See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/359892550

Introduction to Cyber Crime

Article in International Journal of Engineering and Artificial Intelligence · March 2022

DOI: 10.55923/jo.ijeal.3.1.701

CITATIONS READS

0 16,146

1 author:

Osman Goni
Institute of Computer Science (ICS), Atomic Energy Research Establishment
13 PUBLICATIONS 19 CITATIONS

SEE PROFILE

All content following this page was uploaded by Osman Goni on 17 May 2022.

The user has requested enhancement of the downloaded file.

 International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

International Journal of Engineering and Artificial Intelligence

Journal home page: http://www.ijeai.com

Introduction to Cyber Crime

Osman Goni1
1
Designation: Senior Engineer, Computer System and Network Division (CSND), Institute of Computer Science
(ICS), Atomic Energy Research Establishment, Bangladesh Atomic Energy Commission, E-12/A, Agargaon, Sher-e-
Bangla Nagar, Dhaka-1207, Bangladesh.

Corresponding Author: engr.osmangoni@gmail.com

Original article Received 2 February 2022, Accepted 26 February 2022, Available online 1 March 2022

ABSTRACT

Modern world gives us many facilities. We can visit anywhere in the world by the help of modern invention.
Sometimes Modern Invention creates crime. Cyber Crime is one of them Cyber Crime is a common phenomenon in the
world. Cyber Crime is that group of activities made by the people by creating disturbance in network, stealing others
important and private data, documents, hack bank details and accounts and transferring money to their own. Cyber
Crime, especially through the Internet, has grown in importance as the computer has become central to commerce,
entertainment, and government. Cyber crime, also called computer crime, the use of a computer as an instrument to
further illegal ends, such as committing fraud, Trafficking in child pornography and intellectual property, stealing
identities, or violating privacy. The cyber crime and they its impacts over the society in the form of economical disrupt,
psychological disorder, threat to National defense etc. Restriction of cyber crimes is dependent on proper analysis of
their behavior and understanding of their impacts over various levels of society. Now a day’s Cyber crime is increasing
day by day. People have been greatly suffering for it. It is not only creates human suffering but also put effect on it. So
Cyber Crime is one of the major crimes done by computer expert. This paper gives the Introduction of cyber crime.
Keywords: Cyber Crime, Criminal, Child Pornography, Computer Crime, Human Suffering

International Journal of Engineering and Artificial Intelligence (IJEAI). This is an open access article under the CC BY-NC-ND license
(http://creativecommons.org/licenses/by-nc-nd/4.0/).

1. Introduction

Cyber crime is not an old sort of crime to the world. It is defined as any criminal activity which takes place on
or over the medium of computers or internet or other technology recognized by the Information Technology Act. There
are number of illegal activities which are committed over the internet by technically skilled criminals. Taking a wider
interpretation, it can be said that, Cyber crime includes any illegal activity where computer or internet is either a tool or
target or both. Cyber crime is an uncontrollable evil having its base in the misuse of growing dependence on computers
in modern life. Usage of computer and other allied technology in daily life is growing rapidly and has become an urge
which facilitates user convenience. It is a medium which is infinite and immeasurable. Some of the newly emerged
cybercrimes are cyber-stalking, cyber-terrorism, e-mail spoofing, e-mail bombing, cyber pornography, cyber-
defamation etc. Some conventional crimes may also come under the category of cybercrimes if they are committed
through the medium of computer or Internet (R.K.Chaubey, 2012).

Cybercrime is a term used to broadly describe criminal activity in which computers or computer networks are a
tool, a target, or a place of criminal activity and include everything from electronic cracking to denial-of-service attacks.
It is also used to include traditional crimes in which computers or networks are used to enable the illicit activity. The
Cyber crime can halt any railway where it is, it may misguide the planes on its flight by misguiding with wrong signals,
it may cause any important military data to fall in the hands of foreign countries, and it may halt e-media and every
system can collapse within a fraction of seconds (Nayak, October 2013).

