SlideShare una empresa de Scribd logo

Risks and Security of Internet and System

Param Nanavati
Param Nanavati

1. Cyber Ethics and Cyber Crime 2. Security in Social Media & Risk of Child Internet 3. Social media in Schools and photo privacy 4. Risk of OSNs and Security, Privacy of Facebook 5. Risk and Security of Social Networking site Facebook and Twitter 6. Risk analysis of Government and Online Transaction

Internet
1 de 46
Descargar para leer sin conexión
Risks and Security of Internet and System Guided By : Dr. Kalpdrum Passi Group No:10
Content :- 1. Cyber Ethics and Cyber Crime 2. Security in Social Media & Risk of Child Internet 3. Social media in Schools and photo privacy 4. Risk of OSNs and Security , Privacy of Facebook 5. Risk and Security of Social Networking site Facebook and Twitter 6. Risk analysis of Government and Online Transaction 2 Presented by:- 1. Param Nanavati 2. Darsh Desai 3. Meet Bhalodiya 4. Akash Patel 5. Mihir Darji 6. Teerth Patel Group No:10
Cyber Ethics and Cyber Crime • Future wars will be cyber wars and the attacks will be a sturdy amalgamation of cryptography along with malware to distort information systems and its security. • The explosive Internet growth facilitates cyber-attacks. • Web threats include risks, that of loss of confidential data and erosion of consumer confidence in e-commerce. • The emergence of cyber hack jacking threat in the new form in cyberspace is known as ransomware or crypto virus. 3
• The locker bot waits for specific triggering events, to become active. It blocks the task manager, command prompt and other cardinal executable files, a thread checks for their existence every few milliseconds, killing them if present. • Imposing serious threats to the digital generation, ransomware pawns the Internet users by hijacking their system and encrypting entire system utility files and folders, and then demanding ransom in exchange for the decryption key it provides for release of the encrypted resources to its original form. 4
• We present in this research, the study of a ransomware family that recently picked up quite a rage and is called CTB locker, and go on to the hard money it makes per user, and its source C&C server, which lies with the Internet’s greatest incognito mode– The Dark Net. • Crypto locker Ransomware or the CTB Locker makes a Bitcoin wallet per victim and payment mode is in the form of digital bitcoins which utilizes the anonymity network or Tor gateway. • CTB Locker is the deadliest malware the world ever encountered. CTB-Locker stands for “Curve-Tor-Bitcoin-Locker 5
RANSOMWARE WORKING PRINCIPLE -Rhyme Upadhyaya • Ransomware propagates like a typical malware does but methods employ sharp social engineering tactics, accidental or unwanted downloads, visiting websites stuffed with bloatware ,or simply by following a malicious link or ad. • Also one should never trust email attachments from unacknowledged paternity. Once the malware spreads, it runs the code in its payload. 6
• Ransomware can also spread through removable storage if a user uses the same removable storage for data transfer in multiple computers. • Some nuance applications can come bundled with malware or adware which one may not even have an idea it exists in their newly bought systems. 7
8 [A Timeline Of Ransomware Variants]
BITCOIN AND THE TOR NETWORK - Aruna Jain • This is electronic money, a crypto-currency that does away with the need for banks by combining a limited quantity digital currency with state of the art cryptographic security and a peer-to-peer network. • All transactions are irreversible. • It is also free, unlike Visa or PayPal • Tor stands for The Onion Router so-called because of the layered encryption process. • Crypto anarchism and Onion Routing are the two vivacious terms linked to the underground web. 9 Keywords: locker bot; cyber crime; ransomware; malware; bitcoin; dark net; tor; CTB locker
• Tor was originally funded by the US Navy at the start of the Millennium and is used by numerous agencies and others to transmit and receive sensitive information. • Within the Tor, you can mask your identity and travel the Surface Web with total anonymity. • Transferring money without leaving a trace is not always easy, however, the Dark Net’s own currency bitcoin provides the solution. 10
Understanding Privacy Concerns of WhatsApp Users in India -Jayati Dev,Sanchari Das Introduction: WhatsApp Messenger is a freeware, cross- platform messaging and Voice over IP (VoIP) service owned by Facebook . The study evaluates the risk perception of WhatsApp users in India by analyzing a survey recruiting 213 Indian participants Received valid responses from 213 participants (71 Female,135 Male) who identified themselves as Indian.
Problems: • Targeted Advertisements. • Understanding Customer’s behaviour. • 35.21% participants expressed concern over being contacted by strangers. • Participants indicated more sensitivity for privacy when in groups.
Solutions: • Privacy by Default • Add customized features such as ‘Last Seen’, ‘Read Receipts’, etc. for individual and group interactions
