Network Security and Cyber Laws
Detailed Course Content
Unit 1: Introduction to Network Security
- Introduction to Network Security
- Goals of Network Security
- ISO Security Architecture
- Attacks and Categories of Attacks
- Network Security Services & Mechanisms
- Authentication Applications: Kerberos, X.509 Directory Authentication Service
Unit 2: Application Layer Security
- Security Threats and Countermeasures
- SET Protocol
- Electronic Mail Security
- Pretty Good Privacy (PGP)
- S/MIME
- Transport Layer Security: Secure Socket Layer & Transport Layer Security
- Wireless Transport Layer Security
Unit 3: IP Security and System Security
- Authentication Header
- Encapsulating Security Payloads
- System Security: Intruders, Intrusion Detection System, Viruses
- Firewall Design Principles
- Trusted Systems
- OS Security
- Program Security
Unit 4: Introduction to Cyber Law
- Cyber Crime, Cyber Criminals, Cyber Law
- Object and Scope of the IT Act: Genesis, Object, Scope of the Act
- E-Governance and IT Act 2000
- Legal Recognition of Electronic Records
- Legal Recognition of Digital Signatures
- Use of Electronic Records and Digital Signatures in Government and its Agencies
- IT Act in Detail
- Basics of Network Security: IP Addresses, Port Numbers, and Sockets
- Hiding and Tracing IP Addresses
- Scanning: Traceroute, Ping Sweeping, Port Scanning, ICMP Scanning
- Fingerprinting: Active and Passive Email
Unit 5: Advanced Attacks
- Different Kinds of Buffer Overflow Attacks: Stack Overflows, String Overflows, Heap and Integer Overflows
- Internal Attacks: Emails, Mobile Phones, Instant Messengers, FTP Uploads, Dumpster Diving, Shoulder Surfing
- DOS Attacks: Ping of Death, Teardrop, SYN Flooding, Land Attacks, Smurf Attacks, UDP Flooding
- Hybrid DOS Attacks
- Application-Specific Distributed DOS Attacks
Computer data can be vulnerable when traveling between computers. Cryptography transforms data using secret codes and modern mathematics, making it safer during transmission. It provides security by encrypting data to protect confidentiality and ensuring integrity and authentication of messages. Common security threats include passive attacks like eavesdropping and traffic analysis, as well as active attacks like masquerading, message modification, denial of service, and replays. Cryptography addresses these using techniques like symmetric and public key encryption.
Cryptography is the study and practice of techniques for secure communication in the presence of third parties. It deals with developing and analysing protocols which prevents malicious third parties from retrieving information being shared between two entities. Some key principles of cryptography include confidentiality, data integrity, authentication, and non-repudiation. Cryptography is widely applied in computer security, network security, and internet security. Common techniques include symmetric encryption algorithms, cryptanalysis methods, and the use of substitution and transposition ciphers.
The document discusses network security and cryptography. It provides an overview of security concepts like attacks, services, defense methods, and models. It defines information security, why it is important, and common security attacks like interruption, interception, modification, and fabrication. It also discusses security goals of confidentiality, integrity, and availability. Cryptography techniques like symmetric and asymmetric encryption are introduced along with concepts like plaintext, ciphertext, encryption, decryption, and cryptanalysis.
Security is one of the most important issues in distributed systems. Cryptography, authentication, access control, and digital signatures are important concepts for securing systems. Potential attacks include unauthorized access, tampering, and denial of service. Cryptography aims to provide confidentiality, integrity, non-repudiation of information. Authentication verifies identity while access control restricts allowed actions. Digital signatures demonstrate authenticity and prevent denial of message transmission or alteration. The Distributed Computing Environment provides naming, authentication, and security services to enable secure client-server applications across networks.
The document discusses computer security and common cyber attack vectors. It defines key terms like attack surface, attack vectors, and security breaches. It then describes 8 common attack vectors: compromised credentials, weak/stolen credentials, malicious insiders, missing/poor encryption, misconfiguration, ransomware, phishing, and trust relationships. Typical symptoms of an attack are also listed, such as slow performance, strange files/programs, and automatic messages. The consequences of a successful attack compromise the goals of computer security - confidentiality, integrity and availability.
The document discusses the objectives and syllabus of a Cryptography and Network Security course. The objectives are to understand access control models, encryption techniques, block ciphers like DES and AES, public key cryptography, message authentication, hash functions, and web, email and firewall security. The syllabus covers topics like classical encryption techniques, symmetric cipher models, security services like confidentiality, authentication, access control and availability, and security attacks. It also discusses trends in internet vulnerabilities and security incidents reported to CERT.
Security Introduction
Potential attacks
Positive attacks
Active attacks
Cryptography
Terminologies
Symmetric and asymmetric
authentication
types of authentication
approaches to authentication
user login
access control
protection domains
design signature
design principle
Module-1.ppt cryptography and network securityAparnaSunil24
The document provides an overview of cryptography and network security. It begins by defining key terms like computer security, network security, and internet security. It then discusses the OSI security architecture and how it defines security services, mechanisms, and attacks in a systematic way. The document also covers traditional cryptosystems including symmetric key cryptosystems, classical encryption techniques like substitution and transposition ciphers, and examples of monoalphabetic and polyalphabetic ciphers.
Computer data can be vulnerable when traveling between computers. Cryptography transforms data using secret codes and modern mathematics, making it safer during transmission. It provides security by encrypting data to protect confidentiality and ensuring integrity and authentication of messages. Common security threats include passive attacks like eavesdropping and traffic analysis, as well as active attacks like masquerading, message modification, denial of service, and replays. Cryptography addresses these using techniques like symmetric and public key encryption.
Cryptography is the study and practice of techniques for secure communication in the presence of third parties. It deals with developing and analysing protocols which prevents malicious third parties from retrieving information being shared between two entities. Some key principles of cryptography include confidentiality, data integrity, authentication, and non-repudiation. Cryptography is widely applied in computer security, network security, and internet security. Common techniques include symmetric encryption algorithms, cryptanalysis methods, and the use of substitution and transposition ciphers.
The document discusses network security and cryptography. It provides an overview of security concepts like attacks, services, defense methods, and models. It defines information security, why it is important, and common security attacks like interruption, interception, modification, and fabrication. It also discusses security goals of confidentiality, integrity, and availability. Cryptography techniques like symmetric and asymmetric encryption are introduced along with concepts like plaintext, ciphertext, encryption, decryption, and cryptanalysis.
Security is one of the most important issues in distributed systems. Cryptography, authentication, access control, and digital signatures are important concepts for securing systems. Potential attacks include unauthorized access, tampering, and denial of service. Cryptography aims to provide confidentiality, integrity, non-repudiation of information. Authentication verifies identity while access control restricts allowed actions. Digital signatures demonstrate authenticity and prevent denial of message transmission or alteration. The Distributed Computing Environment provides naming, authentication, and security services to enable secure client-server applications across networks.
The document discusses computer security and common cyber attack vectors. It defines key terms like attack surface, attack vectors, and security breaches. It then describes 8 common attack vectors: compromised credentials, weak/stolen credentials, malicious insiders, missing/poor encryption, misconfiguration, ransomware, phishing, and trust relationships. Typical symptoms of an attack are also listed, such as slow performance, strange files/programs, and automatic messages. The consequences of a successful attack compromise the goals of computer security - confidentiality, integrity and availability.
The document discusses the objectives and syllabus of a Cryptography and Network Security course. The objectives are to understand access control models, encryption techniques, block ciphers like DES and AES, public key cryptography, message authentication, hash functions, and web, email and firewall security. The syllabus covers topics like classical encryption techniques, symmetric cipher models, security services like confidentiality, authentication, access control and availability, and security attacks. It also discusses trends in internet vulnerabilities and security incidents reported to CERT.
