NAME: ARJUN BATRA AND KUNAL JUNEJA

BATCH: BBA LLB (1st year 2nd Semester)

SUBJECT: PRINCIPLE OF MANAGEMENT
TOPIC: CYBER CRIME DAMAGE TO IC 3
SUBMITTED TO: DR.KIRAN GEHANI HASIJA

TABLE OF CONTENT
Abstract……………………………………………………………………………………………………2
Conceptual Framework…………………………………………………………………………….2
Research Objective…………………………………………………………………………………..5
Literature Review……………………………………………………………………………………..5
Research Methodology…………………………………………………………………………….9
Data Analysis and Findings……………………………………………………………………..10
Conclusion………………………………………………………………………………………………14
References………………………………………………………………………………………………14
 ABSTRACT
:The tremendous evolution of the information society and the world's reliance on Internet
usage particularly in India, is accompanied on the side by Societies' vulnerability to
cybercrime Cybercriminals are not limited by geographical constraints ascyberspace is a
worldwide, borderless, and free-flowing network.issue. Local laws are ineffective in deterring
these acts.In such a situation, India is like a sitting duck. India will visit the United
States.Cybercrime has been combated in a variety of ways.bilateral agreements with Russia,
such as the cyber pact With a framework deal with the United States, as well as the recent
visit of India's Prime Minister Mr. Modi's visit to Israel to sign the IndoIsrael Cyber
Framework is another another example of India's efforts to improve its
cybersecurity.restructure its cyberspace.Because of the context in which the crimes were
perpetrated, the gravity of the offences, and the unreported events owing to a lack of
understanding or societal restraints, obtaining accurate and official statistics on cybercrime is
difficult. In many circumstances, law enforcement plays a vital role since it has control over
the level of detail that is provided.

CONCEPTUAL FRAMEWORK

India, which has the world's second-largest internet population, was no exception to the
developing digital village. While increased internet connectivity offers large-scale
improvement, it also exposes our digital society to new threats. Cybercrime has no borders
and has evolved at the same rate as new technologies.

The number of cyber crimes recorded across the country continues to rise at an alarming rate
each year. On the other hand, the types of offences ranged from minor online scams to lottery
scams and sexual harassment. The banking and financial services business, on the other hand,
looks to be the most targeted.with the commencement of the coronavirus pandemic and the
migration of most services to the internet, a bigger risk exists in other industries as well. In
November 2020, Big Basket, an online grocery marketplace with over 20 million customers,
was the most recent of these.

Despite the fact that the private sector bears the brunt of cyber crime, government entities
have been targets of espionage. One such security breach was India's unique citizen
identification system, the Aadhaar, which exposed comprehensive personal information of
over a billion Indians, including bank data, addresses, and fingerprints. The cost of data
breaches in the United States alone was estimated to be around two million dollars in 2020.

The lack of understanding about cyber hygiene has been one of the most significant hurdles
to combating cybercrime. Even when crimes were reported to police, the infrastructure and
procedures for dealing with them were ineffective. The Indian Cyber Crime Coordination
Centre was established in recent years with a four-billion-rupee investment by the
government to speed up investigations. The expansion of the country's cyber security
business is another area that could help reduce cyber crime levels. With the introduction of
the 5G network and the construction of smart cities, more investments in the industry may be
able to combat rising dangers.

TYPES OF CYBER CRIME

1.DDoS Exploits
.. By flooding the site with traffic from numerous sources, they are used to bring a network
down and render an online service unavailable. When malware is installed on consumers'
computers, botnets arise, which are vast networks of infected machines. The hacker gains
access to the system when the network is down.

2.Botnets
Botnets are infected computer networks that are controlled remotely by hackers. These
botnets are then used by remote hackers to disseminate spam or attack other systems.
Botnets can also be used for evil purposes and to act as malware.

3.Theft of Identity
. A criminal can utilise a user's personal information to steal money,
obtain access to secret information, or commit tax or health insurance
fraud. They can also open a phone/internet account in your identity,
organise criminal action, and seek for government benefits under your
name. They could do so by stealing people's passwords, gathering
personal data from social media, or sending out phishing emails.
4. Cyberstalking
.Online harassment is a sort of cybercrime in which the user is inundated with messages and
emails. Cyberstalkers frequently terrorise and intimidate people through social media,
websites, and search engines. The victim is frequently familiar with the cyberstalker, who
makes them feel threatened or worried about their safety.

