
• protect mission critical assets from a wide variety of human
• threats, including cyber criminals, malicious insiders, and
• negligent users.
 Cyber threats
• Cyber threats : are security incidents or circumstances
• with the potential to have a negative outcome for
• your network or other data management systems.
• • Examples of common types of security threats
include
• phishing attacks that result in the installation of
• malware that infects your data, failure of a staff
• member to follow data protection protocols that
• cause a data breach, or even a tornado that takes
• down your company’s data headquarters, disrupting
• access.
 SECURITY VULNERABILITIES, THREATS
AND
ATTACKS
• Vulnerabilities are the gaps or weaknesses in a
• system that make threats possible and tempt
• threat actors to exploit them.
• Categories of vulnerabilities
• • Corrupted (Loss of integrity)
• • Leaky (Loss of confidentiality)
• • Unavailable or very slow (Loss of availability)
• • Threats: represent potential security harm to an
• asset when vulnerabilities are exploited
 Computer criminals
• Computer criminals have access to enormous
• amounts of hardware, software, and data.
• • We say computer crime is any crime
involving
• a computer so,to protect ourselves, our
• businesses, and our communities against
• those who use computers maliciously
 Attacks are threats that have been
carried
out
• Active and Passive Attacks are security attacks.
• • In Active attack, an attacker tries to modify the content of
• the messages.
• • Whereas in Passive attack, an attacker observes the
• messages, copy them and may use them for malicious
• purposes.
• • Insider attack – An insider threat is a security risk that
• originates from within the targeted organization.
• • It typically involves a current or former employee or
• business.
• • Outsider attack– Initiated from outside the perimeter
 Active attack
• An active attack is probing the network.
• They gather information like IP addresses, OS
type & version etc.
• In computer security, persistent attempt to
introduce invalid data into a system to
damage the data.
• It is treated as a criminal offense in many
countries.
ACTIVE ATTACK
 Motive of Attackers

• • The categories of cyber-attackers enable us

to better understand the attackers’
motivations and the actions they take.
Motive of attackers
 deliberate actions
• Political motivations: examples include destroying,
• disrupting, or taking control of targets
• • Economic motivations: examples include theft of
• intellectual property or other economically valuable
• assets (e.g., funds, credit card information), fraud,
• blackmail.
• • Socio-cultural motivations: it also include fun,
• curiosity, and a desire for publicity or ego
• gratification
ACTIVE ATTACK
 ACTIVE ATTACKS
Two phases

Phase 1: Scanning & Scrutinizing gathered

information

Phase 2: Launching the attack.

 ACTIVE ATTACKS
• Phase 1: Scanning & Scrutinizing gathered
information
• Scanning:
• It is a key step to examine intelligently while
gathering information bout the target.
• Scrutinizing(inspecting):
• It is a phase called enumeration in the
hacking world. The objective behind this step
is to identify.
 ACTIVE ATTACKS
Steps: Scanning
1. Port Scanning:
Identify open/close ports & services.
2. Network scanning:
Understand IP addresses & related information
about the computer network system.
3. Vulnerability scanning:
Understand the existing weaknesses in the system.
 ACTIVE ATTACKS
Steps: Scrutinizing (inspecting)

1. The valid user accounts or groups.

2. Network resources and/or shared resources.
3. OS & different applications that are running
on the OS.
 ACTIVE ATTACKS
Steps: Launching the attack

