KS
Uploaded bykrishh sivakrishna
PPTX, PDF33,352 views

Types of cyber attacks

This document summarizes different types of cyber attacks. It describes web-based attacks like SQL injection, cross-site scripting, and denial of service attacks. It also outlines system-based attacks such as viruses, worms, and trojan horses. Additionally, it covers methods that can assist attacks, including spoofing, sniffing, and port scanning. The goal of the document is to provide an overview of common cyber attacks and threats that exist in the cyber world.

Technology
Related topics:
Cyber-Security
Downloaded 1,475 times
B Y G . V. S I VA K R I S H N A , E M P I D – E 1 1 4 1 Types of attacks in Cyber World
Contents  What is cyber security?  Types of cyber attacks  Web-based attacks  System-based attacks  Methods of assistance  Prevention
What is cyber security?  Cyber security is a practice which intends to protect computers, networks, programs and data from unintended or unauthorized access, change or destruction  Why Cyber Security?  Now-a-days everything is going on web  Major proportion of systems connected to internet (i.e, large inventory for intruders to attack)  That’s why cyber security became major concern in the world of computers over the past decade
Types of cyber attacks  Cyber attack is an illegal attempt to gain something from a computer system  These can be classified into  Web-based attacks  These are the attacks on a website or web application  System-based attacks  Attacks that are intended to compromise a computer or a computer network
Web-based attacks  Injection attacks  In this type of attacks, some data will be injected into a web applications to manipulate the application and get required information  Ex: SQL Injection, Code Injection, Log Injection, XML Injection etc.,  SQL injection (SQLi) is most common type of injection attack  In SQLi, customized string will be passed to web application further manipulating query interpreter and gaining access to unauthorized information  SQLi can be prevented upto some extent by proper validation of data and by enforcing least privilege principle
Web-based attacks  File inclusion attack  A file inclusion vulnerability allows an attacker to access unauthorized or sensitive files available on the web server or to execute malicious files on the web server by making use of the include functionality  It can be further classified into  Local file inclusion  Including local files available on the server  Remote file inclusion  Includes and executes malicious code on a remotely hosted file
Web-based attacks  Cross-Site Scripting (XSS)  This can be done by editing javascript in a webpage such that it will be executed in client browser  It can be classified into  Reflected XSS attack  Stored XSS attack  DOM-based XSS attack  DNS Spoofing  DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) resolver's cache, causing the name server to return an incorrect IP address, diverting traffic to the attacker's computer (or any other computer).
Web-based attacks  Denial of Service (DoS)  DoS attack is an attempt to make a server or network resource unavailable to users  This is generally done by flooding the server with communication requests  DoS uses single system and single internet connection to attack a server  Distributed Dos (DDoS) uses multiple systems and internet connections to flood a server with requests, making it harder to counteract  DoS can be classified into  Volume based attacks  goal is to saturate the bandwidth of the attacked site, and is measured in bits per second  Protocal attacks  consumes actual server resources, and is measured in packets per second  Application layer attacks  goal of these attacks is to crash the web server, and is measured in requests per second
Web-based attacks  Brute force  It is a trial and error method  Generates large number of guesses and validate them to obtain actual data (passwords in general)  Dictionary attack  Contains a list of commonly used passwords and validate them to get original password  Buffer overflow  occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold
Web-based attacks  Session hijacking  Web applications uses cookies to store state and details of user sessions  By stealing the cookies, and attacker can have access to all of user data  URL interpretation  By changing certain parts of a URL, one can make a web server to deliver web pages for which he is not authorized to browse  Social engineering  It is a non-technical method that relies heavily on human interaction and often involves tricking people into breaking normal security procedures
Web-based attacks  Man-in-the-middle attack  Attacker intercepts the connection between client and server and acts as a bridge between them  Attacker will be able to read, insert and modify the data in the intercepted communication  Phishing  Phishing is the attempt to acquire sensitive information, often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication  Spear phishing  It is a form of phishing, which targets specific organizations for confidential data  Whaling  In whaling, the targets are high-ranking bankers, executives or others in powerful positions or job titles
System-based attacks  Virus  A computer virus is a self-replicating malicious computer program that replicates by inserting copies of itself into other computer programs when executed  It can also execute instructions that cause harm to system  Worm  It works same as a computer virus  but it can spread into other systems in the network by exploiting the vulnerabilities automatically
System-based attacks  Trojan horse  It appears to be a normal application, but when opened/executed some malicious code will run in background  These are generally spread by some form of social engineering  Backdoors  Backdoor is a method of bypassing normal authentication process  The backdoor is written by the programmer who creates the code for the program  It is often only known by the programmer
System-based attacks  Bots  Bot is an automated process that interacts with other network services  Can be classified into  Spyware  Used to gather information of user without their knowledge  Ex: Keyloggers  Adware  Mainly used for promotions of products  Not so harmful
Methods to assist in cyberattacks  Spoofing  In spoofing, one person successfully impersonates as another by falsifying the data  Ex: IP spoofing, email spoofing etc.,  Sniffing  Sniffing a process of capturing and analyzing the traffic in a network  Port scanning  It is a method to probe a system for open ports  Intruder can exploit the vulnerabilities of open ports
References  http://phpsecurity.readthedocs.org/en/latest/Injection-Attacks.html  http://resources.infosecinstitute.com/file-inclusion-attacks/  https://www.incapsula.com/ddos/ddos-attacks/denial-of-service.html  http://searchsecurity.techtarget.com/definition/buffer-overflow  http://ccm.net/contents/31-url-manipulation-attacks  http://searchsecurity.techtarget.com/definition/social-engineering  https://www.blackhat.com/presentations/bh-asia-02/bh-asia-02-shah.pdf  http://www.cisco.com/web/about/security/intelligence/virus-worm-diffs.html
THANK YOU

