1

UNIT-1 CYBER SECURITY (BMC106)

MCA -1st Year

Introduction to Information System

• It is made up of two terms, namely, Information and System. Information can be
defined as a well-structured data with specific meaning, and a System is an
arrangement that takes input and provides output after completing the required
process. Thus information system is an arrangement that processes data and
provides meaningful information.
• An information system is a combination of hardware, software, data, people,
processes, networks that work together to collect, process, store, and distribute
information to support decision-making and achieve organizational goals.
• An Information System is a system that converts raw data into meaningful
information to support operations and management.
• An information system is defined as the software that helps organize and analyze
data.
• An information system (IS) is an interconnected set of components used to collect,
store, process and transmit data and digital information.
• An information system is a solution that helps gather, analyze, maintain,
and distribute data. It consists of hardware, software, and various networks.

Examples of Information System -

E-commerce sites, Enterprise Resource Planning (ERP), online banking systems,
Airline Reservation System, Social Media Platforms, Student Information system
etc.
2

Components of Information System

An Information System has two components:-
1. System Resources
2. System Activities
Information System Resources
An Information system consists of five major resources :
 People
 Hardware
 Software
 Data
 Network
 Information
• People:
 It refers to the human associated with an Information system. The
users of the system, who interact with it and provide input and
feedback.
• Hardware:
 It is the part of a physical component of an information system which
we can touch. Physical devices like computers, servers, and
networking equipment.
• Software:
 Refers to a set of programs and procedures of an IS. The programs
include OS and application software such as MS office.
 The programs and applications that process data and provide
functionality, such as databases and operating systems
• Data:
 Raw facts that are processed into meaningful information.
 Information systems work with data.
• Network:
 A network in information systems is a collection of interconnected
computers, devices, and communication technologies that allow users
to exchange data, information, and resources efficiently.
 Information –
 Information is processed, organized, or structured data that is
meaningful and useful for decision-making.

Information System Activities

3

• Information System involve a set of components that belong to a particular

activity. These components are as follows:-
 Input- It captures or collects raw data from within
the organization or from its external environment. It Involves
data entry activities such as recording and editing. Generally data is
entered into computer system.
 Data Storage- Involves maintaining and organizing records such as
details related to customers, employees and various other parties. Data
is stored in folders and hard disk.
 Processing converts this raw input into a meaningful form. It
involves those activities that are performed to process the data to
produce information .Procedures and rules that govern how data is
collected, processed, and used. For example – calculating, classifying
and summarizing.
 Output-It transfers the processed information to the people who will
use it or to the activities for which it will be used. It involves
communicating the processed information to the end users. For example
presenting sales performance of an organization in the form of videos
and reports.
 Control and system maintenance- It refers to the feedback at each
activity level to maintain the standard of performance and ensure the
flexibility of a system.

Types of Information System

 4

Information system supports all the different business operations in an organization. There
are three basic categories of IS
 Operation support Systems
 Knowledge based system
 Management support system

Operational Support Systems (OSS):

Information System has been supporting various business operations such as
accounting and production. Those systems that support some business
operations are grouped under operations support systems (OSS). There are
three main parts of OSS
 Transaction processing system (TPS):
It helps in processing various transactions and retrieving information
from them. Processing a transaction can be done in two ways batch
processing and real time processing. For Example:- retail stores the
cash receipts or card payments, ATM System, Online Shopping
 Process control system:
It helps in monitoring and controlling physical process in an
organization. This system helps in making day-to-day decisions and
controlling operational process. For Example- Traffic control system,
oil refinery control system, power plant control system, water
treatment system etc
5

