PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

A MICRO-PROJECT REPORT

COURSE NAME- NETWORK INFORMATION SECURITY

COURSE CODE- 22620

DEPARTMENT OF COMPUTER ENGINEERING

(2022-23)

ROLL NO NAME OF STUDENTS

7 Shreya Shinde.
8 Aniket Boke.

UNDER THE GUIDANCE OF

MRS. Patil S.A.

1
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

PART -A
Title of Microproject: Cyber Security
*Aim of the Micro – Project

1) Study about decision making.

2) Collect relevant data from different sources.
Details Of Activity Planned Planned Name of responsible
Save date Finish date Team member

1. We plan to form the group of 2 7/4/2022 8/4/2022 All project members

students
2. We can select the topic of micro 9/4/2022 11/04/2022 Aniket Boke.
project
3. We plan to study about 12/04/2022 15/04/2022 Aniket Boke.
programming with python
4. We plan to note the all important 16/04/2022 18/04/2022 Aniket Boke.
points of micro project

5. We plan to prepare a basic 19/04/2022 20/04/2022 Aniket Boke.

information of micro project
6. We plan to select the one line 21/04/2022 21/04/2022 Aniket Boke.
which is effective and meaning
full.
7. Make the report on micro project 22/04/2022 23/04//2022 Shreya Shinde.

8. Edit the report 24/04/2022 24/04/2022 Aniket Boke. &

Shreya Shinde.

3) Attempts alternative solution for micro project.

2
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

CONTENTS OF TABLE

➢ Chapter-1

Intoduction To Cyber Security Definition Scope Of The Study Methodology Of The Study
Limitations Of The Study The Indian Cyber Space

➢ Chapter-2

Types Of Cyber Threats Cyber Laws In India Types Of Security Threats Cyber Security
Threats In Different Areas

➢ Chapter-3

Conclusion

Roll No. Student Name Marks out of for Marks out of 4for Total out
performance in performance in
Of 10
group activity oral

7. Shreya Shinde
8. Aniket Boke

3
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

CHAPTER-1

INTRODUCTION
‘Over the years, Information Technology has transformed the global economy and connected
people and marketsin ways beyond imagination. With the Information Technology gaining the
centre stage, nations across the worldare experimenting with innovative ideas for economic
development and inclusive growth. An increasing proportion of the world’s population is
migrating to cyberspace to communicate, enjoy, learn, and conduct commerce. It has also
created new vulnerabilities and opportunities for disruption.
The cyber security threats emanate from a wide variety of sources and manifest themselves in
disruptive activitiesthat target individuals, businesses, national infrastructure and Governments
alike. Their effects carry significant risk for public safety, security of nation and the stability
of the globally linked economy as a whole. The origin of a disruption, the identity of the
perpetrator or the motivation for it can be difficult to ascertain and the act can take place from
virtually anywhere. These attributes facilitate the use of Information Technology for disruptive
activities. As such, cyber security threats pose one of the most serious economic and national
security challenges. Cyberspace is such a term, which is not yet completely defined and also
has no geographical limitation. It is a term associated with application of the Internet
worldwide. It is also called as a virtual space as physical existenceof cyberspace is not detectable
at all. Cyberspace is “the total interconnectedness of human beings through computers and
telecommunication without regard to physical geography.” Information through computers is
transferred in the form of Ones (1) and Zeros (0), which do not inherentlycarry any separate
information along with them for authentication. For authentication purposes, additional
information needs to be carried with cyberspace transactions for identity purposes. Providing
extra information in digital communication introduces the possibility for identity theft. Because
nothing prevents the transmission of false identity information, or the duplication of another’s
identity information. The seriousness of this problem is highlighted when you consider that
future technologies will allow extremely important identifiers, such as a retinal scan or a
fingerprint, to be represented digitally. Thesebiometrics characteristics are protected in real

4
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

space because they are embedded in the physical body of the person. This is lost in cyberspace.
Thus, cyberspace needs a system that allows individuals to verify their identities to others
without revealing to them the digital representation of their identities.