More Related Content

PPTX
Network security (vulnerabilities, threats, and attacks)
byFabiha Shahzad
 
PPTX
Cyber attack
byManjushree Mashal
 
PDF
Cyber attacks
byAnuradha Moti T
 
PPTX
Cyber security ppt
byCH Asim Zubair
 
PPTX
Different types of attacks in internet
byRohan Bharadwaj
 
PPTX
Cyber security presentation
bysweetpeace1
 
PPTX
Cybersecurity 2 cyber attacks
bysommerville-videos
 
PDF
1. introduction to cyber security
byAnimesh Roy
 
Network security (vulnerabilities, threats, and attacks)
byFabiha Shahzad
 
Cyber attack
byManjushree Mashal
 
Cyber attacks
byAnuradha Moti T
 
Cyber security ppt
byCH Asim Zubair
 
Different types of attacks in internet
byRohan Bharadwaj
 
Cyber security presentation
bysweetpeace1
 
Cybersecurity 2 cyber attacks
bysommerville-videos
 
1. introduction to cyber security
byAnimesh Roy
 

What's hot

PPTX
Security threats
byQamar Farooq
 
PPTX
Cyber security
byManjushree Mashal
 
PPTX
Denial of service
bygarishma bhatia
 
PPTX
Cyber Security
byBhandari Hìmáñßhü
 
PPTX
Phishing ppt
byshindept123
 
PPTX
Cyber security
byDr. Kishor Nikam
 
PPTX
Cyber security
bySabir Raja
 
PPTX
Introduction to ethical hacking
byVikram Khanna
 
PPTX
INFORMATION SECURITY
byAhmed Moussa
 
PPTX
Types of Hacker
byMukund Kumar Bharti
 
PPTX
Firewall and its types and function
byNisarg Amin
 
PPTX
Cia security model
byImran Ahmed
 
PPT
Web Security
byBharath Manoharan
 
PPT
Network Security
byMAJU
 
PPTX
Network Security ppt
bySAIKAT BISWAS
 
PPTX
System hacking
byCAS
 
PPTX
Basic concepts in computer security
byArzath Areeff
 
PPTX
Network security
byMadhumithah Ilango
 
PPTX
Network Security
byManoj Singh
 
PDF
Cyber security and demonstration of security tools
byVicky Fernandes
 
Security threats
byQamar Farooq
 
Cyber security
byManjushree Mashal
 
Denial of service
bygarishma bhatia
 
Cyber Security
byBhandari Hìmáñßhü
 
Phishing ppt
byshindept123
 
Cyber security
byDr. Kishor Nikam
 
Cyber security
bySabir Raja
 
Introduction to ethical hacking
byVikram Khanna
 
INFORMATION SECURITY
byAhmed Moussa
 
Types of Hacker
byMukund Kumar Bharti
 
Firewall and its types and function
byNisarg Amin
 
Cia security model
byImran Ahmed
 
Web Security
byBharath Manoharan
 
Network Security
byMAJU
 
Network Security ppt
bySAIKAT BISWAS
 
System hacking
byCAS
 
Basic concepts in computer security
byArzath Areeff
 
