Chapter 01

Cyber Security
Dr. Upendra Verma
Asst. Prof. , MPSTME Shirpur Campus,
SVKM’S NMIMS University
Course Design
Syllabus
Syllabus cont’d
Text Book
What is Cyber Security?
• Cyber security is the practice of defending computers, servers,
mobile devices, electronic systems, networks, and data from
malicious attacks.
• Domains of Cyber Security:
• Network security- Security measures for protecting a computer network from
intruders, including both wired and wireless (Wi-Fi) connections.
• Application security- Processes that help protect applications operating on-
premises and in the cloud.
• Security should be built into applications at the design stage.
• Information security- Data protection measures, such as the General Data
Protection Regulation or GDPR, that secure your most sensitive data from
unauthorized access, exposure, or theft.
Cyber Security cont’d
• We can not provide 100% security.

Gene Spafford, Professor and Executive

Director at Purdue University
Cyber Security cont’d
• 09th Oct. 2023 at Cyber Event in Kochi.
• India’s space agency ISRO is facing more
than 100 cyber-hacking attempts on a daily
basis, disclosed its chairman S. Somnath.
Challenges: Satellite is lauched in space with several
sets of software and hardware with designated life of
15 Years. But, after 15 years, many of them become
vulnerable as the technology becomes dated. Its easy
to upgrade mobile phone or OS by upgrading their OS
on regular basis. But its not possible to upgrade
software of a space satellite in space remotely. The
hardware of old generation satellites are vulnerable.
Basic Components of Computer
Security (CIA)
• Confidentiality, integrity, and availability, aka the
CIA triangle, is a security model created to guide
information security policies within a company.
• The three elements of CIA triangle—
confidentiality, integrity, and availability—are
considered the three most important components of
security.
• The CIA (Confidentiality, Integrity, and
Availability) triad is a well-known model for
security policy development.
• Confidentiality, integrity, and availability, often
known as the CIA triad, are the building blocks of
information security.
Confidentiality
• Confidentiality ensures that computer-related assets are accessed only by
authorized parties. That is, only those who should have access to
something will actually get that access. By "access," we mean not only
reading but also viewing, printing, or simply knowing that a particular asset
exists. Confidentiality is sometimes called secrecy or privacy.
• Ensures that sensitive information are accessed only by an authorized
person and kept away from those not authorized to possess them.
• Examples of confidential information:
• Bank account statements
• Personal information
• Credit card numbers
• Trade secrets
• Government documents
Ways to ensure confidentiality
Hint: Used in Gmail, Facebook, Instagram etc.
• Usernames and passwords
Hint: User by faculty members for authentication
• Two-factor authentication
• Biometric verification
• Data encryption
Integrity
• Integrity means that assets can be modified only by authorized
parties or only in authorized ways. In this context, modification
includes writing, changing, changing status, deleting, and creating.
• The information can be edited by authorized persons only and remains
in its original state when at rest.
• Integrity is implemented using security mechanism such as data
encryption, watermarking and hashing.
• Example: if someone sends a message “Hello”, then the receiver
must receive “Hello” That is, it must be exactly the same data as sent
by the sender. Any addition or subtraction of data during transit would
mean the integrity has been compromised.
Availability
• Availability means that assets are accessible to authorized parties at
appropriate times. In other words, if some person or system has legitimate
access to a particular set of objects, that access should not be prevented. For
this reason, availability is sometimes known by its opposite, denial of
service.
• Ensures that information and resources are available to those who need
them.
• Availability implies that information is available to the authorized parties
whenever required.
• Unavailability to data and systems can have serious consequences.
• It is implemented using methods such as hardware maintenance, software
patching and network optimization.
Relationship Between
Confidentiality, Integrity, and
Availability
Authentication
• Proof of identities.
• Username and password combination is the most popular
authentication mechanism
• Authentication categories:
• Something you know: This authentication factor requires a user to show that
they know something.
• For example: Password, PIN etc.
• Something you have: The user has to prove they have something
• For example: Smartphone, Smart card etc.
• Something you are: This authentication factor is based on a piece of
information that is in the user and is inherent to that user.
• For example: biometric characteristic like fingerprints or voice
Access Control
• Who can access what?
• Access control is a method of limiting access to a system.
• Basically access control is of 2 types:
• Physical Access Control:
• Physical access control restricts entry to campuses, buildings, rooms and physical IT
assets.
• Logical Access Control:
• Logical access control limits connections to computer networks, system files and data.
Authentication v/s Authorization
• Authentication and authorization are two vital information security
processes that administrators use to protect systems and information.
• Authentication verifies the identity of a user or service, and
authorization determines their access rights.
Non-repudiation
• Non-repudiation is a regulatory notion commonly used in
cybersecurity and refers to the service that confirms the origin and
integrity of data.
• It assures that “no party can deny sending or receiving a
communication” encryption and digital signatures.
• Non-repudiation provides evidence of data's origin, authenticity, and
integrity.
Vulnerabilities and Threat
Vulnerability and Threat
• A vulnerability is a weakness in the security system.
• For example, in procedures, design, or implementation, that might be
exploited to cause loss or harm. For instance, a particular system may be
vulnerable to unauthorized data manipulation because the system does not
verify a user's identity before allowing data access.
• A threat to a computing system is a set of circumstances that has the
potential to cause loss or harm.
Difference between Vulnerability
and Threat

