SlideShare une entreprise Scribd logo

Cyber attacks

A
Anuradha Moti T

Slides on Cyber Security:Overview of cyber attacks how attacks occurs and how to prevent helps IIIrd year students to learn about cyber security

Ingénierie
1  sur  51
Télécharger pour lire hors ligne
Overview of Cyber Attacks Dr. Anuradha T Department of Computer Science and Engineering PDA College of Engineering, Kalaburagi17-Mar-19 1
Topics to Covered • What is a Cyber Attack • How does the Cyber Attacks Look Like • Cyber Attack Classified • Types of Cyber Attacks • How to Prevent Cyber Attacks • Security Attacks • Classification of Security Attacks • Network Management Tools • Research Areas 17-Mar-19 2
What is Cyber Attack? • Cyber is a prefix used in a growing number of technology and IT terms to describe new things that are being made possible by the spread of computers. • Cyber Attack is an attempt by hackers to damage or destroy a computer network or system. 17-Mar-19 3
How does the Cyber Attacks Look Like • It appears to come from your bank or credit card company. It seems urgent and includes a link to click. However, if you look closely at the email, you can find clues that it might not be real. • Another way is when you download a file that contains a malicious piece of code, usually a worm or Trojan horse. • This can happen by downloading e-mail files, but it can also happen when you download apps, videos, and music files online. • As soon as you open the file, your computer is infected and the virus, worm, or Trojan horse begins to spread. 17-Mar-19 4
Cyber Attacks Classified • Syntactic attacks • Semantic attacks • Syntactic attacks are different types of malicious software that attack your computer through various channels. • The most frequent types of software used in syntactic attacks include: Viruses • A virus is a piece of software that can attach itself to another file to reproduce. This type of software is often found in file downloads and email attachments, the virus is activated, it replicates, and sends itself to everyone in your contacts file. 17-Mar-19 5
• Worms: don't need another file to replicate and spread. These little bits of software are also more sophisticated and can collect and send data to a specified location using information about the network when it's on. • A worm infects a computer when it's delivered via another piece of software on a network. • A trojan horse could be an email that looks like it comes from a trusted company, when in fact, it's been sent by criminals or bad actors. • 17-Mar-19 6
Semantic Cyber Attacks • Semantic attacks are more about changing the perception or behavior of the person or organization that's being attacked. • There is less focus placed on the software involved. • Semantic Cyber attacks, also known as social engineering, manipulate human users’ perceptions and interpretations of computer-generated data in order to obtain valuable information (such as passwords, financial details, and classified government information) from the users through fraudulent means. Social-engineering techniques include phishing—in which attackers send seemingly… 17-Mar-19 7
Social Engineering • Social engineering, manipulate human users’ perceptions and interpretations of computer-generated data in order to obtain valuable information (such as passwords, financial details, and classified government information) from the users through fraudulent means. Social-engineering techniques include phishing—in which attackers send seemingly… 17-Mar-19 8
17-Mar-19 9Figure 1. Social Engineering Life Cycle
Types of Cyber Attacks Types of Cyber Attacks • Denial-of-service (DoS) and Distributed Denial-of- service(DDoS) • Man-in-the—middle (MitM) attack • Phishing and spear phising attacks • Drive-by-attack • Password attack • SQL injection attack • Cross-site scripting(XSS) attack • Eavesdropping attack • Birthday attack • Malware attack 17-Mar-19 10
Different Types of Cyber attacks 17-Mar-19 11 Figure 2. Types of Cyber Attacks.
Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks • A denial-of-service attack overwhelms a system’s resources so that it cannot respond to service requests. • A DDoS attack is also an attack on system’s resources, but it is launched from a large number of other host machines that are infected by malicious software controlled by the attacker. • Unlike attacks that are designed to enable the attacker to gain or increase access, denial-of-service doesn’t provide direct benefits for attackers. • There are different types of DoS and DDoS attacks; the most common are TCP SYN flood attack, teardrop attack, smurf attack, ping-of-death attack and botnets. 17-Mar-19 12
TCP SYN flood attack • In this attack, an attacker exploits the use of the buffer space during a Transmission Control Protocol (TCP) session initialization handshake. Teardrop attack • This attack causes the length and fragmentation offset fields in sequential Internet Protocol (IP) packets to overlap one another on the attacked host. Smurf attack • This attack involves using IP spoofing and the ICMP to saturate a target network with traffic. Ping of death attack • Ping of death attacks can be blocked by using a firewall that will check fragmented IP packets for maximum size. Botnets • Botnets are the millions of systems infected with malware under hacker control in order to carry out DDoS attacks. 17-Mar-19 13
Man-in-the-middle (MitM) attack • A MitM attack occurs when a hacker inserts itself between the communications of a client and a server. Example: Session hijacking • The attacker hijacks a session between a trusted client and network server. The attacking computer substitutes its IP address for the trusted client while the server continues the session, believing it is communicating with the client. Example: IP Spoofing • IP spoofing is used by an attacker to convince a system that it is communicating with a known, trusted entity and provide the attacker with access to the system. 17-Mar-19 14
• The attacker sends a packet with the IP source address of a known, trusted host instead of its own IP source address to a target host. The target host might accept the packet and act upon it. Example: Replay • A replay attack occurs when an attacker intercepts and saves old messages and then tries to send them later, impersonating one of the participants. 17-Mar-19 15
17-Mar-19 16 Figure 3. Session Hijacking
Phishing and spear phishing attacks • Phishing attack is the practice of sending emails that appear to be from trusted sources with the goal of gaining personal information. • It could involve an attachment to an email that loads malware onto your computer. • Attackers take the time to conduct research into targets and create messages that are personal and relevant. • One of the simplest way a hacker can conduct a spear phishing attack is email spoofing, which is when the information appears as if it is coming from someone you know very well.17-Mar-19 17
