Abstract image of a woman sitting on books and studying on a laptop

Cyber Security Terms

Download as PPTX, PDF
S
Suryaprakash Nehra

This document provides an overview of several cybersecurity topics: - Botnets, which are networks of compromised computers controlled remotely. They are used to launch DDoS attacks, send spam, and other malicious activities. - Watering hole attacks target specific groups by infecting websites they commonly visit. - Spear phishing attacks use targeted emails to steal sensitive information. - DDoS attacks overwhelm servers with traffic from multiple compromised systems. Detection and prevention methods are discussed for each topic.

Engineering
Related topics:
Cyber-Security
1 of 27
Downloaded 48 times
1
2
Most read
3
4
5
6
7
8
9
Most read
10
11
12
13
14
Most read
15
16
17
18
19
20
21
22
23
24
25
26
27
PRESENTATION ON CYBER SECURITY TERMS Suryaprakash Nehra 1130606
OUTLINE Introduction to Cyber Security Botnet Watering Hole attack Spear Phishing attacK Distributed Denial of Service(DDoS) Conclusion
BOTNET  A Botnet is a network of compromised computers under the control of a remote attacker  controller of a botnet is able to direct the activities of these compromised computers  Botnet Terminology  Bot Herder (Bot Master)  Bot  Bot Client  IRC Server  Command and Control Channel (C&C)
INTRODUCTION TO BOTNET(TERMINOLOGY) IRC Channel IRC Server Code Server IRC Channel C&C Traffic Updates Victim Attack Bot Master
BOTNET IN NETWORK SECURITY  Internet users are getting infected by bots  Many times corporate and end users are trapped in botnet attacks  Today 16-25% of the computers connected to the internet are members of a botnet  In this network bots are located in various locations  It will become difficult to track illegal activities  This behavior makes botnet an attractive tool for intruders and increase threat against network security
HOW BOTNET IS USED?? Distributed Denial of Service (DDoS) attacks  Sending Spams  Phishing  Addware  Spyware  Click Fraud
BOTNET DETECTION Two approaches for botnet detection based on  Setting up honeynets  Passive traffic monitoring  Signature based  Anomaly based  DNS based
BOTNET DETECTION:SETTING UP HONEYNETS Windows Honey pot  Honeywall Responsibilities: DNS/IP-address of IRC server and port number (optional) password to connect to IRC-server Nickname of bot Channel to join and (optional) channel-password
BOTNET DETECTION:SETTING UP HONEYNETS Bot 1. Malicious Traffic Sensor 3. Authorize 2. Inform bot’s IP Bot Master
BOTNET DETECTION:TRAFFIC MONITORING Signature based: Detection of known botnets  Anomaly based: Detect botnet using following anomalies  High network latency  High volume of traffic  Traffic on unusual port  Unusual system behaviour  DNS based: Analysis of DNS traffic generated by botnets
BOTNET DETECTION  Determining the source of a botnet-based attack is challenging:  Traditional approach: Every zombie host is an attacker Botnets can exist in a benign state for an arbitrary amount of time before they are used for a specific attack  New trend: P2P networks
PREVENTING BOTNET INFECTIONS Use a Firewall  Use Antivirus (AV) software  Deploy an Intrusion Prevention System (IPS)  Define a Security Policy and  Share Policies with your users systematically
WATERING HOLE ATTACK • Watering Hole is a computer attack strategy identified in 2012 by RSA Security, in which the victim is a particular group (organization, industry, or region). In this attack, the attacker guesses or observes which websites the group often uses and Infects one or more of them with malware. • How does it work ?  Determine Target Group  Identify Vulnerabilities on those Websites  Inject Threat into Website  Sit in the Tall Grass and Wait for Targets to Come to You Why it is effective ??
PREVENT WATERING HOLE ATTACK • Timely Software Update • Vulnerability shielding • Network traffic detection • Correlating well-known APT (Advanced Persistent threat) activities
SPEAR PHISHING ATTACK • Spear phishing is an email that appears to be from an individual or business that you know. But it isn't. It's from the same criminal hackers who want your credit card and bank account numbers, passwords, and the financial information on your PC. Business impact • Theft of sensitive information • Secondary use of compromised machines • Incident response and recovery costs
HOW TO DEFEND AGAINST SPEAR PHISHING ATTACKS • Security awareness training • Boundary defence • Continuous vulnerability assessment and remediation
DDoS Attack • Distributed-Denial-of-Service attack – DDoS is a type of DOS attack where multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack. • DoS vs DDoS – DoS: when a single host attacks – DDos: when multiple hosts attacks simultaneously
How does DDos Attack work? • build a network of computers • discover vulnerable sites or hosts on the network • exploit to gain access to these hosts • install new programs (known as attack tools) on the compromised hosts • hosts that are running these attack tools are known as zombies • many zombies together form what we call an army • building an army is automated and not a difficult process nowadays
How to find Vulnerable Machines? • Random scanning • Hit-list scanning • Topological scanning • Local subnet scanning • Permutation scanning
How to propagate Malicious Code? • Central source propagation This mechanism commonly uses HTTP, FTP, and remote- procedure call (RPC) protocols
• Back-chaining propagation : • copying attack toolkit can be supported by simple port listeners or by full intruder-installed Web servers, both of which use the Trivial File Transfer Protocol (TFTP) • Autonomous propagation
DDos Attack Taxonomy – There are mainly two kinds of DDoS attacks • Typical DDoS attacks, and • Distributed Reflector DoS (DRDoS) attacks – Typical DDoS Attacks:
– DRDoS Attacks: • slave zombies send a stream of packets with the victim's IP address as the source IP address to other uninfected machines (known as reflectors) • the reflectors then connects to the victim and sends greater volume of traffic, because they believe that the victim was the host that asked for it • the attack is mounted by noncompromised machines without being aware of the action
Comparison
A Corporate Structure Analogy
DEFENCE MECHANISMS • SIGNATURE DETECTION • ANOMALY DETECTION • HYBRID SYSTEM
Cyber Security Terms

