Academicians

 Transaction o The transaction is a set of logically related operation. It  contains a group of tasks. o A transaction is an action or series of actions. It is  performed by a single user to perform operations for  accessing the contents of the database. Example: Suppose an employee of bank transfers Rs 800 from  X's account to Y's account. This small transaction contains several  low-level tasks: X's Account 1. Open_Account(X)  2. Old_Balance = X.balance  3. New_Balance == Old_Balance - 800  4. X.balance = New_Balance  5. Close_Account(X)  Y's Account 1. Open_Account(Y)  2. Old_Balance = Y.balance  3. New_Balance = Old_Balance + 800  4. Y.balance = New_Balance  5. Close_Account(Y)  Operations of Transaction: Following are the main operations of transaction: Read(X): Read operation is used to read the value of X from the  database and stores it in a buffer in main memory. Write(X): Write operation is us...

 In the case of updating the database, the responsibility of the system  is to check whether the existing functional dependencies are getting  violated during the process of updating. In case of a violation of  functional dependencies in the new database state, the rollback of  the system must take place. A canonical cover or irreducible a set of functional dependencies  FD is a simplified set of FD that has a similar closure as the original  set FD. Extraneous attributes An attribute of an FD is said to be extraneous if we can remove it  without changing the closure of the set of FD. Example: Given a relational Schema R( A, B, C, D) and set of  Function Dependency FD = { B → A, AD → BC, C → ABD }.  Find the canonical cover? Solution: Given FD = { B → A, AD → BC, C → ABD }, now  decompose the FD using decomposition rule( Armstrong Axiom ). 1. B → A 2. AD → B ( using decomposition inference rule on AD →  BC) 3. AD → C ( using de...

 The functional dependency is a relationship that exists between two  attributes. It typically exists between the primary key and non-key  attribute within a table. 1. X → Y  The left side of FD is known as a determinant, the right side of the  production is known as a dependent. For example: Assume we have an employee table with attributes: Emp_Id,  Emp_Name, Emp_Address. Here Emp_Id attribute can uniquely identify the Emp_Name attribute of employee table because if we know the Emp_Id, we can  tell that employee name associated with it.

 Virus and Worms Computer virus is a program that can “infect” legitimate programs by modifying them to  include a possibly “evolved” copy of itself.  Viruses spread themselves, without the knowledge or permission of the users, to  potentially large numbers of programs on many machines.  A computer virus passes from computer to computer in a similar manner as a biological  virus passes from person to person.  Viruses may also contain malicious instructions that may cause damage or annoyance;  the combination of possibly Malicious Code with the ability to spread is what makes  viruses a considerable concern. Computer virus has the ability to copy itself and infect the system.  The term virus is also commonly but erroneously used to refer to other types of malware,  Adware and Spyware programs that do not have reproductive ability.  A true virus can only spread from one system to another (in some form of executable  code) when its host is taken...

Keyloggers and Spywares  Keystroke logging, often called keylogging, is the practice of noting (or logging) the keys  struck on a keyboard, typically in a covert manner so that the person using the keyboard  is unaware that such actions are being monitored.  Keystroke logger or keylogger is quicker and easier way of capturing the passwords and  monitoring the victims’ IT savvy behavior. It can be classified as software keylogger and  hardware keylogger. Software Keyloggers  Software keyloggers are software programs installed on the computer systems which  usually are located between the OS and the keyboard hardware, and every keystroke is  recorded. Software keyloggers are installed on a computer system by Trojans or viruses without the  knowledge of the user.   Cybercriminals always install such tools on the insecure computer systems available in  public places (i.e., cybercafés, etc) and can obtain the required information about the...

 Password Cracking  Password is like a key to get an entry into computerized systems like a lock.  Password cracking is a process of recovering passwords from data that have been stored in or transmitted by a computer system.  Usually, an attacker follows a common approach – repeatedly making guesses for  the password. The purpose of password cracking is as follows: 1. To recover a forgotten password. 2. As a preventive measure by system administrators to check for easily crackable  passwords. 3. To gain unauthorized access to a system. Manual password cracking is to attempt to logon with different passwords. The attacker  follows the following steps: Find a valid user account such as an Administrator or Guest; 2. create a list of possible passwords; 3. rank the passwords from high to low probability; 4. key-in each password; 5. try again until a successful password is found. Passwords can be guessed sometimes with knowledge of the user’s personal  informatio...