Drive by Attack • Drive-by download attacks are a common method of spreading malware. • Hackers look for insecure websites and plant a malicious script into HTTP code on one of the pages. • This script might install malware directly onto the computer of someone who visits the site. • To protect yourself from drive-by attacks, you need to keep your browsers and operating systems up to date and avoid to keep too many apps on your device. 17-Mar-19 18
Password Attack • Access to a person’s password can be obtained by looking around the person’s desk, ‘‘sniffing’’ the connection to the network to acquire unencrypted passwords, using social engineering, gaining access to a password database or outright guessing. • Brute-force password guessing means using a random approach by trying different passwords and hoping that one work. 17-Mar-19 19
• Dictionary attack: a dictionary of common passwords is used to attempt to gain access to a user’s computer and network. One approach is to copy an encrypted file that contains the passwords, apply the same encryption to a dictionary of commonly used passwords, and compare the results. • In order to protect yourself from dictionary or brute-force attacks, you need to implement an account lockout policy that will lock the account after a few invalid password attempts. 17-Mar-19 20
SQL injection attack • SQL injection has become a common issue with database- driven websites. • It occurs when a malefactor executes a SQL query to the database via the input data from the client to server. • SQL commands are inserted into data-plane input in order to run predefined SQL commands. • A successful SQL injection exploit can read sensitive data from the database, modify (insert, update or delete) database data, execute administration operations (such as shutdown) on the database, recover the content of a given file, and, in some cases, issue commands to the operating system.17-Mar-19 21
Cross-site scripting (XSS) attack • XSS attacks use third-party web resources to run scripts in the victim’s web browser or scriptable application. • Specifically, the attacker injects a payload with malicious JavaScript into a website’s database. • When the victim requests a page from the website, the website transmits the page, with the attacker’s payload as part of the HTML body, to the victim’s browser, which executes the malicious script. • It might send the victim’s cookie to the attacker’s server, and the attacker can extract it and use it for session hijacking. 17-Mar-19 22
17-Mar-19 23 Figure 4. XSS attack
Eavesdropping attack • Eavesdropping attacks occur through the interception of network traffic. • By eavesdropping, an attacker can obtain passwords, credit card numbers and other confidential information that a user might be sending over the network. • Eavesdropping can be passive or active: • Passive eavesdropping — A hacker detects the information by listening to the message transmission in the network. 17-Mar-19 24
• Active eavesdropping — A hacker actively grabs the information by disguising himself as friendly unit and by sending queries to transmitters. This is called probing, scanning or tampering. • Detecting passive eavesdropping attacks is often more important than spotting active ones, since active attacks requires the attacker to gain knowledge of the friendly units by conducting passive eavesdropping before. 17-Mar-19 25
Birthday Attack • Birthday attacks are made against hash algorithms that are used to verify the integrity of a message, software or digital signature. • A message processed by a hash function produces a message digest (MD) of fixed length, independent of the length of the input message; this MD uniquely characterizes the message. 17-Mar-19 26
• The birthday attack refers to the probability of finding two random messages that generate the same MD when processed by a hash function. • If an attacker calculates same MD for his message as the user has, he can safely replace the user’s message with his, and the receiver will not be able to detect the replacement even if he compares MDs. 17-Mar-19 27
Malware attack • Malicious software can be described as unwanted software that is installed in your system without your consent. It can attach itself to legitimate code and propagate; it can lurk in useful applications or replicate itself across the Internet. Here are some of the most common types of malware: • Macro viruses — • File infectors — • System or boot-record infectors — • Polymorphic viruses — These viruses conceal • Stealth viruses • Trojans — • Logic bombs • Worms — • Droppers — • Ransomware — 17-Mar-19 28
How to Prevent Cyber Attacks Steps you can take to reduce your risk of falling victim to a costly cyber attack: • Train employees in cyber security principles. • Install, use and regularly update antivirus and antispyware software on every computer used in your business. • Use a firewall for your Internet connection. • Download and install software updates for your operating systems and applications as they become available. 17-Mar-19 29
• Make backup copies of important business data and information. • Control physical access to your computers and network components. • Secure your Wi-Fi networks. If you have a Wi-Fi network for your workplace make sure it is secure and hidden. • Require individual user accounts for each employee. • Limit employee access to data and information and limit authority to install software. • Regularly change passwords 17-Mar-19 30
• Use patches. All it takes is a tiny hole in your system for hackers to poke their way in • Protect outbound data. Just as you protect your system from incoming malware and bots with a firewall, you need to make sure certain data never leaves your system. It’s important to focus on egress filtering, to prevent rogue employees or employees making honest mistakes from releasing sensitive data or malicious software from your network. • Raise awareness. It’s important for everyone in the organization to be savvy and alert about security issues. • Be smart about passwords. • Don’t ignore physical security. • Encrypt data. • Purchase a Cyber Insurance policy 17-Mar-19 31
Classification of security attacks • The attacks can be classified into two broad categories, namely, active and passive attacks. • An attacker can exploit the network either as internal or external and as active or passive. • Active attack: The aim of active attack is to adapt the data being exchanged in the network and thus disrupt the regular functioning of the network. The intruder can alter the packets, inject the packets, and drop the packet. Such attacks are very dangerous. • without disturbing normal network operation. 20-10-2018 32
• Passive attack: The aim of passive attack is to snoop the confidential information about routing, which shall be kept secret during the communication. It obtains such information. • The active attacks can be external and internal attacks, as discussed below: • External attack: External attackers mainly exist outside the networks. They want to get access to the network. Once they get access, they start sending bogus packets and perform denial of service in order to disrupt the performance of the whole network. 20-10-2018 33