More Related Content

PDF
CSRF Basics
n|u - The Open Security Community
 
PPTX
Ransomware
Akshita Pillai
 
PDF
Understanding Cyber Attack - Cyber Kill Chain.pdf
slametarrokhim1
 
PDF
Application Security - Your Success Depends on it
WSO2
 
PDF
Addressing the cyber kill chain
Symantec Brasil
 
PDF
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
MITRE - ATT&CKcon
 
PDF
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
Radware
 
PPTX
Cyber Threat Intelligence
Prachi Mishra
 
CSRF Basics
n|u - The Open Security Community
 
Ransomware
Akshita Pillai
 
Understanding Cyber Attack - Cyber Kill Chain.pdf
slametarrokhim1
 
Application Security - Your Success Depends on it
WSO2
 
Addressing the cyber kill chain
Symantec Brasil
 
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
MITRE - ATT&CKcon
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
Radware
 
Cyber Threat Intelligence
Prachi Mishra
 

What's hot (20)

PPTX
Wannacry
AravindVV
 
PPTX
Introduction to cyber security amos
Amos Oyoo
 
PDF
Local File Inclusion to Remote Code Execution
n|u - The Open Security Community
 
PPTX
Network security
fatimasaham
 
PPTX
Cyber kill chain
Ankita Ganguly
 
PPTX
Understanding Application Threat Modelling & Architecture
Priyanka Aash
 
PPTX
Malware & Anti-Malware
Arpit Mittal
 
PPTX
Hacking
Virus
 
PPTX
Cyber security fundamentals
Cloudflare
 
PPTX
Types of Malware (CEH v11)
EC-Council
 
PPTX
Phishing attack seminar presentation
AniketPandit18
 
PPTX
What is Ransomware
jeetendra mandal
 
PPTX
Cybersecurity Awareness Session by Adam
Mohammed Adam
 
PDF
Tools kali
ketban0702
 
PPTX
Cross Site Scripting ( XSS)
Amit Tyagi
 
PPTX
Ransomware Attack.pptx
IkramSabir4
 
PPT
Cyber Security
imtnoida112
 
DOCX
Zero-Day Vulnerability and Heuristic Analysis
Ahmed Banafa
 
PDF
HOW AI CAN HELP IN CYBERSECURITY
Priyanshu Ratnakar
 
PDF
Understanding Cyber Kill Chain and OODA loop
David Sweigert
 
Wannacry
AravindVV
 
Introduction to cyber security amos
Amos Oyoo
 
Local File Inclusion to Remote Code Execution
n|u - The Open Security Community
 
Network security
fatimasaham
 
Cyber kill chain
Ankita Ganguly
 
Understanding Application Threat Modelling & Architecture
Priyanka Aash
 
Malware & Anti-Malware
Arpit Mittal
 
Hacking
Virus
 
Cyber security fundamentals
Cloudflare
 
Types of Malware (CEH v11)
EC-Council
 
Phishing attack seminar presentation
AniketPandit18
 
What is Ransomware
jeetendra mandal
 
Cybersecurity Awareness Session by Adam
Mohammed Adam
 
Tools kali
ketban0702
 
Cross Site Scripting ( XSS)
Amit Tyagi
 
Ransomware Attack.pptx
