Unit1

3 UNIT-1

Network and Information security Fundamentals:

Network Basics, Network Components, Network Types, Network Communication Types,

Introduction to Networking Models, Cyber Security Objectives and Services, Other Terms of Cyber

Security, Myths Around Cyber Security, Recent Cyber Attacks, Generic Conclusion about Attacks,

Why and What is Cyber Security, Categories of Attack.

 Unit1

Network Basics

Introduction of Data Communication

Computer Network consists of interconnection of autonomous nodes. A node is device which is

capable of receiving and/or sending data. A node may be any computer, printer, router or any
device that can receive and/or send data. Nodes are autonomous means; no device can forcibly
start and/or stop the operation of other device. In computer networks the data and resources are
shared among the authorized multiple users.

The effectiveness of a data communications system depends on four fundamental characteristics:

delivery, accuracy, timeliness, and jitter.

Delivery: The system must deliver data to the correct destination. Data must be received by the
intended device or user and only by that device or user.

Accuracy: The system must deliver the data accurately. Data that have been altered in transmission
and left uncorrected are unusable.

Timeliness: The system must deliver data in a timely manner. Data delivered late are useless. In the
case of video and audio, timely delivery means delivering data as they are produced, in the same
order that they are produced, and without significant delay. This kind of delivery is called real-time
transmission.
For eg: imagine receive a series of letters.Timeliness ensure you gethem within time.

Jitter: Jitter refers to the variation in the packet arrival time. It is the uneven delay in the delivery
of audio or video packets.
For example, imagine receive a series of letters.Timeliness ensure you gethem within time.Jitter
means is how consistent the delivery is .some letters arrive quickly and other after a long delay that is
jitter.

let us assume that video packets are sent every30 ms. If some of the packets arrive with 30-ms delay
and others with 40-ms delay, an uneven quality in the video is the result.

Network Components:
A data communications system has five components.

Message: The message is the information (data) to be communicated. Popular forms of information
include text, numbers, pictures, audio, and video.

Sender: The sender is the device that sends the data message. It can be a computer, workstation,
telephone handset, video camera, and so on.

Receiver: The receiver is the device that receives the message. It can be a computer, workstation,
telephone handset, television, and so on.

1
 Unit1

Transmission medium: The transmission medium is the physical path by which a message travels
from sender to receiver. Some examples of transmission media include twisted-pair wire, coaxial
cable, fiber-optic cable, and radio waves.

Protocol: A protocol is a set of rules that govern data communications. It represents an agreement
between the communicating devices. Without a protocol, two devices may be connected but not
communicating, just as a person speaking French cannot be understood by a person who speaks
only Japanese.

Fig: Components of Communication

Data Representation
Data refers to information that conveys some meaning based on some mutually agreed up rules or
conventions between a sender and a receiver and today it comes in a variety of forms such as text,
graphics, audio, video and animation.

Text
In data communications, text is represented as a bit pattern, a sequence of bits (0s or 1s).
Different sets of bit patterns have been designed to represent text symbols. Each set is called a
code, and the process of representing symbols is called coding. Today, the prevalent coding system
is called Unicode, which uses 32 bits to represent a symbol or character used in any language in
the world.

Numbers
Numbers are also represented by bit patterns. However, a code such as ASCII is not used to
represent numbers; the number is directly converted to a binary number to simplify mathematical
operations.

Images
Images are also represented by bit patterns. In its simplest form, an image is composed of a matrix
of pixels (picture elements), where each pixel is a small dot. The size of the pixel depends on the
resolution. For example, an image can be divided into 1000 pixels or 10,000pixels. In the second
case, there is a better representation of the image (better resolution), but more memory is needed to
store the image. After an image is divided into pixels, each pixel is assigned a bit pattern. The size
and the value of the pattern depend on the image. For an image made of only black and white dots
(e.g., a chessboard), a 1-bit pattern is enough to represent a pixel. If an image is not made of pure
white and pure black pixels, you can increase the size of the bit pattern to include gray scale. For
example, to show four levels of gray scale, you can use2-bit patterns. A black pixel can be
represented by 00, a dark gray pixel by 01, a light gray pixel by 10, and a white pixel by 11. There
are several methods to represent color images. One method is called RGB, so called because each
color is made of a combination of three primary colors: red, green, and blue.
 Unit1

Audio
Audio refers to the recording or broadcasting of sound or music. Audio is by nature different from
text, numbers, or images. It is continuous, not discrete. Even when we use a microphone to change
voice or music to an electric signal, we create a continuous signal.

Video
Video refers to the recording or broadcasting of a picture or movie. Video can either be produced as
a continuous entity (e.g., by a TV camera), or it can be a combination of images, each a discrete entity,
arranged to convey the idea of motion. Again we can change video to a digital or an analog signal.

Data Flow
Communications between any two devices may be one of the three modes. The data flow is also
called modes of transmission.
Simplex
Half– Duplex
Full–Duplex

Simplex
In simplex mode, the communication is unidirectional. Only one of the two devices on a link can transmit;
the other can only receive. Keyboards and traditional monitors are examples of simplex devices. The
keyboard can only introduce input; the monitor can only accept output. The simplex mode can use the entire
capacity of the channel to send data in one direction. Television broadcasts are a classic example. The TV
station transmits signals (data), and the TV receives them without sending any data back

Fig: Simplex Mode

Half-Duplex
In half-duplex mode, each station can both transmit and receive, but not at the same time. When
one device is sending, the other can only receive, and vice versa. The half-duplex mode is like a one-
lane road with traffic allowed in both directions. When cars are traveling in one direction, cars
going the other way must wait. In a half-duplex transmission, the entire capacity of a channel is
taken over by whichever of the two devices is transmitting at the time. Walkie-talkies where only
one person can speak at a time, and the other must listen. and CB (citizens band) radios are both
half-duplex systems. The half-duplex mode is used in cases where there is no need for
communication in both directions at the same time; the entire capacity of the channel can be
utilized for each direction.

Fig: Half –Duplex Mode

3
 Unit1

Full-Duplex
In full-duplex mode also called duplex, both stations can transmit and receive
simultaneously. The full-duplex mode is like a two-way street with traffic flowing in both
directions at the same time. In full-duplex mode, signals going in one direction share the capacity
of the link: with signals going in the other direction. This sharing can occur in two ways: Either the
link must contain two physically separate transmission paths, one for sending and the other for
receiving; or the capacity of the channel is divided between signals traveling in both directions.
One common example of full-duplex communication is the telephone network. When two people are
communicating by a telephone line, both can talk and listen at the same time. The full-duplex mode
is used when communication in both directions is required all the time. The capacity of the channel,
however, must be divided between the two directions.

Fig: Full–Duplex Mode

IN A NUTSHELL
 Unit1

Network Applications
Computer systems and peripherals are connected to form a network. They provide numerous advantages:
Resource sharing such as printers and storage devices
Exchange of information by means of e-Mails and FTP
Information sharing by using Web or Internet
Interaction with other users using dynamic web pages
IP phones
Video conferences
Parallel computing
Instant messaging

Networks
A network is a collection of nodes connected by communication links. A node can be a
computer, printer, or any other device capable of sending and/or receiving data generated by other
nodes on the network. A communication link is a transmission medium between these nodes.

Distributed processing
Most networks use distributed processing, in which a task is divided among multiple computers.
Instead of one single large machine being responsible for all aspects of process, separate computers
(usually a personal computer or workstation) handle a subset.

Network criteria
Most of the time, networks are used to transmit sensitive data. So, a network must be able to
meet a certain number of criteria. The most important of these are performance, reliability,
and security.

Performance
Performance can be measured in many ways, including transit time and response time. Transit time
is the amount of time required for a message to travel from one device to another. Response time is
the elapsed time between an inquiry and a response. The performance of a network depends on a
number of factors, including the number of users, the type of transmission medium, the capabilities
of the connected hardware, and the efficiency of the software. Performance is often evaluated by
two networking metrics: throughput and delay. We often need more throughputs and less delay.
However, these two criteria are often contradictory. If we try to send more data to the network, we
may increase throughput but we increase the delay because of traffic congestion in the network.

Reliability
In addition to accuracy of delivery, network reliability is measured by the frequency of failure, the
time it takes a link to recover from a failure, and the network's robustness in a catastrophe.

Security
Network security issues include protecting data from unauthorized access, protecting data from
damage and development, and implementing policies and procedures for recovery from breaches
and data losses.
 Unit1

Physical Structures
 Types of Connections
 Physical Topology

Types of Connections
A network is two or more devices connected through links. A link is a communications path
way that transfers data from one device to another. For visualization purposes, it is simplest to
imagine any link as a line drawn between two points. For communication to occur, two devices
must be connected in some way to the same link at the same time. There are two possible types of
connections:
 point-to-point
 multipoint.

