Cyber Security (CS)

GTU # 3150714

Unit-5
Attacks and Techniques
used in Cyber Crime

Prof. Kalpesh H Surati

Computer Engineering Department
Darshan Institute of Engineering & Technology, Rajkot
[email protected]
9925010033
Keyloggers
 Keylogger is a piece of code that logs keystrokes.
 Keylogger captures the keystrokes typed on your
keyboard and saves these keystrokes in a file,
including the details like the usernames and
passwords you entered, credit card details,
websites you have visited, the applications you
opened, and so on.
 The file may stores locally or periodically send it
over the network to the owner of the program.
 keylogger is quicker and easier way of capturing
and monitoring victims’ keyboard activities.

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 2
Types of Keyloggers
 It can be classified as software keyloggers and
hardware keyloggers.
 Software keyloggers are programs installed in the
computer which usually are located between the OS
and the keyboard. Or it may at the kernel level so
receives data directly from the input device
 The software keyloggers are installed on computer
system by Trojan or Viruses without the knowledge
of the user.
 Hardware keyloggers are small hardware devices
connected to the PC or keyboard.
 It save every keystork into a file or in the memory of
the hardware device.
 To install hardware keylogger, physical access to the
computer is required.
#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber
Prof. Kalpesh H Surati 3
Countermeasure of Keyloggers
 Antikeylogger is a tool that can detect the keylogger installed on the computer and remove it.
 Never login to your bank account or do some very important work from cyber cafe or someone
else computer.
 Use on-screen or virtual keyboard while typing the login credential.
 Use latest anti-virus software and keep them updated.
 AntiViruses do not provide 100% security from keyloggers. An antivirus works on the basis of
known signatures, and so if the new keylogger signature is unknown, the antivirus will not
report it.

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 4
Spyware
 Spyware is a type of malware that is installed on
computers which collects information about the
victim without their knowledge or permission
 It is installed on infected computer and silently
sends the collected information to the hackers’
computer
 it may seems relatively harmless but it may
disturbing your privacy
 Spyware such as keyloggers are installed by the
owner of a shared, corporate or public computer
on purpose to secretly monitor other users
 It may slow down the victim’s computer
performance
 Anti-spyware gives protection against it

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 5
Computer Viruses and Worms
 Computer Virus and Worms both are malicious software program that is designed to interfere
computer operation or it may damage victim’s hardware, software, data or annoyance them.
 Virus needs host program to spread. It can  Worm is Self-replicating in nature.
start on event-driven or time-driven effects  It can spread through network with or
or random on both. without user intervention.
 It is attached to an executable file, which  The biggest danger with a worm is its
means the virus may exist on your computer capability to replicate itself on your
but it actually cannot infect your computer system, so rather than computer
unless you run or open the malicious sending out a single worm, it sends out
program. thousands of copies, creating a huge
 Stealth virus, self-modified virus, devastating effect.
polymorphic and metamorphic virus,  E-mail worms, instant messaging
encryption with variable key virus. worm, file-sharing network worm are
types of worms.

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 6
Trojan Horse
 Trojan horse is a harmful code embedded inside a
seemingly harmless program.
 The term Trojan Horse comes from the Greek mythology
about the Trojan War.
 Unlike viruses and worms, Trojans do not replicate
themselves but they can be equally destructive.
 The Trojan horse can create backdoor.
 Trojan is designed to spy on the victims computer, access
files or to extract sensitive data.
 It allows remote access to victim’s computer, doing
malicious activities without the owner of the computer.

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 7
Backdoor
 A backdoor, is a secret entry point into a program or operating
system that allows someone that is aware of the backdoor to gain
access without going through the usual security access procedures.
 During the development of operating system or application,
programmers add backdoors for maintenance hooks and
troubleshooting. Backdoors allow them to examine operations
inside the code while the code is running.
 Backdoor works in background and hides from the user.
 The backdoors are stripped out of the code when it’s moved to
production.
 When a software manufacturer discovers a hook that hasn’t been
removed, it releases a maintenance upgrade or patch to close the
backdoor.

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 8
Steganography
 Steganography is the art and science
of writing hidden messages in such a
way that no one can get or knows the
existence of the message except the
intended user.
 Steganography is a method that
attempts to hide the existence of
message or communication.

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 9
DoS (Denial-of-Service) Attacks

 A DoS attack is an attempt to make computer

resources unavailable and deny to give service to
its legitimate users.
 In this attack, the attacker floods the bandwidth of
the victims’ network by sending constant multiple
request to the victims’ server and make it busy for
giving response of the multiple request.
 It is the actual reason for preventing access to a
service to the genuine users.
 DoS attacks often last for days, weeks and even
months at a time, making them extremely
destructive to any online organization.
 They can cause loss of revenues, consumer trust,
force businesses to suffer long-term reputation
damage.