IkramSabir4
 
Cyber Security
imtnoida112
 
Zero-Day Vulnerability and Heuristic Analysis
Ahmed Banafa
 
HOW AI CAN HELP IN CYBERSECURITY
Priyanshu Ratnakar
 
Understanding Cyber Kill Chain and OODA loop
David Sweigert
 
Ad

Viewers also liked (20)

PPT
presentation on cyber crime and security
Alisha Korpal
 
PPTX
Cyber crime and security ppt
Lipsita Behera
 
PPTX
Cyber Crime and Security Presentation
Preethi Kumaresh
 
PPTX
Cyber security
vishakha bhagwat
 
PDF
Cyber Security_Presentation_KTH
Awais Shibli
 
PPT
Introduction to Cyber Security
Stephen Lahanas
 
PPTX
Cyber security presentation
Bijay Bhandari
 
PPTX
Cyber security
Siblu28
 
PPT
Cyber security and emails presentation
Wan Solo
 
PPTX
Cyber Security Seminar
Jeremy Quadri
 
PDF
Malicious attack detection and prevention in ad hoc network based on real tim...
eSAT Journals
 
PPTX
Presentation on Cyber Security
Anand Kater
 
PPTX
Cyber Security and the Impact on your Business
Lucy Denver
 
PDF
Critical Infrastructure Protection against targeted attacks on cyber-physical...
Enrique Martin
 
PPTX
Global Cyber Security trend & impact of Internet on the society of Bangladesh...
Fakrul Alam
 
PPTX
Ppt
Geetu Khanna
 
PDF
Cyber Security Seminar, MEA 2015, IGN Mantra
IGN MANTRA
 
PDF
CEHv7 Question Collection
Manish Luintel
 
PPTX
Final cyber crime and security
nikunjandy
 
PDF
Potential Impact of Cyber Attacks on Critical Infrastructure
Unisys Corporation
 
presentation on cyber crime and security
Alisha Korpal
 
Cyber crime and security ppt
Lipsita Behera
 
Cyber Crime and Security Presentation
Preethi Kumaresh
 
Cyber security
vishakha bhagwat
 
Cyber Security_Presentation_KTH
Awais Shibli
 
Introduction to Cyber Security
Stephen Lahanas
 
Cyber security presentation
Bijay Bhandari
 
Cyber security
Siblu28
 
Cyber security and emails presentation
Wan Solo
 
Cyber Security Seminar
Jeremy Quadri
 
Malicious attack detection and prevention in ad hoc network based on real tim...
eSAT Journals
 
Presentation on Cyber Security
Anand Kater
 
Cyber Security and the Impact on your Business
Lucy Denver
 
Critical Infrastructure Protection against targeted attacks on cyber-physical...
Enrique Martin
 
Global Cyber Security trend & impact of Internet on the society of Bangladesh...
Fakrul Alam
 
Ppt
Geetu Khanna
 
Cyber Security Seminar, MEA 2015, IGN Mantra
IGN MANTRA
 
CEHv7 Question Collection
Manish Luintel
 
Final cyber crime and security
nikunjandy
 
Potential Impact of Cyber Attacks on Critical Infrastructure
Unisys Corporation
 
Ad

Similar to Cyber Security Terms (20)

