Cyber crime refers to criminal activity or criminal exploitation of the internet; it is an offence which is committed against individuals or group of individuals to cause mental or physical harm directly or indirectly with criminal intention. Some modern telecommunication networks: internet and mobile phones are used for such purposes. Internet includes: chat rooms, emails, notice boards and groups and mobile phones include: SMS/MMS.
Cyber crime threatens the nation’s security and financial health. As a result privacy and confidential information is lost. Threats include:
Malicious Code: A software or hardware is intentionally inserted in a system for a harmful purpose. Malicious code is referred as malware, which is nothing but an unwanted program which keeps running in the system such as: viruses and worms.
Network Attacks: An action to disrupt, deny, degrade or destroy information residing on a computer network. An attack can be in the form of fabrication, interception, interruption or modification.
Cyber crime primarily target networks or devices:
- Computer viruses
- Denial-of-service attacks
- Fraud and identity theft
- Phishing scams
Illegally accessing computer and damaging, modifying or deleting the data, results in cyber crime. Cyber countermeasure is an action or process to prevent the effects of a cyber attack against computer, network or device.
Intrusion Detection System:
An IDS is device or software application to monitor network or system activity for malicious activity and reports to management. An IDS is primarily focused on identifying incidents, log information, and reports attempts. IDS detect unwanted traffic on network by inspecting all inbound and outbound activity within the network and identify suspicious events which indicate network or system attack trying to break or compromise a system.
IDS record information related to observed events and notify administrator about events and produce reports. Some IDS detect threats and try to prevent it from succeeding. The risks involved in common vulnerabilities such as infected laptop; e-mail borne viruses are to be controlled, which is done using IDS.
IDS types are:
Network Intrusion Detection System (NIDS): identifies intrusions by examining network traffic. NIDS access network traffic by connecting to network hub, switch. NIDS examines live network packets and looks for signs of computer crime, network attacks, misuse and anomalies.
Host-based Intrusion Detection System (HIDS): examines real time suspicious application activity or malicious activity by checking system logs and by examining Key system files, software calls, local security policy, and local log audits. HIDS needs to be installed on each machine and requires specific configuration to that OS and software.
Stack-Based Intrusion Detection System (SIDS): is an evolution to the HIDS systems. This system examines the packets which pass through TCP/IP stack. This makes implementation to be dependent on OS being used.
Download Cyber Crime and Intrusion Detection System Project Report .