E commerce

Presented By Humayun Khalid

E-Commerce

Security Issues

Threats and Challenges on the Internet


Threats and Challenges

• There are many ways of attacking a website, online software applications, and any online system that is connected to internet.

• Four basic ways of threats– Loss of data integrity– Loss of data privacy– Loss of service– Loss of control


Loss of data integrity• Information is created, modified, or deleted

• Example {HTML page coding changes}• Write the coding of html page

Loss of data privacy

• Information is made available to unauthorized persons. • Hacking


Hacking

• Hacking is unauthorized use of computer and network resources. (The term "hacker" originally meant a very gifted programmer (claver programmer). In recent years though, with easier access to multiple systems, it now has negative implications.)

White Hat Hackers


Hacking continue

• Sometime hacker gain full access of computer system and sometime don’t get full access but use DoS.

• Dos is denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer or network resource unavailable to its intended users.


DoS attack continue

• In DoS the hackers attacks the website and server components and damage the coding and access programming of the system due to this the program refuses to give access to authorized access.

• It creates financial loss and also system, softwares and databases loss for the organization


Ways of attacking

• One way is to monitor the communication b/w two persons. It is unsecure because the communication is done through text format, when one enter communication, the hacker change the text and creates conflicts b/w parties


Phishing • Phishing is a way of attempting to

acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.

Define phishing procedure

Hackers can change, delete and modified the information and the web server, owner and even the person or customer don’t know that which information is being changed.


Software theft • A biggest problem that the hackers can damage the softwares

coding contains on the data of customers, personal information and user name, login details, passwords etc.

Sniffing• Sniffing is a possibility to intercept the traffic on a network. • Text log remain active on internet• Hackers damage the output device e.g. monitor that show the

results by using remote assistance that is done by using these text logs files


Trojan Horse

• A Trojan horse, or Trojan, is software that appears to perform a desirable function for the user prior to run or install, but (perhaps in addition to the expected function) steals information or harms the system. The term is derived from the Trojan Horse story in Greek mythology.

• Trojan horse transfer the information from one system to another system, by this the hacker can use system remotely without any problem.


Spoofing Attack• In the context of network security,

a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.

• The hacker can take the control of the network through hacking of one system.– Network configuration is badly

affected by hacking. – IP address spoofing (control of IP

addresses)• IP1,IP2, IP3, IP4• Hackers attacks on the 1 IP and by using

administrative controls all IP’s


IP Spoofing

• Hacker destroy the information and also present false information to customers that create conflicts, problems for customers.

• Used by competitors to destroy the image and goodwill of the online business.

• So, keep you websites secure by purchasing the online security services such as VERISIGN, NORTON SYMANTEC,WATCHBOX, @SEC


Floppy hacking

• An old and know way• Hacker is easily locate

Bribe the Programmers

by offering the amount to get required information

Fake Website PagesHacker create a new page of the index page of the website and the link it up with a wrong webpage address, that create the problem for customers. Customer don’t get their orders and in case the firm’s sales decreases day by day, when it comes in the knowledge of owner , he surely loose its many potential customers. It is called DNS hacking


DNS hacking

• Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network.

• So just security provided systems should to be visible on the internet. (firewall)


Thanks….!

E commerce

Documents

spoofing attack

trojan horse

customer dont

humayun khalid

system

hacking

internet

dos