1. Security In Internet BankingChiheb
chebbiChiheb-chebbi@outlook,11fr
2. Cyber risks: A severe and present danger everything is under
attackThe annual cost ofcybercrime to the globaleconomy ranges
from$375 billion to as muchas $575 billion22
3. The number of stolenCredit card information hasIncreased by
48%Cyber Threat intelligence ReportFirst Quarter 2014Credit card
informationTheft via Point of Salesinfections haveIncreased by
700%The number of userIDand password theftshas increasedBy
410%Incidents and financial impacts continue to grow33
4. Who is a Hacker ?Intelligent individualswith
excellentcomputer skills withthe ability to createand
explorecomputers softwareand HardwareFor somehackers,hacking is
ahobby to see howmany computers theycan compromiseTheir intention
caneither be to gainknowledge or to pokearound to do illegalthings
44
5. Hacker Classes :BBllaacckk HHaattss GGrreeyy HHaattss
WWhhiittee HHaattssIndividuals withextraordinarycomputing
skills,Restoring to maliciousor destructiveactivities and alsoknown
as CrackersIndividuals professinghacker skills and usingthem for
defensivepurposes and are alsoknown as SecurityAnalystsIndividuals
who workboth offensively anddefensively at varioustimes55
7. Attacker Password Cracking:Vulnerable SystemPassword
Cracking techniques are used torecover passwords from computer
systemsAttackers use password cracking techniques togain
unauthorized access to the vulnerablesystem77
8. Password Cracking Techniques:DictionaryAttacksBrute
ForcingAttacksHHyybbrriidd AAttttaacckkssA dictionary file isloaded
into thecracking applicationthat runs against useraccountsThe
program triesevery combination ofcaracters until thepassword is
brokenLike a dictionaryattack but adds somenumbers and symbolsto
the words88
9. SyllableAttacksRule-BasedAttacksPassword Cracking
Techniques:It is the combinationof both brute forceattack and
thedictionary attackThis attack is usedwhen the attackergets some
informationabout the password99
10. Malwares:Is a program that record user sinteraction with
the computer andinternet without the user s
knowledge.Spyware:Trojan: It is a program in wich the maliciouscode
is contained inside apparentlyharmless programming or data1100
11. Malwares:Is a self-replicating program thatproduces its own
code by attachingcopies of itself into other
executablecodeVirus:Keylogger is a hardware or softwaredevice which
monitors every keystroke,screen shots, chats etc typed on
thecomputer.Keylogger:1111
12. 1122
13. Total notificationsof attemptedinfections bybanking
malware:1,387,0801133
14. Social Engineering:Social Engineering is the art of
convincing peopleto reveal confidential information1144
15. Computer-based Social Engineering:Phishing Phishing is the
attempt to acquire sensitiveinformation such as usernames,
passwords,and credit card details (and sometimes,indirectly, money)
by masquerading as a trustworthyentity in an electronic
communication 1155
16. Computer-based Social Engineering:1166
17. The overallnumber
ofanti-phishingnotifications:19,659,6281177
18. What is a Denial of service attack?In a Denial of service
attack (DoS) attackers flood a victim system withNon-legitimate
service requests or traffic to overload its resourcesAttack
TrafficNormal Traffic1188
19. What are Destributed Denial of service attacks?A DDoS
attack involves a multitude of compromised systemsattacking a
singel targetTo launch a Ddos attack,an attacker usesBotnets and
attacks a single system1199
20. DDoS Attack Tool: LOIC2200
21. What are Botnets ?Botnets are software applications that
run aytomated tasksOver the internet and perform simple repetitive
tasksA Botnet is a huge network of compromised systems 2211
22. 2222
23. What is SQL injection?SQL injection is a technique used to
take advantage of non-validatedInput vulnerabilities to pass SQL
commands through a web AppFor execution by a backend
database2233
24. 2244
25. How to Defend against ccyybbeerr AAttttaacckkss??2255
26. Intrusion Detection Systems (IDS)An intusion detection
system gathers and analyszesinformation from withinA computer or a
network to identify the possibleviolation of security
policyincluding Unauthorized access as well as misuse2266
27. 2277
28. FirewallsFirewall is a hardware or software or combined of
both designedTo prevent unauthorized access to or from private
networkIt is a placed at the gateway between the two networks which
is usuallya private Network and a public network such as the
internet2288
29. HoneypotHoneypot is an information system resource that is
expresslySet up to attract and trap people who attemp to
penetrateAn organization networkA honeypot can be used to log
access attempts o those portsIncluding the attackers
keystrokes,This could send early warningsOf a more concerned
attack2299
30. CryptographyCryptography is the conversion of Data into a
scrambled code thatIs decrypted and sent across a private or public
network3300
31. Types of
Cryptography:SymmetricEncryptionAsymmetricEncryptionHHaasshh
FFuunnccttiioonnUses the samekey forencryption asthey do
fordecryptionUses differentencryption keys forencryption
anddecryption(publicand private key)Uses no key forencryption
anddecryption3311
32. Public Key infrastructure(PKI)PKI is a set of
harware,software,people,policies,and procedures requiredTo Create,
Manage , distribute, use,and store digital certificates3322
33. 3333
34. 3344
35. Thank you for your attention !!!AndDont Try this at Home
!!!3355