1. Crack the password.

2. Exploit the privileges.
3. Execute the malicious command/applications.
4. Hide the files
5. Cover the tracks-delete access logs,so that there
is no trail illicit activity.
 ACTIVE ATTACKS
• an attacker tries to modify the content of the
• messages
• Types of active attacks include:
• 1.Denial of service (DoS)
• 2.Distributed Denial of Service
• (DDoS)
• 3.Session replay
• 4.Masquerade
• 5.Message modification
• 6.Trojans
 ACTIVE ATTACKS
• DOS: A Denial-of-Service (DoS) attack is an
attack meant to
• shut down a machine or network, making it
inaccessible to its
• intended users. DoS attacks accomplish this
by flooding the
• target with traffic, or sending it information
that triggers a
• crash.
ACTIVE ATTACKS
 ACTIVE ATTACKS
• Masquerade:in this a ack, the intruder pretends to be a
• particular
may user of a system to gain access .A masquerade
• be a empted through the use of stolen login IDs and
• passwords, through nding security gaps in programs or
• through bypassing the authentication mechanism.
• • Session replay: In this type of a ack, a hacker steals an
• authorized
ID. user’s log in information by stealing the session
• The intruder gains access and the ability to do anything the
• authorized user can do on the website.
• •packet
Message modi cation: In this a ack, an intruder alters
• header addresses to direct a message to a di erent
• destination or modify the data on a target machine
ACTIVE ATTACKS
 DDOS
• The DDoS attack will send multiple requests to the
• attacked web resource – with the aim of exceeding
• the website's capacity to handle multiple requests…
• and prevent the website from function
• ning correctly
ACTIVE ATTACKS
PASSIVE ATTACK
 PASSIVE ATTACK
❖ Involves gathering information about a target
without his/her knowledge.eg: googling a
person
❖ Surfing online community groups like orkut/
facebook to gain information about individual.
❖ Attempt to steal information stored in a
system by electronic wiretapping or similar
means.
 Passive attack types
• :
• Release of the content(Eavesdropping)
• Traffic analysis
• Organization website may provide a personnel directory or
information about key employees.

• Network sniffing is a passive attack to get useful

information like IP, hidden servers or networks.

• Tools used are google earth,WHOIS, Nslookup (name server

lookup),Dnsstuff,eMailTrackerPro & Website Watcher.
 PASSIVE ATTACK
• Eavesdropping (tapping): the attacker simply listens
• to messages exchanged by two entities. For the
• attack to be useful, the traffic must not be
• encrypted.
• • Traffic analysis: is a method of monitoring
• network availability and activity to identify
• anomalies
• • Collecting a real-time and historical record of
• what's happening on your network. Detecting
• malware such as ransomware activity.
 Software Attacks:

• Malicious code (sometimes called malware) is a type of software designed to take

over or damage a computer user's operating system, without the user's
knowledge or approval.
• It can be very difficult to remove and very damaging.
 SOFTWARE ATTACKS
• Denial-of-service (DoS) and distributed denial-of-
service (DDoS) attacks. ...
• Man-in-the-middle (MitM) attack. ...
• Phishing and spear phishing attacks. ...
• Drive-by attack. ...
• Password attack. ...
• SQL injection attack. ...
• Cross-site scripting (XSS) attack. ...
• Eavesdropping attack.
 Common malware examples:

• Virus: A virus is a program that attempts to

damage a computer system and replicate
itself to other computer systems.
• Worm: A worm is a self-replicating program
that can be designed to do any number of
things, such as delete files or send documents
via e-mail. A worm can negatively impact
network traffic just in the process of
replicating itself.
 Common malware examples:

• Trojan horse :A Trojan horse is a malicious

program that is disguised as legitimate
software.
• Logic Bomb :A Logic Bomb is malware that
lies dormant until triggered.
 Common malware examples:

• Common malware examples are listed

• • 1.A virus is a program that attempts to damage a computer system
• and replicate itself to other computer systems.
• • A virus: Requires a host to replicate and usually attaches itself to a
• host file or a hard drive sector.
• • Replicates each time the host is used.
• • Often focuses on destruction or corruption of data.
• • Usually attaches to files with execution capabilities such
• as .doc, .exe, and .bat extensions.
• • Often distributes via e-mail. Many viruses can e-mail themselves to
• everyone in your address book.
• • Examples: Stoned, Michelangelo, Melissa, I Love You
 Common malware examples:

• A worm is a self-replicating program that can

• be designed to do any number of things, such
• as delete files or send documents via e-mail. A
• worm can negatively impact network traffic
• just in the process of replicating itself.
• • Is usually introduced into the system through
• a vulnerability.
• • Infects one system and spreads to other
• systems on the network. Example: Code Red
 Common malware examples:

• A Trojan horse is a malicious program that is

• disguised as legitimate software
• • Cannot replicate itself.
• • Often contains spying functions (such as a packet
• sniffer) or backdoor functions that allow a computer
• to be remotely controlled from the network.
• • Often is hidden in useful software such as screen
• savers or games.
• • Example: Back Orifice, Net Bus, Whack-a-Mole
 Common malware examples:

