SlideShare uma empresa Scribd logo

MainPaper_4.0

V
varun4110
1 de 4
Baixar para ler offline
IMPACT OF VULNERABILITIES ON CYBER WORLD: SURVEY Palak Agrawal, Varun Bhave, Ankit Yadav Swami Vivekanand College of Engineering Rajiv Gandhi Technical Unversity Indore, India Palakagrawal0410@gmail.com, varun4110@gmail.com, akkishowtime@gmail.com Abstract— the term Cyber security has become the main concern for us in 21st century. With increasing cybercrime, cyber security has become major areas of concern for common man, government as well as big organizations. In this paper we have provided a brief survey of the cyber-attacks and cybercrimes and the losses associated with them, also we have discussed various preventions that one should take and emerging technologies used to keep track of various activities over a network I. INTRODUCTION In the last decade the technology has evolved in a way never imagined by a common man, especially network technology. The ever increasing need of data and information and the urge to know it ‘all’ has been a major factor in this drastic evolution. But as these technologies are expanding, the risks involved with these technologies are increasing too. By risks in broad sense refer to the compromised security; though there are several professional security solution providing companies that provides quite good ways to ensure your security on a network and other aspects but they can only ensure your device safety at a surface level SECURITY THREATS: There are some developers who develop malicious codes and device new ways to compromise your security and steal your valuable data maybe for their own purpose or for a third party in exchange of money. These people are popularly known as ‘Hackers’ which may be a security professional(who has certainly lost his track) or a self-taught programmer writing malicious codes to breach the security. MAJOR THREATS TO PRIVACY 1. Virus 2. Spam 3. Spoofing, Phishing and Pharming 4. Spyware 5. Keystroke logging 6. Adware 7. Botnet 8. Worm 9. Trojan Horse 10. Blended Threat 11. Denial of Service attack WHY ARE YOU A TARGET? Information, whether personal or business related, is becoming increasingly valuable to criminals. where personal information such as bank accounts, credit cards, social security number is stored, whether on your pc or with a trusted third party such as bank, retailer or government agencies, a cyber-criminal can attempt to steal that information which would be used for identity theft, credit card fraud or fraudulent withdrawals from bank accounts, among other crimes. [1]There are various cyber-attacks are going on all around the world. Use of malicious codes, software by the hackers easily affect our system through networks. As far as security goes, today a person is most worried by the chances to get his private information exposed on a network. The cost of malicious cyber activity involves more than the loss of financial assets or intellectual property. Cybercrimes against common people, various industries, over computer and mobile platform, banks and other financial institutions probably cost many hundreds of millions of dollars every year. Cyber theft of intellectual property and Business- confidential information probably costs developed economies billions of dollars. In spite of the fact we have many security solutions with us and also a modern user is quite aware of the various threats ’out’ there, then too we become victims of these threats somewhere down the lane; and the major question is why it happens..?, are we fool to fall in these traps again and again or we do not care what goes inside the things we use to get the information on the network..! “The simple reason for increase in network insecurity is, the most activities that happen over a network with us are really not in our control, as we believe them to be..! 2. PROBLEM DOMAIN In this paper we have confined our problem domain up to damage at global level on mobile platforms and personal computers due to cyber threats. HOW FRAUD WORKS? A Popular Approach of getting Victims Information: Malware coder writes a malicious code to exploit the computer vulnerability and install a Trojan. With the help of this Trojan hacker hacks the system of any organization or any industry. The victim uses its personal details for any banking transaction which is been gathered by the hacker through the malicious software which has been already injected in the
