Network & Web Security Unit 4 (Trojans and Backdoors, Viruses and Worms, Phishing, Web Application Security and Denial-of Service Attacks)

Trojans and Backdoors: Overt and Covert Channels, Working, Types (Remote Access Trojans, Data-Sending Trojans, Destructive Trojans, Trojans, Proxy Trojans, FTP Trojans, Security Software Disablers). Viruses and Worms: Characteristics, Working, Infection Phase, Attack Phase. Sniffers: Definition, spoofing, Sniffing, Vulnerable Protocols, Types. Phishing: Methods, Process, Attacks Types (Man-in-the-Middle Attacks, URL Obfuscation Attacks, Hidden Attacks, Client-side Vulnerabilities, Deceptive Phishing, Malware-Based Phishing, DNSBased Phishing, Content-Injection Phishing, Search Engine Phishing). Web Application Security: Secured authentication mechanism, secured session management, Cross-site Scripting, SQL Injection and other vulnerabilities. Denial-of Service Attacks: Types of Attacks (Smurf Attack, Buffer Overflow Attack, Ping of Death Attack, Teardrop Attack, SYN Attack, SYN Flooding), DDoS Attack(Distributed DoS Attack.), Session Hijacking, Spoofing v Hijacking, TCP/IP hijacking, CAPTCHA Protection