Cyber Security

Cyber Security is the body of technologies, process and practices designed to protect networks, devices, programs and data from attack, damage or unauthorized access.

Cyber Security
Cyber Security

Introduction

Cyber Security is the body of technologies, process and practices designed to protect networks, devices, programs and data from attack, damage or unauthorized access.

There are three main pillars of cyber security

  • Confidentiality
  • Integrity
  • Availability

Confidentiality

The principles of confidentiality assert that information and functions can be accessed only by authorized parties. Confidentiality refers to protecting information from being accessed by unauthorized parties.

Example: Military secrets

Integrity

The principles of integrity assert that information and functions can be added, altered or removed only by authorized people.

Example: A user entered incorrect data in the database.

Availability

The principles of availability assert that system, function and data must be available on demand according to agreed-upon parameters based on levels of service.

Note: information is unavailable not only when it is lost or destroyed, but also when access to the information is denied or delayed

Example: Gmail is always available on internet.

There are two different parameters in CIA(Confidentiality, Integrity and Availability) they are

  • Cybercrime
  • Hacking

Cybercrime

Cybercrime is any criminal activity that involves a computer, network device or a network. Most cybercrime are carried out in order to generate profit from the cyber criminals. cybercrime is committed by cybercriminals or hackers who want to make money. Cybercrime is carried out by individuals or organizations.

CYBER THREATS

Malware

Malware is an all in composing term for a variety of cyber threats including trojans, virus’s and warms. Malware is simply defined as code with malicious intend typically seals data or destroy something on the computer.

Phishing

Phishing attacks are sent by email and ask users to click on a link and enter their personal data. Phishing data is much more sophisticated in recent years making it difficult for some people to understand. Phishing emails fall into the same category as spam but they are more harmful than just a simple ad.

Password attack

Password attack is exactly what it sounds like a third party trying to gain access to your system by cracking a user’s password.

DDoS

DDoS stands for distributed denial of service ad or staff focuses on distributing the service of a network attackers send high volumes of data or traffic through the network that is making a lot of connection requests until the network becomes overloaded and can no longer function.

Drive-by-downloads

Through malware on a legitimate website a program is downloaded to a user system just by visiting the site it doesn’t require any type of action by the user to download it actually.

Rouge Software

Rouge software are basically malware that are masquerading as legitimate and necessary security software that will keep your system safe.

Web Application Threads

Attackers target to web application to steel credentials, acquire private information to threaten the performance of the website or set up publishing site.

Man in the middle

Man in the middle attacks by impersonating the endpoint in an online information exchange that is the connection from your smartphone to a website the Man in the middle attack can obtain information from the end users and entity he or she is communicating with.

Mal-advertising

Mal-advertising is a way to compromise your computer with malicious code that is downloaded to your system when you click on an affected ad.

Hacking

Hacking refers to exploiting system vulnerabilities and compromising security controls to gain unauthorized access to the system resources. Hackers are motivated by personal gain, to make a statement, or just because they can. A hacker is an intelligent individuals with excellent computer skills with the ability to create and explore into computer’s software and hardware. Hackers intention can either be to gain knowledge or to do illegal things.

TYPES OF HACKERS

Hackers are classified into three type

  • White hat
  • Black hat
  • Grey hat

White hat

White hat hacker is also called ethical hacker. They are also known as security analysts. They use their knowledge for the best of the society. They are used for defensive purposes. White hat hackers have permission from the system owner.

Black hat

Black hat hackers are also called as cracker. They are individuals with extraordinary computing skills. They break the security of the computer for wicked intention.

Grey hat

Grey hat hackers are individuals who work both offensive and defensive at various times. They are a combination of both white hat and black hat.

Advantage of Cyber Security

  • It will defend us from hackers and virus.
  • It will help us to browse safe website.
  • It will defend us from critical attacks.

Security Techniques

Using cryptography and authentication techniques strong security is provided to the information or system. Another technique used for strong security is authentication technique.

Some of the security techniques are

  • Series of confidence – Series of confidence ensures that all software use has been authentic.
  • Access control – It will control the access to data and system. If a user misuses the data or system then the access will be denied.
  • Ability to defect unpatched known flaws – When an application provides no way to scrap already known security flaws.
  • Backup of data – Taking regular backup can secure our data.
  • Antivirus software – Antivirus provides security to our system from virus.
  • Firewalls – We can protect the internal network from external attacks using firewall.
  • Encryption – Encryption allows authorised users to read the data. Cryptography technique is used to protect the data.
  • Intrusion-detection system(IDS) – It is used to detect he internal and external attacks on a network or a computer.
  • Information Security awareness – It educate the people about the use of internet and computer.

Category of computer security

Cryptography

Cryptography is a method of protecting communication and information through codes. Cryptography is an indispensable tool for protecting information in computer systems. Crypt means hidden and graphy means writing. It is used to storing and transmitting data in a particular form so that only those for whom it is intended can read and process it.

Cryptography is used in ancient time for sending secret information. The original message is called plaintext, this plaintext is converted into some meaningless text called ciphertext. The conversion of plaintext into ciphertext is called encryption, and the conversion of ciphertext into plaintext is called decryption.

Data Security

Data security refers to the protective measures which ensure that data or computer is kept safe from corruption or modification. It prevents unauthorized access to data and computer. Data security helps to provide privacy to the data.

We can secure our data by following ways

  • Data Encryption
  • Data Backup
  • Data Masking
  • Data Erasure

Substitution Cipher

A Substitution cipher is a method of encryption, the units of any character of plain text is replaced with ciphertext depending on a key. units may be individual letters or characters, letter pairs, triplets, or other combinations.

Example:

Plain Text: Welcome to Neural Beast

Key: C

Output: ygneqog vq pgwtcn dgcuv

Each letter of the alphabet is assigned with a number that is

a = 0 b = 1 c = 2
d = 3 e = 4 f = 5
g = 6 h = 7 i = 8
j = 9 k = 10 l = 11
m = 12 n = 13 o = 14
p = 15 q = 16 r = 17
s = 18 t = 19 u = 20
v = 21 w = 22 x = 23
y = 24 z = 25

Each letter in the plain text is converted to its number, then the value for the key is added and finally the resulting number is converted into a letter. From the above example w is 22 and for key c is 2 that is 22 + 2 = 24 is y and this will repeated for each character in the plaintext.

The Decryption is very simple, subtract key from cipher text to get plain text. 24 – 2 = 22 is w.

Python algorithm for Substitution Cipher

import string
letter = string.ascii_letters
mydict = {}
key = int(input('Enter The Key:\n'))
for a in range(len(letter)):
 mydict[letter[a]] = letter[(a + key) % len(letter)]
plaintext = input('Enter the plain text:\n')
ciphertext = []
for b in plaintext:
 if b in letter:
  c = mydict[b]
  ciphertext.append(c)
 else:
  c = b
  ciphertext.append(c)
ciphertext = "".join(ciphertext)
print("The Cipher text is :", ciphertext)
mydict1 = {}
for a in range(len(letter)):
 mydict1[letter[a]] = letter[(a-key)%(len(letter))]
decrypttext = []
for b in ciphertext:
 if b in letter:
  c = mydict1[b]
  decrypttext.append(c)
 else:
  c = b
  decrypttext.append(c)
decrypttext = "".join(decrypttext)
print("The decrypted Plain text : ", decrypttext)

Output:

Enter The Key:
2
Enter the plain text:
welcome to neural beast
The Cipher text is : ygneqog vq pgwtcn dgcuv
The decrypted Plain text :  welcome to neural beast