Showing Page:
1/39
1
Chapter One
1.0 Introduction
A survey on network cybercrime and security covers the analysis of using network tools to
explain cyber activity as well as a careful analysis and understanding different cybercrime fraud
today. Cybercrime is a major concern in the global community. The introduction, growth and
utilization of information and communication technologies have been accompanied by an increase
in criminal activities. Take a look at the cyberspace, the internet is frequently and increasingly
used as a means to commit or transact organized crime. (George corser 2003).
1.1 Background of the study
From business, industry, government to not-for-profit organizations, the internet has simplified
business processes such as sorting, summarizing, coding, editing, customized and generic report
generation in a real-time processing mode. However, it has also brought unintended consequences
such as criminal activities, spamming, credit card frauds, ATM frauds, phishing, identity theft and
a blossoming haven for cybercriminal miscreants to perpetrate their insidious acts. (Halder and
Jaishankar, 2011)
According to Saul 2007, a survey network cybercrime and security covers the analysis of using
network tools to explain cyber activities as well as a careful analysis and understanding different
cybercrime fraud today. Cybercrime is a major concern in the global community. The introduction
of growth and utilization of information and communication technologies have been accompanied
by an increase in criminal activities. Take a look at the cyber space the internet is frequently and
increasingly used as a means to commit or transact organized crime. (Saul, 2007)
Cybercrime is an obvious form of international crime with continual effects negatively on global
revolution in ICT. A recent study noticed that cybercrime differ from terrestrial crimes in four
Showing Page:
2/39
2
ways. “They are easy to learn how to commit, they can be committed in jurisdiction without being
physically present in it, they require few resources prior to the damage they caused, and they are
often not clearly illegal”. (Fortinet, 2009). On such a basis the new forms of cybercrime present
new challenges to the computer scientist, law makers, law enforcement agencies and international
institutions. Therefore, this makes it necessary for an effective super-natural as well as domestic
mechanism to watch the use of ICTs for criminal activities in cyber space. The advert and
development of networking technologies and the internet in particular has created a way to share
information across time and space while computer net has enhanced the quality of life in many
aspects, they have also opened a new avenue for criminal activities (Laura Ani, 2011).
These activities have spawned the concepts of cybercrime, which refers to illegal computer
mediated activities that can be conducted through global electronic networks such as the internet.
One predominant type of cybercrimes is distribution of illegal materials in the cyber space. Child
pornography materials, stolen properties etc. (Laura Ani, 2011).
These criminals used various channel to distribute illegal materials such as email, instant
messengers, internet chat room, and internet news groups. A common characteristics of these
channels is anonymity. People usually do not need to provide their real identity and information
to participate in these cyber activities. Compared to conventional cries, cybercrime conducted
through unknown channels imposed unique crime channels for law enforcement agencies (Laura
Ani, 2011).
The project is organized as follows: chapter two surveys and describe computer and internet related
crimes and selected methods to fight cybercrime fraud using VLAN, ACL and firewall, including
a detail research exercise on cybercrime. Chapter three describes research methodology i.e.
Research design, methods of data collection, population of the study, sample and sampling
Showing Page:
3/39
3
techniques and instrument for data collection. Chapter four deals with data presentation and
discussion and chapter five summarize the project and produce recommendations and conclusion.
1.2 Statement of the problem
Today cybercrime has been on an increase in every field ranging from governmental organization,
industries, corporate organization, government agency, education sector, private user etc. The
gracing danger for crimes committed against computers, or against information computers, has
claimed attention in national capitals. (Fatima 2013).
In most Countries around the world, existing laws are likely to be unenforceable against such
crimes. The lack of protection means that business and governments must rely solely on technical
measures to protect themselves from those who steal, deny access to or destroy information.
Headlines of cyber-attacks command our attention with increasing frequency.
According to the Computer Emergency Response Team Coordination Centre (CERT/CC), the
number of repeated incidences of security branches in the first three quarter of 2000 has risen by
54 percent over the total number of reported incidences in 1999. Moreover countless instances of
illegal access and damage around the world remain unreported, as well as victims are exposure to
vulnerability, the potential for copycat crimes and the loss of public confidence. (William Gibson).
In Nigeria the rise of cybercrime popularly known as yahoo-yahoo (internet scamming) has
increased in an alarming rate. This would increase the level of awareness about cybercrime and
the challenges of how computer scientist can solve cybercrime. (Ehimen and Okonigene, 2009)
1.3 Research questions
1- How can unauthorized access to a network be protected?
2- what are the challenges of cybercrime on cashless systems?
Showing Page:
4/39
4
3- How can internet users be protected from virus and spyware?
