SlideShare a Scribd company logo

Web security

Download as PPTX, PDF
rakesh bandaru, profile picture
rakesh bandaru

The document discusses various topics related to web security including what it is, why it is important, common types of web attacks like SQL injection, cross-site scripting, password cracking, and phishing. It also discusses methods to provide security, such as using high security passwords, digital signatures, encryption/decryption, and biometric authentication. The conclusion states that as more security methods are available for websites, the future will be safer.

Education
Related topics:
Web Security Overview
1 of 40
Downloaded 13 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
B.Rakesh Dr.Paul Raj Engineering college
WEB SECURITY
CONTENTS What is Web Security ? Why Web Security ? Types of Web Attacks How to Provide security Conclusion
What is web security ? Web security is a branch of Network security that deals specifically with security of websites, web applications and web services. .
Why Web Security ? To provide privacy and confidentiality to the web application ,website and web servers
Types of Web Attacks sql injecting Passcode cracking Session Hijacking Xss phishing
SQL INJECTION SQL injection (SQLi) refers to an injection attack where in an attacker can execute ma licious SQL statements that control a web application's database server
EXAMPLE WITH PROGRAM
Web security
Cross site scripting attack Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a we b application to send malicious code, generally in the form of a browser side script, to a different end user.
Cross site scripting attack
Cross site scripting attack
Passcode cracking A password cracker is an application program tha t is used to identify an unknown or forgotten pas sword to a computer or network resources. It can also be used to help a human cracker obt ain unauthorized access to resources.
Passcode cracking Example
Passcode cracking • Brutus is one of the most popular remote online password cracking tools. ... •RainbowCrack. ... •Wfuzz. ... •John the Ripper. ... •THC Hydra. ... •Medusa. ... •OphCrack •Kali linux
Session Hijacking The most common method of session hijacking is called IP spoofing, when an attacker uses source-routed IP packets to insert commands into an active communic ation between two nodes on a network and disguising itself as one of the authenticated user s.
Session Hijacking Example
Web security
Phishing phishing is a term used to describe a malicious individual or group of individuals who scam users . They create duplicate website for Knowing the user id, passwords and Bank details of targeted peoples
Phishing Examples
Web security
Phishing Programming
How to Provide security
Security Methods High security passcodes Digital Signatures Encp & Dcpt Biometric authentication
High security passwords Some websites provides high security for your online transactions. The enable High Security feature helps define high security settings in your profile. By enabling this feature, for every transaction you make, you will receive a high security pa ssword on your mobile. You need to enter thi s password to complete the transaction.
High Security passcodes Examples
Web security
Web security
Digital Signatures What is Digital Signature? Hash value of a message when encrypted with the private k ey of a person is his digital sig nature on that e-Document
Why Digital signature To provide Authenticity, Integrity and Non-repudi ation to electronic documents To use the Internet as the safe and secure mediu m for e-Commerce and e-Governance Digital Signatures
Architecture
Digital signature •Government Online •Issuing forms and licences •Govt orders/treasury orders •Registration •Online file movement system •Public information records •E-voting
Encryption and Decryption Encryption The translation of data into a secret code. Encryptio n is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt
Decryption Decryption is the process of taking enco ded or encrypted text or other data and converting it back into text that you or t he computer can read and understand
Biometric Authentication Biometric security is a security mechanism used to authenticate and provide access to a facility or syst em based on the automatic and instant verification of web based applications
Why Biometric Security Traditional methods involving passwords and PIN numbers Biometrics highest level of security
Architecture
Conclusion In future the more security methods available for the websites, the betterand safer the future will be for all of us
Thanking You
Queries…..??

More Related Content

PPT
Secure code practices
Hina Rawal
 
PDF
5. Identity and Access Management
Sam Bowne
 
PDF
Sql Injection - Vulnerability and Security
Sandip Chaudhari
 
PPT
Web security
Muhammad Usman
 
PPTX
Introduction to Network Security
John Ely Masculino
 
PDF
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Edureka!
 