IS CHILD INTERNET ACCESS A QUESTIONABLE RISK? -ANDREW ANDERSON, CHARLES SHONIREGUN • There is no doubt that the Internet has become an indispensable part of life for many people. • Innovative avenues of communication -- chat rooms, e-mail, downloads and information searches -- are among the Internets greatest assets. • This paper discusses the Internet in correlation to its usage by children both for academic and social activities.
Problems: • A child or teenager having unsupervised access to the Internet is open to a world of harmful risks that can be both psychologically damaging and/or physically abusive. • In October 2001, a paediatrician pled guilty to 11 felony counts of attempted child molestation and sending pornographic pictures to a minor via the Internet.
Solutions: • The UK government strategy has been to educate parents through advertising campaigns and to teach awareness to children and parents through schools. • A variety of technology-based tools for assisting in Internet safety are available on the market to parents, educational institutions and business organisations.
Benefits and risks of social media in school -Miami-Dade County Public Schools, Florida • Rapid increment in Social networking sites such as Facebook and Twitter among students. • Facebook with an estimated 750 million visitors each month. Twitter, a micro-blogging social networking site, with an estimated 250 million visitors each month. • In a Survey conducted by Pew Research Center’s Internet and American Life Project for the teens of Age 12-17 95% of them remains online and 80% of these online teens use social networking sites. 17
Benefits of social media in school • It allows teachers to better understand and quickly recognize the students’ learning needs. • It enhances the communication between teachers and students. • It helps in informal communications and learning. • It helps to create a collaborative atmosphere and increases the student engagement. 18
Risks of social media in school • Cyberbullying - Social networking sites make bullying easier and more public than bullying through other online activities such as email and instant messaging. • Exposure to offensive material - As per the survey of National School Boards Association’s (2007) of students ages 9-17, 20% of students were exposed to inappropriate content on social networking sites and 18% were exposed to inappropriate language on these sites. • Compromised online safety- Social network users are susceptible to phishing, or attempts to acquire personal information such as passwords and banking information, through the means of fraud. 19
Risks of social media in school • Reduces face-to-face communication. • For students Social media is a biggest Distraction from school work. 20
Solutions associated with Risk • To develop an appropriate policy for social networking. • Develop strategies for preventing, identifying, and responding to cyberbullying. • Consider using specially designed education-based social networking sites. • Provide teachers with training on the use of social networking in the classroom. 21
Cryptagram: The photo privacy for online social media -New York University, NYC • The online social networks has spreads its roots world wide. It enables the users to share their photos easily, which introduces the users with several privacy threats. • The current privacy controls on social systems are a bit adequate, resulting in inappropriate flows of information when users fail to understand their privacy settings or sometimes online social networks fails to implement their policies correctly 22
• To comes up such situation and to terminate the inappropriate flow of pictorial data students of NYU has proposed a feature called Cryptagram which enhances the photo privacy for online social media. 23
Cryptagram • Cryptagram enables users to convert photos into encrypted images, which the users upload to Social media. • Users directly can decrypt those photos via shared keys that are independent of Social media or other third parties. • Cryptagram’s browser extension integrates smoothly with existing Social medias, including Facebook and Google+, and currently has over 400 active users. 24
Cryptagram • Example Cryptagram user experience. On the left, we show a social network with embedded Cryptagrams, uploaded by a user. A browser extension decrypts the images in place as shown on the right. 25
Online Social Networks Risks to Organisations -Talitakuum A. T. Ekandjo, Hussin Jazri • The use of online social networks (OSNs) is increasing day by day. • Organisations need to regulate OSNs related threats emanating from the employees. • For organisations to implement effective security management programs, it is recommended to implementing OSNs security control mechanisms. 26
Introduction • OSNs can be define as the it is a web based service that allow users to create their profile over the bounded system, and it can be accessed by the other users that is within bounded system. • OSNs platforms are having large information's , and it making easy for malicious attackers to gather information required to carry out an attack. 27
Risk of OSNs to the Organizations • Brand and Reputational Risks. • Financial Risks. • Communication Risks. • Technological Risks. • Legal Risks. 28
Conclusion • OSNs is important tools for both individuals and organisations due to the benefits they provide such real time communication, marketing, networking and relationships maintenance. • OSNs adoption and use can result in huge information security risks to the Organizations. • It is need to improve the security mechanisms and Policies of Organizations so, the risk of using the OSNs can be reduced. 29
