Cybercrimes: A Proposed Taxonomy and Challenges

. Cybersecurity is one of the most important concepts of cyberworld which provides protection to the cyberspace from various types of cybercrimes. This paper provides an updated survey of cybersecurity. We conduct the survey of security of recent prominent researches and categorize the recent incidents in context to various fundamental principles of cybersecurity. We have proposed a new taxonomy of cybercrime which can cover all types of cyberattacks. We have analyzed various cyberattacks as per the updated cybercrime taxonomy to identify the challenges in the ﬁeld of cybersecurity and highlight various research directions as future work in this ﬁeld.


Introduction
In this modern age, the world is becoming more familiar and close to each other by means of Internet and new networking technologies.e networking infrastructure is the base for information sharing among individuals, private sectors, and military and government sectors.Approximately 50% of the world population has an Internet connection up to January 2017.
ere is a rise of 10% in the Internet users from January 2016 to January 2017 [1].According to [2], in 2016, there are 6.4 billion connected devices and this will reach 20.8 billion by 2020.
e present world technologies of hardware and software give new wings to the process of connecting various devices (mobiles and smartwatches) with Internet.Anybody can get, see, and share information on the Internet from any place in this world.ere is a huge growth of Internet-connected devices from the past to the present which give rise to the area of the cyberspace.e growth of Internet users in the world and world population is shown in Figure 1.
During the last five years, we observed that an increasing number of data, devices, and clouds were forming a perfect security storm of threats.Some of the threat predictions became true which are leading significance of much bigger storm expected in the near future.e dynamicity in the work place, highly mobile work strength, and frequently changing expectations of workers have changed the concept of network boundary.e flood of personal network devices has created an exponential growth of personal data on the Internet.According to [3], the number of devices will continue to grow in both volume and variety, and they predict that this number will reach 200 billion by 2020 and continue to grow in the future.So, the cyberspace is expanding everyday.is expansion has given rise to the various opportunities for cybercriminals to do malicious acts on the Internet and also given rise to the difficulty level for security professionals to put a security umbrella on the entire cyberspace.It is clear from the above discussion that the cyberspace has a huge volume of data and information that is available on the Internet and its resources must be protected from cybercriminals [3].
Every individual is doing some work to fulfill his/her objective.
e objective may be to gain money, respect, revenge, or any other.Cyberattackers also have objectives for which they do cyberattacks/cybercrimes.Here, we will discuss the most common objectives of cyberattackers.
(1) Entertainment.Some cybercriminals perform their activities of cyberattack to test their hacking abilities.ey feel proud and joy in their successful attempts.
ey are willing to get fame in the world of cybercriminals.ey feel joy and proud when they make an attack which was not performed by any other attacker or other attackers failed to perform that attack.
(2) Hacktivists.ese cyberattackers are motivated by political, religious, and social ends.eir motive is to preach their political and religious mottos and to discourage the people of other sets.ey want to extend their religion or politics to make them popular among the masses.e current trend of 2016 and 2017 shows that hacktivists are exposing the individuals having secret affairs through social websites.
e latest example is Ashley Madison dating whose users list was exposed by attackers in public domain.
(3) Financial gain.Most of the cyberattackers perform the cyberattacks for financial gain.ey desire to become rich.e target of cyberattackers may be the banking system, big companies, organizations, rich individuals, or wealthy countries.Some of these cyberattackers are either hired by some country, organization, company, or individual.(4) Spying.
ese types of cybercriminals attack the networks to steal the confidential information of specific country, organization, or individual.Spy hackers may use similar tactics as hacktivists, but their only agenda is to serve their client's goals and get paid in return.(5) Revenge.ese types of cybercriminals include the expelled, irritated, and humiliated employees.ey knew the policies, secrets, and weak points of their company, organization, or country.ey perform their activities of cyberattacks under the emotion of hate to take their revenge in the form of financial loss, tarnishing their social image, reputation, and so on.
In this paper, we conduct the survey of cybersecurity of recent prominent researches in context to various security principles, namely, confidentiality, integrity, and availability in the field.We categorize the recent incidents of cybersecurity on the basis of these fundamental principles and propose a new taxonomy of various cybercrimes.We have analyzed various security attacks as per the updated taxonomy to identify the challenges in the field and highlight various research directions as future work in the field.
To facilitate the discussion of cybersecurity, Section 2 introduces the cybersecurity and the fundamental principles of cybersecurity.In Section 3, the various types of environments affected by cybercrimes in the past few years have been discussed.Section 4 gives the introduction of various types of cybercrimes.
e introduction about various types of cyberattacks is discussed according to the fundamental principles of cyberattacks and also classified according to cybercrimes in Section 5.In Section 6, the various challenges of cybercrimes are discussed.Section 7 concludes this paper.