40.68 21 10.59 5.51 5 4.73 3.5 3.3 2.61 2.19 Percentage China UN Geramany Iran India Brazil France Egypt Vietnam Canada victim’s system. Now the hacker is having all the banking credential of the victim. With the help of the Proxy server he logged in into victims account and transferred the money into money mule’s account. Fig 2.1 [2] Shows how a fraudulent perform fraud WEB INJECTION PROCESS USED IN WATERING HOLE ATTACKS Fig 2.2 [3] Web injection process used in Watering hole attack WHEN YOU ARE MOST VULNERABLE ON NETWORK? 0 20 40 60 Surf Internet Share files Access social networks Online shopping Mobile payement Percentage Percentage Fig 2.3 [4] Shows the Vulnerability on Network Above bar graph shows the vulnerable areas on network where mobile users can be affected. All the areas are a favourable for hackers around the globe to inject the malicious content in the user’s device. WHY IT OCCURS? According to [3]:  1/3 of the users use unsecure payment methods for online shopping.  1/3 people use unsecure passwords for their social networking and email services.  4/10 people admit that they do not download apps from trusted sources. These unsecure methods of accessing network leads to information disclosure due to various techniques used by hackers like SQL injection, path disclosure, price manipulation and cross-site scripting etc. According to [3]: The increase in mobile malware family in 2011-2012 has increased by 58%. TOP TEN SOURCE COUNTRIES FOR DDOS ATTACKS Fig 2.4[5] Top source countries for DDOS attacks
0 10 20 30 40 USA Mexico Brazil Europe South Africa Russia India China Japan Australia Losses(Billions $) MALWARE ATTACKS (IN %): 8.13 14.24 73.13 2.9 1.43 malwareattacks worms virus Trojan horses Adware/spyware Fig 2.4 [6] Malware Attacks (in %) VULNERABILITY AND MALWARE ATTACKSON MOBILE PLATFORMS: 0 50 100 150 Apple ios Android windows Blackberry Chart Title Malware Attacks Vulnerability Fig 2.5 [7] Malware Attacks on Mobile LOSSES GLOBAL PRICE TAG OF CONSUMER CYBERCRIME: Fig 2.6 [8] Shows losses (in billions $) all over the Globe “Cyber-crime or spying on the network is clearly causing a lot of pain in asses of governments, businesses and individual users, factoring in data theft, clean-up costs, damage of popular brands, loss of customers and more to count. In total the range for cyber-crimes loss to the global economy is between $100 billion and $500 billion.”[9] 3. PREVENTIVE METHODS SECURITY SOLUTIONS WE HAVE NOW:  Antivirus Solutions  Firewalls  Malware Scanners  Cryptography techniques  Authentication of Files/documents  Access control and identity management.  Ciphering technology. EMERGING TECHNOLOGIES TO ENSURE CYBER SECURITY: MOVING TARGET TECHNOLOGIES: They aim to constantly change the surface of attack on a network, increasing in cost for attacker and decreasing the predictabilities and vulnerabilities at any time (NITRD 2013) [10] REMOTE AGENT TECHNOLOGIES: Also known as mobile agents which actively monitor the network’s security. [10] REAL TIME FORENSIC ANALYSIS: It allows us to reproduce the incident, the cause and effects of the event to analyse them further (UMUC 2012). [10] 4. CONCLUSION Cyber security is now the major concern for the common man as well as the government and industries. The significant increase in cybercrime not only affect us on the network level but also gives rise to real life crimes and plays major factor in disturbing persons social life. There cannot be a single path of attaining cyber security, collective measures at a global level should be taken to maximize security. Today a government of a country should be more concerned about ‘Cyber War’ rather than any ‘World War’, because as much we need to increase the man power, armoury and nuclear power of country, together we also need to strengthen the cyber security as it can affect us internally and globally.
5. REFRENCES: [1]’Why are you a target ‘available at msisac.cisecurity.org/newsletters/2011-07.cfm, access on 2nd Jan’14. [2] ‘Working of fraudulent performing fraud’-available at- http://www.fbi.gov/news/stories/2010/october/cyber-banking- fraud/cyber-banking- fraud-graphic, access on 5th Jan’14. [3]’Places which are vulnerable in the network’ available at - Symantec internet security threat report 2013(2012 trends, volume 18, published on April 2013), access on 7th Jan’14. [4] ‘Vulnerability on Network’ available at - 2012 Norton cybercrime report (European mobile insight, published April 2013), access on 8th Jan’14. [5]’Source Country for DDoS Attack’ available at- www.foxbusiness.com/technology/ 2013/04/17/intensity- ddos-attacks-explode-in-first-quarter-average-bandwidth- surges-61/ , access on 10th Jan’14. [6]’Malware attacks (in %)’ available at- Ammal security reports, Panda labs, 2011, access on 12th Jan’14. [7]’Malware attacks on mobile platform’ available at- http://gcn.com/articles/2013/04/19/iphone-vulnerabilities- android-most-attacked.aspx, access on 15th Jan’14. [8]’Global Price tag of Consumer Cyber Crime’ available at- securityaffairs.co/wordpress/18475/cyber-crime/2013-nortan- repot.html, access on 17th Jan’14. [9]’Cybercrime losses’ available at- http://www.hpenterprisesecurity.com/collateral/report/HPEnte rpriseSecurity_Report_HPArcSightFirstAnnualCostCyberCri meStudyPonemon.pdf, access on 20th Jan’14. [10]’Emerging Technology to ensure cyber Security’ available at http://researchedsolution.wordpress.com/2013/09/14/emerging -cybersecurity-technologies/ , access on 24th Jan’14