 Enterprise Collaboration System: It helps in sharing information

among employees. A proper flow of information helps in increasing
the productivity of an organization. For example- E-mail , Microsoft
Teams, Google Docs, Google Drive, Google Meet etc.
Management Support Systems (MSS):
A management support system provides useful information to mangers for
decision making and control. The different types of MSS are as follows:
 Management Information System (MIS):
It provides information on various business aspects to managers. It
generates information for monitoring performance and maintaining
coordination. For Example- Sales report, Payroll report etc
 Decision Support System (DSS):
It supports managerial decision making. A Decision Support System
(DSS) is a computer-based information system that helps managers
and professionals make better decisions by analyzing large amounts of
data For Example- Business forecasting , Inventory Management,
Customer Relationship Management (CRM) , Financial Forecasting

 Executive Information System (EIS):

It provides critical information to the executive and top level
managers for making strategic decisions. It provides statistical
representation of information. For example:-Dashboard Showing
Overall company, Banking Finance, Healthcare etc
Knowledge Based Systems:
A Knowledge Based System provides information to users in different
business areas when required. The following are the two types of
Knowledge Based Systems:
o Expert System:
It provides adequate knowledge an expert advice for making various
managerial decisions. An expert system is composed of two main
components are knowledge base and software modules. Example-
Medical Diagnosis expert System.
o Knowledge Management System (KMS):
It provides knowledge and expertise for making various management
level decisions. For sharing knowledge KMS uses a group of
collaboration systems such as intranet. Example- Company intranet,
learning management systems (LMS), Content Management
system(CMS).
6

Development of Information System

• Development of Information Systems is similar to the
application development procedure.
• It can be developed using different approaches.
• The suitability of an approach depends upon the specific
input conditions, preference of approach and development objective.
• We can follow any of the different approach, based
on the requirements, for an effective Information System development.
• A system development process is set of activities, methods, best practices,
deliverables and automated tools that stakeholders use to develop and
maintain information system and software.
The main of IS Development approaches are listed below:
• Waterfall Model
• Prototyping Model
• Evolutionary Model
• Spiral Model
Waterfall Model
• Waterfall model is the basic model of system development.
• This model follows a flow of steps beginning from feasibility check up to
system maintenance in a sequence.
• This method is also called linear sequential model.
Steps in the waterfall methods:
 Technical and financial feasibility check about system development.
 Gathering knowledge about the required system and developing the
specifications needed. Converting the requirements and specifications
into a system model.
 Here designing is converted into code by coder. Ensuring that IS is
developed as it was required.
 Updating the system, if there is any kind of shortcomings.
7

– Feasibility Check: Technical and financial feasibility check

about system development.
– Requirement and Specification: Gathering knowledge about
the required system and developing the specifications needed.
– Design: Converting the requirement and specifications into a
system model.
– Coding: This process of designing a bridge between understanding
of the user and the system. This is also called programming.
– Testing: Ensuring that the system performance is according to
the user requirement.
– Maintenance: Changes in the system after testing or use to
correct the shortcomings or further requirement.
Waterfall Advantage
• Easy to understand, easy to use
• This model is suitable for the software development when requirements are
very much clear in the beginning.
• Waterfall model works well for smaller projects
• In this model phases are processed and completed one at a time. Phases do
not overlap.
Waterfall Disadvantage
• Work done in each phase cannot be changed
• High amounts of risk and uncertainty.
• Not a good model for complex & Object Oriented Project.
Prototyping Model
• Prototyping approach is an effort to improve the drawbacks
of the waterfall model.
8

• A prototype is similar to the model or blueprint of a system before the actual

development is done.
• This model first performs requirement analysis and
develops a prototype or blueprint of the whole development
process.
• This approach helps in understanding the shortcoming
before the actual design is built and implemented.
• The understanding of the shortcomings helps in system evaluation.
• Hence, any specification or further improvement can be done easily at much
lesser cost with the support of prototype software.
• After finalizing the prototype, the actual system building is done similar to
that in the waterfall method.
• This model helps in matching the client requirements for system
development, as any other suggestion can be easily incorporated in the
prototype.
• Also, any constraint in the system development process can also be
identified and improved.

