www.gradeup.

co

1
www.gradeup.co

CYBER SECURITY & CLOUD TECHNOLOGY

1 CYBER SECURITY

Cyber security: Background

India is on its way of becoming a digital nation by launching of a flagship Programme ‘Digital India’ by
the Govt. with a vast vision to transform India into a digitally empowered society. Under the ‘Digital
India’ Programme, e-Commerce and e-Governance will get maximum boost.
The Internet has undergone astounding growth. As per the Internet Live Stats, there are 3.5 billion
internet users across worldwide out of which about 462 million plus users are in India and growth rate
of internet users in India is 31% which is highest in the world. By year 2020, the expected Internet
users in India will cross one billion mark. Similarly the Smartphone penetration in India will touch 1.4
billion mark by 2020.
DEFINITION:
Cyber safety or Internet safety is protecting oneself from computer crime and reduce risk of security
breaches to private and confidential information to the user.
Cyber attacks on Internet commerce, vital business sectors and government agencies are growing
exponentially. There are 113 Million Computer Frauds and Cyber Crimes reported in 2015 as per
Norton Security 2015 Report of Cyber Crime. India is also among top 5 countries in case of
Ransomware Attack. The Hon’ble Prime Minister has also flagged cyber-related risks as a global threat
of “bloodless war,” and called upon the nation’s IT organizations to serve the entire world by building
credible cyber-security systems.

Active Attacker: Can see the data and they can modify the content of data.
Passive Attacker: Can only see the data, can not change the content of the data.

2
www.gradeup.co

Types of Active Attack

1. Masque rade
Masquerade is attack even if Raju is not sending any msg to Rani. Ravi can generate a msg and send
to Rani acting as a If he is Rahu. even you are not sending a msg to your bank some one on a behalf
of you sending a msg to your bank requesting to a transfer.
2. Replay
3. Modification of message:
4. Repudiation : This attack is done by either sender or receiver. The sender or receiver can deny
later that he/she has send or receive message.
for example Customer ask his bank “to transfer an amount to someone” and later on the sender
(customer) deny that he had made such a request. This is Repudiation.
5. Denial of service attack:
dos attack is an attack meant to shut down a machine or network, making it inaccessible to its
intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it
information that triggers a crash. In both instances, the DoS attack deprives legitimate users (i.e.
employees, members, or account holders) of the service or resource they expected.
Few terms related to cyber security:
1.Phising: Through fake websites, the scammers gain access to personal and maybe private
information. This is known as Phishing. To prevent this from happening we can restrict access to
unsupported websites .
2. Internet Scams: Internet Scams are things people try to conduct their business online and get
scammed into doing things.
3.Malware: The information attained through softwares is usually transferred by email to random
locations across the globe.
Security goals:
1. Data confidentiality
2. Data Integrity
3. Data Availability
4. Authentication
5. Non-repudiation
1. Data confidentiality
• Privacy
• Protect the information from any unauthorized disclose.
2. Data Integrity
• Data received should be exactly same as the data sent.
• There should be No modification

3
www.gradeup.co

Ex: There is a ‘GATE’ exam tomorrow

⇓
There is No Gate exam tomorrow
3. Data Availability
Data must be Available to the Authorized parties.
4. Authentication
Ensure communication is Authentic
Verify the Identity of sender/receiver
Ex: userid & password
5. Non Repudiation
Sender/Receiver cannot deny of transmitted data.
Malware and its type :
Malware stands for “Malicious Software” and it is designed to gain access or installed into the computer
without the consent of the user. They perform unwanted tasks in the host computer for the benefit of
a third party. There is a full range of malwares which can seriously degrade the performance of the
host machine. There is a full range of malwares which are simply the host machine and send it to
remote servers. There are various types of malwares present in the Internet.
Some of the popular ones are:
Adware
It is a special type of malware which is used for forced advertising. They either redirect the page to
some advertising page or pop-up an additional page which promotes some product or event. These
adware are financially supported by the organizations whose products are advertised.
Spyware
It is a special type of which is installed in the target computer with or without the user permission and
is designed to steal sensitive information from the target machine. Mostly it gathers the browsing
habits of the user and the send it to the remote server without the knowledge of the owner of the
computer. Most of the time they are downloaded in to the host computer while downloading freeware
i.e. free application programmes from the internet.
Browser hijacking software
There is some malicious software which are downloaded along with the free software offered over the
internet and installed in the host computer without the knowledge of the user. This software modifies
the browsers setting and redirect links to other unintentional sites.
Virus
A virus is a malicious code written to damage/harm the host computer by deleting or appending a file,
occupy memory space of the computer by replicating the copy of the code, slow down the performance
of the computer, format the host machine, etc. It can be spread via email attachment, pen drives,
digital images. e-greeting, audio or video clips, etc. A virus may be present in a computer but it cannot
activate itself without the human intervention.

