Cyber Security

Lecture # 1

Dr. Shafiq Hussain

Associate Professor

1
 Course Introduction:
• This course provides students an introduction to
common cyber security threats, vulnerabilities, and
risks related to web applications, networks, software
and mobile applications.
• The course provides basic concepts and terminology
used in the information and cyber security fields.
• Moreover, it will also enable students to differentiate
between the various forms of malware and how they
affect computers and networks.

Dr Shafiq 2
 Course Learning Outcomes:
• CLO-1: To be able to identify computer system
threats.

• CLO-2: To be able to identify Malware attacks and

understand the stages of attack and payloads.

• CLO-3: Implement various cryptographic techniques

and simulate attack scenarios.

Dr Shafiq 3
 Course Outline:
• Introduction to Cyber security;
• Networks and the Internet;
• Cyber threat landscape;
• Understanding security; information security
Principles (Confidentiality, Integrity, Availability);
• Information Security Terminology;
• Who are the attackers;
• Advanced Persistent Threat (APT);
• Malware, types of malware; Attacks using malware;
• Malware Attack Lifecycle: Stages of Attack;
Dr Shafiq 4
 Course Outline (Cont..)
• Social engineering attacks;
• Types of payload;
• Industrial Espionage in Cyberspace;
• Basic cryptography;
• Web application attacks;
• Database security;
• Cyber kill chain;
• Privacy and anonymity; Network security;
• Software security;

Dr Shafiq 5
 Course Outline (Cont..)
• Mobile device security;
• Mobile app security;
• Cyber Terrorism and Information Warfare;
• Introduction to Digital Forensics;
• Digital Forensics Categories.

Dr Shafiq 6
 Reference Materials
1. Computer Security Fundamentals by Chuck
Easttom, 4th edition or latest
2. Security+ Guide to Network Security Fundamentals,
by Mark Ciampa, 5th Edition
3. Security in Computing by C.P. Pfleeger, Prentice-
Hall, 4th Edition or Latest

Dr Shafiq 7
 Teaching Methodology
• Lectures, Written Assignments, Practical labs,
Semester Project, Presentations

• Always try to contact me on email:

[email protected]

• Email will be our official way of communication.

Dr Shafiq 8
 Course Assessment
• Mid Term Exam = 30 Marks

• Sessional Marks (Home Assignments, Quizzes,

Project, Presentations) = 20 Marks

• Final Exam = 50 Marks

• Total Marks = 100

Dr Shafiq 9
 Objectives
• Introduction to Cyber Security

10
 What is Cyber Security?

• Cybersecurity is the defense against hostile attacks by

spammers, hackers, and cybercriminals against
internet-connected devices and services.

• Businesses employ this technique to guard against

identity theft, ransomware attacks, phishing scams,
data breaches, and monetary losses.

Dr Shafiq 11
 What is Cyber Security? (Cont..)

• Cyber security is all about the process of protection

against every form of cybercrime, from identity theft
to international digital weapons.

• Cyber security is the practice of protecting systems,

networks, and programs from digital attacks.

• These cyberattacks are usually aimed at accessing,

changing, or destroying sensitive information;
extorting money from users; or interrupting normal
business processes.

Dr Shafiq 12
 Important of Cyber Security
• In today’s digital world, one cannot ignore
cybersecurity.

• One single security breach can lead to exposing the

personal information of millions of people.

• These breaches have a strong financial impact on the

companies and also loss of the trust of customers.

• Hence, cyber security is very essential to protect

businesses and individuals from spammers and cyber
criminals.
Dr Shafiq 13
The Scale of the Cyber Security Threat
• According to Cybercrime Magazine, cybercrime will
cost the world $10.5 trillion annually by 2025!

• Furthermore, global cybercrime costs are predicted

to rise by almost 15 percent yearly over the next four
years.

Dr Shafiq 14
 How Does Cyber Security Work?
• Cyber security encompasses technologies, processes,
and methods to defend computer systems, data, and
networks from attacks.

• Organizations and Individuals uses modern

technologies to protect the systems and data from the
upcoming threats and damage.

• This includes measures such as firewalls, antivirus

software, encryption, strong passwords, and user
authentication.

Dr Shafiq 15
 Types of Cyber Security
Application Security:
• The deployment of various protections in an
organization's software and services against a wide
variety of threats is referred to as application security.

• To reduce the possibility of unwanted access to or

change of application resources, cyber security
professionals need to develop secure code, build
secure application structures, implement strong data
input validation, and more.

Dr Shafiq 16
 Types of Cyber Security (Cont..)
Cloud Security:
• Cloud security is the process of developing safe cloud
infrastructures and applications for businesses using
cloud service providers such as Google, Amazon,
Azure, Rackspace, and so on.

Dr Shafiq 17
 Types of Cyber Security (Cont..)
Mobile Security:
• As more people rely on mobile devices, mobile
security is becoming increasingly important.

• This subdomain guards against several risks,

including malware, viruses, and illegal access to
personal and organizational data kept on mobile
devices such as tablets, phones, and laptops.

• To further increase security, mobile security also uses

education and authentication.

Dr Shafiq 18
 Types of Cyber Security (Cont..)
Network Security:
• Network security refers to the hardware and software
defenses against disruptions, illegal access, and other
misuses of the network and its infrastructure.

• Organizational assets are shielded from several risks

both inside and outside the company by effective
network security.

Dr Shafiq 19
 CIA Triad
• The security of any organization starts with three
principles: Confidentiality, Integrity, Availability.

• This is called as CIA, which has served as the

industry standard for computer security since the time
of first mainframes.

Dr Shafiq 20
CIA Triad (Cont..)

Dr Shafiq 21
 CIA Triad (Cont..)
Confidentiality:
The principles of confidentiality assert that only
authorized parties can access sensitive information and
functions. Example: military secrets.

Dr Shafiq 22
 CIA Triad (Cont..)
Integrity:
The principles of integrity assert that only authorized
people and means can alter, add, or remove sensitive
information and functions. Example: a user entering
incorrect data into the database.

Dr Shafiq 23
 CIA Triad (Cont..)
Availability:
The principles of availability assert that systems,
functions, and data must be available on-demand
according to agreed-upon parameters based on levels of
service.

Dr Shafiq 24
 Questions
Any Question Please?

You can contact me at: [email protected]

Your Query will be answered within one working day.

25
Further Readings

26
Thanks

27