Privacy and Security Issues in Social Networks :An Evaluation of Facebook -Abdulmohsen Albesher • Social networking websites have grown rapidly in recent years. Many people are involved in several virtual networking websites. • However, many users are not aware of the potential risk that may occur when using social networking websites. • It is needed for a regular review of privacy settings and policy to control the interaction between users and applications. 30
Introduction • Facebook is surrounded by many data privacy threats and security vulnerabilities. • Users of Facebook can also install numerous third party applications which are designed to meet a lot of interests. • Although users are encouraged to specify their privacy settings when they register for the first time, the privacy settings remain in default until they get updated later on by the user 31
Facebook • Facebook was created in 2003 by Mark Zuckerburg and some of his friends as a network for undergraduate students at Harvard University. • After some time it was popular in U.S and most of students had created their profiles on the Facebook. • Currently Facebook is the most popular Social Network in the word. • Security of Facebook:- 32
1. Privacy Settings 2.Third Party Applications 3. Security Questions
Conclusion • Risks associated with third party applications were determined and how user’s profile information can be used to answer the security questions and accordingly solutions were provided. • User’s regular review of privacy settings is needed and a list of settings to control the interaction between users and applications should be provided. • It suggested that users’ awareness of privacy settings in Facebook can be enhanced by providing an awareness video and guidance. 34
FlyByNight: Mitigating the Privacy Risks of Social Networking -Matthew M. Lucas • We aim to mitigate risk through the social net working website Facebook through encryption. • This architecture makes a trade-off between security and usability in the interests of User. • It address some of limitations of the Facebook platform through proxy cryptography.
Architecture • Generate Private Key & Cryptographic operation performed. • Password used for Encrypt the PK. • PK transmitted to the flyByNight application server via Facebook servers.
The Doppelgänger Bot Attack: Identity Impersonation in Online Social Networks -Oana Goga • People have long been aware of malicious users that impersonate celebrities or launch identity theft attacks in social networks. • We also propose and evaluate methods to automatically detect impersonation attacks sooner than they are being detected in today's Twitter social network.
• To ask human workers if both identities are the same user. • Unfortunately, such an exercise would be very expensive to scale to millions of potential doppelganger pairs. • So ,Built an automated rule- based matching scheme that determine when the profile attributes of two identities match sufficiently or not.
Security risk analysis of government public data center -Ning Lu • Public Data Center is the Information Heart of the Government, this focuses on security risk analysis. • With the continuous highly integrated and centralized government information, large- scale government public data centers and data warehouses have been continuously derived. • As a result, the risks of the public data center are ubiquitous. Security System Design Model
• The data center is built on the TCP/IP network system. The TCP/IP network model can be divided into four layers: 1. Physical layer:-It is the foundation of the network system security. It includes environmental security, equipment security and media security. 2. Link layer:-When data is transmitted on the network link data leakage may easily occur. 3. Network layer:-The TCP/IP protocol is insecure so security threats such as IP address spoofing, source address routing spoofing, port scanning can be done. 4. Application layer:- There are a large number of web application services running on the government's external affairs network such as e-mail service, WWW service, FTP service. Security Risk Analysis
Solutions:
Some Methods to Depress the Risks of the Online Transactions -Haixia Tan Introduction • In comparison, the Internet is indeed more efficient but the realistic situation is that most consumers are unwilling to be engaged in e- commerce because they fear that they will meet with the risks of the online transactions.
Problems: Risks can come from many aspects • Privacy issues • E-commerce technology, • Lack of reliability in e-commerce, • Lack of the social, financial & legal infrastructures of the e-commerce environment ,etc.
Solutions Important requirements for e-commerce security are • The need to verify the identity of the other party in the transaction, • To ensure that no one can intercept the information being exchanged during the transaction, • To protect sensitive information that is stored on computers before and after an e-commerce transaction, • And in general to prevent disruption of services and applications.
46 Thank You