9
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

Cybercrime is growing and current technical models to tackle cybercrime are inefficient in stemming the
increase in cybercrime. This serves to indicate that further preventive strategies are required in order to reduce
cybercrime. Just as it is important to understand the characteristics of the criminals in order to understand the
motivations behind the crime and subsequently develop and deploy crime prevention strategies, it is also important to
understand victims, i.e., the characteristics of the users of computer systems in order to understand the way these users
fall victim to cybercrime. Current era is too fast to utilize the time factor to improve the performance factor. It is only
possible due the use of Internet. The term Internet can be defined as the collection of millions of computers that provide
a network of electronic connections between the computers. There are millions of computers connected to the internet.
Everyone appreciates the use of Internet but there is another side of the coin that is cyber crime by the use of Internet
(Hemraj Saini, 2012).

Cyber crime is a bi-product of the ever-increasing development in the areas of information and communication
technology (ICT). The attackers mainly attack the confidential data of the organizations or personal information thereof.
The most targeted organizations are hospitals, government offices, police stations, financial. institutions, Research and
Development (R&D) organizations and other telecommunication firms etc (Shusmoy Kundu1, 2018).

2. Literature Review

2.1 Cyber Criminal

Cyber criminals are an ever-present menace in every country connected to the Internet. The cyber criminals
constitute of various groups or category as shown below:

2.1.1 Children and Adolescents

The simple reason for this type of delinquent behavior pattern in children is seen mostly due to the
inquisitiveness to know and explore the things. Other cognate reasons may be to prove themselves to be outstanding
amongst other children in their group.

2.1.2 Organized Hackers

These kinds of hackers are mostly organized together to fulfill certain objective. The reason may be to fulfill
their political bias, fundamentalism, etc. The Chinese are said to be one of the best quality hackers in the world. They
mainly target the other governments’ sites with the purpose to fulfill political objectives.

2.1.3 Professional Hackers/Crackers

These kinds of hacker’s work are motivated by money and mostly employed to hack the site of the rivals and
get credible, reliable and valuable information. Further they are employed to crack the system of the employer basically
as a measure to make it safer by detecting the loopholes.

2.1.4 Discontented Employees

This group includes those people who have been either sacked by their employer or are dissatisfied with their
employer. Traditionally, internal attacks posed the greatest threat to computer networks, which accounted for about 70
percent of all attempted intrusions (Brigadier General Md. Khurshid Alam).

2.2 Cyber Crime

Dr. Debarati Halder and Dr. K. Jaishankar define cybercrimes as: “Offences that are committed against
individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause
physical or mental harm, or loss, to the victim directly or indirectly, using modern telecommunication networks such as
Internet (Chat rooms, emails, notice boards and groups) and mobile phones (SMS/MMS) ( 2016).” The oxford
Dictionary defined the term cyber crime as “Criminal activities carried out by means of computers or the Internet
(2016).” “Cyber crime may be said to be those species, of which, genus is the conventional crime, and where either the
computer is an object or subject of the conduct constituting crime (2016).” “Cyber crime means any criminal or other
offence that is facilitated by or involves the use of electronic communications or information systems, including any
device or the Internet or any one or more of them (2016).” Cybercrime is a term used to broadly describe criminal

10
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

activity in which computers or computer networks are a tool, a target, or a place of criminal activity and include
everything from electronic cracking to denial-of-service attacks. It is also used to include traditional crimes in which
computers or networks are used to enable the illicit activity. The Cyber crime can halt any railway where it is, it may
misguide the planes on its flight by misguiding with wrong signals, it may cause any important military data to fall in
the hands of foreign countries, and it may halt e-media and every system can collapse within a fraction of seconds
(Nayak, October 2013).

2.3 Categories of Cyber Crime

There are a lot of Cyber Crime categories; these categories include different terminology and iconography that
create controversy over the computer attacker terms.

2.3.1. Data Crime

Data Interception, Data Modification, and Data Theft are called Data Crime. An attacker monitors data streams
to or from a target in order to gather information. This attack may be undertaken to gather information to support a later
attack or the data collected may be the end goal of the attack. This attack usually involves sniffing network traffic, but
may include observing other types of data streams, such as radio. In most varieties of this attack, the attacker is passive
and simply observes regular communication, however in some variants the attacker may attempt to initiate the
establishment of a data stream or influence the nature of the data transmitted. Privacy of communications is essential to
ensure that data cannot be modified or viewed in transit. Distributed environments bring with them the possibility that a
malicious third party can perpetrate a computer crime by tampering with data as it moves between sites.

