Upload
binu-p-jayan
View
199
Download
0
Embed Size (px)
Citation preview
SEMINAR ON
CYBER CRIMETECHNOLOGY
Submitted byRahul js S5 chm
Rollno:32Gptc ndd
IntroductionDefinitionCategories of cyber crime
Defining Cyber CrimeIt’s an unlawful act wherein the computer is either a tool or a target or both.
Acts that are punishable by the Information Technology Act.
Cyber space is a virtual space that has become as important as real space for business, politics, and communities .
INTRODUCTIONThe internet is growing rapidly. It has given rise to new opportunities in every field we can think of – be it entertainment, business, sports or education.
There are two sides to a coin. Internet also has its own disadvantages. One of the major disadvantages is Cyber crime – illegal activity committed on the internet.
CATEGORIES OF CYBER CRIME:
Cyber crimes can be basically divided into 3 major categories:
1. Cyber crimes against persons.
2. Cyber crimes against property.
3. Cyber crimes against government
SECOND CATEGORYThese crimes include computer vandalism (destruction of others' property), transmission of harmful programs, unauthorized trespassing through cyber space, unauthorized possession of computer information.
THIRD CATEGORY
Cyber terrorism is one distinct kind of crime in this category. The growth of internet has shown that the medium of Cyberspace is being used by individuals and groups to threaten the international governments as also to terrorize the citizens of a country.
FIRST CATEGORYCyber harassment is a distinct Cyber crime. Various kinds of harassment can and do occur in cyberspace, or through the use of cyberspace. Harassment can be racial, religious, or other.
Types Of Cyber Crime
Modification of a conventional crime by using computers.
Frequently Used Cyber Crimes..
Modification of a conventional crime by using computers.
Financial crimes
Sale of illegal articles
Online gambling
BACK
Frequently Used Cyber Crimes.Unauthorized access to computer systems or networksTheft of information contained in electronic formDenial of Service attack
BACK
CYBER CRIME TECHNOLOGY
BOTNET TECHNOLOGY PHISHING TECHNOLOGY
BOTNET
OUTLINEIntroduction to Botnet Botnet Life-cycleBotnet Detection Preventing Botnet InfectionConclusion
INTRODUCTION A Botnet is a network of
compromised computers under the control of a remote attacker
controller of a botnet is able to direct the activities of these compromised computers
Botnet Terminology Bot Herder (Bot Master) Bot Bot Client IRC Server Command and Control Channel
(C&C)
INTRODUCTION A Botnet is a network of
compromised computers under the control of a remote attacker
controller of a botnet is able to direct the activities of these compromised computers
Botnet Terminology Bot Herder (Bot Master) Bot Bot Client IRC Server Command and Control Channel
(C&C)
INTRODUCTION TO BOTNET(TERMINOLOGY)
IRC ChannelIRC Server
Code Server
IRC ChannelC&C Traffic
Updates
Victim
Attack
Bot Master
BOTNET LIFE-CYCLE
BOTNET LIFE-CYCLE
BOTNET LIFE-CYCLE
BOTNET LIFE-CYCLE
BOTNET DETECTION:TRAFFIC MONITORING
Signature based: Detection of known botnets
Anomaly based: Detect botnet using following anomalies
High network latency High volume of traffic Traffic on unusual port Unusual system behaviour
DNS based: Analysis of DNS traffic generated by botnets
PREVENTING BOTNET INFECTIONSUse a Firewall Use Antivirus (AV) software Deploy an Intrusion Prevention System (IPS) Define a Security Policy and Share Policies with your users systematically
CONCLUSION Botnets pose a significant and growing
threat against cyber security It provides key platform for many
cyber crimes (DDOS) As network security has become
integral part of our life and botnets have become the most serious threat to it
It is very important to detect botnet attack and find the solution for it
PhishingPhishing is a way of fraudulently acquiring sensitive information using social engineering and technical subterfuge.It tries to trick users with official-looking messages
Credit card Bank accounteBayPaypal
Some phishing e-mails also contain malicious or unwantedsoftware that can track your activities or slow your computer
The purpose of a phishing message is to acquire sensitive information about a user. For doing so the message needs to deceive the intended recipient.
So it doesn’t contains any useful information and hence falls under the category of spam.
A spam message tries to sell a product or service, whereas phishing message needs to look like it is from a legitimate organization.Techniques applied to spam message cant be applied naively to phishing messages.
HOW TO PREVENT
1) Detect and block the phishing Web sites in time
2) Enhance the security of the web sites3) Block the phishing e-mails by various
spam filters4) Install online anti-phishing software in
user’s computers
How to avoid PhishingDON’T CLICK THE LINK
Type the site name in your browser (such as www.paypal.com)
Never send sensitive account information by e-mail
Account numbers, SSN, passwordsNever give any password out to anyoneVerify any person who contacts you (phone or email).
If someone calls you on a sensitive topic, thank them, hang up and call them back using a number that you know is correct, like from your credit card or statement.