4
www.gradeup.co

Secure programming technique:

Secure Programming is the practice of developing software where attention and planning is given to
producing robust and reliable applications that operate securely.
Application Security Training:
A critical first step to develop a secure application is an effective training plan that allows developers
to learn important secure coding principles and how they can be applied.
Secure coding principles:
1. Input Validation
2. Output Encoding
3. Authentication and Password Management (includes secure handling of credentials by external
services/scripts)
4. Session Management
5. Access Control
6. Cryptographic Practices
7. Error Handling and Logging
8. Data Protection
9. Communication Security
10. System Configuration
11. Database Security
12. File Management
13. Memory Management
14. General Coding Practices
While OWASP (Open Web Application Security Project) specifically references web applications, the
secure coding principles outlined above should be applied to non-web applications as well.
OWASP top 10 vulnerbilities:
What is OWASP?
Open Web Application Security Project or OWASP is an online community dedicated to web
application security. The community works towards finding the most critical web application security
flaws and the issues reported by this community are often easy to find and exploit and hence it is a
cause of worry for all businesses. These are specific issues that vulnerability detection services
like Appknox use to help pinpoint areas of weakness and stop security issues before they happen.
Injection
An injection attack is a common security vulnerability where a threat actor injects a piece of malicious
code in order to let an application perform abruptly. SQL injection attacks are among the most common
injection attacks where an SQL code is injected in order to expose parts of a database.

5
www.gradeup.co

Broken Authentication
Also referred to as broken authentication and session management, these vulnerabilities involve
hackers gaining unauthorized access to user credentials and falsely getting into databases and
programs.
Security Misconfiguration
This vulnerability is a common occurrence in security systems that are poorly configured and managed.
As it can take place at any level of the security infrastructure, it is very common and can be detected
and mitigated with ease.
Broken Access Control
This vulnerability generally takes place when a user is able to perform certain functions or gain access
to files and information without having genuine access. Two earlier vulnerabilities called 'insecure
direct object references' and 'missing function level access control' were combined to be known as
broken access control.
Cross-Site Scripting (XSS)
The cross-site scripting vulnerability takes place when a trusted site extends its permissions to an
unknown or malicious third-party site. In general, users give certain permissions to trusted sites.
Hackers somehow modify the pages of those trusted sites to extend those permissions to some
untrusted third-party and gain access to sensitive information and spread malicious content.
Sensitive Data Exposure
It is one of the most serious security vulnerabilities and causes a lot of damage to individuals and
businesses worldwide. Any web application dealing with sensitive business or user information is
vulnerable to data exposure issues.
XML External Entities (XXE)
Whenever an external file is specified in an XML document, XML processors are used in order to load
their contents. However, attackers use this opportunity to get the contents of local files in the system,
access remotely located files, and also develop executable code using the XML processor.
Insecure Deserialization
Serialization and deserialization are generally used to turn objects to data and transmit and recreate
it in the same state at another place or at another time. In the case of insecure deserialisation,
attackers send malicious objects which upon deserialization provide special privileges to them or let
them execute malicious code at the target places.
Using Components with Known Vulnerabilities
It is surprisingly common in web apps to have components with known security vulnerabilities. That
component could be the operating system, web server, CMS, or some library or associated plugins.
Using these components without having a backup plan can prove detrimental to any security system.