4- How does the awareness about the havoe of cybercrime be created to the internet users?
1.4 Aims and objectives
1. To prevent unauthorized access into a network using extended access list
(EX.ACL).
2. To ensure data security and integrity.
3. To protect users from virus and spyware.
1.5 Significance of the study
Due to the prevailing insecurity associated with the advent of the internet in 1999, cyber-crime
has been on the increase exponentially which has brought the attention of the world leaders to the
fight against cyber theft. This alarming rate of cybercrime has led to the adoption of anti-
cybercrime laid on us of which is called the PATRIOT.
1.6 Scope and limitation of the study
This project is limited to detailed analysis of cybercrimes a large study on the internet network
and then the nature of cybercrime violation and to fight cybercrime.
1.7 Definition of some terms
These definitions are in the context in which words will be used in this research work:
Cybercrime: It is define as offences that are committed against individuals or group of
individuals with a criminal motive to intentionally harm the reputation of the victim
directly. Or indirectly using modern telecommunication networks such as internet (chat
rooms, emails, notice boards and groups) and mobile phones (SMS/MMS).
Showing Page:
5/39
5
Cyber security: This is the protection of systems, networks and data in cyber space.
Cyber space: It is a domain characterized by the use of electronics and the electromagnetic
spectrum to store, modify and exchange data via networked systems and associated
physical infrastructures.
VLAN: Virtual local area network is any broadcast domain that is partitioned and isolated
in a computer network at the link layer (OSI 2).
ACL (ACCESS CONTROL LIST): ACL typically reside on routers to determine which
device is allowed to access them based on the requesting Internet Protocol (IP) address.
Access control is a technique for limiting access.
Showing Page:
6/39
6
2.1 Introduction
Chapter Two
Literature Review
In examining cybercrime, the various types of cybercrime fraud are enumerated and explained,
these cybercrime activities disturb communication through the internet. Rating information from
a source to destination (data delivery and used to video, email) are disrupted and used to commit
serious havoc and denying the free flow of internet network service on the super highway. (Ehimen
and Okonigene, 2009).
To create communication between cyber network and combat cybercrime a VLAN is used.
Common varieties of cybercrime used for causing havoc and fraud are: Hacking, denial of service,
software piracy, credit card fraud, net extortion, virus dissemination, spoofing, phishing, salami,
threatening, and identity theft. (Ehimen and Okonigene, 2009).
2.1.1 Identity Theft
The term identify theft is neither consistently defined nor consistently used. It describes criminal
acts where the perpetrator fraudulently obtains and uses another person’s identity. These acts can
be carried out without the help of technical means, as well as online by using internet
technology. (Marco, 2007)
2.1.2 Software Piracy
Illegal copying and production of genuine programs or theft of software. The counterfeiting and
distribution of products intended to pass for the originals. (Ifrah, 2008)
Showing Page:
7/39
7
2.1.3 Phishing
Phishing is an act of sending an e-mail to a user falsely claiming to be an established legitimate
enterprise in order to scam the user into surrendering private information that will be used for
identity theft. (Ifrah, 2008)
2.1.4 Credit Card Fraud
The act of using credit card number in webpage of the vendor for online transaction. If electronic
transaction are not secured the credit card numbers can be stolen by hackers who can misuse the
card by impersonating the credit card owner. (Ford and Gordon 2006).
2.1.5 Cyber Defamation
The criminal sends emails containing defamatory statements to all concerned of the victim or post
defamatory matters on a websites (e.g. nude pictures of the victims, disgruntled employee against
boss etc.). (Ford and Gordon 2006).
2.1.6 Spoofing
Getting one computer on a network to pretend to have the identify of another computer, usually
one with special access privileges, so as to obtain access to the computer on the network. (Ifrah,
2008)
2.1.7 Threatening
The criminal sends threatening emails or comes in contact in chat rooms with victim. (Any one
disgruntled may do these against boss, friend or official). (Ford and Gordon 2006).
2.1.8 Cyber harassment
Is electronically and intentionally carrying out threatening acts against individuals. Such acts
include cyber-stalking.