Prototype Approach to System Development

9

Evolutionary Model
• Evolutionary model approaches to improve the classic waterfall model by
providing scope of feedback and improvement at every stage of the system
development.
• This model tries to develop a realistic view that clients can change the
requirements in the system at any stage of the system development.
• There is a scope of improvement in design and software.

Evolutionary approach to develop Information System

Spiral Model
• Spiral model is a further improvement in the system development.
• It is a combination of the features of the waterfall
and prototype models.
• This idea was given by Bohem, a computer professional.
• It is similar to evolutionary model.
• This model also adapts to repetitive improvement.
• The Spiral Model is a Software Development Life Cycle (SDLC) model that
provides a systematic and iterative approach to software development.
• In its diagrammatic representation, looks like a spiral with many loops. The
exact number of loops of the spiral is unknown and can vary from project to
project. Each loop of the spiral is called a Phase of the software development
process.
10

Figure: Spiral Model

Incremental Model
 Incremental Model approaches system development through various
incremental steps where every step tries to add more functions in
System development process.
 Each step of system development is a separate group of activities.
This model is also called continuous improvement model.
 In this model, each module goes through the requirements, design,
implementation and testing phases.
 Every subsequent release of the module adds function to the previous
release. The process continues until the complete system achieved.
11

SYSTEMS DEVELOPMENT LIFE CYCLE (SDLC)

• Systems development life cycle (SDLC)- a structured step-by-step approach
for developing information systems
• Typical activities include:
• Determining budgets
• Gathering business requirements
• Designing models
• Writing user documentation

System Development Life Cycle Phase

SL SDLC Phase Activities
1. Planning • Define the system to be
developed
• Develop the project plan
2. Analysis Gather business/technical requirements

3. Design • Design the technical architecture

• Design system models

4 Development / Implementation of • Build technical architecture

Design (Coding) • Build databases and programs

5. Testing • Write test conditions

• Perform testing

6. Implementation / Installation of • Write user documentation

Software • Provide training

7. Maintenance • Build a help desk

• Support system changes
12

System Development Life Cycle

Introduction to Information Security

• It refers to the protection of information.
• It is the process of securing, protecting and safeguarding the
information from an unauthorized access, use and modification.
• The password protection method is the basic level of security that can
be used for securing information.
• The main goal of information security is integrity, confidentiality and
availability.
13

The term “information security” means protecting information and

information systems from unauthorized access, use, disclosure, disruption,
modification, or destruction in order to provide:
• Integrity:- It refers to the accuracy of information or data. It means
guarding against improper information modification or destruction, and
includes ensuring information no repudiation, accuracy, and
authenticity.
• Confidentiality:- It refers to the process of securing information from
unauthorized access. It means preserving authorized restrictions on
access and disclosure, including a means for protecting personal privacy
and proprietary information.
• Availability:- It States that information must be available when it is
needed. It means ensuring timely and reliable access to, and use of,
information.
Need for Information Security
• To maintain proper security of information in an organization, we need to
apply certain measures, policies, and procedure so that no harm is caused
to the confidentiality, integrity and availability of organizational
information.
• These policies, procedures, and standards are included in a system called
Information Security Management System (ISMS), whose main goal is
to remove any possible loss or destruction of information. It ensures
information security over the network or multiple computer systems.

Benefits of Information Security Management System (ISMS)

• Helps to protect and secure information in an organization
because information is its vital resource.
• Maintain the security of the data and information.
• Protects and maintain confidentiality, integrity and availability of
information. An ISM is a standard of the International Organization
for Standardization (ISO).
• Encourages clients, including individuals and other organization, to invest
in an organization.
• Utilizes information and data more effectively and efficiently.
• Provides high level information security. An ISM cultivates sense of
responsibility and accountability in the employees of the
organization.
Threats to Information System
• A threat is a possible danger that might misuse drawbacks”.
• In IT, threat is an illegal activity that can cause damages such as loss
14

of information and data corruption to the network of an organization.