In a data modification attack, an unauthorized party on the network intercepts data in transit and changes parts
of that data before retransmitting it. Data Theft used to describe when information is illegally copied or taken from a
business or other individual. Commonly, this information is user information such as passwords, social security
numbers, credit card information, other personal information, or other confidential corporate information. Because this
information is illegally obtained, when the individual who stole this information is apprehended, it is likely he or she
will be prosecuted to the fullest extent of the law (Nayak, October 2013).

2.3.2. Network Crime

Unauthorized Access and Virus Dissemination are called Network Crime. "Unauthorized Access" is an
insider‘s view of the computer cracker underground. The filming took place all across the United States, Holland and
Germany. "Unauthorized Access" looks at the personalities behind the computers screens and aims to separate the
media publicize of the 'outlaw hacker' from the reality [10]. Malicious software that attaches itself to other software.
(Virus, worms, Trojan Horse, Time bomb, Logic Bomb, Rabbit and Bacterium are examples of malicious software that
destroys the system of the victim (Virus Glossary (2006), 2012).

2.3.3. Related Crimes

Aiding and Abetting Cyber Crimes, Computer-Related Forgery and Fraud and Content-Related Crimes are
called Related Crime. There are three elements to most aiding and abetting charges against an individual. The first is
that another person committed the crime. Second, the individual being charged had knowledge of the crime or the
principals' intent. Third, the individual provided some form of assistance to the principal. Computer forgery and
computer-related fraud constitute computer-related offenses. Cyber sex, unsolicited commercial communications, cyber
defamation and cyber threats are included under content-related offenses. The total cost to pay by victims against these
attacks is in millions of millions Dollar per year which is a significant amount to change the state of un-developed or
under-developed countries to developed countries (Legal Info (2009), 2012) (Shantosh Rout (2008), 2012) (By Jessica
Stanicon (2009), 2012).

2.4 Types of Cyber Crime

There are many types of Cyber Crime. 1. Hacking, 2. Virus dissemination, 3. Logic bombs, 4. Denial-of-
Service attack, 5. Phishing, 6. Email bombing and spamming, 7. Web jacking, 8. Cyber stalking, 9. Data diddling, 10.
Identity Theft and Credit Card Fraud, 11. Salami slicing attack, 12. Software Piracy, 13. Cyber Pornography, 14. Sale of
illegal articles, 15. Pharming 16.TOR Network

2.4.1. Hacking

11
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

In simple words, hacking is an act committed by an intruder by accessing your computer system without your
permission. Hackers (the people doing the ‘hacking’) are basically computer programmers, who have an advanced
understanding of computers and commonly misuse this knowledge for devious reasons. Hacking is the technique of
finding the weak links or loopholes in the computer systems or the networks and exploiting it to gain unauthorized
access to data or to change the features of the target computer systems or the networks. Hacking describes the
modification in the computer hardware, software or the networks to accomplish certain goals, which are not aligned
with the user goals. In contrast, it is also called breaking into someone's security and stealing their personal or secret
data such as phone numbers, credit card details, addresses, online banking passwords etc. (Aman Gupta, 4 April 2017).

Now the methodology or the path followed by the Hackers is as follows:

Reconnaissance

Scanning

Gaining Control

Maintaining Access

Log Clearing

Figure 1. Block Diagram of the methodology or the path followed by the Hackers

2.4.2. Virus dissemination

Viruses are computer programs that attach themselves to or infect a system or files, and have a tendency to
circulate to other computers on a network. They disrupt the computer operation and affect the data stored – either by
modifying it or by deleting it altogether. “Worms” unlike viruses do not need a host to cling on to. They merely
replicate until they eat up all available memory in the system. The term “worm” is sometimes used to mean self-
replicating “malware” (MALicious softWARE). These terms are often used interchangeably in the context of the hybrid
viruses/worms that dominative current virus scenario. “Trojan horses” are different from viruses in their manner of
propagation.

