Cyber Security UNIT I PDF

Summary

This document covers the fundamentals of cyber security, including different types of cyber security like network security, application security, data security, mobile security, cloud security, and operational security. It also explains the importance of cyber security, discussing goals such as confidentiality, integrity, and availability.

Full Transcript

Introduction:
Cyber security is the most concerned matter as cyber threats and attacks are overgrowing. Attackers are now
using more sophisticated techniques to target the systems. Individuals, small-scale businesses or large
organization, are all being impacted. So, all these firms whether IT or non-IT firms have understood the
importance of Cyber Security and focusing on adopting all possible measures to deal with cyber threats.

What is Cyber Security?
The technique of protecting internet-connected systems such as computers, servers, mobile devices, electronic
systems, networks, and data from malicious attacks is known as Cyber Security.
We can divide cyber security into two parts one is cyber, and the other is security.

Cyber refers to the technology that includes systems, networks, programs, and data.

And security is concerned with the protection of systems, networks, applications, and information.
In some cases, it is also called electronic information security or information technology security.

Why is cyber security important?
One single security breach can lead to exposing the personal information of millions of people. These
breaches have a strong financial impact on the companies and also loss of the trust of customers. Hence,
cyber security is very essential to protect businesses and individuals from spammers and cyber criminals.
Cyber-attacks these days are becoming progressively destructive.
Cybercriminals are using more sophisticated ways to initiate cyber-attacks.

Types of Cyber Security
1. Network Security: It involves implementing the hardware and software to secure a computer network
from unauthorized access, intruders, attacks, disruption, and misuse.

2. Application Security: This protection can be done by constantly updating the apps to ensure they are
secure from attacks. Successful security begins in the design stage, writing source code, validation,
threat modeling,etc., before a program or device is deployed.

3. Data Security: Data security is the process of safeguarding digital information throughout its entire
life cycleto protect it from corruption, theft, or unauthorized access. It covers everything—hardware,
software, storagedevices, and user devices; access and administrative controls; and organizations'
policies and procedures.
4. Mobile Security: It involves securing the organizational and personal data stored on mobile devices
such as cell phones, computers, tablets, and other similar devices against various malicious threats.
These threats areunauthorized access, device loss or theft, malware, etc.

5. Cloud Security: It involves in protecting the information stored in the digital environment or cloud
architectures for the organization. It uses various cloud service providers such as AWS, Azure,
Google, etc., to ensure security against multiple threats.

6. Operational Security: It involves processing and making decisions on handling and securing data
assets.
Cyber security Fundamentals/Goals
The objective of Cyber Security is to protect information from being stolen, compromised or attacked. Cyber
Security can be measured by at least one of three goals-
1. Protect the confidentiality of data.
2. Preserve the integrity of data.
3. Promote the availability of data for authorized users.
Confidentiality: Confidentiality refers to the principle that only those who should have access to information
can access it.

Confidentiality means that only authorized individuals/systems can view sensitive or classified
information.

The attacker may try to capture the data using different tools available on the Internet and gain access
to your information.
A primary way to avoid this is to use encryption techniques to safeguard your data so that even if the
attacker gains access to your data, he/she will not be able to decrypt it.
Encryption standards include AES(Advanced Encryption Standard) and DES (Data Encryption
Standard).
Another way to protect your data is through a VPN tunnel. VPN stands for Virtual Private Network
and helps the data to move securely over the network.
Integrity: Integrity refers to the principle that data should not be able to be edited by unauthorized parties.

The idea here is to make sure that data has not been modified.
To check if our data has been modified or not, we make use of a hash function. We
have two common types: SHA (Secure Hash Algorithm) and MD5(Message Direct 5).
Now MD5 is a 128-bit hash and SHA is a 160-bit hash if we’re using SHA-1. There are also other
SHA methods that we could use like SHA-0, SHA-2, and SHA-3.
Let’s assume Host ‘A’ wants to send data to Host ‘B’ to maintain integrity. A hash function will run
over the data and produce an arbitrary hash value H1 which is then attached to the data. When Host
‘B’ receives the packet, it runs the same hash function over the data which gives a hash value of H2.
Now, if H1 = H2, this means that the data’s integrity has been maintained and the contents were not
modified.
Availability: Availability refers to the principle that data is reliably available.