Point-to-Point
 A point-to-point connection provides a dedicated link between two devices. The entire capacity
of the link is reserved for transmission between those two devices.
 Most point-to-point connections use an actual length of wire or cable to connect the two ends,
but other options, such as microwave or satellite links, are also possible.
Example: When you change television channels by infrared remote control, you are establishing
a point-to-point connection between the remote control and the television's control system.

Fig: Point-to-Point Connection

Multipoint
 Multipoint A multipoint (also called multi drop) connection is one in which more than two
specific devices share a single link.
 In a multi point environment, the capacity of the channel is shared, either spatially or temporally.
 If several devices can use the link simultaneously, it is a spatially shared connection. If users
must take turns, it is a timeshared connection.
Example: Bus topology is the classic example where all devices connect to a single cable.

Fig: Multi-Point Connection

 Unit1

Physical Topology
 Topology refers to the way in which the network of computers is connected.
 Each topology is suited to specific tasks and has its own advantages and disadvantages.
 The choice of topology is dependent upon type and number of equipment being used, planned
applications and rate of data transfer required, response time, and cost.
 Topology can also be defined as the geometrically interconnection pattern by which the stations
(nodes/computers) are connected using suitable transmission media

Different Types of Topologies:

 Mesh
 Bus
 Star
 Ring
 Tree
 Unconstrained

Mesh Topology
 In this topology each node or station is connected to every other station.
 Two nodes are connected by dedicated point-point links between them. So the total number of
links to connect n nodes = n(n-1)/2; which is proportional to n2.
 Media used for the connection (links) can be twisted pair, co-axial cable or optical fiber.
 With this topology there is no need to provide any additional information that is from where the
packet is coming, along with the packet because two nodes have a point-point dedicated link
between them.

Fig: Mesh Topologywith4and5nodes

Advantages
A mesh offers several advantages over other network topologies.
 First, the use of dedicated links guarantees that each connection can carry its own data load.
 Second, a mesh topology is robust. If one link becomes unusable, it does not incapacitate
the entire system.
 Third, there is the advantage of privacy or security. When every message travels along a
dedicated line, only the intended recipient sees it.
 Finally, point-to-point links make fault identification and fault isolation easy.

Disadvantages
The main disadvantages
 Mesh are related to the amount of cabling and the number of I/O ports required.
Installations and reconnections are difficult.
 Wiring can be greater than the available space (in walls, ceilings, or floors).
 Finally, the hardware required to connect each link (I/O ports and cable) can be expensive.
 Unit1

Bus Topology
 In Bus Topology, all stations attach through appropriate hardware interfacing known as a tap,
directly to a linear transmission medium, or bus.
 Full-duplex operation between the station and the tap allows data to be transmitted on to the bus
and received from the bus.
 A transmission from any station propagates the length of the medium in both directions and can
be received by all other stations.
 At each end of the bus there is a terminator, which absorbs any signal, preventing reflection of
signal from the end points. If the terminator is not present, the end point acts like a mirror and
reflects the signal back causing interference and other problems.

Fig: Bus Topology

Advantages
Advantages of a bus topology include
 Ease of installation.
 Back bone cable can be laid along the most efficient path, and then connected to the nodes
by drop lines of various lengths.
 Only the back bone cable stretches through the entire facility.
 Each drop line has to reach only as far as the nearest point on the backbone.

Disadvantages
Disadvantages include
 Difficult reconnection and fault isolation.
 A bus is usually designed to be optimally efficient at installation. It can therefore be
difficult to add new devices.
 Signal reflection at the taps can cause degradation in quality.
 Adding new devices may therefore require modification or replacement of the backbone.

Star Topology
 In the star topology, each station is directly connected to a common central node generally
called as HUB.
 Typically, each station attaches to a central node, referred to as the star coupler, via two point-
to-point links, one for transmission and one for reception.
 In general, there are two alternatives for the operation of the central node.
 One approach is for the central node to operate in a broadcast fashion. A transmission of a
frame from one station to the node is retransmitted on all of the outgoing links.
 Another approach is for the central node to act as a frame-switching device. An incoming frame
is buffered in the node and then retransmitted on an outgoing link to the destination station.
 Unit1

Fig: Star Topology with4 and5nodes

Advantages
 A star topology is less expensive than a mesh topology.
 In a star, each device needs only one link and one I/O port to connect it to any number of
others. This factor also makes it easy to install and reconfigure.
 Other advantages include robustness. If one link fails, only that link is affected. All other
links remain active. This factor also lends itself to easy fault identification and fault
isolation.
 As long as the hub is working, it can be used to monitor link problems and bypass defective
links.

Disadvantages
 One big disadvantage of a star topology is the dependency of the whole topology on one
single point, the hub.
 If the hub goes down, the whole system is dead.
 Although a star requires far less cable than a mesh, each node must be linked to a central
hub. For this reason, often more cabling is required in a star than in some other topologies.

Ring Topology
 In the ring topology, the network consists of a set of repeaters joined by point-to-point links in a
closed loop.
 The repeater is a comparatively simple device, capable of receiving data on one link and
transmitting them, bit by bit, on the other link as fast as they are received, with no buffering at the
repeater.
 The links are unidirectional; that is data are transmitted in one direction only and all are
oriented in the same way. Thus, data circulate around the ring in one direction (clock wise or
counterclockwise).
 Each station attaches to the network at a repeater and can transmit data on to the network
through that repeater. As with the bus and tree, data are transmitted in frames.

Fig: Ring Topology

 Unit1

Repeater: Repeater works in the following three modes:

 Listen mode: In this mode, the station listens to the communication going over the shared
medium.
 Transmit mode: In this mode the station transmit the data over the network.
 By-Passmode: When the node is faulty then it can be by passed using the repeater in by pass
mode, i.e. the station doesn’t care about what data is transmitted through the network.

Advantages
 A ring is relatively easy to install land reconfigure.
 Each device is linked to only its immediate neighbors (either physically or logically).
 To add or delete a device requires changing only two connections. In addition, fault isolation is
simplified.
 Generally in a ring, a signal is circulating at all times.
 If one device does not receive a signal within a specified period, it can issue an alarm.
 The alarm alerts the network operator to the problem and its location.

Disadvantages
However,
 Unidirectional traffic can be a disadvantage.
 In a simplering, a break in the ring (such as a disabled station)can disable the entire
network. This weakness can be solved by using a dual ring or a switch capable of closing
off the break.
Tree Topology
 This topology can be considered as an extension to bus topology. It is commonly used in
cascading equipments.
 For example, you have a repeater box with 8-port, as far as you have eight stations, this can be
used in a normal fashion. But if you need to add more stations then you can connect two or more
repeaters in a hierarchical format (tree format) and can add more stations. In the figure R1 refers to
repeater one and so on and each repeater is considered to have 8-ports.
 This tree topology is very good in an organization as incremental expansion can be done in this
way.
 Main features of this topology are scalability and flexibility. This is because, when the need
arises for more stations that can be accomplished easily without affecting the already established
network.
 Unit1

Fig: Tree Topology

Unconstrained Topology
 All the topologies discussed so far are symmetric and constrained by well- defined
interconnection pattern. However, sometimes no definite pattern is followed and nodes are
interconnected in an arbitrary manner using point-to-point links as shown in Figure.
 Unconstrained topology allows a lot of configuration flexibility but suffers from the complex
routing problem.
 Complex routing involves unwanted overhead and delay.

Fig: Unconstrained Topology

Hybrid Topology
A network can be hybrid. For example, we can have a main star topology with each branch connecting
several stations in a bus topology as shown in Figure.

Fig: Hybrid Topology

 Unit1

Network Components

Components of Computer Networks

The key parts that are required to install a network are included in the components of the Computer
network. From simple to complex there are numerous types of networks in Computer networks.The
components that we need to install for a network mainly depend upon the type of Network. We can
also remove some network components according to our needs.

For example: In order to establish a wireless network there is no need for cables.

Given below is a list of components of a Computer Network:

 Network Interface Card(NIC)

 HUB

 Switch

 Repeater

 Router

 Modem

 Server

 Bridge
 Unit1

1. Network Interface Card(NIC)

 NIC mainly provide the physical interface between computer and cabling.NIC prepares data,
sends the data, and controls the flow of data. It can also receive and translate the data into bytes
for the CPU to understand.

 NIC is a hardware component that is mainly used to connect one computer with another on a
Network.

 The main role of NIC is to move the serial signals on the network cables or media into parallel
data streams inside the PCs.

 Transfer rate supported by NIC is 10Mb/s,100Mb/s,1000Mb/s.

 Two or more NIC’s are used in the server in order to split the load.

 The main job of NIC is controlling access to the media.

