Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

Cf&di Notes

Download as pdf or txt
Download as pdf or txt
You are on page 1of 16

NOTES:

1) The first recorded cybercrime took place in the year 1820.


2) Statute and Treaty law both refer to “Cybercrime”.

Cyber Crime Trend:

Source: The Hindu

Statistics related to Cybercrime:


Definitions:

Cyberspace It is a worldwide network of computer


networks that uses the TCP/IP for
communication to facilitate transmission and
exchange of data.

Cybercrime A crime committed using a computer and the


internet to steal a person’s identity or stalk
victims or disrupt operations with malevolent
programs.

Cybersquatting It is the act of registering a popular internet


address, usually a company name, with the
intent of selling it to the rightful owner.

Cyberpunk It is a fictional genre that explores the societal


and cultural implications of advanced
technology, often in a dystopian future.

Cyberwarfare It is a real-world concept involving the use of


digital tools and tactics in military operations,
often with the aim of gaining a strategic
advantage.

Cyberterrorism It is a premeditated, politically motivated


attack against information, computer systems
which result in violence against noncombatant
targets by sub national groups.

Types of Attacks:
1)Technocrime 1) A premeditated act against a system or
systems, with the internet to copy, steal,
prevent access, corrupt or otherwise damage
parts of or the complete computer system.
2)Techno Vandalism 2) Techno-vandalism occurs when
unauthorized access to a computer results in
damage to files or programs, not so much for
profit but for the challenge. In such cases, the
damage or loss may be intentional or
accidental.

Computer Crime Illegal activities committed using or targeting


computer systems and networks.

Computer Fraud Deceptive practices involving computers with


the intent to gain something of value.

Cybercriminals Individuals or groups who engage in illegal


activities using computer systems, networks,
or the internet.

Terrestrial Crime Criminal activities that occur on Earth's


surface, as opposed to activities in
cyberspace.

Intellectual Property crimes Offenses related to the unauthorized use,


reproduction, distribution, or infringement of
intellectual property, which includes creations
of the mind such as inventions, literary and
artistic works, designs, symbols, names, and
images.

E-mail spoofing A spoofed email is one that appears to


originate from one source but actually has
been sent from another source.

Spamming The unauthorized sending of unsolicited and


often irrelevant or inappropriate messages,
typically over the internet, email, or other
communication channels.

Cyberdefamation The act of making false statements or


spreading misleading information about an
individual or an organization through digital
means, with the intent to harm their
reputation.

Salami Attack A type of cyber attack where the perpetrator


makes small, often unnoticed, changes to
financial transactions or data, with the goal of
accumulating a substantial gain over time,
akin to slicing a salami into thin pieces.

Data Diddling It involves altering raw data just before it is


processed by a computer and the changing it
back after the processing is completed.

Forgery The creation, alteration, or imitation of


documents, signatures, or data with the intent
to deceive or defraud.

Web Jacking It occurs when someone forcefully takes


control of a website by cracking the password
and later changing it.

Phishing A cyber attack method in which attackers use


deceptive emails, messages, or websites to
trick individuals into revealing sensitive
information, such as usernames, passwords, or
financial details.

Spoofing The act of falsifying information to deceive


recipients or systems, often involving the
manipulation of data to make it appear as if it
comes from a trustworthy or legitimate
source.

Pharming A cyber attack that redirects website traffic


from legitimate websites to fraudulent ones
without the users' knowledge, aiming to
collect sensitive information or distribute
malware.

Internet Phishing This term is synonymous with traditional


phishing but emphasizes the use of the
internet as the primary medium for deceptive
tactics aimed at obtaining sensitive
information or compromising individuals'
security.

Wire transfer A wire transfer refers to an electronic transfer


of funds conducted over digital networks. The
process remains similar to traditional wire
transfers, but the transactions occur in the
virtual realm.

Defamation Defamation refers to the act of making false


statements about an individual or entity,
damaging their reputation. It involves
communication, whether spoken (slander) or
written (libel), that harms the reputation of the
subject.

Internet Time Theft Internet time theft involves employees using


company resources, particularly internet
access, for personal activities during working
hours without authorization.

Cybercriminals:
Individuals or groups who engage in illegal activities using computer systems, networks, or the
internet.