5.Social Engineering
Social engineering is used by criminals to contact you personally, usually by phone or email..
They frequently pose as customer service representatives in order to gain your trust and
collect the information they need. This is frequently a password, the name of your employer,
or your bank account number. Before adding you as a friend on social networking platforms,
cybercriminals will acquire as much information about you as possible on the internet. They
can sell your information or start accounts in your name if they have access to an account.

6.PUPs
PUPS, or Potentially Unwanted Programs, are a sort of malware that is less dangerous than
other cyberattacks. They remove essential applications from your computer, such as search
engines and pre-installed apps. Because malicious downloads can contain malware or
adware, it's a good idea to safeguard yourself by installing antivirus software.

7.Phishing
PUPs (Potentially Unwanted Programs) are a sort of malware that is less dangerous than
other types. They remove essential programmes from your computer, such as search
engines and pre-installed software.. Because malicious downloads may contain malware or
adware, it's a good idea to safeguard yourself by installing antivirus software.

8.Prohibited/Illegal Content
Criminals commit this cybercrime by exchanging and transmitting objectionable and
offensive content. Offensive content includes adult sexual behaviour, violent recordings, and
films depicting criminal activity. Anything encouraging terrorism or child exploitation is
considered illegal content. This type of content is available on both the public internet and the
dark web, which is an anonymous network.

9.Online Scams
These are typically in the form of adverts or spam emails that contain too-good-to-be-true
promises of rewards or money offers. Scams on the internet involve enticing offers that seem
"too good to be true," and when clicked on, can result in malware interfering with and
compromising data.

10.Exploit Kits
Exploit kits require a vulnerability in order to gain control of a user's computer (a flaw in
software code). They're ready-to-use tools that thieves may purchase online and employ
against anyone who has access to a computer. Exploit kits are updated on a regular basis, just
like standard software, and are available on dark web hacker forums.
RESEARCH OBJECTIVE
● to examine the number of cyber crimes recorded in India between 2012 and 2020
● to analyse Number of cyber crimes reported across India in 2020, by leading state (in
1,000s)
● From 2016 to 2020, the number of internet crimes connected to sexual harassment and
exploitation in India will be examined.
● To analyse Number of online identity theft offences reported across India in 2020, by
leading state

LITERATURE REVIEW

1.Sindhu and Meshram have suggested a system that uses an a priori (i.e., data mining)
method to detect cybercrime.The researchers started by gathering and analysing case
attributes/variables from case reports. The a priori technique was used to the collection of
variables in order to locate common item sets. Even if it was not implemented, the proposed
technique is beneficial for recognising the quality and variables of cybercrime case reports.
To make analysis easier for investigators, the researchers used visuals such as bar charts and
graphs.

2.Khan et al. .Several. Data mining approaches were explored, including association,
grouping, and outlier identification. To recognise DoS assaults as examples of cybercrime,
the researchers used a data mining technique (i.e. pattern recognition). They used pattern
recognition to analyse log data and compared them to a threshold to determine if the actions
were normal or aberrant.

3.Kwon et al. .centred on how online game players make money In these games, an unofficial
market sells money that has recently been raised, forming gold farming organisations
(GFGs).GFGs are for-profit companies that offer virtual goods to online gamers.. The
researchers presented a method for detecting GFGs based on some behavioural characteristics
and a rule-based community, with the goal of distinguishing actual users from bots.Then
developed a graph to capture the features of virtual economy transactions, and they recorded
and observed all anomalous transactions in order to extract qualities that may be used to
detect GFGs.