DEFINITION

Cyber Security is “the security of information and its communicating channels as applied
to computing devices such as computers and smart phones, as well as computer networks
such as private and public networks, includingthe Internet as a whole.” The field covers all
the processes and mechanisms by which computer-based equipment, information and
services are protected from unintended or unauthorized access, change or destruction.
Computer security also includes protection from unplanned events and natural disasters.
Cyber security is a complex issue that cuts across multiple domains and calls for
multidimensional, multilayered initiatives and responses. It has proved a challenge for
governments all around the world. The task is made difficult by the inchoate and diffuse
nature of the threats and the inability to frame an adequate response in the absence of tangible
perpetrators.The rapidity in the development of information technology (IT) and the relative
ease with which applications canbe commercialized has seen the use of cyberspace expand
dramatically in its brief existence. From its initial avataras a N/W created by academics for
the use of the military, it has now become a global communications platform for socio-
economic issues as well as for commercial and social purposes. The increasing centrality
of cyberspace to human existence is exemplified by facts and figures brought out recently
by the International Telecommunications Union (ITU), according to which,

• The number of Internet users has doubled between 2005 and 2010 and surpasses
2billion.
• Users are connecting through a range of devices from the personal computer (PC) to

5
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

themobile phone, and using the Internet for a variety of purposes from
communication to ecommerce, to data storage for several services.

The rise in the Internet population has meant that while the threats and vulnerabilities
inherent to the Internet andcyberspace might have remained more or less the same as before,
the probability of disruption has grown apace with the rise in the number of users. While
such disruptions are yet to cause permanent or grievous damage worldwide, they serve as
a wake-up call to the authorities concerned to initiate measures to improve the securityand
stability of cyberspace in terms of their own security. Governments are constrained in their
responses by pressures exerted by politico-military-national security actors at one end and
economic-civil society actors at theother.

SCOPE OF THE STUDY:

To understand the awareness among the public regarding cyber security issues in India. The
study is restricted tothe 50 respondents who are randomly selected with in the twin cities of
Hyderabad and Secunderabad.

METHODOLOGY:
Sources of data collection:
➢ Primary data
➢ Secondary data

The main source of primary data is questionnaire consisting of simple questions prepared
6
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

and distributed torespondents for collection of data on awareness in public regarding web
search engines.
SECONDARY DATA:
The main source of secondary data includes Books, Magazines, Newspapers, Articles and
Journals and websites.SAMPLE SIZE:
For the present study, 50 respondents were selected at random.

LIMITATIONS OF THE STUDY

➢ The study is conducted in Hyderabad and Secunderabad only.

➢ The study is restricted to the users of web search engine only.

➢ Time perspective is also one of the elements in limiting the scope of this study.

INDIAN CYBER SPACE

• The National Informatics Centre (NIC) was set up as early as 1975 with the goal of
providing IT solutionsto the government.
• Between 1986 and 1988, three N/Ws were set up:
• INDONET, connecting the IBM mainframe installations that made up India’s
computer infrastructure;
• NICNET (the NIC Network), being a nationwide very small aperture terminal
(VSAT) N/W for public sector organizations as well as to connect the central
government with the state governments and district administrations;
• The Education and Research Network (ERNET), to serve the academic and research
communities.
• Policies such as the New Internet Policy of 1998 paved the way for multiple Internet

7
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

service providers (ISPs) and saw the Internet user base grow from 1.4 million in
1999 to over 15 million by 2003.

• By June2012, Internet users in India were approx. 12.5% of the total population (approx.

137 million).

According to the Internet and Mobile Association of India (IAMAI),

The internet user base in India is projected to touch 243 million by June 2014, with
a year-on-year growth of 28%.

This exponential growth is again expected to continue in recent future with more and more
people accessing the web through mobile phones and tablets, with the government making
a determined push to increase broadband(>4mbps) penetration from its present level of
about 6%. bEven though the Indian government was a late convert to computerization, there
has been an increasing thrust one-governance, seen as a cost effective way of taking public
services to the masses across the country.