They are categorized into three groups:

Type 1- Hungry for recognition


Type 2- Not interested in recognition
Type 3- The insiders

Classification of Cybercrimes:

1. Cyber Crime against an individual


2. Cyber crime against property
3. Cyber crime against organization
4. Cybercrime against society
5. Crimes emanating from Usenet newsgroup

Terrestrial Crime:

Definition: Criminal activities that occur on Earth's surface, as opposed to activities in


cyberspace.
Scope: Encompasses a wide range of criminal offenses committed in physical spaces, including
cities, towns, and rural areas.

Examples: Theft, assault, robbery, burglary, murder, fraud, and other offenses that occur within
the physical boundaries of a jurisdiction.

Investigation: Handled by law enforcement agencies operating on the ground, such as police
departments and other local, state, or national authorities.

Legal Consequences: Perpetrators of terrestrial crime are subject to legal prosecution and may
face penalties such as fines, imprisonment, or other forms of punishment as determined by the
legal system.

Prevention: Community policing, surveillance, public awareness, and various law enforcement
strategies are employed to prevent and address terrestrial crime.

ITA 2000:

The Information Technology Act, 2000 (ITA 2000) is a comprehensive legislation in India that
addresses various legal aspects related to electronic commerce, digital signatures, cybercrime,
and the use of electronic records and digital signatures. Here are key points related to the ITA
2000:

Enactment: The Information Technology Act, 2000, was enacted on June 9, 2000, and came
into force on October 17, 2000.

Objective: The primary objective of the ITA 2000 is to provide legal recognition to electronic
transactions and facilitate e-governance by recognizing digital signatures and regulating cyber
activities.
Digital Signatures: The ITA 2000 recognizes digital signatures as legally valid and equivalent to
handwritten signatures. It establishes the Controller of Certifying Authorities (CCA) to regulate
and license Certifying Authorities (CAs) that issue digital signatures.

Offenses and Penalties: The Act defines various offenses related to computer systems, data, and
networks. It prescribes penalties for unauthorized access, data theft, cyber fraud, and other
cybercrimes.

Security Practices and Procedures: The ITA 2000 mandates the implementation of reasonable
security practices and procedures by entities handling sensitive personal data. Non-compliance
may result in legal consequences.

Cyber Appellate Tribunal: The Act establishes the Cyber Appellate Tribunal (now known as
the Cyber Appellate Tribunal or CAT) to hear appeals against orders issued by the Adjudicating
Officers under the Act.

Amendments: The Information Technology (Amendment) Act, 2008, introduced significant


amendments to the ITA 2000, including the addition of new offenses, enhanced penalties, and the
insertion of provisions related to data protection.

Adjudicating Officers: The Act empowers Adjudicating Officers to inquire into contraventions
of the Act and impose penalties. These officers are appointed by the Central Government.
Data Protection: While the ITA 2000 addresses

Data Theft Impacts:

Financial Loss: Companies may suffer significant financial losses due to stolen sensitive data,
including intellectual property, customer information, and financial records.

Reputation Damage: Data theft can lead to a loss of trust among customers and partners,
damaging a company's reputation and brand image.

Legal Consequences: Organizations may face legal action and regulatory penalties for failing to
protect sensitive information, especially if data protection laws are violated.

Operational Disruption: The loss of critical data can disrupt normal business operations,
leading to downtime and productivity issues.

Intellectual Property Risks: For businesses relying on proprietary information and intellectual
property, data theft can undermine competitive advantages.
Complications of Business Impact of Cybercrime:

Complex Investigations: Cybercrime investigations are often complex and time-consuming,


requiring specialized skills and resources to identify and apprehend perpetrators.

Regulatory Compliance: Businesses may face challenges in meeting evolving cybersecurity


regulations and compliance requirements, leading to potential legal consequences.

Crisis Management: Responding to a cybercrime incident requires effective crisis management


strategies to minimize damage and restore normal operations.
Recovery Costs: The costs associated with recovering from a cybercrime incident, including
cybersecurity measures, system repairs, and reputation management, can be substantial.

Supply Chain Disruptions: Cyberattacks on one business can have a cascading effect,
disrupting supply chains and affecting interconnected businesses.

Challenges:

Sophistication of Attacks: Cybercriminals continually develop advanced techniques, making it


challenging for businesses to defend against evolving threats.

Shortage of Cybersecurity Talent: There is a global shortage of skilled cybersecurity


professionals, making it difficult for organizations to build and maintain effective cybersecurity
teams.

Rapid Technological Changes: The fast-paced evolution of technology introduces new


vulnerabilities, and businesses struggle to keep up with securing emerging technologies.

