Use-Case of Blockchain in Cybercrime and Cyberattack

Use-Case of Blockchain in Cybercrime and Cyberattack

Karthika Veeramani (Sri Sivasubramaniya Nadar College of Engineering, India) and Suresh Jaganathan (Sri Sivasubramaniya Nadar College of Engineering, India)
Copyright: © 2021 |Pages: 19
DOI: 10.4018/978-1-7998-4900-1.ch009
OnDemand PDF Download:
Available
$29.50
Current Special Offers
No Current Special Offers
TOTAL SAVINGS: $29.50

Abstract

Cybercrime involves unlawful activities done by the individual in cyberspace using the internet. It is cyberbullying, financial theft, code-hack, cryptojacking, hacking, etc. The main difference between cybercrime and cyberattack is that cybercrime victims are humans. The crime associated with the latter is that of a computer network, hardware or software. Cyberattack activities include ransomware, viruses, worms, SQL injection, DDoS attacks, and government and corporate are potential targets. Cyber security provides a specialised approach to the protection of computer systems from cybercrimes and cyberattacks. As of now, no cyber defence is 100% safe. What is considered safe today may not be secure tomorrow. Blockchain enables a new way of recording transactions or any other digital interaction within the network with security, transparency, integrity, confidentiality, availability, and traceability. This chapter explains in detail about cyber risks and how blockchain can be used to avoid risks in financial and insurance frauds.
Chapter Preview
Top

Introduction

Cyber Crime (Broadhurst & Chang, 2012) makes use of digital technologies in committing a crime. In other words, the latest techniques with the application of internet access private data through unlawful activity and thereby doing a crime. It includes attacks on data center, child pornography, financial and e-Commerce data. Cybersecurity (Ahmad, 2019) prevents cybercrime with cryptographic techniques, virtual private networks(VPN) and firewall. VPN provides a means to access personal information over public network internet. Cybercrime broadly classified into three groups.

  • 1.

    Crime against individuals, such as Computer Vandalism, transmitting a virus, unauthorised access/control over a computer system (Chattopadhyay & Mitra, 2018, 2020), intellectual property thefts.

  • 2.

    Crime against an organisation, such as unauthorised access to its computer, cyber terrorism on the government, spreading illegal information (Chelliah et al., 2019) and usage of pirated software.

  • 3.

    Crime against society, such as uploading child pornography, indecent activities in the public places, sale of banned articles and gambling online.

Common Types of Cyberattacks

  • 1.

    Denial of service (DoS) and distributed denial of service (DDoS) attacks: These attacks overwhelm the system resources, thereby prevents it from servicing the request. It dramatically reduces the system ability to respond to the service request. Some of Dos and DDoS includes Transmission Control Protocol (TCP), synchronous (SYN) flooding or SYN attack, Ping-of-death attack (PoD) or long ICMP attack, Smurf attack, Botnets or bots and Teardrop attack.

  • 2.

    Man-in-the-middle attack: A malicious actor eavesdrops the conversation between sender and receiver and then access information that they are trying to send one another. The attacker sends and receives data meant for someone else without the sender and receiver knowing until it is too late. He works to fork the TCP connection into two connections, one is between the sender and attacker, and the other is between attacker and receiver.

    • a.

      IP spoofing attack: The attacker modifies the IP address field on a packet with a fake address instead of the sender's correct IP address.

    • b.

      Replay attack or playback attack: The attacker catches and preserves past communications, and then he attempts to repeat or delay it.

  • 3.

    Phishing attack: The attacker sends malicious emails pretending that it comes from the trusted source.

    • a.

      Spear phishing attack: It is similar to a phishing attack where an attacker uses email spoofing or cloned websites.

  • 4.

    Drive-by download attack: This attack installs spyware, adware, malware and even an unwanted program that are not of interest to the end-user.

  • 5.

    Password attack or password cracking: This attack aims to steal the user's password and relevant login credentials and also called a brute force attack or cracking.

  • 6.

    Structured Query Language (SQL) injection attack: Attacks on database-driven sites.

  • 7.

    Cross-site scripting (XSS) attack: This attack embeds malicious code into the script of a genuine website to get information of users in that site.

  • 8.

    Eavesdropping attack: Listens to others conversation by intercepting the communication link between them without being identified. There are two types of eavesdropping attack, namely passive and active.

  • 9.

    Birthday attacks: Cryptographic cyber-attacks that are done against hash algorithms used for verifying the integrity of a message.

  • 10.

    Malware attack: An unwanted software is being installed on the victim's computer without his/her consent. Though the effects of the malware may not be immediate, it ends in bringing harm to the victim's computer. Some malware includes macro virus, file injector virus, system infectors, stealth virus, polymorphic virus, trojan horse, ransomware, spyware and worm.

Complete Chapter List

Search this Book:
Reset