Security Introduction
Potential attacks
Positive attacks
Active attacks
Cryptography
Terminologies
Symmetric and asymmetric
authentication
types of authentication
approaches to authentication
user login
access control
protection domains
design signature
design principle
Module-1.ppt cryptography and network securityAparnaSunil24
The document provides an overview of cryptography and network security. It begins by defining key terms like computer security, network security, and internet security. It then discusses the OSI security architecture and how it defines security services, mechanisms, and attacks in a systematic way. The document also covers traditional cryptosystems including symmetric key cryptosystems, classical encryption techniques like substitution and transposition ciphers, and examples of monoalphabetic and polyalphabetic ciphers.
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYDEEPAK948083
This document provides an overview of mobile and wireless security. It discusses the need for security as wireless networks become more prevalent and outlines some common security threats like spoofing, sniffing, tampering and theft. It then describes various security technologies used to address these threats, including cryptography, digital certificates, digital signatures and public key infrastructure. Specific security protocols like SSL, TLS and IPSec are also mentioned. The document emphasizes that securing wireless networks requires considering authentication, data integrity, confidentiality, authorization and non-repudiation across the entire environment.
The document discusses various topics in network security including:
1. It describes the OSI security architecture and defines security attacks, mechanisms, and services.
2. It covers different types of security attacks like passive attacks and active attacks.
3. It discusses security services like authentication, access control, data confidentiality, and data integrity.
4. It provides an overview of classical encryption techniques like symmetric ciphers, substitution ciphers, transposition ciphers, and steganography.
Implementing an improved security for collin’s database and telecommutersRishabh Gupta
1) COLLINS is a state agency that stores confidential information and needs improved security for its database and telecommuters.
2) The proposal aims to implement the best security measures to protect data in the database and ensure security for telecommuters.
3) Methods like installing firewalls, encrypting sensitive data, and using digital signatures are proposed to provide database and network security.
Ledingkart Meetup #3: Security Basics for DevelopersMukesh Singh
This document provides an agenda and summaries for a security basics workshop for developers at Lendingkart. The agenda includes sessions on security overviews, common vulnerabilities, security practices at Lendingkart, and the OWASP Zed Attack Proxy tool. Introductions cover security requirements around confidentiality, integrity and availability. Additional topics include network vs application security, common security attacks, security services, web security basics, how HTTPS works using SSL/TLS, digital certificates, hacker evolution, and the OWASP top 10 list of vulnerabilities.
This document provides an overview of information systems and security topics including computer security, authentication mechanisms, firewalls, computer crimes, social impacts of computers, computer viruses, worms, digital signatures and certificates. It discusses information security principles of confidentiality, integrity and availability. It also covers specific authentication mechanisms like passwords, multi-factor authentication, certificates, tokens and biometrics. Additionally, it defines what a firewall is and how it works to inspect and block unauthorized network traffic based on packet rules.
This document provides an introduction to network security. It discusses how computer data can be at risk when traveling between computers unless protected by cryptography. It defines computer security, network security, and internet security. Network security aims to ensure optimal machine functioning and restrict user access rights. Advantages include protecting client data and shared information. The document outlines security requirements like confidentiality, integrity, availability, and authentication. It also discusses challenges of security and provides an overview of the network security model and intrusion detection systems.
This document provides information about a cryptography course including:
- The course name, code, credits, program, and instructor details
- An overview of the course units covering introduction to cryptography, security goals, cryptographic attacks, security services and mechanisms, traditional symmetric key techniques, and more
- Descriptions of topics within each unit including different types of cryptographic attacks, security services like confidentiality and integrity, security mechanisms like encryption and digital signatures, and categories of traditional ciphers like substitution and transposition ciphers
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
(1) Cryptography and network security are important topics that involve terminology like plaintext, ciphertext, encryption, decryption, and cryptanalysis. (2) The document discusses principles of security like confidentiality, integrity, authentication, non-repudiation, and availability and how attacks can compromise them. (3) It also covers security services, mechanisms, and models in the OSI standard to enhance security and counter different types of security attacks.
The "Introduction to Computer Network Security" presentation provides a comprehensive introduction to the fundamental concepts, principles, and practices of computer network security. This presentation is designed for students, professionals, and anyone interested in understanding the essentials of securing computer networks against various threats and vulnerabilities.
Fundamental Concept of Cryptography in Computer SecurityUttara University
Cryptography is the practice and study of techniques for securing communication and data from unauthorized access or alterations. It involves the use of mathematical algorithms to transform information into a secure format, ensuring confidentiality, integrity, authenticity, and non-repudiation. Key methods include encryption, which converts plaintext into ciphertext, and decryption, which reverses this process. Cryptographic protocols are essential for secure communication in digital environments, underpinning technologies such as SSL/TLS for internet security, digital signatures for authentication, and various forms of secure data storage and transmission.
A Review Study on Secure Authentication in Mobile SystemEditor IJCATR
This document summarizes authentication techniques for mobile systems. It discusses single-factor and multi-factor authentication using passwords, tokens, and biometrics. It also reviews RFID authentication protocols like SRAC and ASRAC for secure and low-cost RFID systems. Public key cryptography models using elliptic curve cryptography are proposed for mobile security. Secure authentication provides benefits like protection, scalability, speed, and availability for mobile enterprises. Both encryption and authentication are needed but encryption requires more processing resources so should only be used for critical information.
This document describes models for network security. It discusses a generic model where principals communicate across the internet using protocols like TCP/IP. To protect information, security techniques add a transformation like encryption and rely on secret shared information like keys. A trusted third party can help distribute secrets. The document also presents a network access security model to prevent unwanted access through gatekeeper functions like login credentials and antivirus software to block exploits. The overall goal is to design algorithms, generate secrets, distribute secrets securely, and specify protocols for security services.
Ethical Hacking Concepts and Scopes, Threats and Attack Vectors, Information Assurance, Threat Modelling
Enterprise Information Security Architecture, Vulnerability
Assessment and Penetration Testing
Types of Social Engineering, Insider Attack, Preventing Insider
Threats, Social Engineering Targets and Defence Strategies
CNS UNIT 1 NEW NEW UNIT has been s 1.pptinaamulh66
You for all of you guys think that it will work out to be honest and a good idea what is going on in my case I can you give a good idea what is going for you guys I was going for me but not as bad news on my phone and a lot for you guys I think we will see how that I could get a chance of the time of year to get it back from him for you can find all the other one to be honest and a good weekend but you need a good weekend so I'm thinking you don't the one where there at school work well if this would need you would not mind sending out there will you would it would appear is there anyone knows why can't believe to see this weekend or anything is going back for it out at
- Security is a concept similar to being cautious
or alert against any danger. Network security is the condition of
being protected against any danger or loss. Thus safety plays a
important role in bank transactions where disclosure of any data
results in big loss. We can define networking as the combination
of two or more computers for the purpose of resource sharing.
Resources here include files, database, emails etc. It is the
protection of these resources from unauthorized users that
brought the development of network security. It is a measure
incorporated to protect data during their transmission and also
to ensure the transmitted is protected and authentic.
Security of online bank transactions here has been
improved by increasing the number of bits while establishing the
SSL connection as well as in RSA asymmetric key encryption
along with SHA1 used for digital signature to authenticate the
user
This document provides information about the 60-467 Network Security course taught by Dr. Robert D. Kent at the University of Windsor. The 3-sentence summary is:
The course introduces advanced topics in network security including encryption, authentication, intrusion detection, and security of email and web access. Students must complete a midterm exam, individual research essay, presentation, and two projects (individual and group). The course website provides basic information, requirements are outlined, and the textbook for the course is Cryptography and Network Security by William Stallings which covers topics such as cryptography algorithms, network security services, and security attacks.