 NIC can be wired or wireless. In wired NIC, there are cables and connectors that act as a
medium to transfer data. While in the wireless card, the connection is generally made using an
antenna that uses radio-wave technology

Factors to be taken into consideration when choosing a NIC:

1.Preparing data
2. Sending and Controlling data

3.Configuration

4. Drivers

5.Compatability

6.Performance

2. Hub

 Hubs are those devices that are used to link several computers together. Hubs repeat one signal
that comes in on one port and then copies it to other ports.

 A network hub is basically a centralized distribution point for all the data transmission in a
network.

 Hub is a passive device.

 The hub receives the data and then rebroadcasts the data to other computers that are connected
to it. Hub mainly does not know the destination of a received data packet. Thus it is required to
send copies of data packets to all the hub connections.
 Also, Hubs consumes more bandwidth on the network and thus limits the amount of
communication.

 One disadvantage of using hubs is that they do not have the intelligence to find out the best
path for the data packets which then leads to inefficiencies and wastage.
 Unit1

Types of Hub

1. Active Hub:

Active Hubs make use of electronics in order to amplify and clean up the signals before they are
broadcast to other ports. Active Hubs are mainly used to extend the maximum distance between
nodes. It works both as a wiring center as well as a repeater.

2. Passive Hub:

Passive Hubs are those hubs that connect only to Active Hubs. Passive Hubs are simply used to
connect all ports together electrically and these are usually not powered. These hubs are cheaper
than Passive hub. Passive hubs neither amplifies the signal nor regenerates the signal.

3. Intelligent Hub:

Intelligent hubs give better performance than active and passive hubs. Nowadays Intelligent hubs
are widely used and are in more demand than active and passive hubs. These hubs are mainly used
to connect various devices. It supports amplification and regeneration of signals at any point of
incoming signals.
Intelligent hub sustains the network along with the selection path. The tasks of both passive and
active are manageable by the intelligent hub.

With the help of an Intelligent hub, the Speed and efficiency of the whole network increases which
helps to gain the fast and efficient performance of the network.

3. Switch

 Switch mainly resembles a Hub. It is a layer-2 device and it is used for the intelligent
forwarding of messages. By intelligent we mean the decision-making ability of the switch. As
hub works in the way by sending data to all ports on the device, whereas the switch sends the
data to only that port that is connected with the destination device.

 The switch is a network component and is mainly used to connect the segments of the network.

 The switch is more intelligent than the network hub.

 Mainly Switches are capable of inspecting the data packets as soon as they are received, then
determine the source and destination of that packet, and then forward it appropriately.

 Switch differs from the hub as it also contain sports of different speeds.

 Before forwarding the data to the ports switch performs the error checking and this feature
makes the switch efficient.

 As the switch delivers the message to the connected device it was intended for, thus it
conserves the bandwidth of the network and offers better performance than the hub.

 The most important feature of the switch is that it supports unicast(one to one), multicast(one
to many), and broadcast(one to all) communications.

 The switch makes use of MAC address in order to send data packets to the selected destination
ports.
 Unit1

Switches are categorized into 4:

A. Managed Switch

These are expensive switches and are mainly used in those organizations that have large and
complex networks. Managed switches are configured using the Simple Network Management
Protocol (SNMP). These switches provide a high level of security, complete management of the
network thus beside their expensiveness these are used in large organizations because they provide
high scalability and flexibility

B. Unmanaged Switch

These are cheap switches and are mainly used in home networks and in small businesses. The
unmanagedswitchdoesnotneedtobeconfigured.Unmanagedswitchescanbeeasilysetupjustby plugging
them into the network, after plugging they instantly start operating.

C. PoESwitch
These are referred to as Power over Ethernet switches. With the help of the PoE technology, these
switches combine the data and power transmission over the same cable, and with the help of that
devices connected to this switch are able to receive both electricity as well as data over the same
line. Thus PoE switches offer more flexibility.

D. LAN Switch

LAN switch is referred to as Local Area Network switch and it is mainly used to connect devices in
theinternallocalareanetworkofanorganization.Thesearehelpfulinreducingnetworkcongestion.
Bandwidth with these switches is allocated in a manner such that there is no overlapping of data
packets in the network.

4. Repeater

 The repeater is a Physical layer device. As the name suggests, the repeater is mainly used to
regenerate the signal over the same network and it mainly regenerates before the signal gets
corrupted or weak.

 They are incorporated into the networks in order to extend the coverage area. Repeaters can
connect signals by making the use of different types of cables.

 Repeaters are cost-effective.

 Repeaters are very easy o install, and after their installation, they can easily extend thecoverage
area of the network.

 But there is a problem with repeaters and it is they cannot those networks that are not of the
same type.

 Repeaters do not help to reduce the traffic in the network.

 Unit1

Types of Repeaters:
Types of repeaters that are available are as follows:
A. Analog Repeaters
These are only used to amplify the analog signals.
B. Digital Repeaters
These are only used to amplify digital signals.
C. Wired Repeaters
These repeaters are mainly used in wired Local area networks.
D. Wireless Repeaters
These are mainly used in wireless local area networks and also in cellular networks.
E. Local Repeaters
These are used to connect segments of a local area network that are separated by a small distance.
F. Remote Repeaters
These are mainly used to connect those local area networks that are far away from each other.

5. Router

 The router is a network component that is mainly used to send or receive data on the computer
network. The process of forwarding data packets from the source to the destination is referred
to as Routing.

 The router is a Network Layer (i.eLayer3) device.

 The main responsibilities of the router are receiving data packets, analyzing them, and then
forwarding the data packets among the connected computer networks.

 Whenever any data packet arrives, then first of all the router inspects the destination address
and then consults with its routing tables in order to decide the optimal route and then transfers
the packet along this route towards the destination.

 Routers are mainly used to provide protection against broad cast storms.

 Routers are expensive than a hub, switches, repeaters ,and bridges.

 Routers can also connect different networks together and thus data packets can also be sent
from one network to another network.

 Routers are used in both LAN as well as in WAN(wide area network).

 Routers share data with each other in order to prepare and refresh the routing tables.

Types of Routers:

Different types of routers areas follow:

1. Core Routers

Core routers are mainly used by service providers (like AT&T, Vodafone) or by cloud providers
like (Amazon, Microsoft, and Google). Core Routers provide maximum bandwidth so as to connect
additional routers or switches. Core routers are used by large organizations.

2. Edge Routers

An edge router is also known as a Gateway router or gateway simply. The gateway is the network's
outermost point of connection with external networks and also includes the Internet. These routers
 Unit1

are mainly used to optimize bandwidth and are designed in order to connect to other routers so as to
distribute data to end-users. Border Gateway protocol is mainly used for connectivity by edge
routers.

These are further categorized into two:

Subscriber edge routers

label edge routers.

3. Brouters

Brouter means bridging routing device. These are special routers and they also provide
functionalities of bridges. They perform the functioning of the bridge as well as of router; like a
bridge, these routers help to transfer data between networks, and like the router, they route the data
within the devices of a network.

4. Broad band Routers

It is a type of networking device that mainly allows end-users to access broadband Internet from an
Internet service provider (ISP). The Internet service provider usually provides and configures the
broadband router for the end-user.

5. Distribution Routers

These routers mainly receive the data from the edge router (or gateway) via a wired connection and
then sends it on to the end-users with the help of Wi-Fi.

6. Wireless Routers

These routers combine the functioning of both edge routers and distribution routers. These routers
mainly provide a WiFi connection to WiFi devices like laptops, smart phones, etc. These routers
also provide the standard Ethernet routing. For indoor connections, the range of these routers is150
feet while for outdoor connections it is 300 feet.

6. Modem

 The modem is basically a hardware component that mainly allows a computer or any other
device like a router, switch to connect to the Internet. A modem is basically a shorthand formof
Modulator-Demodulator.

 One of the most important functions of the modem is to convert analog signals into digital
signals and vice versa. Also, this device is a combination of two devices: modulator and
demodulator.Themodulatormainlyconvertsthedigitaldataintoanalogdataatthetimewhen the data
is being sent by the computer.

 The demodulator basically converts the analog data signals into digital data at the time whenit
is being received by the computer.

7. Server

A Server is basically a computer that serves the data to other devices. The server may serve data to
other devices or computers over a local area network or on a Wide area network with the help ofthe
Internet. There can be virtual servers, proxy servers, application servers, web servers, database
 Unit1

servers, file servers, and many more.

Thus servers are mainly used to serve the requests of other devices. It can be hardware or software.

8. Bridge

It is another important component of the computer network. The bridge is also a layer-2( that is
data link layer device). A bridge is mainly used to connect two or more local area networks
together. These are mainly used as they help in the fast transferring of the data.

But these are not versatile like routers.

Thus Bridge can mainly transfer the data between different protocols (i.e. a Token Ring and
Ethernet network) and operates at the data link layer or level 2 of the OSI (Open Systems
Interconnection) networking reference model as told above.