Cybersecurity
Cybersecurity deals with the security of the cyberspace from cybercriminals.e cyberspace constitutes all those things (hardware, software, and data/information) that are connected to the Internet/network.It is important to implement the cybersecurity effectively to protect the Internet system and the trust of people on this system from various cyberattacks.A flaw in cybersecurity and an uncovered cyberspace will provide a chance to cyberattackers to disrupt the Internet system.e three basic fundamental principles of cybersecurity are confidentiality, integrity, and availability.
e three basic fundamental principles are also known as the CIA triad.
e elements of the triad are considered as the most crucial components of cybersecurity [4].e cyberattacks on the information and data on the Internet can affect these three fundamental principles of cybersecurity.So, there is a great need to setup cybersecurity to preserve these fundamental principles.Cybersecurity that does not constitute these three fundamental principles is considered to be vulnerable to cyberattacks.e fundamental principles of cybersecurity are discussed below.

Confidentiality.
In the present day, every person may have confidential information like login credentials (username and password), SSN, credit card information, and a soft copy of personal documents and work files which may be stored on the computer system or server or it may be on any device connected to the Internet which needs protection from cyberattacks.Access to confidential information must be restricted to an organization of authorized users only.e measure is to be taken according to the importance of data.
e higher the importance of data, the higher the risk.So, serious measures are to be taken to protect the confidential information from cyberattacks to narrow down or eliminate the risk level.ere are various methods which can be used to protect the confidentiality of information from the cyberattacks: 2 Journal of Computer Networks and Communications data encryption, biometric verification, using strong user id and password, and user awareness [4,5].

Integrity.
Integrity means protecting the information and data on the Internet from alteration by cybercriminals.Integrity provides the consistency and accuracy of information on the network.e integrity of the information and data on the cyberspace can be preserved by taking appropriate steps like file permissions, user access controls, and digital signature.e bigger attacks are always the main attraction of security professionals.But security professionals cannot underestimate the small cybercrimes, as the number of small integrity attacks on information can make a huge impact on the infrastructure of an organization, state, or country.e information on the Internet might include cryptographic checksums to ensure the integrity.Backup must be maintained to recover from any tampering in information and data on the Internet due to cyberattacks or any natural calamities (earthquakes and tsunami) [4,5].

Availability.
Availability is a security policy which ensures that any individual, employee of an organization (public or private), with authorized access can use information and data on the Internet according to the specified access level by its organization.Information which cannot be used by any authorized user is like waste in a dustbin.Server systems and computer systems must have sufficient capacity to satisfy user requests for access of information on the Internet.Availability of information can be disrupted by cyberattacks, natural calamities, and environmental factors [4,5].
Here are some latest cybercrimes that are classified according to the cybersecurity fundamental principles shown in Table 1.