• A Logic Bomb is malware that lies dormant

• until triggered. A logic bomb is a specific
• example of an asynchronous attack.
• • trigger activity may be a specific date and
• time, the launching of a specific program, or
• the processing of a specific type of activity.
• • Logic bombs do not self-replicate
 Hardware Attacks:
• Common hardware attacks include:
• • Manufacturing backdoors, for malware or other
• penetrative purposes; backdoors aren’t limited to
• software and hardware, but they also affect
• embedded radiofrequency identification (RFID)
• chips and memory
• • Hardware modification tampering
• • Backdoor creation; the presence of hidden methods
• for bypassing normal computer authentication
• systems
 HARDWARE ATTACKS
• Manufacturing backdoors, for malware or
other penetrative purposes; backdoors aren't
limited to software and hardware, but they
also affect embedded radio-frequency
identification (RFID) chips and memory.
Eavesdropping by gaining access to protected
memory without opening other hardware
SPECTRUM OF ATATCKS
 Cyber Threats-Cyber Warfare
• Cyber warfare involves the actions by a nation-state or
international organization to attack and attempt to damage
another nation's computers or information networks
through, for example, computer viruses or denial-of-service
attacks.

• Examples:
• Any of the most common methods of cyber misconduct,
including infecting a computer system with malware,
holding it hostage with ransomware, disabling it with a
flood of messages (also-called denial of service attack) or
hacking data for the purpose of espionage.
 What is the main purpose of cyber
warfare?
• Cyberwarfare refers to the use of digital
attacks -- like computer viruses and hacking --
by one country to disrupt the vital computer
systems of another, with the aim of creating
damage, death and destruction.
 Cybercrime
• Cybercrime is an illegal behaviour directed by
means of electronic operations that targets the
security of computer systems & data processed
by them.
• They are also called as,
• Computer related crime
• Internet crime
• E-crime
• High tech crime
 TYPES OF CYBER CRIME
• Hacking
• 2. Child pornography
• 3.Child grooming
• 4.Copyright infringement
• 5.Money laundering
• 6. Cyber-extortion
 Cyber Threats-Cyber Warfare
• :Cyber warfare refers to the use
• of digital attacks -- like computer viruses and hacking -- by one
• country to disrupt the vital computer systems of another, with
• the aim of creating damage, death and destruction.
• • Future wars will see hackers using computer code to attack an
• enemy's infrastructure, fighting alongside troops using
• conventional weapons like guns and missiles.
• • Cyber warfare involves the actions by a nation-state or
• international organization to attack and attempt to damage
• another nation's computers or information networks through,
• for example, computer viruses or denial-of-service attacks
 Cyber Crime:

• • Cybercrime is criminal activity that either targets

• or uses a computer, a computer network or a
• networked device.Cybercrime is committed by
• cybercriminals or hackers who want to make
• money. Cybercrime is carried out by individuals
• or organizations.
• • Some cybercriminals are organized, use
advanced
• techniques and are highly technically skilled
 Cyber terrorism
• Cyber terrorism is the convergence of cyberspace
• and terrorism. It refers to unlawful attacks and
• threats of attacks against computers, networks and
• the information stored therein when done to
• intimidate or coerce a government or its people in
• furtherance of political or social objectives.
• • Examples are hacking into computer systems,
• introducing viruses to vulnerable networks, web site
• defacing, Denial-of-service attacks, or terroristic
• threats made via electronic communication.
 CYBER TERRORISM
• Was coined by Barry Collin a senior research
fellow at institute for security & intelligence in
in carlifornia in the year 1997.
• Cyberterrorism is the premeditated,politically
motivated attack against information,
computer systems, computer programs &
data which result in violence by secret agents.
 Cyber espionage
• Cyber espionage is a form of cyber attack that
steals classified, sensitive data or intellectual
property to gain an advantage over a competitive
company or government entity.
• The primary intent of cyber espionage is to steal
classified information from
government agencies or trade secrets from
corporations. ... These states engage in deliberate
efforts to obtain sensitive business and
technology information.
 Cyber Espionage:

