SEMINAR ON

CYBER CRIMETECHNOLOGY

Submitted byRahul js S5 chm

Rollno:32Gptc ndd

IntroductionDefinitionCategories of cyber crime

Defining Cyber CrimeIt’s an unlawful act wherein the computer is either a tool or a target or both.

Acts that are punishable by the Information Technology Act.

Cyber space is a virtual space that has become as important as real space for business, politics, and communities .

INTRODUCTIONThe internet is growing rapidly. It has given rise to new opportunities in every field we can think of – be it entertainment, business, sports or education.

There are two sides to a coin. Internet also has its own disadvantages. One of the major disadvantages is Cyber crime – illegal activity committed on the internet.

CATEGORIES OF CYBER CRIME:

Cyber crimes can be basically divided into 3 major categories:

1. Cyber crimes against persons.

2. Cyber crimes against property.

3. Cyber crimes against government

SECOND CATEGORYThese crimes include computer vandalism (destruction of others' property), transmission of harmful programs, unauthorized trespassing through cyber space, unauthorized possession of computer information.

THIRD CATEGORY

Cyber terrorism is one distinct kind of crime in this category. The growth of internet has shown that the medium of Cyberspace is being used by individuals and groups to threaten the international governments as also to terrorize the citizens of a country.

FIRST CATEGORYCyber harassment is a distinct Cyber crime. Various kinds of harassment can and do occur in cyberspace, or through the use of cyberspace. Harassment can be racial, religious, or other.

Types Of Cyber Crime

Modification of a conventional crime by using computers.

Frequently Used Cyber Crimes..

Modification of a conventional crime by using computers.

Financial crimes

Sale of illegal articles

Online gambling

BACK

Frequently Used Cyber Crimes.Unauthorized access to computer systems or networksTheft of information contained in electronic formDenial of Service attack

BACK

CYBER CRIME TECHNOLOGY

BOTNET TECHNOLOGY PHISHING TECHNOLOGY

BOTNET

OUTLINEIntroduction to Botnet Botnet Life-cycleBotnet Detection Preventing Botnet InfectionConclusion

INTRODUCTION A Botnet is a network of

compromised computers under the control of a remote attacker

controller of a botnet is able to direct the activities of these compromised computers

Botnet Terminology Bot Herder (Bot Master) Bot Bot Client IRC Server Command and Control Channel

(C&C)

INTRODUCTION A Botnet is a network of

compromised computers under the control of a remote attacker

controller of a botnet is able to direct the activities of these compromised computers

Botnet Terminology Bot Herder (Bot Master) Bot Bot Client IRC Server Command and Control Channel

(C&C)

INTRODUCTION TO BOTNET(TERMINOLOGY)

IRC ChannelIRC Server

Code Server

IRC ChannelC&C Traffic

Updates

Victim

Attack

Bot Master

BOTNET LIFE-CYCLE

BOTNET LIFE-CYCLE

BOTNET LIFE-CYCLE

BOTNET LIFE-CYCLE

BOTNET DETECTION:TRAFFIC MONITORING

Signature based: Detection of known botnets

Anomaly based: Detect botnet using following anomalies

High network latency High volume of traffic Traffic on unusual port Unusual system behaviour

DNS based: Analysis of DNS traffic generated by botnets

PREVENTING BOTNET INFECTIONSUse a Firewall Use Antivirus (AV) software Deploy an Intrusion Prevention System (IPS) Define a Security Policy and Share Policies with your users systematically

CONCLUSION Botnets pose a significant and growing

threat against cyber security It provides key platform for many

cyber crimes (DDOS) As network security has become

integral part of our life and botnets have become the most serious threat to it

It is very important to detect botnet attack and find the solution for it

PhishingPhishing is a way of fraudulently acquiring sensitive information using social engineering and technical subterfuge.It tries to trick users with official-looking messages

Credit card Bank accounteBayPaypal

Some phishing e-mails also contain malicious or unwantedsoftware that can track your activities or slow your computer

The purpose of a phishing message is to acquire sensitive information about a user. For doing so the message needs to deceive the intended recipient.

So it doesn’t contains any useful information and hence falls under the category of spam.

A spam message tries to sell a product or service, whereas phishing message needs to look like it is from a legitimate organization.Techniques applied to spam message cant be applied naively to phishing messages.

HOW TO PREVENT

1) Detect and block the phishing Web sites in time

2) Enhance the security of the web sites3) Block the phishing e-mails by various

spam filters4) Install online anti-phishing software in

user’s computers

How to avoid PhishingDON’T CLICK THE LINK

Type the site name in your browser (such as www.paypal.com)

Never send sensitive account information by e-mail

Account numbers, SSN, passwordsNever give any password out to anyoneVerify any person who contacts you (phone or email).

If someone calls you on a sensitive topic, thank them, hang up and call them back using a number that you know is correct, like from your credit card or statement.