Literature Survey
To understand a concept in a better way, it is necessary to study its pattern that can be formed by learning its past and present. is section presents the various studies related to cybersecurity and cybercrimes in different platforms from 2012 to 2016.
Liu et al. raised the need for cybersecurity in the smart grid environment [13].ey had surveys about the various factors that show that the current security mechanisms are not enough to protect the smart grids from various cyberattacks.ey stated that the security requirements of smart grids are just the reverse of requirements of IT networks.ey focused on the need for some different kinds of mechanism needed for smart grids that can fulfill its security requirements.
von Solms and van Niekerk presented a paper in which they explained the difference and relation between information security and cybersecurity [14].ey stated that most of the people use the term "cybersecurity" instead of information security.But both the terms have a different meaning and effect in the cyberworld.ey concluded that the cybersecurity is a broader term than information security which not only provides security to a specific area but also everything that constitutes the cyberspace.
Razzaq et al. presented a survey paper on cybersecurity of data and information on the cyberspace [15].ey analyzed that nothing is safe in the present scenario.ey stated that the current cybersecurity techniques are not quite efficient for all kinds of attacks and focus on the need for new security mechanisms which are not based on previous cyberattack signatures but also can defend against future attacks.
Schneider presented a paper on the need for proper implementation of cybersecurity education in educational institutions or universities [16].He stated that the lack of the cybersecurity education in universities is giving chance to outsiders like private sector and also public sector to offer cybersecurity training which makes the work of cybercriminals easy.
ere is a need for study and training of cybersecurity to make an environment that can defend against cyberthreats.e devices used by a person that are connected to the Internet are difficult to hack if he/she has basic knowledge of cybersecurity.So, cybersecurity training also decreases the number of cyberattack incidents to make the work of cybercriminals harder.
Kaster and Sen presented the study of cybersecurity of the world's largest power grid [17].From various observations, they found that the cybersecurity at the present stage is not smart enough according to new technologies and new devices that are part of the cyberworld.ey presented the need and importance of cybersecurity for power grid system by pointing out that cyberthreat is the topmost threat in the list of various threats to the power grid system.
Jang-Jaccard and Nepal presented a survey on the changing trends in threats to social media, cloud computing, smartphones, and so on and various types of vulnerabilities found in hardware, software, and network infrastructure [18].ey found that the traditional approaches make the cybersecurity system stronger against existing ones and new cyberthreats are not suitable to modern technology.ey stated that unique identity and the traceback techniques are new hot future research topics.
Arlitsch and Edelman presented a survey on various data breaches in 2013 and 2014 [19].ey found out that confidential data of an individual and private and public sectors are one of the main targets of a cyberattacker.eir paper focused on the need for new mechanisms to enhance the current cybersecurity for information infrastructure on the Internet.
Rawat and Bajracharya presented a survey paper on the need for cybersecurity for smart grids [20].ey discussed the increased cybersurface of smart grids and various security challenges of this extended cybersurface of smart grids.ey discussed the cybersecurity attacks and defense techniques in smart grid systems that are aimed at different networks and protocol layers.eir paper is well formed to understand the concepts of the smart grid and its security.
Ali et al. presented software-defined networking as a best possible solution to enhance the security of networks [21].
ey presented various benefits of using SDN (like flexible policies, threat detection and remediation, and network verification) to protect the network system from various cyberthreats.
ey presented some issues of SDN (NFV, overlay networks, and OpenFlow) which are yet to be resolved in the near future to protect SDN from cyberthreats.
ey presented the need for more advanced security for the SDN to defend against cyberattacks.
Sadeghi et al. presented the need for more security and privacy in the IoT (Internet of ings) [22].ey stated that, with the invention of new types of computing devices in the IoT environment, the attack surface has grown to be very sharp and there is a need for new security mechanisms that can cover this increased cyberspace of IoT.
Singh et al. stated that, despite several advantages of cloud computing, its one disadvantage is its major challenge in its adoption [23].at disadvantage is its vulnerability.In this paper, they discussed a scenario of cloud computing, various security issues, and threats in cloud computing.ey proposed a new 3-tier security architecture to enhance the security of cloud computing by reviewing the old techniques.
Weber and Studer presented a paper in which they showed the need, change, and importance of legal aspects of cybersecurity in the Internet of ings [24].ey stated that IoT brings a lot of advantages but whenever a new device is connected to the Internet, it also faces the same threat level which previous devices were facing.ey focused on the point that the cybersecurity should not be limited to a specific point or legal aspect or regulatory approaches.
Zou et al. described the various layers of the OSI model for wireless systems which follow a different approach than wired systems [25].ey discussed the vulnerabilities of all the layers of the OSI model, and their focus is on the exploration of physical layer security concepts due to its nature of securing the open communication environment.ey briefly discussed the various attacks (eavesdropping and jamming attacks) and their countermeasures on the physical layer.
eir paper contributes in terms that very good knowledge of wireless security concepts and techniques used in that OSI model are explained.
As per the findings of the literature survey cited above, it is clear that cybercrimes on the Internet are an emerging and dynamic concept.e types of cybercrimes and their effects are changing day by day.However, most of the researches have discussed cybersecurity from the viewpoint of a specific environment.No general taxonomy has been provided.So, the present study is focused on the brief knowledge of cybercrimes and cyberattacks that can affect the cybersecurity in general covering various aspects of cybersecurity in terms of security principles.