Recomendados

Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec
 
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...Symantec
 
Survey of different Web Application Attacks & Its Preventive Measures
Survey of different Web Application Attacks & Its Preventive MeasuresSurvey of different Web Application Attacks & Its Preventive Measures
Survey of different Web Application Attacks & Its Preventive MeasuresIOSR Journals
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
Implementing security on android application
Implementing security on android applicationImplementing security on android application
Implementing security on android applicationIAEME Publication
 
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONSCYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONSIAEME Publication
 
Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Kim Jensen
 
Adil Burak Sadıç - Siber Güvenlik mi, Bilgi Güvenliği mi, BT Güvenliği mi?
Adil Burak Sadıç - Siber Güvenlik mi, Bilgi Güvenliği mi, BT Güvenliği mi? Adil Burak Sadıç - Siber Güvenlik mi, Bilgi Güvenliği mi, BT Güvenliği mi?
Adil Burak Sadıç - Siber Güvenlik mi, Bilgi Güvenliği mi, BT Güvenliği mi? CypSec - Siber Güvenlik Konferansı
 

Recomendados

Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec
 
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...Symantec
 
Survey of different Web Application Attacks & Its Preventive Measures
Survey of different Web Application Attacks & Its Preventive MeasuresSurvey of different Web Application Attacks & Its Preventive Measures
Survey of different Web Application Attacks & Its Preventive MeasuresIOSR Journals
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
Implementing security on android application
Implementing security on android applicationImplementing security on android application
Implementing security on android applicationIAEME Publication
 
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONSCYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONSIAEME Publication
 
Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Kim Jensen
 
Adil Burak Sadıç - Siber Güvenlik mi, Bilgi Güvenliği mi, BT Güvenliği mi?
Adil Burak Sadıç - Siber Güvenlik mi, Bilgi Güvenliği mi, BT Güvenliği mi? Adil Burak Sadıç - Siber Güvenlik mi, Bilgi Güvenliği mi, BT Güvenliği mi?
Adil Burak Sadıç - Siber Güvenlik mi, Bilgi Güvenliği mi, BT Güvenliği mi? CypSec - Siber Güvenlik Konferansı
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?Spire Research and Consulting
 
Symantec Website Security Threat Report 2014 - RapidSSLOnline
Symantec Website Security Threat Report 2014 - RapidSSLOnlineSymantec Website Security Threat Report 2014 - RapidSSLOnline
Symantec Website Security Threat Report 2014 - RapidSSLOnlineRapidSSLOnline.com
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh WebinarArrow ECS UK
 
Websense 2013 Threat Report
Websense 2013 Threat ReportWebsense 2013 Threat Report
Websense 2013 Threat ReportKim Jensen
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile securityKavita Rastogi
 
Top 5 Cybersecurity Risks in Banking
Top 5 Cybersecurity Risks in BankingTop 5 Cybersecurity Risks in Banking
Top 5 Cybersecurity Risks in BankingSeqrite
 
2013 Threat Report
2013 Threat Report2013 Threat Report
2013 Threat ReportEnvision Technology Advisors
 
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Symantec
 
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldTrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldInfinigate Group
 