ETHICAL HACKING AND SOCIAL ENGINEERING
Topics Covered: Ethical Hacking Concepts and Scopes, Threats and Attack Vectors, Information Assurance, Threat Modelling, Enterprise Information Security Architecture, Vulnerability, Assessment and Penetration Testing, Types of Social Engineering, Insider Attack, Preventing Insider Threats, Social Engineering Targets and Defence Strategies
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYDEEPAK948083
This document provides an overview of mobile and wireless security. It discusses the need for security as wireless networks become more prevalent and outlines some common security threats like spoofing, sniffing, tampering and theft. It then describes various security technologies used to address these threats, including cryptography, digital certificates, digital signatures and public key infrastructure. Specific security protocols like SSL, TLS and IPSec are also mentioned. The document emphasizes that securing wireless networks requires considering authentication, data integrity, confidentiality, authorization and non-repudiation across the entire environment.
The document discusses various topics in network security including:
1. It describes the OSI security architecture and defines security attacks, mechanisms, and services.
2. It covers different types of security attacks like passive attacks and active attacks.
3. It discusses security services like authentication, access control, data confidentiality, and data integrity.
4. It provides an overview of classical encryption techniques like symmetric ciphers, substitution ciphers, transposition ciphers, and steganography.
Implementing an improved security for collin’s database and telecommutersRishabh Gupta
1) COLLINS is a state agency that stores confidential information and needs improved security for its database and telecommuters.
2) The proposal aims to implement the best security measures to protect data in the database and ensure security for telecommuters.
3) Methods like installing firewalls, encrypting sensitive data, and using digital signatures are proposed to provide database and network security.
Ledingkart Meetup #3: Security Basics for DevelopersMukesh Singh
This document provides an agenda and summaries for a security basics workshop for developers at Lendingkart. The agenda includes sessions on security overviews, common vulnerabilities, security practices at Lendingkart, and the OWASP Zed Attack Proxy tool. Introductions cover security requirements around confidentiality, integrity and availability. Additional topics include network vs application security, common security attacks, security services, web security basics, how HTTPS works using SSL/TLS, digital certificates, hacker evolution, and the OWASP top 10 list of vulnerabilities.
This document provides an overview of information systems and security topics including computer security, authentication mechanisms, firewalls, computer crimes, social impacts of computers, computer viruses, worms, digital signatures and certificates. It discusses information security principles of confidentiality, integrity and availability. It also covers specific authentication mechanisms like passwords, multi-factor authentication, certificates, tokens and biometrics. Additionally, it defines what a firewall is and how it works to inspect and block unauthorized network traffic based on packet rules.
This document provides an introduction to network security. It discusses how computer data can be at risk when traveling between computers unless protected by cryptography. It defines computer security, network security, and internet security. Network security aims to ensure optimal machine functioning and restrict user access rights. Advantages include protecting client data and shared information. The document outlines security requirements like confidentiality, integrity, availability, and authentication. It also discusses challenges of security and provides an overview of the network security model and intrusion detection systems.
This document provides information about a cryptography course including:
- The course name, code, credits, program, and instructor details
- An overview of the course units covering introduction to cryptography, security goals, cryptographic attacks, security services and mechanisms, traditional symmetric key techniques, and more
- Descriptions of topics within each unit including different types of cryptographic attacks, security services like confidentiality and integrity, security mechanisms like encryption and digital signatures, and categories of traditional ciphers like substitution and transposition ciphers
Chapter 1 Introduction of Cryptography and Network security Dr. Kapil Gupta
(1) Cryptography and network security are important topics that involve terminology like plaintext, ciphertext, encryption, decryption, and cryptanalysis. (2) The document discusses principles of security like confidentiality, integrity, authentication, non-repudiation, and availability and how attacks can compromise them. (3) It also covers security services, mechanisms, and models in the OSI standard to enhance security and counter different types of security attacks.
The "Introduction to Computer Network Security" presentation provides a comprehensive introduction to the fundamental concepts, principles, and practices of computer network security. This presentation is designed for students, professionals, and anyone interested in understanding the essentials of securing computer networks against various threats and vulnerabilities.
Fundamental Concept of Cryptography in Computer SecurityUttara University
Cryptography is the practice and study of techniques for securing communication and data from unauthorized access or alterations. It involves the use of mathematical algorithms to transform information into a secure format, ensuring confidentiality, integrity, authenticity, and non-repudiation. Key methods include encryption, which converts plaintext into ciphertext, and decryption, which reverses this process. Cryptographic protocols are essential for secure communication in digital environments, underpinning technologies such as SSL/TLS for internet security, digital signatures for authentication, and various forms of secure data storage and transmission.
A Review Study on Secure Authentication in Mobile SystemEditor IJCATR
This document summarizes authentication techniques for mobile systems. It discusses single-factor and multi-factor authentication using passwords, tokens, and biometrics. It also reviews RFID authentication protocols like SRAC and ASRAC for secure and low-cost RFID systems. Public key cryptography models using elliptic curve cryptography are proposed for mobile security. Secure authentication provides benefits like protection, scalability, speed, and availability for mobile enterprises. Both encryption and authentication are needed but encryption requires more processing resources so should only be used for critical information.
This document describes models for network security. It discusses a generic model where principals communicate across the internet using protocols like TCP/IP. To protect information, security techniques add a transformation like encryption and rely on secret shared information like keys. A trusted third party can help distribute secrets. The document also presents a network access security model to prevent unwanted access through gatekeeper functions like login credentials and antivirus software to block exploits. The overall goal is to design algorithms, generate secrets, distribute secrets securely, and specify protocols for security services.
Ethical Hacking Concepts and Scopes, Threats and Attack Vectors, Information Assurance, Threat Modelling
Enterprise Information Security Architecture, Vulnerability
Assessment and Penetration Testing
Types of Social Engineering, Insider Attack, Preventing Insider
Threats, Social Engineering Targets and Defence Strategies
CNS UNIT 1 NEW NEW UNIT has been s 1.pptinaamulh66
You for all of you guys think that it will work out to be honest and a good idea what is going on in my case I can you give a good idea what is going for you guys I was going for me but not as bad news on my phone and a lot for you guys I think we will see how that I could get a chance of the time of year to get it back from him for you can find all the other one to be honest and a good weekend but you need a good weekend so I'm thinking you don't the one where there at school work well if this would need you would not mind sending out there will you would it would appear is there anyone knows why can't believe to see this weekend or anything is going back for it out at
- Security is a concept similar to being cautious
or alert against any danger. Network security is the condition of
being protected against any danger or loss. Thus safety plays a
important role in bank transactions where disclosure of any data
results in big loss. We can define networking as the combination
of two or more computers for the purpose of resource sharing.
Resources here include files, database, emails etc. It is the
protection of these resources from unauthorized users that
brought the development of network security. It is a measure
incorporated to protect data during their transmission and also
to ensure the transmitted is protected and authentic.
Security of online bank transactions here has been
improved by increasing the number of bits while establishing the
SSL connection as well as in RSA asymmetric key encryption
along with SHA1 used for digital signature to authenticate the
user
This document provides information about the 60-467 Network Security course taught by Dr. Robert D. Kent at the University of Windsor. The 3-sentence summary is:
The course introduces advanced topics in network security including encryption, authentication, intrusion detection, and security of email and web access. Students must complete a midterm exam, individual research essay, presentation, and two projects (individual and group). The course website provides basic information, requirements are outlined, and the textbook for the course is Cryptography and Network Security by William Stallings which covers topics such as cryptography algorithms, network security services, and security attacks.