Human Factor: Employee negligence or lack of awareness can contribute to security breaches,
emphasizing the need for ongoing cybersecurity education and training.

Global Nature of Cyber Threats: Cyber threats are not constrained by geographic borders, and
businesses must contend with threats from various locations, requiring international cooperation.

Network Misuse:

Unauthorized Access: Users or external actors gaining unauthorized access to a network can
misuse resources, compromise data integrity, and cause disruptions.

Insider Threats: Employees or trusted individuals within an organization may misuse network
privileges for malicious purposes, leading to data breaches or other security incidents.

Denial of Service (DoS) Attacks: Deliberate attempts to overload a network's resources, causing
service disruptions and impacting normal business operations.

Data Interception: Unauthorized interception of data during transmission can lead to the theft of
sensitive information, including financial data and customer details.

Resource Drain: Network misuse can lead to excessive use of bandwidth and computing
resources, affecting the performance of critical business systems.certain aspects of data
protection, subsequent developments in this area, including the Personal Data Protection Bill,
2019, aim to provide a more comprehensive framework for data protection in India.

Classification of Cybercrime: -

● Against Individual-

1. Phishing: Phishing is a cybercrime in which attackers use deceptive methods, often


through emails or fake websites, to trick individuals into revealing sensitive information.
2. Spamming: Spamming involves the bulk distribution of unsolicited and often irrelevant
messages, typically through email, for various purposes such as advertising or spreading
malware.
3. Computer Sabotage: Computer sabotage is the intentional act of damaging or
disrupting computer systems, networks, or data, with the goal of causing harm, chaos, or
achieving specific objectives.
4.Password Sniffing: Password sniffing refers to the unauthorized interception and
monitoring of network traffic to capture and collect plaintext passwords or authentication
credentials, allowing attackers to gain unauthorized access to user accounts and sensitive
information.

● Against Properties- This includes stealing mobile devices such as cell phones, laptops,
personal digital assistant and removable medias; transmitting harmful programs that can
disrupt functions of the systems and/or can wipe out data from hard disk and create the
malfunctioning of the attached devices in the system such as modem, CD drive etc.
● Against Organizations-Cyberterrorism is one of the distinct crimes against
organizations/government. Attackers(Individuals or groups of individuals) use computer
tools and the internet to usually terrorize the citizens of a particular country by stealing
the private information and also to damage the programs and files or plant programs to
get control of the network and system.
● Single event of cybercrime- It is a single event from the perspective of the victim. For
example, unknowingly open an attachment that may contain a virus that will infect the
system(PC/Laptop).This is known as hacking or fraud.
● Series of events- This involves the attacker interacting with the victims repetitively. For
example, attacker interacts with the victim on the phone and/or via chat rooms to
establish relationship first and then they exploit that relationship to commit the sexual
assault.
IPC 499: - In the context of Indian law, IPC 499 refers to Section 499 of the Indian Penal Code
(IPC). IPC 499 deals with the offense of defamation. Defamation is the act of making false
statements about someone with the intention of harming their reputation. Section 499 provides
the definition of defamation and lays out the elements that constitute the offense.

Cyber Crime in India Perspective:


In the past several years, many instances have been reported in India, where cybercafes are
known to be used for either real or false terrorist communication. Cybercrimes such as stealing
of bank passwords and subsequent fraudulent withdrawal of money have also happened through
cybercafes. Cybercafes have also been used regularly for sending obscene mails to harass people.
Public computers, usually referred to the systems available in cybercafes, hold two types of risk:
firstly we do not know what programs are installed on the computer-that is, risk of malicious
programs such as spyware or keyloggers. Second, over the shoulder peeping can enable others to
find out your passwords. Therefore, one has to be extremely careful about protecting his/her
privacy on such systems.
National Crime Record Bureau (NCRB):
The National Crime Records Bureau (NCRB) is an organization in India that functions under the
Ministry of Home Affairs. It serves as the nodal agency for the collection and analysis of crime
data, as well as the dissemination of crime statistics at the national and state levels. The NCRB
plays a crucial role in the maintenance of crime records and the development of information
systems related to criminal justice.