4.Cryptography is another approach that has been used to identify cybercrime.,Derhab et

al.Presented a security architecture called Spam Trapping System (STS) to address the spam
botnet detection problem,It is in charge of providing a third line of defence by recognising
and preventing the spam botnet from propagating to other servers. To distinguish between
real and spam emails, the Spam Trapping System uses encrypted emails.. In valid email, this
distinguishing mechanism employs a cryptographic key.Users, the email application, and the
STS system all have access to the cryptographic key. In contrast, spam emails are not
encrypted using a known key. Spam emails aren't sent outside of the host as a result. By using
this approach, a third line of defence is established, and spam email is prevented from leaving
the host.
5.Cybercrime has also been detected using forensics tool-based analysis approaches.for
instance, Meera et al. ,Using a virtual machine called VMware, they attempted to investigate
cybercrimeCriminals increasingly use virtual hard discs to hide evidence. As a consequence,
the researchers exploited VMware files to search for criminal evidence in a virtual hard disc
by utilising live internal data capture and raw data extraction from numerous grains. On a
virtual hard disc, a grain is a block of sectors containing data. To extract usable information,
raw data is acquired and then analysed utilising numerous forensic techniques. The files are
named ".vmdk," which is an abbreviation for VMware's virtual hard disc file.

6.Shalaginov et al. .Due to the vast amount of data that must be examined in order to uncover
evidence to assist investigators.In forensics investigations, the use of soft computing
technologies is crucial. In the classical sense, this procedure involves time and resources. Soft
computing tools such as fuzzy logic, machine learning, and data mining make big data
analytics easier, assisting investigators in detecting crimes and criminals. In contrast,
Barraclough et al employed fuzzy logic to detect phishing attacks using five different tables
with 288 attributes and two-fold cross validation.. They have a great level of precision.

7. . Azad and Jha developed an intrusion detection system (IDS) that employs a fuzzy min-
max neural network as a classifier and a genetic algorithm for hyberbox optimization. This
IDSA was put to the test using KDD '99. Azad and Jha [89] suggested another IDS a year
later, this time utilising a fuzzy min-max neural network as a classifier and particle swarm
optimization, which they demonstrated at KDD '99.

8.Haider et al. Using tweets as the data set, a feedforward neural network was utilised to
recognise Arabic cyberbullying. To identify changes and improve accuracy, the authors
changed numerous parameters in the neural network. The number of hidden layers, epochs,
and batch size are among the parameters.. After multiple training experiments, the authors
noticed that after a few epochs, they had improved performance.The optimal batch size is 16,
and 7 hidden layers have also been demonstrated to be the greatest option for obtaining
excellent accuracy and performance. Their recommended technique resulted in the highest
accuracy of 94.56 percent.

9.Embedded programming, agent-based techniques, software engineering, and artificial

intelligence approaches are some of the strategies used to detect cybercrime, according to
Raiyn . The researcher discussed cloud-based cybercrime detection, presenting some research
on the issue, and introducing the notion of using IP addresses to establish users' physical
location (i.e., nation, city, and street) as well as for real-time cyberattack detection.

10.Dinakar et al. [48] attempted to detect cyberbullying in YouTube comments using JRip,
J48, and a support vector machine as supervised machine learning techniques (SVM). A
binary classifier was compared to a multi-classifier by the authors. On the other hand, Al-
garadi et al. [49] developed a method for detecting cyberbullying in tweets. They employed
numerous sorts of information acquired from each tweet in the classifier to detect
cyberbullying. The support vector machine, naive Bayes, KNN, and decision tree were
among the techniques investigated to find the best classifier. The authors determined that
naive Bayes gives the best results and is powerful enough [49].

11Nandhini and Sheeba used FormSpring.me to identify cyberbullying using a question-and-

answer website,. The Levenshtein method and a naive Bayes classifier were used.., they have
devised a cyberbullying detection tool. Reynolds et al. made use of an instance-based learner
as well as a C4.5 decision tree learner. 78.5 percent of the time, both students accurately
recognised true positive findings
.
12.Abouzakhar et al. Using a Bayesian learning network technique, they built a system to
detect network cybercrime.To evaluate their proposed method, The authors used the
Massachusetts Institute of Technology (MIT) Lincoln Laboratory's DARPA 2000 dataset of
DDoS attacks. They used the Life Chart Method to assess the data. The Bayesian network, on
the other hand, is based on probabilistic models that are only useful in noisy settings and are
ineffective in real-world scenarios. Furthermore, in practise, this methodology is not as
practical as deterministic correlation methods.