ETHICAL HACKING AND SOCIAL ENGINEERING
Topics Covered: Ethical Hacking Concepts and Scopes, Threats and Attack Vectors, Information Assurance, Threat Modelling, Enterprise Information Security Architecture, Vulnerability, Assessment and Penetration Testing, Types of Social Engineering, Insider Attack, Preventing Insider Threats, Social Engineering Targets and Defence Strategies
Similar to Network Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. IT (20)
Cyber Crime with basics and knowledge to cyber sphereRISHIKCHAUDHARY2
In this ppt you will get to know about the cyber security basics as well as the paradigms that are important in the cyber world.
Also this can be helpful for study purpose in college and schools.
You will also get two case studies which can be helpful for better understand.
Top UI/UX Design Trends for 2024: What Business Owners Need to KnowOnepixll
Discover the top UI/UX design trends for 2024 that every business owner needs to know. This infographic covers five key trends: Dark Mode Dominance, Neumorphism and Soft UI, Voice User Interface (VUI) Integration, Personalization and AI-Driven Design, and Accessibility-First Design. By staying ahead of these trends, you can create engaging, user-friendly digital products that cater to evolving user needs and preferences. Enhance your digital presence and ensure your designs are modern, accessible, and effective.
The Internet of Things (IoT) is rapidly expanding, with over 75 billion connected devices expected by 2025. This growth demands robust security solutions, as IoT-related data breaches in 2022 averaged $9.44 million in costs. Additionally, 57% of IoT device owners have faced cybersecurity incidents or breaches in the past two years. For top-notch IoT security solutions, trust Lumiverse Solutions. Contact us at 9371099207.
'Secure and Sustainable Internet Infrastructure for Emerging Technologies'APNIC
Paul Wilson, Director General of APNIC delivers keynote presentation titled 'Secure and Sustainable Internet Infrastructure for Emerging Technologies' at VNNIC Internet Conference 2024, held in Hanoi, Vietnam from 4 to 7 June 2024.
Call Girls Jabalpur 7742996321 Jabalpur Escorts Service
Network Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. IT
1. If you find these notes helpful, please
follow me on LinkedIn
Sarthak Sobti
Click on the link below:
www.linkedin.com/in/sarthak-sobti-
65bab51b4
2. Network Security and
Cyber Law
Unit 1
1. Introduction to Network Security
Network security is defined as the activity created to protect the
integrity of your network and data. Every company or organization
that handles a large amount of data, has a degree of solutions
against many cyber threats.
Any action intended to safeguard the integrity and usefulness of
your data and network is known as network security. The most
basic example of Network Security is password protection which
the user of the network chooses. The network security solutions
protect various vulnerabilities of the computer systems such as:
1. Users
2. Locations
3. Data
4. Devices
5. Applications
_____________________________________________________________
3. 2. Goals/Objectives of Network Security
1. Confidentiality
It simply means that data and resources on a network can only be
accessible by authorized users. In return, it assists in protecting
sensitive information from unauthorized users.
2. Integrity
This simply ensures that the data, as well as resources on a
network, are not altered or corrupted by unauthorized parties. With
the help of integrity, one can maintain the accuracy as well as
consistency of information and processes.
4. 3. Availability
This assists in ensuring that the resources and data on a network
are accessible and usable by authorized parties. Further,
availability helps to support the continuity and performance of
business operations and services.
_____________________________________________________________
3. Attacks
A security attack is an attempt to gain unauthorized access to,
disrupt, or compromise the security of a system, network, or
device. These are actions that threaten an organization’s safety
and are classified into two main categories:
A. Passive Attacks
Passive attacks involve an intruder monitoring or eavesdropping on
transmissions without altering the data. These attacks aim to
gather information without causing direct harm, and neither the
sender nor the receiver is aware of the intrusion.
• Eavesdropping: Intercepting and listening to
communications without consent. Example: Packet sniffing.
• Traffic Analysis: Analysing network traffic patterns to gather
information without accessing the content. Example:
Network flow analysis.
Prevention: Encryption of transmitted data can prevent intruders
from using intercepted information.
5. B. Active Attacks
Active attacks involve the attacker altering or disrupting
communications, causing damage or disruption. Both the sender
and receiver are unaware that their communication has been
tampered with.
• Masquerade: Pretending to be an authorized user to gain
access. Example: Using stolen credentials.
• Replay: Intercepting and retransmitting a message to
deceive the receiver. Example: Delaying a financial
transaction message.
• Modification of Message: Altering the message content.
Example: Changing the data in a transmitted message.
• Denial of Service (DoS): Overloading a system with traffic to
make it unavailable to legitimate users. Example: Flooding a
website with requests.
_____________________________________________________________
4. Network Security Services
Security services refer to the different services available for
maintaining the security and safety of an organization. They help in
preventing any potential risks to security. Security services are
divided into 5 types:
• Authentication is the process of verifying the identity of a
user or device in order to grant or deny access to a system or
device.
6. • Access control involves the use of policies and procedures
to determine who is allowed to access specific resources
within a system.
• Data Confidentiality is responsible for the protection of
information from being accessed or disclosed to
unauthorized parties.
• Data integrity is a security mechanism that involves the use
of techniques to ensure that data has not been tampered with
or altered in any way during transmission or storage.
• Non-repudiation involves the use of techniques to create a
verifiable record of the origin and transmission of a message,
which can be used to prevent the sender from denying that
they sent the message.
________________________________________________________
5. Network Security Mechanisms
The mechanism that is built to identify any breach of security or
attack on the organization, is called a security mechanism.
Security Mechanisms are also responsible for protecting a system,
network, or device against unauthorized access, tampering, or
other security threats.
Examples of Security Mechanisms
• Encipherment (Encryption): Transforms data into a coded
form that can only be read with a decryption key. Used for
protecting data during transmission or storage.
7. • Digital Signature: Uses cryptographic techniques to create a
unique, verifiable identifier for a document or message,
ensuring its authenticity and integrity.
• Traffic Padding: Adds extra data to network traffic to obscure
its true content and make analysis more difficult.
• Routing Control: Selects secure routes for data transmission
and allows changes in routing if a security breach is
suspected.
_____________________________________________________________
6. Authentication Applications
1. Kerberos
• Purpose: A network authentication protocol designed to
provide secure authentication for users and services in a
network.
• How it Works:
o Key Distribution Center (KDC): Central authority that
includes an Authentication Server (AS) and a Ticket
Granting Server (TGS).
o Process:
1. User Authentication: User logs in and sends a
request to the AS.
8. 2. Ticket Granting Ticket (TGT): AS authenticates the
user and issues a TGT.
3. Service Request: User sends the TGT to the TGS to
request access to a specific service.
4. Service Ticket: TGS issues a service ticket, which
the user presents to the desired service for access.
• Advantages: Secure, mutual authentication, prevents
eavesdropping and replay attacks.
2. X.509 Directory Authentication Service
• Purpose: A standard for public key infrastructure (PKI) used
for managing digital certificates and public-key encryption.
• How it Works:
o Certificates: X.509 certificates contain a public key and
the identity of the owner.
o Certification Authority (CA): Trusted entity that issues
and verifies certificates.
o Process:
1. Certificate Request: User generates a key pair
and sends a certificate signing request (CSR) to the
CA.
2. Certificate Issuance: CA verifies the request and
issues an X.509 certificate.