Recomendados

phishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxphishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxvdgtkhdh
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Cyber security
Cyber securityCyber security
Cyber securitymanavaneja3
 
Risk Analysis Of Banking Malware Attacks
Risk Analysis Of Banking Malware AttacksRisk Analysis Of Banking Malware Attacks
Risk Analysis Of Banking Malware AttacksMarco Morana
 
Frauds & Scams in Banks
Frauds & Scams in BanksFrauds & Scams in Banks
Frauds & Scams in BanksAkshay Virkar
 
Web vulnerabilities
Web vulnerabilitiesWeb vulnerabilities
Web vulnerabilitiesKrishna Gehlot
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation Nikolaos Georgitsopoulos
 
Anti money laundering (aml) and financial crime
Anti money laundering (aml) and financial crimeAnti money laundering (aml) and financial crime
Anti money laundering (aml) and financial crimeRaviPrashant5
 

Más contenido relacionado

La actualidad más candente

14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awarenessMichel Bitter
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitysanjana mun
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtJohn D. Johnson
 
Social media and Security: How to Ensure Safe Social Networking
Social media and Security: How to Ensure Safe Social NetworkingSocial media and Security: How to Ensure Safe Social Networking
Social media and Security: How to Ensure Safe Social NetworkingIshfaq Majid
 
Identity Theft: How to Reduce Your Risk
Identity Theft: How to Reduce Your RiskIdentity Theft: How to Reduce Your Risk
Identity Theft: How to Reduce Your Riskmilfamln
 
Importance of cyber security in education sector
Importance of cyber security in education sectorImportance of cyber security in education sector
Importance of cyber security in education sectorSeqrite
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing AttacksJagan Mohan
 
NIST Cybersecurity Framework - Mindmap
NIST Cybersecurity Framework - MindmapNIST Cybersecurity Framework - Mindmap
NIST Cybersecurity Framework - MindmapWAJAHAT IQBAL
 
Cyber crime ✔
Cyber crime ✔Cyber crime ✔
Cyber crime ✔hubbysoni
 
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdfCybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdfSoo Chin Hock
 
Application Security
Application SecurityApplication Security
Application Securityflorinc
 
Introduction to cyber security
Introduction to cyber security Introduction to cyber security
Introduction to cyber security RaviPrashant5
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerceSudeshna07
 

La actualidad más candente (20)

Cyber Ethics
Cyber EthicsCyber Ethics
Cyber Ethics
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
 
Social media and Security: How to Ensure Safe Social Networking
Social media and Security: How to Ensure Safe Social NetworkingSocial media and Security: How to Ensure Safe Social Networking
Social media and Security: How to Ensure Safe Social Networking
 
Identity Theft: How to Reduce Your Risk
Identity Theft: How to Reduce Your RiskIdentity Theft: How to Reduce Your Risk
Identity Theft: How to Reduce Your Risk
 
Importance of cyber security in education sector
Importance of cyber security in education sectorImportance of cyber security in education sector
Importance of cyber security in education sector
 
AML Presentation 2.pptx
AML Presentation 2.pptxAML Presentation 2.pptx
AML Presentation 2.pptx
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
 
End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
 
Information security
Information securityInformation security
Information security
 
AML Training uba capital
AML Training uba capitalAML Training uba capital
AML Training uba capital
 
NIST Cybersecurity Framework - Mindmap
NIST Cybersecurity Framework - MindmapNIST Cybersecurity Framework - Mindmap
NIST Cybersecurity Framework - Mindmap
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
 
Cyber crime ✔
Cyber crime ✔Cyber crime ✔
Cyber crime ✔
 
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdfCybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
 
Application Security
Application SecurityApplication Security
Application Security
 
Introduction to cyber security
Introduction to cyber security Introduction to cyber security
Introduction to cyber security
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerce
 

Similar a Risks and Security of Internet and System

Shannon Morris PDLM presentation
Shannon Morris PDLM presentationShannon Morris PDLM presentation
Shannon Morris PDLM presentationshannoncmorris
 