The Proposed Taxonomy of the Cybercrime
In the existing world of Internet, we can find a huge volume and a variety of cyberattacks.From the history of cyberattacks on the Internet, it is concluded that trends of attacks are continuously changing day by day.e crime which can take place with the help of the computer system and the Internet is known as cybercrime.It is malicious activity which can affect the three fundamental principles of network security, that is, confidentiality, integrity, and availability.
e cybercrime includes the terms like fraud, stealing, fights, and world war.ese terms are also used in real-life crimes, but in the world of Internet, these terms have almost the same meaning but with different techniques.Most of the crimes occurring in today's world are cybercrimes.Hackers are finding a new way to change their attack patterns which increases the difficulty for security professionals to defend the information and data on the Internet and its resources.Hackers are providing free attack tools on the Internet to increase the number of attack rates on the Internet system.e increasing numbers of e-services like online shopping, online banking, and social apps have given a huge rise to the number of Internet users which are easily targeted by the cybercriminals.So, the various types of cybercrimes occurring in today's world are depicted in Figure 2 and discussed below.

Cyberviolence.
e violence created in real world with the help of a computer system or any device (like mobile) connected to the Internet is known as cyberviolence.Where the word "violence" is present, its effect in terms of harm will be there.In the world of cybersystem, the components that can be harmed are devices connected to the Internet, data on servers, information on the Internet, and any individual or organization that can be ruined by cyberviolence.ere are various forms of cyberviolence from which most common are discussed below [26,27].

Cyberworld War.
e cyberworld war has a maximum level of violence that acts among various countries of the world.
e cyberworld war constitutes every individual, military, country, hackers, and government and private employees.e aim of the cyberworld war is to malfunction, to disable, or to destroy the infrastructure and resources based on the Internet system of rival or enemy country.In this war, every type of cyberattack is used to achieve victory over the target country.

Cyberterrorism.
ere are some people or groups which have only aim of destroying the humanity known as terrorists.ey believe that they are doing this to make their religion more powerful in the world or they have only right to command over the world or no other can be stronger than them.e terrorism like this in the digital world is known as cyberterrorism.ey have no emotions or sympathy.ey are like machines whose aim is fed into them.ey can use any type of cyberattack to fulfill their aim.

Cyberstalking.
It is like for loop of C language in which termination condition is the harassment of your target.In this type of attack, attackers make use of electronic communication (email and instant messaging) to attack their target [28].

Cyberrevenge.
Revenge means harming someone in response to one's previous action.e aim of cyberrevenge is to destroy the enemy by various ways like exposing their confidential information, destroying their computer-based infrastructure and resources, and making their false image on the Internet system.e aim of cyberrevenge is to steal and change the confidential information of enemy for his/her vested interests.

Cyberpeddler.
Cyberpeddler is an act of doing something illegal or stealing someone's confidential data with the help of a computer system connected to the Internet.ere are basically two types of cybercrimes in this category which are discussed below.

Cyberfraud.
e act of making financial or personal gain by deception is known as cyberfraud.e main aim of fraud is to gain benefits in terms of money.Cyberfrauds include social engineering attacks like password guessing, spear phishing, and DNS redirecting in which the hacker manipulates the users to get their confidential information and then uses this information for his/her vested interests.

