UNIT I NEED FOR CYBER SECURITY

1.Introduction to security
What is Cyber Security?
 Cyber Security is a process that’s designed to protect networks and
devices from external threats.
 The world of Cyber Security revolves around the industry standard of
confidentiality, integrity, and availability, or CIA.
 The main element of Cyber Security is the use of authentication
mechanisms.
 Privacy means data can be accessed only by authorized parties;
 Integrity means information can be added, altered, or removed only by
authorized users and
 Availability means systems, functions, and data must be available on-
demand. 
Types of Cyber Crimes
Cybercrime is any unauthorized activity involving a computer, device, or
network. 
Denial of Service, or DOS
Where a hacker consumes all of a server’s resources, so there’s nothing for
legitimate users to access.
Malware 
Where victims are hit with a worm or virus that renders their devices useless.
Man in the Middle 
Where a hacker puts himself between a victim’s machine and a router to sniff
data packets.
Phishing 
Where a hacker sends a seemingly legitimate-looking email asking users to
disclose personal information
2.CIA Triad
Confidentiality, integrity and availability, also known as the CIA triad, is a
model designed to guide policies for information security within an
organization.
Confidentiality
 Confidentiality refers to an organization’s efforts to keep their data
private or secret.
 This involves ensuring that only those who are authorized have access to
specific assets and that those who are unauthorized are actively prevented
from obtaining access.
 Confidentiality can be violated in many ways, for example, through direct
attacks designed to gain unauthorized access to systems, applications, and
databases in order to steal or tamper with data.
Counter measures
 Strong access controls and authentication mechanisms.
 Encryption of data in process, in transit, and in storage.
 Steganography.
 Adequate education and training for all individuals with access to data.
Integrity
 Integrity refers to the quality of something being whole or complete.
 Integrity is about ensuring that data has not been tampered with and,
therefore, can be trusted.
 It is correct, authentic, and reliable.
Counter measures
Protect data integrity include encryption, hashing, digital signatures, digital
certificates Trusted certificate authorities (CAs) issue digital certificates to
organizations to verify their identity to website users.
Availability
  Availability means that networks, systems, and applications are up and
running.
 It ensures that authorized users have timely, reliable access to resources
when they are needed.
 Many things can jeopardize availability, including hardware or software
failure, power failure, natural disasters, and human error.
 The most well-known attack that threatens availability is the denial-of-
service attack.
Counter measures
Ensures availability include redundancy (in servers, networks, applications, and
services), hardware fault tolerance (for servers and storage), regular software
patching and system upgrades, backups, comprehensive disaster recovery plans,
and denial-of-service protection solutions.
3.Security attacks
 A cyber-attack is an exploitation of computer systems and networks.
 It uses malicious code to alter computer code, logic or data and lead to
cybercrimes, such as information and identity theft.
 Cyber-attacks can be classified into the following categories:

Web-based attacks

Man in the middle attacks

 It is a type of attack that allows an attacker to intercepts the connection

between client and server and acts as a bridge between them.
 Due to this, an attacker will be able to read, insert and modify the data in
the intercepted connection.

Denial of Service
  It is an attack which meant to make a server or network resource
unavailable to the users.
 It accomplishes this by flooding the target with traffic or sending it
information that triggers a crash.
 It uses the single system and single internet connection to attack a server.

Phishing
 Phishing is a type of attack which attempts to steal sensitive information
like user login credentials and credit card number.
 It occurs when an attacker is masquerading as a trustworthy entity in
electronic communication.

Session Hijacking

 It is a security attack on a user session over a protected network.

 Web applications create cookies to store the state and user sessions.
 By stealing the cookies, an attacker can have access to all of the user data.

Injection attacks

It is the attack in which some data will be injected into a web application to
manipulate the application and fetch the required information.

Example- SQL Injection, code Injection, log Injection, XML Injection etc.

DNS Spoofing

 DNS Spoofing is a type of computer security hacking.

 Whereby a data is introduced into a DNS resolver's cache causing the
name server to return an incorrect IP address, diverting traffic to the
attacker’s computer or any other computer.
 The DNS spoofing attacks can go on for a long period of time without
being detected and can cause serious security issues.

System-based attacks

These are the attacks which are intended to compromise a computer or a

computer network. Some of the important system-based attacks are as follows-

1. Virus

 It is a type of malicious software program that spread throughout the

computer files without the knowledge of a user.
  It is a self-replicating malicious computer program that replicates by
inserting copies of itself into other computer programs when executed.

 It can also execute instructions that cause harm to the system.

2. Worm

 It is a type of malware whose primary function is to replicate itself to

spread to uninfected computers.

 It works same as the computer virus.

 Worms often originate from email attachments that appear to be from

trusted senders.

3. Trojan horse

 It is a malicious program that occurs unexpected changes to computer

setting and unusual activity, even when the computer should be idle.

 It misleads the user of its true intent.

 It appears to be a normal application but when opened/executed some

malicious code will run in the background.

4. Backdoors

 It is a method that bypasses the normal authentication process.

 A developer may create a backdoor so that an application or operating

system can be accessed for troubleshooting or other purposes.

5. Bots

 A bot (short for "robot") is an automated process that interacts with other
network services.

 Some bots program run automatically, while others only execute

commands when they receive specific input.

 Common examples of bots program are the crawler, chatroom bots, and
malicious bots.

4.Issues related in social networking

  Social networking revolves allows like-minded individuals to be in touch
with each other using websites and web-based applications. 
 Facebook, WhatsApp, Twitter, and LinkedIn are examples of social
networking sites.
Advantages
Social media and technology offer us greater convenience and connectivity:

 staying connected with family and friends worldwide via email, text,
FaceTime, etc.
 quick access to information and research
 banking and bill pay at our fingertips
 online learning, job skills, content discovery (YouTube)
 involvement in civic engagement (fundraising, social awareness, provides
a voice)
 great marketing tools
 opportunities for remote employment

Issues

Online vs Reality

 Social media itself is not the problem.

 It is the way people use it in place of actual communication and in-person
socializing.
 “Friends” on social media may not actually be friends, and may even be
strangers.

Increased usage. The more time spent on social media can lead to

cyberbullying, social anxiety, depression, and exposure to content that is not age
appropriate.

Social Media is addicting 

 When you’re playing a game or accomplishing a task, you seek to do it as

well as you can. Once you succeed, your brain will give you a dose of
dopamine and other happiness hormones, making you happy.
 The same mechanism functions when you post a picture to Instagram or
Facebook.
 Once you see all the notifications for likes and positive comments
popping up on your screen, you’ll subconsciously register it as a reward.
Fear of Missing Out:  FOMO has become a common theme, and often leads to
continual checking of social media sites. The idea that you might miss out on
something if you’re not online can affect your mental health.

Self-image issues

 Social media sites provide tools that allow people to earn others’ approval
for their appearance and the possibility to compare themselves to others.
 It can be associated with body image concerns.
 The “selfieholics” and people who spend most of their time posting and
scrolling are the ones most vulnerable to this.

Misuse of Social Networks

 Unfortunately, there are those who use social network for scams and
other illegal purposes.
 There have been reports around the world that social networks are used to
spread rumors, lies or degrading messages that could affect the person’s
reputation.
 “Cyber bullying” or an act of being hostile to another user online has also
been observed in some social networks.

Information Access

 Access to social networking websites varies.

 Some website will allow any user to access information of persons even
though they are not part of the user’s network while some social network
prohibit access to any form of information without confirmation from the
profile owner.
 Problems regarding information access could be completely controlled by
user but unauthorized access could still happen especially for those who
are just starting to understand the rules of different social networks.