9. 3. Authentication: When a user or service needs to
authenticate, they present their certificate.
4. Verification: The recipient verifies the certificate's
authenticity and validity using the CA's public key.
• Advantages: Provides strong authentication, integrity, and
non-repudiation through the use of digital certificates.
_____________________________________________________________
10. Unit 2
1. Application Layer Security
1. Secure Electronic Transaction (SET)
• Secure Electronic Transaction or SET is a system that
ensures the security and integrity of electronic transactions
done using credit cards in a scenario.
• SET protocol restricts the revealing of credit card details to
merchants thus keeping hackers and thieves at bay.
• TheSET protocol includes Certification Authorities for making
use of standard Digital Certificates like X.509 Certificate.
2. Email Security
• Email security refers to the steps where we protect the email
messages and the information that they contain from
unauthorized access, and damage.
• It involves ensuring the confidentiality, integrity, and
availability of email messages, as well as safeguarding
against phishing attacks, spam, viruses, and another form of
malware.
11. • It can be achieved through a combination of technical and
non-technical measures.
• Some standard technical measures include the encryption of
email messages to protect their contents, the use of digital
signatures to verify the authenticity of the sender, and email
filtering systems to block unwanted emails and malware.
• The non-technical measures may include training employees
on how to recognize and respond to phishing attacks and
other email security threats, establishing policies and
procedures for email use and management, and conducting
regular security audits to identify and address vulnerabilities.
3. Pretty Good Privacy (PGP)
• Pretty Good Privacy (PGP) is an encryption software program
designed to ensure the confidentiality, integrity, and
authenticity of virtual communications and information.
• At its core, PGP employs a hybrid cryptographic method,
combining symmetric-key and public-key cryptography
techniques.
• Symmetric-key cryptography entails the use of a single
mystery key to each encrypt and decrypt statistics.
12. • Conversely, public-key cryptography utilizes a pair of
mathematically associated keys: a public key, that is freely
shared and used for encryption, and a personal key, that is
stored in mystery and used for decryption.
4. S/MIME
• S/MIME stands for Secure/Multipurpose Internet Mail
Extensions. Through encryption, S/MIME offers protection for
business emails.
• S/MIME comes under the concept of Cryptography. S/MIME is
a protocol used for encrypting or decrypting digitally signed
E-mails. This means that users can digitally sign their emails
as the owner (sender) of the e-mail.
• S/MIME enables non-ASCII data to be sent using Secure Mail
Transfer Protocol (SMPT) via email. Moreover, many data files
are sent, including music, video, and image files.
• This data is securely sent using the encryption method. The
data which is encrypted using a public key is then decrypted
using a private key which is only present with the receiver of
the E-mail.
• The receiver then decrypts the message and then the
message is used. In this way, data is shared using e-mails
13. providing an end-to-end security service using the
cryptography method.
_____________________________________________________________
2. Security Threats and Countermeasures
1. Phishing Attacks
• Threat: Phishing involves tricking users into providing
sensitive information (like usernames, passwords, or credit
card details) by posing as a trustworthy entity in electronic
communications.
• Countermeasures:
o User Education: Teach users to recognize phishing
attempts and avoid clicking on suspicious links.
o Email Filtering: Use spam filters to detect and block
phishing emails.
o Two-Factor Authentication (2FA): Add an extra layer of
security to verify user identity.
2. Malware
• Threat: Malware includes viruses, worms, trojans,
ransomware, and spyware that can damage systems, steal
data, or disrupt operations.
14. • Countermeasures:
o Antivirus and Anti-Malware Software: Regularly
update and run antivirus programs to detect and remove
malware.
o Regular Updates and Patching: Keep all software,
including the operating system, up to date to close
vulnerabilities.
o Firewalls: Use firewalls to block unauthorized access.
3. Man-in-the-Middle (MITM) Attacks
• Threat: In MITM attacks, the attacker secretly intercepts and
possibly alters the communication between two parties.
• Countermeasures:
o Encryption: Use strong encryption protocols (like
SSL/TLS) to protect data in transit.
o Secure Communication Channels: Ensure that all
communication channels are secure and
authenticated.
o Public Key Infrastructure (PKI): Utilize PKI to verify the
identities of the parties involved in communication.
4. Denial of Service (DoS) and Distributed Denial of
Service (DDoS) Attacks
• Threat: DoS/DDoS attacks overwhelm a system with traffic,
making it unavailable to legitimate users.
15. • Countermeasures:
o Traffic Filtering: Implement traffic filtering to identify
and block malicious traffic.
o Load Balancing: Use load balancers to distribute traffic
and mitigate the impact of attacks.
o Redundancy and Failover Systems: Design systems
with redundancy and failover capabilities to maintain
service availability.
5. Password Attacks
• Threat: Password attacks, including brute force, dictionary,
and credential stuffing attacks, aim to gain unauthorized
access by cracking passwords.
• Countermeasures:
o Strong Password Policies: Enforce strong password
policies requiring complex and unique passwords.
o Account Lockout Mechanisms: Implement account
lockout mechanisms after several failed login attempts.
o Password Managers: Encourage the use of password
managers to generate and store strong passwords
securely.
_____________________________________________________________
16. 3. Transport Layer Security
Transport Layer Security (TLS) is a cryptographic protocol
designed to provide secure communication over a computer
network. It is widelyused for securing web traffic, emails,and other
internet-based communications.
Key Features of TLS:
1. Encryption: Ensures that data exchanged between the client
and server is encrypted, preventing eavesdropping.
2. Integrity: Ensures data is not tampered with during transit.
3. Authentication: Confirms the identity of the communicating
parties, typically using certificates.
17. TLS Handshake Process:
1. Client Hello: The client initiates the handshake by sending a
"hello" message to the server, which includes the client's
supported TLS versions, cipher suites, and a random byte
string.
2. Server Hello: The server responds with its own "hello"
message, choosing the TLS version and cipher suite from the
options provided by the client, and also sends its certificate
and a random byte string.
3. Key Exchange: Both parties use the random strings and
public key information to generate a shared secret key for
encryption.
4. Cipher Spec Change: The client and server notify each other
that future messages will be encrypted.
5. Finished: Both parties send a message indicating the
handshake is complete and encryption begins.
_____________________________________________________________
4. Secure Socket Layer
Secure Socket Layer (SSL) provides security to the data that is
transferred between web browser and server. SSL encrypts the link
between a web server and a browser which ensures that all data
passed between them remain private and free from attack.
18. Secure Socket Layer Protocols:
• SSL record protocol
• Handshake protocol
• Change-cipher spec protocol
• Alert protocol
SSL (Secure Sockets Layer) certificate is a digital certificate used
to secure and verify the identity of a website or an online service.
The certificate is issued by a trusted third-party called a Certificate
Authority (CA), who verifies the identity of the website or service
before issuing the certificate.
The SSL certificate has several important characteristics that
make it a reliable solution for securing online transactions:
2. Encryption: The SSL certificate uses encryption algorithms
to secure the communication between the website or service
and its users.
3. Authentication: The SSL certificate verifies the identity of the
website or service, ensuring that users are communicating
with the intended party and not with an impostor.
4. Integrity: The SSL certificate uses message authentication
codes (MACs) to detect any tampering with the data during
transmission.
4. Non-repudiation: SSL certificates provide non-repudiation
of data, meaning that the recipient of the data cannot deny
having received it. This is important in situations where the
19. authenticity of the information needs to be established, such
as in e-commerce transactions.
5. Certificates issued by trusted CAs SSL certificates are
issued by trusted CAs, who are responsible for verifying the
identity of the website or service before issuing the
certificate.