Phishers work in the following ways: 1. Planning: Criminals, usually called as phishers, decide the target. 2. Setup: Once phishers know which business/business house to spoof and who their  victims. 3. Attack: the phisher sends a phony message that appears to be from a reputable source. 4. Collection: Phishers record the information of victims entering into webpages or pop￾up windows. 5. Identity theft and fraud: Phishers use the information that they have gathered to make  illegal purchases or commit fraud. Nowadays, more and more organizations/institutes provide greater online access for their customers and hence criminals are successfully using Phishing techniques to steal personal information and conduct ID theft at a global level

 “Phishing” refers to an attack using mail programs to deceive Internet users into disclosing confidential information that can be then exploited for illegal purposes.  While checking electronic mail (E-Mail) one day a user finds a message from the bank threatening to close the bank account if he/she does not reply immediately.  Although the message seems to be suspicious from the contents of the message, it is  difficult to conclude that it is a fake/false E-Mail.  This message and other such messages are examples of Phishing – in addition to stealing personal and financial data – and can infect systems with viruses and also a method of  online ID theft in various cases.  These messages look authentic and attempt to get users to reveal their personal  information.

Proxy server is a computer on a network which acts as an intermediary for connection  with other computers on that network.  The attacker first connects to a proxy server and establishes a connection with the  target system through existing connection with proxy.  This enables an attacker to surf on the Web anonymously and/or hide the attack.  A client connects to the proxy server and requests some services (such as a file, webpage)  available from a different server.  The proxy server evaluates the request and provides the resource by establishing the connection to the respective server and/or requests the required service on  behalf of the client.  Using a proxy server can allow an attacker to hide ID (i.e., become anonymous  on the network). A proxy server has following purposes: 1. Keep the systems behind the curtain (mainly for security reasons). 2. Speed up access to a resource (through “caching”). It is usually used to cache the web  pages from ...

 Introduction, Proxy Servers And Anonymizers, Phishing, Password Cracking, Key Loggers  And Spywares, Virus And Worms, Trojan Horses And Backdoors, Steganography, DoS And  DDoS Attacks, SQL Injection, Buffer Overflow, Attacks On Wireless Networks, Phishing And  Identity Theft: Introduction, Phishing, Identity Theft (ID Theft) 1. Introduction 2. Proxy Servers and Anonymizers, 3. Phishing 4. Password Cracking 5. Key loggers and Spywares 6. Virus and Worms 7. Trojan Horses and Backdoors 8. Steganography 9. DoS and DDoS Attack

  Key Aspects of Computer Forensics 1. Phases of Computer Forensic Investigation A typical forensic investigation follows a structured process: a) Identification Detect and recognize potential digital evidence sources (e.g., computers, mobile devices, cloud storage). Identify key stakeholders, such as law enforcement agencies or corporate security teams. b) Preservation Secure digital evidence without tampering. Use write-blocking tools to prevent data alteration. Create forensic copies (bit-by-bit images) of storage devices. c) Analysis Examine data for traces of malicious activity, deleted files, hidden data, or encrypted content. Use forensic tools like EnCase, FTK, Autopsy, X-Ways Forensics to extract evidence. Reconstruct events using system logs, timestamps, and metadata. d) Documentation Record all findings systematically. Maintain chain-of-custody records to ensure admissibility in court. Generate forensic reports detailing the investigation process and conclusions. e) Pre...

 A digital signature is an electronic equivalent of a handwritten signature or a stamped seal, used to authenticate the identity of the sender and ensure the integrity of a document or message. It is based on public-key cryptography , where a sender uses a private key to sign a document, and the recipient verifies the signature using the sender’s public key . Legal Implications of Digital Signatures The legal acceptance of digital signatures depends on jurisdiction, but they are widely recognized globally through various laws and regulations. 1. Legality and Recognition Digital signatures are legally binding in many countries under various laws: United States : The Electronic Signatures in Global and National Commerce (ESIGN) Act (2000) and the Uniform Electronic Transactions Act (UETA) grant digital signatures the same legal status as handwritten signatures. European Union : The eIDAS Regulation (EU 910/2014) recognizes three types of electronic signatures, with Qualified Ele...