PPTX
Intrusion detection system
OECLIB Odisha Electronics Control Library
 
PPT
Web security
Subhash Basistha
 
Secure code practices
Hina Rawal
 
5. Identity and Access Management
Sam Bowne
 
Sql Injection - Vulnerability and Security
Sandip Chaudhari
 
Web security
Muhammad Usman
 
Introduction to Network Security
John Ely Masculino
 
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Edureka!
 
Intrusion detection system
OECLIB Odisha Electronics Control Library
 
Web security
Subhash Basistha
 

What's hot (20)

PDF
How to become a Cybersecurity Engineer? | Cybersecurity Salary | Cybersecurit...
Edureka!
 
PPSX
Web security
kareem zock
 
PPTX
Career in cyber security
Manjushree Mashal
 
PPTX
Wi Fi Security
yousef emami
 
PPT
A Brief Introduction in SQL Injection
Sina Manavi
 
PPTX
A Career in Cybersecurity
lfh663
 
PPTX
Web Security
ADIEFEH
 
PPTX
Security Information and Event Management (SIEM)
hardik soni
 
PDF
The What, Why, and How of DevSecOps
Cprime
 
PDF
Web application security & Testing
Deepu S Nath
 
PPTX
Information risk management
Akash Saraswat
 
PDF
IoT Security
Narudom Roongsiriwong, CISSP
 
PPT
Cyber Security Layers - Defense in Depth
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
PPTX
Web Security
Dipika Bambhaniya
 
PPTX
Intrusion detection
Umesh Dhital
 
PDF
Computer Security and Intrusion Detection(IDS/IPS)
LJ PROJECTS
 
PPTX
Identity and Access Management (IAM)
Identacor
 
PPT
Information Security Policies and Standards
Directorate of Information Security | Ditjen Aptika
 
PPTX
OWASP Top 10 2021 Presentation (Jul 2022)
TzahiArabov
 
PDF
Security testing presentation
Confiz
 
How to become a Cybersecurity Engineer? | Cybersecurity Salary | Cybersecurit...
Edureka!
 
Web security
kareem zock
 
Career in cyber security
Manjushree Mashal
 
Wi Fi Security
yousef emami
 
A Brief Introduction in SQL Injection
Sina Manavi
 
A Career in Cybersecurity
lfh663
 
Web Security
ADIEFEH
 
Security Information and Event Management (SIEM)
hardik soni
 
The What, Why, and How of DevSecOps
Cprime
 
Web application security & Testing
Deepu S Nath
 
Information risk management
Akash Saraswat
 
IoT Security
Narudom Roongsiriwong, CISSP
 
Cyber Security Layers - Defense in Depth
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Web Security
Dipika Bambhaniya
 
Intrusion detection
Umesh Dhital
 
Computer Security and Intrusion Detection(IDS/IPS)
LJ PROJECTS
 
Identity and Access Management (IAM)
Identacor
 
Information Security Policies and Standards
Directorate of Information Security | Ditjen Aptika
 
OWASP Top 10 2021 Presentation (Jul 2022)
TzahiArabov
 
Security testing presentation
Confiz
 
Ad

Viewers also liked (20)

PPTX
Web security
Padam Banthia
 
PDF
Web Security - Introduction v.1.3
Oles Seheda
 
PDF
Web Security
Gerald Villorente
 
PPT
Security in Web 2.0, Social Web and Cloud
ITDogadjaji.com
 
PPT
Php & Web Security - PHPXperts 2009
mirahman
 
KEY
Introduction to web security @ confess 2012
jakobkorherr
 
PPT
Top Ten Proactive Web Security Controls v5
Jim Manico
 
PDF
Web Security
Randy Connolly
 
PDF
Cisco Study: State of Web Security
Cisco Canada
 
PDF
Evolution Of Web Security
Chris Shiflett
 
PDF
Modern Web Security
Bill Condo
 
PDF
Top 10 Web App Security Risks
Sperasoft
 
PPTX
Introduction to Web security
jeyaselvir
 
PPT
Discriminant analysis group no. 4
Advait Bhobe
 
PPTX
Web Server Web Site Security
Steven Cahill
 
PDF
Web Application Security
Ynon Perek
 
PDF
DrupalCamp London 2017 - Web site insecurity
George Boobyer
 
PPTX
Extreme security in web servers
Daniel Garcia (a.k.a cr0hn)
 