13.Liang et al. An intrusion detection system (IDS) filter for detecting assaults in vehicle ad
hoc networks (VANETs) was introduced., a type of network that monitors the movement of a
group of automobiles without the usage of a base station. It also coordinates and controls
vehicle-to-vehicle communication. This filter was designed to reduce the detection process'
response time and overhead while maintaining detection accuracy.The authors implemented
the filter using the Hidden Markov Model.

14.On the other hand, Qiao et al Based on the dataset from the University of New Mexico
(UNM), recommended a Hidden Markov Model IDS. Based on cosine similarity, Rasmi and
Jantan [33] developed a unique attack goal prediction method for an intrusion detection
system.. The similarity of attack intentions (SAI) method generates a similarity matrix from
past and known attack intentions, which is then used to calculate the probability ratio for each
attack intention. To calculate similarity, the ratio of new attacks to known and predefined
attacks is employed.

15.One of the finest models for detecting cyberattacks is the Hidden Markov Model. It is,
however, a time-consuming operation. Sultana and colleagues The N-gram extraction method
improved the Hidden Markov Model by shortening the time required for data training to
detect cyberattacks. Instead of whole trace events, this modified Hidden Markov Model
makes advantage of recurrent or repeated patterns in trace data. During data mining, the N-
gram extraction technique was employed to extract common patterns. As a result, the time it
took to train data for a system was lowered by 31.96–48.44 percent.

16.Abouzakhar et al Using a Bayesian learning network technique, they built a system to

detect network cybercrime.To evaluate their proposed method, the authors used a DARPA
2000 dataset of DDoS assaults created by the Massachusetts Institute of Technology (MIT)
Lincoln Laboratory. They employed the Life Chart Method to evaluate the outcomes.
However, the Bayesian network is built on probabilistic models, which are only successful in
noisy settings and are ineffective in real-world scenarios.. Furthermore, in practise, this
methodology is not as practical as deterministic correlation methods.

17.Uzel and colleagues. Cyber-terrorism and extremism were identified using text
classification (CTE). The researchers gave numerical weights to phrases in order to uncover
terminology related to CTE in literature. The file was converted to a vector format.The
researchers utilised four weighing approaches to computerise the vector: term frequency-
based, binary, term frequency, and inverse document frequency-based weighting. To propose
and generate a fuzzy collection, weighting methods were utilised. The researchers used SVM
and a naive Bayes multinomial as classifiers to identify CTE. They also used the antisocial
behaviour data set in their experiment. With an accuracy of up to 99 percent, the fuzzy set-
based weighting strategy paired with SVM outperformed the other approaches.

18Hee et al. .created a technique to detect cyberbullying elements in social media

communications automatically .They contributed to the area by creating a technique to
identify cyberbullying that includes not just hostile language but also implicit material, which
they regarded as difficult because there are various sorts of implicit cyberbullying, such as
curses, slander, and encouragement., all of which can have different attitudes.They
accomplished this using binary and linear support vector machine classifiers. They used a
dataset of 113,698 English and 78,378 Dutch ASKfm posts to test the proposed approach on
texts in both English and Dutch.Because of its excellent ability to do big linear
classification,An SVM classifier was built in Python using the LIBLINEAR library. After
optimization, the new model attained maximum F1-scores of 58.72 percent for Dutch and
64.32 percent for English, respectively..

19. Vijayanand et al. A new intrusion detection system (IDS) for securing a wireless mesh
network was proposed using a genetic method for feature selection and SVM as a classifier.
The proposed technique was evaluated in Network Simulator 3 with a simulated wireless
mesh network dataset (NS3).They were able to detect attacks with a high degree of precision
(95.5 percent )

20.Ofoghi et al.by extracting feature vectors,presented a phishing email detection method

with hybrid characteristics This instrument employs four steps: feature vector construction,
machine learning, method selection, and inductor and feature assessment.. Zulkefli et al. [57]
Another endeavour was to research ways for conducting advanced persistent threat (APT)
assaults on smartphones. APT attacks are pre-planned operations that incorporate social
engineering and malware; one of the most popular forms of APT assaults is phishing. The
authors employed a decision tree classifier to discriminate between legitimate and fraudulent
websites, and they were able to obtain a 90% accuracy rate.