12
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

Figure 2. A simple diagram to show how malware can propagate

2.4.3. Logic bombs

A logic bomb, also known as “slag code”, is a malicious piece of code, which is intentionally inserted into
software to execute a malicious task when triggered by a specific event. It is not a virus, although it usually behaves in a
similar manner. It is stealthily inserted into the program where it lies dormant until specified conditions are met.
Malicious software such as viruses and worms often contain logic bombs, which are triggered at a specific payload or at
a predefined time. The payload of a logic bomb is unknown to the user of the software, and the task that it executes
unwanted. Program codes that are scheduled to execute at a particular time are known as “time-bombs”. For example,
the infamous “Friday the 13th” virus which attacked the host systems only on specific dates; it “exploded” (duplicated
itself) every Friday that happened to be the thirteenth of a month, thus causing system slowdowns.

There is another use for the type of action carried out in a logic bomb “explosion” – to make restricted
software trials. The embedded piece of code destroys the software after a defined period or renders it unusable until the
user pays for its further use. Although this piece of code uses the same technique as a logic bomb, it has a
nondestructive, non-malicious and user-transparent use, and is not typically referred to as one.

A logic bomb is a piece of malicious code that lies dormant and hidden within a legitimate software until a
condition is satisfied to trigger its payload. Developers into genuine software normally embed this malware. A logic
bomb has a flaw that it only works for a software for which it has been designed, it does not replicate on other
applications. Presence of Logic bomb in system poses great risks to its security and integrity [16]. Working of logic
bomb code in a genuine code is shown in figure 1.

13
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

Figure 3. Working of Logic Bomb (Palash Sandip Dusane1, May - June 2020).

2.4.4. Denial-of-Service attack

A Denial-of-Service (DoS) attack is an explicit attempt by attackers to deny service to intended users of that
service. It involves flooding a computer resource with more requests than it can handle consuming its available
bandwidth which results in server overload. This causes the resource (e.g. a web server) to crash or slow down
significantly so that no one can access it. Using this technique, the attacker can render a web site inoperable by sending
massive amounts of traffic to the targeted site. A site may temporarily malfunction or crash completely, in any case
resulting in inability of the system to communicate adequately. DoS attacks violate the acceptable use policies of
virtually all internet service providers.

14
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

Figure 4. RDoS Principle [17].

Another variation to a denial-of-service attack is known as a “Distributed Denial of Service” (DDoS) attack
wherein a number of geographically widespread perpetrators flood the network traffic. Denial-of-Service attacks
typically target high profile web site servers belonging to banks and credit card payment gateways. Websites of
companies such as Amazon, CNN, Yahoo, Twitter and eBay! Are not spared either.

2.4.5. Phishing

This a technique of extracting confidential information such as credit card numbers and username password
combos by masquerading as a legitimate enterprise. Phishing is typically carried out by email spoofing. You’ve
probably received email containing links to legitimate appearing websites. You probably found it suspicious and didn’t
click the link. Smart move.

Figure 5. Phishing Process

The malware would have installed itself on your computer and stolen private information. Cyber-criminals use
social engineering to trick you into downloading malware off the internet or make you fill in your personal information
under false pretenses. A phishing scam in an email message can be evaded by keeping certain things in mind.

15
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

2.4.6. Email bombing and spamming

Email bombing is characterized by an abuser sending huge volumes of email to a target address resulting in
victim’s email account or mail servers crashing. The message is meaningless and excessively long in order to consume
network resources. If multiple accounts of a mail server are targeted, it may have a denial-of-service impact. Spam
filters can easily detect such mail arriving frequently in your inbox. Email bombing is commonly carried out using
botnets (private internet connected computers whose security has been compromised by malware and under the
attacker’s control) as a DDoS attack. This type of attack is more difficult to control due to multiple source addresses and
the bots, which are programmed to send different messages to defeat spam filters. “Spamming” is a variant of email
bombing. Here unsolicited bulk messages are sent to a large number of users, indiscriminately. Opening links given in
spam mails may lead you to phishing web sites hosting malware. Spam mail may also have infected files as
attachments. Email spamming worsens when the recipient replies to the email causing all the original addressees to
receive the reply. Spammers collect email addresses from customer lists, newsgroups, chat rooms, web sites and viruses
that harvest users’ address books, and sell them to other spammers as well. A large amount of spam is sent to invalid
email addresses.

