Professional Documents
Culture Documents
edp report final
edp report final
edp report final
SUBMITED
BY
GUIDED
BY
Prof. Z. Ali
DEPARTMENT
OF
COMPUTER ENGINEERING
GOVERNMENT ENGINEERING COLLEGE, AURANGABAD
(An Autonomous Institute of Government of Maharashtra)
CERTIFICATE
Date: 08/05/2023
Dr. A.S.Bhalchandra
PRINCIPAL
ACKNOWLEDGEMENT
I would also like to thank to all our faculty members of our department for their
valuable suggestion in the process of this project work. Finally, yet importantly, I would like
to express our thanks to our beloved parents for their blessings. Last but never the least; let us
thanks our friends and classmates for their help and co-operation for the successful completion
of this project proposal.
)
A growing amount of information is becoming digital and accessible
through wireless and wired digital communication networks in addition to the pervasive
internet. One of the primary reasons is the rapidly changing technological landscape and
the fact that software adoption is steadily rising across numerous industries, including
finance, government, military, retail, hospitals, education, and energy, to name a few.
Since cybercriminals value all extremely sensitive information greatly, it is crucial to
safeguard it using robust applications of cybersecurity.
. In this report, we will provide an overview of our cybersecurity app, including its
features, target audience, business model, and technical details. We will begin by
discussing the features of our app, including real-time threat detection, encryption, two-
factor authentication, and vulnerability scanning. We will then describe our target audience,
including small to medium-sized businesses, professional services, high-net-worth
individuals, and tech-savvy individuals, and explain how our subscription-based pricing
model offers an affordable and effective solution for a wide range of users.
Next, we will outline the technical details of our app, including its architecture,
programming languages, and frameworks, as well as its scalability and performance
capabilities. We will also discuss our data privacy and security measures, including our
encryption standards and protocols.
Finally, we will describe our business model, including our revenue model, cost structure,
and marketing strategy. We will explain how we plan to reach our target market and
generate a sustainable revenue stream through our subscription-based pricing model.
Overall, this report provides a comprehensive overview of our cybersecurity app and the
value it offers to users. We believe that our app provides a powerful set of features and
tools that are essential for anyone looking to protect their sensitive information and
systems against cyber threats.
We are interested in developing concepts about models of cyber security to serve as
an inspiration for researchers to advance the technology of models for counteracting cyber
threats; for practitioners to use as a guide for responding to cyber terror; for university
students to use in preparing for careers in cyber security; and as a contribution to society
as a whole by reducing the threat of cyber terror.
We are motivated to develop model concepts, and the models that flow from the
concepts, because of the severity of the cyber security problem, and the havoc that cyber
attacks are wrecking on the world’s information infrastructure.
In addition, since a major problem in cyber security is the inability to predict risk
associated with a given type of attack, our proposed models include an approximation of
risk prediction as a function of probability of attack, vulnerabilities, and the consequences
of the specified type of attack.
We expect this research to have cross discipline application in the fields of computer
science, systems engineering, electrical engineering, and operations research.
For example, the models we have developed, as applied to the electric grid, involve
knowledge of electrical engineering and operations research for model building. Also, we
anticipate that by doing a detailed analysis of the cyber threat to the electric grid, and by
sharing the research results with other researchers and grid operators, a better
understanding of the cyber threat problem will be achieved.
We propose to tackle this problem by developing fundamental concepts in the realm
of cyber threat predictive modeling. Furthermore we propose to map our cyber security
models to the electric grid environment. We have already done considerable work in
developing the concepts and models, as the detailed examples will attest. In addition, we
plan to identify and collect cyber security data from electric grid operators, such as the
Cyber security is another major modern-age necessity that equips the world with a safe
digital and cyber ecosystem. The majority of company operations are conducted through the
internet, exposing data and resources to a variety of cyber dangers. Since data and system
resources are the foundations of the organization, it goes without saying that a danger to
these entities is a threat to the organization as a whole.