PPT
Tutorial 09 - Security on the Internet and the Web
dpd
 
PPTX
Discriminant analysis
Tehran University of Medical Sciences,Tehran, Iran.
 
Web security
Padam Banthia
 
Web Security - Introduction v.1.3
Oles Seheda
 
Web Security
Gerald Villorente
 
Security in Web 2.0, Social Web and Cloud
ITDogadjaji.com
 
Php & Web Security - PHPXperts 2009
mirahman
 
Introduction to web security @ confess 2012
jakobkorherr
 
Top Ten Proactive Web Security Controls v5
Jim Manico
 
Web Security
Randy Connolly
 
Cisco Study: State of Web Security
Cisco Canada
 
Evolution Of Web Security
Chris Shiflett
 
Modern Web Security
Bill Condo
 
Top 10 Web App Security Risks
Sperasoft
 
Introduction to Web security
jeyaselvir
 
Discriminant analysis group no. 4
Advait Bhobe
 
Web Server Web Site Security
Steven Cahill
 
Web Application Security
Ynon Perek
 
DrupalCamp London 2017 - Web site insecurity
George Boobyer
 
Extreme security in web servers
Daniel Garcia (a.k.a cr0hn)
 
Tutorial 09 - Security on the Internet and the Web
dpd
 
Discriminant analysis
Tehran University of Medical Sciences,Tehran, Iran.
 
Ad

Similar to Web security (20)

PPTX
INTERNETSECURITY with the different threats
PrabinPathak5
 
PPTX
Security in e commerce
akhand Akhandenator
 
PDF
Introduction to Information Security
Dumindu Pahalawatta
 
PPTX
Chapter 2 System Security.pptx
RushikeshChikane2
 
PPTX
Week 7 Basics of Web Security, a course in cyber security.pptx
AkachiOkoro1
 
PPTX
cryptographydiksha.pptx
DIKSHABORKAR8
 
PPTX
Ledingkart Meetup #3: Security Basics for Developers
Mukesh Singh
 
PPTX
Types of Cyber Crimes and Security Threats
Amity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
PPTX
An An Exploration Into the Cyber Security
sivasakthin2022cse
 
PPTX
Security issues in e business
Rahul Kumar
 
PPTX
Protect your Privacy
Marcos Lopez-Carlson
 
PPTX
IS-Crypttools.pptx
V.V.Vanniaperumal College for Women
 
PPTX
FCT UNIT 5 Foundation of computing technologies.pptx
nandinikhalane
 
PPT
E commerce security
Shakti Singh
 
PPTX
CRYPTOGRAPHY AND NETWORK SECURITY ppt by me.pptx
Nune SrinivasRao
 
PPT
Technical seminar on Security
STS
 
PPTX
Cryptography and network Security--MOD-1.pptx
MrsPrajnaUR
 
PPTX
Chapter 2 Overview of Commercial Issues.pptx
mc0225225
 
PPT
Cyber security for an organization
Tejas Wasule
 
PPTX
Cyber security
manoj duli
 
INTERNETSECURITY with the different threats
PrabinPathak5
 
Security in e commerce
akhand Akhandenator
 
Introduction to Information Security
Dumindu Pahalawatta
 
Chapter 2 System Security.pptx
RushikeshChikane2
 
Week 7 Basics of Web Security, a course in cyber security.pptx
AkachiOkoro1
 
cryptographydiksha.pptx
DIKSHABORKAR8
 
Ledingkart Meetup #3: Security Basics for Developers
Mukesh Singh
 
Types of Cyber Crimes and Security Threats
Amity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
An An Exploration Into the Cyber Security
sivasakthin2022cse
 