• These attacks can be prevented by implementing security measures such as firewall, where the access of unauthorized person to the network can be mitigated. • Internal attack: In internal attack, the attacker wants to have normal access to the network as well as participate in the normal activities of the network. • The attacker gains access to the network as a new node either by compromising a current node or by malicious impersonation. • Impact of the internal attack is more severe than that of external attacks. The common examples of such attacks are blackhole and wormhole attacks, which are explained below.17-Mar-19 34
Security in different layers of protocol stack • Application programs do not interact with the network hardware directly. Rather, it interacts with protocol software. • The concept of layered protocol gives a theoretical basis for knowing how a collection of protocols work mutually with the hardware to provide a strong powerful communication system. • Different studies suggest different methods or techniques to handle security issues in many ways. 20-10-2018 35
Table 1. shows different layers in the protocol stack of the network. 17-Mar-19 36
Blackhole attack • The blackhole attack is one among the active and severe attack in MANETS. The node 1 is the source node and the node 4 represents the destination node. Node 3 is a node which acts as a blackhole (BH) node. • The attacker replies with the false reply RREP having higher modified sequence number. Therefore, node 1 erroneously judges the route discovery process with completion and starts to send data packets to node 3, which probably drops or consumes all the packets. 20-10-2018 37 RREQ Malicious RREP Figure 5. A blackhole attack in the mobile ad-hoc network
Network Management Tools • Wireshark • • Tshark • Dumpcap • NetStumbler • Honeypot • Snort 17-Mar-19 38
What is Wireshark? • Wireshark is a network packet analyzer. A network packet analyzer will try to capture network packets and tries to display that packet data as detailed as possible. • Network packet analyzer as a measuring device used to examine what's going on inside a network cable, just like a voltmeter is used by an electrician to examine what's going on inside an electric cable. • In the past, such tools were either very expensive, proprietary, or both. However, with the advent of Wireshark, all that has changed. • Wireshark is perhaps one of the best open source packet analyzers available today. 17-Mar-19 39
Some intended purposes • Network administrators use it to troubleshoot network problems • Network security engineers use it to examine security problems • Developers use it to debug protocol implementations • People use it to learn network protocol internals 17-Mar-19 40
What Wireshark is not • Wireshark isn’t an intrusion detection system. It will not warn you when someone does strange things on your network that he/she isn’t allowed to do. • However, if strange things happen, Wireshark might help you figure out what is really going on. • Wireshark will not manipulate things on the network, it will only “measure” things from it. • Wireshark doesn’t send packets on the network or do other active things (except for name resolutions, but even that can be disabled). 17-Mar-19 41
• Wireshark and TShark share a powerful filter engine that helps remove the noise from a packet trace and lets you see only the packets that interest you. • If a packet meets the requirements expressed in your filter, then it is displayed in the list of packets. • Display filters let you compare the fields within a protocol against a specific value, compare fields against fields, and check the existence of specified fields or protocols. • Wireshark can capture traffic from many different network media types - and despite its name - including wireless LAN as well. • Installing steps for Downloading Wireshark 17-Mar-19 42
Dumpcap • Dumpcap is a network traffic dump tool. It lets you capture packet data from a live network and write the packets to a file. • Dumpcap's native capture file format is libpcap format, which is also the format used by Wireshark, tcpdump and various other tools. • Without any options set it will use the pcap library to capture traffic from the first available network interface and writes the received raw packet data, along with the packets' time stamps into a libpcap file. 17-Mar-19 43
• If the -w option is not specified, Dumpcap writes to a newly created libpcap file with a randomly chosen name. • If the -w option is specified, Dumpcap writes to the file specified by that option. • Packet capturing is performed with the pcap library. The capture filter syntax follows the rules of the pcap library. 17-Mar-19 44
NetStumbler (Network Stumbler • It is one of the Wi-Fi hacking tool which only compatible with windows it freely available. • With this program, we can search for wireless network which open and infiltrate the network. • Its having some compatibility and network adapter issues 17-Mar-19 45
Key features of NetStumbler • Verify that your network is set up the way you intended. • Find locations with poor coverage in your WLAN. • Detect other networks that might be causing interference with your network. • Detect unauthorized “rogue” access points in your workplace. 17-Mar-19 46
Netstrumbler can provide the user • MAC address • SSID • Access point name • Channel • Vendor • Security (WEP on or off) • Signal strength and GPS coordinates (if GPS device is attached) 17-Mar-19 47
Honeypot • A honeypot is a device placed on a computer network specifically designed to capture malicious network traffic. • The logging capability of a honeypot is far greater than any other network security tool and captures raw packet level data even including the keystrokes and mistakes made by hackers. • The captured information is highly valuable as it contains only malicious traffic with little to no false positives. • Honeypots are becoming one of the leading security tools used to monitor the latest tricks and exploits of hackers by recording their every move so that the security community can more quickly respond to new exploits. 17-Mar-19 48
Snort • Snort is one of the network management tool used to give alarm when someone tries to enter into your own network specially used for intrusion detection system (IDS). 17-Mar-19 49
Topics for Research To be taken • The secure routing protocols based on graphs and cluster classification can be explored. • The proposed secure aware schemes to be applied to a proactive, hybrid protocol and compare with the performance to that for reactive protocols. • The secure routing protocols attacks can also be examined using honeypots. • The proposed protocols can also be applied to various types of security attacks. 17-Mar-19 50
Thanku for Patience Listening 17-Mar-19 51

