AUC-002: CYBER SECURITY- UNIT II

ATUL KUMAR VERMA

Asst. Professor (CS)
Security Threats
There are numerous threats to security of applications and data. With the
increasing use of the internet and the advancing IT, applications are becoming
increasingly vulnerable to threats that could be a malicious code, viruses,
worms, etc.
Some of the security threats are as follows
Virus:
A computer virus attaches itself to a program or file enabling it to spread from
one computer to another, leaving infections as it travels. Like a human virus, a
computer virus can range in severity: some may cause only mildly annoying
effects while others can damage your hardware, software or files. Almost all
viruses are attached to an executable, which means the virus may exist on your
computer but it actually cannot infect your computer unless you run or open the
malicious program. It is important to note that a virus cannot be spread without
a human action, (such as running an infected program) to keep it
going. Because a virus is spread by human action people will unknowingly
continue the spread of a computer virus by sharing infecting files or sending
emails with viruses as attachments in the email.

Worm:
A worm is similar to a virus by design and is considered to be a sub-class of a
virus. Worms spread from computer to computer, but unlike a virus, it has the
capability to travel without any human action. A worm takes advantage of file or
information transport features on your system, which is what allows it to travel
unaided.
The biggest danger with a worm is its capability to replicate itself on your
system, so rather than your computer sending out a single worm, it could send
out hundreds or thousands of copies of itself, creating a huge devastating effect.
One example would be for a worm to send a copy of itself to everyone listed in

your e-mail address book. Then, the worm replicates and sends itself out to
everyone listed in each of the receiver's address book, and the manifest
continues on down the line.
Due to the copying nature of a worm and its capability to travel across networks
the end result in most cases is that the worm consumes too much system
memory (or network bandwidth), causing Web servers, network servers and
individual computers to stop responding. In recent worm attacks such as the
much-talked-about Blaster Worm, the worm has been designed to tunnel into
your system and allow malicious users to control your computer remotely.

Trojan horse:
A Trojan horse is full of as much trickery as the mythological Trojan Horse it was
named after. The Trojan horse, at first glance will appear to be
useful software but will actually do damage once installed or run on your
computer. Those on the receiving end of a Trojan Horse are usually tricked into
opening them because they appear to be receiving legitimate software or files
from a legitimate source. When a Trojan is activated on your computer, the
results can vary. Some Trojans are designed to be more annoying than malicious
(like changing your desktop, adding silly active desktop icons) or they can cause
serious damage by deleting files and destroying information on your system.
Trojans are also known to create a backdoor on your computer that gives
malicious users access to your system, possibly allowing confidential or personal
information to be compromised. Unlike viruses and worms, Trojans do not
reproduce by infecting other files nor do they self-replicate.

Blended Threats:
Added into the mix, we also have what is called a blended threat. A blended
threat is a more sophisticated attack that bundles some of the worst aspects of
viruses, worms, Trojan horses and malicious code into one single threat. Blended
threats can use server and Internet vulnerabilities to initiate, then transmit and
also spread an attack. Characteristics of blended threats are that they cause
harm to the infected system or network, they propagates using multiple

methods, the attack can come from multiple points, and blended threats also
exploit vulnerabilities.
To be considered a blended thread, the attack would normally serve to transport
multiple attacks in one payload. For example it wouldn't just launch a DoS
attack it would also, for example, install a backdoor and maybe even damage
a local system in one shot. Additionally, blended threats are designed to use
multiple modes of transport. So, while a worm may travel and spread through email, a single blended threat could use multiple routes including e-mail, IRC and
file-sharing sharing networks.
Lastly, rather than a specific attack on predetermined .exe files, a blended
thread could do multiple malicious acts, like modify your exe files, HTML files
and registry keys at the same time basically it can cause damage within
several areas of your network at one time.
Blended threats are considered to be the worst risk to security since the
inception of viruses, as most blended threats also require no human intervention
to propagate.

Logic bomb: A logic bomb is a code which could be written and placed in a
system by a programmer. A logic bomb needs a trigger to be activated. A trigger
is actually a specific condition which needs to be fulfilled to activate the logic
bomb. Logic bomb is not easy to find out in the system and it is mostly
untraceable. It is activated only when certain conditions are met. Logic bombs
can delete files, encrypt data or lock the system down which can be unlocked
only by the person who placed the logic bomb.