Bridges are further divided into two:

Local bridge

These are ordinary bridges.

Remote bridges

These are mainly used to connect networks that are at a distance from each other. Generally Wide
Area Network is provided between two bridges

Some Bridge protocols are spanning tree protocol, source routing protocol, and source routing
transparent protocol.

Network Types

Different Types of Computer Networks

There are various types of Computer Networking options available. The classification of network in
computers can be done according to their size as well as their purpose.

The size of a network should be expressed by the geographic area and number of computers, which
are a part of their networks. It includes devices housed in a single room to millions of devices
spread across the world. Following are the popular types of Computer Network:
 Unit1

Some of the most popular computer network types are:

 PAN(Personal Area Network)

 LAN(Local Area Network)

 MAN(Metropolitan Area Network)

 WAN(Wide Area Network)

What is PAN(Personal Area Network)?

PAN (Personal Area Network) is a computer network formed around a person. It generally consists
of a computer, mobile, or personal digital assistant. PAN can be used for establishing
communication among these personal devices for connecting to a digital network and the internet.

Characteristics of PAN

 It is mostly personal devices network equipped within a limited area.

 Allows you to handle the interconnection of IT devices at the surrounding of a single user.

 PAN includes mobile devices, tablet, and laptop.

 It can be wirelessly connected to the internet called WPAN.

Appliances use for PAN: cordless mice, keyboards, and Bluetooth systems.

Advantages of PAN

Here are the important pros/benefits of PAN network:

1. PAN networks are relatively secure and safe

2. It offers only short-range solution up to ten meters

3. Strictly restricted to a small area

Disadvantages of PAN

1. It may establish a bad connection to other networks at the same radio bands.

Distance limits.

What is a LAN (Local Area Network)?

A Local Area Network (LAN) is a group of computer and peripheral devices which are connected
in a limited area such as school, laboratory, home, and office building. It is a widely useful network
for sharing resources like files, printers, games, and other application. The simplest type of LAN
network is to connect computers and a printer in someone’s home or office. In general, LAN will
be used as one type of transmission medium. It is a network which consists of less than 5000
interconnected devices across several buildings.
 Unit1

Local Area Network (LAN)

Characteristics of LAN
Here are the important characteristics of a LAN network:

 It is a private network, so an outside regulatory body never controls it.

 LAN operates at a relatively higher speed compared to other WAN systems.
 There are various kinds of media access control methods like token ring and ethernet.

Advantages of LAN
Here are the pros/benefits of LAN:

 Computerresourceslikehard-disks,DVD-ROM,andprinterscansharelocalareanetworks. This
significantly reduces the cost of hardware purchases.
 You can use the same software over the network instead of purchasing the licensed software
for each client in the network.
 Data of all network users can be stored on a single hard disk of the server computer.
 You can easily transfer data and messages over networked computers.
 It will be easy to manage data at only one place, which makes data more secure.
 Local Area Network offers the facility to share a single internet connection among all the
LAN users.

Disadvantages of LAN
Here are the cons/drawbacks of LAN:
 LAN will indeed save cost because of shared computer resources, but the initial costof
installing Local Area Networks is quite high.
 The LAN admin can check personal data files of every LAN user, so it does not offer good
privacy.
 Unauthorized users can access critical data of an organization in case LAN admin is not
able to secure centralized data repository.
 Local Area Network requires a constant LAN administration as there are issues related to
software setup and hardware failures
 Unit1

What is WAN (Wide Area Network)?

WAN (Wide Area Network) is another important computer network that which is spread across a
large geographical area. WAN network system could be a connection of a LAN which connects
with other LAN’s using telephone lines and radio waves. It is mostly limited to an enterprise or an
organization.

Wide Area Network (WAN)

Characteristics of WAN
Below are the characteristics of WAN:
The software files will be shared among all the users; therefore, all can access to the latest files.
 Any organization can form its global integrated network using WAN.

Advantages of WAN
Here are the benefits/pros of WAN:

 WAN helps you to cover a larger geographical area. Therefore business offices situated at
longer distances can easily communicate.
 Contains devices like mobile phones, laptop, tablet, computers, gaming consoles, etc.
 WLAN connections work using radio transmitters and receivers built into client devices.

Disadvantages of WAN
Here are the drawbacks/cons of WAN network:

 The initial setup cost of investment is very high.

 ItisdifficulttomaintaintheWANnetwork.Youneedskilledtechniciansandnetwork
administrators.
 Unit1

 Therearemoreerrorsandissuesbecauseofthewidecoverageandtheuseofdifferent technologies.
 Itrequiresmoretimetoresolveissuesbecauseoftheinvolvementofmultiplewiredand wireless
technologies.
 Offers lower security compared to other types of network in computer.

What is MAN (Metropolitan Area Network)?

A Metropolitan Area Network or MAN is consisting of a computer network across an entire city,
college campus, or a small region. This type of network is large than a LAN, which is mostly
limited to a single building or site. Depending upon the type of configuration, this type of network
allows you to cover an area from several miles to tens of miles.

Metropolitan Area Network(MAN)

Characteristics of MAN
Here are important characteristics of the MAN network:

 It mostly covers towns and cities in a maximum50km range

 Mostly used medium is optical fibers, cables
 Data rates adequate for distributed computing applications.

Advantages of MAN
Here are the pros/benefits of MAN network:

 It offers fast communication using high-speed carriers, like fiber optic cables.
 It provides excellent support for an extensive size network and greater access to WANs.
 ThedualbusinMANnetworkprovidessupporttotransmitdatainbothdirections concurrently.
 A MAN network mostly includes some areas of a city or an entire city.

Disadvantages of MAN
Here are drawbacks/cons of using the MAN network:

 You need more cable to establish MAN connection from one place to another.
 In MAN network it is tough to make the system secure from hackers

Other Types of Computer Networks

Apart from above mentioned computer networks, here are some other important types of networks:
 Unit1

 WLAN( Wireless Local Area Network)

 Storage Area Network
 System Area Network
 Home Area Network
 POLAN-Passive Optical LAN
 Enterprise private network
 Campus Area Network
 Virtual Area Network

Let’s see all these different types of networks in detail:

1) WLAN
WLAN (Wireless Local Area Network) helps you to link single or multiple devices using wireless
communication within a limited area like home, school, or office building. It gives users an ability
to move around within a local coverage area which may be connected to the network. Today most
modern day’s WLAN systems are based on IEEE 802.11 standards.

2) Storage-Area Network (SAN)

A Storage Area Network is a type of network which allows consolidated, block-level data storage.
It is mainly used to make storage devices, like disk arrays, optical jukeboxes, and tape libraries.
3) System-Area Network
System Area Network is used for a local network. It offers high-speed connection in server-to-
server and processor-to-processor applications. The computers connected on a SAN network
operate as a single system at quite high speed.

4) Passive Optical Local Area Network

POLAN is a networking technology which helps you to integrate into structured cabling. It allows
you to resolve the issues of supporting Ethernet protocols and network apps.

POLAN allows you to use optical splitter which helps you to separate an optical signal from a
single-mode optical fiber. It converts this single signal into multiple signals.

5) Home Area Network (HAN)

A Home Area Network is always built using two or more interconnected computers to form a local
area network (LAN) within the home. For example, in the United States, about 15 million homes
have more than one computer.

These types of network connections help computer owners to interconnect with multiple computers.
This network allows sharing files, programs, printers, and other peripherals.

6) Enterprise Private Network

Enterprise private network (EPN) networks are build and owned by businesses that want to
securely connect numerous locations in order to share various computer resources.

7) Campus Area Network (CAN)

A Campus Area Network is made up of an interconnection of LANs within a specific geographical
area. For example, a university campus can be linked with a variety of campus buildings to connect
all the academic departments.
 Unit1

8) Virtual Private Network

A VPN is a private network which uses a public network to connect remote sites or users together.
The VPN network uses “virtual” connections routed through the internet from the enterprise’s
private network or a third-party VPN service to the remote site.

It is a free or paid service that keeps your web browsing secure and private over public WiFi
hotspots.

Network Communication Types

1. Single Strand or Chain Network

In this, a single person converses with just that one person.

 Because of the scalar chain of command’s direct vertical message flow, this network
operates relatively slowly.
 It can move in a straight line from top to bottom or from bottom to top. It is one of the types
of communication networks.
 As a result, communication occurs through official channels, such as from superior to
subordinate and vice versa.
 In the chain network, there is no horizontal communication.
 Unit1

2. Wheel Communication Network

The wheel network represents the communication pattern that allows subordinates to communicate
with and through one management.

All communications must go via the manager, who serves as the network’s central authority and
resembles the hub of a wheel, hence the name “wheel network.”