Recommandé

Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attackskrishh sivakrishna
 
Types of Cyber Attacks
Types of Cyber AttacksTypes of Cyber Attacks
Types of Cyber AttacksRubal Sagwal
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityAkash Dhiman
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks pptAryan Ragu
 
Phishing
PhishingPhishing
PhishingAlka Falwaria
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityVivek Agarwal
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 

Recommandé

Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attackskrishh sivakrishna
 
Types of Cyber Attacks
Types of Cyber AttacksTypes of Cyber Attacks
Types of Cyber AttacksRubal Sagwal
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityAkash Dhiman
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks pptAryan Ragu
 
Phishing
PhishingPhishing
PhishingAlka Falwaria
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityVivek Agarwal
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...Intellipaat
 
Cyber security
Cyber securityCyber security
Cyber securitySamsil Arefin
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 
Phishing
PhishingPhishing
Phishinganjalika sinha
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?Quick Heal Technologies Ltd.
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
Phishing
PhishingPhishing
PhishingSaurabhKantSahu1
 
Cyber attack
Cyber attackCyber attack
Cyber attackManjushree Mashal
 
Cyber security
Cyber securityCyber security
Cyber securityRishav Sadhu
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYVaishak Chandran
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet SecurityGerard Lamusse
 
Ppt
PptPpt
PptGeetu Khanna
 
Phishing
PhishingPhishing
PhishingSagar Rai
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation sweetpeace1
 
cyber security and threats.pptx
cyber security and threats.pptxcyber security and threats.pptx
cyber security and threats.pptxVSAM Technologies India Private Limited
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityChitra Mudunuru
 
Cyber security
Cyber securityCyber security
Cyber securityChethanMp7
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on PhishingPankaj Yadav
 
Cyber security
Cyber securityCyber security
Cyber securityBhavin Shah
 
types of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtypes of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtaufiq463421
 
Malware attack Social engineering attack
Malware attack Social engineering attackMalware attack Social engineering attack
Malware attack Social engineering attacktaufiq463421
 

Contenu connexe

Tendances

Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...Intellipaat
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet SecurityGerard Lamusse
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation sweetpeace1
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityChitra Mudunuru
 
Cyber security
Cyber securityCyber security
Cyber securityChethanMp7
 

Tendances (20)

Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
 
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
 
Cyber security
Cyber securityCyber security
Cyber security
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Phishing
PhishingPhishing
Phishing
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?
 