PPTX
unit cyber security BOTNETS Documents.pptx
vishal2226it1214
 
PDF
Ddos- distributed denial of service
laxmi chandolia
 
PPTX
Denial of service
garishma bhatia
 
PDF
denialofservice.pdfdos attacck basic details with interactive design
perfetbyedshareen
 
PDF
Botnet Attacks How They Work and How to Defend Against Them.pdf
uzair
 
PPTX
UNIT 5 (2).pptx
janani603976
 
PDF
about botnets
Alain Bindele
 
PDF
A review botnet detection and suppression in clouds
Alexander Decker
 
PPTX
Bots and Botnet
Hicube Infosec
 
PPTX
Botnets
Kavisha Miyan
 
PPT
Botnet
Joshin Gomez
 
PPT
Honeypot Project
Manikyala Rao
 
PDF
IoT Honeypots: State of the Art
Biagio Botticelli
 
PPTX
Botnet
PriyanKa Harjai
 
PDF
Untitled document.pdf
google
 
PPTX
introduction to Botnet
yogendra singh chahar
 
PPTX
Security threats
Qamar Farooq
 
PPTX
Mcs2453 aniq mc101053-assignment1
Aniq Eastrarulkhair
 
PDF
Cybersecurity -Terms.
offensoSEOwork
 
PPTX
Eradicate the Bots in the Belfry - Information Security Summit - Eric Vanderburg
Eric Vanderburg
 
unit cyber security BOTNETS Documents.pptx
vishal2226it1214
 
Ddos- distributed denial of service
laxmi chandolia
 
Denial of service
garishma bhatia
 
denialofservice.pdfdos attacck basic details with interactive design
perfetbyedshareen
 
Botnet Attacks How They Work and How to Defend Against Them.pdf
uzair
 
UNIT 5 (2).pptx
janani603976
 
about botnets
Alain Bindele
 
A review botnet detection and suppression in clouds
Alexander Decker
 
Bots and Botnet
Hicube Infosec
 
Botnets
Kavisha Miyan
 
Botnet
Joshin Gomez
 
Honeypot Project
Manikyala Rao
 
IoT Honeypots: State of the Art
Biagio Botticelli
 
Botnet
PriyanKa Harjai
 
Untitled document.pdf
google
 
introduction to Botnet
yogendra singh chahar
 
Security threats
Qamar Farooq
 
Mcs2453 aniq mc101053-assignment1
Aniq Eastrarulkhair
 
Cybersecurity -Terms.
offensoSEOwork
 
Eradicate the Bots in the Belfry - Information Security Summit - Eric Vanderburg
Eric Vanderburg
 

Recently uploaded (20)

PDF
Improvement effect of pyrolyzed agro-food biochar on the properties of.pdf
LasFernandaJuchem
 
PPTX
Amdahl’s law is explained in the above power point presentations
sangeetha952248
 
PDF
UNIT no 1 INTRODUCTION TO DBMS NOTES.pdf
pawarbhaktiit
 
PDF
Human-AI Collaboration: Balancing Agentic AI and Autonomy in Hybrid Systems
ijccsa
 
PPTX
Fundamentals of safety and accident prevention -final (1).pptx
Palani kumar
 
PPTX
"Array and Linked List in Data Structures with Types, Operations, Implementat...
usham61
 
PDF
distributed database system" (DDBS) is often used to refer to both the distri...
Hemlathadhevi Annadhurai
 
PDF
Visual Aids for Exploratory Data Analysis.pdf
Ashutosh Satapathy
 
PDF
Exploratory_Data_Analysis_Fundamentals.pdf
Ashutosh Satapathy
 
PPTX
AUTOMOTIVE ENGINE MANAGEMENT (MECHATRONICS).pptx
joanaabban6
 
PDF
null (2) bgfbg bfgb bfgb fbfg bfbgf b.pdf
Ramez Hosny
 
PDF
Soil Improvement Techniques Note - Rabbi
rahmatideal000
 
PDF
III.4.1.2_The_Space_Environment.p pdffdf
sittiporn2
 
PDF
Artificial Superintelligence (ASI) Alliance Vision Paper.pdf
SonaliPatil325517
 