Preventing Cybercrime in Libraries
Preventing Cybercrime in LibrariesPreventing Cybercrime in Libraries
Preventing Cybercrime in LibrariesMary Rayme
 
Cybercrime
CybercrimeCybercrime
CybercrimeSERCOD
 
Naughty or nice: Ethical concerns for technology
Naughty or nice: Ethical concerns for technologyNaughty or nice: Ethical concerns for technology
Naughty or nice: Ethical concerns for technologyJohan Koren
 
Introduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptxIntroduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptxShubhamGupta833557
 
Social media risks and controls
Social media risks and controlsSocial media risks and controls
Social media risks and controlsMarc Vael
 
An Automated Model to Detect Fake Profiles and botnets in Online Social Netwo...
An Automated Model to Detect Fake Profiles and botnets in Online Social Netwo...An Automated Model to Detect Fake Profiles and botnets in Online Social Netwo...
An Automated Model to Detect Fake Profiles and botnets in Online Social Netwo...IOSR Journals
 
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhi
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhiResearch paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhi
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhiShreedeep Rayamajhi
 
A. Schilling Apps and Younger Users Warnings and safeguards assignment .pptx
A. Schilling Apps and Younger Users Warnings and safeguards assignment .pptxA. Schilling Apps and Younger Users Warnings and safeguards assignment .pptx
A. Schilling Apps and Younger Users Warnings and safeguards assignment .pptxamandaschilling75
 
Social networking boon or a bane
Social networking boon or a baneSocial networking boon or a bane
Social networking boon or a baneAbhishek Sharma
 
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...IJCSIS Research Publications
 
Introduction to ethics
Introduction to ethicsIntroduction to ethics
Introduction to ethicsSaqib Raza
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsGDSCCVR
 

Similar a Risks and Security of Internet and System (20)

Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
 
Shannon Morris PDLM presentation
Shannon Morris PDLM presentationShannon Morris PDLM presentation
Shannon Morris PDLM presentation
 
Preventing Cybercrime in Libraries
Preventing Cybercrime in LibrariesPreventing Cybercrime in Libraries
Preventing Cybercrime in Libraries
 
Facebook
FacebookFacebook
Facebook
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Naughty or nice: Ethical concerns for technology
Naughty or nice: Ethical concerns for technologyNaughty or nice: Ethical concerns for technology
Naughty or nice: Ethical concerns for technology
 
Introduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptxIntroduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptx
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Social media risks and controls
Social media risks and controlsSocial media risks and controls
Social media risks and controls
 
L017146571
L017146571L017146571
L017146571
 
An Automated Model to Detect Fake Profiles and botnets in Online Social Netwo...
An Automated Model to Detect Fake Profiles and botnets in Online Social Netwo...An Automated Model to Detect Fake Profiles and botnets in Online Social Netwo...
An Automated Model to Detect Fake Profiles and botnets in Online Social Netwo...
 
Privacy and Protection of Online Identity in the New Internet Age CTO Cyberse...
Privacy and Protection of Online Identity in the New Internet Age CTO Cyberse...Privacy and Protection of Online Identity in the New Internet Age CTO Cyberse...
Privacy and Protection of Online Identity in the New Internet Age CTO Cyberse...
 
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhi
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhiResearch paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhi
Research paper-a-synopsis-on-cyber-terrorism-and-warfare-by-shreedeep-rayamajhi
 
A. Schilling Apps and Younger Users Warnings and safeguards assignment .pptx
A. Schilling Apps and Younger Users Warnings and safeguards assignment .pptxA. Schilling Apps and Younger Users Warnings and safeguards assignment .pptx
A. Schilling Apps and Younger Users Warnings and safeguards assignment .pptx
 
Social networking boon or a bane
Social networking boon or a baneSocial networking boon or a bane
Social networking boon or a bane
 
Social networking
Social networkingSocial networking
Social networking
 
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
 
Introduction to ethics
Introduction to ethicsIntroduction to ethics
Introduction to ethics
 
CYP E-Safety
CYP E-SafetyCYP E-Safety
CYP E-Safety
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
 

