ABSTRACT:In today’s growing word cyber security is very necessary because,As technology provides many facility to us it also some effects like security threats and cyber attacks.To protect the data from hanker and the cyber attacks we will require the cyber security. Cyber security is a process to save the networks, computer programs and data from the illegal access or users that aim to access users data for personal uses and benefits.
For protection of data many organizations develop a softwares. These software help to protect the data and information.Cyber security playing a big role in developing a technology and other services like internet.we only thing about the ‘cyber security’ whenever we listen about the cyber crimes.This paper describe the cyber security ,cyber attack,types of cyber attacks, and major area in cyber security.INTRODUCTION:-Cyber combine form relating to information,the internet and virtual reality.cyber security is necessary since it helps in securing data from threats such as data theft or misuse,also safeguard your system from virus.
The term cyber security is used to refer to the security offered through online services to protect your online information.with an increasing amount of people getting connect to internet,the security threats that cause massive harm are increasing also.In india we went straight from no telephones to the latest in mobile technology says Cherian samuel of the Institute for Defence studies and Analysis,(IDSA)in new delhi and the same with internet connected computers Cyber security was designed to help learners develop a deeper understanding of modern information and system protection technology and methods.In information technology data protection or information security is one of the great challenges for the world.Cyber crime has led to the loss of billions of dollars,malfunctioning of computer system,the destruction of critical information, the compromising of network integrity and confidentiality,etc. Cyber crime:-cyber crime, or computer oriented crime, is crime that involves a computer and a network.cyber crime also called computer crime,is any illegal activity that involves a computer or network connected device, such as a mobile phone.The Department of justice divides cybercrime into three categories:crimes in which the computing device is the target,for example to gain network access;crimes in which the computer is used as a weapon,for example to launch a denial of service (DoS) attack; and crimes in which the computer is used as an accessory to a crime,for example,using a computer to store illegally-obtained data.
Major areas of cyber securityApplication security:- Application security is hold within measures that are taken in the development of the life cycle to prevent the applications from threats and attacks that come in the application design developments and maintenance.Application security ways are:-a)Input parameter validation.b)User Authentication. c) Session management, parameter manipulation & exception management.
d) Auditing and logging.Information security:- Information security protects information from unauthorized access to avoid identity theft and to protect privacy. Major techniques used to prevent this are:- a) Identification, authentication & authorization of user.b) Cryptography.Disaster recovery:- Disaster recovery is a process that includes performing risk assessment, establishing priorities, developing recovery strategies in case of a disaster. all business should have a concrete plan for disaster recovery to resume normal business operations as soon as possible after the disaster.Network security:- Network security includes the activities to protect the usability, reliability, integrity and safety of the network.
The effective network security targets a variety of threats and stops them from entering or spreading on the network. Network security components are:-a) Anti-virus and anti-spyware, b)Firewall, to block unauthorized access to your network.c)Intrusion prevention systems (IPS). d) Virtual Private Networks (VPNs) for providing secure remote access.Cyber attacks:-A cyberattack is carefully exploitation of computer systems, technology dependent on the networks and enterprises.
Cyber attacks use harmful code to change the computer code or data, resulting disturbing in the importance that can arrangement data and lead to cyber crimes, like identity and information theft .Cyber Attacks are also called computer network attack (CNA).Types of attacks in cyber securityIdentity theft:- Identity theft is the act of a person obtaining information illegally about someone else. Thieves and hackers try to find such information as full name, maiden name, address, date of birth, social security number, passwords, phone number, email, and credit card numbers.
When thief stole your personal information then use this information for different purpose like financial fraud, such as credit card fraud, bank fraud, tax rebate fraud.They can use your information for other crimes like entering a country illegally, trafficking drugs, smuggling etc.PREVENTION FROM IDENTITY THEFT1.When you are entering any personal information on the Internet and server, make sure that connection is secure.2.
whenever you are purchasing anything from internet,do not store your credit card number and personal information on that site.3.A good antivirus is always active in your system.4.
Be aware from the fake sites and services. Malware:- Malware is a combination of mal and ware from the (malicious and software)Malware is a term used for variety of threats such as Trojans, viruses and worms. Malware is simply defined as code with malicious intent that typically steals data or destroys something from the computer.Malware is mostly entered into the system through email attachments, software downloads from internet.Types of malwareVirus:- Infects program files and/or personal filesSpyware:-Software that collects personal informationWorm:-Malware that can replicate itself across a networkTrojan horse:-Malware that looks, and may even operate, as a legitimate programBrowser hijacker:-Software that modifies your web browserPrevention from this:- The one of the best way to prevent malware is to avoid clicking on links or downloading attachments from unknown senders.Spyware:- Spyware is a term used used to describe the software and files that is intentionally installed on a computer which is used to monitor what other users of the same computer are doing.
It is term designed for get the information secretly about the user activity. Spyware programs are used to track users’ habits to better target them with advertisements. Spyware is usually installed onto the user’s machine without them knowing when a link is followed by them which redirects the user to a malicious website.PREVENTION FROM THE SPYWAREThe system is affected with the spyware by visiting the infected website, downloading inected software etc.Download from well-known and reputable sites only.Use a firewall for enhanced security.Maintain anti-virus and anti-spyware updates.
Phishing:- phishing attacks are attacks that are sent through email or pop messages and ask users to click on a link and enter their personal data.It will attract the user according to their interest and when user click on the link then the hanker will able to enter the system and stole the data and personal information from the system.Denial-of-service A DoS attack focuses on disrupting the service of a network. Attackers send high volumes of data or traffic through the network, until the network becomes overloaded and can no longer function and stop functioning.The common DOS attacks is DDOS (distributed-denial-of-service ) it will also send the high volume data and traffic on services until server and network stop working.
There are two types of DOS attacks :- flooding services and the crashing services. flooding servicesFlood attacks are occur when the system finde too much traffic for the server to buffer, causing them to slowing down and ultimately stop. The most Popular flooding attacks are:Buffer overflow attacksICMP flood SYN flood crashing servicesDoS attacks simply blame that cause the target system or service to get crash. In these attacks, input is sent that takes advantage of bugs in the target that subsequently crash or severely destabilize the system, so that it can’t be accessed or used.Password sniffingWhen hankers not able to guess your password then they try they another method called Password sniffing.
In this the attacker use the software and try to access you data and information but the software is running on their own machinen,they are trying to get your password and username when they get the access in it they are able to get access in your system and network.Website defacementWebsite defacement are the attacks usually done on the websites. These attack on a website that changes the visual appearance of the site or a webpage. This is basically done by hackers and destroyers ,they will replace the webpage and server with their own webpage and site.
There are different desaires of attackers which lead to deface the website,one of them is a political motivation.the attackers who do this type of activities are called hacktivists they may change the content of the website with message picture and another text of their own choice. k