SlideShare a Scribd company logo

Cyber security

Download as PPTX, PDF
A
Aman Pradhan

Its is project based on one of the most interesting and wide topic of Computer Science, named Cyber Security CONTENT : 1. What is Cyber Security 2. Why Cyber Security is Important 3. Brief History 4. Security Timeline 5. Architecture 6. Cyber Attack Methods 7. Technology for Cyber Secuirty 8. Development in Cyber Security 9. Future Trend in Cyber Security

Related slideshows

Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security
Cyber security Cyber security
Cyber security
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
1 of 45
CYBER SECURIT 1
What is Cyber Security ? 2
Cyber Security refers to focus on protecting computer, network , programs and data from unintended or unauthorized access, change and destruction. The major part of Cyber Security is to fix the broken software Also Information Technology Security, 3
hy Cyber Security Important ? 4
Government, Military, Corporation, Financial Institute, Hospital and other businesses collect process are store a great deal of confidential information on computers and transmit that data across networks to other computer with the growing volume and sophistication of cyber Attacks, ongoing attention is required to protect sensitive business and personal Information as well as safeguard national security. 5
Brief Histo 6
Recent interest in security was fueled by the crime committed by Kevin Mitnick. Kevin Mitnick He committed the largest computer-related crime in U.S. history. The losses were $ 8 Million in U.S. intellectual property and source code from a variety of companies. Due to the evolution of information that is made available through the internet, information security is also required to evolve. 7
SecurityTimelin 8
1918 - Polish cryptographers created an enigma machine that converted plain messages to encrypted text . 1930 – Alan Turning, a brilliant mathematician broke the code for the Enigma. 1960s – The term “Hacker” is coined by a couple of Massachusetts Institute of Technology(MIT) students. 1970s – The Telnet protocol was developed. This opened the door for public use of data networks that originally restricted to govt. contractors and academic researchers. 1980s – The hackers and crimes relating to computers were beginning to emerge 1986 – The computer Fraud and Abuse Act was created because of Ian Murphy’s crime of Stealing information from military computes. 9
Architect ure 10
11 A Large no. of organization have found that network architectures are valuable tools in today’s competitive, fast- evolving world. 1. Architectural Requirement : Determine how to integrate business strategy, business objectives and business context, including market and technology trends. There implementation required following consideration 2. Architecture Specification : Determine how to use arch. pattern, how to create arch. Principles, how to model the arch. And doc. The system using different views.
12 3. Evaluation : How to access the system in terms of system requirement. There are two main type of architecture :  It is a connection protocol used in packet- switching layer networks, such as Ethernet. IPv4 Architecture -  It has a address of 32-bits.  It provide the logical connection b/w network devices by providing identification of each device.
13  There are many ways to configure IPv4 with all kind of devices – including manual and automatic configuration – depending on the network type.
14 Limitations : 5. Quality of Service – it does not have the functionality of dynamic QoS that changes based on present time. 1. Address Space – limited no. of comp. can be connected. 2. Routing – routing table are constantly increasing in size. 3. Configuration – this eases configuration for the user but not the network’s administration. 4. Security – lack of embedded security
15 IPv6 Architecture :  It’s address extended by supporting 128 bits address.  It is an advance version of IPv4 Architecture.  It simplified packets header makes packets processing more efficient compared with IPv4 IPv6 Layout
16  Peer-to-peer networks are easier to create and maintain, and services (QoS become ) become more robust.  It reduce the size of routing tables and make routing more efficient.
17 Working of IPv4 and IPv6 :
The Internet Engineering Task Force (IETF) has introduced security mechanisms at various layers of the Internet Protocols Suite. These security mechanisms allow for the logical protection of data units that are transferred across the network. The Security Architecture of the IP, known as IP Security, is a standardization of Internet Security. IP Security(IPSec) , is a point-to-point protocol, one side encrypts, the other decrypts and both sides share key or keys. IPSec can be used in two modes, namely transport modes and tunnel modes. 18
IP PAYLOADPAYLOAD IP ESP IP Clear Text Clear Text IP PAYLOAD Encrypted Clear Text New IP Header IPSec ESP header LAN IPSec gateway IPSec gateway Internet IPSec ‘tunnel’ LAN IPSec contain a gateway and a tunnel in order to secure communication 19
yber Attack Method 20
Eavesdropping Worms Viruses Trojans Phishing IP Spoofing Attacks Denial Of Service21
Technology For Cyber Security 22
