SEMINAR REPORT

CLASS: B.E 7TH SEMESTER

BRANCH: COMPUTER ENGINEERING
TOPIC: CYBER SECURITY
COLLEGE: YOGANANDA COLLEGE OF
ENGINEERING AND TECHNOLOGY

TEAM MEMBERS
Name of the Students University Roll No.
Gourav Loch 1224/17

Danyal Majeed Bhat 1239/17

Manik Sharma 1248/17

Aman Lasgotra 1259/17

ACKNOWLEDGEMENT
Working on this Seminar Report on "Cyber
Security" was a source of immense knowledge to
me and my team. We would like to express our
sincere gratitude to Prof. (Dr.) A. K. Srivastava for
his guidance on making this seminar report in the
right way. We acknowledge with a deep sense of
gratitude and for the encouragement received to
mould this report.

CONTENTS
 Introduction to Cyber Security
 Cybercrime
 Challenges of Cyber Security
 Cyber Threats
 How to Avoid Cyber Attacks
 Antivirus and Firewalls
 Advantages and Disadvantages
 Conclusion

INTRODUCTION TO CYBER SECURITY

CYBER SECURITY: It is the body of
technologies, processes, and practices designed to
protect networks, devices, programs, and data from
attack, theft, damage, modification or unauthorized
access.
The field is becoming more important due to increased
reliance on computer systems , the Internet and
wireless network standards such as Bluetooth and Wi-
Fi and due to the growth of smart devices including
smartphones, telephones, and the various devices that
constitute the “Internet of things”.

Why do we need cyber security?

• With an increasing amount of people getting

connected to internet, the security threats that
cause massive harm are increasing also.
• Cyber security is necessary since it helps in
securing data from threats such as data theft or
misuse, also safeguards your system from viruses.
 CYBERCRIME

Cybercrime, or computer-oriented crime, is a crime

that involves a computer and a network. The computer
may have been used in the commission of a crime, or it
may be the target. Cybercrime may threaten a person,
company or nation’s security and financial health.
Cybercrime,also called computer crime, the use of
a computer as an instrument to further illegal ends,
such as committing fraud, trafficking in child
pornography and intellectual property, stealing
identities, or violating privacy. Cybercrime, especially
through the Internet, has grown in importance as the
computer has become central to commerce,
entertainment, and government.

Categories of Cybercrime:
We can categorize cyber crime into two ways:
• The computer as a target: Using a computer to
attack other computers e.g. Hacking, Virus/Worms
attack, Dos attack etc.
• The computer as a weapon: Using a computer to
commit real world crime e.g. Credit card fraud etc.
 CHALLENGES OF CYBER SECURITY

 NETWORK SECURITY: Network security

is a broad term that covers a multitude of
technologies, devices and processes. In its simplest
term, it is a set of rules and configurations
designed to protect the integrity, confidentiality
and accessibility of computer networks and data
using both software and hardware technologies. 
 APPLICATION SECURITY: Application
security is the process of making apps more
secure by finding, fixing, and enhancing the
security of apps. Much of this happens during the
development phase, but it includes tools and
methods to protect apps once they are deployed.
This is becoming more important as hackers
increasingly target applications with their attacks .
 DATA SECURITY: Data security refers to
the process of protecting data from unauthorized
access and data corruption throughout its
lifecycle. Data security includes data encryption,
 hashing,tokenization, and key management
practices that protect data across all applications
and platforms.
 IDENTITY SECURITY: Identity security
describes the proactive approach to safely
controlling user and system information that is
used to authenticate and authorize user identities
for access to secure resources.
 CLOUD SECURITY: Cloud security, also
known as cloud computing security, consists of a
set of policies, controls, procedures and
technologies that work together to protect cloud-
based systems, data, and infrastructure. These
security measures are configured to protect cloud
data, support regulatory compliance and protect
customers' privacy as well as setting
authentication rules for individual users and
devices.
 MOBILE SECURITY: Mobile security is
the protection of smartphones, tablets, laptops
and other portable computing devices, and the
networks they connect to, from threats and
vulnerabilities associated with wireless
computing. Mobile security is also known as
wireless security.
 END-USER SECURITY: The end-user is
usually the weakest link when it comes to
cybersecurity and that is what attackers are
counting on. This is why phishing is such a popular
technique for spreading ransomware.