International Laws related to E-commerce: -

● UNCITRAL Model Law on Electronic Commerce-The United Nations Commission


on International Trade Law (UNCITRAL) has developed a Model Law on Electronic
Commerce. It provides a legal framework for the use of electronic communications in
contract formation and other aspects of e-commerce.
● International Trade Law (WTO)-International trade law encompasses a body of rules
governing the exchange of goods and services across borders. The World Trade
Organization (WTO) plays a central role in establishing and enforcing international trade
agreements.
● United Nations General Assembly Resolution on E-commerce-The United Nations
General Assembly may adopt resolutions related to e-commerce to provide guidance and
recommendations for member states on various aspects of electronic trade.
● Indian Information Technology Act, 2000-The Information Technology Act, 2000, is a
comprehensive law in India that addresses legal aspects of electronic commerce, digital
signatures, data protection, and cybercrimes.
Global Perspective: -

● Cybercrime Act 2001 (Australia)The Cybercrime Act 2001 is part of the broader legal
framework in Australia addressing cyber-related offenses. It has been amended over the
years to keep pace with technological advancements and emerging cyber threats.
● National Cybersecurity Strategy-A National Cybersecurity Strategy is a comprehensive
plan developed by a country to safeguard its cyberspace and protect critical infrastructure
from cyber threats. It outlines the government's goals, priorities, and measures to enhance
cybersecurity.
● Treaty Law in Cybersecurity-Treaty law refers to international agreements or treaties
that countries enter into to establish rules and norms governing their behavior in
cyberspace. These treaties aim to foster cooperation, address cyber threats, and promote
stability in the digital domain.

Email Spam Legislation:


Email spam legislation, also known as anti-spam legislation, is designed to regulate and control
the sending of unsolicited commercial emails, commonly referred to as spam. These laws aim to
protect individuals and organizations from the annoyance, potential harm, and security risks
associated with unwanted and often fraudulent email communications.
Anti Spam Legislation in 30 Countries (Examples):
● United States: CAN-SPAM Act
● European Union: General Data Protection Regulation (GDPR)
● Canada: CASL (Canada's Anti-Spam Legislation)
● Australia: Spam Act
● United Kingdom: Privacy and Electronic Communications Regulations
Note: Many countries have enacted their own specific laws to combat spam, with variations in
requirements and penalties.
Technical Solutions for ISPs and End Users:
Internet Service Providers (ISPs) and end users employ various technical solutions to mitigate
the impact of spam:
● Content Filtering: ISPs use content filtering mechanisms to identify and block emails
containing known spam content or characteristics.
● Bayesian Filtering: This statistical approach learns from users' behavior and identifies
probable spam based on patterns.
● Sender Policy Framework (SPF): SPF helps verify that incoming emails claiming to be
from a specific domain are legitimate.
● DomainKeys Identified Mail (DKIM): DKIM allows senders to digitally sign their
emails, verifying the authenticity of the sender.
● Greylisting: This technique temporarily rejects emails from unknown senders, as
legitimate mail servers usually attempt delivery again, while spammers often do not.
● User Education: Training end users to recognize and report spam, as well as avoid
clicking on suspicious links, helps reduce the risk of falling victim to phishing attacks.
● Use of CAPTCHA: Implementing CAPTCHA challenges during sign-ups or form
submissions can deter automated bots used by spammers.
● Spam Folders: End users can set up filters to automatically redirect suspected spam to
dedicated folders, reducing the chances of accidental exposure.
● Update and Patch Systems: Regularly updating email servers and client software helps
ensure that security vulnerabilities are addressed, preventing exploitation by spammers.
ITU International Telecommunication Union Survey on Cybersecurity:
The International Telecommunication Union (ITU) conducts surveys on cybersecurity to assess
the global landscape and challenges. These surveys help in understanding the evolving nature of
cyber threats, vulnerabilities, and the effectiveness of cybersecurity measures. They contribute to
the development of international strategies for addressing cyber risks and enhancing the overall
resilience of information and communication technologies.
Recent Developments:
Cybersecurity is a dynamic field, and recent developments include advancements in technology,
policy changes, and international cooperation:
● Emergence of AI in Cybersecurity: Artificial intelligence and machine learning
technologies are increasingly utilized for threat detection, risk analysis, and enhancing
the overall efficacy of cybersecurity measures.
● Rise of Ransomware Attacks: There has been a significant increase in ransomware
attacks, where malicious actors encrypt data and demand payment for its release. These
attacks target individuals, businesses, and even critical infrastructure.
● Focus on Critical Infrastructure Protection: Governments and organizations are
placing a heightened emphasis on protecting critical infrastructure, such as energy grids,
transportation systems, and healthcare facilities, from cyber threats.
● Shift to Zero Trust Security Model: The Zero Trust model, which assumes that no
entity, whether inside or outside the network, should be trusted by default, has gained
prominence as a security paradigm.
2006 Announcement - US Senate:
In 2006, the U.S. Senate made significant announcements regarding cybersecurity,
acknowledging the growing threat landscape and the need for comprehensive strategies to protect
the nation's critical assets. This led to increased funding, legislation, and initiatives aimed at
strengthening cybersecurity measures across government and private sectors.
ISP Wary About Drastic Obligations on Website Blocking - EU Banned Suspicious Websites:
In the European Union, there has been ongoing debate about the role of Internet Service
Providers (ISPs) in blocking suspicious websites. While there is a collective understanding about
the importance of combating cyber threats, ISPs express caution about overly burdensome
obligations that may impede their operations. The EU has, nevertheless, implemented measures
to ban websites suspected of engaging in malicious activities, reflecting the ongoing efforts to
enhance cybersecurity at a regional level.
COE CyberCrime Convention:
The Council of Europe (COE) Cybercrime Convention, also known as the Budapest Convention
on Cybercrime, is an international treaty aimed at addressing crimes committed via the internet
and other computer networks. It establishes a framework for cooperation among nations to
combat cybercrime, emphasizing the harmonization of legal approaches, the enhancement of
investigative capabilities, and the protection of human rights in the digital domain.
Cybersecurity and Extended Enterprise:
The concept of the extended enterprise in cybersecurity refers to the network of interconnected
entities beyond the traditional organizational boundaries. This includes third-party vendors,
suppliers, and partners. Protecting the extended enterprise involves securing not only internal
systems but also managing and mitigating risks associated with external relationships to ensure a
comprehensive cybersecurity posture.
National Crime Prevention Council:
The National Crime Prevention Council (NCPC) is a non-profit organization in the United States
dedicated to promoting crime prevention and safety. While not exclusively focused on
cybersecurity, the NCPC plays a role in educating the public about various forms of crime,
including cyber threats. It collaborates with law enforcement, government agencies, and
community organizations to develop and disseminate crime prevention strategies.
StopCyberbullying.org:
StopCyberbullying.org is a website and organization dedicated to raising awareness about the
dangers of cyberbullying and providing resources for prevention. The platform offers
information for parents, educators, and young people to address and combat cyberbullying
through education and advocacy.
Indian Computer Emergency Response Team (CERT-In):
CERT-In is the national agency in India responsible for responding to and mitigating
cybersecurity incidents. It operates under the Ministry of Electronics and Information
Technology (MeitY) and serves as the nodal agency for coordinating responses to cyber threats,
incidents, and vulnerabilities in the country.
Botnets Used for Spread Virus, Spam, DOS Attacks:
Botnets are networks of compromised computers controlled by malicious actors. They are often
used for various malicious activities, including:
Virus Spread: Botnets can be used to distribute and propagate computer viruses across a large
number of devices.
Spam Distribution: Malicious actors leverage botnets to send massive volumes of spam emails,
often for phishing or other fraudulent activities.
Distributed Denial of Service (DDoS) Attacks: Botnets can launch DDoS attacks by
overwhelming a target's servers or network infrastructure with a flood of traffic, causing service
disruption.
Attack Vector:
An attack vector is the pathway or means by which an attacker gains unauthorized access to a
computer system, network, or application. Attack vectors can include methods such as phishing
emails, malware, software vulnerabilities, or physical intrusion. Understanding and securing
against various attack vectors is crucial for effective cybersecurity.
Zero Day Emergency Response Team (ZERT):
ZERT, or Zero Day Emergency Response Team, focuses on addressing and mitigating the impact
of zero-day vulnerabilities. Zero-day vulnerabilities are software flaws that are exploited by
attackers before the software vendor releases a patch or fix. ZERT aims to provide rapid response
and solutions to protect users and systems from the exploitation of these vulnerabilities.
Quocirca Insight Report:
Quocirca is a research and analysis firm providing insights into various aspects of technology,
including cybersecurity. Their reports often cover trends, challenges, and best practices in the
rapidly evolving technology landscape.
PII - Personally Identifiable Information:
Personally Identifiable Information (PII) refers to any information that can be used to identify a
specific individual. This includes data such as names, addresses, social security numbers, and
other details. Protecting PII is a critical aspect of cybersecurity to prevent identity theft and
unauthorized access.
CDMA - Code Division Multiple Access:
Code Division Multiple Access (CDMA) is a digital cellular technology used in mobile
communication. It allows multiple users to share the same frequency band simultaneously by
assigning a unique code to each user. CDMA is a technology employed in 3G and 4G mobile
networks.
TDMA - Time Division Multiple Access:
Time Division Multiple Access (TDMA) is another digital cellular technology that divides a
frequency into time slots, allowing multiple users to share the same frequency by allocating
different time intervals for each user. TDMA is commonly associated with 2G mobile networks.
GSM - Global System for Mobile Communication:
GSM is a widely used standard for mobile communication. It is the technology behind 2G and
3G mobile networks and provides the foundation for many modern communication services.
GSM allows for voice and data transmission and enables features like text messaging (SMS).
Attacks on Mobile Devices - Push, Pull, Crash:
● Push Attacks: Malicious content or commands are pushed to a mobile device without
the user's consent, often exploiting vulnerabilities in applications or operating systems.
● Pull Attacks: Users are tricked into downloading malicious content, often disguised as
legitimate apps or files, which may lead to compromise and unauthorized access.
● Crash Attacks: Exploiting software vulnerabilities to intentionally crash a mobile
device, disrupting its normal operation.
DOS - Denial of Service:
Denial of Service (DoS) attacks aim to disrupt or limit access to a system, network, or service,
making it unavailable to its intended users. This can be achieved by overwhelming the target
with a flood of traffic or exploiting vulnerabilities to crash the system.
Traffic Analysis, Eavesdropping, Man-in-the-Middle, Hijacking:
● Traffic Analysis: The process of intercepting and examining communication patterns to
derive information, even if the actual content is encrypted.
● Eavesdropping: Unauthorized interception of private conversations or communications,
often without the knowledge of the parties involved.
● Man-in-the-Middle (MitM): An attack where an adversary intercepts and potentially
alters the communication between two parties without their knowledge.
● Hijacking: Unauthorized takeover of control or access to a system, network, or
communication channel.
Authentication Service Security:
Securing authentication services is crucial to prevent unauthorized access. This involves
protecting login credentials, implementing multi-factor authentication, and safeguarding the
authentication process to ensure the legitimate identity of users accessing systems or services.

