phlashing ppt [autosaved]
TRANSCRIPT
-
8/2/2019 PHLASHING ppt [Autosaved]
1/21
PHLASHING BY:- AKANSHA RATHORE
-
8/2/2019 PHLASHING ppt [Autosaved]
2/21
CYBER CRIME activities done with criminal intent in cyberspace.
Types of cybercrimes :-
Unauthorized access denial of service attack
Virus , worms or trojan attacks
Web jacking
E-mail bombing
-
8/2/2019 PHLASHING ppt [Autosaved]
3/21
WHAT IS PHLASHING? Type of DOS attack
Also known as Permanent DOS
Exploits network enabled firmware updatesby using Fuzzy Tools.
-
8/2/2019 PHLASHING ppt [Autosaved]
4/21
DENIAL OF SERVICE ATTACKAlso known as distributed DOS
Carried out with large number of systems
Attacks a specific victim
Makes information unavailable to intended host
Example:- BOTNET
-
8/2/2019 PHLASHING ppt [Autosaved]
5/21
DIFFERENCE B/W DDOS AND PDOS PDOS is pure hardware targeted
Much faster
Requires fewer resources
Requires replacement of hardware
More effective and cheaper
-
8/2/2019 PHLASHING ppt [Autosaved]
6/21
HOW PDOS ATTACKS A SYSTEM? Electronic devices rely on firmware to run
Firmware needs to be updated periodically(flashing)
Poor security protocols
Replaces vulnerable devices firmware with modified ,corrupt or defective firmware image
-
8/2/2019 PHLASHING ppt [Autosaved]
7/21
CAUSES ? Large number of NEEDS across corporate/gov.
networks
NEEDS ignored during audits
Poor security updation
Lack of solutions
-
8/2/2019 PHLASHING ppt [Autosaved]
8/21
PHLASH DANCE is a generic fuzzing framework
Phlash Dance tool fuzzes binaries in firmware and thefirmwares update application protocol to cause aPDOS, and it detects PDOS weaknesses acrossmultiple embedded systems.
-
8/2/2019 PHLASHING ppt [Autosaved]
9/21
VARIOUS ACTS TO PREVENT
PHLASHING Computer Misuse Act
National Information infrastructure Protection Act1996
Information Technology Act 2000
http://4.bp.blogspot.com/-NmGnt0E38-4/Tx_fl1T39RI/AAAAAAAAANM/NBhoHPSi3-0/s1600/INDIA+IS+DESPERATE+TO+CONTROL+TECHNOLOGY.jpg -
8/2/2019 PHLASHING ppt [Autosaved]
10/21
COMPUTER MISUSE ACTConsists of laws such as:-
Fine of $30000 and imprisonment for 4 years for
unauthorized access and disclosing password
Fine of $20000 and imprisonment for 3 years for anydamage
-
8/2/2019 PHLASHING ppt [Autosaved]
11/21
NIIPA Enacted by U.S govt.
Consists of several subsections against:-Unauthorized access
Extraction of information
Bans accessing computers without permission
-
8/2/2019 PHLASHING ppt [Autosaved]
12/21
IT ACTS 2000 Accept files in digital format
Legalizes E-mails
Digital signature and records
E-governance
http://4.bp.blogspot.com/-AXFbTbuqTlw/TxEo7PWcBHI/AAAAAAAABb8/5lJfPLUafQY/s1600/CRIMINAL+TRIAL+AGAINST+FOREIGN+WEBSITES+IN+INDIA.jpg -
8/2/2019 PHLASHING ppt [Autosaved]
13/21
IT ACT 2000(CONT.) Internet services on license
Sets territorial jurisdiction of Adjudicating officersfor cyber crimes and cyber regulations
-
8/2/2019 PHLASHING ppt [Autosaved]
14/21
SOME CRIMES AND THEIR
SECTIONS Sending threatening message by email
S. 506
Forgery of electronic recordsS.465
Bogus websites, cyber frauds, phishing
S.420
Email spoofingS. 465, 419
-
8/2/2019 PHLASHING ppt [Autosaved]
15/21
DRAWBACKS OF IT ACT Doesnt talk about rights and liabilities of DNS holder
Electronic payment gateway
Internet is a borderless medium
Lacks implementation
http://1.bp.blogspot.com/-j17fyuCuMJE/TwPr2SfikQI/AAAAAAAABbk/aL5CvxuipBo/s1600/ELECTRONIC+BANKING+IN+INDIA+IS+NOT+SAFE+CYBER+SECURITY.jpg -
8/2/2019 PHLASHING ppt [Autosaved]
16/21
POSITIVE ASPECTS OF IT ACT Legal recognition of E-mails
E-commerce using legal infrastructure
Use of digital signatures
Statutory remedy for damage by compensation
-
8/2/2019 PHLASHING ppt [Autosaved]
17/21
GREY AREAS OF IT ACT 2000 E-Commerce based on domain names
Does not include cyber crimes such as cyber theft
Chat room abuse
Misuse of credit card numbers
implimentation
-
8/2/2019 PHLASHING ppt [Autosaved]
18/21
CONCLUSION The new legislation which can cover all the aspects of
the Cyber Crimes should be passed so the grey areas ofthe law can be removed.
The softwares are easily available for download shouldbe restricted by the Government by appropriate
actions.
-
8/2/2019 PHLASHING ppt [Autosaved]
19/21
FUTURE SCOPEIndian needs a goodtechno-legal expertiseto tackle the
growing menace of cyber crimes.
http://ptlbindia.blogspot.com/http://ptlbindia.blogspot.com/http://ptlbindia.blogspot.com/http://ptlbindia.blogspot.com/ -
8/2/2019 PHLASHING ppt [Autosaved]
20/21
REFERENCES1.http://arstechnica.com/security/news/2008/05/phlash
ing-attacks-could-render-network-hardware-useless.ars
2.http://www.darkreading.com/authentication/167901072/security/clientsecurity/211201088/permanent-denial-of-service-attack-sabotages-hardware.html
3.http://www.infosecwriters.com/text_resources/pdf/Defense_DDoS.pdf
-
8/2/2019 PHLASHING ppt [Autosaved]
21/21
THANK YOU
QUERIES??