Spoofing: Spoofing means providing false information about your identity to

gain unauthorized access to others computer system. In a spoofing attack, one
person or program successfully pretends as another by falsifying data.
The Different type of spoofing is as follows
Login spoofing: Login spoofing is a technique used by a programmer to place
a fake login screen in front of the user which looks exactly like the regular login

screen. After the user has entered the username and password and when he hits
the login screen, the password is acquired by the programmer and the original
login screen is displayed. The user thinks that he made a typo while entering
the password and logs in again not knowing that his password has been
acquired.

Caller ID spoofing is the practice of causing the telephone network to indicate

to the receiver of a call that the originator of the call is a station other than the
true originating station. For example, a Caller ID display might display a phone
number different from that of the telephone from which the call was placed. The
term is commonly used to describe situations in which the motivation is
considered malicious by the speaker or writer.
Email spoofing is the creation of email messages with a forged sender address
- something which is simple to do because the core protocols do
no authentication. Spam and phishing emails typically use such spoofing to
mislead the recipient about the origin of the message.
In computer networking, IP address spoofing or IP spoofing is the creation
of Internet Protocol (IP) packets with a source IP address, with the purpose of
concealing the identity of the sender or impersonating another computing
system.
SMS spoofing is a relatively new technology which uses the short message
service (SMS), available on most mobile phones and personal digital assistants,
to set who the message appears to come from by replacing the originating
mobile number (Sender ID) with alphanumeric text. Spoofing has both
legitimate uses (setting the company name from which the message is being
sent, setting your own mobile number, or a product name) and illegitimate uses
(such as impersonating another person, company, product).
Trap doors
A trap door is a secret entry point into a program that allows someone that is
aware of the trap door to gain access without going through the usual security
access procedures. Trap doors have been used legitimately for many years by
programmers to debug and test programs. Trap doors become threats when
they are used by unscrupulous programmers to gain unauthorized access. It is
difficult to implement operating system controls for trap doors. Security

measures must focus on the program development and software update

activities.
E-mail Virus: A virus that comes within an attached file in an e-mail message.
When that file is opened, the virus does its damage. Macro viruses can come in
Microsoft Word documents that are sent as e-mail attachments. The macro
causes the damage when the document is opened providing macro processing
has not been disabled within the Microsoft Word application.
Look at Your Extensions!

Files with .EXE or .VBS extensions are always suspect, because once the file
name is clicked, the program is run, and it can do anything it wants within the
computer. SHS files, a somewhat obscure file type, can also contain executable
code. Another approach is to attach a Windows link file (.LNK), which is a
shortcut, or pointer, to an executable file (.EXE) that is also attached. Since
many have been warned not to click an .EXE attachment, the link file is a sneaky
way of launching the .EXE file for unaware users
Macro Virus
A macro virus is a computer virus that alters or replaces a macro, which is a set
of commands used by programs to perform common actions. For example, the
"open document" action in many word-processing programs relies on a macro to
function, since there are several discrete steps in the process. Macro viruses
change this command set, allowing them to execute whenever the macro is run.
Sources of Macro Viruses
Macro viruses are most commonly found embedded in documents or inserted as
malicious code into word-processing programs. They may come from documents
attached to emails, or the code may be downloaded after clicking on "phishing"
links in banner ads or URLs. They are difficult to detect, as they do not operate
until an infected macro is run, at which time they perform a series of
commands. A macro virus is similar to a Trojan virus, since it may appear benign
and users may not immediately notice any ill effects. Unlike Trojans, however,
macro viruses can replicate themselves and infect other computers.
Types of Macro Viruses
1. Concept Virus
Concept was the first macro virus, appearing in July 1995 and targeted Microsoft
Word. Macro viruses subsequently became the dominant type of virus.
2. Melissa Virus
Melissa made history as the first macro virus with email worm trait and started