2.4.7. Web jacking

Web jacking derives its name from “hijacking”. Here, the hacker takes control of a web site fraudulently. He
may change the content of the original site or even redirect the user to another fake similar looking page controlled by
him. The owner of the web site has no more control and the attacker may use the web site for his own selfish interests.
Cases have been reported where the attacker has asked for ransom, and even posted obscene material on the site.

Figure 6. Detailed Overview of Web Jacking

Web jacking can also be done by sending a counterfeit message to the registrar controlling the domain name
registration, under a false identity asking him to connect a domain name to the webjacker’s IP address, thus sending
unsuspecting consumers who enter that particular domain name to a website controlled by the webjacker. The purpose
of this attack is to try to harvest the credentials, usernames, passwords and account numbers of users by using a fake
web page with a valid link, which opens when the user is redirected to it after opening the legitimate site.

2.4.8. Cyberstalking

Cyber stalking is a new form of internet crime in our society when a person is pursued or followed online. A
cyber stalker doesn’t physically follow his victim; he does it virtually by following his online activity to harvest
information about the stalkee and harass him or her and make threats using verbal intimidation. It is an invasion of
one’s online privacy.

16
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

Cyber stalking uses the internet or any other electronic means and is different from offline stalking, but is
usually accompanied by it. Most victims of this crime are women who are stalked by men and children who are stalked
by adult predators and pedophiles. Cyber stalkers thrive on inexperienced web users who are not well aware of
netiquette and the rules of internet safety. A cyber stalker may be a stranger, but could just as easily be someone you
know.

Figure 7. Objectives for preventing Cyberstalking

The Internet has literally become a fertile breeding ground for an entirely new and unique type of criminal
offender hereafter known as the cyber stalker. The cyber stalker is one who uses the Internet as a weapon or tool of sorts
to prey upon, harass, threaten, and generate fear and trepidation in his or her victims through sophisticated stalking
tactics, which for the most part, are largely misunderstood and in some cases, legal (Pittaro1, 2007).

2.4.9. Data diddling

Data Diddling is unauthorized altering of data before or during entry into a computer system, and then
changing it back after processing is done. Using this technique, the attacker may modify the expected output and is
difficult to track. In other words, the original information to be entered is changed, either by a person typing in the data,
a virus that’s programmed to change the data, the programmer of the database or application, or anyone else involved in
the process of creating, recording, encoding, examining, checking, converting or transmitting data.

17
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

Figure 8. Data Diddling Attack

This is one of the simplest methods of committing a computer-related crime, because even a computer amateur
can do it. Despite this being an effortless task, it can have detrimental effects. For example, a person responsible for
accounting may change data about themselves, a friend, or relative showing that they are paid in full. By altering or
failing to enter the information, they are able to steal from the enterprise. Other examples include forging or
counterfeiting documents and exchanging valid computer tapes or cards with prepared replacements. Electricity boards
in India have been victims of data diddling by computer criminals when private parties were computerizing their
systems.

2.4.10. Identity Theft and Credit Card Fraud

Identity theft occurs when someone steals your identity and pretends to be you to access resources such as
credit cards, bank accounts and other benefits in your name. The imposter may also use your identity to commit other
crimes. “Credit card fraud” is a wide-ranging term for crimes involving identity theft where the criminal uses your
credit card to fund his transactions. Credit card fraud is identity theft in its simplest form. The most common case of
credit card fraud is your pre-approved card falling into someone else’s hands.

Figure 9. Credit Card Fraud System hidden Markov Model (Nabha Kshirsagar1, 2015).

With rising cases of credit card fraud, many financial institutions have stepped in with software solutions to
monitor your credit and guard your identity. ID theft insurance can be taken to recover lost wages and restore your
credit. However, before you spend a fortune on these services, apply the no-cost, common sense measures to avert such
a crime.