Cryptographic System  Cryptography is the Science of providing security for information it has been used historically as a means of providing secure communication between individual, Govt. Agencies and Military Forces.  It involved the use of codes and ciphers to transform information into unintelligible data.23  Today, Cryptography is a cornerstone of the modern security technologies used to protect info.
24 Basic type of Cryptography : 1. Symmetric Cipher (Symmetric Key) – It use only one key (Shared Secret Key, Private key Cipher) to encrypt msg. as it does to decrypt. Layout of Symmetric cipher
25 2. Public Key - In this type of cryptography, in which one key is used to encrypt , and a matching key is used to decrypt. One of the key is called Secret Key and another is called Private Key. Secret Key Private Key Layout of Public Key
26 Advantages  They do not require secure line for transmitting a key, if you want to send a msg. to someone.  They permit verification. Disadvantages  Public Key ciphers are more complex and difficult to implement.
27 One-Time Pad  It is the only perfect encryption in the world because it is only existing mathematically unbreakable encryption  The sender and receiver must each have a copy of the same pad(a bunch of completely random no.) which must be transmitted over a secure line.  It is also called Vernamcipher or the perfect cipher, is a crypto algorithm where plaintext is combined with a random key.
28  The pad is used as a symmetric key however once the pad is used, it is destroyed.  They are impractical, and virtually impossible to use for normal use. layout of One-Time Pad
29 Steganography It is a science of hiding information from people who would snoop on you. They can be effective, but since its not true cryptography, its only really suitable for long-term use. Simple Steganography
Firewall  A firewall is a typical border control mechanism or perimeter defense.  The purpose of a firewall is to block traffic from the outside, but it could also be used to block from inside too.  It is a network security system either hardware or software based, that controls incoming and outgoing networks traffic based on a set of protocols. 30
31 Firewall Router Simple Firewall security layout
32 Types of Firewalls : 1. Network Layer Firewall -  In this, generally make their decisions based on the source address, destination address and ports in individual IP packets  One important distinction many network layer firewall possess is that they route traffic directly through them.  Network Layer firewall tend to be very fast and almost transparent to their user.
33 2. Application Layer Firewall -  They acts as host, that run proxy servers, which permit no traffic directly between networks, and they perform elaborate logging and examination of traffic passing through them.  It offer Layer 7 security on a more granular level.  It tend to provide more detailed audit reports and tend to enforce more conservative security models than network layer firewalls  It tend to provide more detailed audit report and tend to enforce more conservative security models than network layer firewall
Intrusion Detection System (IDS)  An IDS is an additional protection measure that helps ward off computer intrusions. 34 Typical layout of IDS
35 IDS system can be software and hardware device used to detect an attack. IDS products are used to monitor connection in determining whether attacks are been launched. Some IDS just monitor and alert of an attack, whereas other try to block the attack..
Secure Socket Layer  It is a computer networking protocol that manages server authenticated, client authentication between server and clients.  It use a combination of public key and symmetric key encryption to secure a connection between two machines typically a web or mail server and a client machine, communicating over the internet or a internal network. 36  The socket part of the term refers to the socket methods of passing data back and forth b/w a client an da server program layer in the same computer.
37 SSL is designed to create a secure channel, or a tunnel, between a web browser and the web server, so that any info. Exchange is protected within the secured tunnel. SSL Layout
Development in Cyber Security 38
New development in Cyber world are growing very rapidly form which Biometric Security System and Smart Card are one of them. • Biometric Security System - It is a security mechanism used to authenticate and provide access to a system based on the automatic and instant verification of an individual's physical characteristics like hand patterns, eye (Retina and cornea), voice and facial recognition. 39
Applications of Biometric Technologyo Biometric Attendance System : Commonly used by MNC’s for tracking record of there employees. o Biometric Locker/ Safe : Commonly used in Homes and banks to secure, cash and documents. Biometric Attendance Machine o Defense : Military and police use this technology for identifying DNA pattern of criminals and terrorist. 40
• Smart Card - It’s a plastic card , with an embedded microchip that can be loaded with data, information, electronic cash payment and other applications. Smart Card Microchip 41 Smart Card Structure
Application of Smart Card Access Control Identification Computer Access Transportation Education Cash Transaction 42
43 Future Trend in
44 Many International Institutes of cyber world are considering Biometric Security System and software related to them , as an effective and beneficial for future.
45

