Tables of Contents

Computer Network Network and Data Security

Introduction to Network
1
1 Introduction Security
2 Network Authentication

Types of Computer 3 Types of Network Attacks

2
Networks 4 Virus

Basic Components of 5 Firewall

3
Computer Networks 6 Cryptography
7 Anti - Virus
8 Anti-Spyware Software
4 Network Topologies
Intrusion Detection System
9
(IDS)
1. Introduction:
A computer network refers to an interconnected group of multiple computers
and devices that allows users to share resources and communicate efficiently.
These networks employ hardware and software components to transfer data
through nodes (computers) connected by transmission links.
Modern communication technologies enable the connection of geographically
dispersed computing systems, allowing users to access these networks
remotely through PCs, terminals, or mobile devices. Data transmission uses
digital signals, often requiring conversion into analog signals for transmission
over conventional telecommunications infrastructure. This process, called
modulation, is facilitated by a device known as a modem
(MOdulator-DEModulator).

2. Types of Computer Networks:

3. Basic Components of Computer Networks:
Computer networks consist of several essential elements that enable
communication and resource sharing among interconnected systems. These
components include hardware, transmission media, and network software.

3.1 Network Hardware:

Servers and Clients:
● A server is a high-performance computer that manages network
resources.
● Clients (also known as nodes) access resources hosted on the server.
● In peer-to-peer networks, all computers are equal, with no dedicated
server.
Network Interface Card (NIC):
● A NIC (or network adapter) allows a computer to connect to a network.
● Common NIC types include 8-bit, 16-bit, and 32-bit cards.
● Ethernet protocol is frequently used for communication between nodes.
Modems:
● Modems convert digital signals to analog (and vice versa) for transmission
over telephone lines.
● Types: External, USB, Internal, and Built-in Modems.
● ISDN modems handle digital signals without the need for analog
conversion.
Switches:
● Switches are multi-port bridges that connect network segments.
● They manage data traffic by directing packets based on MAC addresses.
Hubs:
● Hubs connect multiple devices via dedicated cables but lack the
intelligence to manage data flow.
● Typically available with 4, 8, 12, or 24 ports
Routers:
● Routers connect different networks and determine the optimal path for
data transmission.
● Often referred to as gateways, they manage traffic between LANs and
WANs.

3.2 Transmission Media:

Guided Media (Wired):
● Coaxial Cables: Resemble television cables, used for data transmission.
● Twisted-Pair Cables: Available in shielded (STP) and unshielded (UTP)
varieties, commonly used in telephone and Ethernet networks.
● Optical Fiber: Uses light for high-speed transmission over long distances.
Unguided Media (Wireless):
● Data is transmitted through radio waves and microwaves.
● Common in Wi-Fi networks and satellite communications.

3.3 Network Operating Software (NOS):

Network Operating Software (NOS) manages the operation of the network,
coordinating user access, security, and resources. Key categories include:
● Peer-to-Peer NOS
● Client-Server NOS (Two-Tier Architecture)
● Three-Tier Client-Server Architecture

4. Network Topologies:
Network topology refers to how computers, devices, and other elements are
arranged in a communication network. This layout can be physical (how devices
and cables are connected) or logical (how data flows within the network).

4.1 Linear Bus Topology:

● Description: A single backbone cable connects all devices. Both ends of
the backbone must have terminators.
 ● Data Flow: Data is transmitted along the backbone until it reaches the
intended device.

4.2 Star Topology:

● Description: All devices connect to a central hub or switch. Data passes
through the hub to its destination.
● Data Flow: The Hub or switch manages data transmission, acting as a
central point.

4.3 Ring Topology:

● Description: Devices are connected in a circular path, with each device
connected to exactly two others. Data travels in one direction through the
ring.
● Data Flow: Each device receives data, processes it, and forwards it along
the ring.
4.4 Tree (Expanded Star) Topology:
● Description: Combines elements of bus and star topologies. Groups of
star-configured devices are connected via a linear backbone.
● Data Flow: Data flows from the central backbone to individual
star-configured segments.