Showing Page:
8/39
8
2.1.9 Website Cloning
One recent trend in cyber-crime is the emergence of fake ‘copy-cat’ web sites that take advantage
of consumers what are unfamiliar with the Internet or who do not know the exact web address of
the legitimate company that they wish to visit. The consumer, believing that they are entering
credit details in order to purchase goods from the intended company, is instead unwittingly
entering details into a fraudster’s personal database. The fraudster is then able to make use of this
information at a later stage, either for his own purposes or to sell onto others interested in
perpetrating credit card fraud. (Anderson Ross, 2012)
2.1.10 Hacking
Hackers make use of the weaknesses and loop holes in operating systems to destroy data and steal
important information from victim's computer. It is normally done through the use of a backdoor
program installed on your machine. A lot of hackers also try to gain access to resources through
the use of password hacking software. Hackers can also monitor what u do on your computer and
can also import files on your computer. (Anderson Ross, 2012)
2.2 Overview of cyber-crime and cyber-security
As technology has developed so have also the definitions of cyberspace, cyber security and
cybercrimes. It has been argued that since computer crime may involve all categories of crimes, a
definition must emphasize the particularity, the knowledge or the use of computer technology.
Cyber-space refers to the boundless space known as the internet. It refers to the interdependent
network of information technology components that underpin many of our communications
technologies in place today. (Todd Lammle, 2007)
Cyber security is the collection of tools, policies, security concepts, security safeguards,
guidelines, risk management approaches, actions, training, best practices, assurance and
technologies that can be used to protect the cyber environment and organization and user’s assets.
Showing Page:
9/39
9
Organization and user’s assets include connected computing devices, personnel, infrastructure,
applications, services, telecommunications systems, and the totality of transmitted and/or stored
information in the cyber environment. Cyber security strives to ensure the attainment and
maintenance of the security properties of the organization and user’s assets against relevant
security risks in the cyber environment. Cyber-security is the body of technology, processes and
practices designed to protect networks, computers, programs and data from attacks, damage, or
authorized access. In the computing or cyber context, the word security simply implies Cyber
security. (Todd Lammle,2007)
Cyber-crime refers to the series of organized crime attacking both cyber space and cyber security.
Sophisticated cyber criminals and nation-states, among others, present risks to our economy and
national security. Nigeria’s economic vitality and national security depend on a vast array of
interdependent and critical networks, systems, services, and resources known as cyberspace. Cyber
-space has transformed the ways we communicate, travel, power our homes, run our economy, and
obtains government services. (Brett Meador, 2008)
2.3 Fundamental of cyber network
In order to understand the threats posed by cyber network fraud. One needs to understand the
concept of network topology and simple design features process need be understood. Cyber
networking enables sharing of hardware and software tools, communication e.g. emails and other
internet services. (Cisco systems, 2007)
2.4 Network
A network is defined as a group of two or more computers systems linked together for the purpose
of sharing data/information.
2.5 Types of network
They are as follows:
Showing Page:
10/39
10
I.
Point-to-point.
II.
Local area network (LAN).
III.
Metropolitan area network (MAN).
IV.
Wide area network (WAN).
2.5.1 Point to Point
This type of network is majorly used to inter connect two computers, the computers output
electrical signals directly through the serial port. The data can be passed directly through the
communication medium to the other computer of the distance is small (Less than 100 meters).
(Cisco systems, 2007)
2.5.2 Local Area Network (LAN)
A LAN is a local area network that has small collection of computer of devices in a small
geographic area of less than kilometers and very fast in data transfer. Depending on technology
implementation a LAN can be simple as two PCs and a printer get connected in a small office or
it can extend throughout an organization and include multimedia (Text, voice, video) data
transfers. The LAN’s may be configured in many ways. (Cisco systems, 2007)
2.5.3 Metropolitan Area Network (MAN)
The metropolitan area network is designed to cover an entire city. It can be a single network such
as cable TV or a number of LAN’s connected together within a city to form a MAN, privately laid
cables or public teased lines may be used to form such network. For instance a business
organization may choose MAN to interconnect all its branches within the city. (Cisco systems,
2007)
Showing Page:
11/39
11
2.5.4 Wide Area Network (WAN)
A wide area network relatively covers broad geographic area, often a country or continent. It
contains a collection of machines intended for running user programs, these machines is called
host. (Laurence Ifrah, 2008)
The hosts are connected by subnet, the purpose of subnet is to carry messages from host to host.