Types of Threats
• PHYSICAL THREAT: Physical threat to a computer system could be as a
result of loss of the whole computer system, Damage of hardware, Damage
to the computer software , Theft of the computer system
• Accidental threat: is an activity that occurs accidentally and its
occurrence is not dependent on any entity. It can occur due to exposure of
confidential information and unauthorized modification in information.
• Intentional threat: is an activity that is performed by an entity to
violate security of the computer system and network.
• MALICIOUS MISUSE : Any form of tampering of the computer system
which includes Trojan horses, viruses and any form of illegal alteration
of the computer system which also includes the generation of illegal codes
to alter the standard codes within the system can be termed as malicious
misuse.

What is Attack in Information System?

• An attack is an information security threat that involves an attempt to
obtain, alter, destroy, remove, reveal information without authorized
access or permission. A cyber attack is any malicious attempt to gain
unauthorized access to a computer, computing system or computer
network with the intent to cause damage . There are two types of
attacks over the internet, which are as follows:
• Passive Attack: Refers to the attack in which the attackers do not intent
to cause any harm to the network. It monitors, analyzes or observes the
information available over the network. Attacker do not alter the
message, he just reads the messages. Passive Attacks are the type of
attacks in which, The attacker observes the content of messages or copies
the content of messages. Passive Attack is a danger to Confidentiality.
Due to passive attack, there is no harm to the system. The most important
thing is that In a passive attack, Victim does not get informed about the
attack. Passive attacks are of 3 types:
• Brute force attack: Breaks the encryption of data by finding
the appropriate key.
• Algebraic attack: Refers to the type of attack in which you can
write cipher as a system equation. After writing a cipher, you can
read it by using a appropriate key.
• Code block attack: Refers to a technique for cryptanalysis. The
 15

attacker tries to build a code block in which he describes the

cipher text and its corresponding plain text.

• Active Attack: Refers to the attack in which the attacker is aware of

the attack. In active attack, the attacker tries to steal information from the
network. In addition, he creates, deletes, alter, modify and replace a message.
Active attacks are the type of attacks in which, The attacker efforts to change or
modify the content of messages. Active Attack is dangerous to Integrity as well
as availability. Due to active attack system is always damaged and System
resources can be changed. The most important thing is that, In an active attack,
Victim gets informed about the attack.

Information Assurance
• Information Assurance (IA) refers to the steps involved in protecting
information systems, like computer systems and networks. There are
commonly five terms associated with the definition of information
assurance: Integrity, Availability, Authentication, Confidentiality,
Non repudiation.
• Integrity involves making sure that an information system remains
unscathed and that no one has tampered with it. IA takes steps to maintain
integrity, such as having anti-virus software in place so that data will not
be altered or destroyed, and having policies in place so that users know
how to properly utilize their systems to minimize malicious code from
16

entering them.

• Availability is the facet of IA where information must be available for use

by those that are allowed to access it. Protecting the availability can
involve protecting against malicious code, hackers and any other threat that
could block access to the information system.
• Authentication involves ensuring that users are who they say they are.
Methods used for authentication are user names, passwords, biometrics,
tokens and other devices. Authentication is also used in other ways -- not
just for identifying users, but also for identifying devices and data
messages.
• IA involves keeping information confidential. This means that only those
authorized to view information are allowed access to it. Information needs
to be kept confidential. This is commonly found, for example, in the
military, where information is classified or only people with certain
clearance levels are allowed access to highly confidential information.
• The final pillar is non repudiation. This means that someone cannot
deny having completed an action because there will be proof that they did
it.
Information Assurance v/s Information Security
• Information assurance, which focuses on ensuring the availability,
integrity, authentication, confidentiality, and non-repudiation of
information and systems. These measures may include providing for
restoration of information systems by incorporating protection, detection,
and reaction capabilities.
• Information security, which centers on the protection of information and
information systems from unauthorized access, use, disclosure, disruption,
modification, or destruction in order to provide confidentiality, integrity,
and availability.
17

Displaying the Scope of Information Assurance

Non-repudiation is the assurance that someone cannot deny the validity of

something.
Non-repudiation refers to the ability to ensure that a party to a contract or a
communication must accept the authenticity of their signature on a document or
the sending of a message.