21.Because most intrusion detection systems can detect and block known pattern assaults,
Ahn et al. praposed To predict unforeseen threats, a new paradigm framework was
presented.The authors focused on APT assaults, which are more dangerous than other types
of attacks since the attacker observes the target to acquire information, identify holes, and
seek out the most privileged individuals, such as the administrator. Big data methods, such as
machine learning, data mining, and artificial intelligence, were used to develop their
paradigm framework. Among the approaches used by the researchers were regression
analysis for prediction, classification using SVM or logistic regression analysis for
classification, the relation rule for uncovering hidden relationships among data, and atypical
data mining for studying data that cannot be represented numerically (e.g., text, images and
videos).
22.Vuong et al. [61]created a method for identifying attacks on mobility devices such as
robots. that takes into account the devices' mobile nature, energy usage, and the attack's
physical impactIn this work, the classification technique is carried out utilising the Decision
Tree C 5.0 algorithm. On mobile robotic vehicles, the suggested technique is vulnerable to
four sorts of attacksDoS, SQL injection, and two forms of malware (one aimed against the
network, the other at the central processing unit) [61].
23.Nath a clustering technique was employed with K-means clustering is a data mining
technique that can be used to detect crime tendencies. The number of recorded cyber-crimes
has more than fivefold increased since 2014, topping 50,000 for the first time in 2020. Fraud
cases will account for more than 20% of these instances in 2020. The number of cases still
pending with the police has surpassed 70% by the end of 2020.. K-means algorithms could
quickly converge data, but they couldn't ensure that the outcome would be correct after the
data was converged. Furthermore, because K-means is a technique for unsupervised learning,
the right solutions are uncertain.
24.Some of the tactics used to detect cybercrime are embedded programming, agent-based
methodology, software engineering, and artificial intelligence approaches, according to Raiyn
. The researcher discussed cloud-based cybercrime detection, presenting some research on the
issue, and introducing the notion of using IP addresses to establish users' physical location
(i.e., nation, city, and street) as well as for real-time cyberattack detection.

25.IDS was explored by Jiang and Cybenko a distributed correlation. A distributed system is
made up of web servers, a Domain Name Server (DNS), a database server, routers, and
switches. Attacks can occur in a number of locations and cause damage to a variety of
network components at various times. Servers, firewalls, and other network components, for
example, are referred to as places, whereas time refers to when an attack is launched inside
the network.

RESEARCH METHODOLOGY:

Secondary data is used in this research article, and it was gathered from a variety of web
sources. Several research papers, articles, journals, and information from various websites are
among the sources from which the data is collected and acquired.
DATA ANALYSIS AND FINDINGS
Between 2013 and 2020, the number of incidents of cyber crime in India increased at a rapid
rate, reaching ninefold.Over 50 thousand cybercrime occurrences were reported in that year.
During the time period studied, Karnataka and Uttar Pradesh had the highest
proportion.Consumers in India lost over 18 billion dollars in 2017 as a result of cybercrime,
according to estimatesThese, however, were estimates based only on recorded data. The real
statistics are likely to be under-reported in a nation like India due to a lack of cyber crime
knowledge and categorization procedures. Recent government measures, such as a dedicated
online reporting tool for cybercrime, might very well be the driving reason behind an upsurge
in online crimes beginning in 2017...
As expected, the pandemic-induced internet blackouts resulted in increased internet usage,
which raised the number of cyber-crimes. The number of recorded cyber-crimes has more
than fivefold increased since 2014, topping 50,000 for the first time in 2020. Fraud cases will
account for more than 20% of these instances in 2020. The number of cases still pending with
the police has surpassed 70% by the end of 2020.
As the number of reported occurrences of cyber-crime has climbed, the rate of cyber-crime
has also increased,growing from 3.3 per lakh people in 2019 to 3.7 per lakh people in 2020.
Prior to 2016, cybercrime was almost non-existent.In 2016, the crime rate was less than one
per lakh of the population.. That is, out of one lakh persons, only one had reported a cyber-
crime.