spreading via email on March 26, 1999 infecting tens of thousands within hours.
It was one of the most serious epidemics in Internet history.
Malicious Software: Malicious software (malware) is any software that gives
partial to full control of your computer to do whatever the malware creator
wants. Malware can be a virus, worm, Trojan, adware, spyware, root kit, etc. The
damage done can vary from something slight as changing the author's name on
a document to full control of your machine without your ability to easily find out.
Most malware requires the user to initiate it's operation. Some vectors of attack
include attachments in e-mails, browsing a malicious website that installs
software after the user clicks ok on a pop-up, and from vulnerabilities in the
operating system or programs. Malware is not limited to one operating system.
Malware types can be categorized as follows: viruses, worms, trojans, and
backdoors seek to infect and spread themselves to create more havoc. Adware
and spyware seek to embed themselves to watch what the user does and act
upon that data. Root kits seek to give full access of your machine to the attacker
to do what they want.
Malware, short for malicious software, is any software used to disrupt
computer operation, gather sensitive information, or gain access to private
computer systems.[1] Malware is defined by its malicious intent, acting against
the requirements of the computer user, and does not include software that
causes unintentional harm due to some deficiency. The term badware is
sometimes used, and applied to both true (malicious) malware and
unintentionally harmful software.
Denial of Service Attacks
A denial of service (DoS) attack is a malicious attempt to make a server or a network resource
unavailable to users, usually by temporarily interrupting or suspending the services of a host
connected to the Internet. Denial-of-service attacks are considered violations of the Internet
Architecture Board's Internet proper use policy, and also violate the acceptable use policies of
virtually allInternet service providers. They also commonly constitute violations of the laws of
individual nations. The first demonstrated DDoS attack was introduced by well known hacker
Khan C. Smith during a 1998 illegal Defcon event and later exposed for its use Botnet
mechanisms during a lawsuit filed by Earthlink which claims has caused billions in economic
damages.

Methods of attack
A denial-of-service attack is characterized by an explicit attempt by attackers to prevent
legitimate users of a service from using that service. There are two general forms of DoS
attacks: those that crash services and those that flood services.

A DoS attack can be perpetrated in a number of ways. Attacks can fundamentally be

classified into five families:
1. Consumption of computational resources, such as bandwidth, memory, disk space,
or processor time.
2. Disruption of configuration information, such as routing information.
3. Disruption of state information, such as unsolicited resetting of TCP sessions.
4. Disruption of physical network components.
5. Obstructing the communication media between the intended users and the victim so
that they can no longer communicate adequately.
A DoS attack may include execution of malware intended to:

Max out the processor's usage, preventing any work from occurring.

Trigger errors in the microcode of the machine.

Trigger errors in the sequencing of instructions, so as to force the computer into an

unstable state or lock-up.

Exploit errors in the operating system, causing resource starvation and/or thrashing, i.e.
to use up all available facilities so no real work can be accomplished or it can crash the
system itself

Crash the operating system itself.

In most cases DoS attacks involve forging of IP sender addresses (IP address spoofing) so that
the location of the attacking machines cannot easily be identified and to prevent filtering of
the packets based on the source address.
E-COMMERCE SECURITY
E-commerce security is the protection of e-commerce assets from unauthorized access, use,
alteration, or destruction.
6 dimensions of e-commerce security
1.
Integrity: prevention against unauthorized data modification
2.
Non-repudiation: prevention against any one party from reneging on an agreement after
the fact
3.
Authenticity: authentication of data source
4.
Confidentiality: protection against unauthorized data disclosure
5.
Privacy: provision of data control and disclosure
6.
Availability: prevention against data delays or removal

E-COMMERCE THREATS
Threats: anyone with the capability, technology, opportunity, and intent to do harm.Potential
threats can be foreign or domestic, internal or external, state-sponsored or a single rogue
element.Terrorists, insiders, disgruntled employees, and hackers are included in this profile
(President's Commission on Critical Infrastructure Protection)
Concern
Loss of Privacy/confidentiality, data misuse/abuse
Cracking, eavesdropping, spoofing, rootkits
Viruses, Trojans, worms, hostile ActiveX and Java
System unavailability, denial of service, natural disasters, power
interruptions

200
1
28%
25%
21%
18%

200
0
25%
20%
26%
20%

HOW TO MINIMIZE SECURITY THREATS

1.
Perform a risk assessment a list of information assets and their value to the firm
2.
Develop a security policy a written statement on:
*
what assets to protect from whom?
*
why these assets are being protected?
*
who is responsible for what protection?
*
which behaviors are acceptable and unacceptable?
3. Develop an implementation plan a set of action steps to achieve security goals
4. Create a security organization a unit to administer the security policy
5. Perform a security audit a routine review of access logs and evaluation of security
procedures
ELECTRONIC PAYMENT SYSTEMS
A medium of payment between remote buyers and sellers in cyberspace: electronic cash,
software wallets, smart cards, credit/debit cards.
Offline payment methods
Number of transactions: cash (42%), check (32%), credit card (18%) (Figure 6.1)
Dollar amount: check(52%), credit card (21%), cash (17%) (Figure 6.2)
Payment
systems
Electronic
cash
e.g., PayPa
l

Properties

Electronic
wallets

31%
of US populatio
n do not have
credit cards
micropaymen
ts (< $10)
Independent
Portable
Divisible
Stores
shipping &

Costs

Advantages

Disadvantages

Internet cash
transfer: no
fixed cost of
hardware
No distance
costs
Small
processing fee
to banks
Lengthy
download for