This means that the network should be readily available to its users.
To ensure availability, the network administrator should maintain hardware, make regular upgrades,
have a plan for fail-over.
Attacks such as DoS or DDoS may render a network unavailable as the resources of the network get
exhausted.
Defining Cyberspace
Cyberspace is a complex and dynamic environment that encompasses the interconnected world of digital
systems, networks and data. It is not a physical space but rather a domain created by the interdependence of
computer systems and the flow of digital information.

1. Digital Network
Cyberspace relies on interconnected computer networks, including the internet. These network
facilitate the transmission of data between devices and systems globally.
2. Information System
Information systems within cyberspace include computer servers, routers and other hardware, as well
as software applications and databases that store, process and transmit data.
3. Data
The information exchanged in cyberspace, ranging from text and images transactions and sensitive
personal data. Protecting the confidentiality and integrity of the data is a fundamental aspect of
cybersecurity.
4. Communication Protocol
Standard and rules that govern the exchange of information between devices on a network. Example
include TCP/IP (Transmission Control Protocol/ Internet Protocol) used on the internet.
5. Virtual Environment
Platforms and spaces that exists within the digital realm, such as virtual reality (VR) and augmented
reality (AR). These environments often involve immersive experiences that simulate physical space
or create entirely new ones.
6. Internet of Things
The network connected devices, vehicles appliances and other physical objects embedded with
sensors, software and network connectivity. IoT expands the scope of cyberspace by integrating the
digital and physical worlds.
7. Digital Identity
The online representation of an individual, organization or device. Protecting digital identities is
crucial to prevent identity theft and unauthorized access.
8. Cloud Computing
The delivery of computing services, including storage, processing power and applications, over the
internet. Cloud computing plays a significant role in the infrastructure of cyberspace.
 9. Cyber Threats
Malicious activities and actions that pose a risk to the security of cyberspace. This includes
cyberattacks, hacking, phishing and other forms of cybercrime.
10. Regulation and Governance
Legal and regulatory frameworks that govern activities in cyberspace. Governments and international
organizations establish rules to ensure security, privacy, and ethical use of digital technologies.
Overview of computer and web technology:
Computer Technology: Computers are electronic devices that process data to produce information.

 Components:
Hardware: Includes physical parts like the CPU (Central Processing Unit), memory (RAM), storage
devices (HDD, SSD), and input/output devices (keyboard, mouse, monitor).
Software: Programs and operating systems that run on hardware, such as Windows, macOS, Linux, and
applications like Microsoft Office, web browsers, and games.

 Types of Computers:
Personal Computers (PCs): Used by individuals for personal tasks.
Servers: Provide services to other computers over a network, such as web servers, database servers, and
file servers.
Mainframes: Large, powerful systems used by organizations for bulk data processing and critical
applications.
Supercomputers: Extremely fast computers used for complex computations, such as climate modeling,
scientific simulations, and cryptography.
 Web Technology: Tools and techniques for communication between devices over the Internet.