More Related Content

Cyber security

  • 3. Cyber Security refers to focus on protecting computer, network , programs and data from unintended or unauthorized access, change and destruction. The major part of Cyber Security is to fix the broken software Also Information Technology Security, 3
  • 5. Government, Military, Corporation, Financial Institute, Hospital and other businesses collect process are store a great deal of confidential information on computers and transmit that data across networks to other computer with the growing volume and sophistication of cyber Attacks, ongoing attention is required to protect sensitive business and personal Information as well as safeguard national security. 5
  • 7. Recent interest in security was fueled by the crime committed by Kevin Mitnick. Kevin Mitnick He committed the largest computer-related crime in U.S. history. The losses were $ 8 Million in U.S. intellectual property and source code from a variety of companies. Due to the evolution of information that is made available through the internet, information security is also required to evolve. 7
  • 9. 1918 - Polish cryptographers created an enigma machine that converted plain messages to encrypted text . 1930 – Alan Turning, a brilliant mathematician broke the code for the Enigma. 1960s – The term “Hacker” is coined by a couple of Massachusetts Institute of Technology(MIT) students. 1970s – The Telnet protocol was developed. This opened the door for public use of data networks that originally restricted to govt. contractors and academic researchers. 1980s – The hackers and crimes relating to computers were beginning to emerge 1986 – The computer Fraud and Abuse Act was created because of Ian Murphy’s crime of Stealing information from military computes. 9
  • 11. 11 A Large no. of organization have found that network architectures are valuable tools in today’s competitive, fast- evolving world. 1. Architectural Requirement : Determine how to integrate business strategy, business objectives and business context, including market and technology trends. There implementation required following consideration 2. Architecture Specification : Determine how to use arch. pattern, how to create arch. Principles, how to model the arch. And doc. The system using different views.
  • 12. 12 3. Evaluation : How to access the system in terms of system requirement. There are two main type of architecture :  It is a connection protocol used in packet- switching layer networks, such as Ethernet. IPv4 Architecture -  It has a address of 32-bits.  It provide the logical connection b/w network devices by providing identification of each device.
  • 13. 13  There are many ways to configure IPv4 with all kind of devices – including manual and automatic configuration – depending on the network type.
  • 14. 14 Limitations : 5. Quality of Service – it does not have the functionality of dynamic QoS that changes based on present time. 1. Address Space – limited no. of comp. can be connected. 2. Routing – routing table are constantly increasing in size. 3. Configuration – this eases configuration for the user but not the network’s administration. 4. Security – lack of embedded security
  • 15. 15 IPv6 Architecture :  It’s address extended by supporting 128 bits address.  It is an advance version of IPv4 Architecture.  It simplified packets header makes packets processing more efficient compared with IPv4 IPv6 Layout
  • 16. 16  Peer-to-peer networks are easier to create and maintain, and services (QoS become ) become more robust.  It reduce the size of routing tables and make routing more efficient.
  • 17. 17 Working of IPv4 and IPv6 :
  • 18. The Internet Engineering Task Force (IETF) has introduced security mechanisms at various layers of the Internet Protocols Suite. These security mechanisms allow for the logical protection of data units that are transferred across the network. The Security Architecture of the IP, known as IP Security, is a standardization of Internet Security. IP Security(IPSec) , is a point-to-point protocol, one side encrypts, the other decrypts and both sides share key or keys. IPSec can be used in two modes, namely transport modes and tunnel modes. 18
  • 19. IP PAYLOADPAYLOAD IP ESP IP Clear Text Clear Text IP PAYLOAD Encrypted Clear Text New IP Header IPSec ESP header LAN IPSec gateway IPSec gateway Internet IPSec ‘tunnel’ LAN IPSec contain a gateway and a tunnel in order to secure communication 19
  • 23. Cryptographic System  Cryptography is the Science of providing security for information it has been used historically as a means of providing secure communication between individual, Govt. Agencies and Military Forces.  It involved the use of codes and ciphers to transform information into unintelligible data.23  Today, Cryptography is a cornerstone of the modern security technologies used to protect info.
  • 24. 24 Basic type of Cryptography : 1. Symmetric Cipher (Symmetric Key) – It use only one key (Shared Secret Key, Private key Cipher) to encrypt msg. as it does to decrypt. Layout of Symmetric cipher