Three-Dimension Information Assurance model

18

• Information states consists of three states Stored, Processed and

Transmitted and Information is available in any of these three states and
can even co-exist in two different states.
• Security Services: Is an integral part of the Information Assurance model.
It consists of five different security services.
– Availability,
– Integrity
– Authentication
– Confidentiality
– Non-Repudiation.
• Security Countermeasures: Those protective activities required such as the
account of technology, operations and people to prevent espionage,
sabotage, theft, or unauthorized use of classified or controlled information,
systems, or material then the systems becomes vulnerable to the attacks.
Cyber security
• Cyber security is the protection of information and information
systems against the potential threats on the Internet. It is the ability to
protect yourself and your cyberspace (or the internet) from the attacks
caused through the internet.
• Cyberspace is a domain characterized by the use of electronics and the
electromagnetic spectrum to store, modify, and exchange data via
networked systems and associated physical infrastructures. In effect,
cyberspace can be thought of as the interconnection of human beings
through computers and telecommunication, without regard to physical
geography.
Difference between Cyber Security and Information Security
 19

• Cyber Security: securing information related to the use of the Internet.

• Information Security: means securing information and information
system
against all kinds of unauthorized access, use, disclosure, destruction, or
disruption.
• Security on the internet must involve information and information system,
but information and information systems not necessarily require
involvement of cyberspace. Cyber security therefore be considered as
a subset if information security.

Cyber Crimes
Cybercrime is illegal activity involving computers, the internet, or network devices..
Cybercrime involves any criminal activity conducted using digital technology. These
crimes involve the use of technology to commit fraud, identity theft, data breaches,
computer viruses, scams, and expanded upon in other malicious acts
Phishing and Scam:
Phishing is a type of social engineering attack that targets the user and tricks them by
sending fake messages and emails to get sensitive information about the user or trying to
download malicious software and exploit it on the target system.
Identity Theft
Identity theft occurs when a cybercriminal uses another person’s personal data like credit
card numbers or personal pictures without their permission to commit a fraud or a crime
Ransomware Attack
Ransomware attacks are a very common type of cybercrime. It is a type of malware that has
the capability to prevent users from accessing all of their personal data on the system by
encrypting them and then asking for a ransom in order to give access to the encrypted data.
 20

Hacking/Misusing Computer Networks

This term refers to the crime of unauthorized access to private computers or networks and
misuse of it either by shutting it down or tampering with the data stored or other illegal
approaches.
Internet Fraud
Internet fraud is a type of cybercrimes that makes use of the internet and it can be
considered a general term that groups all of the crimes that happen over the internet like
spam, banking frauds, theft of service, etc.
Cyber Bullying
It is also known as online or internet bullying. It includes sending or sharing harmful and
humiliating content about someone else which causes embarrassment and can be a reason
for the occurrence of psychological problems. It became very common lately, especially
among teenagers.
Cyber Stalking
This is a kind of online harassment wherein the victim is subjected to a barrage of online
messages and emails.
Software Piracy
Software piracy is the illegal use or copy of paid software with violation of copyrights or
license restrictions.
Social Media Frauds
The use of social media fake accounts to perform any kind of harmful activities like
impersonating other users or sending intimidating or threatening messages. And one of the
easiest and most common social media frauds is Email spam.
Electronic Money Laundering
Also known as transaction laundering. It is based on unknown companies or online business
that makes approvable payment methods and credit card transactions but with incomplete or
inconsistent payment information for buying unknown products.
Cyber Extortion
Cyber extortion is the demand for money by cybercriminals to give back some important
data they've stolen or stop doing malicious activities such as denial of service attacks.
Cyber Terrorism –
Cyber terrorism is the use of the computer and internet to perform violent acts that result in
loss of life. This may include different type of activities either by software or hardware for
threatening life of citizens.
Copyright violation: If anyone steals another person's copyrighted data, it is also a type
of computer crime.