Rp threat-predictions-2013
Rp threat-predictions-2013Rp threat-predictions-2013
Rp threat-predictions-2013Комсс Файквэе
 
Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)AP DealFlow
 
Cyber Wars And Cyber Terrorism
Cyber Wars And Cyber TerrorismCyber Wars And Cyber Terrorism
Cyber Wars And Cyber TerrorismGanesh DNP
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
188
188188
188vivatechijri
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ckNarinrit Prem-apiwathanokul
 
5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public SectorSeqrite
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSPaul Walsh
 
B istr main-report_v18_2012_21291018.en-us
B istr main-report_v18_2012_21291018.en-usB istr main-report_v18_2012_21291018.en-us
B istr main-report_v18_2012_21291018.en-usКомсс Файквэе
 
Cybercriminals and security attacks
Cybercriminals and security attacksCybercriminals and security attacks
Cybercriminals and security attacksGFI Software
 
Portuguese water dog By Jessica
Portuguese water dog By JessicaPortuguese water dog By Jessica
Portuguese water dog By Jessicamswilsonri2
 
Canadian artists
Canadian artistsCanadian artists
Canadian artistsmswilsonri2
 

Mais conteúdo relacionado

Mais procurados

Symantec Website Security Threat Report 2014 - RapidSSLOnline
Symantec Website Security Threat Report 2014 - RapidSSLOnlineSymantec Website Security Threat Report 2014 - RapidSSLOnline
Symantec Website Security Threat Report 2014 - RapidSSLOnlineRapidSSLOnline.com
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh WebinarArrow ECS UK
 
Websense 2013 Threat Report
Websense 2013 Threat ReportWebsense 2013 Threat Report
Websense 2013 Threat ReportKim Jensen
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile securityKavita Rastogi
 
Top 5 Cybersecurity Risks in Banking
Top 5 Cybersecurity Risks in BankingTop 5 Cybersecurity Risks in Banking
Top 5 Cybersecurity Risks in BankingSeqrite
 
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Symantec
 
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldTrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldInfinigate Group
 
Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)AP DealFlow
 
Cyber Wars And Cyber Terrorism
Cyber Wars And Cyber TerrorismCyber Wars And Cyber Terrorism
Cyber Wars And Cyber TerrorismGanesh DNP
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public SectorSeqrite
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSPaul Walsh
 
Cybercriminals and security attacks
Cybercriminals and security attacksCybercriminals and security attacks
Cybercriminals and security attacksGFI Software
 

Mais procurados (20)

220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?
 
Symantec Website Security Threat Report 2014 - RapidSSLOnline
Symantec Website Security Threat Report 2014 - RapidSSLOnlineSymantec Website Security Threat Report 2014 - RapidSSLOnline
Symantec Website Security Threat Report 2014 - RapidSSLOnline
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh Webinar
 
Websense 2013 Threat Report
Websense 2013 Threat ReportWebsense 2013 Threat Report
Websense 2013 Threat Report
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
 
Top 5 Cybersecurity Risks in Banking
Top 5 Cybersecurity Risks in BankingTop 5 Cybersecurity Risks in Banking
Top 5 Cybersecurity Risks in Banking
 
2013 Threat Report
2013 Threat Report2013 Threat Report
2013 Threat Report
 
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
 
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldTrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
 
Rp threat-predictions-2013
Rp threat-predictions-2013Rp threat-predictions-2013
Rp threat-predictions-2013
 
Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)
 
Cyber Wars And Cyber Terrorism
Cyber Wars And Cyber TerrorismCyber Wars And Cyber Terrorism
Cyber Wars And Cyber Terrorism
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
188
188188
188
 
Tt 06-ck
Tt 06-ckTt 06-ck
Tt 06-ck
 
5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMS
 
B istr main-report_v18_2012_21291018.en-us
B istr main-report_v18_2012_21291018.en-usB istr main-report_v18_2012_21291018.en-us
B istr main-report_v18_2012_21291018.en-us
 
Cybercriminals and security attacks
Cybercriminals and security attacksCybercriminals and security attacks
Cybercriminals and security attacks
 

