CYBER SECURITY

A Seminar Report submitted in partial fulfilment for the award of

Degree of Bachelor Technology
In
Computer Science & Information Technology

Submitted By
Saurabh Chaturvedi
(9409020894)

Under Supervision of
Dr. Vinay Rishiwal

Department of Computer Science & Information Technology

Faculty of Engineering & Technology
M.J.P.ROHILKHAND UNIVERSITY,BAREILLY
2021

1
 Candidate’s Declaration
I Hereby declared that seminar report titled “Cyber security”, is prepared by me based on available
literature and I have not submitted it anywhere else for the award of any other degree

Date Saurabh Chaturvedi

15-06-2021 (9409020894)

2
 Certificate From Suprevisor

I certify that the above statement made by the candidate is true to the best my
knowledge

Date Dr.Vinay Rishiwal

15-06-2021 Professor
C.S & I.T
M.J.P.R.U.

3
 ABSTRACT

cyber security is the activity of protecting information and information and

information systems such as networks ,computers data base ,data center and
applications with appropriate procedural and technological security measures.
Firewalls,antivirus software,and other
cyber security plays an important role in field of information
technology.securing the information have one of the biggest challenge in the
present day whenever we think about the cyber security the first thing that
comes in our mind is cybercrime which are increasing in day by day by day
.goverments and companies are taking many measures in order to prevent
these cyber crime.
As more business activities are being automated and an increasing number of
computers are being used to store sensitive information the need for secure
computer system become more apparent

4
 ACKNOWLEDGEMENT
I would like to greatefully acknowledge the enthusiastic suprervision of
Dr.Vinay rishiwal (Prof. CSIT, MJPRU Bareilly) during seminar. He inspired me
greatly and his willingness to motivate me contributed tremendously to my
seminar.without his encouredgement and guidance this seminar wuld not have
motorized.
I am also greatful to Prof.S.S.Bedi(HOD,Computer Science & Information
Technology,MJPRU,Bareilly)for completing this.
I would also like to thank all the teaching and non- teaching faculty members
and friends,who have a great help through their analytical comment and
reviews.
The guidance and support received from all the and help.
members wh contributed to this seminar, was vital for the success for this
presentation . I am greatful for their constant support

5
 TABLE OF CONTENTS

Cover Page…………………………………………………1
Candidate’s Declaration……………………………..2
Certificate From supervisor……………………….3
Abstract……………………………………………………..4
Acknowledgement……………………………………..5
Introduction to Cyber Security……………………7
Cyber Crime………………………………………………..8
Challenges of Cyber Security……………………….9-10
Cyber Threat………………………………………………..10-12
How to Avoid cyber Attack………………………….12
Antivirus and Firewalls…………………………………12-14
Advantages and Disadvantages…………………….15
Conclusion…………………………………………………….16

REFERENCES……………………………..17

6
 INTRODUCTION TO CYBER SECURITY

CYBER SECURITY: the body of technologies, processes, and

practices designed to protect networks, devices, programs, and data from
attack, theft, damage, modification or unauthorized access It is.

The field is becoming more important due to increased reliance on computer

systems , the Internet and wireless network standards such as Bluetooth and
Wi-Fi and due to the growth of smart devices including smartphones,
telephones, and the various devices that constitute the “Internet of things”.

Why do we need cyber security?

• With an increasing amount of people getting connected to internet, the

security threats that cause massive harm are increasing also.
• Cyber security is necessary since it helps in securing data from threats
such as data theft or misuse, also safeguards your system from viruses.

7
 Cyber Crime

Cybercrime, or computer-oriented crime, is a crime that involves a computer

and a network. The computer may have been used in the commission of a crime,
or it may be the target. Cybercrime may threaten a person, company or nation’s
security and financial health.

Cybercrime,also called computer crime, the use of a computer as an instrument

to further illegal ends, such as committing fraud, trafficking in child pornography
and intellectual property, stealing identities, or violating privacy. Cybercrime,
especially through the Internet, has grown in importance as the computer has
become central to commerce, entertainment, and government.

Categories of Cybercrime:
We can categorize cyber crime into two ways:
• The computer as a target: Using a computer to attack other computers
e.g. Hacking, Virus/Worms attack, Dos attack etc.

• The computer as a weapon: Using a computer to commit real world crime

e.g. Credit card fraud etc.

8
 CHALLENGES OF CYBER SECURITY

 NETWORK SECURITY:Network security is a broad term that

multitude of technology,devices and prcessess.it is set f rules and
configuration designed to protect confidentially,integrity and avaibility.
 APPLICATION SECURITY:Application security is the
process of making apps more secure by finding, fixing, and enhancing the
security of apps. Much of this happens during the development phase,
but it includes tools and methods to protect apps once they are
deployed. This is becoming more important as hackers increasingly
target applications with their attacks.