_____________________________________________________________
5. Wireless Transport Layer Security (WTLS)
• WTLS is a security protocol used to protect data sent over
wireless networks.
• It's part of the Wireless Application Protocol (WAP), which
allows mobile devices to access the internet.
• WTLS is similar to Transport Layer Security (TLS) but modified
for mobile devices that have less power and memory.
• When you connect to a secure service (like a bank) using your
phone, WTLS starts by creating a secure connection.
• It uses cryptographic algorithms to encrypt and decrypt data,
ensuring that even if the data is intercepted, it can't be read
by others.
_____________________________________________________________
20. Unit 3
1. Internet Protocol Security
IP Security (IPsec) is a framework of open standards for ensuring
private, secure communications over Internet Protocol (IP)
networks through the use of cryptographic security services. It
helps protect data during transmission by providing confidentiality,
data integrity, and authentication.
Characteristics Associated with IPSec:
1. The standardized algorithms present in IP Sec are SHA and
MD5.
2. IPSec uniquely identifies every packet, and then
authentication is carried out based on verifying the same
uniqueness of the packet.
3. IP network or IPSec has an ESP present in it for security
purposes.
_____________________________________________________________
21. 2. Components of IP Security
It has the following components:
1. Encapsulating Security Payload (ESP)
2. Authentication Header (AH)
3. Internet Key Exchange (IKE)
1. Encapsulating Security Payload (ESP)
Encapsulating Security Payload (ESP) is a method used to protect
data sent over IP networks.
a. Encapsulation and Encryption:
• When data (also called the payload) is sent over the network,
ESP first encapsulates or wraps it.
• This wrapped data is then encrypted, turning it into a form
that cannot be easily understood by anyone except the
intended receiver.
b. Security Checks and Authentication:
• After encryption, ESP performs a security check. This is
called authentication, which verifies that the data is coming
from a legitimate source.
• Authentication ensures that the data has not been tampered
with during transmission.
22. c. Ensuring Safety:
• The combination of encryption (which hides the content) and
authentication (which verifies the sender) makes the data
very secure.
• This protects the data from being stolen or altered by any
unauthorized third party.
d. Process of Encryption and Decryption:
• The encryption process is done by an authenticated (verified)
user who sends the data.
• When the data reaches the receiver, it can only be decrypted
(turned back into its original form) if the receiver is also
authenticated.
• This means only the intended receiver, who has been verified,
can access the original data.
e. Smooth and Secure Communication:
• Because only verified users can encrypt and decrypt the data,
the entire process of sending and receiving data is both
smooth and secure.
• This ensures that the data remains private and protected
throughout its journey across the network.
23. Key Features:
1. Encryption: ESP encrypts the payload of the IP packet to
ensure that the data remains confidential. This protects the
data from being read by unauthorized entities.
2. Integrity: ESP ensures that the data has not been altered
during transmission. This is done through integrity checks.
3. Authentication: ESP verifies the origin of the data, ensuring
that it comes from a legitimate source.
4. Anti-replay: ESP includes sequence numbers in the packets
to protect against replay attacks.
2. Authentication Header (AH)
AH is designed to provide connectionless integrity and data origin
authentication for IP packets. It also provides protection against
replay attacks.
Key Features of Authentication Header (AH):
1. Data Integrity:
o Ensures that the data has not been altered during
transit.
24. o Uses a hash function to create a message digest, which
is then included in the AH.
2. Data Origin Authentication:
o Verifies that the data is from a legitimate source.
o Ensures that the packet was sent by the authenticated
sender.
3. Anti-Replay Protection:
o Protects against replay attacks by using sequence
numbers.
o Ensures that each packet is unique and not a duplicate
of a previous packet.
_____________________________________________________________
2. Intruders
The most common threat to security is an attack by an Intruder.
Intruders are often referred to as hackers and are the most harmful
factors contributing to the vulnerability of security. They have
immense knowledge and an in-depth understanding of technology
and security. Intruders breach the privacy of users and aim to steal
the confidential information of the users. The stolen information is
then sold to third parties, which aim at misusing the information
for their own personal or professional gains.
25. Intruders are people who try to access computer systems and data
without proper authorization. They can be classified into three
main categories:
1. Masquerader
2. Misfeasor
3. Clandestine User
1. Masquerader
• Masqueraders are individuals who are not authorized to use
the system. They are outsiders who do not have direct
access.
• They exploit the system's vulnerabilities to gain control and
access private or confidential information.
• Their main goal is to steal data or information by unethical
means.
2. Misfeasor
• Misfeasors are individuals who are authorized to use the
system. They are insiders with legitimate access.
• They misuse their access privileges to perform unauthorized
activities, such as stealing or altering data.
26. 3. Clandestine User
• Clandestine Users have supervisory or administrative control
over the system. They can be insiders (such as system
administrators) or outsiders who gain control.
• They misuse their authoritative power to perform malicious
activities, often for financial gain or other personal benefits.
3. Intrusion Detection System (IDS)
• A system called an intrusion detection system (IDS) observes
network traffic for malicious transactions and sends
immediate alerts when it is observed.
• It is software that checks a network or system for malicious
activities or policy violations.
• Each illegal activity or violation is often recorded either
centrally using an SIEM system or notified to an
administration.
• IDS monitors a network or system for malicious activity and
protects a computer network from unauthorized access from
users, including perhaps insiders.
27. Working of Intrusion Detection System (IDS)
• An IDS (Intrusion Detection System) monitors the traffic on a
computer network to detect any suspicious activity.
• It analyzes the data flowing through the network to look for
patterns and signs of abnormal behavior.
• The IDS compares the network activity to a set of predefined
rules and patterns to identify any activity that might indicate
an attack or intrusion.
• If the IDS detects something that matches one of these rules
or patterns, it sends an alert to the system administrator.
• The system administrator can then investigate the alert and
take action to prevent any damage or further intrusion.
_____________________________________________________________
4. Viruses
• Viruses are small pieces of software that attach themselves
to real programs.
• The term “virus” is also commonly but erroneously used to
refer to other types of malware, adware, and spyware
programs that do not have the reproductive ability.
• A true virus can spread from one computer to another (in
some form of executable code).
28. • Viruses can increase their chances of spreading on to other
computers by infecting files on a network file system or a file
system that is accessed by another computer.
• Viruses always mostly corrupt or modify system files on the
targeted computer.
Types of Viruses:
• Boot sector Virus: It infects the boot sector of the system,
executing every time system is booted and before the
operating system is loaded. It infects other bootable media
like floppy disks. These are also known as memory
viruses as they do not infect the file systems.
• Macro Virus: Unlike most viruses which are written in a low-
level language(like Cor assembly language),these arewritten
in a high-level language like Visual Basic. These viruses are
triggered when a program capable of executing a macro is
run. For example, the macro viruses can be contained in
spreadsheet files.
• Source code Virus: It looks for source code and modifies it
to include virus and to help spread it.
29. • Polymorphic Virus: A virus signature is a pattern that can
identify a virus(a series of bytes that make up virus code). So
in order to avoid detection by antivirus a polymorphic virus
changes each time it is installed. The functionality of the virus
remains the same but its signature is changed.
• Encrypted Virus: In order to avoid detection by antivirus, this
type of virus exists in encrypted form. It carries a decryption
algorithm along with it. So the virus first decrypts and then
executes.
_____________________________________________________________
5. Firewall Design Principles
A Firewall is a hardware or software to prevent a private computer
or a network of computers from unauthorized access, it acts as a
filter to avoid unauthorized users from accessing private
computers and networks. It filters network packets and stops
malware from entering the user’s computer or network by blocking
access and preventing the user from being infected.