Risks and Security of Internet and System

  • 1. Risks and Security of Internet and System Guided By : Dr. Kalpdrum Passi Group No:10
  • 2. Content :- 1. Cyber Ethics and Cyber Crime 2. Security in Social Media & Risk of Child Internet 3. Social media in Schools and photo privacy 4. Risk of OSNs and Security , Privacy of Facebook 5. Risk and Security of Social Networking site Facebook and Twitter 6. Risk analysis of Government and Online Transaction 2 Presented by:- 1. Param Nanavati 2. Darsh Desai 3. Meet Bhalodiya 4. Akash Patel 5. Mihir Darji 6. Teerth Patel Group No:10
  • 3. Cyber Ethics and Cyber Crime • Future wars will be cyber wars and the attacks will be a sturdy amalgamation of cryptography along with malware to distort information systems and its security. • The explosive Internet growth facilitates cyber-attacks. • Web threats include risks, that of loss of confidential data and erosion of consumer confidence in e-commerce. • The emergence of cyber hack jacking threat in the new form in cyberspace is known as ransomware or crypto virus. 3
  • 4. • The locker bot waits for specific triggering events, to become active. It blocks the task manager, command prompt and other cardinal executable files, a thread checks for their existence every few milliseconds, killing them if present. • Imposing serious threats to the digital generation, ransomware pawns the Internet users by hijacking their system and encrypting entire system utility files and folders, and then demanding ransom in exchange for the decryption key it provides for release of the encrypted resources to its original form. 4
  • 5. • We present in this research, the study of a ransomware family that recently picked up quite a rage and is called CTB locker, and go on to the hard money it makes per user, and its source C&C server, which lies with the Internet’s greatest incognito mode– The Dark Net. • Crypto locker Ransomware or the CTB Locker makes a Bitcoin wallet per victim and payment mode is in the form of digital bitcoins which utilizes the anonymity network or Tor gateway. • CTB Locker is the deadliest malware the world ever encountered. CTB-Locker stands for “Curve-Tor-Bitcoin-Locker 5
  • 6. RANSOMWARE WORKING PRINCIPLE -Rhyme Upadhyaya • Ransomware propagates like a typical malware does but methods employ sharp social engineering tactics, accidental or unwanted downloads, visiting websites stuffed with bloatware ,or simply by following a malicious link or ad. • Also one should never trust email attachments from unacknowledged paternity. Once the malware spreads, it runs the code in its payload. 6
  • 7. • Ransomware can also spread through removable storage if a user uses the same removable storage for data transfer in multiple computers. • Some nuance applications can come bundled with malware or adware which one may not even have an idea it exists in their newly bought systems. 7
  • 8. 8 [A Timeline Of Ransomware Variants]
  • 9. BITCOIN AND THE TOR NETWORK - Aruna Jain • This is electronic money, a crypto-currency that does away with the need for banks by combining a limited quantity digital currency with state of the art cryptographic security and a peer-to-peer network. • All transactions are irreversible. • It is also free, unlike Visa or PayPal • Tor stands for The Onion Router so-called because of the layered encryption process. • Crypto anarchism and Onion Routing are the two vivacious terms linked to the underground web. 9 Keywords: locker bot; cyber crime; ransomware; malware; bitcoin; dark net; tor; CTB locker
  • 10. • Tor was originally funded by the US Navy at the start of the Millennium and is used by numerous agencies and others to transmit and receive sensitive information. • Within the Tor, you can mask your identity and travel the Surface Web with total anonymity. • Transferring money without leaving a trace is not always easy, however, the Dark Net’s own currency bitcoin provides the solution. 10
  • 11. Understanding Privacy Concerns of WhatsApp Users in India -Jayati Dev,Sanchari Das Introduction: WhatsApp Messenger is a freeware, cross- platform messaging and Voice over IP (VoIP) service owned by Facebook . The study evaluates the risk perception of WhatsApp users in India by analyzing a survey recruiting 213 Indian participants Received valid responses from 213 participants (71 Female,135 Male) who identified themselves as Indian.
  • 12. Problems: • Targeted Advertisements. • Understanding Customer’s behaviour. • 35.21% participants expressed concern over being contacted by strangers. • Participants indicated more sensitivity for privacy when in groups.
  • 13. Solutions: • Privacy by Default • Add customized features such as ‘Last Seen’, ‘Read Receipts’, etc. for individual and group interactions
  • 14. IS CHILD INTERNET ACCESS A QUESTIONABLE RISK? -ANDREW ANDERSON, CHARLES SHONIREGUN • There is no doubt that the Internet has become an indispensable part of life for many people. • Innovative avenues of communication -- chat rooms, e-mail, downloads and information searches -- are among the Internets greatest assets. • This paper discusses the Internet in correlation to its usage by children both for academic and social activities.