 Web Browsers: Software to access web pages (e.g., Chrome, Firefox, Safari).
 Web Servers: Store and serve web pages to clients using protocols like HTTP (Hypertext Transfer
Protocol).
 Web Pages: Documents on the web, created using HTML (Hypertext Markup Language), CSS
(Cascading Style Sheets), and JavaScript.
Web Development:
 Frontend Development: Involves creating the user interface using HTML, CSS, and JavaScript. It
focuses on the visual aspects and user experience.
 Backend Development: Involves server-side programming, database management, and application
logic. It ensures that the server, application, and database communicate properly.
Key Technologies:
 HTML (Hypertext Markup Language): The standard language for creating web pages. It
structures the content on the web.
 CSS (Cascading Style Sheets): Used to style web pages, including layout, colors, and fonts.
 JavaScript: A programming language for creating interactive web elements, such as forms,
animations, and dynamic content.
 AJAX (Asynchronous JavaScript and XML): A technique for creating fast and dynamic web
pages by updating parts of a web page without reloading the whole page.
 Web APIs: Interfaces that allow different software applications to communicate with each other
over the web.
 HTTP/HTTPS: Protocols used for transmitting data over the web. HTTPS is the secure version of
HTTP.
 DNS (Domain Name System): Translates domain names (like www.example.com) into IP
addresses that computers use to identify each other on the network.
 Web Hosting: Services that provide storage space and access for websites on the internet.
Types of Cyber Attacks:
A cyber-attack is an exploitation of computer systems and networks. It uses malicious code to alter computer
code, logic or data and lead to cybercrimes, such as information and identity theft.
Cyber-attacks can be classified into the following categories:
1) Web-based attacks
2) System-based attacks
Web-based attacks:
These are the attacks which occur on a website or web applications. Some of the important web-based attacks
are as follows-
1. Injection attacks: It is the attack in which some data will be injected into a web application to
manipulate the application and fetch the required information. Example- SQL Injection, code Injection,
log Injection, XML Injection etc.
2. DNS Spoofing: DNS Spoofing is a type of computer security hacking. Whereby a data is introduced
into a DNS resolver's cache causing the name server to return an incorrect IP address, diverting traffic
to the attackers computer or any other computer. The DNS spoofing attacks can go on for a long period
of time without being detected and can cause serious security issues.
3. Session Hijacking: It is a security attack on a user session over a protected network. Web applications
create cookies to store the state and user sessions. By stealing the cookies, an attacker can have access
to all of the user data.
4. Phishing: Phishing is a type of attack which attempts to steal sensitive information like user login
credentials and credit card number. It occurs when an attacker is masquerading as a trustworthy entity
in electronic communication.
5. Brute force: It is a type of attack which uses a trial and error method. This attack generates a large
number of guesses and validates them to obtain actual data like user password and personal
identification number. This attack may be used by criminals to crack encrypted data, or by security,
analysts to test an organization's network security.

System-based attacks
These are the attacks which are intended to compromise a computer or a computer network. Some of the
important system-based attacks are as follows-

1. Virus: It is a type of malicious software program that spread throughout the computer files without the
knowledge of a user. It is a self-replicating malicious computer program that replicates by inserting
copies of itself into other computer programs when executed. It can also execute instructions that cause
harm to the system.
2. Worm: It is a type of malware whose primary function is to replicate itself to spread to uninfected
computers. It works same as the computer virus. Worms often originate from email attachments that
appear to be from trusted senders.
3. Trojan horse: It is a malicious program that occurs unexpected changes to computer setting and unusual
activity, even when the computer should be idle. It misleads the user of its true intent. It appears to be
a normal application but when opened/executed some malicious code will run in the background.
4. Backdoors: It is a method that bypasses the normal authentication process. A developer may create a
backdoor so that an application or operating system can be accessed for troubleshooting or other
purposes.
5. Bots: A bot (short for "robot") is an automated process that interacts with other network services. Some
bots program run automatically, while others only execute commands when they receive specificinput.
Common examples of bots program are the crawler, chatroom bots, and malicious bots.
Communication through web technology:
1. Email: One of the earliest forms of web-based communication, email allows users to send and receive
messages over the internet. It relies on protocols like SMTP (Simple Mail Transfer Protocol) and IMAP
(Internet Message Access Protocol).
2. Instant Messaging (IM): IM services enable real-time text-based communication. Examples include
WhatsApp, Facebook Messenger, and Slack. These platforms use web technology to connect users
globally.
3. Voice over IP (VoIP): VoIP services like Skype and Zoom allow voice and video calls over the internet.
They use protocols such as SIP (Session Initiation Protocol) and WebRTC (Web Real-Time
Communication).
4. Social Media: Platforms like Twitter, Facebook, and Instagram facilitate communication through posts,
comments, and direct messages. They rely on web technologies for user interaction.
LAYERS AND COMPONENTS OF CYBERSPACE ARCHITECTURE
 INTERNET
A global system of interconnected computers, using a standardized Internet Protocol suite for communication
and sharing information is called the Internet.

