See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/353174736

Cyber security

Presentation · July 2021

DOI: 10.13140/RG.2.2.33635.89126

CITATIONS READS

0 1,399

1 author:

Gurudutta Japee
Gujarat University
186 PUBLICATIONS 214 CITATIONS

SEE PROFILE

All content following this page was uploaded by Gurudutta Japee on 12 July 2021.

The user has requested enhancement of the downloaded file.

Cyber security
Dr Japee
9 th J u l y 2 0 2 1
 What is cyber security

Why Cyber Security

Types of Cyber Crime

Types of Hackers

History of Cyber Crime

OVERVIEW How Cyber Security Works

Domains in Cyber Security

Online Safety Tips

Practical Cases

Q&A
 The purpose of this webinar is not to encourage illegal activities. It is just
DISCLAIMER to aware students and staff about cyber crime and cyber security.
Remember if you use this information for illegal course than that is not our
responsibility. The webinar is strictly for educational purpose only ?
Cyber + Security WHAT IS CYBER SECURITY
 Cyber means your online presence on internet( we have
presence on FB, Twitter, WhatsApp, Gmail, email,
YouTube, Pinterest, Instagram etc) and security is about
securing your code.
Cyber Security helps to protect not only individual but
businesses, inspire customer confidence, stops your website
from crashing, protection of data of customers and clients
 “Cyber Security is the technology and
process that is designed to protect networks
and devices from attack, damage, or
unauthorized access.”
- Definition
 ELEMENTS OF SECURITY

Physical Elements System Elements Process Elements

Security Guard Anti Virus Authorized User
CCTV Camera
Malicious Software Access Control
R Zone
detection Solution Log entry
Downloading
Disable Security Ports
Access Rights
Tangible or Physical form of security we are quite aware from-
It includes security guards, CCTV camera, putting areas under Restricted Zone, Restriction
on employee for downloading from few websites, it is quite common now a days that few
employees they put large no of movie files and videos to download for which they use workplace
Wi-Fi, in such case restriction on downloading is the only option to save your system. Access
Rights – person who retires or removed should not be given access rights.

System Elements are- first it can be secured by installing anti virus in your devise, Malicious
software detection solution can also be installed, disable your USB ports- as we are aware
more than 90% pen drive contains virus, if it is disable it can't run in your devise same
thing, we can do it for CD drive.
Process elements includes Authorized User and Log entry
for any access of process or electronic devise employee or any
staff must be authorized. Un authorized person or outsider
cannot access the process or system.
Log entry is like logbook. It should be made mandatory for
every user to make entry first before working on
project/software/system/process etc
WHY CYBER SECURITY

Confidentiality

Availability Integrity
 WHAT IS CIA

♦ Confidentiality : Only data is accessed by authorized parties,

data is not compromised by any other person
♦ Integrity: Data should not be modified by anybody who is non
authorized user, modification can be done at bit, byte or data
level.
♦ Availability: System functions and data must be available on
demand according to agreed parameters to authorized users.
Types of Web
➢ Surface Web

➢ Deep Web

➢ Dark Web

➢ Marina Web

❖ The Mariana’s web appears to get its name from the

deepest part of the ocean, Mariana’s Trench

❖ It’s supposedly the deepest part of the web, a

forbidden place of mysterious evil or at least that's
the myths a subset of online believers has cultivated.

❖ Also known as Zion, domain use .clos domain and

.loky domains
About Us
❖ Information on how to access this part of the web is
very difficult to find, so a lot of people either don’t
Lorem ipsum dolor sit amet, consectetuer
believe it or believe in the wrong information about
adipiscing elit. Maecenas porttitor congue
it.
NAME OR LOGO 12
HACKER
H- Hide IP

