Cyber Security – Unit 1 Comprehensive Notes

Cyberspace: Definition & Core Idea

"Cyberspace" = the global, connected space that emerged from interconnected computers & devices.
Built on a set of rules called Transmission Control Protocol/Internet Protocol (TCP/IP).
- Includes all digital actions: e-mail, web browsing, social-media use, online gaming, etc.
- Short form: “A worldwide network of computers utilising $TCP/IP$ for communication and data exchange.”
Concept first popularised by William Gibson (first used $1984$ ); now means the same as “the Internet & other computer networks.”

Types of Computer Systems & Devices in Cyberspace

Traditional Computers
- Desktop PCs, laptops.
Mobile & Wireless Devices
- Mobile phones, PDAs, smartphones, tablets.
- Growth trends: Faster mobile Internet (like $3<br>\mathrm{G}$ , $4<br>\mathrm{G}$ ) means more ways for cyber-criminals to attack.
Network Devices
- Servers (web, application, database, DNS), routers, switches, firewalls.
- Responsible for traffic management, running services, protecting the network edge.

Architecture of Cyberspace (Nina Godbole – Three-Layer Model)

Physical / Infrastructure Layer

Components: physical equipment (computers, servers, routers), ways data travels (optical fibre, copper cable, wireless signals), and connections (satellites, mobile towers, underwater cables).
Function: the physical base that moves digital information; without it, no digital communication is possible.
Security focus: physical safety, preventing unauthorized changes, stopping signal interference or eavesdropping.

Logical / Network Layer

Components: rules ( $TCP/IP$ , $HTTP$ , $FTP$ ), internet addresses (IP addressing), and systems for directing traffic ( $DNS$ ).
Function: a set of rules and logic that lets devices work together and sends data packets efficiently; it connects the physical hardware to applications.
Security focus: protect against secretly watching data packets, faking identities, and 'man-in-the-middle' attacks; secure routers using firewalls and intrusion detection systems.

Cyber-Persona / Application–User Layer

Components: how users interact (browsers, mail clients, apps), digital proofs of identity (usernames, IPs, certs), and usage habits (log-ins, access history).
Function: where people interact; a main target for tricking people into revealing information (phishing) and manipulating them (social engineering).
Security focus: confirming identity and permissions, using $SSL/TLS$ for secure data, requiring multiple ways to prove identity, and analyzing how users behave.

Communication Technology (Channels & Attack Vectors)

E-Mail
- Common medium; used for tricky emails (phishing), unwanted messages (spam), and overwhelming email attacks (mail bombs).
- Investigation: examining email headers, connecting related information.
Mobile / Cell Phones
- Phone scams (vishing) and text message scams (smishing).
- Specialized field: mobile device investigation.
Instant Messaging & Chat Rooms
- Can help with online harassment and spreading harmful links.
Social Engineering
- Psychological manipulation to obtain confidential info or trigger risky action.
Important legal definitions (Indian IT Act $2000$ ): “communication device,” “computer resource,” “communication.”
Communication rules supporting everything: $TCP/IP$ , $UDP$ – key for network investigations.

Web Technology (Infrastructure, Services, Threats)

Internet & World Wide Web = backbone for global connectivity; key stage for cybercrime.
Websites & Web Servers
- Very important for information, business, and social connections.
- Dangers: changing a website's look, taking over a website without permission, creating fake websites for tricking users (spoofing), and stealing data.
Wireless Networks (Wi-Fi)
- Enable mobile Internet; weaknesses that can lead to unauthorized access and Wi-Fi scams.
Cloud Computing
- Internet-based delivery of compute/storage; dangers: data leaks between different users, meeting legal rules, and weaknesses in shared technology.
Proxy Servers & Anonymisers
- Hide real internet addresses (IPs) → privacy but also helps criminals hide.
Cookies
- Small text files stored by your browser: IDs, session information; they lead to discussions about privacy and tracking.

Internet vs World Wide Web

Internet
- A global network system; it uses $TCP/IP$ & $UDP$ rules; supports services like streaming music/videos, sharing files, instant messaging, and games.
- Always available ( $24/7$ ) ⇒ crimes possible from anywhere; leaves few physical fingerprints.
- Very important for mobile and wireless computing and investigations (e-mail, web history, phone data).
- Indian stats: India = $4^{\text{th}}$ ‐largest user base; $37\%$ of access via cyber-cafés; $57\%$ users aged $18$ – $35$ .
- Cybercrime reported under the IT Act rose $70\%$ from $2006$ → $2007$ .
World Wide Web (WWW)
- A software layer that sits on top of the Internet; allows “instant global sharing” at low cost.
- Provides “faceless” communication/some anonymity.
- Key for online business and electronic communication; a common place for web-specific attacks.