Cyber security
Cyber securityCyber security
Cyber security
 
Phishing
PhishingPhishing
Phishing
 
Cyber attack
Cyber attackCyber attack
Cyber attack
 
Cyber security
Cyber securityCyber security
Cyber security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet Security
 
Ppt
PptPpt
Ppt
 
Phishing
PhishingPhishing
Phishing
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
 
cyber security and threats.pptx
cyber security and threats.pptxcyber security and threats.pptx
cyber security and threats.pptx
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Cyber security
Cyber securityCyber security
Cyber security
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
 
Cyber security
Cyber securityCyber security
Cyber security
 

Similaire à Cyber attacks

types of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtypes of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtaufiq463421
 
Malware attack Social engineering attack
Malware attack Social engineering attackMalware attack Social engineering attack
Malware attack Social engineering attacktaufiq463421
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 
What are various types of cyber attacks
What are various types of cyber attacksWhat are various types of cyber attacks
What are various types of cyber attackskanika sharma
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security PresentationPraphullaShrestha1
 
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.pptKaukau9
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptxANIKETKUMARSHARMA3
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptxSohamChakraborty61
 
Cyber Security Introduction project comprehensive
Cyber Security Introduction project comprehensiveCyber Security Introduction project comprehensive
Cyber Security Introduction project comprehensivesidraasif9090
 

Similaire à Cyber attacks (20)

types of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptxtypes of cyber attack by taufiqurrahman.pptx
types of cyber attack by taufiqurrahman.pptx
 
Malware attack Social engineering attack
Malware attack Social engineering attackMalware attack Social engineering attack
Malware attack Social engineering attack
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
What are various types of cyber attacks
What are various types of cyber attacksWhat are various types of cyber attacks
What are various types of cyber attacks
 
Attacks Types
Attacks TypesAttacks Types
Attacks Types
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
 
Cyber Security Introduction project comprehensive
Cyber Security Introduction project comprehensiveCyber Security Introduction project comprehensive
Cyber Security Introduction project comprehensive
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
hacking.ppt
hacking.ppthacking.ppt
hacking.ppt
 
2hacking.ppt
2hacking.ppt2hacking.ppt
2hacking.ppt
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
ppt pdf ajay.pdf
ppt pdf ajay.pdfppt pdf ajay.pdf
ppt pdf ajay.pdf
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
E Commerce security
E Commerce securityE Commerce security
E Commerce security
 

Dernier

Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxfenichawla
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlysanyuktamishra911
 
Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesPrabhanshu Chaturvedi
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdfKamal Acharya
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordAsst.prof M.Gokilavani
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfKamal Acharya
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 

Dernier (20)

Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
Glass Ceramics: Processing and Properties
Glass Ceramics: Processing and PropertiesGlass Ceramics: Processing and Properties
Glass Ceramics: Processing and Properties
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 