Security Measures in WAP (Wireless Access Points):


● Encryption Protocols: Implement strong encryption protocols like WPA3 (Wi-Fi
Protected Access 3) to secure wireless communication between devices and the WAP.
● SSID (Service Set Identifier) Management: Change the default SSID to a unique name
to avoid easy identification. Disable broadcasting to make the network less visible.
● Password Protection: Set a strong and unique password for the WAP to prevent
unauthorized access. Avoid using default passwords.
● MAC Address Filtering: Restrict access by allowing only specific devices with known
MAC addresses to connect to the WAP.
● Regular Firmware Updates: Keep the WAP firmware up to date to patch known
vulnerabilities and enhance security features.

Security Measures in VPN (Virtual Private Network):


● Strong Encryption: Use robust encryption algorithms such as AES (Advanced
Encryption Standard) to secure data transmitted over the VPN.
● Authentication Protocols: Employ strong authentication methods, including
username-password combinations and two-factor authentication, to ensure only
authorized users can access the VPN.
● Tunneling Protocols: Implement secure tunneling protocols like IPSec (Internet Protocol
Security) to create a protected communication channel.
● Network Access Control: Enforce strict access control policies to allow only authorized
devices and users to connect to the VPN.
● Logging and Monitoring: Regularly monitor VPN traffic and maintain logs for security
analysis, helping to detect and respond to potential threats.

Cryptographic Security - Cryptographically Generated Address in IPv6:


● Cryptographically Generated Address (CGA): In IPv6, CGA is a mechanism that
involves cryptographic algorithms to generate addresses. This helps in verifying the
authenticity of the sender and protects against certain types of attacks.
● Public and Private Key Pair: CGA uses a public-private key pair to ensure that the IPv6
address is generated by the legitimate owner of the private key.
● Secure Neighbor Discovery (SEND): CGA is often associated with the Secure Neighbor
Discovery protocol in IPv6, providing enhanced security for address resolution and
neighbor discovery processes.
● Protection Against Address Spoofing: CGA helps prevent address spoofing attacks by
ensuring that the source of the IPv6 address is cryptographically verified.
● Enhanced Security for Stateless Address Autoconfiguration: CGA adds an additional
layer of security to the automatic configuration of IPv6 addresses without relying solely
on physical or link-layer characteristics.

You might also like