Destaque

Portuguese water dog By Jessica
Portuguese water dog By JessicaPortuguese water dog By Jessica
Portuguese water dog By Jessicamswilsonri2
 
Canadian artists
Canadian artistsCanadian artists
Canadian artistsmswilsonri2
 
Adjuncts to local anesthetics
Adjuncts to local anestheticsAdjuncts to local anesthetics
Adjuncts to local anestheticsNin Thitayaporn
 
Saina's Canadian artists
Saina's Canadian artistsSaina's Canadian artists
Saina's Canadian artistsmswilsonri2
 
Canadian artists by Meghan
Canadian artists by MeghanCanadian artists by Meghan
Canadian artists by Meghanmswilsonri2
 
Wk 2 pp creative bible teaching model
Wk 2 pp creative bible teaching modelWk 2 pp creative bible teaching model
Wk 2 pp creative bible teaching modelKarin Mappes
 
john's art critic
john's art criticjohn's art critic
john's art criticmswilsonri2
 
Introduction to GIT
Introduction to GITIntroduction to GIT
Introduction to GITArpit Mohan
 
Metodología de la Investigación - Módulo 2 - HERNANDEZ- Centrumx
Metodología de la Investigación - Módulo 2 - HERNANDEZ- CentrumxMetodología de la Investigación - Módulo 2 - HERNANDEZ- Centrumx
Metodología de la Investigación - Módulo 2 - HERNANDEZ- CentrumxMarcos Alarcón Ochoa / @JhMarcos
 
Who is the audience for my media product 4
Who is the audience for my media product 4Who is the audience for my media product 4
Who is the audience for my media product 4Warren Reilly
 
Optical Illusions By Saina
Optical Illusions By SainaOptical Illusions By Saina
Optical Illusions By Sainamswilsonri2
 
Coronary Artery Disease in Epidemic Proportions in the Indian Subcontinent
Coronary Artery Disease in Epidemic Proportions in the Indian SubcontinentCoronary Artery Disease in Epidemic Proportions in the Indian Subcontinent
Coronary Artery Disease in Epidemic Proportions in the Indian Subcontinentdrmjavedakhtar
 
Neuroprotection during cerebral aneurysm surgery
Neuroprotection during cerebral aneurysm surgeryNeuroprotection during cerebral aneurysm surgery
Neuroprotection during cerebral aneurysm surgeryNin Thitayaporn
 

Destaque (17)

Portuguese water dog By Jessica
Portuguese water dog By JessicaPortuguese water dog By Jessica
Portuguese water dog By Jessica
 
Canadian artists
Canadian artistsCanadian artists
Canadian artists
 
Adjuncts to local anesthetics
Adjuncts to local anestheticsAdjuncts to local anesthetics
Adjuncts to local anesthetics
 
Saina's Canadian artists
Saina's Canadian artistsSaina's Canadian artists
Saina's Canadian artists
 
Canadian artists by Meghan
Canadian artists by MeghanCanadian artists by Meghan
Canadian artists by Meghan
 
Wk 2 pp creative bible teaching model
Wk 2 pp creative bible teaching modelWk 2 pp creative bible teaching model
Wk 2 pp creative bible teaching model
 
john's art critic
john's art criticjohn's art critic
john's art critic
 
Tugas kami
Tugas kamiTugas kami
Tugas kami
 
Introduction to GIT
Introduction to GITIntroduction to GIT
Introduction to GIT
 
Metodología de la Investigación - Módulo 2 - HERNANDEZ- Centrumx
Metodología de la Investigación - Módulo 2 - HERNANDEZ- CentrumxMetodología de la Investigación - Módulo 2 - HERNANDEZ- Centrumx
Metodología de la Investigación - Módulo 2 - HERNANDEZ- Centrumx
 
Who is the audience for my media product 4
Who is the audience for my media product 4Who is the audience for my media product 4
Who is the audience for my media product 4
 
Victory sensors
Victory sensorsVictory sensors
Victory sensors
 
Leadership
LeadershipLeadership
Leadership
 
Shenshi brand
Shenshi brandShenshi brand
Shenshi brand
 
Optical Illusions By Saina
Optical Illusions By SainaOptical Illusions By Saina
Optical Illusions By Saina
 