Cyber attacks

  • 1. Overview of Cyber Attacks Dr. Anuradha T Department of Computer Science and Engineering PDA College of Engineering, Kalaburagi17-Mar-19 1
  • 2. Topics to Covered • What is a Cyber Attack • How does the Cyber Attacks Look Like • Cyber Attack Classified • Types of Cyber Attacks • How to Prevent Cyber Attacks • Security Attacks • Classification of Security Attacks • Network Management Tools • Research Areas 17-Mar-19 2
  • 3. What is Cyber Attack? • Cyber is a prefix used in a growing number of technology and IT terms to describe new things that are being made possible by the spread of computers. • Cyber Attack is an attempt by hackers to damage or destroy a computer network or system. 17-Mar-19 3
  • 4. How does the Cyber Attacks Look Like • It appears to come from your bank or credit card company. It seems urgent and includes a link to click. However, if you look closely at the email, you can find clues that it might not be real. • Another way is when you download a file that contains a malicious piece of code, usually a worm or Trojan horse. • This can happen by downloading e-mail files, but it can also happen when you download apps, videos, and music files online. • As soon as you open the file, your computer is infected and the virus, worm, or Trojan horse begins to spread. 17-Mar-19 4
  • 5. Cyber Attacks Classified • Syntactic attacks • Semantic attacks • Syntactic attacks are different types of malicious software that attack your computer through various channels. • The most frequent types of software used in syntactic attacks include: Viruses • A virus is a piece of software that can attach itself to another file to reproduce. This type of software is often found in file downloads and email attachments, the virus is activated, it replicates, and sends itself to everyone in your contacts file. 17-Mar-19 5
  • 6. • Worms: don't need another file to replicate and spread. These little bits of software are also more sophisticated and can collect and send data to a specified location using information about the network when it's on. • A worm infects a computer when it's delivered via another piece of software on a network. • A trojan horse could be an email that looks like it comes from a trusted company, when in fact, it's been sent by criminals or bad actors. • 17-Mar-19 6
  • 7. Semantic Cyber Attacks • Semantic attacks are more about changing the perception or behavior of the person or organization that's being attacked. • There is less focus placed on the software involved. • Semantic Cyber attacks, also known as social engineering, manipulate human users’ perceptions and interpretations of computer-generated data in order to obtain valuable information (such as passwords, financial details, and classified government information) from the users through fraudulent means. Social-engineering techniques include phishing—in which attackers send seemingly… 17-Mar-19 7
  • 8. Social Engineering • Social engineering, manipulate human users’ perceptions and interpretations of computer-generated data in order to obtain valuable information (such as passwords, financial details, and classified government information) from the users through fraudulent means. Social-engineering techniques include phishing—in which attackers send seemingly… 17-Mar-19 8
  • 9. 17-Mar-19 9Figure 1. Social Engineering Life Cycle
  • 10. Types of Cyber Attacks Types of Cyber Attacks • Denial-of-service (DoS) and Distributed Denial-of- service(DDoS) • Man-in-the—middle (MitM) attack • Phishing and spear phising attacks • Drive-by-attack • Password attack • SQL injection attack • Cross-site scripting(XSS) attack • Eavesdropping attack • Birthday attack • Malware attack 17-Mar-19 10
  • 11. Different Types of Cyber attacks 17-Mar-19 11 Figure 2. Types of Cyber Attacks.
  • 12. Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks • A denial-of-service attack overwhelms a system’s resources so that it cannot respond to service requests. • A DDoS attack is also an attack on system’s resources, but it is launched from a large number of other host machines that are infected by malicious software controlled by the attacker. • Unlike attacks that are designed to enable the attacker to gain or increase access, denial-of-service doesn’t provide direct benefits for attackers. • There are different types of DoS and DDoS attacks; the most common are TCP SYN flood attack, teardrop attack, smurf attack, ping-of-death attack and botnets. 17-Mar-19 12
  • 13. TCP SYN flood attack • In this attack, an attacker exploits the use of the buffer space during a Transmission Control Protocol (TCP) session initialization handshake. Teardrop attack • This attack causes the length and fragmentation offset fields in sequential Internet Protocol (IP) packets to overlap one another on the attacked host. Smurf attack • This attack involves using IP spoofing and the ICMP to saturate a target network with traffic. Ping of death attack • Ping of death attacks can be blocked by using a firewall that will check fragmented IP packets for maximum size. Botnets • Botnets are the millions of systems infected with malware under hacker control in order to carry out DDoS attacks. 17-Mar-19 13
  • 14. Man-in-the-middle (MitM) attack • A MitM attack occurs when a hacker inserts itself between the communications of a client and a server. Example: Session hijacking • The attacker hijacks a session between a trusted client and network server. The attacking computer substitutes its IP address for the trusted client while the server continues the session, believing it is communicating with the client. Example: IP Spoofing • IP spoofing is used by an attacker to convince a system that it is communicating with a known, trusted entity and provide the attacker with access to the system. 17-Mar-19 14
  • 15. • The attacker sends a packet with the IP source address of a known, trusted host instead of its own IP source address to a target host. The target host might accept the packet and act upon it. Example: Replay • A replay attack occurs when an attacker intercepts and saves old messages and then tries to send them later, impersonating one of the participants. 17-Mar-19 15
  • 16. 17-Mar-19 16 Figure 3. Session Hijacking
  • 17. Phishing and spear phishing attacks • Phishing attack is the practice of sending emails that appear to be from trusted sources with the goal of gaining personal information. • It could involve an attachment to an email that loads malware onto your computer. • Attackers take the time to conduct research into targets and create messages that are personal and relevant. • One of the simplest way a hacker can conduct a spear phishing attack is email spoofing, which is when the information appears as if it is coming from someone you know very well.17-Mar-19 17