3. Circular Communication Network

The message circulates in a circle in a circular network. A circular network’s main drawback is that
communication takes longer. Only two neighbors can communicate with each other at a time.

4. Free Flow Communication Network

The flow of information is unrestricted in such an organizational structure and organizational
appraisal.

 Everyone in the company is allowed to communicate with anyone and everyone else.
 This network is either unstructured or informational.
 It’s incredibly adaptable.

5. Y Communication Network
Information moves in this centralized network via predetermined paths. These networks might be
suitable for straightforward tasks requiring little interaction between group members.
 Unit1

As most people belong to many networks, different networks emerge in real life. The financial
manager, for instance, might be at the hub of a chain and involved in the wheel and circle networks.
As a result, modern enterprises use a variety of network arrangements.
Introduction to Networking Models
1. OSI Model:

Open System Interconnect is an open standard for all communication systems. OSI model is
established by International Standard Organization (ISO). This model has seven layers:

Application Layer: This layer is responsible for providing interface to the application user. This
layer encompasses protocols which directly interact with the user.

Presentation Layer: This layer defines how data in the native format of remote host should be
presented in the native format of host.
Session Layer: This layer maintains sessions between remote hosts. For example, once
user/password authentication is done, the remote host maintains this session for a while and does
not ask for authentication again in that time span.

Transport Layer: This layer is responsible for end-to-end delivery between hosts.

Network Layer: This layer is responsible for address assignment and uniquely addressing hosts in
a network.
 Unit1

Data Link Layer: This layer is responsible for reading and writing data from and onto the line.
Link errors are detected at this layer.

Physical Layer: This layer defines the hardware, cabling, wiring ,power output, pulse rate etc.

TCP/IP model:

1. The TCP/IP model was developed prior to the OSI model.

2. The TCP/IP model is not exactly similar to the OSI model.

3. The TCP/IP model consists of five layers: the application layer, transport layer ,network

layer, data link layer and physical layer.

4. The first four layers provide physical standards, network interface, internet working,

and transport functions that correspond to the first four layers of the OSI model and these

four layers are represented in TCP/IP model by a single layer called the application layer.

5. TCP/IP is a hierarchical protocol made up of interactive modules, and each of them

provides specific functionality.

6. Here, hierarchical means that each upper-layer protocol is supported by two or more

lower-level protocols.

Functions of TCP/IP layers:

 Unit1

Main difference between TCP/IP and OSI Model:

1. TCP/IP Model is a communication protocols suite using which network devices can be

connected to the Internet. On the other hand, the OSI Model is a conceptual framework, using

which the functioning of a network can be described.

2. TCP/IP vs. OSI: TWO are the different layers

The TCP/IP Model comprises four layers: Network Interface, Internet, Transport and

Application. The OSI Model comprises even layers: Physical, Data Link, Network , Transport,

Session, Presentation and Application.

3. TCP/IP apart of the OSI Model

ThereisaseparatelayerforDataLinkandPhysicalintheOSIModel,whereas,theTCP/IPhas a single

Network Interface layer for the same. Similarly, there is Application, Presentation and Session

layers in OSI, which are combined into one layer (Application) for TCP/IP.

4. TCP/IP vs OSI: Which came first

Among TCP/IP and OSI, the Open Systems Interconnection model was introduced by the

InternationalOrganisationofStandardizationin1984andtheTCP/IPmodelwasintroduced about 10

years before that.

Similarities between the OSI and TCP/IP model:

The following are the similarities between the OSI and TCP/IP model:

1. Share common architecture

Both the models are the logical models and having similar architectures as both the models are

constructed with the layers.

2. Define standards

Both the layers have defined standards, and they also provide the framework used for

implementing the standards and devices.

3. Simplified trouble shooting process

Both models have simplified the troubleshooting process by breaking the complex function into

simpler components.

4. Pre-defined standards
 Unit1

The standards and protocols which are already pre-defined; these models do not redefine them;

they just reference or use them. For example, the Ethernet standards were already defined by the

IEEE before the development of these models; instead of recreating them, model shave used

these pre-defined standards.

5. Both have similar functionality of 'transport' and 'network' layers

The function which is performed between the 'presentation' and the 'network' layer is similar

to the function performed at the transport layer.

 Unit1

Cyber Security
Cyber security is the practice of protecting systems, networks, and programs from digital attacks.
These cyber attacks are usually aimed at accessing, changing, or destroying sensitive information.

Network security can be simply defined as protection of data during their transmission over the
network from unauthorized party. It is susceptible to attacks by unauthorized party, both from inside
and outside the network. But network security is generally taken as providing protection at the
boundaries of an organization.

Information security on the other hand, is a somewhat more general concept of being sure
information systems have (CIA) confidentiality, integrity, and availability.
This can include network security as well as cryptography, access control (not only who has access
but what they can do), physical security, and more. It covers everything from the earliest encryption
codes to how computers are locked down.

How can we provide network security?

 The most important tool for network security is cryptography.
 Using the cryptography tool we can provide a security for network system

Aspects of Security: The aspects of information security is

 Security attack
 Security service
 Security mechanism
Security attack:

Any action that compromises the security of information owned by an organization is called security
attack. Security attacks are usually classified in to two types:
 Passive attack
 Active attack
 Unit1

Passive attack:

In a passive attack, the attacker’s goal just to obtain information. This means that the attack does
not modify data or harm the system (means sender & receiver and their communication). The
system continues with its normal operations.

However, the attack may harm the sender or the receiver of the message, but the system is not
affected. Here the system is not affected, for this reason, it is difficult to detect this type of attack
until the sender or receiver finds out about the leaking of confidential information

 This attack threaten confidentiality

 This attack can be prevented by encipherment of data
 Interception is a passive attack
Passive attacks are:

 Snooping(Release of message content)

 Traffic analysis
1. Snooping:

o Snooping refers to unauthorized party access to or interception of data is called

snooping
o To prevent snooping, the data can be made non-intelligible to the interceptor by
using encipherment techniques.
Example:

A file transferred through the internet may contain confidential information. An unauthorized entity
may intercept the transmission and use the content for his/her own benefit.

2. Traffic analysis:

Suppose that we had a way of masking (encipherment) the content of message (data). The masking
message is non-intelligible to the interceptor, but the interceptor can obtain information by
monitoring online traffic.
Example:

Interceptor can find e-mail address of the sender or the receiver. She can collect the pair of requests
and responses to help her nature of transaction.
 Unit1

Active attack:

In active attack, the attacker’s goal is not only obtain information and may change the data or
harm the system. Here the system is affected, for this reason, it is normally easier to detect then to
prevent this attack threaten the integrity, availability and authenticity. Interruption, modification,
fabrication are active attacks.

Active attacks are:

• Modification
• Masquerading or spoofing
• Replaying
• Repudiation
• Denial of service
1.Modification:
An unauthorized party not only accessing the information and also modifies(tampers)the information and
send to destination is called modification.

Example:
A customer sends a message to a bank to do some transaction. The attacker intercepts the message
and changes the transaction to benefit herself.

Real time examples:

 Website Defacement in which the attackers modify a website’s HTML,CSS or JavaScript to

display unauthorized content,redirect users to malicious sites, or deface the site’s appearance.
 Software Tampering:cybercriminals can modify software binaries or liabraries to insert
malicious code such as backdoors or keyloggers,enablin them to gain remote access or steal
sensitive information.
 Unit1

Preventions
 Code Signing and Verification: Ensure software and firmware are digitally signed allows for
verification of their authemticity and integrity,preventing the execution of modified code.
 Regular Software Updates:keeping software and systems up-to-date with the latest security
patches helps mitigate vulnerabilites that attackers might exploit to modify code.
 Access control and Authentication: impementing strong access control measures, such as multi-
facto authentication and role-based aaccess,restricts unauthorized modification of code and data

2. Masquerading:

An unauthorized entity act like as source entity to counter fit objects into the system to gain some
information in called masquerading or spoofing.( its like the intruder was arrested for masquerding
as a doctor and trying to steal another women’s baby)
Some time the attacker act like source and gain the confidential information from the receiver for
their own benefits.
For example, from an employee; or from an outside user through some connection to the public
network. Weak authentication provides one of the easiest points of entry for a masquerade, since it
makes it much easier for an attacker to gain access. Once the attacker has been authorized for entry,
they may have full access to the organization's critical data, and (depending on the privilege level
they pretend to have) may be able to modify and delete software and data, and make changes to
network configuration and routing information.