  • 25. 25 2. Public Key - In this type of cryptography, in which one key is used to encrypt , and a matching key is used to decrypt. One of the key is called Secret Key and another is called Private Key. Secret Key Private Key Layout of Public Key
  • 26. 26 Advantages  They do not require secure line for transmitting a key, if you want to send a msg. to someone.  They permit verification. Disadvantages  Public Key ciphers are more complex and difficult to implement.
  • 27. 27 One-Time Pad  It is the only perfect encryption in the world because it is only existing mathematically unbreakable encryption  The sender and receiver must each have a copy of the same pad(a bunch of completely random no.) which must be transmitted over a secure line.  It is also called Vernamcipher or the perfect cipher, is a crypto algorithm where plaintext is combined with a random key.
  • 28. 28  The pad is used as a symmetric key however once the pad is used, it is destroyed.  They are impractical, and virtually impossible to use for normal use. layout of One-Time Pad
  • 29. 29 Steganography It is a science of hiding information from people who would snoop on you. They can be effective, but since its not true cryptography, its only really suitable for long-term use. Simple Steganography
  • 30. Firewall  A firewall is a typical border control mechanism or perimeter defense.  The purpose of a firewall is to block traffic from the outside, but it could also be used to block from inside too.  It is a network security system either hardware or software based, that controls incoming and outgoing networks traffic based on a set of protocols. 30
  • 32. 32 Types of Firewalls : 1. Network Layer Firewall -  In this, generally make their decisions based on the source address, destination address and ports in individual IP packets  One important distinction many network layer firewall possess is that they route traffic directly through them.  Network Layer firewall tend to be very fast and almost transparent to their user.
  • 33. 33 2. Application Layer Firewall -  They acts as host, that run proxy servers, which permit no traffic directly between networks, and they perform elaborate logging and examination of traffic passing through them.  It offer Layer 7 security on a more granular level.  It tend to provide more detailed audit reports and tend to enforce more conservative security models than network layer firewalls  It tend to provide more detailed audit report and tend to enforce more conservative security models than network layer firewall
  • 34. Intrusion Detection System (IDS)  An IDS is an additional protection measure that helps ward off computer intrusions. 34 Typical layout of IDS
  • 35. 35 IDS system can be software and hardware device used to detect an attack. IDS products are used to monitor connection in determining whether attacks are been launched. Some IDS just monitor and alert of an attack, whereas other try to block the attack..
  • 36. Secure Socket Layer  It is a computer networking protocol that manages server authenticated, client authentication between server and clients.  It use a combination of public key and symmetric key encryption to secure a connection between two machines typically a web or mail server and a client machine, communicating over the internet or a internal network. 36  The socket part of the term refers to the socket methods of passing data back and forth b/w a client an da server program layer in the same computer.
  • 37. 37 SSL is designed to create a secure channel, or a tunnel, between a web browser and the web server, so that any info. Exchange is protected within the secured tunnel. SSL Layout
  • 39. New development in Cyber world are growing very rapidly form which Biometric Security System and Smart Card are one of them. • Biometric Security System - It is a security mechanism used to authenticate and provide access to a system based on the automatic and instant verification of an individual's physical characteristics like hand patterns, eye (Retina and cornea), voice and facial recognition. 39
  • 40. Applications of Biometric Technologyo Biometric Attendance System : Commonly used by MNC’s for tracking record of there employees. o Biometric Locker/ Safe : Commonly used in Homes and banks to secure, cash and documents. Biometric Attendance Machine o Defense : Military and police use this technology for identifying DNA pattern of criminals and terrorist. 40
  • 41. • Smart Card - It’s a plastic card , with an embedded microchip that can be loaded with data, information, electronic cash payment and other applications. Smart Card Microchip 41 Smart Card Structure
  • 42. Application of Smart Card Access Control Identification Computer Access Transportation Education Cash Transaction 42
  • 44. 44 Many International Institutes of cyber world are considering Biometric Security System and software related to them , as an effective and beneficial for future.
  • 45. 45