Cyberactivism.
It is the latest type of crime.In this type of crime, Internet-based social and communication applications are used to create, operate, and manage the activism like faster communication with people or the distribution of information to a large audience in a few seconds.e communication technologies used in this activism are Twitter, Facebook, YouTube, LinkedIn, Whatsapp, Gmail, and so on.ese technologies are made for good purposes like better connectivity with friends, colleagues, and employees and spreading the latest information easily to a vast geographical area.But some people use these technologies for spreading rumours to damage their rival image or spread Journal of Computer Networks and Communications false information about their organization or individuals to get various types of benefits [5].

Cybertrespass.
Trespass means crossing boundaries for which someone is not authorized.Cybertrespass is the crime in which cyberlaw is violated by hacking an authorized user system. is type of attack violates the confidentiality and integrity fundamental of cybersecurity.e various types of cybertrespass are as follows [26,27].

Cybertheft.
eft means there is a fear of something important that can be damaged or stolen.In real life, stealing or damaging is done by going physically into someone's house or organization and stealing something like file, television, gold, and so on.But in case of cyberworld, it is different from real world.Cybertheft in the cyberspace can be done by technically hacking someone's computer system connected to the Internet.In cyberworld, hackers have the aim of stealing/damaging information and data on the cyberspace for financial or personal gain.Basically, there are two types of thefts: (i) eft to cyberspace: Space is one of the important factors, which if not maintained properly leads to malfunction of the Internet.Cyberattackers aim to overflow the cyberspace to stop their target services or hack their targets.(ii) eft to data/information: Data/information constitutes the confidential record of an individual, organization, and country.e confidentiality, integrity, and availability of information on the Internet and servers must be maintained from cyberattackers.

Classic Cybersquatting.
It is the same as cybersquatting, but the main aim of the cybersquatter is to get paid.When the cybersquatter gets ransom from his/her target, he/she sells off or deletes his/her domain name.But now, laws have been changed, so the trend of this type of attack is not very popular today [29].

Derogatory Cybersquatting.
In this type, the cybersquatter's main aim is to destroy the reputation of his/her target.A cybersquatter does this by various means like posting the pornographic material, hate speech, or violated contents on that domain name [29].

Typographical Cybersquatting.
In this type of attack, the attacker cannot use the same name as the trademark because the owner of the trademark had already registered for the domain name.So, in this case, the attacker registers with the name very similar to the original trademark name.For example, if the attacker registers a domain name of Gmail that is very similar to Gmail, then he/she may succeed to make loss to the original trademark owner [29].
Figure 2 represents the major categories of cybercrimes happening in today's world.According to us, any kind of cybercrime can be subcategorised in this taxonomy.Our taxonomy helps a reader to easily understand the similarities between the attacks.

Classification of Cyberattacks on the Basis of Fundamental Principles of Cybersecurity
Cyberattacks are the techniques used by cybercriminals to disrupt the fundamental principles (confidentiality, integrity, and availability) of cybersecurity.Cyberattacks are skills of a cyberattacker to do cybercrimes in the Internet system.Cybercrimes present the general form, whereas cyberattacks are the specific form of attacks/crimes on cybersecurity.Here, we will discuss the cyberattacks on the cybersecurity fundamental principles as shown in Figure 3.

Attacks on Confidentiality.
It is detected that there are many kinds of attacks on confidentiality of network information which are as follows.

Traffic Analysis.
In the traffic analysis attack, an attacker analyzes the information on the network between the sender and the receiver without any tampering in it.e attacker makes analysis of information on the network to find some new information to steal confidential information.
It is a passive attack, and it only violates the confidentiality principle of network security [30].

Eavesdropping.
Eavesdropping means secretly listening to a confidential conversation on the network.An 6 Journal of Computer Networks and Communications attacker can read and capture the information on the network between the sender and the receiver.is attack is similar to traffic analysis.But in this type of attack, an attacker can sniff and record the information and later listen or read this information for his/her vested interests [31].