4.5 Mesh Topology:

Mesh topology involves the direct interconnection of all nodes within a
network, creating a highly redundant communication structure. Each node is
connected to multiple other nodes, ensuring high reliability through several
alternative paths to transmit data. If one connection fails, data can still reach its
destination through other available routes, making it ideal for environments
where uninterrupted communication is critical.
4.6 Hybrid and Wireless Topology:
Hybrid Topology combines different types of topologies (like bus, ring, star, or
tree) into a single network to leverage their strengths. Hybrid topology is often
used in large networks where various departments or segments may benefit
from different configurations.
Wireless Topology eliminates the need for physical cables by using Wi-Fi
technology to connect devices within a Wireless LAN (WLAN). In wireless
networks, Access Points (APs) and wireless controllers are strategically
positioned to ensure optimal coverage and seamless connectivity.
1. Introduction to Network Security:
Security is a global concern that aims to protect valuable assets, data, and
information. While physical security can be achieved using traditional means
like locks, walls, or compartments, ensuring network security poses a more
complex challenge due to the interconnection of computers. Computer
networks allow for resource sharing, but they also introduce risks like hacking,
phishing, and malware attacks.
The primary goal of network security is to:
● Maintain data confidentiality: Ensure information is accessible only to
authorized users.
● Preserve data integrity: Protect data from unauthorized modification or
corruption.
● Ensure availability: Provide uninterrupted access to resources on a 24/7
basis.

2. Network Authentication:
Network authentication ensures that users accessing a system or network are
legitimate and authorized. This is achieved by verifying the user’s identity
through a process called authentication, which assigns unique credentials to
each user or device on the network.
2.1 Methods of Authentication:
● Username and Password
● IP Address Authentication
● Biometric Authentication
3. Types of Network Attacks:
Network attacks threaten the security and integrity of data shared across
interconnected systems. They are broadly classified into passive attacks, where
the attacker only observes, and active attacks, where data is manipulated with
the intent to corrupt or disrupt the network.
Prevention
Attack Type Description Impact/Objective
Measures
Intercepting data Exposes sensitive Use encryption
Eavesdroppin traveling through the information through (e.g., SSL/TLS) to
g network without altering "sniffing" or secure
it. "snooping." communications.
Implement
Unauthorized changes to Alters or falsifies
Data integrity checks
data packets during data, compromising
Modification and cryptographic
transmission. integrity and trust.
hashing.
Allows
Identity Using a false IP address unauthorized Use firewalls and
Spoofing (IP to impersonate a access, data IP filtering to
Spoofing) legitimate user or device. manipulation, and detect spoofing.
rerouting.
Steals data, Enforce strong
Exploiting weak
changes password policies
Password-Ba passwords or stolen
configurations, or and multi-factor
sed Attacks credentials for
executes malicious authentication
unauthorized access.
actions. (MFA).
Causes slowdowns, Use traffic
Overloading a network
Denial-of-Ser crashes, or monitoring tools
or system with excessive
vice (DoS) prevents legitimate and rate-limiting
traffic.
access. policies.
 Intercepting Steals or alters Use end-to-end
Man-in-the-M communication between transmitted data, encryption and
iddle Attack two parties without their posing as a session token
knowledge. legitimate user. validation.
Use key
Gaining unauthorized Decrypts sensitive management
Compromised
access to a cryptographic data or generates protocols and
-Key Attack
key. new malicious keys. regular key
rotations.
Reveals
Deploy encryption
Captures and analyzes confidential
protocols (e.g.,
Sniffer Attack unencrypted network information such as
WPA2, TLS) for
traffic. passwords and
all traffic.
messages.
Installs malware or
Exploits vulnerabilities in Regular patching
Application-L disables security
software or operating and vulnerability
ayer Attack controls to enable
systems. management.
future attacks.
4. Virus:
A computer virus is a malicious program designed to replicate itself by infecting
other files and systems. Similar to biological viruses, it enter a system without
the user’s awareness and spread across networks, often lying dormant until
triggered. It targets system files, programs, and even data storage areas like the
Master Boot Record (MBR) or RAM. Viruses are categorized as:
● Boot Sector Viruses: Infect the boot sector of a drive.
● Program File Infectors: Target executable files (.exe, .dll, .sys).
● Polymorphic Viruses: Modify their code to avoid detection.
● Macro Viruses: Infect data files like Microsoft Word documents (.doc) and
Excel spreadsheets (.xls).
Modern viruses are often hard to detect, hiding in memory or disguising
themselves as legitimate files, known as stealth viruses. An example is the
Jerusalem Virus, which activates on certain dates, causing system damage.