Objective of app
The CIA triad is made of three components- Confidentiality, Integrity, and Availability.
Let us discuss each of them and their respective tools to achieve the main goal of cyber
security.
1. Confidentiality:
Confidentiality is similar to privacy in that it prevents unauthorized disclosure of information.
It entails data security, granting access to those who are permitted to see it while preventing
others from discovering anything about its contents. It ensures that vital information does
not reach the wrong people while also ensuring that the appropriate ones receive it. Data
encryption is a wonderful example of how to keep information private.
Access Control: refers to the set of rules and procedures that govern who has access to a
system or to physical or virtual resources. It is the process of granting users access to
systems, resources, or information, as well as particular privileges. Users of access control
systems must present credentials such as a person's name or a computer's serial number
before being permitted access. These credentials can take numerous forms in physical
systems, but credentials that cannot be transferred provide the best security.
Authentication: An authentication procedure is one that ensures and confirms a user's
identity or role. Authentication is a must for all companies because it allows them to
safeguard their networks by allowing only authenticated users to access protected
information. Computer systems, networks, databases, webpages, and other network-based
applications or services are examples of these resources.
Authorization is another security that entails getting authorized or being allowed to get or do
something. It is used to assess whether a person or system is permitted access to resources,
including computer programs, files, services, data, and application features, based on an
access control policy. It is usually followed by authentication, which verifies the user's
identity. Permission levels are frequently assigned to system administrators that encompass
all system and user resources. A system verifies an authenticated user's access rules during
authorization and either provides or denies resource access.
2. Integrity:
The means for guaranteeing that data is real, correct, and protected against unauthorized
user modification is referred to as integrity. It is a property that information has not been
tampered with in any manner and that the information's source is legitimate.
The goal of integrity in cyber security is carried out by employing the following tools:
Backups: are the archiving of data on a regular basis. It is the process of duplicating data or
data files to be used in the event that the originals are lost or destroyed. Additionally, it is
used to make copies for historical purposes, such as longitudinal research, statistics, or
historical records, or to comply with a data retention policy's obligations.
Checksums: A checksum is a numerical value that is used to check the integrity of a file or
data transfer. In other words, it's the calculation of a function that converts a file's contents
into a numerical value. They're commonly used to compare two sets of data to ensure that
they're identical. A checksum function is based on a file's whole contents. It is built in such
a way that even a minor change to the input file will most likely result in a different output
value.
Codes for Data Correction: It's a technique for retaining data in a manner that slight
modifications may be recognized and repaired automatically.
3. Availability
Availability is the property of being able to access and modify information in a timely manner
by those who are allowed to do so. It ensures that only authorized personnel have access
to the sensitive data on a consistent and dependable basis. The availability principle is
operated by employing the following tools:
Physical Protection- refer to the ability to keep information accessible even when faced with
physical difficulties. It ensures that sensitive data and important information technologies are
kept in safe places.
Computational Redundancy- used as a fault-tolerant system against unintentional failures.
It safeguards computers and storage devices that act as backups in the event of a system
failure.
Individuals within or outside the company are most likely to pose a threat. It's critical to have
the right safeguards in place and to keep your staff alert with a cyber security course and
awareness training, whether it's cybercriminals attacking you maliciously with phishing
emails, malware, ransomware, or social engineering attacks – or your employees
"accidentally" deleting crucial data.
Anything you can use to fight hazards and reduce risk is referred to as a safeguard. They
can be software or hardware, but they are most crucially management policies and
processes that must be followed by everyone in the organization, including clients.
Target Audience
Our cybersecurity app is targeted towards both individuals and businesses who are
concerned about the security of their data and systems. Our primary target audience
includes:
1. Small to Medium-sized Businesses (SMBs): SMBs often lack the resources to implement
comprehensive cybersecurity measures, leaving them vulnerable to cyber threats. Our app
provides an affordable and effective solution for SMBs to protect their systems and data
against cyber attacks.