  • 18. Drive by Attack • Drive-by download attacks are a common method of spreading malware. • Hackers look for insecure websites and plant a malicious script into HTTP code on one of the pages. • This script might install malware directly onto the computer of someone who visits the site. • To protect yourself from drive-by attacks, you need to keep your browsers and operating systems up to date and avoid to keep too many apps on your device. 17-Mar-19 18
  • 19. Password Attack • Access to a person’s password can be obtained by looking around the person’s desk, ‘‘sniffing’’ the connection to the network to acquire unencrypted passwords, using social engineering, gaining access to a password database or outright guessing. • Brute-force password guessing means using a random approach by trying different passwords and hoping that one work. 17-Mar-19 19
  • 20. • Dictionary attack: a dictionary of common passwords is used to attempt to gain access to a user’s computer and network. One approach is to copy an encrypted file that contains the passwords, apply the same encryption to a dictionary of commonly used passwords, and compare the results. • In order to protect yourself from dictionary or brute-force attacks, you need to implement an account lockout policy that will lock the account after a few invalid password attempts. 17-Mar-19 20
  • 21. SQL injection attack • SQL injection has become a common issue with database- driven websites. • It occurs when a malefactor executes a SQL query to the database via the input data from the client to server. • SQL commands are inserted into data-plane input in order to run predefined SQL commands. • A successful SQL injection exploit can read sensitive data from the database, modify (insert, update or delete) database data, execute administration operations (such as shutdown) on the database, recover the content of a given file, and, in some cases, issue commands to the operating system.17-Mar-19 21
  • 22. Cross-site scripting (XSS) attack • XSS attacks use third-party web resources to run scripts in the victim’s web browser or scriptable application. • Specifically, the attacker injects a payload with malicious JavaScript into a website’s database. • When the victim requests a page from the website, the website transmits the page, with the attacker’s payload as part of the HTML body, to the victim’s browser, which executes the malicious script. • It might send the victim’s cookie to the attacker’s server, and the attacker can extract it and use it for session hijacking. 17-Mar-19 22
  • 24. Eavesdropping attack • Eavesdropping attacks occur through the interception of network traffic. • By eavesdropping, an attacker can obtain passwords, credit card numbers and other confidential information that a user might be sending over the network. • Eavesdropping can be passive or active: • Passive eavesdropping — A hacker detects the information by listening to the message transmission in the network. 17-Mar-19 24
  • 25. • Active eavesdropping — A hacker actively grabs the information by disguising himself as friendly unit and by sending queries to transmitters. This is called probing, scanning or tampering. • Detecting passive eavesdropping attacks is often more important than spotting active ones, since active attacks requires the attacker to gain knowledge of the friendly units by conducting passive eavesdropping before. 17-Mar-19 25
  • 26. Birthday Attack • Birthday attacks are made against hash algorithms that are used to verify the integrity of a message, software or digital signature. • A message processed by a hash function produces a message digest (MD) of fixed length, independent of the length of the input message; this MD uniquely characterizes the message. 17-Mar-19 26
  • 27. • The birthday attack refers to the probability of finding two random messages that generate the same MD when processed by a hash function. • If an attacker calculates same MD for his message as the user has, he can safely replace the user’s message with his, and the receiver will not be able to detect the replacement even if he compares MDs. 17-Mar-19 27
  • 28. Malware attack • Malicious software can be described as unwanted software that is installed in your system without your consent. It can attach itself to legitimate code and propagate; it can lurk in useful applications or replicate itself across the Internet. Here are some of the most common types of malware: • Macro viruses — • File infectors — • System or boot-record infectors — • Polymorphic viruses — These viruses conceal • Stealth viruses • Trojans — • Logic bombs • Worms — • Droppers — • Ransomware — 17-Mar-19 28
  • 29. How to Prevent Cyber Attacks Steps you can take to reduce your risk of falling victim to a costly cyber attack: • Train employees in cyber security principles. • Install, use and regularly update antivirus and antispyware software on every computer used in your business. • Use a firewall for your Internet connection. • Download and install software updates for your operating systems and applications as they become available. 17-Mar-19 29
  • 30. • Make backup copies of important business data and information. • Control physical access to your computers and network components. • Secure your Wi-Fi networks. If you have a Wi-Fi network for your workplace make sure it is secure and hidden. • Require individual user accounts for each employee. • Limit employee access to data and information and limit authority to install software. • Regularly change passwords 17-Mar-19 30
  • 31. • Use patches. All it takes is a tiny hole in your system for hackers to poke their way in • Protect outbound data. Just as you protect your system from incoming malware and bots with a firewall, you need to make sure certain data never leaves your system. It’s important to focus on egress filtering, to prevent rogue employees or employees making honest mistakes from releasing sensitive data or malicious software from your network. • Raise awareness. It’s important for everyone in the organization to be savvy and alert about security issues. • Be smart about passwords. • Don’t ignore physical security. • Encrypt data. • Purchase a Cyber Insurance policy 17-Mar-19 31
  • 32. Classification of security attacks • The attacks can be classified into two broad categories, namely, active and passive attacks. • An attacker can exploit the network either as internal or external and as active or passive. • Active attack: The aim of active attack is to adapt the data being exchanged in the network and thus disrupt the regular functioning of the network. The intruder can alter the packets, inject the packets, and drop the packet. Such attacks are very dangerous. • without disturbing normal network operation. 20-10-2018 32
  • 33. • Passive attack: The aim of passive attack is to snoop the confidential information about routing, which shall be kept secret during the communication. It obtains such information. • The active attacks can be external and internal attacks, as discussed below: • External attack: External attackers mainly exist outside the networks. They want to get access to the network. Once they get access, they start sending bogus packets and perform denial of service in order to disrupt the performance of the whole network. 20-10-2018 33