Real Time Examples :

Renamaing files: changing name of a malicious executable to resemble a sommon system file ,like
Svchost.exe or powershell.exe
Changing file extensions:
Using double exetensions (e.g. document.tx.exe) or disguising an executable as a data file(e.g.
report.pdf.exe)
Examples in Coding :
File metadata manipulation:changing file names,icons or descriptions to make malicious file
appear legitimate
Code obfuscation: making malicious code difficult to understand by using techniques like
renaming variable or functions
Website spoofing: create fake websites that mimic legitimates ones to trick user into entering
their credentials

Prevention:
Strong Authentication : implement multi-factor authentication and roubust password policies.
Security Awareness Training: Educate users about the risk of phishing and other social
engineering tactics
Regular Security Audits:Conduct regular security assessments to idntify vulnerabilites and
weakness.
Intrusion Detection Systems: utilize intrusion detection systems to monitor network traffic and
detect suspicious activity.
 Unit1

3. Replaying:

Replaying is another type of attack. In this attack the attacker obtain a copy of the message sent by
user and later tries to replay it.attacker involves intercepting and retransmitting valid data(like login
credentials or session token) to gain unauthoirzed access or disrupt a system

Example:
Banking Trasnactions: A person sends a request to her bank to ask for payment from the bank.
In middle the attacker intercept the message and sends it again to receive another payment from
the bank.
Prevention: using one time password or multi-factor authentication adds an extra layer of
security and makes replay attack less effective.

Transaction replay:
A customer makes a purchase, and the attacker captures the transaction detials.they then replay
this transaction ,causing the customer to be charged multiple times for the same purchase

4. Repudiation:

This type of attack is different from other attacks because it is performed by one of the two parties
in the communication: the sender or receiver. Repudiation is denying that you have sent or released
a message, or denying that you have received or read message.

Real time Examples:

Message Repudiation:
An attacker sendsa malicious email,then later denies sending it,potentially causing significant damage to
the recipient or their organization.

An example denial by the sender would be a bank customer asking her bank to send some money
to a third party but later denying that she has made such a request.

An example denial by the receiver could occur when a person buys a product from a
manufacturer and pays for it electronically, but the manufacturer later denies having received
the payment and ask to be paid.
Prevention:
 implement strong authentication
 Robust logging mechanisims
 Data integrity controls
 Access controls etc.,
 Unit1

Denial of service:

Denial of service (DoS) is very common attack. It may slow down or totally interrupt the service of
the system.i.e it is an attempt to make computer resource unavailable to its intended users.

The attacker can use several strategies to achieve this:

 The attacker might send so many bogus requests to a server that the server crashes because
of the heavy load
 The attacker might intercept and delete a server’s response to a client, making the client to
believe that the server is not responding.
 The attacker might intercept and delete a client’s requests to a server, making the client to
believe that the server is not responding.
Real time examples:
Imagine a popular online store that can handle 1000 simultaneous users. An attacker could use
a single computer to send thousands of connection request to store’s server,even though they are
not ligitimate users. This flood of request overwhelms the server,making it impossible for the
actual customers to connect and browse the website or make puchases.

Buffer overflows: exploting vulnerabilties in how a sytem habdles memory to cause it to crash

Flood attacks: sending a large number of requests to overwhelm the sytem

Prevention:
Firewall rules: configuring firewalls to block malicious traffic
Load balancing :distributing traffic across multiple servers to preent any single server from being
overwhelmed.
 Unit1

Cyber Security Objectives and Services

Cyber Security Objectives

The Objectives of cyber security is to ensure secure storage, control access and prevent
unauthorized processing, transfer, or deletion of data. It safeguards the confidentiality,
integrity,and availability of information.
A number of cyber security measures are put in place to protect networks and computer hardware
from unwanted threats and damages. Organizations draft security goals and policies based on the
cyber security standards they are required to uphold.
CIA triad stands upright on three pillars–Confidentiality, Integrity, and Availability. People,
Processes, and Technology come together to attain these objectives of cyber security and ensure
effective security systems.

Confidentiality:
 Collecting, storing, and sharing data in the digital space have made us prone to cyber attacks.
 Confidentiality states that only authorized people should be able to access sensitive information.

Any Personal Identifiable Information (PII) that can help recognize a person, any financial
information such as transaction details made on e-commerce sites is supposed to be kept
confidential.
 Unit1

Integrity:
Integrity maintains the dependability of information and ensures that it has been in its original form
throughout and is exact. Stored data or data disseminated or used should not be altered at any time
unless authorized by a licensed individual or system

Availability:
Availability ensures the accessibility of information to authorized personnel at the right time. They
should be able to process data whenever the need arises.
Tools to achieve CIA triad

Cyber Security services

1. Confidentiality:

Stored or transmitted information is accessible (even travel over insecure links) only authorized
parties, it doesn’t accessible to unauthorized parties. Means an unauthorized entity doesn’t get
information about the message.

Only sender and, intended receiver should “understand“ message content.

 Sender encrypts the message

 Receiver decrypts the message

Confidentiality has been designed to prevent interception (such as snooping and traffic analysis). It
 Unit1

is used for sensitive fields such as government and industry. It is important security service in
information security
Confidentiality uses the encipherment, routing control security mechanisms.

2. Authentication:(who created or sent the data)

In authentication both sender and receiver should be able to confirm the proof identity for talking
(communication) each other. Means the receiver knows for sure that the message comes from
particular source.

Authentication is first step in any network security solution. Authentication has been designed to
prevent fabrication (such as spoofing and replaying) attacks. Authentication uses the encipherment,
digital signature security mechanisms.

3. Data integrity (or message authentication):

Integrity prevention of unauthorized party modification of information means an unauthorized

entity can’t alter the message.

Integrity can apply to stream of messages. Integrity includes both content of information and source
of data. Integrity has been designed to prevent the modification security attack. Integrity uses the
encipherment, digital signature, data integrity security mechanisms.

4. Non-repudiation:

Non-repudiation service is protection against denial by one of the parties (sender, receiver) in a
communication. In this case the sender and receiver can keep proofs to avoid repudiation. Non-
repudiation has been designed to prevent the repudiation security attack. Non-repudiation uses the
digital signature, data integrity, notarization security mechanisms.

5. Availability:

The data must be available to the authorized parties when they required to access them is called
availability. Availability has been designed to prevent the Denial of Service security attack. It is
also prevent virus that deletes files. Availability uses data integrity, authentication exchange
security mechanisms.

6. Access control:

Access control prevention of the unauthorized use of a resource means the host systems and
applications are limited to access by the communication links and any unauthorized part can’t
access then. Access control uses the access control security mechanisms.
 Unit1

Other Terms of Cyber Security

Malware :Malware is a type of software that's created to cause harm to your computer or steal your
information. It’s like a bad virus for your computer, and it’s designed to damage, disrupt, or control your
device without your permission.
Example:
Imagine you download a game from a sketchy website. When you open the game, it secretly installs
malware on your computer. This malware could:
 Steal your passwords
 Slow down your computer
 Damage your files
 Or even give hackers control over your device

1. Phishing
Phishing is a type of cyber attack that attempts to fool users into providing sensitive information,
such as passwords or credit card details, via fake emails and websites.E.g,: fake emails asking for
account verification, deceptive shipping notifications, and social media messages with
malicious attachments

These phishing attacks may be carried out by individuals or large-scale organized cyber crime
groups in an attempt to steal personal data or financial information.

DDoS Attack : A DDoS (Distributed Denial of Service) attack is like a "traffic jam" on a website or
server, causing it to crash or become too slow to work. Instead of one person causing the problem, many
computers (usually infected with malicious software) work together to send too much traffic all at once.

E.g: Imagine you're trying to get into your favorite online store to buy something, but when you go to
the website, it's super slow or doesn’t load at all. This could be because a huge number of computers
are all trying to access the website at the same time, overwhelming the website’s servers. This makes
the site unable to handle all the requests, so it becomes unavailable for you and others.
In short, a DDoS attack floods a website or server with fake traffic, causing it to crash or be extremely
slow

2. Ransomware : Ransomware is a type of malware designed to encrypt a victim's data and demand
a ransom payment in exchange for the decryption key. ..
Ransom ware is a type of cyber attack that locks users out of their computer systems until they pay a
ransom, typically in the form of cryptocurrency, such as Bitcoin.
These attacks can be devastating to individuals and businesses, leading to lost data and high costs
associated with restoring systems.E:g: CryptoLocker, which emerged in 2007. It infected about 500,000
computers;

3. Botnet A botnet is a network of compromised devices (often referred to as zombies) that are controlled
remotely by cybercriminals or hackers, often without the owners’ knowledge. Botnets can be used for a
variety of malicious activities, including DDoS attacks, sending spam emails, stealing data, and even
launching sophisticated cyberattacks..
E.g.,TrickBot (2020-2022) TrickBot is a notorious banking malware that turned into a versatile
and highly modular botnet used to steal financial information, login credentials, and personal
data.
Zero-Day Attack

A zero-day attack is when hackers exploit a flaw or bug in software that no one knew about
before—not even the people who made the software. Because it's a hidden problem, there’s no
fix (patch) for it, and the attack can happen before anyone has a chance to protect against it..
 Unit1

E.g: Google Chrome Zero-Day Attack (2023):

 What happened: Hackers found a hidden flaw in Google Chrome’s code, which could allow them to take control of
someone’s computer just by tricking them into visiting a bad website.
 Why it’s a zero-day: Google didn’t know about the flaw at first. The hackers took advantage of it before Google could fix
it. Once Google realized it and released an update (patch), the flaw was no longer an issue.
 Result: Until the patch was released, hackers could have accessed people's computers and stolen their data without them
knowing.