PDF
22EC502-MICROCONTROLLER AND INTERFACING-8051 MICROCONTROLLER.pdf
RajalakshmiSermadura
 
PPTX
Fundamentals of Mechanical Engineering.pptx
MdMowdudAhmed
 
PDF
ChapteR012372321DFGDSFGDFGDFSGDFGDFGDFGSDFGDFGFD
NotaProGamer
 
PPTX
Graph Data Structures with Types, Traversals, Connectivity, and Real-Life App...
usham61
 
PPTX
Management Information system : MIS-e-Business Systems.pptx
ShankarGowda22
 
PDF
A SYSTEMATIC REVIEW OF APPLICATIONS IN FRAUD DETECTION
IJNSA Journal
 
Improvement effect of pyrolyzed agro-food biochar on the properties of.pdf
LasFernandaJuchem
 
Amdahl’s law is explained in the above power point presentations
sangeetha952248
 
UNIT no 1 INTRODUCTION TO DBMS NOTES.pdf
pawarbhaktiit
 
Human-AI Collaboration: Balancing Agentic AI and Autonomy in Hybrid Systems
ijccsa
 
Fundamentals of safety and accident prevention -final (1).pptx
Palani kumar
 
"Array and Linked List in Data Structures with Types, Operations, Implementat...
usham61
 
distributed database system" (DDBS) is often used to refer to both the distri...
Hemlathadhevi Annadhurai
 
Visual Aids for Exploratory Data Analysis.pdf
Ashutosh Satapathy
 
Exploratory_Data_Analysis_Fundamentals.pdf
Ashutosh Satapathy
 
AUTOMOTIVE ENGINE MANAGEMENT (MECHATRONICS).pptx
joanaabban6
 
null (2) bgfbg bfgb bfgb fbfg bfbgf b.pdf
Ramez Hosny
 
Soil Improvement Techniques Note - Rabbi
rahmatideal000
 
III.4.1.2_The_Space_Environment.p pdffdf
sittiporn2
 
Artificial Superintelligence (ASI) Alliance Vision Paper.pdf
SonaliPatil325517
 
22EC502-MICROCONTROLLER AND INTERFACING-8051 MICROCONTROLLER.pdf
RajalakshmiSermadura
 
Fundamentals of Mechanical Engineering.pptx
MdMowdudAhmed
 
ChapteR012372321DFGDSFGDFGDFSGDFGDFGDFGSDFGDFGFD
NotaProGamer
 
Graph Data Structures with Types, Traversals, Connectivity, and Real-Life App...
usham61
 