2. Professional Services: Industries such as finance, healthcare, and legal services deal with
sensitive and confidential data on a daily basis, making them a prime target for cyber
attacks. Our app provides a secure and reliable way for professionals to protect their data
and systems.
3. High-Net-Worth Individuals (HNWIs): HNWIs often have a significant amount of personal
and financial information stored online, making them vulnerable to cyber attacks. Our app
provides a high level of security and protection to safeguard their sensitive data.
4. Tech-savvy Individuals: Individuals who are interested in cybersecurity and want to take an
active role in protecting their systems and data will find our app useful. Our app provides
easy-to-use tools and features to help them monitor and secure their systems.
By targeting these audiences, we aim to provide a solution that meets the needs of a wide
range of users, from individuals to small businesses and professionals.
Features
1. Real-time Threat Detection: Our app will use advanced machine learning algorithms to
detect and respond to cyber threats in real-time, including malware, phishing, and
ransomware attacks.
2. Firewall Protection: Our app will include a firewall to block unauthorized access to user
systems and data, as well as to monitor network traffic and detect and respond to any
suspicious activity.
3. Encryption: Our app will use encryption to secure user data both at rest and in transit,
including AES-256 encryption for sensitive data such as passwords and financial
information.
4. Two-Factor Authentication: Our app will include two-factor authentication to prevent
unauthorized access to user accounts, requiring users to provide a second form of
identification such as a code sent to their phone or email.
5. Anti-Virus and Anti-Malware: Our app will include advanced anti-virus and anti-malware
features to prevent and remove malicious software from user systems.
6. Web Protection: Our app will include web protection to prevent users from accessing
malicious websites and to block potentially dangerous downloads.
7. Data Backup and Recovery: Our app will include data backup and recovery features to
ensure that user data is protected in the event of a system failure or cyber attack.
8. Vulnerability Scanning: Our app will include vulnerability scanning to identify and remediate
potential security weaknesses in user systems and networks.
9. Reporting and Analytics: Our app will provide users with detailed reporting and analytics on
their security posture, including information on threats detected and remediated, and
recommendations for improving their security.
Technical details
Our cybersecurity app will be offered as a subscription-based service, with several tiers of
pricing based on the number of users and level of features. Our revenue model will be
based on a monthly or annual subscription fee, depending on the user's preference.
Our pricing tiers will range from a basic plan for individual users, to more advanced plans
for small to medium-sized businesses and enterprise-level customers. Each pricing tier will
offer additional features and support options, such as 24/7 customer support and
dedicated account management.
We will also offer a free trial period to allow users to test the app's functionality and
security features before committing to a paid subscription.
Our target market includes both businesses and individuals who are concerned about the
security of their data and systems. We will focus our marketing efforts on industries with
high cybersecurity risk, such as finance, healthcare, and government.
To reach our target market, we will use a combination of targeted advertising, content
marketing, and partnerships with other companies in the cybersecurity industry, including
software vendors, security consulting firms, and managed security service providers.
Our cost structure will primarily consist of software development, marketing and
advertising, customer support, and ongoing maintenance and updates. We will manage
these costs by balancing our pricing with our expenses and focusing on operational
efficiency.
Our target market includes small to medium-sized businesses, professional services, high-
net-worth individuals, and tech-savvy individuals who are concerned about the security of
their data and systems. By offering a subscription-based service with pricing tiers based on
the number of users and level of features, we aim to provide an affordable and effective
solution for a wide range of users.
We will focus our marketing efforts on industries with high cybersecurity risk, including
finance, healthcare, and government, and will use a combination of targeted advertising,
content marketing, and partnerships with other companies in the cybersecurity industry to
reach our target market.
Overall, our goal is to provide users with peace of mind knowing that their systems and
data are protected against cyber threats, while generating a sustainable revenue stream
through our subscription-based pricing model. We believe that our cybersecurity app is a
valuable solution for anyone looking to improve their cybersecurity posture and protect
their sensitive information.