4. Trojan Horse

A Trojan Horse (or Trojan) is a type of malware that tricks you into thinking it’s something safe or
useful, but once you open it, it damages your computer or steals your information..
These attacks are often disguised as legitimate applications or files. This is how they can trick users
into clicking on them and releasing the trojan onto their computers.
E.g: "Fake Software Update Trojan" (2023):
 What happened: You get a pop-up on your computer telling you that you need to update your
software. It looks like a legitimate update from a trusted app. You click on it, thinking it’s safe.
 What it actually is: Instead of a software update, it’s a Trojan. When you run it, it secretly installs
malware on your computer that steals your passwords and personal data.

5. Spyware
Spyware is a type of malware (malicious software) that secretly monitors what you do on your
computer or phone, usually without you knowing. Its job is to spy on you—hence the name—by
collecting personal information like passwords, browsing habits, and even credit card details.
E.g:. "Adware Spyware" (2023)
 What happened: You download a free app from the internet, thinking it’s safe. The app looks normal
and works fine at first.
 What it actually is: The app comes with hidden spyware. While you’re using it, the spyware tracks
what websites you visit, what apps you use, and what you type.
 What it does: It then sends that information to hackers or advertisers, who use it to show you targeted
ads or even steal your personal details.

6. Click jacking
Click jacking, also known as“UI redress attack,” is another type of malicious cyber attack.
With click jacking, an attacker tricks users into clicking on hidden elements in order to perform
unwanted actions.
The attacker aims to hijack user accounts or steal sensitive information. Imagine you're trying to click a
"Play" button on a video, but there’s an invisible "hidden button" over the top of it. When you click,
you’re not playing the video but actually doing something else—like giving a hacker permission to
control your computer.
Click jacking typically employs social engineering techniques like phishing to trick users into
clicking harmful links or downloading dangerous files.
One way to prevent these attacks is to invest in end-to-end human factor solutions.
E.g: "Fake Facebook Like Button" (2023)
 What happened: You visit a website and see a “Like” button that looks like it’s for Facebook. You think it’s just
a normal button, so you click it.
 What it actually is: The real button is invisible and overlaid on the Facebook "Like" button. When you click,
you accidentally like a page you didn’t mean to, or worse, it shares something on your social media without you
knowing.
 What the hacker gets: The hacker gets access to your social media, your personal data, or could even redirect
you to a phishing site.
 Unit1

Myths around Cyber Security

Myth 1—Too much security diminishes productivity

There is a common idea that increased security makes it difficult for even employees to access what
they need, not just hackers. Strict security policies such as regular monitoring and access control
are believed to hinder productivity at work. However, doing away with security may have far-
reaching consequences for your business. A successful attack like a DDoS attack or ransom ware
can bring your business to a stand still.Employees might not be able to access important files,
networks, and information after an attack. The recovery takes days and sometimes even weeks.

Truth: Enhanced cyber security can boost productivity.

A modern cyber security approach uses security tools that have a built-in security feature that
integrates seamlessly into your system. It also leverages advanced tech intelligence and analytics
for real-time detection and mitigation of threats. This allows developers to concentrate on
improving their productivity since they no longer need to worry about security issues.

Myth 2—Cyber attacks are only caused by external threat actors

Insider threats are on the rise and are fast becoming a cause of concern for businesses. Insider
threats can include employees, vendors, contractors, business partners, or an external intruder
trying to impersonate an employee. A recent survey revealed that insider threats are responsible for
60% of data breaches.

In addition, you can never be fully aware of where these attacks can originate from, and traditional
security solutions are largely ineffective when it comes to these threats. This makes them much
harder to detect and contain than external threats.

Truth: Therefore, cyber attacks can very well start from someone you know.

Use a combination of behavioral analytics and privilege and access management to minimize
insider threats. Additionally, conduct security awareness training sessions to educate employees
about the dangers of insider threats and how to detect them.

Myth 3—Cyber criminals only attack large businesses

Small and medium-sized businesses may often be under the false impression that their data isn't
valuable to hackers. However, small and medium-sized businesses are one of the top targets for
hackers.

A recent study revealed that hackers targeted small businesses nearly half of the time. But only14%
of these businesses were prepared to defend themselves in such a situation.

Truth: No business - no matter how large or small, is ever immune to hacking attempts and
malicious attacks.

Hackers don't discriminate when it comes to their victims. So, don't let the size of your business,
determine how valuable your data is or how secure your assets are.

Myth 4—Anti-Virus or Anti-Malware Software is enough to secure my business

The anti-virus software is an essential part of your cyber security plan. However, it only secures
one entry point into your system. Hackers have many ways to bypass anti-virus software and
 Unit1

infiltrate networks with attacks such as targeted phishing attacks, and ransom ware.
So, even with anti-malware software in place, hackers will have plenty of room to launch an attack.

Truth: Anti-virus software can only protect you from a unique set of recognized cyber
threats, not from other emerging cyber threats.

As a business, you need to do much more to secure your data from hackers. Deploy an all-
encompassing security solution like a Web Application Firewall that monitors threats continuously
and provides end-to-end, 24*7 protection from cyber risks.

Myth5—Cyber security is too expensive

Evenasmaliciouscyberattackscontinuetomakeheadlinesandcostbusinessesmillions,companies still
wonder if cyber security investments are worth it. Data security is frequently overlooked and is
only an afterthought for many enterprises. The average cost of a data breach in 2021 is $4.24
million, the highest in the last 17 years. And this figure does not include the damage that comes
with the crippling reputational losses and customer losses from a breach.

Truth: The cost of a good cyber security solution is nothing compared to the cost of a
successful attack.

Invest in a modern security solution like Indus face App Trana, for example, that can protect you
from the latest threats. Moreover, there are many precautionary measures that you can take with
absolutely no additional cost to your business ,such as strong passwords, multi-factor authentication,
access management, and employee training.

Myth 6—You don't require cyber security because you've never been attacked
If you've never experienced a cyber attack or data breach yourself, the chances are that you don't
know just how much damage they can cause. You may also assume that your current security
posture is strong enough to keep the bad actors away since you've never been attacked.

However, cyber threats and hacking tools are continuously evolving to become more and more
sophisticated and undetectable each day. And any sensitive data is a potential target for a breach.

Truth: You could easily be the next target.

Develop a sound security strategy that helps you identify existing weaknesses and mitigate attack
attempts before any significant damage is caused.

Myth7—You've achieved total cyber security

Cyber security is a continuous process that needs to be upgraded with the changes in the threat
landscape. Therefore, never stop working on securing your IT assets. Your organization will always
be susceptible to existing and emerging threats.

Truth: There is no such thing as total or perfect cyber security against cyber attacks.
 Unit1

Recent cyber attacks

Indian Government Ministry Hacked (January 2024)
Details: A cyber attack breached a key government ministry in India, targeting sensitive administrative data. The attackers
exploited vulnerabilities in the ministry's cybersecurity infrastructure to access confidential files and communications.
Target: Indian government ministries and sensitive governmental data.
Impact: Exposed national security risks, potential leaks of classified information, and damage to public trust

Ransomware Attack on Indian Railways (April 2024)( Ransomware is a type of malware that encrypts a victim’s
data where the attacker demands for a “ransom”, or payment, in order to restore access to files and network.
Typically, the victim receives a decryption key once payment is made to restore access to their files. If the ransom
payment is not made, the threat actor publishes the data on data leak sites (DLS) or blocks access to the files in
perpetuity.)
Details: The Indian Railways system was hit by a massive ransomware attack that disrupted operations, including ticket
booking, train schedules, and passenger services. Attackers encrypted systems and demanded a ransom in
cryptocurrency for decrypting the data.
Target: Indian Railways, transportation services.
Impact: Widespread service disruptions, financial losses, and public inconvenience. This raised serious concerns about
the vulnerability of critical infrastructure in India.
Response: The Indian Computer Emergency Response Team (CERT-In) worked with Indian Railways to mitigate the attack,
restore services, and implement better cybersecurity measures.