The subnets include transmission facilities, switching elements and routers provided by common
agencies such as telephone companies. Nowadays routers with satellite links are also becoming
port of the WAN subnets. All these machines provide long distance transmission of data, voice
image and video information unlike LAN which depend on their own hardware for transmission,
WAN may utilize public, leased, or private communication devices when it come across and
therefore span an unlimited number of kilometers. A network device called router connects LANs
to WAN. (Laurence Ifrah, 2008)
2.6 VLAN
A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer
network at the data link layer (OSI layer 2). LAN is the abbreviation for local area network and
in this context virtual refers to a physical object recreated and altered by additional logic. VLANs
work by applying tags to network packets and handling these tags in networking systems creating
the appearance and functionality of network traffic that is physically on a single network but acts
as if it is split between separate networks. In this way, VLANs can keep network applications
separate despite being connected to the same physical network, and without requiring multiple sets
of cabling and networking devices to be deployed. (Hiral B et al, 2011)
VLANs allow network administrators to group hosts together even if the hosts are not directly
connected to the same network switch. Because VLAN membership can be configured through
software, this can greatly simplify network design and deployment. Without VLANs, grouping
Showing Page:
12/39
12
hosts according to their resource needs necessitates the labor of relocating nodes or rewiring data
links. VLANs allow networks and devices that must be kept separate to share the same physical
cabling without interacting improving simplicity, security, traffic management, or economy. For
example, a VLAN could be used to separate traffic within a business due to users, and due to
network administrators, or between types of traffic, so that users or low priority traffic cannot
directly affect the rest of the network's functioning. Many Internet hosting services use VLANs to
separate their customers' private zones from each other, allowing each customer's servers to be
grouped together in a single network segment while being located anywhere in their datacenter .
Some precautions are needed to prevent traffic "escaping" from a given VLAN, an exploit known
as VLAN hopping. To subdivide a network into VLANs, one configures network equipment.
Simpler equipment can partition only per physical port (if at all), in which case each VLAN is
connected with a dedicated network cable. More sophisticated devices can mark frames through
VLAN tagging, so that a single interconnect (trunk) may be used to transport data for multiple
VLANs. Since VLANs share bandwidth, a VLAN trunk can use link aggregation, quality-of-
service prioritization, or both to route data efficiently. (HIral B.et al, 2011)
2.7 Membership Characteristics of VLAN
The following are membership characteristics of VLAN;
i. Port Numbers: Some VLAN vendors use switch port numbers as a membership
characteristics. For example, the administrator can define that stations connecting to port 1, 2, 3,
and 7 belongs to VLAN 2; stations connecting to ports 4, 10,and 12 belongs to VLAN 2; and so
on. (Kevin et al, 2003)
ii. MAC Address: Some VLAN vendors use the 48-bit MAC address membership
characteristics for example, the administrator can stipulate the stations having MAC address
E2132A128431 and F23A124BCD344 belongs to VLAN 2. (Kevin et al, 2003)
Showing Page:
13/39
13
iii. IP Address: Some VLAN vendors use the 32-bit IP address as a membership characteristic
for example; the administrator can stipulate that stations having IP address 181.34.23.67,
181.34.23.27, 181.34.23.46 belongs to VLAN 2. (Kevin et al, 2003)
iv. IP Multicast Addresses: Some vendors use the IP multicast addresses as a membership
characteristic. Multicasting at the IP layer is now translated to multicasting at the data link layer.
(Kevin et al, 2003)
2.8 Types of VLAN Membership
There are two types of VLAN memberships:
I.
Static VLANS
II.
Dynamic VLANS
2.8.1 Static VLANS: Static VLANs are created by network administrator, so these are more
secure. Any switch port assigned to VLAN will always maintain it unless one damage the port
assigned manually. Static VLANs is easy to set up and any movement in the host required
manually, often more updates of VLAN are not possible statically. (Craighunt, 2002)
2.8.2 Dynamic VLANs: Dynamic VLAN assign VLANs automatically using software based on
hardware address (MAC), protocols and applications. For example, if MAC address has been
entered into centralized VLAN management application software. If you attached it to an
unassigned switch port, the VLAN management database can look up for the hardware address
and assign and configure the switch port into the correct VLAN. It is a tough task to setup database
at initial level. (Craighunt, 2002)
2.9 Advantages of VLANs
There are several advantages to using VLAN:
i. Cost and Time Reduction: VLANs can reduce the migration cost of stations going from
one group top another. Physical reconfiguration takes time and is costly. Instead of
Showing Page:
14/39
14
physically moving one station to another segment or even to another switch, it’s much
easier and quicker to move it by using software. (Craighunt, 2002)
ii. Creating Virtual Work Groups: VLANs can be used to create virtual work groups. For
example in a campus movement, professors working on same project can send broadcast
messages to one another without the necessity of belonging to the same department. This
can reduce traffic if the multicasting capability of IP was previously used. (Craighunt,
2002)
iii. Security: VLANs provide an extra measure of security. People belonging to same group
can send broadcast messages with the guaranteed assurance that users in other groups will
not receive these messages. (Craighunt, 2002)
2. 10 Firewall
In order to control access to a system, firewall is needed. A firewall form a barrier through which
the traffic gain in each direction most pass. A firewall security policy dictates which traffic is
authorized to pass in each direction. (Smith et al, 2002)
A firewall may be designed to operate as a filter at the level of IP packets or may operate at a
higher protocol layer. Firewalls can be an effective means of protecting a local system or
network of systems from network based security threats while at the same time affording access
to the outside world via wide area network and the internet. (Hiral, Ravi and Jayesh, 2011).