4.1 Trojan Horse:

A Trojan Horse is a type of malware that pretends to be a legitimate program. It
does not self-replicate like a virus but performs malicious activities once
executed. Trojans often create a backdoor, giving hackers remote access to the
system. Harmful actions include:
● System crashes or corruption of data.
● Keylogging to steal passwords.
● Deleting files or altering system settings.
● Remote control access to webcams or other devices.
● Participation in Distributed Denial-of-Service (DDoS) attacks.

4.2 Malware and Spyware:

Malware (malicious software) is a broad category that includes viruses, worms,
adware, and spyware. Spyware specifically gathers sensitive information, such
as user behavior or login credentials, without consent. It is often installed
secretly and classified into:
● System Monitors
● Adware (unwanted advertising software)
● Tracking Cookies
● Some modern spyware and malware are polymorphic, meaning they
mutate to evade detection.

Virus Name Year Description

One of the first worms to spread across the
Morris Worm 1988
internet, causing slowdowns globally.
A computer worm that spread through email,
ILOVEYOU 2000 disguising itself as a love letter. It affected
millions of computers worldwide.
Spread via email attachments, it infected systems
Melissa Virus 1999 and caused emails to be sent to multiple
recipients automatically.
Targeted Windows servers and defaced
Code Red 2001
websites, spreading rapidly across networks.
A worm that caused widespread disruption by
SQL Slammer 2003 exploiting vulnerabilities in Microsoft SQL
servers.
Infected millions of systems by exploiting
Conficker 2008 Windows vulnerabilities, creating a botnet for
malicious purposes.
A sophisticated virus believed to target Iran's
Stuxnet 2010 nuclear program, damaging physical machinery
via malware.
5. Firewall:
A firewall is a crucial network security device designed to monitor and control
incoming and outgoing network traffic based on predetermined security rules. It
acts as a barrier between a private internal network and the public internet,
ensuring that only authorized traffic is allowed in or out. At its core, a firewall
can either accept, reject, or drop traffic based on the security policies
established within the organization.
● Accept: Permits the traffic to pass through.
● Reject: Blocks the traffic and sends a notification about the block.
● Drop: Silently blocks the traffic without sending any notifications.
 5.1 Functions of a Firewall

5.2 Firewall History:

Organization / Timelin
Contributors Contribution
Context e
Developed packet-filtering
technology to monitor and
Jeff Mogul, Paul Digital Equipment filter network traffic, laying Late
Vixie, Brian Reid Corp (DEC) the foundation for modern 1980s
firewalls by controlling access
through external connections.
Advanced the circuit-level
Kshitiji Nigam,
gateway firewall, allowing
William Cheswick,
continuous network 1989–1
David Presotto, AT&T Bell Labs
connections without 991
Steven Bellovin,
reauthorizing each data
Janardan Sharma
packet, enhancing efficiency.
Developed Secure External
Access Link (SEAL), the first
Digital Equipment 1991–1
Marcus Ranum application-layer firewall
Corp (DEC) 992
using security proxies to
inspect application traffic.
 Created Firewall-1, the first
commercial firewall with
Gil Shwed and Nir Check Point stateful inspection, and 1993–1
Zuk Technologies introduced a graphical user 994
interface to make firewalls
more user-friendly.