6
www.gradeup.co

Insufficient Logging and Monitoring

While sufficient monitoring and logging alone can't prevent hackers from launching an attack on your
systems, the sheer absence of these activities, on the other hand, would surely make it difficult to
detect targeted attacks, mitigate them or assess their damage.
Internet of things(IOT):
The internet of things, or IoT, is a system of interrelated computing devices, mechanical and digital
machines, objects, animals or people that are provided with unique identifiers (UIDs) and the ability
to transfer data over a network without requiring human-to-human or human-to-computer interaction.
How IoT works:
An IoT ecosystem consists of web-enabled smart devices that use embedded systems, such as
processors, sensors and communication hardware, to collect, send and act on data they acquire from
their environments.
Sometimes, these devices communicate with other related devices and act on the information they
get from one another. The devices do most of the work without human intervention, although people
can interact with the devices -- for instance, to set them up, give them instructions or access the data.
The connectivity, networking and communication protocols used with these web-enabled devices
largely depend on the specific IoT applications deployed.
IoT can also make use of artificial intelligence (AI) and machine learning to aid in making data
collecting processes easier and more dynamic.
Why IoT is important
The internet of things helps people live and work smarter. In addition to offering smart devices to
automate homes, IoT is essential to business. IoT provides businesses with a real-time look into how
their systems really work.
Pros and cons of IoT
Some of the advantages of IoT include the following:
• ability to access information from anywhere at any time on any device;
• improved communication between connected electronic devices;
• transferring data packets over a connected network saving time and money; and
• automating tasks helping to improve the quality of a business's services and reducing the need for
human intervention.
Some disadvantages of IoT include the following:
• As the number of connected devices increases and more information is shared between devices,
the potential that a hacker could steal confidential information also increases.
• Enterprises may eventually have to deal with massive numbers -- maybe even millions -- of IoT
devices, and collecting and managing the data from all those devices will be challenging.
• If there's a bug in the system, it's likely that every connected device will become corrupted.

7
www.gradeup.co

• Since there's no international standard of compatibility for IoT, it's difficult for devices from
different manufacturers to communicate with each other.

IoT frameworks include the following:

• Amazon Web Services (AWS) Iot is a cloud computing platform for IoT released by Amazon.
This framework is designed to enable smart devices to easily connect and securely interact with
the AWS cloud and other connected devices.
• Arm Mbed IoT is a platform to develop apps for IoT based on Arm microcontrollers. The goal
of the Arm Mbed IoT platform is to provide a scalable, connected and secure environment for IoT
devices by integrating Mbed tools and services.
• Microsoft's Azure IoT Suite is a platform that consists of a set of services that enables users to
interact with and receive data from their IoT devices, as well as perform various operations over
data, such as multidimensional analysis, transformation and aggregation, and visualize those
operations in a way that's suitable for business.
What is Blockchain Technology?
A simple analogy for understanding blockchain technology is a Google Doc. When we create a
document and share it with a group of people, the document is distributed instead of copied or
transferred. This creates a decentralized distribution chain that gives everyone access to the document
at the same time. No one is locked out awaiting changes from another party, while all modifications
to the doc are being recorded in real-time, making changes completely transparent.
The whole point of using a blockchain is to let people — in particular, people who don't trust one
another — share valuable data in a secure, tamperproof way.
Blockchain consists of three important concepts: blocks, nodes and miners.
Blocks:
Every chain consists of multiple blocks and each block has three basic elements:
• The data in the block.
• A 32-bit whole number called a nonce. The nonce is randomly generated when a block is created,
which then generates a block header hash.
• The hash is a 256-bit number wedded to the nonce. It must start with a huge number of zeroes
(i.e., be extremely small).
When the first block of a chain is created, a nonce generates the cryptographic hash. The data in
the block is considered signed and forever tied to the nonce and hash unless it is mined.
Miners
Miners create new blocks on the chain through a process called mining.
In a blockchain every block has its own unique nonce and hash, but also references the hash of the
previous block in the chain, so mining a block isn't easy, especially on large chains.

8
www.gradeup.co

Miners use special software to solve the incredibly complex math problem of finding a nonce that
generates an accepted hash.

Nodes:
One of the most important concepts in blockchain technology is decentralization. No one computer or
organization can own the chain. Instead, it is a distributed ledger via the nodes connected to the
chain. Nodes can be any kind of electronic device that maintains copies of the blockchain and keeps
the network functioning.
Use Of AI In Cyber Security:
Artificial intelligence techniques can be used to learn how to remove noise or unwanted data and to
enable security experts to understand the cyber environment in order to detect abnormal activity.
Artificial Intelligence is able to analyze massive amounts of data and allow the development of existing
systems and software in an appropriate way to reduce cyber attacks.
types of artificial intelligence applications are being used in cyber security solutions?
• Spam Filter Applications (spamassassin)
• Network Intrusion Detection and Prevention
• Fraud detection
• Credit scoring and next-best offers
• Botnet Detection
• Secure User Authentication
• Cyber security Ratings
• Hacking Incident Forecasting
Here, are some features to use in analyzation of a software:
• Accessed APIs,
• Accessed fields on the disk,
• Accessed environmental products (camera, keyboard etc),
• Consumed processor power.
• Consumed bandwidth.
• Amount of data transmitted over the internet.
By using the distinguished features, the system is built. Once you give a test software to the system,
it tries to detect whether the software is a malware or not by analyzing these distinguished features.

****

9
www.gradeup.co

10