18
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

2.4.11. Salami slicing attack

A “salami slicing attack” or “salami fraud” is a technique by which cyber-criminals steal money or resources a
bit at a time so that there is no noticeable difference in overall size. The perpetrator gets away with these little pieces
from a large number of resources and thus accumulates a considerable amount over a period of time. The essence of this
method is the failure to detect the misappropriation. The most classic approach is “collect-the-round off” technique.
Most calculations are carried out in a particular currency are rounded off up to the nearest number about half the time
and down the rest of the time. If a programmer decides to collect these excess fractions of rupees to a separate account,
no net loss to the system seems apparent. This is done by carefully transferring the funds into the perpetrator’s account.
Attackers insert a program into the system to automatically carry out the task. Logic bombs may also be employed by
unsatisfied greedy employees who exploit their knowhow of the network and/or privileged access to the system. In this
technique, the criminal programs the arithmetic calculators to automatically modify data, such as in interest
calculations.

The attackers steal resources or money a little at a time in the salami technique. The important thing here is to
make the change meaningless and no one will notice it completely. For example, an employee of bank installs a
software into the servers of the bank, which takes a small amount of money from each customer's account. Every
account holder is not likely to notice this illegal deduction, but every month the attacker will make a substantial amount
of money. The attacker installs malware on the server so that it performs a specific purpose, such as installing malware
on the bank' server and its purpose is to deduct small values of money and send it to the attacker without giving an alert
(Asalah F Altwairqi, December, 2019).

Figure 10. Salami Slicing Attack and Phishing Attack (Asalah F Altwairqi, December, 2019).

Stealing money electronically is the most common use of the salami slicing technique, but it is not restricted to
money laundering. The salami technique can also be applied together little bits of information over a period to deduce
an overall picture of an organization. This act of distributed information gathering may be against an individual or an
organization.

Data can be collected from web sites, advertisements, documents collected from trash cans, and the like,
gradually building up a whole database of factual intelligence about the target. Since the amount of misappropriation is
just below the threshold of perception, we need to be more vigilant. Careful examination of our assets, transactions and
every other dealing including sharing of confidential information with others might help reduce the chances of an attack
by this method.

2.4.12. Software Piracy

We can find almost any movie, software or song from any origin free. Internet piracy is an integral part of our
lives which knowingly or unknowingly we all contribute to. This way, the profits of the resource developers are being
cut down. It is not just about using someone else’s intellectual property illegally but also passing it on to your friends
further reducing the revenue they deserve.

19
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

Figure 11. Software Piracy

Software piracy is the unauthorized use and distribution of computer software. Software developers work hard
to develop these programs and piracy curbs their ability to generate enough revenue to sustain application development.
This affects the completely global economy as funds are relayed from other sectors, which results in less investment in
marketing and research.

2.4.13. Cyber Pornography

Pornography’ is “describing or showing sexual acts in order to cause sexual excitement through books, films,
etc.” This includes pornographic websites; pornographic material produced using computers and use of internet to
download and transmit pornographic videos, pictures, photos, writings etc. There are more than 420 million individual
pornographic webpages today. Child pornography is a very unfortunate reality of the Internet. The Internet is being
highly used by its abusers to reach and abuse children sexually, worldwide (Vadza, 2013).

Child Sexual Abuse is more severe than any form of exploitation a girl child can encounter. This is because it
can leave a severe and lasting impact on a girl child for the rest of their life. Further, Child pornography is considered
different from adult pornography due to intricacies involved. In child pornography, children are harmed not only in
production process but also after publication of such pornography on internet, or via any other media. It attaches a taint
on the future of children depicting them in bad light and characterizing them on social networking sites belonging to
children who are below 18 years of age. Publication of their nude photos, either with their consent or fraudulently,
affects the prospects of their development and it also affects their mental health .Therefore, in a country like India and
Bangladesh where a considerable portion of the population consists of women and children, laws made in this regard
must be essentially stringent and must at the same time cater to the varied social and cultural scenario pertinent
.Moreover, the available statutory measures along with regulatory enforcement mechanism to churn out cyber
pornography must be articulated keeping in light the rapid development of the internet and its ill-effects on the society
and the innocent minds of the children (Joshi, 2021).

20
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

2.4.14. Sale of illegal articles

This would include trade of narcotics, weapons and wildlife etc., by posting information on websites, auction
websites, and bulletin boards or simply by using email communication. Research shows that number of people
employed in this criminal area. Daily peoples receiving so many emails with offer of banned or illegal products for sale
(Vadza, 2013).

