O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Risks and Security of Internet and System

26 visualizações

Publicada em

1. Cyber Ethics and Cyber Crime

2. Security in Social Media & Risk of Child Internet

3. Social media in Schools and photo privacy

4. Risk of OSNs and Security, Privacy of Facebook

5. Risk and Security of Social Networking site Facebook and Twitter

6. Risk analysis of Government and Online Transaction

Publicada em: Internet
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

Risks and Security of Internet and System

  1. 1. Risks and Security of Internet and System Guided By : Dr. Kalpdrum Passi Group No:10
  2. 2. Content :- 1. Cyber Ethics and Cyber Crime 2. Security in Social Media & Risk of Child Internet 3. Social media in Schools and photo privacy 4. Risk of OSNs and Security , Privacy of Facebook 5. Risk and Security of Social Networking site Facebook and Twitter 6. Risk analysis of Government and Online Transaction 2 Presented by:- 1. Param Nanavati 2. Darsh Desai 3. Meet Bhalodiya 4. Akash Patel 5. Mihir Darji 6. Teerth Patel Group No:10
  3. 3. Cyber Ethics and Cyber Crime • Future wars will be cyber wars and the attacks will be a sturdy amalgamation of cryptography along with malware to distort information systems and its security. • The explosive Internet growth facilitates cyber-attacks. • Web threats include risks, that of loss of confidential data and erosion of consumer confidence in e-commerce. • The emergence of cyber hack jacking threat in the new form in cyberspace is known as ransomware or crypto virus. 3
  4. 4. • The locker bot waits for specific triggering events, to become active. It blocks the task manager, command prompt and other cardinal executable files, a thread checks for their existence every few milliseconds, killing them if present. • Imposing serious threats to the digital generation, ransomware pawns the Internet users by hijacking their system and encrypting entire system utility files and folders, and then demanding ransom in exchange for the decryption key it provides for release of the encrypted resources to its original form. 4
  5. 5. • We present in this research, the study of a ransomware family that recently picked up quite a rage and is called CTB locker, and go on to the hard money it makes per user, and its source C&C server, which lies with the Internet’s greatest incognito mode– The Dark Net. • Crypto locker Ransomware or the CTB Locker makes a Bitcoin wallet per victim and payment mode is in the form of digital bitcoins which utilizes the anonymity network or Tor gateway. • CTB Locker is the deadliest malware the world ever encountered. CTB-Locker stands for “Curve-Tor-Bitcoin-Locker 5
  6. 6. RANSOMWARE WORKING PRINCIPLE -Rhyme Upadhyaya • Ransomware propagates like a typical malware does but methods employ sharp social engineering tactics, accidental or unwanted downloads, visiting websites stuffed with bloatware ,or simply by following a malicious link or ad. • Also one should never trust email attachments from unacknowledged paternity. Once the malware spreads, it runs the code in its payload. 6
  7. 7. • Ransomware can also spread through removable storage if a user uses the same removable storage for data transfer in multiple computers. • Some nuance applications can come bundled with malware or adware which one may not even have an idea it exists in their newly bought systems. 7
  8. 8. 8 [A Timeline Of Ransomware Variants]
  9. 9. BITCOIN AND THE TOR NETWORK - Aruna Jain • This is electronic money, a crypto-currency that does away with the need for banks by combining a limited quantity digital currency with state of the art cryptographic security and a peer-to-peer network. • All transactions are irreversible. • It is also free, unlike Visa or PayPal • Tor stands for The Onion Router so-called because of the layered encryption process. • Crypto anarchism and Onion Routing are the two vivacious terms linked to the underground web. 9 Keywords: locker bot; cyber crime; ransomware; malware; bitcoin; dark net; tor; CTB locker
  10. 10. • Tor was originally funded by the US Navy at the start of the Millennium and is used by numerous agencies and others to transmit and receive sensitive information. • Within the Tor, you can mask your identity and travel the Surface Web with total anonymity. • Transferring money without leaving a trace is not always easy, however, the Dark Net’s own currency bitcoin provides the solution. 10
  11. 11. Understanding Privacy Concerns of WhatsApp Users in India -Jayati Dev,Sanchari Das Introduction: WhatsApp Messenger is a freeware, cross- platform messaging and Voice over IP (VoIP) service owned by Facebook . The study evaluates the risk perception of WhatsApp users in India by analyzing a survey recruiting 213 Indian participants Received valid responses from 213 participants (71 Female,135 Male) who identified themselves as Indian.
  12. 12. Problems: • Targeted Advertisements. • Understanding Customer’s behaviour. • 35.21% participants expressed concern over being contacted by strangers. • Participants indicated more sensitivity for privacy when in groups.
  13. 13. Solutions: • Privacy by Default • Add customized features such as ‘Last Seen’, ‘Read Receipts’, etc. for individual and group interactions