Security issues in e business
Rahul Kumar
 
Protect your Privacy
Marcos Lopez-Carlson
 
IS-Crypttools.pptx
V.V.Vanniaperumal College for Women
 
FCT UNIT 5 Foundation of computing technologies.pptx
nandinikhalane
 
E commerce security
Shakti Singh
 
CRYPTOGRAPHY AND NETWORK SECURITY ppt by me.pptx
Nune SrinivasRao
 
Technical seminar on Security
STS
 
Cryptography and network Security--MOD-1.pptx
MrsPrajnaUR
 
Chapter 2 Overview of Commercial Issues.pptx
mc0225225
 
Cyber security for an organization
Tejas Wasule
 
Cyber security
manoj duli
 

Recently uploaded (20)

PPTX
Virtual and Augmented Reality in Current Scenario
Shruti Dalela
 
PDF
FOISHS ANNUAL IMPLEMENTATION PLAN 2025.pdf
EllenJoyCaniya2
 
PDF
RTP_AR_KS1_Tutor's Guide_English [FOR REPRODUCTION].pdf
RobertMentino1
 
PPTX
202450812 BayCHI UCSC-SV 20250812 v17.pptx
home
 
PDF
FORM 1 BIOLOGY MIND MAPS and their schemes
arcade5
 
PDF
1.3 FINAL REVISED K-10 PE and Health CG 2023 Grades 4-10 (1).pdf
JohnJerryDalawampu
 
PDF
advance database management system book.pdf
hinamannan364
 
PDF
IGGE1 Understanding the Self1234567891011
rhea22labucay
 
PPTX
TNA_Presentation-1-Final(SAVE)) (1).pptx
RomnickTanilon
 
PDF
Indian roads congress 037 - 2012 Flexible pavement
offersjackpot
 
PDF
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
 
PDF
احياء السادس العلمي - الفصل الثالث (التكاثر) منهج متميزين/كلية بغداد/موهوبين
S LS
 
PPTX
CHAPTER IV. MAN AND BIOSPHERE AND ITS TOTALITY.pptx
greciamaycalambro
 
PDF
Black Hat USA 2025 - Micro ICS Summit - ICS/OT Threat Landscape
Chris Sistrunk
 
PPTX
Unit 4 Computer Architecture Multicore Processor.pptx
Gunasundari Selvaraj
 
PPTX
History, Philosophy and sociology of education (1).pptx
tmdth1
 
PDF
Weekly quiz Compilation Jan -July 25.pdf
Nitin Suresh
 
PDF
Τίμαιος είναι φιλοσοφικός διάλογος του Πλάτωνα
iliaskessaris
 
PDF
Paper A Mock Exam 9_ Attempt review.pdf.
SameeraNaveed2
 
PDF
Chinmaya Tiranga quiz Grand Finale.pdf
Nitin Suresh
 
Virtual and Augmented Reality in Current Scenario
Shruti Dalela
 
FOISHS ANNUAL IMPLEMENTATION PLAN 2025.pdf
EllenJoyCaniya2
 
RTP_AR_KS1_Tutor's Guide_English [FOR REPRODUCTION].pdf
RobertMentino1
 
202450812 BayCHI UCSC-SV 20250812 v17.pptx
home
 
FORM 1 BIOLOGY MIND MAPS and their schemes
arcade5
 
1.3 FINAL REVISED K-10 PE and Health CG 2023 Grades 4-10 (1).pdf
JohnJerryDalawampu
 
advance database management system book.pdf
hinamannan364
 
IGGE1 Understanding the Self1234567891011
rhea22labucay
 
TNA_Presentation-1-Final(SAVE)) (1).pptx
RomnickTanilon
 
Indian roads congress 037 - 2012 Flexible pavement
offersjackpot
 
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
 
احياء السادس العلمي - الفصل الثالث (التكاثر) منهج متميزين/كلية بغداد/موهوبين
S LS
 