Critical sectors such as Defence, Energy, Finance, Space, Telecommunications, Transport,

Land Records, PublicEssential Services and Utilities, Law Enforcement and Security all
increasingly depend on N/Ws to relay data, for communication purposes and for
commercial transactions.
The National e-governance Program (Ne GP) is one of the most ambitious in the world and
seeks to provide morethan 1200 governmental services online. Schemes like ‘Rajiv Gandhi
scheme for broadband to PRIs’ and National Optic Fiber Network (NOFN) missionare
already dedicated to accelerate cyber connectivity in far reaching areasof country.

• Under The National Broadband Plan, the target for broadband is 160 million
householdsby 2016. Despitethe low numbers in relation to the population, Indians have
been active users of the Internet across various segments.
8
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

• Similar level of penetration has also been seen in the social networking arena,
which isthe most recent entrant to the cyber platform. India currently has the fastest
growing user base for Facebook and Twitter, the twotop social networking sites.

CHAPTER-2

TYPES OF CYBER THREATS

As we grow more dependent on the Internet for our daily activities, we also become more
vulnerable to any disruptions caused in and through cyberspace. The rapidity with which
this sector has grown has meant that governments and private companies are still trying to
figure out both the scope and meaning of security in cyberspace and apportioning
responsibility.

Cyber threats can be disaggregated, based on the perpetrators and their motives, into four
baskets:

1. Cyber Espionage,

2. Cyber Crime

3. Cyber Terrorism

4. Cyber Warfare

Cyber Espionage:

Cyber espionage, is “the act or practice of obtaining secret information without the
permission of the holder of the information (personal, sensitive, proprietary or of classified
nature), from individuals, competitors, rivals, groups, governments and enemies for
9
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

personal, economic, political or military advantage using methods on the Internet, networks
or individual computers through the use of cracking techniques and malicious software
including Trojan horses and spyware.”

Simply said, Cyber espionage is “The use of computer networks to gain illicit access to
confidential information,typically that held by a government or other organization.”

India: Victim of Chinese Cyber Espionage

1. Cyber-attack by Chinese crackers at the computers in the Prime Minister’s Office

(PMO) was reported in 2009.
2. In August 2015, security firm Fire Eye revealed an intense activity of hackers based
inChina particularly interested in entities and organization linked to the Indian
Government as well as in information on Tibetan activists. The cyber espionage
group sent targeted spear-phishing e-mails to its intended victims, with Microsoft
Word attachments containing information on regional diplomatic issues .It said that
collecting intelligence on India remains a key strategic goal for China-based APT
groups, and these attacks on India and its neighboring countries reflect growing
interest in its foreign affairs.

Cyber Crime/ Cyber Attacks :

Cyber-attack is “any type of offensive maneuver employed by individuals or whole

organizations that targets computer information systems, infrastructures, computer networks
with an intention to damage or destroy targetedcomputer network or system.”

These attacks can be labeled either as Cyber-campaign, Cyber-warfare or Cyber-terrorism

depending upon the context, scale and severity of attacks. Cyber-attacks can range from
installing spyware on a PC to attempts to destroy the critical infrastructure of entire
nations.The increasing online population has proved a happy hunting ground for cyber
10
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

criminals, with losses due to cyber-crime being in billions of dollars worldwide.

While other countries are reporting enormous losses to cyber-crime, as well as threats to
enterprises and critical information infrastructure (CII), there are hardly any such reports
coming out of India other than those relating tocyber espionage.

• Though the report of the National Crime Records Bureau (NCRB) in 2010 reported
anincrease of 50% incyber-crime over the previous year, the numbers were quite
small in absolute terms.
• On 12 July 2012, a high profile cyber-attack breached the email accounts of
about12,000 people, including those of officials from the Ministry of External
Affairs, Ministry of Home Affairs, Defence Research and Development
Organization (DRDO), and the IndoTibetan Border Police (ITBP).

• In February 2013, The Executive Director of the Nuclear Power Corporation of

India(NPCIL) stated thathis company alone was forced to block up to ten targeted
attacks a day.

Cyber Terrorism:

Acts of Terrorism related to cyber space and /or executed using Cyber technologies are
popularly known as ‘cyberterrorism’.