  14. 14. IS CHILD INTERNET ACCESS A QUESTIONABLE RISK? -ANDREW ANDERSON, CHARLES SHONIREGUN • There is no doubt that the Internet has become an indispensable part of life for many people. • Innovative avenues of communication -- chat rooms, e-mail, downloads and information searches -- are among the Internets greatest assets. • This paper discusses the Internet in correlation to its usage by children both for academic and social activities.
  15. 15. Problems: • A child or teenager having unsupervised access to the Internet is open to a world of harmful risks that can be both psychologically damaging and/or physically abusive. • In October 2001, a paediatrician pled guilty to 11 felony counts of attempted child molestation and sending pornographic pictures to a minor via the Internet.
  16. 16. Solutions: • The UK government strategy has been to educate parents through advertising campaigns and to teach awareness to children and parents through schools. • A variety of technology-based tools for assisting in Internet safety are available on the market to parents, educational institutions and business organisations.
  17. 17. Benefits and risks of social media in school -Miami-Dade County Public Schools, Florida • Rapid increment in Social networking sites such as Facebook and Twitter among students. • Facebook with an estimated 750 million visitors each month. Twitter, a micro-blogging social networking site, with an estimated 250 million visitors each month. • In a Survey conducted by Pew Research Center’s Internet and American Life Project for the teens of Age 12-17 95% of them remains online and 80% of these online teens use social networking sites. 17
  18. 18. Benefits of social media in school • It allows teachers to better understand and quickly recognize the students’ learning needs. • It enhances the communication between teachers and students. • It helps in informal communications and learning. • It helps to create a collaborative atmosphere and increases the student engagement. 18
  19. 19. Risks of social media in school • Cyberbullying - Social networking sites make bullying easier and more public than bullying through other online activities such as email and instant messaging. • Exposure to offensive material - As per the survey of National School Boards Association’s (2007) of students ages 9-17, 20% of students were exposed to inappropriate content on social networking sites and 18% were exposed to inappropriate language on these sites. • Compromised online safety- Social network users are susceptible to phishing, or attempts to acquire personal information such as passwords and banking information, through the means of fraud. 19
  20. 20. Risks of social media in school • Reduces face-to-face communication. • For students Social media is a biggest Distraction from school work. 20
  21. 21. Solutions associated with Risk • To develop an appropriate policy for social networking. • Develop strategies for preventing, identifying, and responding to cyberbullying. • Consider using specially designed education-based social networking sites. • Provide teachers with training on the use of social networking in the classroom. 21
  22. 22. Cryptagram: The photo privacy for online social media -New York University, NYC • The online social networks has spreads its roots world wide. It enables the users to share their photos easily, which introduces the users with several privacy threats. • The current privacy controls on social systems are a bit adequate, resulting in inappropriate flows of information when users fail to understand their privacy settings or sometimes online social networks fails to implement their policies correctly 22
  23. 23. • To comes up such situation and to terminate the inappropriate flow of pictorial data students of NYU has proposed a feature called Cryptagram which enhances the photo privacy for online social media. 23
  24. 24. Cryptagram • Cryptagram enables users to convert photos into encrypted images, which the users upload to Social media. • Users directly can decrypt those photos via shared keys that are independent of Social media or other third parties. • Cryptagram’s browser extension integrates smoothly with existing Social medias, including Facebook and Google+, and currently has over 400 active users. 24
  25. 25. Cryptagram • Example Cryptagram user experience. On the left, we show a social network with embedded Cryptagrams, uploaded by a user. A browser extension decrypts the images in place as shown on the right. 25
  26. 26. Online Social Networks Risks to Organisations -Talitakuum A. T. Ekandjo, Hussin Jazri • The use of online social networks (OSNs) is increasing day by day. • Organisations need to regulate OSNs related threats emanating from the employees. • For organisations to implement effective security management programs, it is recommended to implementing OSNs security control mechanisms. 26
  27. 27. Introduction • OSNs can be define as the it is a web based service that allow users to create their profile over the bounded system, and it can be accessed by the other users that is within bounded system. • OSNs platforms are having large information's , and it making easy for malicious attackers to gather information required to carry out an attack. 27
  28. 28. Risk of OSNs to the Organizations • Brand and Reputational Risks. • Financial Risks. • Communication Risks. • Technological Risks. • Legal Risks. 28