Illustration of Figure:
Here, a wall is holding water back. The water to the left of the wall is a threat to the man on the right of
the wall: The water could rise, overflowing onto the man, or it could stay beneath the height of the wall,
causing the wall to collapse. So the threat of harm is the potential for the man to get wet, get hurt, or be
drowned. For now, the wall is intact, so the threat to the man is unrealized. We can see a small crack in
the wall a vulnerability that threatens the man's security. the water rises to or beyond the level of the
crack, it will exploit the vulnerability and harm the man.
System Security Threats
• Four kinds of threats: interception, interruption, modification, and
fabrication.
System Security Threats
• An interception means that some unauthorized party has gained
access to an asset.
• In an interruption, an asset of the system becomes lost, unavailable,
or unusable.
• If an unauthorized party not only accesses but tampers with an asset,
the threat is a modification.
• An unauthorized party might create a fabrication of counterfeit
objects on a computing system.
Vulnerability
• Hardware Vulnerabilities
• Software Vulnerabilities
• Data Vulnerabilities
Vulnerability
• Hardware Vulnerabilities:
• Hardware is more visible than software, largely because it is composed of physical
objects. Because we can see what devices are hooked to the system, it is rather simple
to attack by adding devices, changing them, removing them, intercepting the traffic to
them, or flooding them with traffic until they can no longer function.
• Software Vulnerabilities:
• Software can be replaced, changed, or destroyed maliciously, or it can be modified,
deleted, or misplaced accidentally. Whether intentional or not, these attacks exploit
the software's vulnerabilities.
• Data Vulnerabilities:
• A data attack is a more widespread and serious problem than either a hardware or
software attack.
• Data items have greater public value than hardware and software because more
people know how to use or interpret data.
Difference between Vulnerability
and Threat
• There are many threats to a computer system, including human-
initiated and computer-initiated ones. We have all experienced the
results of inadvertent human errors, hardware design flaws, and
software failures. But natural disasters are threats, too; they can bring
a system down when the computer room is flooded or the data center
collapses from an earthquake.
• A human who exploits a vulnerability perpetrates an attack on the
system.
• An attack can also be launched by another system, as when one system
sends an overwhelming set of messages to another, virtually shutting
down the second system's ability to function.
Risk
• Risk is defined as the potential for loss or damage when a threat
exploits a vulnerability.
• Examples of risk include:
• Financial losses
• Loss of privacy
• Damage to your reputation Rep
• Legal implications
• Even loss of life

Risk= Threat x Vulnerability

Hollywood at Risk
• In 2001, Hollywood specifically the motion picture industry was hit
with a series of attacks.
• Crackers entered computers and were able to obtain access to scripts
for new projects, and digital versions of films in production, including
Ocean's 11 at Warner Brothers and The One at Columbia Pictures.
• The attackers also retrieved and made public executives' e-mail
messages.
It is true of many computer security incidents, at least one attacker was an insider. Global
Network Security Services, a security consulting firm hired by several Hollywood companies
to test the security of their networks, found that an employee was copying the digital film,
taking it home, and allowing his roommate to post it to an Internet site.
Risk, Threat and Vulnerabilities
Difference between Threat and
Vulnerability
Attacks and Control
• A human who exploits a vulnerability perpetrates an attack on the
system.
• An attack can also be launched by another system, as when one system
sends an overwhelming set of messages to another, virtually shutting
down the second system's ability to function.

A threat is blocked by control of a vulnerability.