Definitions of cyber terrorism

“Cyber terrorism is the convergence of terrorism and cyber space. It is generally understood
to mean unlawful attacks and threats of attacks against computers, networks, and information
stored therein when done to intimidateor coerce a government or its people in furtherance of
political or social objectives, Further, to qualify as cyber terrorism, an attack should result in
violence against persons or property or at least cause enough harm to generatefear, Serious
attacks against critical infrastructures could be acts of cyber terrorism depending upon their

11
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

impact.”

This is one of the most comprehensive definitions of cyber terrorism. But even this has a
limitation. It states that for an attack to qualify as a cyber-terrorism it should lead to
violence. This is more conventional. Terrorist may direct an attack only to disrupt key
services, If they create panic by attacking critical systems/infrastructure thereis no need for
it to lead to violence. In fact such attacks can be more dangerous. In the last couple of
decades India has carved a niche for itself in IT. Most of the Indian banking industry and
financial institutions have embraced IT to its full optimization.
Reports suggest that cyber-attacks are understandably directed toward economic and
financial institutions. Given the increasing dependency of the Indian economic and
financial institutions on IT, a cyber-attack against them might lead to an irreparable
collapse of our economic structures. And the most frightening thought is the
ineffectiveness of reciprocal arrangements or the absence of alternatives.

Cyber Warfare:

The Fifth domain of warfare the evolution of technology impacts the nature of conflict and
war. Cyber Warfare is a very recent yet evolving phenomenon.

In the absence of a formal definition of cyber warfare, we may define it as “actions by a

nation-state or its proxies to penetrate another nation’s computers or networks for the
purposes of espionage, causing damage or disruption”. These hostile actions against a
computer system or N/W can take two forms: cyber exploitation and cyber-attacks.

Types of Security threats: -

Cybercrimes consist of specific crimes dealing with computers and networks, such as
hacking, phishing and thefacilitation of traditional crime through the use of computers
12
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

(child pornography, hate crimes, telemarketing/internet fraud). A brief introduction to

some common cyber related violations, or cybercrimes as they are more commonly
referred to are discussed below:
Hacking
Hacking in simple terms means an illegal intrusion into a computer system and/or
network. There is an equivalent term to hacking i.e. cracking, but from Indian legal
perspective there is no difference between the term hacking and cracking. Every act
committed towards breaking into a computer and/or network is hacking.Hackers write or
use ready-made computer programs to attack the target computer.
Child Pornography
The Internet is extensively used for sexual abuse of children. As more homes have access
to internet, more children are accessing it and this enhances their vulnerability of falling
victims to the aggression of paedophiles.Paedophiles (a person who is sexually attracted to
children) lure the children by distributing pornographic materialand then pursue them for
sexual exploitation. Sometimes paedophiles contact children in chat rooms posing as
teenagers or children of similar age; they win the confidence of these children, and then
induce them into sexuallyprovocative discussions. Then begins the actual exploitation of
children.
Cyber Stalking
This term is used to refer to the use of the internet, e-mail, or other electronic
communications devices to stalk another person. Cyber stalking can be defined as the
repeated acts of harassment or threatening behavior of the cyber-criminal towards the
victim by using internet.
Denial of Service
This is a technology driven cyber intrusion, where by the influencer floods the bandwidth
or blocks the user’s mails with spam mails depriving the user, access to the Internet and the
services provided there from. A DoS Attack (as it is commonly known) can be perpetrated

13
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

in a number of ways.
Dissemination of Malicious Software (Malware)
Malware is defined as software designed to perform an unwanted illegal act via the
computer network. It couldbe also defined as software with malicious intent. Malware can
be classified based on how they get executed, how they spread, and/or what they do. Some
of them are discussed below.