 DATA SECURITY: Data security refers to the process of

protecting data from unauthorized access and data corruption
throughout its lifecycle. Data security includes data encryption,
hashing,tokenization, and key management practices that protect data
across all applications and platforms.
 IDENTITY SECURITY: Identity security describes the proactive
approach to safely controlling user and system information that is used to
authenticate and authorize user identities for access to secure resources.
 CLOUD SECURITY: Cloud security, also known as cloud computing
security, consists of a set of policies, controls, procedures and
technologies that work together to protect cloud-based systems,
data, and infrastructure. These security measures are configured to
protect cloud data, support regulatory compliance and protect
customers' privacy as well as setting authentication rules for individual
users and devices.
 MOBILE SECURITY: Mobile security is the protection of
smartphones, tablets, laptops and other portable computing devices, and
the networks they connect to, from threats and vulnerabilities associated

9
 with wireless computing. Mobile security is also known as
wireless security.
 END-USER SECURITY: The end-user is usually the weakest link
when it comes to cybersecurity and that is what attackers are countin on.
This is why phishing is such a popular technique for spreading
ransomware.

CYBER THREATS

 HACKING: Hacking in simple term means an illegal intrusion in a

computer system or network. It is also known as cracking. Govt. and
MNC’s websites are the hot targets of hackers due to press coverage it
receives. Hacking is an attempt to exploit a computer system or a private
network inside a computer. Simply put, it is the unauthorised access to or
control over computer network security systems for some illicit purpose.

How can we prevent ourselves from being

getting hacked?

• Update regularly
• Passwords: don’t re-use them
• Download from authorised sources
• 'Administrator' shouldn't be your default setting
• Turn off when you’re done
• Encrypt to keep your stuff unreadable

• PHISHING: Phishing is fraudulent attempt, usually made through

email, to steal your personal information.Phishing is the attempt to obtain
sensitive information such as username , password and credit card details
oftem for malicious reasons through an electronic communication(such
10
 as E-mail). A common online phishing scam starts with an email message
that appears to come from a trusted source(legitimate site) but actually
directs recipents to provide information to a fraudulent website.

• DENIAL of SERVICE(DoS): This is an act by the criminals

who floods the bandwidth of the victims network.In the Dos attack, a
hacker uses a single internet connection to either exploit a software
vulnerability or flood a target with fake request with fake request usually
I an attempt to exhaust server resources.On the other hand, DDoS attacks
are launched from multiple connected devices that are distributed across
the internet.

1. DoS = When a single host attacks.

2. DDoS = When multiple hosts attack
simultaneously and continuously.
• SPAM EMAIL: Email Spam is the electronic version ofjunk mail.
It involves sending unwanted messages often unsolicited advertising, to a
large number of concern as it can be used to deliver Trojan horses
recipents. Spam is a serious security, viruses, worms, spyware, and
targeted phishing attacks.

• MALWARE: It’s malicious software(such as virus, worms and

Trojan) which specifically designed to disrupt or damage computer system
or mobile device. Hackers use malware for any number of reasons such
as, extracting personal info. Or passwords, stealing money, or preventing
owners from accessing their device. Viruses are programs that attach
themselves to a computer or file and then circulate themselves to other
files and to other computers on a network. They either alter or delete the
data. Malware has actually been a threat to individuals and organizations
since the early 1970s when the Creeper virus first appeared. Since then,
the world has been under attack from hundreds of thousands of different

11
 malware variants, all with the intent of causing the most disruption and
damage as possible.

• ATM Skimming and Point of Scale Crimes: It is

a technique of compromising the ATM machine by installing a skimming
device a top the machine keypad to appear as a genuine keypad or a
device made to be affixed to the card reader to look like a part of the
machine. Additionally, malware that steals credit card data directly can
also be installed on these devices. Successful implementation of skimmers
cause in ATM machine to collect card numbers and personal
identification number codes that are later replicated to carry out
fraudulent transaction.

HOW TO AVOID CYBER ATTACKS?

• Uninstall unnecessary softwares.

• Install, use and regularly update antivirus and antispyware software on
every computer
• Use a firewall for your Internet connection
• Make backup copies of important business data and information.
• Control physical access to your computers and network components.
• Secure your Wi-Fi networks. If you have a Wi-Fi network for your
workplace make sure it is secure and hidden.
• Regularly change passwords.
• Employee personal accounts

ANTIVIRUS AND FIREWALLS

ANTIVIRUS: Antivirus software, sometimes known as anti-malware software, is

designed to detect, prevent and take action to disarm or remove malicious

12
 software from your computer such as viruses, worms and Trojan horses. It may
also prevent or remove unwanted spyware and adware in addition to other
types of malicious programs. The first versions of antivirus software can be
traced as far back as the 1980s.