• • Cyber spying, or cyber espionage, is the act or

• practice of obtaining secrets and information without
• the permission and knowledge of the holder of the
• information from individuals, competitors, groups,
• governments and enemies for personal, economic,
• political or military advantage using methods on the
• Internet.
 Definition
❖ The act or practice of obtaining
secrets without the permission of
the holder of the information.
Individuals, Competitors,etc.
Credit card, Bank Information, etc.
 Comprehensive Cyber Security Policy
• What is a Comprehensive IT Security Policy? ...
A comprehensive IT security policy is
essentially a battle plan that guides your
organization, ensuring that your data and
network is guarded from
potential security threats. Think of it as a link
between your people, processes, and
technology.
 There are some important cyber security
policies
• Virus and Spyware Protection policy:
• It helps to detect threads in files, to detect
applications that exhibits suspicious behavior.
• Removes, and repairs the side effects of
• viruses and security risks by using signatures
 Security Policies:

• • Security policies are a formal set of rules which is

issued
• by an organization to ensure that the user who are
• authorized to access company technology and
• information assets comply with rules and guidelines
• related to the security of information.
• • A security policy also considered to be a "living
• document" which means that the document is never
• finished, but it is continuously updated as
requirements
• of the technology and employee changes
 Need of Security policies-

• • 1) It increases efficiency.
• • 2) It upholds discipline and accountability
• • 3) It can make or break a business deal
• • 4) It helps to educate employees on security
• literacy
 Firewall Policy:

• • It blocks the unauthorized users from

• accessing the systems and networks that
• connect to the Internet.
• • It detects the attacks by cybercriminals and
• removes the unwanted sources of network
• traffic
 Intrusion Prevention policy:

• • This policy automatically detects and blocks

• the network attacks and browser attacks.
• • It also protects applications from
• vulnerabilities and checks the contents of one
• or more data packages and detects malware
• which is coming through legal ways.
 Application and Device Control:

• • This policy protects a system's resources

from
• applications and manages the peripheral
• devices that can attach to a system.
• • The device control policy applies to both
• Windows and Mac computers whereas
• application control policy can be applied only
• to Windows clients
 Further
Cybercrime refers to the act of performing a criminal act using
cyberspace
as communication vehicle.
Two types of a acks are common
1. TECHNO-CRIME
2. TECHNO-VANDALISM
 Techno- crime: Active a ack.
▪ It is a premeditated act against a system, with the intent to copy, steal,
prevent access, corrupt or otherwise deface or damage parts of computer
system.
▪ An active attack is a cyber attack where an unauthorized entity directly
interacts with a system or data to alter it. The goal of an active attack
is to disrupt the system's operations and gain access to sensitive
information

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 140
 ACTIVE ATTACKS
▪ Examples of active attacks
▪ Man-in-the-middle (MitM)
▪ An attacker intercepts and alters messages between two parties without
their knowledge.
▪ Denial of service (DoS)
▪ An attacker sends a large number of illegitimate requests to a system,
network, or service, making it inaccessible.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 141
 ACTIVE ATTACKS
▪ Malware infection
▪ An attacker uses malicious software, such as a virus, worm, or Trojan, to gain
control of a system.
▪ Password attacks
▪ An attacker attempts to guess or crack passwords to gain access to a system
or account.
▪ Spoofing attacks
▪ An attacker impersonates a trusted entity, such as a website, email, or IP
address, to trick users into revealing sensitive data

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 142
 passive a acks
▪ Examples of passive a acks Eavesdropping on unencrypted
communications, Exploiting weak passwords, Analyzing network
tra c for sensitive information, Installing a keylogger to record user
credentials, and Using a packet analyzer program to record network
data.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 143
 Techno – vandalism: Passive a ack
❖ These are brainless defacement of websites and other activities, such as copying files
and publicizing their contents publicity.
❖ Tight internet security, strong technical safeguards, should prevent these incidents

▪ A passive attack is a cyber attack that involves monitoring data transmissions

without changing the data. The goal of a passive attack is to gain access to sensitive
information without being detected.
▪ How it works
▪ The attacker monitors data traveling between systems or networks
▪ The attacker looks for vulnerabilities in the system or network
▪ The attacker intercepts sensitive information, such as user accounts or passwords
▪ The attacker analyzes the data to gain intelligence about the system or network

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 144
Lack of information securitygive rise to cybercrime
Cybersecurity: means protecting information, equipment, devices,
computer, computer resource, communication device and
information stored therein from unauthorized access, use, disclosure,
disruption, modi cation ordestruction