Efficient
Less costly

Enter
information

Money
laundering
Forgery
Low
acceptance
Multiple
standards

Client-side
wallets are not

e.g., Passp
ort

Smart
cards
e.g., Blue

Credit
cards
e.g.,VeriSi
gn

billing
information
Encrypted
digital
certificate
Embedded
microchip
storing
encrypted
personal
information
Line of credit
Purchase
dispute
protection
Secure
Electronic
Transaction
(SET) Protocol

client-side
wallets

Time value of
money

Unpaid
balance charge
$50 limit on
frauds
Processing fee

into
checkout
forms
automaticall
y
Convenienc
e

portable
Privacy issue
for server-side
wallets

Most
popular
Worldwide
acceptance

Need a card
reader
Card theft
Low
acceptance
Costly

SECURITY REQUIREMENTS
1.
Authentication of merchant and consumer
2.
Confidentiality of data
3.
Integrity of data
4.
Non-repudiation
ECURITY MEASURES
1. Secure Electronic Transaction (SET) protocol: developed jointly by MasterCard and Visa
with the goal of providing a secure payment environment for the transmission of credit
card data.
Features
Encryption of data during transmission
Confirmation of message integrity
Authentication of merchant
Authentication of consumer
Transmission of specific data only on a "need
know" basis
Inclusion of bank or trusted third party in
transaction
No need for merchant to secure credit card
data internally

SSL
Yes
Yes
Yes
No
No

SET
Yes
Yes
Yes
Yes
Yes

No

Yes

No

Yes

SET payment transaction:

*
A shopper makes a purchase and transmits encrypted billing information with his/her
digital certificate to the merchant.
*
The merchant transfers the SET-coded transaction to a payment card-processing center.
*
The processing center decrypts the transaction.

*
*
*
*
*

A certification authority certifies the digital certificate as belonging to the shopper.

The processing center routes the transaction to the shopper's bank for approval.
The merchant receives notification from the shopper's bank that the transaction is
approved.
The shopper's payment card account is charged for the transaction amount.
The merchant ships the merchandize and transmits the transaction amount to the
merchant's bank for deposit.

2. Disposable credit numbers: one-time-use credit card numbers (private payment number)
are transmitted to the merchant

Register with American Express or Discover

Download software (a Private Payment icon tray will be displayed on the screen)

Shop online

Click on the Private Payment icon

Log-in

Select the credit card to be used

View unique, one-time-use credit card number and expiration date

Enter the one-time-used credit card number and expiration date into merchant's
standard form

E-Cash
An anonymous electronic cash system; equivalent to "cash" or "printed bank notes" except
that it is transferred through networks with bits of information, in essence it is just another
representation of monetary value; anonymity is preserved through public key cryptography,
digital signatures, and blind signatures.
Electronic Money, E-Cash, is changing the way currency is perceived. While the change
seems as revolutionary as the conversion from value-based mediums of exchange (e.g. gold,
silver) to paper currency, it is actually only an evolution from current paper-based mediums.
There are a number of benefits of E-Cash over greenbacks, but there are also new issues with
which to contend. In addition to new issues, there are also new forms of old problems which
E-Cash will not solve. In its current state electronic cash is a necessary innovation in the
financial markets. However, it is highly doubtful that E-Cash will actually replace paper
currency.
E-Cash Security
There are several aspects to security when dealing with E-cash. The first issue is the security
of the transaction. How does one know that the E-cash is valid? Encryption and special serial
numbers are suppose to allow the issuing bank to verify (quickly) the authenticity of E-cash.
These methods are suseptible to hackers, just as paper currency can be counterfeited.
However, promoters of E-cash point out that the encryption methods used for electronic
money are the same as those used to protect nuclear weapon systems. The encryption
security has to also extend to the smartcard chips to insure that they are tamper resistant.
While it is feasible that a system wide breach could occur, it is highly unlikely. Just as the
Federal Government keeps a step ahead of the counterfeiters, cryptography stays a step
ahead of hackers.