With over 11 thousand cases submitted to the police in 2020,In comparison to the rest of the
country, the Indian state of Uttar Pradesh had the highest number of registered cyber
offences. In 2017, the country recorded almost 50 thousand cases of cybercrime, a huge rise
over the previous year's figure of around 12 thousand cases.Uttar Pradesh edged out
Karnataka as the state with the most cybercrimes recorded in 2020,More than a fifth of the
country's total of 50,035 offences were committed in this state. Karnataka came in second
place, while Maharashtra came in third. Cybercrime decreased in Uttar Pradesh and
Karnataka in comparison to 2019, but grew in Maharashtra.. In the last year, cybercrime has
expanded drastically in areas such as Tamil Nadu, Telangana, Assam, Bihar, and Odisha.
According to the investigators, the statistics may not adequately reflect the situation..
We witnessed a significant surge in cyber-attacks, including ransomware, and associated
investigations during the Covid outbreak. " "Most businesses are concerned about the
consequences of making their data public," said Jagvinder S Brar, partner and head of
investigation and forensic risk advisory at KPMG India. "Only a few cyber-attacks are
reported to investigative agencies like cyber cells," he stated.

Over 3.2 thousand incidences of internet crime involving sexual harassment or exploitation
were reported in India in 2020.In comparison to the years 2016 and 2017, the number of such
cyber crimes in the country increased dramatically. Although the country's crime rate
increased from 2018 to 2020, the Indian government's attempts to build new mechanisms to
combat cyber crime, as well as increased public awareness, were some of the causes that
contributed to such a large increase in recorded cyber crimes.
With over three thousand cases reported to the authorities in 2020, Karnataka, India's
southernmost state, has the highest number of reported offences involving online identity
theft. Over 5,000 cases of online identity theft were reported in the country that year.Section
66C of the Indian Penal Code covered this type of criminal activity.According to a new
survey.In the recent year, 59 percent of Indian people have been victims of some type of
cybercrime.,. These victims have spent a total of 1.3 billion hours attempting to resolve their
problems.
The report is part of NortonLifeLock's latest findings. The cyber security company
questioned more than 10,000 adults in ten countries for the results of its 2021 Norton Cyber
Safety Insights Report. The results were based on the responses of 1,000 adults in India.
According to the survey, 36% of Indian adults identified unauthorised access to an account or
device in the last 12 months, based on 1,000 respondents.To present, identity theft has
affected nearly half of all Indian customers (about 45 percent). Around 14% of these people
have been affected in the last year alone. In the previous 12 months, about 27 million Indians
were victims of identity theft, according to the research.
It goes on to say that over 60% of Indian adults are very concerned about their identity being
stolen. While 65% believe they are well-protected against identity theft, many people have no
idea what to do in the event of identity theft.
The elder generation appears to be the most vulnerable, with 60% of respondents aged 40 and
higher confirming their fears. More than two-thirds of those polled (68%) wish they had more
information about what to do if their identity was stolen.
CONCLUSION

The phenomenal development in internet use around the world,Particularly in India, there has
been a considerable surge in cybercrime, putting India vulnerable to such crimes. Cybercrime
is a worldwide phenomena, and perpetrators are not limited to a certain geographical region.
Cyberspace is a free-flowing environment.,, borderless environment that is not constrained by
local geographic boundaries. Local laws can't deter these acts, hence India is a sitting duck in
this situation. India has entered into various bilateral agreements to combat
cybercrime.Among them are a cyber deal with Russia and a framework agreement with the
US. The recent visit by Prime Minister Narendra Modi to Israel to sign the IndoIsrael Cyber
Framework is yet another endeavour by India to simplify its cyberspace. These bilateral
agreements are limited in scope and ineffective in preventing cybercrime. India need a
multilateral treaty that would combine its laws via an uniform criminal policy and address
international collaboration in the worldwide battle against cybercrime. The pact should help
to build effective legislation and robust investigative tools, as well as enhance international
collaboration in the fight against cybercrime. The Budapest Convention on Cybercrime of the
Council of Europe is an international multilateral treaty that deals with global collaboration in
the fight against cybercrime. Even the United States and Israel, with whom India has bilateral
cybercrime treaties, have signed on to the Budapest cybercrime convention.