2. 11 The Need for Firewalls
Information system in corporation government agencies and other organization have undergone a
steady evolution. The following are notable developments.
Centralized data processing system, with a central mainframe supporting a number of
directly connected terminals.
Showing Page:
15/39
15
Local Area Networks (LANs) interconnecting PCs and terminal to each other and the
mainframe.
Premises network, consisting of a number of LANs, interconnecting PCs serves and
perhaps a mainframe or two.
Enterprise wide network, consisting of multiple geographically distributed premises
network interconnected by a private wide area network (WAN).
Internet connecting in which various premises networks all hook into the internet and may
or may not also be connected by a private WAN. (Smith et al, 2002)
Internet connectivity is no longer optional for organization. The information and services available
are essential to the organization. Moreover, individual users within the organization need internet
access, and if this not provided via their LAN, they will use dial-up capability from PC to an
internet service provider (ISP). However, while internet access provides benefits to the
organization. It enables the outside world to reach and interact with local network assets. This
creates a threat to the organization, while it is possible to equip each work station and server on
the premises network with strong security features, such as intrusion protection, this may not be
sufficient and in some cases is not cost effective. Consider a network with hundreds or even
thousands of systems, running various operating systems such as different versions of UNIV and
WINDOWS. When a security flow is discovered, each potentially affected system must be
upgraded to fix the flow. This requires scalable configuration management and aggressive patching
to function effectively. While difficult, this is possible and necessary if only host based security is
used. A widely accepted alternative or at least complement to host based security services is the
firewall. The firewall inserted between the premises network and the internet to establish a
controlled and erect and outer security. The aim of this perimeter is to protect the premises network
from internet-based attacks and to provide a single checkpoint where security and auditing can be
Showing Page:
16/39
16
imposed. The firewall may be a simple computer system or a set of two or more systems that
cooperate to perform the firewall function.
The firewall then provides an additional layer of defense, insulating the internal system from
external networks. This follows the classic military doctrine of “defense in depth” which is just as
applicable to IT security. (Hiral, Ravi and Jayesh, 2011).
2.12 Cashless system
A cashless system describes an economic state where by financial transactions are not conducted
with money in the form of physical bank note or coins, but rather through the transfer of digital
information (usually an electronic representation of money) between the transacting parties.
Cashless systems have existed base on barter and other method of each range and cashless
transaction have also become possible using digital currencies such as bit coin. (Jimmy sproles et
al, 2004)
2.12.1 Modes of Cashless System
1- Cheque
The cheque is one of the oldest method of cashless payments. It is a known method to everyone.
In this method you issue a cheque for the specific amount to someone else, the cheque gets
deposited in the respective bank. (Jimmy sproles et al, 2004)
The entire transaction done through cheque gets recorded and there is a proof of payment.
2- Demand Draft
Demand draft is another rudimentary way of cashless transaction. It is a safest operation to receive
payment from anyone. Demand draft (DD) never gets defoliated as it is signed by the bankers. The
Showing Page:
17/39
17
disadvantage of DD and cheque is you need to visit a bank in order to deposit cheque and demand
draft. (Jimmy sproles et al, 2004)
3- Online Transfer- NEFT or RTGS
The online transfer is done through internet banking facility. Online transfer using NEFT or RTGS
is comporatulely faster than cheque and DD. Online transfer can be done from anywhere using
internet facility. (Jimmy sproles et al, 2004)
4- Credit card or Debit card
Credit card or debit card is another cashless payment method. The usage of credit card and debit
card was limited. The limitation of this payment method is an availability of suite card facility
(POS) at merchant end. (Jimmy sproles et al, 2004)
5- Mobile wallet
This is basically a virtual wallet available on your phone. You can store cash on the mobile to
make online or offline payments. Various service providers offer these wallets via mobile apps
which you need to download on the phone. You can transfer the money into these wallet on live
using credit/debit card or net banking. (Jimmy sproles et al, 2004)
6- Plastic money
This includes credit, debit and prepaid cards. The latter can be issued by banks or nonbanks and
can be physical or virtual. These can be bought and recharged online via net banking and can be
used to make online or point-of-sale purchase. Even gives as gifts cards. (Jimmy sproles et al,
2004)
Showing Page:
18/39
18
2.13 Advantages of cashless system
1- Convenience
The case