Physical security of the E-cash is also a concern. If a hard drive crashes, or a smartcard is lost,
the E-cash is lost. It is just as if one lost a paper currency filled wallet. The industry is still
developing rules/mechanisms for dealing with such losses, but for the most part, E-cash is
being treated as paper cash in terms of physical security. Companies are making some
exceptions when it comes to a software/hardware failure, but these are supposed to be rare.
To help customers get used to this concept, most companies are limiting E-cash wallets to
$500, reflecting the primary use of E-cash for low value transactions. There is a benefit to Ecash in the area of theft, however. A mugger or pickpocket would not be able to make use of
another's smartcard without the appropriate password. Merchants should also lose less cash
to employee theft, since the electronic cash will be inaccessible (or, at a minimum, traceable).
The ultimate area of security is faith in the currency. This, however, would still be the
responsibility of the Federal Government on a systemic basis. Essentially, the E-cash is merely
a representation of hard currency on deposit at banks. Thus, faith in the system should not
falter.
E-Cash Privacy
Transactions involving paper currency are difficult to trace. If digital money is to replace paper
currency, it must retain certain aspects of this quality.
As information technologies expand, privacy becomes of greater concern. People are realizing
that with every credit card transaction, corporate databases are becoming larger and larger.
By using paper currency, people are able to exclude themselves from these databases.
Therefore, for e-cash to be effective, it must maintain this privacy function.
DigiCash claims it has developed a system that provides privacy for the user without
sacraficing security for the receiver. If a system is completely private, the merchant has no
way of verifying the validity of the electronic money. The user would also be unable to have a
receipt for the transaction. However, DigiCash utilizes a one-sided signiture. Basically, the
user keeps record of payments made, but the merchant only receives enough information to
allow his bank to verify the authenticity of the E-cash.
This signiture process is also suppose to deter the criminal element of cash transactions.
Since a record of the transaction is created and kept (by the payee), extortion, bribes, or
other illegal transactions should occur less frequently.

Debit card
A debit card (also known as a bank card or check card) is a plastic payment card that
provides the cardholder electronic access to their bank account(s) at a financial institution.
Some cards may bear a stored value with which a payment is made, while most relay a
message to the cardholder's bank to withdraw funds from a payer's designated bank account.
The card, where accepted, can be used instead of cash when making purchases. In some
cases, the primary account number is assigned exclusively for use on the Internet and there
is no physical card.

In many countries, the use of debit cards has become so widespread that their volume has
overtaken or entirely replaced chequesand, in some instances, cash transactions. The
development of debit cards, unlike credit cards and charge cards, has generally been country
specific resulting in a number of different systems around the world, which were often
incompatible. Since the mid-2000s, a number of initiatives have allowed debit cards issued in
one country to be used in other countries and allowed their use for internet and phone
purchases.
Unlike credit and charge cards, payments using a debit card are immediately transferred from
the cardholder's designated bank account, instead of them paying the money back at a later
date.
Debit cards usually also allow for instant withdrawal of cash, acting as the ATM card for
withdrawing cash. Merchants may also offercashback facilities to customers, where a
customer can withdraw cash along with their purchase

Credit card
A credit card is a payment card issued to users as a system of payment. It allows
the cardholder to pay for goods and services based on the holder's promise to pay for
them. The issuer of the card creates a revolving account and grants a line of credit to
the consumer (or the user) from which the user can borrow money for payment to
a merchant or as a cash advance to the user.
A credit card is different from a charge card: a charge card requires the balance to be paid in
full each month. In contrast, credit cards allow the consumers a continuing balance of debt,
subject to interest being charged. A credit card also differs from a cash card, which can be
used like currency by the owner of the card. A credit card differs from a charge card also in
that a credit card typically involves a third-party entity that pays the seller and is reimbursed
by the buyer, whereas a charge card simply defers payment by the buyer until a later date

Public-key cryptography
Public-key cryptography, also known as asymmetric cryptography, is a class
of cryptographic algorithms which requires two separate keys, one of which is secret (or private) and one of
which is public. Although different, the two parts of this key pair are mathematically linked. The public key is
used to encrypt plaintext or to verify a digital signature; whereas the private key is used to decrypt ciphertext or
to create a digital signature. The term "asymmetric" stems from the use of different keys to perform these
opposite functions, each the inverse of the other as contrasted with conventional ("symmetric") cryptography
which relies on the same key to perform both.
There are two main uses of public-key cryptography:

Public-key encryption, in which a message is encrypted with a recipient's public key. The message
cannot be decrypted by anyone who does not possess the matching private key, who is thus presumed to
be the owner of that key and the person associated with the public key. This is used in an attempt to
ensure confidentiality.
Digital signatures, in which a message is signed with the sender's private key and can be verified by anyone
who has access to the sender's public key. This verification proves that the sender had access to the private
key, and therefore is likely to be the person associated with the public key. This also ensures that the
message has not been tampered with, as any manipulation of the message will result in changes to the
encoded message digest, which otherwise remains unchanged between the sender and receiver.