Scribd
Upload
14 views

Web Security Reference

Uploaded by

Harini
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
14 views

Web Security Reference

Uploaded by

Harini
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 27

Web Security

Secure yourself on the web


What is Web Security?
• Almost everything relies on computers and
the Internet now:
• - Communication (email, cell phones)
• - Transportation (car engine systems, airplane
navigation)
• - Medicine (equipment, medical records)
• - Shopping (online stores, credit cards)
• - Entertainment (digital cable, MP3s)
Web Security (Contd...)
• Web Security, also known as 'Cybersecurity',
involves protecting information by preventing,
detecting, and responding to attacks.
What can Web users do?
• The first step in protecting yourself is to
recognize the risks and become familiar with
some of the terminology associated with
them.
Web Security: Terminologies
• Hacker: People who exploit weaknesses in
software and computer systems for personal
gain.
• Virus: Requires user action before infecting
your computer.
• Worm: Propagates without user intervention,
infecting other computers.
Web Security: Terminologies
(Contd...)
• Trojan Horse: Software that claims to be
something legitimate but does something
malicious.
• Ransomware: Encrypts files and demands
payment for decryption.
Keyloggers
• Keyloggers monitor and record user activity
such as keystrokes and mouse clicks.
• They can also take screenshots and track
movements on the screen.
Keylogger Prevention
• Use Anti-Spyware, firewalls, and automatic
form fillers.
• In public places, use on-screen keyboards to
avoid keylogging.
Firewalls
• Firewalls help regulate content and block
unwanted traffic.
Aspects of Data Security
• - Privacy: Keeping your information private.
• - Integrity: Ensuring information is not
changed.
• - Authenticity: Verifying the sender's identity.
Privacy
• Your personal details are valuable assets.
Businesses use data to target individuals more
effectively.
Integrity
• Maintaining data integrity is vital. Strong
encryption helps ensure that even if
intercepted, data is useless.
Authentication
• Digital signatures and Public/Private key
methods can authenticate message senders.
Authentication Example
• Most of us use webmail. PHP code can be
used to send email from a spoofed address.
Malicious Websites
• Preventive measures include using the latest
browser software, such as Internet Explorer
7+, Mozilla Firefox, or Opera.
SPAM
• SPAM is unsolicited email. Detection methods
include whitelisting, blacklisting, and
algorithm training.
419 Nigerian Scams
• Advance fee fraud scams involve users sending
money in hopes of receiving a larger prize.
Nigerian scammers will urge you to pay a
entry fee or tax something like that to receive
a large amount of fund you won in a lottery or
giveaway
Phishing
• Phishing involves tricking users into providing
their login details by imitating legitimate
websites.

Instead of Instagram.com they will use a a


different font which might look as same as the
alphabet g so when we look at the site
without suspicion we wont notice it and enter
our credentials
Denial of Service (DoS)
• A DoS attack aims to make a computer
resource unavailable. Distributed DoS (DDoS)
uses many computers to launch attacks.
Botnets
• Botnets are networks of compromised
computers controlled remotely for various
purposes, such as spam or DDoS attacks.
Botnet Case Study - STORM
BOTNET
• The Storm botnet used a Trojan horse spread
through email spam and compromised up to 1
million systems.
Further Action
• Take additional steps to protect yourself from
web security threats:
• - www.419eater.com
• - www.antiphishing.org
Botnet Attacks - Example 1
• Example: Cyber Assault on Estonia (May 2007)
• More than 1 million zombie computers were
used in a massive DDoS attack that shut down
email systems and online banking.
Botnet Attacks - Example 2
• Example: SlideShare DDoS Attack (April 2008)
• Attackers from China targeted SlideShare after
it hosted presentations related to corruption
in the Chinese government, causing the site to
go down for days.
Conclusion - Botnet Attacks
• Both examples illustrate the use of botnets as
attack vehicles in cyber warfare.
• Preventive measures include keeping systems
updated and avoiding malicious links.
Action Plan
• To avoid web security threats:
• - Use antivirus and anti-spyware tools
• - Be aware of scams and phishing attacks
• - Report SPAM
Closing Remarks
• Securing yourself on the web is a shared
responsibility. By staying informed and taking
action, we can mitigate the risks posed by
hackers, malware, and other threats.

You might also like