  • 15. Problems: • A child or teenager having unsupervised access to the Internet is open to a world of harmful risks that can be both psychologically damaging and/or physically abusive. • In October 2001, a paediatrician pled guilty to 11 felony counts of attempted child molestation and sending pornographic pictures to a minor via the Internet.
  • 16. Solutions: • The UK government strategy has been to educate parents through advertising campaigns and to teach awareness to children and parents through schools. • A variety of technology-based tools for assisting in Internet safety are available on the market to parents, educational institutions and business organisations.
  • 17. Benefits and risks of social media in school -Miami-Dade County Public Schools, Florida • Rapid increment in Social networking sites such as Facebook and Twitter among students. • Facebook with an estimated 750 million visitors each month. Twitter, a micro-blogging social networking site, with an estimated 250 million visitors each month. • In a Survey conducted by Pew Research Center’s Internet and American Life Project for the teens of Age 12-17 95% of them remains online and 80% of these online teens use social networking sites. 17
  • 18. Benefits of social media in school • It allows teachers to better understand and quickly recognize the students’ learning needs. • It enhances the communication between teachers and students. • It helps in informal communications and learning. • It helps to create a collaborative atmosphere and increases the student engagement. 18
  • 19. Risks of social media in school • Cyberbullying - Social networking sites make bullying easier and more public than bullying through other online activities such as email and instant messaging. • Exposure to offensive material - As per the survey of National School Boards Association’s (2007) of students ages 9-17, 20% of students were exposed to inappropriate content on social networking sites and 18% were exposed to inappropriate language on these sites. • Compromised online safety- Social network users are susceptible to phishing, or attempts to acquire personal information such as passwords and banking information, through the means of fraud. 19
  • 20. Risks of social media in school • Reduces face-to-face communication. • For students Social media is a biggest Distraction from school work. 20
  • 21. Solutions associated with Risk • To develop an appropriate policy for social networking. • Develop strategies for preventing, identifying, and responding to cyberbullying. • Consider using specially designed education-based social networking sites. • Provide teachers with training on the use of social networking in the classroom. 21
  • 22. Cryptagram: The photo privacy for online social media -New York University, NYC • The online social networks has spreads its roots world wide. It enables the users to share their photos easily, which introduces the users with several privacy threats. • The current privacy controls on social systems are a bit adequate, resulting in inappropriate flows of information when users fail to understand their privacy settings or sometimes online social networks fails to implement their policies correctly 22
  • 23. • To comes up such situation and to terminate the inappropriate flow of pictorial data students of NYU has proposed a feature called Cryptagram which enhances the photo privacy for online social media. 23
  • 24. Cryptagram • Cryptagram enables users to convert photos into encrypted images, which the users upload to Social media. • Users directly can decrypt those photos via shared keys that are independent of Social media or other third parties. • Cryptagram’s browser extension integrates smoothly with existing Social medias, including Facebook and Google+, and currently has over 400 active users. 24
  • 25. Cryptagram • Example Cryptagram user experience. On the left, we show a social network with embedded Cryptagrams, uploaded by a user. A browser extension decrypts the images in place as shown on the right. 25
  • 26. Online Social Networks Risks to Organisations -Talitakuum A. T. Ekandjo, Hussin Jazri • The use of online social networks (OSNs) is increasing day by day. • Organisations need to regulate OSNs related threats emanating from the employees. • For organisations to implement effective security management programs, it is recommended to implementing OSNs security control mechanisms. 26
  • 27. Introduction • OSNs can be define as the it is a web based service that allow users to create their profile over the bounded system, and it can be accessed by the other users that is within bounded system. • OSNs platforms are having large information's , and it making easy for malicious attackers to gather information required to carry out an attack. 27
  • 28. Risk of OSNs to the Organizations • Brand and Reputational Risks. • Financial Risks. • Communication Risks. • Technological Risks. • Legal Risks. 28
  • 29. Conclusion • OSNs is important tools for both individuals and organisations due to the benefits they provide such real time communication, marketing, networking and relationships maintenance. • OSNs adoption and use can result in huge information security risks to the Organizations. • It is need to improve the security mechanisms and Policies of Organizations so, the risk of using the OSNs can be reduced. 29