  29. 29. Conclusion • OSNs is important tools for both individuals and organisations due to the benefits they provide such real time communication, marketing, networking and relationships maintenance. • OSNs adoption and use can result in huge information security risks to the Organizations. • It is need to improve the security mechanisms and Policies of Organizations so, the risk of using the OSNs can be reduced. 29
  30. 30. Privacy and Security Issues in Social Networks :An Evaluation of Facebook -Abdulmohsen Albesher • Social networking websites have grown rapidly in recent years. Many people are involved in several virtual networking websites. • However, many users are not aware of the potential risk that may occur when using social networking websites. • It is needed for a regular review of privacy settings and policy to control the interaction between users and applications. 30
  31. 31. Introduction • Facebook is surrounded by many data privacy threats and security vulnerabilities. • Users of Facebook can also install numerous third party applications which are designed to meet a lot of interests. • Although users are encouraged to specify their privacy settings when they register for the first time, the privacy settings remain in default until they get updated later on by the user 31
  32. 32. Facebook • Facebook was created in 2003 by Mark Zuckerburg and some of his friends as a network for undergraduate students at Harvard University. • After some time it was popular in U.S and most of students had created their profiles on the Facebook. • Currently Facebook is the most popular Social Network in the word. • Security of Facebook:- 32
  33. 33. 1. Privacy Settings 2.Third Party Applications 3. Security Questions
  34. 34. Conclusion • Risks associated with third party applications were determined and how user’s profile information can be used to answer the security questions and accordingly solutions were provided. • User’s regular review of privacy settings is needed and a list of settings to control the interaction between users and applications should be provided. • It suggested that users’ awareness of privacy settings in Facebook can be enhanced by providing an awareness video and guidance. 34
  35. 35. FlyByNight: Mitigating the Privacy Risks of Social Networking -Matthew M. Lucas • We aim to mitigate risk through the social net working website Facebook through encryption. • This architecture makes a trade-off between security and usability in the interests of User. • It address some of limitations of the Facebook platform through proxy cryptography.
  36. 36. Architecture • Generate Private Key & Cryptographic operation performed. • Password used for Encrypt the PK. • PK transmitted to the flyByNight application server via Facebook servers.
  37. 37. The Doppelgänger Bot Attack: Identity Impersonation in Online Social Networks -Oana Goga • People have long been aware of malicious users that impersonate celebrities or launch identity theft attacks in social networks. • We also propose and evaluate methods to automatically detect impersonation attacks sooner than they are being detected in today's Twitter social network.
  38. 38. • To ask human workers if both identities are the same user. • Unfortunately, such an exercise would be very expensive to scale to millions of potential doppelganger pairs. • So ,Built an automated rule- based matching scheme that determine when the profile attributes of two identities match sufficiently or not.
  39. 39. Security risk analysis of government public data center -Ning Lu • Public Data Center is the Information Heart of the Government, this focuses on security risk analysis. • With the continuous highly integrated and centralized government information, large- scale government public data centers and data warehouses have been continuously derived. • As a result, the risks of the public data center are ubiquitous. Security System Design Model
  40. 40. • The data center is built on the TCP/IP network system. The TCP/IP network model can be divided into four layers: 1. Physical layer:-It is the foundation of the network system security. It includes environmental security, equipment security and media security. 2. Link layer:-When data is transmitted on the network link data leakage may easily occur. 3. Network layer:-The TCP/IP protocol is insecure so security threats such as IP address spoofing, source address routing spoofing, port scanning can be done. 4. Application layer:- There are a large number of web application services running on the government's external affairs network such as e-mail service, WWW service, FTP service. Security Risk Analysis
  41. 41. Solutions:
  42. 42. Some Methods to Depress the Risks of the Online Transactions -Haixia Tan Introduction • In comparison, the Internet is indeed more efficient but the realistic situation is that most consumers are unwilling to be engaged in e- commerce because they fear that they will meet with the risks of the online transactions.
  43. 43. Problems: Risks can come from many aspects • Privacy issues • E-commerce technology, • Lack of reliability in e-commerce, • Lack of the social, financial & legal infrastructures of the e-commerce environment ,etc.
  44. 44. Solutions Important requirements for e-commerce security are • The need to verify the identity of the other party in the transaction, • To ensure that no one can intercept the information being exchanged during the transaction, • To protect sensitive information that is stored on computers before and after an e-commerce transaction, • And in general to prevent disruption of services and applications.
  45. 45. 46 Thank You