CYBER THREATS

 HACKING: Hacking in simple term means an

illegal intrusion in a computer system or network.
It is also known as cracking. Govt. and MNC’s
websites are the hot targets of hackers due to
press coverage it receives. Hacking is an attempt
to exploit a computer system or a private network
inside a computer. Simply put, it is the
unauthorised access to or control over computer
network security systems for some illicit purpose.

How can we prevent ourselves from

being getting hacked?

• Update regularly
• Passwords: don’t re-use them
• Download from authorised sources
• 'Administrator' shouldn't be your default setting
• Turn off when you’re done
• Encrypt to keep your stuff unreadable

• PHISHING: Phishing is fraudulent attempt,

usually made through email, to steal your personal
information.Phishing is the attempt to obtain
sensitive information such as username , password
and credit card details oftem for malicious
reasons through an electronic
communication(such as E-mail). A common online
phishing scam starts with an email message that
appears to come from a trusted source(legitimate
site) but actually directs recipents to provide
information to a fraudulent website.

• DENIAL of SERVICE(DoS): This is an act

by the criminals who floods the bandwidth of the
victims network.In the Dos attack, a hacker uses a
single internet connection to either exploit a
software vulnerability or flood a target with fake
request with fake request usually I an attempt to
exhaust server resources.On the other hand, DDoS
attacks are launched from multiple connected
devices that are distributed across the internet.
1. DoS = When a single host attacks.
2. DDoS = When multiple hosts attack
simultaneously and continuously.
• SPAM EMAIL: Email Spam is the electronic
version ofjunk mail. It involves sending unwanted
messages often unsolicited advertising, to a large
number of recipents. Spam is a serious security
concern as it can be used to deliver Trojan horses ,
viruses, worms, spyware, and targeted phishing
attacks.

• MALWARE: It’s malicious software(such as

virus, worms and Trojan) which specifically
designed to disrupt or damage computer system
or mobile device. Hackers use malware for any
number of reasons such as, extracting personal
info. Or passwords, stealing money, or preventing
owners from accessing their device. Viruses are
programs that attach themselves to a computer or
file and then circulate themselves to other files
and to other computers on a network. They either
alter or delete the data. Malware has actually
been a threat to individuals and organizations
since the early 1970s when the Creeper virus first
appeared. Since then, the world has been under
 attack from hundreds of thousands of different
malware variants, all with the intent of causing the
most disruption and damage as possible.

• ATM Skimming and Point of Scale

Crimes: It is a technique of compromising the
ATM machine by installing a skimming device a top
the machine keypad to appear as a genuine
keypad or a device made to be affixed to the card
reader to look like a part of the machine.
Additionally, malware that steals credit card data
directly can also be installed on these devices.
Successful implementation of skimmers cause in
ATM machine to collect card numbers and
personal identification number codes that are
later replicated to carry out fraudulent
transaction.

HOW TO AVOID CYBER ATTACKS?

• Uninstall unnecessary softwares.

• Install, use and regularly update antivirus and
antispyware software on every computer 
• Use a firewall for your Internet connection
 • Make backup copies of important business data
and information.
• Control physical access to your computers and
network components.
• Secure your Wi-Fi networks. If you have a Wi-Fi
network for your workplace make sure it is secure
and hidden.
• Regularly change passwords.
• Employee personal accounts

ANTIVIRUS AND FIREWALLS

ANTIVIRUS: Antivirus software, sometimes

known as anti-malware software, is designed to detect,
prevent and take action to disarm or remove malicious
software from your computer such as viruses, worms
and Trojan horses. It may also prevent or remove
unwanted spyware and adware in addition to other
types of malicious programs. The first versions of
antivirus software can be traced as far back as the
1980s.
Antivirus software will begin by checking your
computer programs and comparing them to known
types of malware. It will also scan your computer for
behaviors that may signal the presence of a new,
unknown malware. Typically, antivirus software uses all
three scanning detection processes:
 Specific Detection – This works by looking for
known malware by a specific set of characteristics.
 Generic Detection – This process looks for
malware that are variants of known “families,” or
malware related by a common codebase.
 Heuristic Detection – This process scans for
previously unknown viruses by looking for known
suspicious behavior or file structures.