Coronary Artery Disease in Epidemic Proportions in the Indian Subcontinent
Coronary Artery Disease in Epidemic Proportions in the Indian SubcontinentCoronary Artery Disease in Epidemic Proportions in the Indian Subcontinent
Coronary Artery Disease in Epidemic Proportions in the Indian Subcontinent
 
Neuroprotection during cerebral aneurysm surgery
Neuroprotection during cerebral aneurysm surgeryNeuroprotection during cerebral aneurysm surgery
Neuroprotection during cerebral aneurysm surgery
 

Semelhante a MainPaper_4.0

Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importancemanoharparakh
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & careerAmit Kumar
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & careerAmit Kumar
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threatsReadWrite
 
Cyber Attacks and Crimes in Cyber Security: A Comparative Analysis
Cyber Attacks and Crimes in Cyber Security: A Comparative AnalysisCyber Attacks and Crimes in Cyber Security: A Comparative Analysis
Cyber Attacks and Crimes in Cyber Security: A Comparative AnalysisIRJET Journal
 
A Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityA Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityMichele Thomas
 
Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Conkarenahmanny4c
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxcroysierkathey
 
Cyber attack awareness and prevention in network security
Cyber attack awareness and prevention in network securityCyber attack awareness and prevention in network security
Cyber attack awareness and prevention in network securityIJICTJOURNAL
 
111cyber crimes
111cyber crimes111cyber crimes
111cyber crimesrinushalu
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar ReportArindam Sarkar
 
Team 3_Final Project.docx
Team 3_Final Project.docxTeam 3_Final Project.docx
Team 3_Final Project.docxMarcusBrown87
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityIRJET Journal
 

Semelhante a MainPaper_4.0 (20)

Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importance
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & career
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & career
 
1402.1842.pdf
1402.1842.pdf1402.1842.pdf
1402.1842.pdf
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Cyber Attacks and Crimes in Cyber Security: A Comparative Analysis
Cyber Attacks and Crimes in Cyber Security: A Comparative AnalysisCyber Attacks and Crimes in Cyber Security: A Comparative Analysis
Cyber Attacks and Crimes in Cyber Security: A Comparative Analysis
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)
 
A Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityA Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information Security
 
Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Con
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
 
Cyber Terrorism Essay
Cyber Terrorism EssayCyber Terrorism Essay
Cyber Terrorism Essay
 
Cyber attack awareness and prevention in network security
Cyber attack awareness and prevention in network securityCyber attack awareness and prevention in network security
Cyber attack awareness and prevention in network security
 
111cyber crimes
111cyber crimes111cyber crimes
111cyber crimes
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar Report
 
Team 3_Final Project.docx
Team 3_Final Project.docxTeam 3_Final Project.docx
Team 3_Final Project.docx
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
 
Volume2 chapter1 security
Volume2 chapter1 securityVolume2 chapter1 security
Volume2 chapter1 security
 
A report on cyber Crime
A report on cyber CrimeA report on cyber Crime
A report on cyber Crime
 
Class activity 4
Class activity 4 Class activity 4
Class activity 4
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceo
 