A- Aim Victim

C- Crack Encrypt

K- Kill Firewall

E- Enter into Database

R- Return Anonymous
 Other Types of
Hackers
SAMPLE FOOTER TEXT

✓ Suicide Hacker

09072021
✓ Script Kiddie
✓ Cyber Terrorist
✓ State Sponsored
Hacker
✓ Hacktivist

15
 OTHER T YPES OF HACKERS
SAMPLE FOOTER TEXT

Suicide Hacker Script Kiddie Cyber Terrorist

2/1/20XX
• Individuals who aim to bring • An unskilled hacker who • Individuals with wide range of
down critical infrastructure for a compromises system by skills motivated by religious or
cause and are not worried about
facing jail or any other
running scripts, tools and political beliefs to create fear
punishment by law are known as software developed by real by large scale disruption of
suicide hacker. hackers. computer networks.
• Difference between black hacker • They are not so intelligent
and suicide hacker is that black they only follow instructions
hacker will always hide their given by hacker
identity and not accept any
crime done by them.

16
 OTHER T YPES OF HACKERS
SAMPLE FOOTER TEXT

State Sponsored Hacker Hacktivist

2/1/20XX
• Individuals employed by the government to • Individual who promote a political agenda by
penetrate and gain top secret information and hacking especially defacing or disabling
to damage information system of other websites
government.
• They work on political agenda

17
 Cyber Crimes
Most of the cyber crimes are carried out in order to
generate money for the cyber criminals
CYBER SECURITY

Cyber crimes are carried out against computers or

09072021
devises directly to damage or disable them, spread
malware and steel secret information
Computer as a target crimes Criminal activities
focused on systems, servers, networks and data stored
in the system.

18
 HISTORY OF CYBER CRIME

Cyber criminals launched 758 million malicious attacks

Pentagon & IBM data were attacks against eBay, yahoo, occurred according to
hacked CNN, amazon, and others Kaspersky

1980 1990 Major milestone 2013 2016 Major milestone

In India cyber crime growth is

National crackdown on Adobe 2.9 million accounts increasing very fast. In 2010 9554
criminals, Microsoft NT stolen cases were reported while more
operating system than 45,00,000 lakhs cases
pierced(hacking started reported till July 2021.
becoming more common)
FAMOUS NAMES IN CYBER CRIME

The Melissa virus was a

,
Robert Tappan Morris is an On June 1, Adam Botbyl is
American computer scientist and 1990, Kevin mass-mailing macro virus an American computer ha
entrepreneur. He is best known for Poulsen hacked released by David L Smith cker from Michigan. He
creating the Morris worm in 1988, all of the March 26, 1999. As it gained unauthorized access
considered the first computer worm on telephone lines for was not a standalone to the Lowes corporate
the Internet. Morris was prosecuted Los Angeles program, it was not computer network via an
for releasing the worm, and became radio station classified as a worm. It
the first person convicted under the open, unsecured wireless
KIIS-FM, targeted Microsoft Word access point and steal all
then-new Computer Fraud and and Outlook-based systems,
Abuse Act credit card information.
and created considerable
network traffic
➢ Email Hacking

➢ Fake Profile on Social Media

➢ Data Theft

➢ Phishing

➢ Credit Card Fraud

➢ Software piracy

➢ Copyright infringement, trademark violations

➢ Threatening or defamatory emails (

Demanding ransom or damaging reputation
of the target)

➢ Pornography
Types of Cyber Crime
➢ Homography attack
Cyber crime is any criminal activity that involves a
➢ Identity theft ( using someone’s identity for
computer network or devise. Most of them are carried
transections )
out in order to generate money for the cyber criminals.
India stands at 19th Position in cyber crime. NAME OR LOGO 21
 Link
https://haveibeenpwned.com/
Pwned https://haveibeenpwned.com/Passwords
Troy Hunt https://haveibeenpwned.com/PwnedWebsites
Regional Director of Microsoft

If a company you have an account

with has suffered a data breach it's
possible your email may have been
pwned, which means your email and
password for that site's account has
been exposed to cybercriminals.
haveibeenpwned.com is a website
that checks if an account has been
compromised.
What to do
What to do
✓ Never read unknown message.
✓ Never respond to unknown message
✓ When text message is APK bine than it extract and install your
information which in turn you compromise with your security.
✓ Doubly secured your mail and Phone
✓ Never share OTP with anyone
✓ Don’t click on any website
 There are two ways to hack mobile phone.
1. Manual Installation
2. SMS Installation