FIREWALL: A firewall is a system that provides

network security by filtering incoming and outgoing
network traffic based on a set of user-defined rules. In
general, the purpose of a firewall is to reduce or
eliminate the occurrence of unwanted network
communications while allowing all legitimate
communication to flow freely. In most server
infrastructures, firewalls provide an essential layer of
security that, combined with other measures, prevent
attackers from accessing your servers in malicious
ways.
When your computer has firewall protection,
everything that goes in and out of it is monitored.  The
firewall monitors all this information traffic to allow
 ‘good data’ in, but block ‘bad data’ from entering your
computer.
Firewalls use one or a combination of the following
three methods to control traffic flowing in and out of
the network:
 
 Packet filtering
The most basic form of firewall software uses pre-
determined security rules to create filters – if an
incoming packet of information (small chunk of data) is
flagged by the filters, it is not allowed through. Packets
that make it through the filters are sent to the
requesting system and all others are discarded.
 
 Proxy service
A firewall proxy server is an application that acts as an
intermediary between systems. Information from the
internet is retrieved by the firewall and then sent to
the requesting system and vice versa. Firewall proxy
servers operate at the application layer of the firewall,
where both ends of a connection are forced to conduct
the session through the proxy. They operate by
creating and running a process on the firewall that
mirrors a service as if it were running on the end host,
and thus centralise all information transfer for an
activity to the firewall for scanning.
  
 Stateful inspection
The most modern method of firewall scanning, that
doesn't rely on the memory-intensive examination of
all information packets is ‘stateful inspection’.  A
‘stateful’ firewall holds significant attributes of each
connection in a database of trusted information, for
the duration of the session. These attributes, which are
collectively known as the ‘state’ of the connection, may
include such details as the IP addresses and ports
involved in the connection and the sequence numbers
of the packets being transferred. The firewall compares
information being transferred to the copy relevant to
that transfer held in the database – if the comparison
yields a positive match the information is allowed
through, otherwise it is denied.

ADVANTAGES AND DISADVANTAGES

The advantages and disadvantages of Cyber Security

are listed below:
ADVANTAGES:
1) Protects system against viruses, worms, spyware
and other unwanted programs.
2) Protection against data from theft.
3) Protects  the computer from being hacked.
4) Minimizes computer freezing and crashes.
5) Gives privacy to users

DISADVANTAGES:
1) Firewalls can be difficult to configure correctly.
2) Incorrectly configured firewalls may block users
from performing certain actions on the Internet, until
the firewall configured correctly.
3) Makes the system slower than before.
4) Need to keep updating the new software in order to
keep security up to date.
5) Could be costly for average user.
 CONCLUSION

we can say that Cyber Security is one of the most

important issues that we have faced with the increase
in technological advancements, anything and
everything that exists on the internet isn't completely
safe. With the increase in Cyber crimes in India the
government of India took a major step and introduced
an act in the year 2000 which is called as (IT act 2000)
which states that it is the primary law in India dealing
with cybercrime and electronic commerce. The Act
providesa legal framework for electronic governance
by giving recognition to electronic records and digital
signatures. It also defines cyber crimes and prescribes
penalties for them.
Cybersecurity is a never-ending battle. A permanently
decisive solution to the problem will not be found in
the foreseeable future,even Mark Zukerberg the
creator of one of the most used social networking sites
Facebook is seen covering his laptop's front camera
with a duct tape so that the camera might not be
accessed by anyone else then what else can we expect
from our security.
So, be littie cautious and attentive while using/working
on the internet because the safety is in your hands
only.

REFERENCES

1. https://www.udemy.com/course/the-complete-
internet-security-privacy-course-volume-1/

2. https://www.geeksforgeeks.org/cyber-system-
security/

3. Cybersecurity Essentials by charles Brooks and

Christopher Grow ( October 30,2018 )

4. Cybersecurity-Attack and Defense Strategies by

Yuri Diogenes ( December 31, 2019 )

5. https://en.wikipedia.org/wiki/Cybercrime