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 145
 ▪ CYBER SPACE
❖ Cyber space is a nebulous place where humans interact over computer
network.
❖ Cyber space is a world wide network of computer networks that uses
Transmission Control Protocol/Internet Protocol(TCP/IP) for communication
to facilitate transmission and exchange of data.
❖ It is a place where you can chat,explore,research and play.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 146
 Cyber squatting
❖ Squatting is the act of occupying an un occupied space that the squatter
does not own, rent or have permission to use.
❖ Domain names are being paid for by the cyber squatters through registration
process.
❖ It is an act of registering a popular internet address, usually a company name
❖ EX: amazon.nice.com

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 147
 3.Cyberpunk and Cyberwarfare
❖ Cyberpunk is anarchy (disorder) via machines or machine/computer rebel
movement.
❖ Cyber warfare means information warriors unleashing vicious attacks against
an unsuspecting opponents computer networks, wreaking havoc(creating
great damage) and paralyzing nations.

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 148
 4. Cyberterrorism
▪ The premeditated use of disruptive activities, or threat thereof, against
computers and/or networks, with the intention to cause harm or further
social, ideological, religious, political, or similar objectives to intimate any
person in furtherance of such objectives.
▪ Cyberterrorism is defined as “any person, group or organization who, with
terrorist intent, utilizes accesses or aids in accessing a computer or computer
network or electronic system or electronic device by any available means,
and thereby knowingly engages in or attempts to engage in a terrorist act
commits the offence of cyberterrorism.”

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 149
 1.4 Who are Cybercriminals?
Are those who conduct acts such as:
Child pornography
Credit card fraud
Cyberstalking
Defaming another online
Gaining unauthorized access to computer systems
Ignoring copyrights
Software licensing and trademark protection
Overriding encryption to make illegal copies
Software piracy
Stealing another’s identity to perform criminal acts
 Categorization of Cybercriminals
Type 1: Cybercriminals- hungry for recognition
Hobby hackers
A person who enjoys exploring the limits of what is
possible, in a spirit of playful cleverness. May modify
hardware/ software
IT professional(social engineering):
Ethical hacker
Politically motivated hackers :
promotes the objectives of individuals, groups or nations supporting a
variety of causes such as : Anti globalization, transnational con icts
and protest
Terrorist organizations
Cyberterrorism
Use the interneta acks in terroristactivity
Large scale disruption of computer networks , personal
computers a ached to internetvia viruses
 Type 2: Cybercriminals- not
interested in recognition
Psychological perverts
Financially motivated hackers
Make money from cyber a acks
Bots-for-hire : fraud through phishing, information theft, spam
and extortion
State-sponsored hacking
Hacktivists
Extremely professional groups working for governments
Have ability to worm into the networks of the media, major
corporations, defense departments
Type 3: Cybercriminals- the
insiders

Disgruntled or former employees seeking

revenge
Competing companies using employees to
gain economic advantage through damage
and/ or theft.
 Motives behind cybercrime
Greed
Desire to gain power
Publicity
Desire for revenge
A sense of adventure
Looking for thrill to access forbidden
information
Destructive mindset
Desire to sell network security services
 Cyber CRIME

▪ A crime committed using a computer and the Internet to steal a person's

identity (identity theft) or sell contraband or stalk victims or disrupt
operations with malevolent programs.
 1.5 Classification of cybercrimes

1. Cybercrime against an individual

2. Cybercrime against property
3. Cybercrime against organization
4. Cybercrime against Society
5. Crimes emanating from Usenet
newsgroup
 1. Cybercrime against an individual
Electronic mail spoo ng and other online
frauds
Phishing, spear phishing
spamming
Cyberdefamation
Cyberstalking and harassment
Computer sabotage
Passwordsni ng
 2.Cybercrime against property
Creditcard frauds
Intellectual property( IP) crimes: software piracy,
copy right infringement.
Internet time theft: Unauthorized person using
internet
3.Cybercrime against organization
Unauthorized accessing of computer
Password sni ng
Denial-of-service a acks
Virus a ack/dissemination of viruses
E-Mail bombing/mail bombs
Salami a ack/ Salami technique
Logic bomb
Trojan Horse
Data diddling
Industrial spying/ industrial
espionage
Computer network intrusions
Software piracy
 4.Cybercrime against Society
Forgery
Cyberterroris
m
Web jacking
Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 161
Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 162
 THANK YOU

Department of Computer Science & Engineering, VNRVJIET, Hyderabad February 4, 2025 163