Antivirus software will begin by checking your computer programs and

comparing them to known types of malware. It will also scan your computer for
behaviors that may signal the presence of a new, unknown malware. Typically,
antivirus software uses all three scanning detection processes:

 Specific Detection – This works by looking for known malware by a

specific set of characteristics.
 Generic Detection – This process looks for malware that are
variants of known “families,” or malware related by a common codebase.
 Heuristic Detection – This process scans for previously unknown
viruses by looking for known suspicious behavior or file structures.

FIREWALL: A firewall is a system that provides network security by filtering

incoming and outgoing network traffic based on a set of user-defined rules. In
general, the purpose of a firewall is to reduce or eliminate the occurrence of
unwanted network communications while allowing all legitimate
communication to flow freely. In most server infrastructures, firewalls provide
an essential layer of security that, combined with other measures, prevent
attackers from accessing your servers in malicious ways.
When your computer has firewall protection, everything that goes in and out of
it is monitored. The firewall monitors all this information traffic to allow ‘good
data’ in, but block ‘bad data’ from entering your computer.
Firewalls use one or a combination of the following three methods to control
traffic flowing in and out of the network:

 Packet filtering
13
 The most basic form of firewall software uses pre-determined security rules to
create filters – if an incoming packet of information (small chunk of data) is
flagged by the filters, it is not allowed through. Packets that make it through the
filters are sent to the requesting system and all others are discarded.

 Proxy service
A firewall proxy server is an application that acts as an intermediary between
systems. Information from the internet is retrieved by the firewall and then sent
to the requesting system and vice versa. Firewall proxy servers operate at the
application layer of the firewall, where both ends of a connection are forced to
conduct the session through the proxy. They operate by creating and running a
process on the firewall that mirrors a service as if it were running on the end
host, and thus centralise all information transfer for an activity to the firewall
for scanning.

 Stateful inspection
The most modern method of firewall scanning, that doesn't rely on the memory-
intensive examination of all information packets is ‘stateful inspection’. A
‘stateful’ firewall holds significant attributes of each connection in a database of
trusted information, for the duration of the session. These attributes, which are
collectively known as the ‘state’ of the connection, may include such details as
the IP addresses and ports involved in the connection and the sequence being
transferred. The firewall compares information being transferred to the copy
relevant to that transfer held in the database – if the comparison yields a
positive match the information is allowed through, otherwise it is
denied.numbers of the packets

14
 ADVANTAGES AND DISADVANTAGES

The advantages and disadvantages of Cyber Security are

listed below:
ADVANTAGES:
1) Protects system against viruses, worms, spyware and other unwanted
programs.

2) Protection against data from theft.

3) Protects the computer from being hacked.

4) Minimizes computer freezing and crashes.

5) Gives privacy to users

DISADVANTAGES:
1) Firewalls can be difficult to configure correctly.

2) Incorrectly configured firewalls may block users from performing certain

actions on the Internet, until the firewall configured correctly.

3) Makes the system slower than before.

4) Need to keep updating the new software in order to keep security up to

date.

5) Could be costly for average user

15
 CONCLUSION

we can say that Cyber the Security is one of government most of India took a
major step and introduced an act in the year 2000 which is called as (IT act 2000)
which states that it is the primary law in India dealing with cybercrime and
electronic commerce. The Act providesa legal framework for electronic
governance by giving recognition to electronic records and digital signatures. It
also defines cyber crimes and prescribes penalties for them.
Cybersecurity is a never-ending battle. A permanently decisive solution to the
problem will not be found in the foreseeable future,even Mark Zukerberg the
creator of one of the most used social networking sites Facebook important
issues that we have faced with the increase in technological advancements,
anything and everything that exists on the internet isn't completely safe. With
the increase in Cyber crimes in India the
is seen covering his laptop's front camera with a duct tape so that the camera
might not be accessed by anyone else then what else can we expect from our
security.
So, be littie cautious and attentive while using/working on the internet because
the safety is in your hands only.

16
 REFERENCES

1. https://www.udemy.com/course/the-complete-
internet-security-privacy-course-volume-1/

2. https://www.geeksforgeeks.org/cyber-system-
security/

3. Cybersecurity Essentials by charles Brooks and

Christopher Grow ( October 30,2018 )

4. Cybersecurity-Attack and Defense Strategies by

Yuri Diogenes ( December 31, 2019 )

5. https://en.wikipedia.org/wiki/Cybercrime

17