Network security
byMadhumithah Ilango
 
Network Security
byManoj Singh
 
Cyber security and demonstration of security tools
byVicky Fernandes
 

Viewers also liked

PPT
Network Security Threats and Solutions
byColin058
 
PPTX
Cyber crime ppt
byMOE515253
 
PPT
Network Attacks
bySecurityTube.Net
 
PDF
Network Security & Attacks
byNetwax Lab
 
PPTX
Cyber pornograpghy (with special reference to child pornography)
bygunpreet kamboj
 
PPTX
ppt on child labour
byAditya Kumar
 
PPTX
ppt on child pornography and cyber crime
by008_Anuj
 
PDF
Cyber crime
byTushar Malhotra
 
PPTX
Child labour presentation
bySrinivas Viswanathan
 
PPTX
Child labour
byMSIT
 
PPT
Inventory control management
byaroramahesh
 
PPTX
selective inventory control
byHimani Chowhan
 
PPTX
Child labour
bySandy Rathore
 
PPT
Anti child pornography
byOmar Jacalne
 
PPTX
Child labour-child-labour-project
byJyotiprasanna Panigrahi
 
PPTX
presentation on child labour
byshahriar786
 
PPTX
PPT on Child labor
byMv Raam
 
PPTX
2013-12-06 Digital Forensics and Child Pornography
byFrederick Lane
 
Network Security Threats and Solutions
byColin058
 
Cyber crime ppt
byMOE515253
 
Network Attacks
bySecurityTube.Net
 
Network Security & Attacks
byNetwax Lab
 
Cyber pornograpghy (with special reference to child pornography)
bygunpreet kamboj
 
ppt on child labour
byAditya Kumar
 
ppt on child pornography and cyber crime
by008_Anuj
 
Cyber crime
byTushar Malhotra
 
Child labour presentation
bySrinivas Viswanathan
 
Child labour
byMSIT
 
Inventory control management
byaroramahesh
 
selective inventory control
byHimani Chowhan
 
Child labour
bySandy Rathore
 
Anti child pornography
byOmar Jacalne
 
Child labour-child-labour-project
byJyotiprasanna Panigrahi
 
presentation on child labour
byshahriar786
 
PPT on Child labor
byMv Raam
 
2013-12-06 Digital Forensics and Child Pornography
byFrederick Lane
 

Similar to Types of cyber attacks

PPTX
Types of Cyber Attacks
byRubal Sagwal
 
PPTX
CyberSecurity and Importance of cybersecurity
byHome
 
PPTX
Types of attacks in cyber security
byBansari Shah
 
PPT
Computer Security
byVaibhavi Patel
 
PDF
module 1 Cyber Security Concepts
bySitamarhi Institute of Technology
 
PPTX
Cyber.pptx
byMahalakshmiShetty3
 
PPTX
Computer security system Unit1.pptx
byVIRAJDEY1
 
PPTX
A Taken on Cyber Attacks - The Cyber Physical System.pptx
byanimeshdabral007
 