Snooping.
It is the passive form of attack where the attackers attempt to obtain confidential information about network users like login credentials of email, social apps, online banking, and so on or their personal records.e corporate sector or government officials use the snooping method to track their employees' activities for various purposes.Snooping is further divided into two types as discussed below [5].
(i) Digital snooping: Monitoring a private or public network for passwords or data is known as digital snooping.is attack is performed at the network layer. is snooping is done on the physical cable.Attackers may reprogram network switches or other devices to allow them to capture data off a network.Attackers can hack security cameras of an organization to get the username and password of employees so that they can access organization data like authorized users [5].(ii) Shoulder snooping: is is a physical attack where someone tries to watch for typed passwords or see information on a monitor that they should not have access to [5].

Password Attacks.
Password-based attacks are used to get the username and password of authorized users of an application, website, desktop computers, and laptops.ese captured usernames and passwords are further used to get access to network services as authorized users and to do malicious act.e success of password attacks depends upon the user awareness on how to choose the password.If the user is aware about choosing passwords, it will add complexity for hackers to gain access to the authorized user's password.ere are various types of password attacks as discussed below.
(i) Dictionary-based attack: In this attack, an attacker tries every combination of characters or words as defined in the dictionary to hack passwords of authorized users of Internet resources or applications.is type of attack result depends on the authorized user's password.If the user does not choose passwords similar to dictionary words, then it is almost impossible for the attacker to hack the password of the user with this attack.(ii) Brute-force attack: In this attack, an attacker tries every single possible password combination using brute-force hacking tools to hack the user password.is technique is time-consuming but results in the hacking of the authorized user's password.is attack can take few seconds to few days or few months also according to the complexity of passwords.(iii) Password-guessing attack: In the password-guessing attack, an attacker tries to guess the passwords of authorized users by using common words like date of birth, name, and religion.

Keylogger.
Keylogger is a type of malware that runs in the background of a computer system in the hidden mode; that is, the user is not aware about the running of keylogger.It has no icon or entry on desktop, quick launch, all programs, or anywhere else in the computer system.All the information entered by the user is captured by keylogger and transmitted to the attacker without the knowledge of the authorized user of that computer system [32].aims at small groups to large groups of network users.e various types of phishing attacks are discussed below [34].
(a) DNS phishing: DNS phishing is a process in which an attacker alters host files on the victim's computer system or DNS database or at any access point so that legitimate web URLs point to a fraudulent URL of the attacker.Due to lack of awareness about phishing attacks, users enter their confidential information in the fraudulent website of the hacker.Sometimes, technically sound people also fail to differentiate between the fraudulent website and the authorized website [34].(b) Spear phishing: It is a form of targeted attacks.At first, an attacker seeks available public information of its target through websites or social networking sites.On the basis of public information gathered, the attacker makes malware-contained email to gain the victim trust.en, the attacker sends this email to some selected people whom he/she wants to target.If anyone receiving that email clicks on it, he/she will become the victim of the attacker and lose his/her confidential information to the attacker because the malware attached with email works automatically when email is opened [33].
(ii) Dumpster diving: It is an attack in which an attacker himself/herself finds confidential information of a network user or an organization without the use of the network system.For example, the attacker may look up trash of an organization to find sensitive information [33].(iii) Baiting attack: In this approach, an attacker places the malware-infected storage device (CD, DVD, and pen drive) at that point where the future victim may see that device.e attacker adds more curiosity to the victim by labelling that storage device.When a person uses that storage media, his/her computer system gets infected and he/she will become a victim of the attacker's attack [33].(iv) Waterholing: It is a form of targeted attack in which an attacker indirectly targets his/her victim.In this method, the attacker infects those websites which his/her target mostly visits so that the victim computer system may get affected and the attacker gains access to his/her confidential information [33].(v) Reverse social engineering: In this attack, an attacker represents himself/herself as a trusted person to the victim.en, the attacker creates a situation in which the victim believes that the attacker is a person who can solve his/her problem and trustworthy to share his/her confidential information [33].

Attacks on Integrity.
A huge number of attacks can be found to disrupt the integrity of network information which are as follows.

Salami Attacks.
Salami attacks are a series of minor data security attacks that together result in a larger attack.
Example of this attack is a deduction of very small amount of money from bank account which is not noticeable.But when these deductions of very small amount from various numbers of accounts in the bank become a huge amount, it can damage the infrastructure of the bank [35].