MainPaper_4.0

  • 1. IMPACT OF VULNERABILITIES ON CYBER WORLD: SURVEY Palak Agrawal, Varun Bhave, Ankit Yadav Swami Vivekanand College of Engineering Rajiv Gandhi Technical Unversity Indore, India Palakagrawal0410@gmail.com, varun4110@gmail.com, akkishowtime@gmail.com Abstract— the term Cyber security has become the main concern for us in 21st century. With increasing cybercrime, cyber security has become major areas of concern for common man, government as well as big organizations. In this paper we have provided a brief survey of the cyber-attacks and cybercrimes and the losses associated with them, also we have discussed various preventions that one should take and emerging technologies used to keep track of various activities over a network I. INTRODUCTION In the last decade the technology has evolved in a way never imagined by a common man, especially network technology. The ever increasing need of data and information and the urge to know it ‘all’ has been a major factor in this drastic evolution. But as these technologies are expanding, the risks involved with these technologies are increasing too. By risks in broad sense refer to the compromised security; though there are several professional security solution providing companies that provides quite good ways to ensure your security on a network and other aspects but they can only ensure your device safety at a surface level SECURITY THREATS: There are some developers who develop malicious codes and device new ways to compromise your security and steal your valuable data maybe for their own purpose or for a third party in exchange of money. These people are popularly known as ‘Hackers’ which may be a security professional(who has certainly lost his track) or a self-taught programmer writing malicious codes to breach the security. MAJOR THREATS TO PRIVACY 1. Virus 2. Spam 3. Spoofing, Phishing and Pharming 4. Spyware 5. Keystroke logging 6. Adware 7. Botnet 8. Worm 9. Trojan Horse 10. Blended Threat 11. Denial of Service attack WHY ARE YOU A TARGET? Information, whether personal or business related, is becoming increasingly valuable to criminals. where personal information such as bank accounts, credit cards, social security number is stored, whether on your pc or with a trusted third party such as bank, retailer or government agencies, a cyber-criminal can attempt to steal that information which would be used for identity theft, credit card fraud or fraudulent withdrawals from bank accounts, among other crimes. [1]There are various cyber-attacks are going on all around the world. Use of malicious codes, software by the hackers easily affect our system through networks. As far as security goes, today a person is most worried by the chances to get his private information exposed on a network. The cost of malicious cyber activity involves more than the loss of financial assets or intellectual property. Cybercrimes against common people, various industries, over computer and mobile platform, banks and other financial institutions probably cost many hundreds of millions of dollars every year. Cyber theft of intellectual property and Business- confidential information probably costs developed economies billions of dollars. In spite of the fact we have many security solutions with us and also a modern user is quite aware of the various threats ’out’ there, then too we become victims of these threats somewhere down the lane; and the major question is why it happens..?, are we fool to fall in these traps again and again or we do not care what goes inside the things we use to get the information on the network..! “The simple reason for increase in network insecurity is, the most activities that happen over a network with us are really not in our control, as we believe them to be..! 2. PROBLEM DOMAIN In this paper we have confined our problem domain up to damage at global level on mobile platforms and personal computers due to cyber threats. HOW FRAUD WORKS? A Popular Approach of getting Victims Information: Malware coder writes a malicious code to exploit the computer vulnerability and install a Trojan. With the help of this Trojan hacker hacks the system of any organization or any industry. The victim uses its personal details for any banking transaction which is been gathered by the hacker through the malicious software which has been already injected in the