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 10
DDoS (Distributed Denial-of-Service) Attacks
 A DDoS attack means Distributed DoS attack, DoS
attacks from multiple computer for the same
victim is Distributed DoS attack.
 A large numbers of zombie systems are
synchronized to attack a particular system. The
zombies are infected by the attackers and it is also
victims in the DDoS attack.
 The zombie systems are called “Secondary
Victims” and the main target is called “Primary
Victim”.
 Malware carries the DDoS attack mechanisms.
 Botnet is the popular medium to lunch DDoS
attack.

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 11
SQL Injection
 SQL injection is a code injection
technique that exploits a security
vulnerability occurring in the database
layer of an application.
 Using escape character along with single
quote (\’) embedded in SQL statement .
 User input is not strongly typed and
thereby unexpectedly executed.
 The main objective is to obtain
information of the victims while
accessing database.
 Malicious code is inserted into a web
form field in the SQL injection

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 12
Buffer Overflow
Buffers are memory storage regions that temporarily hold
data while it is being transferred from one location to another.
A buffer overflow (or buffer overrun) occurs when the volume
of data exceeds the storage capacity of the memory buffer.
As a result, the program attempting to write the data to the
buffer overwrites adjacent memory locations.
For example:
Buffers are created to contain a limited amount of data. int main()
If data is more than the buffer limit, it can overflow into the {
int buffer[10];
nearby buffer and overwrite the valid data stored in it. buffer[20] = 12;
Buffer overflow is an increasingly common type of security }
attack on data integrity/reliability

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 13
Attack on wireless Networks
 Standard wireless communication occurs when the end user and the wireless access point are
able to communication on a point-to-point basis without interruptions.
 There are many attack variations in existence against wireless networks that breaks the
standard communication format.
 These attacks includes
 Denial of Service (DoS) attacks
 Man-in-the-middle attacks
 War driving
 Encryption cracking
 Spoofing
 Sniffing

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 14
Attack on wireless Networks
 Denial of Service (DoS) attacks
 The objective of a Denial of Service (DoS) attack is to prevent authorized users access to legitimate network resources by denying them service.
 A DoS occurs when the malicious attacker sends an abundant of garbage data to the wireless access point choking all other communications to
legitimate users.
 Man-in-the-middle attacks
 A man-in-the-middle attack consists of a malicious user (hacker) inserting themselves into the data path between the client
and the AP (Access Point).
 In such a position, the malicious attacker can delete, add, or modify data.
 The man-in-the middle attack also enables the malicious attacker access to sensitive information about legitimate users such as
username and passwords, credit card numbers and social security.
 Wardriving
 Wardriving is the act of searching for Wi-Fi wireless networks, usually from a moving
vehicle, using a laptop or smartphone.
 Wardriving is the mapping of wireless access points (WAP) by driving or walking
through populated areas carrying wireless equipment such as a laptop or a PDA to
detect active wireless access points.
 Once the malicious attacker located vulnerable wireless access points, they are
able to mount attacks to other locations under the cover the compromised network.

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 15
Steps to Protect Your Wireless Network
 Put up a firewall
 A good rule of thumb is to protect your wireless network with a firewall to keep intruders from sniffing
your data.
 While these components often come included within wireless routers, they work best in the form of
standalone applications or as a feature of anti-virus software.
 Be careful where you roam
 In all honesty, there is no need to trade stock from the Wi-Fi hotspot provided by the local library. Wait until
you return to a trusted network to conduct such sensitivity activity.
 Disable your wireless connection.
 Limit online communications to SSL protected sites
 SSL (Secure Sockets Layer) is the protocol that ensures the privacy of the conversation between you and
another party. If you must pay for airline tickets or trade stock from the local café, be sure to look for
"HTTPS" in the URL rather than "HTTP".

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 16
Steps to Protect Your Wireless Network
 Watch out for the Evil Twin
 Malicious individuals often create Wi-Fi hotspots beside legitimate access points. When sitting down to make a
connection, you may unknowingly select the evil twin from the list of available access points, giving the malicious
individual access to anything you transmit.
 Encryption
 No matter how hard you try, a hacker will eventually try to latch onto your wireless signal. You can apply additional
security by implementing encryption protocols to transform your sensitive data into characters that are only
readable by intended receivers.
 Trust no one
 Always keep your back against the wall and remain suspicious against all that come encounter with your network.
The enemy could be looking right over your shoulder seeking usernames and passwords as your fingers tap the
keyboard.
 Although no wireless solution is 100% effective, taking a few preventive steps will make an
intruder's task of breaking into your network much more difficult.

#3150714 (CS)  Unit 5 – Attacks and Techniques used in Cyber

Prof. Kalpesh H Surati 17