Data Diddling
Attacks.Data diddling is an illegal or unauthorized data alteration.For example, account executives can change the employee time sheet information of employees before entering to the HR payroll application [35].

Cross-Site Scripting (XSS).
In this attack, an attacker uses vulnerable websites or applications.e hacker inserts his/her malicious script into that website or application that a target user visits.When the target visits that vulnerable website, the hacker's malicious code is transferred to the victim's browser. is malicious script can access sensitive information like cookies and session from the victim's browser [36,37].

SQL Injection Attack.
It is also an injection attack like cross-site scripting.But this attack uses the vulnerabilities of database SQL statements. is attack affects the web application database.It also affects websites and web applications that make use of databases.e attacker can gain access to the sensitive information of the database by bypassing the web application's authentication and authorization mechanism [36,38].

Session Hijacking Attacks.
Session hijacking is another type of network attack where the attacker alters session between two or more authorized users to gain authorized access to information or services used by authorized users.TCP session hijacking and man-in-the-middle attacks are examples of this type of attack [35].

Attacks on Availability.
ere are various methods that can be used to slow down or stop the availability of network resources to the authorized users of the Internet and its resources.Here are a few common attacks against availability that are discussed below.

5.
3.1.DoS/DDoS.DoS (denial of service) is a very common attack that disrupts the availability of the network and its resources.An attacker can attack his/her target directly or indirectly or both.In direct attack, the attacker generates huge traffic by using his/her own computer system, and in indirect attack, the attacker uses bots (a system that is hacked by an attacker and is under his/her control) to generate huge traffic for his/her target.A large variant of the DoS attack is DDoS (distributed denial-of-service) attack in which a number of bots or even a server can be used to make an attack on the target to disrupt his/her network services.DoS/DDoS attack can disrupt the network bandwidth, system resources, and application resources [39].
e consequences of a DoS attack are the following: (i) Slow network performance (ii) Unavailability of network services e various types of Dos/DDoS attacks are discussed below.
(i) TCP SYN attack: In this type of attack, an attacker uses the flaw of the three-way handshake process during TCP (transmission control protocol) connection establishment.In the three-way handshake process, the client sends SYN (synchronization) request to the server.en, in the second step, ACK (acknowledgement) is given by the server with SYN to the client.At the last step, the client sends the final ACK. e attacker sends too many SYN requests and never gives the final-step ACK which overflow the target capacity of request handling or memory which results in nonavailability of network services.e attacker can also use spoofed address to send requests so he/she does not get any response from his/her target which can also overwhelm his/her network [40].(ii) UDP attack: TCP is the connection-oriented protocol and UDP (user datagram protocol) is the connectionless protocol, and both work on the transport layer of the TCP/IP model.e connectionless mechanism used packets for information exchange and is used where reliability can be compromised up to some extent.An attacker generates huge traffic of UDP packets to his/her target to overflow his/her response handling queue which results in nonavailability of network services to authorized users [40]   e cybersurface basically constitutes desktops, laptops, mobiles, tablets, and smartwatches that can be connected to the Internet with the help of hardware and software.e Internet of ings (IoT) and cloud computing are major platforms that have extended the cybersurface to a large circumference as stated in [3].e increased cybersurface provides various opportunities to cybercriminals for cyberattacks due to lack of proper implementation of cybersecurity.Some vendors have major focus on their product's quality and minor on cybersecurity.ey do not implement the full-fledged cybersecurity mechanisms which give opportunities to the cyberattacker to enter an Internet or network system like an authenticated user. is increased cybersurface gives rise to the difficult level of defending data on the cybersurface by security professionals.Some new type of security standards is needed to implement properly the cybersecurity to save the cyberspace from cybercriminals [24].

Remote User Connectivity.
In the present stage, government and private sectors have offered an opportunity to its employees to connect remotely from anywhere by deploying the Internet-based virtual private network (VPN).
is facility has enhanced the working system of these sectors.But this system has brought the private information of these sectors to public networks.Remote user connectivity also provides opportunities for cybercriminals to hack the Internet-connected devices remotely.ere is a challenge for network security professionals to provide security from cybercriminals to the corporate or government sectors' confidential information on public networks and those public devices who have such confidential information [45].