2.4.15. Pharming

Pharming is an attack expected to divert your site traffic to another, presumably false site. Pharming is not
effectively discernible on PC. Pharming is normally done by infecting DNS servers, which is beyond control and stays
undetectable for a large part. The main way pharming could have been done on your PC is by altering the host’s file. In
the event that the record contains false entries, at that point some program has attempted to perform pharming on your
PC. Some site blocking software use the hosts file to map addresses to the localhost (Cyber Crime: Rise, 2020).

Figure 12. Pharming Attack.

2.4.16. TOR Network

This section depicts the noxious business activities recognized in the profound web, especially commercial
centers and merchandise cyber-criminal exchange. In spite of the way that the entirety of the previously mentioned
systems can possibly bolster unlawful exchanges of each sort, until now, the main system that appears to have increased
some footing for underground commercial centers is TOR. The explanation for this might be connected to the way that
TOR is relatively more experienced and more created than the opposition and has been endorsed by associations, like
the Electronic Frontier Foundation as the first choice among hostile to restriction instruments, putting it under the
spotlight as of late.

The Deep Web and malware are consummately appropriate for one another, particularly about facilitating
order and-control (C&C) system. It is the idea of concealed administrations and destinations like TOR and I2P to
shroud the area of servers using solid cryptography. This makes hard for forensic researchers to investigate using
conventional methods like looking at a server's IP address, checking enlistment subtleties, etc. What's more, using these
locales and administrations is not especially troublesome. It is then to be expected to see various cybercriminals use
TOR for C&C. We have seen the administrators behind predominant malware family’s use TOR pieces of their
arrangement. They basically group the authentic TOR customer with their installation package. Another major malware
family that utilizes the Deep Web is Crypto Locker.

Crypto Locker alludes to a ransom ware variation that encrypts victims very own reports before redirecting them to a
site where they can pay to recover access to their documents. Crypto Locker is likewise keen enough to consequently
alter the payment page to represent a victim’s local language and means of payment. It shows why the Deep Web bids
to 16 cybercriminals who are eager to make their foundations increasingly powerful to potential takedowns (Cyber
Crime: Rise, 2020).
21
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

3. Conclusion

The future of the Internet is still up for grabs between criminals and normal users. Our reliance on networks will
only continue to grow in the years ahead. This paper concludes with basic information of our privilege society, which
should aware about cyber crimes. Based on an analysis of existing cyber-Crimes and privacy issues targeting about
Cyber Crimes, a comprehensive framework is developed that provides an overview of possible security and privacy
threats along with the ways of attacks and countermeasures. In the future, we are planning to apply the proposed
framework in Cyber Crime to analyze the impact of the proposed approach in mitigating cyber privacy and security
issues. Having identified and understood in clear terms the various cyber-Crimes to cyber security, caution is a
watchword for whoever is on the internet. Nevertheless, cyber security is potentially under the mercies of some
common factors as explained in this journal article.

References

Kundu, S., Islam, K. A., Jui, T. T., Rail, S., Hossain, M. A., & Chowdhury, I. H. (2018). Cyber crime
trend in Bangladesh, an analysis and ways out to combat the threat. 2018 20th International Conference on Advanced
Communication Technology (ICACT). https://doi.org/10.23919/icact.2018.8323799

Damle, P. (2012). 'psychology for crime free india - a focus on cyber crimes'. PsycEXTRA Dataset.
https://doi.org/10.1037/e670282012-047

Zhang, Y., Xiao, Y., Ghaboosi, K., Zhang, J., & Deng, H. (2011). A survey of Cyber Crimes. Security
and Communication Networks, 5(4), 422–437. https://doi.org/10.1002/sec.331

Halder, D. (2021). Issues and challenges in policing cyber-crimes. Cyber Victimology, 47–56.
https://doi.org/10.4324/9781315155685-4

Renu, D. (2019). Impact of cyber crime: Issues and challenges. International Journal of Trend in Scientific
Research and Development, Volume-3(Issue-3), 1569–1572. https://doi.org/10.31142/ijtsrd23456