CHAPTER IV. MAN AND BIOSPHERE AND ITS TOTALITY.pptx
greciamaycalambro
 
Black Hat USA 2025 - Micro ICS Summit - ICS/OT Threat Landscape
Chris Sistrunk
 
Unit 4 Computer Architecture Multicore Processor.pptx
Gunasundari Selvaraj
 
History, Philosophy and sociology of education (1).pptx
tmdth1
 
Weekly quiz Compilation Jan -July 25.pdf
Nitin Suresh
 
Τίμαιος είναι φιλοσοφικός διάλογος του Πλάτωνα
iliaskessaris
 
Paper A Mock Exam 9_ Attempt review.pdf.
SameeraNaveed2
 
Chinmaya Tiranga quiz Grand Finale.pdf
Nitin Suresh
 

Web security

  • 3. CONTENTS What is Web Security ? Why Web Security ? Types of Web Attacks How to Provide security Conclusion
  • 4. What is web security ? Web security is a branch of Network security that deals specifically with security of websites, web applications and web services. .
  • 5. Why Web Security ? To provide privacy and confidentiality to the web application ,website and web servers
  • 6. Types of Web Attacks sql injecting Passcode cracking Session Hijacking Xss phishing
  • 7. SQL INJECTION SQL injection (SQLi) refers to an injection attack where in an attacker can execute ma licious SQL statements that control a web application's database server
  • 10. Cross site scripting attack Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a we b application to send malicious code, generally in the form of a browser side script, to a different end user.
  • 13. Passcode cracking A password cracker is an application program tha t is used to identify an unknown or forgotten pas sword to a computer or network resources. It can also be used to help a human cracker obt ain unauthorized access to resources.
  • 15. Passcode cracking • Brutus is one of the most popular remote online password cracking tools. ... •RainbowCrack. ... •Wfuzz. ... •John the Ripper. ... •THC Hydra. ... •Medusa. ... •OphCrack •Kali linux
  • 16. Session Hijacking The most common method of session hijacking is called IP spoofing, when an attacker uses source-routed IP packets to insert commands into an active communic ation between two nodes on a network and disguising itself as one of the authenticated user s.
  • 19. Phishing phishing is a term used to describe a malicious individual or group of individuals who scam users . They create duplicate website for Knowing the user id, passwords and Bank details of targeted peoples
  • 23. How to Provide security
  • 24. Security Methods High security passcodes Digital Signatures Encp & Dcpt Biometric authentication
  • 25. High security passwords Some websites provides high security for your online transactions. The enable High Security feature helps define high security settings in your profile. By enabling this feature, for every transaction you make, you will receive a high security pa ssword on your mobile. You need to enter thi s password to complete the transaction.
  • 29. Digital Signatures What is Digital Signature? Hash value of a message when encrypted with the private k ey of a person is his digital sig nature on that e-Document
  • 30. Why Digital signature To provide Authenticity, Integrity and Non-repudi ation to electronic documents To use the Internet as the safe and secure mediu m for e-Commerce and e-Governance Digital Signatures
  • 32. Digital signature •Government Online •Issuing forms and licences •Govt orders/treasury orders •Registration •Online file movement system •Public information records •E-voting
  • 33. Encryption and Decryption Encryption The translation of data into a secret code. Encryptio n is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt
  • 34. Decryption Decryption is the process of taking enco ded or encrypted text or other data and converting it back into text that you or t he computer can read and understand
  • 35. Biometric Authentication Biometric security is a security mechanism used to authenticate and provide access to a facility or syst em based on the automatic and instant verification of web based applications
  • 36. Why Biometric Security Traditional methods involving passwords and PIN numbers Biometrics highest level of security
  • 38. Conclusion In future the more security methods available for the websites, the betterand safer the future will be for all of us