Designing an effective firewall involves several important steps to
ensure that the network remains secure from various threats.
30. 1. Developing Security Policy
• The policy is tailored to the specific needs of the company or
client.
• Without a proper security policy, it is impossible to effectively
control network access.
• A well-developed policy reduces risk by ensuring proper
security measures are in place.
2. Simple Solution Design
• A simpler design makes it easier to update and adapt to new
threats.
• Complex designs can lead to mistakes that open up security
gaps.
• Efficiency and ease of use are critical for ongoing security
management.
3. Choosing the Right Device
• Determine the specific security needs before selecting a
device.
• Ensure the chosen device is up-to-date and suitable for the
task.
• Incorrect or outdated devices weaken network security.
4. Layered Defense
• A multi-layered approach enhances overall security.
31. • Each layer can be tailored to defend against specific threats.
• This approach makes it harder for attackers to penetrate the
entire network.
5. Consider Internal Threats
• Design internal security measures to prevent unauthorized
actions by insiders.
• Use filtering to monitor traffic moving between different
security levels.
• Implement different levels of security to control internal
access.
_____________________________________________________________
32. Unit 4
1. Cyber Crime
Cybercrime or a computer-oriented crime is a crime that includes
a computer and a network. The computer may have been used in
the execution of a crime or it may be the target. Cybercrime is the
use of a computer as a weapon for committing crimes such as
committing fraud, identity theft, or breaching privacy. Cybercrime,
especially through the Internet, has grown in importance as the
computer has become central to every field like commerce,
entertainment, and government.
Prevention of Cyber Crime:
Below are some points by means of which we can prevent cyber
crime:
1. Use strong password – Maintain different password and
username combinations for each account and resist the
temptation to write them down. Weak passwords can be
easily cracked using certain attacking methods like Brute
force attack, Rainbow table attack etc. So make them
complex. That means combination of letters, numbers and
special characters.
2. Use trusted antivirus in devices – Always use trustworthy
and highly advanced antivirus software in mobile and
33. personal computers. This leads to the prevention of different
virus attack on devices.
3. Keep social media private – Always keep your social media
accounts data privacy only to your friends. Also make sure
only to make friends who are known to you.
4. Keep your device software updated – Whenever you get the
updates of the system software update it at the same time
because sometimes the previous version can be easily
attacked.
5. Use secure network – Public Wi-Fi are vulnerable. Avoid
conducting financial or corporate transactions on these
networks.
6. Never open attachments in spam emails – A computer get
infected by malware attacks and other forms of cybercrime is
via email attachments in spam emails. Never open an
attachment from a sender you do not know.
7. Software should be updated – Operating system should be
updated regularly when it comes to internet security. This can
become a potential threat when cybercriminals exploit flaws
in the system.
_____________________________________________________________
34. 2. Electronic Governance : IT Act, 2000
• Electronic Governance, also known as e-governance,
involves using computers, the Internet, and digital platforms
to improve government services.
• Instead of relying on paper-based methods, e-governance
makes processes more efficient and accessible through
technology.
• It allows citizens to interact with government services online,
making it easier to access information, complete
transactions, and participate in decision-making.
Provisions of Electronic Governance under IT Act, 2000:
1. Attribution, Acknowledgement, and Dispatch of Electronic
Records
• Attribution: This involves identifying who created or sent an
electronic record, helping to confirm its authenticity and
responsibility.
• Acknowledgement: This is the confirmation that an
electronic record has been received, assuring the sender that
their message was delivered.
• Dispatch: This refers to securely sending electronic records
to the intended recipient.
35. 2. Validity of Contracts Formed Through Electronic Means
• Legal Recognition: Agreements made via emails, websites,
or electronic signatures are legally valid.
• Criteria for Validity: Electronic contracts must meet certain
criteria, such as the consent of parties, accurate recording of
terms, and secure communication.
3. Attribution of Electronic Records
Attribution of electronic records is about identifying the originator
or sender of a digital document or message.
• Establishing Identity: It helps verify the authenticity of
electronic records by confirming who created or transmitted
them.
• Methods Used: Digital signatures, email headers, and
embedded metadata are common methods to attribute
electronic records.
4. Acknowledgement of Receipt
Acknowledgement of receipt confirms that an electronic message
or document has been received.
• Explicit and Implicit Confirmation: This can be a reply to an
email or automated delivery notifications.
• Ensuring Delivery: It assures the sender that their message
reached the intended recipient, establishing accountability
and reducing disputes over delivery.
36. 5. Time and Place of Dispatch and Receipt of Electronic Record
Determining the time and place of dispatch and receipt of
electronic records is essential for validating electronic
transactions and communications.
6. Secure Electronic Records and Secure Electronic Signatures
• Secure Electronic Records: These are protected from
unauthorized access, alteration, or deletion using measures
like encryption and access controls.
• Secure Electronic Signatures: These authenticate the
identity of the signer and ensure the document's integrity,
using cryptographic techniques to prevent tampering.
_____________________________________________________________
3. Basics of Network Security
IP Addresses
• IP Address: A unique string of numbers separated by periods
that identifies each computer using the Internet Protocol to
communicate over a network.
• Function: Acts like a home address for computers on a
network, allowing devices to find and communicate with
each other.
37. • Types:
o IPv4: Consists of four sets of numbers (e.g.,
192.168.1.1).
o IPv6: A newer version with a longer address format to
accommodate more devices (e.g.,
2001:0db8:85a3:0000:0000:8a2e:0370:7334).
Port Numbers and Sockets
• Port Numbers: Numerical labels in the range 0-65535 used
to identify specific processes or services on a device.
o Common Ports:
▪ HTTP: Port 80
▪ HTTPS: Port 443
▪ FTP: Port 21
• Sockets: Combination of an IP address and a port number,
forming a communication endpoint.
o Example: IP address 192.168.1.1 with port 80 forms a
socket for web traffic.
• Function: Sockets allow for multiple network services on a
single device by using different port numbers.
38. Hiding IP Addresses:
• VPN (Virtual Private Network): Encrypts your internet
connection and hides your real IP address by using an IP from
the VPN server.
• Proxy Servers: Acts as intermediaries, masking your IP
address with that of the proxy.
• TOR (The Onion Router): Routes your connection through
multiple servers, hiding your IP address through multiple
layers of encryption.
Tracing IP Addresses:
• Purpose: Used for security and investigative purposes to find
the origin of a network communication.
• Methods:
o Traceroute: A network diagnostic tool that shows the
path taken by packets to reach their destination.
o WHOIS Lookup: Provides information about the
registered owner of an IP address.
o IP Logging: Keeping records of IP addresses that
connect to a server or service.
_____________________________________________________________
39. 4. Scanning Techniques
1. Traceroute
• Traceroute is also called as a tracert. It traces the route from
source to the destination.
• It is achieved by using ICMP to send a request.
• It revels all routers between source and destination by
displaying their IP Address to detect where the packet loss or
latency occurs.
2. Ping Sweeping
• A ping sweep (also known as an ICMP sweep) is a basic
network scanning technique used to determine which of a
range of IP addresses map to live hosts (computers).
• Whereas a single ping will tell whether one specified host
computer exists on the network, a ping sweep consists of
ICMP (Internet Control Message Protocol) echo requests
sent to multiple hosts. To do this, the ping requires an address
to send the echo request to, which can be an IP address or a
web server domain name.
• If a given address is live, it will return an ICMP echo reply. To
disable ping sweeps on a network, administrators can block
ICMP echo requests from outside sources
40. 3. Port Scanning
• Port scanning is used to find out which ports are open and
listening for connections.