a) Virus
A virus is a program that can infect other programs by modifying them to include a
possible evolved copy ofitself. A virus can spread throughout a computer or network
using the authorization of every user using it to infect their program. Every program so
infected may also act as a virus and thus the infection grows. Virusesnormally affect
program files, but in some cases they also affect data files disrupting the use of data and
destroying them completely.
b) Worms
Worms are also disseminated through computer networks, unlike viruses, computer
worms are malicious programs that copy themselves from system to system, rather than
infiltrating legitimate files. For example, a mass mailing e-mail worm is a worm that sends
copies of itself via e-mail. A network worm, on the other hand makes copies of itself
throughout a network, thus disrupting an entire network.
c) Trojans
Trojan is another form of Malware; trojans do things other than what is expected by the
user. Trojan or trojan horse is a program that generally impairs the security of a system.
Trojans are used to create back-doors (a program that allows outside access into a secure
network) on computers belonging to a secure network so that a hacker can have access to
the secure network. Unlike viruses, Trojan horses do not replicate themselves but theycan
be just as destructive. One of the most insidious types of Trojan horse is a program that
claims to rid your computer of viruses but instead introduces viruses onto your computer.
14
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

d) Hoax
Hoax is an e-mail that warns the user of a certain system that is harming the computer. The
message thereafterinstructs the user to run a procedure (most often in the form of a download)
to correct the harming system.
When this program is run, it invades the system and deletes an important file.

e) Spyware
Spyware invades a computer and, as its name implies, monitors a user’s activities without
consent. Spywares are usually forwarded through unsuspecting e-mails with bonafide
email i.ds. Spyware continues to infect millions of computers globally.

Phishing
Phishers lure users to a phony web site, usually by sending them an authentic appearing
email. Once at the fakesite, users are tricked into divulging a variety of private information,
such as passwords and account numbers.

Cyber Security Issues In India:-

The Current And Present Dangers Of Aadhaar Hacking

15
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

Cyber security is a complicated field to manage and even the most ardent players of cyber
security are aware that absolute cyber security is a myth. So if anybody is claiming that
his/her system, software or project is 100% cybersecure, he/she is simply ignorant of the
ground realities as exist in the cyberspace. Till sometime back, cyber warfare was
considered as a fiction and not reality. But with growing incidences of cyber espionage,
cyber terrorism and even cyber warfare, countries have started taking their critical
infrastructuresseriously. Nevertheless, the task to secure these critical infrastructures is next
to impossible as the bad guys are always many steps ahead of the government and its
agencies. Aadhaar is one such highly sensitive and highly insecure project of India
government that is neither prudent nor secure. It only has a false sense of security that
government is projecting to divert the attention of critics of Aadhaar. But real cyber security
professionals are well aware of the dangers of Aadhaar project that has put the lives and
properties of Indians in great peril.

In reality, Aadhaar has created serious constitutional anomaly and irresolvable cyber
security issues that would always jeopardise rule of law and personal safety and security of
Indians. No matter whatever Indian governmenttells you, stay away from Aadhaar. And if
you have already made an Aadhaar, deseed it from all services and block your biometric as
soon as possible so that it cannot be abused by government and private individuals.

16
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

CHAPTER-5

CONCLUSION:

Community in cyberspace is based on the interaction between people. Cyberspace has an

important social aspectto it that must not be overlooked. Cyberspace can be treated as a
channel touching portion of real space at key points. Ideas are passed through the channel,
and business is transacted through this channel. The cyberspace communities are members
of the global community interacting on a different plane than in real space.

With the huge growth in the number of Internet users all over the world, the security of data
and its proper management plays a vital role for future prosperity and potentiality. It is
concerned with people trying to accessremote service is that they are not authorized to use.

Rules for compulsory wearing of helmet for bikers by government authorities, has no
benefit for them, it is for our own safety and life. Same we should understand our
responsibilities for our own cyberspace and should at least take care of safety for our
personal devices. These steps include installation of antivirus software and keeping it
updated, installing personal firewalls and keeping rules updated. We should monitor and
archive all security logs. We should have backup of important data. Our devices should be
protected by passwords and there should be restricted access to sensitive data on our
devices. And above all, we should aspire for more computer literacy tounderstand the safety
17
 PUNE DISTRICT EDUCATION ASSOCIATION

THE INSTITUTE OF TECHNOLOGY, HADAPSAR, PUNE.

issues related to our cyberspace. At the same time we need to utilize the specialization of
private sector in the field of cyber security and government should promote more PPP
projects for the national cyberspace.

18