  • 30. Privacy and Security Issues in Social Networks :An Evaluation of Facebook -Abdulmohsen Albesher • Social networking websites have grown rapidly in recent years. Many people are involved in several virtual networking websites. • However, many users are not aware of the potential risk that may occur when using social networking websites. • It is needed for a regular review of privacy settings and policy to control the interaction between users and applications. 30
  • 31. Introduction • Facebook is surrounded by many data privacy threats and security vulnerabilities. • Users of Facebook can also install numerous third party applications which are designed to meet a lot of interests. • Although users are encouraged to specify their privacy settings when they register for the first time, the privacy settings remain in default until they get updated later on by the user 31
  • 32. Facebook • Facebook was created in 2003 by Mark Zuckerburg and some of his friends as a network for undergraduate students at Harvard University. • After some time it was popular in U.S and most of students had created their profiles on the Facebook. • Currently Facebook is the most popular Social Network in the word. • Security of Facebook:- 32
  • 33. 1. Privacy Settings 2.Third Party Applications 3. Security Questions
  • 34. Conclusion • Risks associated with third party applications were determined and how user’s profile information can be used to answer the security questions and accordingly solutions were provided. • User’s regular review of privacy settings is needed and a list of settings to control the interaction between users and applications should be provided. • It suggested that users’ awareness of privacy settings in Facebook can be enhanced by providing an awareness video and guidance. 34
  • 35. FlyByNight: Mitigating the Privacy Risks of Social Networking -Matthew M. Lucas • We aim to mitigate risk through the social net working website Facebook through encryption. • This architecture makes a trade-off between security and usability in the interests of User. • It address some of limitations of the Facebook platform through proxy cryptography.
  • 36. Architecture • Generate Private Key & Cryptographic operation performed. • Password used for Encrypt the PK. • PK transmitted to the flyByNight application server via Facebook servers.
  • 37.
  • 38. The Doppelgänger Bot Attack: Identity Impersonation in Online Social Networks -Oana Goga • People have long been aware of malicious users that impersonate celebrities or launch identity theft attacks in social networks. • We also propose and evaluate methods to automatically detect impersonation attacks sooner than they are being detected in today's Twitter social network.
  • 39. • To ask human workers if both identities are the same user. • Unfortunately, such an exercise would be very expensive to scale to millions of potential doppelganger pairs. • So ,Built an automated rule- based matching scheme that determine when the profile attributes of two identities match sufficiently or not.
  • 40. Security risk analysis of government public data center -Ning Lu • Public Data Center is the Information Heart of the Government, this focuses on security risk analysis. • With the continuous highly integrated and centralized government information, large- scale government public data centers and data warehouses have been continuously derived. • As a result, the risks of the public data center are ubiquitous. Security System Design Model
  • 41. • The data center is built on the TCP/IP network system. The TCP/IP network model can be divided into four layers: 1. Physical layer:-It is the foundation of the network system security. It includes environmental security, equipment security and media security. 2. Link layer:-When data is transmitted on the network link data leakage may easily occur. 3. Network layer:-The TCP/IP protocol is insecure so security threats such as IP address spoofing, source address routing spoofing, port scanning can be done. 4. Application layer:- There are a large number of web application services running on the government's external affairs network such as e-mail service, WWW service, FTP service. Security Risk Analysis
  • 43. Some Methods to Depress the Risks of the Online Transactions -Haixia Tan Introduction • In comparison, the Internet is indeed more efficient but the realistic situation is that most consumers are unwilling to be engaged in e- commerce because they fear that they will meet with the risks of the online transactions.
  • 44. Problems: Risks can come from many aspects • Privacy issues • E-commerce technology, • Lack of reliability in e-commerce, • Lack of the social, financial & legal infrastructures of the e-commerce environment ,etc.
  • 45. Solutions Important requirements for e-commerce security are • The need to verify the identity of the other party in the transaction, • To ensure that no one can intercept the information being exchanged during the transaction, • To protect sensitive information that is stored on computers before and after an e-commerce transaction, • And in general to prevent disruption of services and applications.