Ukrainian Government Cyber Attack (February 2024)

Details: In the midst of the ongoing conflict, Russian-backed cybercriminal groups launched a wave of attacks against
Ukrainian government agencies. These included DDoS attacks, phishing, and data breaches aimed at disrupting government
operations and stealing sensitive intelligence.
Target: Ukrainian government institutions.
Impact: Temporary disruption in government services, loss of critical data, and strategic cyber espionage.

Twitter Data Breach (January 2024)

Details: A security flaw in Twitter's API led to the breach of user data, exposing phone numbers, email addresses, and other
personally identifiable information (PII). Hackers exploited this flaw to create a large-scale database of sensitive
data.
Target: Twitter users globally.
Impact: Increased risk of identity theft, phishing, and fraud for affected users.

Generic Conclusion about Attacks

In conclusion, cyber-attacks continue to pose significant threats to individuals, businesses, and

governments globally .These attacks exploit vulnerabilities in various systems, applications, and
human behaviors to compromise data, disrupt operations, and cause financial and reputational
damage. The evolving nature of cyber threats requires a proactive and multifaceted approach to
cybersecurity. Here are some key takeaways:
Persistent Threat Landscape:
The cyber threat landscape is dynamic and persistent. Attackers continually adapt their techniques,
making it essential for individuals and organizations to remain vigilant and stay updated on the
latest threats and security measures.
Diverse Range of Attacks:
Cyber-attacks come in various forms, including malware, phishing, ransom ware, supply chain
attacks, and more. Attackers exploit vulnerabilities in software, hardware, and human behavior,
underscoring the need for a holistic cyber security strategy.
Impact on Individuals and Organizations:

Cyber-attacks can have far-reaching consequences, affecting individuals through identity theft,
financial loss, or privacy breaches. For organizations, the impact can be severe, leading to financial
losses, reputational damage, operational disruptions, and legal ramifications.
Importance of Preparedness:
Preparedness is key to mitigating cyber risks. This involves implementing robust cybersecurity
 Unit1

measures, conducting regular security assessments, staying informed about emerging threats,
educating users, and having an incident response plan in place.
Collaborative Approach:
Cybersecurity is a shared responsibility that necessitates collaboration between individuals,
organizations, governments, and cybersecurity professionals. Sharing threat intelligence, best
practices, and working collectively to enhance cybersecurity infrastructure is vital for a more secure
digital environment.
Continuous Learning and Adaptation:
Cybersecurity is an evolving field. Staying current with advancements in technology, threat
landscapes, and security practices is crucial. Ongoing education and training are essential for
individuals and professionals to adapt and respond effectively to emerging threats.
Regulatory Compliance and Standards:
Compliance with cybersecurity regulations and industry standards is important for organizations to
maintain the trust of their stakeholders. Adhering to frameworks like GDPR, HIPAA, or ISO 27001
can help establish a solid foundation for robust cybersecurity practices.
Investment in Security Measures:
Allocating resources for cybersecurity investments, including advanced security solutions,
employee training, and regular system updates, is a wise business decision. Proactive investments
in cybersecurity can help prevent attacks and reduce potential damages.
User Awareness and Education:
Users are often the first line of defense against cyber-attacks. Educating individuals about
cybersecurity best practices, how to identify phishing attempts and promoting a culture of security
consciousness can significantly enhance overall cybersecurity posture.
In this constantly evolving digital landscape, being proactive, adaptable, and informed is essential
to effectively navigate and mitigate the risks associated with cyber-attacks.

Why and what is Cyber Security?

What is Cyber security?

Definition and Scope:

Cybersecurity involves the implementation of measures, practices, and technologies to protect

digital assets, systems, networks, and data from cyber threats. These threats can range from
malware, phishing, and ransomware to insider threats and more.

Components of Cybersecurity:

Cyber security comprises several components, including network security, endpoint security,
application security, data security, identity and access management, cloud security, and security
awareness training.

Principles and Objectives:

The main principles of cyber security include confidentiality, ensuring that only authorized users
can access data; integrity, maintaining data accuracy and consistency and availability, ensuring that
data and systems are accessible when needed.

Importance of Cyber Hygiene:

Practicing good cyber hygiene, which involves regularly updating software, using strong passwords,
employing multi-factor authentication, and being cautious of suspicious emails or links, is
fundamental to effective cybersecurity. It minimizes vulnerabilities and enhances overall
protection.
 Unit1

Why is Cybersecurity Important?

Protection of Sensitive Data:

Cybersecurity is essential to safeguard sensitive and confidential information, such as personal data,
financial records, intellectual property, and trade secrets. Unauthorized access or theft of this data
can lead to severe financial and reputational damage.

Prevention of Financial Loss:

Effective cyber security measures help prevent financial losses that can result from cyber-attacks,
including fraud, ransom ware, identity theft, and unauthorized transactions. This protection is
crucial for individuals and organizations alike.

Ensuring Business Continuity:

Cybersecurity ensures the continuous operation of businesses and organizations by preventing

disruptions caused by cyber-attacks. Uninterrupted operations are vital for maintaining customer
trust and sustaining revenue streams.

Categories of Attack

A cyber-attack is an exploitation of computer systems and networks. It uses malicious code to alter
computer code, logic or data and lead to cybercrimes, such as information and identity theft.

We are living in a digital era. Now a day, most of the people use computer and internet. Due to the
dependency on digital things, the illegal computer activity is growing and changing like any type of
crime.

Cyber-attacks can be classified into the following categories:

 Unit1

Web-based attacks

These are the attacks which occur on a website or web applications. Some of the important web-
based attacks are as follows-

1. Injection attacks

It is the attack in which some data will be injected into a webapplication to manipulate the application
and fetch the required information.

Example-SQL Injection, code Injection, log Injection, XML Injection etc.

2. DNS Spoofing

DNS Spoofing is a type of computer security hacking. Whereby a data is introduced into a DNS
resolver's cache causing the name server to return an incorrect IP address, diverting traffic to the
attacker’s computer or any other computer. The DNS spoofing attacks can go on for a long period
of time without being detected and can cause serious security issues.

3. Session Hijacking

It is a security attack on a user session over a protected network. Web applications create cookies to
store the state and user sessions. By stealing the cookies, an attacker can have access to all of the
user data.

4. Phishing

Phishing is a type of attack which attempts to steal sensitive information like user login credentials
and credit card number. It occurs when an attacker is masquerading as a trustworthy entity in
electronic communication.

5. Brute force

It is a type of attack which uses a trial and error method. This attack generates a large number of
guesses and validates them to obtain actual data like user password and personal identification
number. This attack may be used by criminals to crack encrypted data, or by security, analysts to
 Unit1

test an organization's network security.

6. Denial of Service

It is an attack which meant to make a server or network resource unavailable to the users. It
accomplishes this by flooding the target with traffic or sending it information that triggers a crash.
It uses the single system and single internet connection to attack a server. It can be classified into
the following-

a) Volume-based attacks-Its goal is to saturate the bandwidth of the attacked site, and is measured
in bit per second.

b) b. Protocol attacks-It consumes actual server resources, and is measured in a packet.

c) Application layer attacks- Its goal is to crash the web server and is measured in request per
second..

7. Dictionary attacks

This type of attack stored the list of a commonly used password and validated them to get original
password.

8. URL Interpretation

It is a type of attack where we can change the certain parts of a URL, and one can make a web
server to deliver web pages for which he is not authorized to browse.
9. File Inclusion attacks

It is a type of attack that allows an attacker to access unauthorized or essential files which is
available on the web server or to execute malicious files on the web server by making use of the
include functionality.

10. Man in the middle attacks

It is a type of attack that allows an attacker to intercepts the connection between client and server
and acts as a bridge between them. Due to this, an attacker will be able to read, insert and modify
the data in the intercepted connection.
 Unit1

System-based attacks

These are the attacks which are intended to compromise a computer or a computer network. Some
of the important system-based attacks are as follows-

1. Virus

It is a type of malicious software program that spread throughout the computer files without the
knowledge of a user. It is a self-replicating malicious computer program that replicates by inserting
copies of it into other computer programs when executed. It can also execute instructions that cause
harm to the system.

2. Worm

It is a type of malware whose primary function is to replicate itself to spread to uninfected

computers. It works same as the computer virus. Worms often originate from email attachments
that appear to be from trusted senders.

3. Trojan horse

It is a malicious program that occurs unexpected changes to computer setting and unusual activity,
even when the computer should be idle. It misleads the user of its true intent. It appears to be a
normal application but when opened/executed some malicious code will run in the background.
4. Backdoors

It is a method that bypasses the normal authentication process. A developer may create a backdoor
so that an application or operating system can be accessed for troubleshooting or other purposes.

5. Bots

A bot (short for "robot") is an automated process that interacts with other network services. Some
bots program run automatically, while others only execute commands when they receive specific
input. Common examples of bots program are the crawler, chartroom bots, and malicious bots.