 ISP: ISP stands for Internet Service Provider. This helps in providing direct access for using the
internet from your office or home, connected through landlines. With the introduction of Wi-fi and
broadband, connecting to the Internet has become wireless.
 World Wide Web: World Wide Web or ‘www’ is a collection of webpages which can easily be
published on the Internet and read by millions of its users. The World Wide Web (often referred to
as the web) is a system of interlinked hypertext documents that are accessed via the internet. Using
a web browser, you can view web pages that may contain text, images, videos, and other multimedia
elements. You can navigate between these pages using hyperlinks.
 IP address: The Internet Protocol address is a numerical identification code assigned for any device
connected to a network. It acts as an identification interface for Internet users.
 Web Browser: A web browser is a software application for accessing the information on the World
Wide Web. The commonly used web browsers include Google Chrome, Internet Explorer, Mozilla
Firefox, etc.
Internet Connection Protocols
Internet Connection Protocols can be divided into three major types:
TCP/IP Network Model – Transmission Control Protocol (TCP) and Internet Protocol (IP) are the most
widely used protocols for connecting networks. It divides any message into a series of packets which are
sent from source to destination.
File Transfer Protocol – Program files, multimedia files, text files, documents, etc. can be transferred
from one device to another, using FTP.
Hypertext Transfer Protocol (HTTP/HTTPS) – Used for transferring a hypertext from one device to two
or more devices. HTML tags are used for creating links and these links may be in the form of text or
images.
Benefits of Cyber Security
The following are the benefits of implementing and maintaining cybersecurity:
Cyberattacks and data breach protection for businesses.
Data and network security are both protected.
Unauthorized user access is avoided.
After a breach, there is a faster recovery time.
End-user and endpoint device protection.
Continuity of operations.
Developers, partners, consumers, stakeholders, and workers have more faith in the company's
reputation and trust.
Cyber Safety Tips
The following are the popular cyber safety tips:
Conduct cybersecurity training and awareness
Update software and operating system
Use anti-virus software
 Perform periodic security reviews
Use strong passwords
Do not open email attachments from unknown senders
Avoid using unsecured Wi-Fi networks in public places
Backup data
CHALLENGES
Technical challenges are:
Operating in the cloud
Skill gap
Privacy Issues
Preservation of electronic evidence
Power for gathering digital evidence
Analyzing a running computer
Privacy protection tips :
Use strong passwords with Capital , Numeric and Special Characters.
Use separate emails and passwords for banking, social and personal accounts
Don’t use social media on public devices and ensure you log out after you use it.
Disable access to Geolocation (GPS) feature for your social media platforms.
Be wary about clicking shorts links from friends in social media
Use two-factor authentication for all Social Profiles.
Keep personal information to a minimum, even on your private social profiles.
Risks & Challenges
Identity Theft: As millions share their personal information to get registered on one or more social
media platforms, this data becomes vulnerable as hackers and identity thieves use this information to
reset passwords, apply for loans, or other malicious objectives.
Cyber Stalking: It refers to harassment over the internet. Cyberstalkers harass victims on social media
by sending unpleasant and lewd messages. They morph photos of victims and circulate them onsocial
media, alleging rumors making the victim’s life unbearable.

Cyber Bullying: It refers to bullying through the digital medium. It can take place on social media,
gaming, and messaging platforms. It is aimed at scaring, shaming, or annoying the targeted victim.