With your permission application can be installed

manually and than they can access your entire
phone

Installation by sending SMS , Generally APK file is

installed through which hackers can see your

Mobile entire phone

Hacking WhatsApp Double Security

https://howsecureismypassword.net/
Kuch Kuch Hota hein – Password
Passive Vs Active Attackers
 Difference
• P Read the message send by X to Y they observe and not
modify
• A they are opposite to Passive attackers they add error bits
and try to corrupt your data, document , system
• P purpose is spying while A purpose is crime
• P is threat to confidentiality A is threat to all
• P does not affect the system A affect the system
• Active attacks done by Moderate Masquerade, Relay and
Denial of Service.
• First one is about sending X data to Y by Z
• Second one is adding error bits in the original message so
that corrupted information can be shared
• Third one is about sending packets/messages in bulk so
that internet/cloud or server of original sender is
congested .

• Remember
• Plain text /original text which is in understable, readable
format is send by Mr X to Mr Y if it is not encrypted than
there are chances of active attacks by intruder who can
capture the control of your data and system.
• Encryption is nothing but converting plain text in cipher text
which cannot be easily control or identify by the hackers or
attackers.
 ♦ Malware Attack ♦ Password Attack
MOST COMMON ATTACK ♦ Phishing ♦ Man in the middle
IN CYBER SECURITY ♦ Birthday Attack ♦ Cross Site Scripting Attack
Homographic Attack

What is Homographic attack https://www.irongeek.com/homoglyph-attack-

generator.php

▪ Never Click on links without verifying or checking the

original URL or website.

Dr Japee
Homographic Attack

Character looks similar but they are not similar do this in excel =(=)

▪ It is a kind of spoofing attack. It is also known as script ▪ First type name

spoofing. It is the technique of assigning and replacing
similar looking character for malicious usage mostly for ▪ Second choose homoglyphs to use
security attacks.
▪ 3rd output will be something like this
▪ Remember
▪ Submit so php can generate the puny code/DNA
▪ Don’t click on anywhere we may be directed to fake
website. It is advisable to click manually and visit the
website rather than clicking on such link.

29 Annual Review July 12, 2021

A cyber security expert is an individual employed by an organization to protect their
data, they do this with the help of techniques like Finding weakness, Monitoring WHO IS CYBER SECURITY
system, network breach. After finding weakness they repair and than strengthen the EXPERT
areas where an attack may have occurred.
Domains in Cyber Security

✓ Asset Security

✓ Security architecture & engineering

✓ Communication & Network Security

✓ Identity and access management

✓ Security Operations

✓ Software development security

✓ Security assessment & Testing

✓ Security & Risk Management

 Prioritize Authorize Educate
Make sure to educate
Secure Password 2 Way Authentication
your family members
Anti Virus Security DNS ( Domain for safe usage of
Name System) social medias and
Regular Updates internet.
Encryption
Installing Firewall in a Do not share your

Solution
system computer or mobile
with any strangers

Prioritize, Authorize & Educate

NAME OR LOGO 32
Q&A
 BIBLIOGRAPHY

♦ https://www.educative.io/blog/what-is-ethical-hacking-penetration-testing
♦ https://www.geeksforgeeks.org/types-of-hackers/
♦ My Aim- To Make Engineering Students Life EASY.
♦ https://supravirtual.ro/en/blog/319-difference-surface-web-deep-dark.html
♦ https://steemit.com/deepweb/@badsha/what-is-mariana-s-web-learn-about-this-most-
mysterious-and-dark-place-on-the-internet
♦ Amit Malhotra- Cyber Security expert
♦ Shridhar Mankar - Engineer
♦ https://www.simplilearn.com/learn-cyb...
♦ Japee, G. Human Trafficking is a Violence of Human Rights. PROCEEDING BOOK,
28.

View publication stats