PPTX
3-types of attacks_Types of attacks.pptx
byAmandeepSohal4
 
PPTX
TYPES OF CYBER ATTACKS.pptx
byRohanMistry15
 
PDF
Module 1.pdf
bySitamarhi Institute of Technology
 
PPTX
Hacking by Pratyush Gupta
byTenet Systems Pvt Ltd
 
PDF
AuditSDFXCGVHNBMBGFDSFGHNBMBGFVCGVBNMBVCB.pdf
byAyushDeshmukh18
 
PPTX
Cyber Attacks and Defences - JNTUH,Cyber Attacks and Defences
byNiharikaGuptas
 
PPT
Hackers
byMohamed Boudchiche
 
PDF
Network security
bynafisarayhana1
 
PDF
Recent cyber Attacks
byS.M. Towhidul Islam
 
PPT
Computer Security
byVaibhavi Patel
 
PPTX
Unit 5.pptx
byRajanarayanan subramanian
 
PPTX
Ethical Hacking
byLalit Kumar
 
Types of Cyber Attacks
byRubal Sagwal
 
CyberSecurity and Importance of cybersecurity
byHome
 
Types of attacks in cyber security
byBansari Shah
 
Computer Security
byVaibhavi Patel
 
module 1 Cyber Security Concepts
bySitamarhi Institute of Technology
 
Cyber.pptx
byMahalakshmiShetty3
 
Computer security system Unit1.pptx
byVIRAJDEY1
 
A Taken on Cyber Attacks - The Cyber Physical System.pptx
byanimeshdabral007
 
3-types of attacks_Types of attacks.pptx
byAmandeepSohal4
 
TYPES OF CYBER ATTACKS.pptx
byRohanMistry15
 
Module 1.pdf
bySitamarhi Institute of Technology
 
Hacking by Pratyush Gupta
byTenet Systems Pvt Ltd
 
AuditSDFXCGVHNBMBGFDSFGHNBMBGFVCGVBNMBVCB.pdf
byAyushDeshmukh18
 
Cyber Attacks and Defences - JNTUH,Cyber Attacks and Defences
byNiharikaGuptas
 
Hackers
byMohamed Boudchiche
 
Network security
bynafisarayhana1
 
Recent cyber Attacks
byS.M. Towhidul Islam
 
Computer Security
byVaibhavi Patel
 
Unit 5.pptx
byRajanarayanan subramanian
 
Ethical Hacking
byLalit Kumar
 

Recently uploaded

PDF
CymruSec 2025 - Wales' Inaugural Cyber Summit
byRay Bugg
 
PDF
Airtable Building Semantic Search with Milvus
byZilliz
 
PPTX
Flutter for Beginners widgets types.pptx
byKongu Engineering College, Perundurai, Erode
 
PDF
Top 11 Sites to Buy Verified GitHub Accounts in 2025
byBuy GitHub Accounts Looking for a verified GitHub account?
 
PDF
Immer vorne mit dabei sein - Roaming leicht gemacht
bypanagenda
 
PDF
The End of the Missed Call - How AI Recaptures Lost Leads and Secures ROI
byiovox
 
PPTX
ScalaF: Functional Refactoring and Automated Code Transformations
byhelloshrikha
 
PPTX
Taming Time in PHP: Best Practices and Gotchas at Longhorn PHP 2025
byScott Keck-Warren
 
PDF
Morgenbooster: Navigating Ai Criticism with Systems Thinking
by1508 A/S
 
PDF
Energia Nowa and byteLAKE Partner to Develop Intelligent Services for Energy ...
bybyteLAKE
 
PPTX
xCapture v3: Efficient, Always-On Thread Level Observability with eBPF by Tan...
byScyllaDB
 
PDF
Transcript: Embedding sustainability: Tips for ebook and print production - T...
byBookNet Canada
 
PDF
STurbo M.C. Surge Prevention by CCC Company
byRobertWaters35
 
PDF
Memo No.3006141 dt.25.10.2025- SOP for Grant of Online Change Of Land Use
byRaghu Ram
 