Management Information system : MIS-e-Business Systems.pptx
ShankarGowda22
 
A SYSTEMATIC REVIEW OF APPLICATIONS IN FRAUD DETECTION
IJNSA Journal
 

Cyber Security Terms

  • 2. OUTLINE Introduction to Cyber Security Botnet Watering Hole attack Spear Phishing attacK Distributed Denial of Service(DDoS) Conclusion
  • 3. BOTNET  A Botnet is a network of compromised computers under the control of a remote attacker  controller of a botnet is able to direct the activities of these compromised computers  Botnet Terminology  Bot Herder (Bot Master)  Bot  Bot Client  IRC Server  Command and Control Channel (C&C)
  • 4. INTRODUCTION TO BOTNET(TERMINOLOGY) IRC Channel IRC Server Code Server IRC Channel C&C Traffic Updates Victim Attack Bot Master
  • 5. BOTNET IN NETWORK SECURITY  Internet users are getting infected by bots  Many times corporate and end users are trapped in botnet attacks  Today 16-25% of the computers connected to the internet are members of a botnet  In this network bots are located in various locations  It will become difficult to track illegal activities  This behavior makes botnet an attractive tool for intruders and increase threat against network security
  • 6. HOW BOTNET IS USED?? Distributed Denial of Service (DDoS) attacks  Sending Spams  Phishing  Addware  Spyware  Click Fraud
  • 7. BOTNET DETECTION Two approaches for botnet detection based on  Setting up honeynets  Passive traffic monitoring  Signature based  Anomaly based  DNS based
  • 8. BOTNET DETECTION:SETTING UP HONEYNETS Windows Honey pot  Honeywall Responsibilities: DNS/IP-address of IRC server and port number (optional) password to connect to IRC-server Nickname of bot Channel to join and (optional) channel-password
  • 9. BOTNET DETECTION:SETTING UP HONEYNETS Bot 1. Malicious Traffic Sensor 3. Authorize 2. Inform bot’s IP Bot Master
  • 10. BOTNET DETECTION:TRAFFIC MONITORING Signature based: Detection of known botnets  Anomaly based: Detect botnet using following anomalies  High network latency  High volume of traffic  Traffic on unusual port  Unusual system behaviour  DNS based: Analysis of DNS traffic generated by botnets
  • 11. BOTNET DETECTION  Determining the source of a botnet-based attack is challenging:  Traditional approach: Every zombie host is an attacker Botnets can exist in a benign state for an arbitrary amount of time before they are used for a specific attack  New trend: P2P networks
  • 12. PREVENTING BOTNET INFECTIONS Use a Firewall  Use Antivirus (AV) software  Deploy an Intrusion Prevention System (IPS)  Define a Security Policy and  Share Policies with your users systematically
  • 13. WATERING HOLE ATTACK • Watering Hole is a computer attack strategy identified in 2012 by RSA Security, in which the victim is a particular group (organization, industry, or region). In this attack, the attacker guesses or observes which websites the group often uses and Infects one or more of them with malware. • How does it work ?  Determine Target Group  Identify Vulnerabilities on those Websites  Inject Threat into Website  Sit in the Tall Grass and Wait for Targets to Come to You Why it is effective ??
  • 14. PREVENT WATERING HOLE ATTACK • Timely Software Update • Vulnerability shielding • Network traffic detection • Correlating well-known APT (Advanced Persistent threat) activities
  • 15. SPEAR PHISHING ATTACK • Spear phishing is an email that appears to be from an individual or business that you know. But it isn't. It's from the same criminal hackers who want your credit card and bank account numbers, passwords, and the financial information on your PC. Business impact • Theft of sensitive information • Secondary use of compromised machines • Incident response and recovery costs
  • 16. HOW TO DEFEND AGAINST SPEAR PHISHING ATTACKS • Security awareness training • Boundary defence • Continuous vulnerability assessment and remediation
  • 17. DDoS Attack • Distributed-Denial-of-Service attack – DDoS is a type of DOS attack where multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack. • DoS vs DDoS – DoS: when a single host attacks – DDos: when multiple hosts attacks simultaneously
  • 18. How does DDos Attack work? • build a network of computers • discover vulnerable sites or hosts on the network • exploit to gain access to these hosts • install new programs (known as attack tools) on the compromised hosts • hosts that are running these attack tools are known as zombies • many zombies together form what we call an army • building an army is automated and not a difficult process nowadays
  • 19. How to find Vulnerable Machines? • Random scanning • Hit-list scanning • Topological scanning • Local subnet scanning • Permutation scanning
  • 20. How to propagate Malicious Code? • Central source propagation This mechanism commonly uses HTTP, FTP, and remote- procedure call (RPC) protocols
  • 21. • Back-chaining propagation : • copying attack toolkit can be supported by simple port listeners or by full intruder-installed Web servers, both of which use the Trivial File Transfer Protocol (TFTP) • Autonomous propagation
  • 22. DDos Attack Taxonomy – There are mainly two kinds of DDoS attacks • Typical DDoS attacks, and • Distributed Reflector DoS (DRDoS) attacks – Typical DDoS Attacks:
  • 23. – DRDoS Attacks: • slave zombies send a stream of packets with the victim's IP address as the source IP address to other uninfected machines (known as reflectors) • the reflectors then connects to the victim and sends greater volume of traffic, because they believe that the victim was the host that asked for it • the attack is mounted by noncompromised machines without being aware of the action
  • 26. DEFENCE MECHANISMS • SIGNATURE DETECTION • ANOMALY DETECTION • HYBRID SYSTEM