Network IP Address Infrastructure.
e numbers of Internet-connected devices are proportionally larger than the numbers of Internet users as stated in [3].A single user of the Internet can have a mobile, a laptop, or a desktop.Each device has a unique IP address on the Internet.e traditional methods of manually configuring IP addresses are no longer viable, and they also lack the scalability, reliability, and effectiveness of security methods needed by the today's networks.So, securely and effectively managing the IP addresses of these fast-growing networks is a big challenge for a network administrator as the forged IP address is used by the cyberattacker to disrupt the Internet system [45].

Unified Network Control.
e technique SDN (softwaredefined networking) is widely adopted to control the Internet system easily and effectively than the traditional system.
is technique provides various benefits like the centralized network approach, low cost, and reliability.But the flaws in this technique have provided various opportunities for cybercriminals to hack the control of the network system.If security of the controller working in the control plane of SDN is compromised, then the complete architecture of the network system will be compromised where the SDN is installed.
is will give the confidential information of many users, the control of various networking devices, and the integrity of applications installed on that network to cybercriminals.So, this is a big challenge for security professionals to protect the SDN from cybercriminals [21].

One Technique for All Layers.
ere are different techniques to protect all the layers of the OSI or TCP model.It is a complex task to advance all the techniques according to the latest cyberattacks at a time.It is also wastage of time and money to make many techniques for the previous known attacks.ere is a need for a single technique that should protect all the layers of the ISO or TCP model from various known and unknown cyberattacks [25].

Conclusion
e increasing popularity of the Internet has given a sharp rise to the digital world which constitutes very large volume of information and data stored on the cyberspace.With the increase in cyberspace, the cyberattacks/cybercrimes are also increasing in numbers and their effect is also growing bigger.
e existing security techniques are not enough to protect the current Internet system and its resources.Some new types of security techniques are required to defend the cyber space from cybercrimes that can never be cracked or require years to crack down, which are cost-effective and can defend against all types of cybercrimes.We cannot misguide the cybersecurity as information security or data security.Cybersecurity is a broader term which protects all the hardware (devices, routers, and switches), software, information, and data that are part of the Internet.On behalf of our study, the future work will constitute the following points: (i) To propose a security technique that can defend against ever-changing attacks at different levels of network protocols (ii) To propose an effective, accurate, and cost-efficient security technique for a specific environment (IoT, cloud computing, SDN, and smart grid) (iii) To propose a technique for securing the information in remote user connectivity or BYOD (Bring Your Own Device) policy

Figure 1 :
Figure 1: Internet users in the world.

Figure 3 :
Figure 3: Classification of cyberattacks on the basis of fundamental principles of cybersecurity.

Table 1 :
Classification of recent cybercrimes on the basis of security fundamental principles.DDoS attacks on five major Russian banks disrupted the services of the bank to their customers for two days in November 2016 [11] (3) e WannaCry attack locked 90,000 computers in 99 countries and was ready to release them for a ransom of $300-$500 bitcoins[12]

Table 2
represents the various types of cyberattacks grouped on the basis of cybercrime categories.According to us, every type of cyberattack can be adjusted in Table2.Our cybercrime taxonomy gives a way to uniquely distribute the cyberattacks.It helps to understand the similarity and differences between various types of cyberattacks.Table2helps the newcomers to decide what type of security technique is effective on what type of cyberattacks.Hence, classification of cyberattacks according to cybercrime categories in Table 2 provides a complete understanding of common types of cyberattacks.So, a security technique can be updated to protect the cyberspace from more than one cyberattack.Various mechanisms are discovered by cybersecurity researchers to defend against cyberattacks.But there is no such single technique that can defend the data and information on the Internet from all the cybercrimes.Cybercriminals are very creative.ey are always busy in making a new variant of existing cyberattack or forming a new

Table 2 :
Classification of cyberattacks on the basis of cybercrimes.