PDF
Generation Data Sets - Unique, Useful... Understandable?.pdf
byPrecisely
 
PDF
The State of Adventure Capital - Grant Gregory | Cantos
byRazin Mustafiz
 
DOCX
Formula 2 - APIC HBEL general calculation.docx
byMarkus Janssen
 
PDF
G.O.RT.No. 1173_LRS Extension of time limit
byRAGHU RAM
 
DOCX
Formula 3 - MACO using general limit.docx
byMarkus Janssen
 
PDF
Ready, set, go: Pre-fall sales trends and data-driven insights - Tech Forum 2025
byBookNet Canada
 
CymruSec 2025 - Wales' Inaugural Cyber Summit
byRay Bugg
 
Airtable Building Semantic Search with Milvus
byZilliz
 
Flutter for Beginners widgets types.pptx
byKongu Engineering College, Perundurai, Erode
 
Top 11 Sites to Buy Verified GitHub Accounts in 2025
byBuy GitHub Accounts Looking for a verified GitHub account?
 
Immer vorne mit dabei sein - Roaming leicht gemacht
bypanagenda
 
The End of the Missed Call - How AI Recaptures Lost Leads and Secures ROI
byiovox
 
ScalaF: Functional Refactoring and Automated Code Transformations
byhelloshrikha
 
Taming Time in PHP: Best Practices and Gotchas at Longhorn PHP 2025
byScott Keck-Warren
 
Morgenbooster: Navigating Ai Criticism with Systems Thinking
by1508 A/S
 
Energia Nowa and byteLAKE Partner to Develop Intelligent Services for Energy ...
bybyteLAKE
 
xCapture v3: Efficient, Always-On Thread Level Observability with eBPF by Tan...
byScyllaDB
 
Transcript: Embedding sustainability: Tips for ebook and print production - T...
byBookNet Canada
 
STurbo M.C. Surge Prevention by CCC Company
byRobertWaters35
 
Memo No.3006141 dt.25.10.2025- SOP for Grant of Online Change Of Land Use
byRaghu Ram
 
Generation Data Sets - Unique, Useful... Understandable?.pdf
byPrecisely
 
The State of Adventure Capital - Grant Gregory | Cantos
byRazin Mustafiz
 
Formula 2 - APIC HBEL general calculation.docx
byMarkus Janssen
 
G.O.RT.No. 1173_LRS Extension of time limit
byRAGHU RAM
 
Formula 3 - MACO using general limit.docx
byMarkus Janssen
 
Ready, set, go: Pre-fall sales trends and data-driven insights - Tech Forum 2025
byBookNet Canada
 