Advent & Phenomenal Growth of the Internet

Internet’s quick spread = “huge growth” of users + mobile devices.
An essential part of today's information systems; attackers learn its technology to take advantage of almost every way to commit cybercrime.
Smartphone evolution shows Internet “flourishing” in the mobile world.

Regulation of Cyberspace

National Acts
- Indian IT Act $2000$ (updated $2008$ ): electronic signatures, cybercrime violations, legal powers.
- Aspects of payment and settlement: Payment Settlement Act $2007$ ; Central Bank of India (RBI) rules for digital payments & responsibility for unauthorized transactions.
International Instruments
- Council of Europe Cybercrime Treaty $2001$ .
- EU privacy rules, US federal laws, Canadian anti-spam laws, etc.
Intellectual-Property Protections
- Copyright, patents, trademarks, trade secrets, domain names.
Best-Practice Guidelines
- “5P Mantra” for internet users: Prevention, Protection, Preservation, Perseverance, Privacy.
- Company security rules; managing mobile devices; teaching users about safety.
Following Rules for Cloud
- HIPAA, SOX, PCI-DSS, EU-GDPR/DPD: cloud service companies + clients must meet these standards.
Cybersecurity Certifications
- Offer a way to categorize and set standards for professionals.

Concept of Cyber Security

Mission: protect data, devices, software, communications from being accessed without permission, interrupted, changed, or destroyed.
Also covers the physical safety of information and communication technology (ICT) equipment.
Study area (based on the course outline “Cyber Security: Understanding Cyber Crimes, Computer Forensics & Legal Perspectives”):
- Understanding the types of threats; analyzing privacy and risks; knowing how attacks happen; protecting oneself and society.

Issues & Challenges in Cyber Security

Mobile-Device Security
- Many different types of devices; dangers: phone theft, harmful mobile software, text scams, phone call scams, Bluetooth hacking.
- Technical subjects: making sure log-in services are safe, secure coding tools, directory services, remote access, media-player controls, networking tools.
Legal Challenges (India)
- Missing parts in the IT Act concerning electronic signatures & new kinds of threats.
Computer Forensics Hurdles
- Understanding raw data formats; whether evidence can be used in court; concerns about privacy.
Diverse Cybercrime Methods
- Email attacks: faking sender identity, sending unwanted messages, overwhelming with messages.
- Changing data: small, sneaky changes to data, taking tiny amounts from many accounts (salami attacks), forging documents.
- Breaking into systems: unauthorized access, getting into networks, secretly observing passwords, intentional damage.
- Web-focused crimes: unauthorized website takeover, stealing computer time, unwanted messages in forums, online scams.
- Money/identity: credit-card scams, stealing someone's personal information.
- Stealing intellectual property: spying on businesses, illegally copying software.
- Content crimes: sharing illegal adult content online.
How criminals plan attacks
- Gathering information → checking for weaknesses → taking advantage of weaknesses (actively/passively) → keeping access.
Social Engineering & Cyberstalking
- Tricking people; ongoing online harassment problems.
Botnets
- A network of many hacked computers; hard to figure out who is behind them & shut them down.
Cloud-Computing Risks
- Shared online spaces, data leaks between different users, problems with where data is legally stored.
Common Attack Tools & Techniques
- Hiding identity: proxy servers, anonymizers.
- Stealing login details: tricky emails, guessing passwords.
- Harmful software: keyloggers, spyware, viruses, worms, Trojans, backdoors.
- Stopping services: overwhelming systems with traffic ( $DoS$ , $DDoS$ ).
- Software weaknesses: inserting malicious code into databases ( $SQL$ injection), overflowing memory buffers.
Wireless-Network Weaknesses
- Standard hacking methods plus Wi-Fi-based fraud.
Identity Theft Beyond Finance
- Many different aspects require wider protection.
Ways to fight investigations & Anti-Forensics
- Difficulty with evidence from social networks; attackers using tools to hide their tracks.
Company & Society Aspects
- Money loss, stealing intellectual property, dangers from the web, social-media risks, concerns about using cloud services.
- Need for educational programs, being ready to respond to incidents, and rules for safe computer use.

Take-Away Themes

Cyberspace is a global, always-on environment with many layers, offering huge benefits and also many chances for crime.
Effective cyber security combines technical protections, legal rules, company policies & user knowledge.
Ongoing development (mobile devices, cloud, IoT) increases both benefits and ways to attack – requiring flexible, complete defense plans.