• This information helps in understanding what services or
applications are running on a device.
• It involves sending connection requests to a range of port
numbers on a target device.
• The responses indicate whether the ports are open
(accepting connections), closed (not open for connections),
or filtered (protected by a firewall).
4. ICMP Scanning
The main goal of ICMP scanning is to identify which devices are up
and running on a network. It helps network administrators manage
and troubleshoot the network.
• Ping Request: The scanner sends a ping (ICMP echo request)
to a range of IP addresses.
• Ping Reply: Devices that are active respond with a ping reply
(ICMP echo reply).
• Analysis: By analyzing the responses, the scanner can
determine which devices are alive and their basic network
status.
41. 5. Fingerprinting
Fingerprinting in network security is a technique used to collect
information about systems and networks to identify potential
threats, weaknesses, and the presence of malicious activities.
They are of two types:
1. Active Fingerprinting: This involves probing and interacting
with the target system. It sends specially crafted packets to a
system and analyzes the responses. In other words, you’re
actively trying to get information from a computer system by
sending it messages and seeing how it responds.
2. Passive Fingerprinting: In contrast, passive fingerprinting
does not initiate communication with the target. Instead, it
monitors network traffic and sniffs out patterns that can
reveal information about the systems involved. In other
words, you’re just observing the data that a computer system
naturally sends out to figure out information about it.
Active and passive fingerprinting can also be applied to email
systems to enhance security and identify potential threats.
• Active Fingerprinting in Email: This would involve sending
test emails or requests to the email server and analyzing the
responses. For example, by sending an email with specific
commands or formats, one could see how the server
processes it.
42. • Passive Fingerprinting in Email: This method would be
about observing the emails that are being sent from a server
without interacting with it directly.
_____________________________________________________________
43. Unit 5
1. Buffer Overflow Attacks
Buffer overflow attacks are methods that exploit vulnerabilities in
a program's handling of memory. Here are the main types:
1. Stack Overflows
• Occurs when more data is written to a stack buffer than
it can hold, overwriting adjacent memory.
• The stack is a special region of computer memory that
stores temporary variables created by each function.
2. String Overflows
• A specific type of buffer overflow that occurs when
manipulating strings (arrays of characters).
• Functions like strcpy() or strcat() that do not
check the length of the source string can cause
overflows if the string is too long.
3. Heap Overflows
• Occurs when more data is written to a heap buffer than
it can hold, overwriting adjacent memory.
• The heap is a region of a computer's memory used for
dynamic memory allocation.
44. 4. Integer Overflows
Occurs when an arithmetic operation attempts to
create a numeric value that is outside the range that can
be represented with a given number of bits.
_____________________________________________________________
2. Internal Attacks
1. Emails
• Email Attacks involves unauthorized access or misuse of
email accounts within an organization.
• Employees might click on malicious links or attachments,
leading to malware infections or data breaches.
• It can result in sensitive information being leaked or stolen.
2. Mobile Phones
• It involves exploiting vulnerabilities in employees' mobile
devices.
• Using malware, phishing, or exploiting weak security settings
on personal or company-provided phones.
3. Instant Messengers
• These are attacks using instant messaging platforms like
WhatsApp or Slack.
45. • It happens through phishing links, malicious file sharing, or
weak passwords.
4. FTP Uploads
• It involves misuse of File Transfer Protocol (FTP) for
unauthorized data transfer.
• This is caused when employees upload sensitive files to
unsecured or unauthorized FTP servers.
• Sensitive data can be intercepted, stolen, or exposed to
unauthorized parties.
5. Dumpster Diving
• It involves searching through physical trash to find sensitive
information.
• It happens when attackers retrieve discarded documents,
like printouts, memos, or sticky notes, containing
confidential information.
6. Shoulder Surfing
• It involves observing someone’s private information by
looking over their shoulder.
• Attackers can watch employees type passwords, read
sensitive documents, or enter private data in public or semi-
public areas.
_____________________________________________________________
46. 3. DoS Attacks
DoS attacks are attempts to interrupt a website or network’s
operations by overwhelming it with traffic. The attacker achieves
this by sending an enormous amount of requests to the target
server, which causes it to slow down or even crash, making it
inaccessible to legitimate users.
Here are various types of DOS attacks:
1. Ping of Death: The "Ping of Death" is a type of cyberattack where
someone sends a very large message to a computer, bigger than
what the computer can handle. This oversized message can cause
the computer to crash, freeze, or restart. It's like overloading a
machine with too much work at once, causing it to break down.
2. Teardrop Attack: A "Teardrop Attack" is a type of cyberattack
where someone sends pieces of a message to a computer that
don't fit together properly. When the computer tries to reassemble
these pieces, it gets confused and crashes or freezes.
3. SYN Flooding: A "SYN Flood" attack is a type of cyberattack
where someone sends a lot of connection requests to a computer
but doesn't complete them. The computer gets overwhelmed
trying to handle all these half-open connections, which can make
it slow down or crash.
47. 4. Land Attack: A "Land Attack" is a type of cyberattack where the
attacker sends a crafted TCP SYN packet (a message) to a server
with the source address and source port the same as the
destination address and destination port, causing the server to get
confused and crash.
5. Smurf Attack: A "Smurf Attack" is a type of cyberattack where
someone sends a fake request to many computers, pretending it's
from the target computer. These computers then all send
responses back to the target computer, overwhelming it with traffic
and causing it to slow down or crash.
6. UDP Flooding: A "UDP Flood" attack is a type of cyberattack
where someone sends a huge amount of UDP (User Datagram
Protocol) packets to a computer very quickly. This overwhelms the
computer's ability to process the packets, causing it to slow down
or crash.
7. Hybrid DoS Attack: A "Hybrid DoS Attack" is a type of
cyberattack that combines multiple methods to overwhelm a
computer or network, making it unavailable to users. For example,
an attacker might use a combination of SYN Flood, UDP Flood, and
other techniques simultaneously to increase the chances of
disrupting the target. This makes it harder for the target to defend
against because they have to deal with several types of attacks at
the same time.
48. 8. Application-specific Attacks: These attacks involve targeting
specific weaknesses in certain software programs instead of trying
to break into an entire computer network. For instance, someone
might exploit a flaw in a website's code to steal data or make the
site do something it shouldn't, like redirecting users to malicious
websites.
_____________________________________________________________
4. DoS vs. DDoS
DDoS Attack stands for Distributed Denial of Service Attack. In this
attack DoS Attacks are done from many different locations using
many systems. Each source sends traffic that may appear
legitimate, making it harder to filter out malicious requests.
DoS DDoS
In DoS attack, single system
targets the victim’s system.
In DDoS, multiple systems
attack the victim’s system.
Victim PC is loaded from the
packets of data sent from a
single location.
Victim PC is loaded from the
packets of data sent from
multiple location.
49. DoS DDoS
DoS attack is slower as
compared to DDoS.
DDoS attack is faster than DoS
attack.
Can be blocked easily as only
one system is used.
It is difficult to block this attack
as multiple devices are sending
packets and attacking from
multiple locations.
DoS attacks are easy to trace.
DDoS attacks are difficult to
trace.
Volume of traffic in the DoS
attack is less as compared to
DDoS.
DDoS attacks allow the
attacker to send massive
volumes of traffic to the victim
network.
Types of DoS Attacks are:
1. Buffer overflow attacks
2. Ping of Death or ICMP flood
3. Teardrop Attack
4. Flooding Attack
Types of DDoS Attacks are:
1. Volumetric Attacks
2. Fragmentation Attacks
3. Application Layer Attacks
4. Protocol Attack.