Types of cyber attacks

  • 1.
    B Y G .V. S I VA K R I S H N A , E M P I D – E 1 1 4 1 Types of attacks in Cyber World
  • 2.
    Contents  What iscyber security?  Types of cyber attacks  Web-based attacks  System-based attacks  Methods of assistance  Prevention
  • 3.
    What is cybersecurity?  Cyber security is a practice which intends to protect computers, networks, programs and data from unintended or unauthorized access, change or destruction  Why Cyber Security?  Now-a-days everything is going on web  Major proportion of systems connected to internet (i.e, large inventory for intruders to attack)  That’s why cyber security became major concern in the world of computers over the past decade
  • 4.
    Types of cyberattacks  Cyber attack is an illegal attempt to gain something from a computer system  These can be classified into  Web-based attacks  These are the attacks on a website or web application  System-based attacks  Attacks that are intended to compromise a computer or a computer network
  • 5.
    Web-based attacks  Injectionattacks  In this type of attacks, some data will be injected into a web applications to manipulate the application and get required information  Ex: SQL Injection, Code Injection, Log Injection, XML Injection etc.,  SQL injection (SQLi) is most common type of injection attack  In SQLi, customized string will be passed to web application further manipulating query interpreter and gaining access to unauthorized information  SQLi can be prevented upto some extent by proper validation of data and by enforcing least privilege principle
  • 6.
    Web-based attacks  Fileinclusion attack  A file inclusion vulnerability allows an attacker to access unauthorized or sensitive files available on the web server or to execute malicious files on the web server by making use of the include functionality  It can be further classified into  Local file inclusion  Including local files available on the server  Remote file inclusion  Includes and executes malicious code on a remotely hosted file
  • 7.
    Web-based attacks  Cross-SiteScripting (XSS)  This can be done by editing javascript in a webpage such that it will be executed in client browser  It can be classified into  Reflected XSS attack  Stored XSS attack  DOM-based XSS attack  DNS Spoofing  DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) resolver's cache, causing the name server to return an incorrect IP address, diverting traffic to the attacker's computer (or any other computer).
  • 8.
    Web-based attacks  Denialof Service (DoS)  DoS attack is an attempt to make a server or network resource unavailable to users  This is generally done by flooding the server with communication requests  DoS uses single system and single internet connection to attack a server  Distributed Dos (DDoS) uses multiple systems and internet connections to flood a server with requests, making it harder to counteract  DoS can be classified into  Volume based attacks  goal is to saturate the bandwidth of the attacked site, and is measured in bits per second  Protocal attacks  consumes actual server resources, and is measured in packets per second  Application layer attacks  goal of these attacks is to crash the web server, and is measured in requests per second
  • 9.
    Web-based attacks  Bruteforce  It is a trial and error method  Generates large number of guesses and validate them to obtain actual data (passwords in general)  Dictionary attack  Contains a list of commonly used passwords and validate them to get original password  Buffer overflow  occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold
  • 10.
    Web-based attacks  Sessionhijacking  Web applications uses cookies to store state and details of user sessions  By stealing the cookies, and attacker can have access to all of user data  URL interpretation  By changing certain parts of a URL, one can make a web server to deliver web pages for which he is not authorized to browse  Social engineering  It is a non-technical method that relies heavily on human interaction and often involves tricking people into breaking normal security procedures
  • 11.
    Web-based attacks  Man-in-the-middleattack  Attacker intercepts the connection between client and server and acts as a bridge between them  Attacker will be able to read, insert and modify the data in the intercepted communication  Phishing  Phishing is the attempt to acquire sensitive information, often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication  Spear phishing  It is a form of phishing, which targets specific organizations for confidential data  Whaling  In whaling, the targets are high-ranking bankers, executives or others in powerful positions or job titles
  • 12.
    System-based attacks  Virus A computer virus is a self-replicating malicious computer program that replicates by inserting copies of itself into other computer programs when executed  It can also execute instructions that cause harm to system  Worm  It works same as a computer virus  but it can spread into other systems in the network by exploiting the vulnerabilities automatically
  • 13.
    System-based attacks  Trojanhorse  It appears to be a normal application, but when opened/executed some malicious code will run in background  These are generally spread by some form of social engineering  Backdoors  Backdoor is a method of bypassing normal authentication process  The backdoor is written by the programmer who creates the code for the program  It is often only known by the programmer
  • 14.
    System-based attacks  Bots Bot is an automated process that interacts with other network services  Can be classified into  Spyware  Used to gather information of user without their knowledge  Ex: Keyloggers  Adware  Mainly used for promotions of products  Not so harmful
  • 15.
    Methods to assistin cyberattacks  Spoofing  In spoofing, one person successfully impersonates as another by falsifying the data  Ex: IP spoofing, email spoofing etc.,  Sniffing  Sniffing a process of capturing and analyzing the traffic in a network  Port scanning  It is a method to probe a system for open ports  Intruder can exploit the vulnerabilities of open ports
  • 16.
    References  http://phpsecurity.readthedocs.org/en/latest/Injection-Attacks.html  http://resources.infosecinstitute.com/file-inclusion-attacks/ https://www.incapsula.com/ddos/ddos-attacks/denial-of-service.html  http://searchsecurity.techtarget.com/definition/buffer-overflow  http://ccm.net/contents/31-url-manipulation-attacks  http://searchsecurity.techtarget.com/definition/social-engineering  https://www.blackhat.com/presentations/bh-asia-02/bh-asia-02-shah.pdf  http://www.cisco.com/web/about/security/intelligence/virus-worm-diffs.html
  • 17.