Mittal, S., & Singh, A. (2019). A study of cyber crime and perpetration of cyber crime in India. Cyber
Law, Privacy, and Security, 1080–1096. https://doi.org/10.4018/978-1-5225-8897-9.ch050

Rakibul, A., & Khalid Md., B. (2014). Mainstreaming climate change. adaptation into regional planning
of least developed countries: Strategy implications for regions in Bangladesh. Management of Sustainable
Development, 6(1), 5–17. https://doi.org/10.2478/msd-2014-0001

Md. Jahangir Alam, & Sheikh Md. Mursalin Mamun. (2021). Social capital as an instrument of Social
Security : Bangladesh Journal of Public Administration, 74–89. https://doi.org/10.36609/bjpa.v12i1-2.335

Gupta, A., & Anand, A. (2017). Ethical hacking and hacking attacks. International Journal Of
Engineering And Computer Science. https://doi.org/10.18535/ijecs/v6i4.42

Arya, G. (2020). Performance analysis of arithmetic logic unit with reversible logic. International Journal of
Advanced Trends in Computer Science and Engineering, 9(4), 6585–6590.
https://doi.org/10.30534/ijatcse/2020/348942020

Hadeel S. Obaid. (2020). Denial of service attacks: Tools and categories. International Journal of
Engineering Research And, V9 (03). https://doi.org/10.17577/ijertv9is030289

Lagrange, T., & van den Berghe, J. (2018). This work is licensed under a creative commons attribution-
noncommercial-share alike 4.0 international license. https://creativecommons.org/licenses/by-nc-sa/4.0/ editorial:
Drawing as a powerful catalyst for design driven research and Creation. DRS2018: Catalyst.
https://doi.org/10.21606/drs.2018.011

Iyer, D., Mohanpurkar, A., Janardhan, S., Rathod, D., & Sardeshmukh, A. (2011). Credit card fraud
detection using Hidden Markov model. 2011 World Congress on Information and Communication Technologies.
https://doi.org/10.1109/wict.2011.6141395

22
 Goni et al / International Journal of Engineering and Artificial Intelligence Vol 3 No 1 (2022) 9–23

Altwairqi, A. F., AlZain, M. A., Soh, B., Masud, M., & Al-Amri, J. (2019). Four most famous cyber
attacks for financial gains. International Journal of Engineering and Advanced Technology, 9(2), 2131–2139.
https://doi.org/10.35940/ijeat.b3601.129219

Rosenheck, J. P., otros, M. M., & Nunley, D. R. (2021). Cytomegalovirus in Lung Transplant. OBM
Transplantation, 05(02), 1–1. https://doi.org/10.21926/obm.transplant.2102145

Vadza, K. C. (2011). Cyber Crime & its categories. Indian Journal of Applied Research, 3(5), 130–133.
https://doi.org/10.15373/2249555x/may2013/39

Bhongale, J. (2021). Crime against women in cyber world. SSRN Electronic Journal.
https://doi.org/10.2139/ssrn.3903959

Hibberd, G., & Cook, A. (2014). The rise of Cyber Liability Insurance. Cyber Crime and Cyber
Terrorism Investigator's Handbook, 221–230. https://doi.org/10.1016/b978-0-12-800743-3.00017-7.

Biography:

Osman Goni was born at Chandpur, Bangladesh in 25th September 1982. He has completed his
Diploma-in-Computer Engineering and obtained 3rd place from Bangladesh Technical Education Board (BTEB) and B.
Sc.in Computer Science & Engineering from the Department of Computer Science and Engineering of World
University of Bangladesh (WUB) and M. Sc.in Computer Science & Engineering from the Department of Computer
Science and Engineering of Jagannath University (JnU) in Bangladesh. Currently he is working as Senior Engineer
(Computer Science and Engineering) at the institute of Computer Science in Bangladesh Atomic Energy Commission.
He is member of Institution of Diploma Engineers, Bangladesh (IDEB) and associate member of Bangladesh Computer
Society (BCS). His research interest includes Computer Hardware and Networking, artificial intelligence and Robotics,
Cyber Security, E-Commerce etc.

23

View publication stats