Cyber Security Basics

Dr Benabderrezak
Researcher in Cyber Security
Full-stack Web developer 1
Cybersecurity

Is the technology and process designed to protect networks and devices from
attacks, damage, or unauthorized access

2
CIA Triad

The security of any organization starts with three principles: Confidentiality,

Integrity, and Availability

3
Confidentiality

- Only authorized parties can access sensitive information and functions

- Example : military secrets

4
Integrity

Only authorized people and means can alter, add, or remove informations

5
Availability

- The system must be available on demand

6
Basic Terminologies
1. Network
2. Internet
3. Internet Protocols
4. IP Address
5. MAC Address
6. Domain Name Server(DNS)
7. DHCP
8. Router
9. Bots
7
Network

- A network is a connection between two or more computers that communicate

8
Internet

Internet connects a computer to any other computer anywhere in the world via
dedicated routers and servers.

9
Internet Protocols

- Data that is transferred or received cannot follow any path

- A set of rules is followed to control the flow of the Internet
- These rules are called Internet protocol

10
IP Address

- An Internet Protocol address (IP address) is assigned to all devices that connect
to a computer network and use the Internet Protocol for communication.
- An IP address looks like this : 168.192.10.3

11
MAC Address

- Every device has a unique identification number that connects to the internet.

- Traditional MAC addresses are 12-digit hexadecimal numbers.

- MAC address looks like this : D8-FC-93-C5-A5-EO

12
Domain Name Server ( DNS )

- Consider DNS as the phonebook of the internet.

- All the IP addresses and the names of the links are saved in it.
- For example, you want to go to google.com
- You type this on your web application.
- Then, this name goes to the DNS server, and the DNS server finds the IP
address of google.com.
- Then, the DNS server returns it to your computer with the IP address.

13
14
DHCP

The dynamic host configuration protocol assigns an IP address to any device that wants to
connect to the Internet

15
Router

This device routes the data that comes to it and then sends it to the destination to
ensure that it is on the appropriate path

16
Bots : are computer programs that control your computer without your knowledge. They
automatically send emails, retrieve web pages, and change computer settings.

17
Common Types of Attacks

There are mainly five types of attacks:

1. Distributed denial of service(DDoS)

2. Man in the middle
3. Email attacks
4. Password attacks
5. Malware attack

18
Distributed Denial of Service

It is an attack used to restrict a user from accessing resources by flooding the traffic that is
used to access resources

19
Distributed Denial of Service

20
Man in the middle

21
Password Attack

We use this technique to crack or find a password. There are five types of password
attacks :

1. Dictionary attack
2. Brute force
3. Keylogger
4. Shoulder surfing
5. Rainbow table

22
Password Attack - Dictionary attack :

In this method, we handle every possible password through the dictionary.

23
Password Attack - Brute force :

This trial-and-error method decodes the password or data. This attack takes the
most time.

24
Password Attack - Keylogger :

- A keylogger records all keystrokes on a keyboard.

- Most hackers use keyloggers to get passwords and account details.

25
Password Attack - Shoulder surfing :

The attackers observe the user’s keyboard by looking over the user’s shoulder.

26
Password Attack - Rainbow table :

- Rainbow tables contain precomputed hash values.

- Attackers use these tables to find a user's password

27
Email Attacks

There are three types of email attacks :

1. Phishing
2. Spoofing
3. Email attachments

28
Email Attacks - Phishing :

- For example, you receive an email like this:

29
Email Attacks - Spoofing :

The attacker pretends to be another person or organization and sends you an email
stating it is legitimate.

30
Email Attacks - Email attachments :

- You can send files through emails.

- These files may be images, documents, audio, or videos.
- Attackers send you an email, and you are encouraged to open the attached file.

31
Malware Attack

Malware : This is a malicious program or software that disrupts or damages the

computer.

32
Malware Attack

33
Virus

- Is a malicious code that replicates by copying itself to another program or document

and changes how a computer works.

- The virus requires someone to knowingly or unknowingly spread the infection without

the knowledge or permission of a user or system administrator.

- An example of a virus is the Melissa virus

34
Worms

- These are standalone programs that run independently and infect systems.
- For example, W32.Alcra.F is a worm that propagates through network share
devices

35
Functions of Malware

- Overwhelming system resources

- Creating a backdoor

- Disabling security functions

- Creating botnets

36
Sources of Malware

- Removable media

- Documents and executable files

- Internet downloads

- Network connections

- Email attachments

- Malicious advertisements

37