  • 34. • These attacks can be prevented by implementing security measures such as firewall, where the access of unauthorized person to the network can be mitigated. • Internal attack: In internal attack, the attacker wants to have normal access to the network as well as participate in the normal activities of the network. • The attacker gains access to the network as a new node either by compromising a current node or by malicious impersonation. • Impact of the internal attack is more severe than that of external attacks. The common examples of such attacks are blackhole and wormhole attacks, which are explained below.17-Mar-19 34
  • 35. Security in different layers of protocol stack • Application programs do not interact with the network hardware directly. Rather, it interacts with protocol software. • The concept of layered protocol gives a theoretical basis for knowing how a collection of protocols work mutually with the hardware to provide a strong powerful communication system. • Different studies suggest different methods or techniques to handle security issues in many ways. 20-10-2018 35
  • 36. Table 1. shows different layers in the protocol stack of the network. 17-Mar-19 36
  • 37. Blackhole attack • The blackhole attack is one among the active and severe attack in MANETS. The node 1 is the source node and the node 4 represents the destination node. Node 3 is a node which acts as a blackhole (BH) node. • The attacker replies with the false reply RREP having higher modified sequence number. Therefore, node 1 erroneously judges the route discovery process with completion and starts to send data packets to node 3, which probably drops or consumes all the packets. 20-10-2018 37 RREQ Malicious RREP Figure 5. A blackhole attack in the mobile ad-hoc network
  • 38. Network Management Tools • Wireshark • • Tshark • Dumpcap • NetStumbler • Honeypot • Snort 17-Mar-19 38
  • 39. What is Wireshark? • Wireshark is a network packet analyzer. A network packet analyzer will try to capture network packets and tries to display that packet data as detailed as possible. • Network packet analyzer as a measuring device used to examine what's going on inside a network cable, just like a voltmeter is used by an electrician to examine what's going on inside an electric cable. • In the past, such tools were either very expensive, proprietary, or both. However, with the advent of Wireshark, all that has changed. • Wireshark is perhaps one of the best open source packet analyzers available today. 17-Mar-19 39
  • 40. Some intended purposes • Network administrators use it to troubleshoot network problems • Network security engineers use it to examine security problems • Developers use it to debug protocol implementations • People use it to learn network protocol internals 17-Mar-19 40
  • 41. What Wireshark is not • Wireshark isn’t an intrusion detection system. It will not warn you when someone does strange things on your network that he/she isn’t allowed to do. • However, if strange things happen, Wireshark might help you figure out what is really going on. • Wireshark will not manipulate things on the network, it will only “measure” things from it. • Wireshark doesn’t send packets on the network or do other active things (except for name resolutions, but even that can be disabled). 17-Mar-19 41
  • 42. • Wireshark and TShark share a powerful filter engine that helps remove the noise from a packet trace and lets you see only the packets that interest you. • If a packet meets the requirements expressed in your filter, then it is displayed in the list of packets. • Display filters let you compare the fields within a protocol against a specific value, compare fields against fields, and check the existence of specified fields or protocols. • Wireshark can capture traffic from many different network media types - and despite its name - including wireless LAN as well. • Installing steps for Downloading Wireshark 17-Mar-19 42
  • 43. Dumpcap • Dumpcap is a network traffic dump tool. It lets you capture packet data from a live network and write the packets to a file. • Dumpcap's native capture file format is libpcap format, which is also the format used by Wireshark, tcpdump and various other tools. • Without any options set it will use the pcap library to capture traffic from the first available network interface and writes the received raw packet data, along with the packets' time stamps into a libpcap file. 17-Mar-19 43
  • 44. • If the -w option is not specified, Dumpcap writes to a newly created libpcap file with a randomly chosen name. • If the -w option is specified, Dumpcap writes to the file specified by that option. • Packet capturing is performed with the pcap library. The capture filter syntax follows the rules of the pcap library. 17-Mar-19 44
  • 45. NetStumbler (Network Stumbler • It is one of the Wi-Fi hacking tool which only compatible with windows it freely available. • With this program, we can search for wireless network which open and infiltrate the network. • Its having some compatibility and network adapter issues 17-Mar-19 45
  • 46. Key features of NetStumbler • Verify that your network is set up the way you intended. • Find locations with poor coverage in your WLAN. • Detect other networks that might be causing interference with your network. • Detect unauthorized “rogue” access points in your workplace. 17-Mar-19 46
  • 47. Netstrumbler can provide the user • MAC address • SSID • Access point name • Channel • Vendor • Security (WEP on or off) • Signal strength and GPS coordinates (if GPS device is attached) 17-Mar-19 47
  • 48. Honeypot • A honeypot is a device placed on a computer network specifically designed to capture malicious network traffic. • The logging capability of a honeypot is far greater than any other network security tool and captures raw packet level data even including the keystrokes and mistakes made by hackers. • The captured information is highly valuable as it contains only malicious traffic with little to no false positives. • Honeypots are becoming one of the leading security tools used to monitor the latest tricks and exploits of hackers by recording their every move so that the security community can more quickly respond to new exploits. 17-Mar-19 48
  • 49. Snort • Snort is one of the network management tool used to give alarm when someone tries to enter into your own network specially used for intrusion detection system (IDS). 17-Mar-19 49
  • 50. Topics for Research To be taken • The secure routing protocols based on graphs and cluster classification can be explored. • The proposed secure aware schemes to be applied to a proactive, hybrid protocol and compare with the performance to that for reactive protocols. • The secure routing protocols attacks can also be examined using honeypots. • The proposed protocols can also be applied to various types of security attacks. 17-Mar-19 50
  • 51. Thanku for Patience Listening 17-Mar-19 51