Cybersquatting: Cybersquatting is a term, which is also referred to as domain squatting

and typo squatting that is used to set up a domain of another person or company and hold it
for resale at a premium price.
 21

Denial of Service attack: A DoS attack, which stands for denial of service attack, is a
kind of computer crime in which an attacker sends an abnormally
high number of requests to the victim that is led to the network slow down or fail.
Spoofing: Generally, the term spoof describes hacking or deception that means to
deceive a system by imitating another person, computer, hardware device.

Spamming: Spam is an e-mail distributed process that is used to promote a specific

product or a scam to obtain other people's money by sending unsolicited e-mail to thousands
and sometimes millions of people without their consent.

Computer Viruses
Most criminals take advantage of viruses to gain unauthorized access to systems and steal
important data.
Antivirus software:
is the most common Cyber security tool used in most personal PCs and offices. The
main functionality of antivirus software is to scan, detect and prevent any kids of
suspicious files and software. The Antivirus may prevent further attack by deleting the
infected file, isolating it or monitoring the Internet traffic.
 Firewalls: A firewall acts as a shield between your network and the world wide
web. It monitors the incoming and outgoing traffic from the system and prevents
the suspicious packets from entering/leaving the network.
The three kinds of Firewalls
• Network Layer Firewall: This type of firewall has a packet filter that
monitors the packets being sent and received. Then, it provides security by
accepting or rejecting these packets on the basis of predefined filtering
rules.
• Application Level Firewall: This firewall works for a specific
application and applies security mechanisms to prevent all unwanted
traffic over the network.
• Circuit Level Firewall: Also known as proxy servers, this firewall allows
only specific packets to enter the network and restrict all other packets
completely. It also protects the network by hiding the actual machine
address (IP address) over the Internet.
 22

Difference between Firewall and Anti Virus

Firewall Antivirus
Firewall is implemented in both Antivirus is implemented in software
hardware and software. only.
Firewall deals with external threats Antivirus deals with both external
only. threats and internal threats.
In firewall counter attacks are possible In antivirus no counter attacks are
such as IP Spoofing and routing possible after removing the malware.
attacks.
Firewall works on monitoring and Antivirus works on Scanning of
filtering. infected files and software.
Firewall checks the threat from Antivirus checks the threat from
incoming packets. malicious software.
Firewall saves the system from all Antivirus saves the system only from
kinds of threats to the system. viruses.
Firewall’s programming is complex Antivirus’s programming is simpler as
than antivirus. comparison to firewall.

Security Risk Analysis

Risk analysis is a method of identifying vulnerabilities and threat and
assessing the possible damage to determine where to implement security
safeguards.
Why Risk Analysis?
• To ensure that security is cost effective, relevant, timely, and responsive
to threat.
• To provide cost/benefit comparison, this compares the annualized cost
of safeguards to the potential cost of loss.
• Help integrate the security program objectives with the company’s
business objectives and requirements.
• To provide an economic balance between the impact of the threat and
the cost of the countermeasure.
The Risk Analysis Activities
• Identifying assets and their values.
• Identifying the vulnerabilities and threats.
• Analyze the risk-Two approaches:
– Quantitative Approach
– Qualitative Approach
23

• Selecting and Implementing a countermeasure

The common terminology that comes out from the process of Security Risk
Analysis is described as follows:
• Assets: Assets for an organization means everything that has some value
and needs to be safeguarded.
• Threats: are defined as potential actions actual actions having
the possibility of damaging the assets of an organization.
• Vulnerability: refers to some weaknesses or loopholes in securing
assets. Vulnerability exposes the assets of an organization to some
probably damage from threats.