  • 2. 40.68 21 10.59 5.51 5 4.73 3.5 3.3 2.61 2.19 Percentage China UN Geramany Iran India Brazil France Egypt Vietnam Canada victim’s system. Now the hacker is having all the banking credential of the victim. With the help of the Proxy server he logged in into victims account and transferred the money into money mule’s account. Fig 2.1 [2] Shows how a fraudulent perform fraud WEB INJECTION PROCESS USED IN WATERING HOLE ATTACKS Fig 2.2 [3] Web injection process used in Watering hole attack WHEN YOU ARE MOST VULNERABLE ON NETWORK? 0 20 40 60 Surf Internet Share files Access social networks Online shopping Mobile payement Percentage Percentage Fig 2.3 [4] Shows the Vulnerability on Network Above bar graph shows the vulnerable areas on network where mobile users can be affected. All the areas are a favourable for hackers around the globe to inject the malicious content in the user’s device. WHY IT OCCURS? According to [3]:  1/3 of the users use unsecure payment methods for online shopping.  1/3 people use unsecure passwords for their social networking and email services.  4/10 people admit that they do not download apps from trusted sources. These unsecure methods of accessing network leads to information disclosure due to various techniques used by hackers like SQL injection, path disclosure, price manipulation and cross-site scripting etc. According to [3]: The increase in mobile malware family in 2011-2012 has increased by 58%. TOP TEN SOURCE COUNTRIES FOR DDOS ATTACKS Fig 2.4[5] Top source countries for DDOS attacks
  • 3. 0 10 20 30 40 USA Mexico Brazil Europe South Africa Russia India China Japan Australia Losses(Billions $) MALWARE ATTACKS (IN %): 8.13 14.24 73.13 2.9 1.43 malwareattacks worms virus Trojan horses Adware/spyware Fig 2.4 [6] Malware Attacks (in %) VULNERABILITY AND MALWARE ATTACKSON MOBILE PLATFORMS: 0 50 100 150 Apple ios Android windows Blackberry Chart Title Malware Attacks Vulnerability Fig 2.5 [7] Malware Attacks on Mobile LOSSES GLOBAL PRICE TAG OF CONSUMER CYBERCRIME: Fig 2.6 [8] Shows losses (in billions $) all over the Globe “Cyber-crime or spying on the network is clearly causing a lot of pain in asses of governments, businesses and individual users, factoring in data theft, clean-up costs, damage of popular brands, loss of customers and more to count. In total the range for cyber-crimes loss to the global economy is between $100 billion and $500 billion.”[9] 3. PREVENTIVE METHODS SECURITY SOLUTIONS WE HAVE NOW:  Antivirus Solutions  Firewalls  Malware Scanners  Cryptography techniques  Authentication of Files/documents  Access control and identity management.  Ciphering technology. EMERGING TECHNOLOGIES TO ENSURE CYBER SECURITY: MOVING TARGET TECHNOLOGIES: They aim to constantly change the surface of attack on a network, increasing in cost for attacker and decreasing the predictabilities and vulnerabilities at any time (NITRD 2013) [10] REMOTE AGENT TECHNOLOGIES: Also known as mobile agents which actively monitor the network’s security. [10] REAL TIME FORENSIC ANALYSIS: It allows us to reproduce the incident, the cause and effects of the event to analyse them further (UMUC 2012). [10] 4. CONCLUSION Cyber security is now the major concern for the common man as well as the government and industries. The significant increase in cybercrime not only affect us on the network level but also gives rise to real life crimes and plays major factor in disturbing persons social life. There cannot be a single path of attaining cyber security, collective measures at a global level should be taken to maximize security. Today a government of a country should be more concerned about ‘Cyber War’ rather than any ‘World War’, because as much we need to increase the man power, armoury and nuclear power of country, together we also need to strengthen the cyber security as it can affect us internally and globally.
  • 4. 5. REFRENCES: [1]’Why are you a target ‘available at msisac.cisecurity.org/newsletters/2011-07.cfm, access on 2nd Jan’14. [2] ‘Working of fraudulent performing fraud’-available at- http://www.fbi.gov/news/stories/2010/october/cyber-banking- fraud/cyber-banking- fraud-graphic, access on 5th Jan’14. [3]’Places which are vulnerable in the network’ available at - Symantec internet security threat report 2013(2012 trends, volume 18, published on April 2013), access on 7th Jan’14. [4] ‘Vulnerability on Network’ available at - 2012 Norton cybercrime report (European mobile insight, published April 2013), access on 8th Jan’14. [5]’Source Country for DDoS Attack’ available at- www.foxbusiness.com/technology/ 2013/04/17/intensity- ddos-attacks-explode-in-first-quarter-average-bandwidth- surges-61/ , access on 10th Jan’14. [6]’Malware attacks (in %)’ available at- Ammal security reports, Panda labs, 2011, access on 12th Jan’14. [7]’Malware attacks on mobile platform’ available at- http://gcn.com/articles/2013/04/19/iphone-vulnerabilities- android-most-attacked.aspx, access on 15th Jan’14. [8]’Global Price tag of Consumer Cyber Crime’ available at- securityaffairs.co/wordpress/18475/cyber-crime/2013-nortan- repot.html, access on 17th Jan’14. [9]’Cybercrime losses’ available at- http://www.hpenterprisesecurity.com/collateral/report/HPEnte rpriseSecurity_Report_HPArcSightFirstAnnualCostCyberCri meStudyPonemon.pdf, access on 20th Jan’14. [10]’Emerging Technology to ensure cyber Security’ available at http://researchedsolution.wordpress.com/2013/09/14/emerging -cybersecurity-technologies/ , access on 24th Jan’14