6. Cryptography:
Cryptography is the art and science of securing information and communication
by transforming data into a coded format, ensuring that only authorized
recipients can understand or process it. This process helps protect sensitive
information from unauthorized access or misuse. The term comes from the
Greek roots: "crypt," meaning hidden, and "graphy," meaning writing.
At its core, cryptography employs mathematical concepts and algorithm-based
calculations to encode data, making it unreadable to anyone who doesn’t
possess the correct decryption key. These algorithms are critical for generating
cryptographic keys, creating digital signatures, and performing verification
tasks.

6.1 Types of Cryptography:

1. Symmetric Key Cryptography
In this encryption method, both the sender and receiver use the same secret key
to encrypt and decrypt messages. While symmetric cryptography is fast and
straightforward, the main challenge lies in securely exchanging the key
between parties. Examples of popular symmetric encryption algorithms include:
● Data Encryption Standard (DES): A now-outdated encryption method
replaced by more secure options.
● Advanced Encryption Standard (AES): A widely used encryption
algorithm known for its speed and robustness.
2. Hash Functions
Unlike symmetric or asymmetric encryption, hash functions do not involve the
use of keys. Instead, they generate a fixed-length hash value from input data,
making it impossible to reverse-engineer the original data. Hash functions are
commonly employed in:
● Password encryption: Many operating systems use hash functions to store
and protect passwords securely.
● Data integrity checks: Verifying whether data has been altered.
● Key Feature: One-way encryption that ensures data integrity.

3. Asymmetric Key Cryptography (Public Key Cryptography):

Asymmetric cryptography utilizes two different but mathematically related
keys:
Public Key: Used for encrypting the message and can be shared openly.
Private Key: Known only to the receiver and used to decrypt the message.
The most notable example of this encryption method is the RSA algorithm.
Even if someone intercepts the public key, the message remains secure since
only the intended recipient with the private key can decrypt it.
6.2 Types Of Cryptography:

6.3 Types of Attacks in Cryptography:

Brute Force Attack: In this type of attack, the attacker systematically tries all
possible keys or passwords until the correct one is found.
Man-in-the-Middle (MITM) Attack: This occurs when an attacker intercepts
and manipulates communication between two parties without their knowledge.
Dictionary Attack: This attack involves using a list of common words, phrases,
or passwords (a "dictionary") to guess login credentials.
Replay Attack: In this type of attack, the attacker captures a valid transmission
and retransmits it at a later time, potentially masquerading as the original
sender.
Birthday Attack: This attack exploits the mathematics of the birthday paradox,
which shows that finding two different inputs with the same hash value (a
collision) is easier than expected.

7. Anti - Virus:
Anti-virus software is a program designed to detect, prevent, and remove
malicious software (malware) such as viruses, worms, and Trojans from
computer systems. It serves as the first line of defense against threats that can
compromise system security and data integrity.
 Antivirus Year of Developer /
Software Development Company
Reaper 1972 Bob Thomas
McAfee
1987 John McAfee
Antivirus
Norton Antivirus 1991 Symantec
Kaspersky
1997 Eugene Kaspersky
Antivirus
AVG Technologies
AVG Antivirus 1992
(later Avast)
Avast Antivirus 1988 Avast Software
Panda Security 1990 Panda Software
Bitdefender 2001 Bitdefender
ESET NOD32 1987 ESET
Sophos
1985 Sophos Group
Antivirus

8. Anti-Spyware Software:
Anti-spyware software is a specialized cybersecurity tool designed to detect,
block, and eliminate spyware—a type of malicious software that secretly
collects information about individuals or organizations without their consent.
Spyware infiltrates devices to monitor user behavior, steal sensitive information,
or track activities, posing serious risks to privacy and data security.
8.1 Types of Anti-Spyware Software:
Selecting the right anti-spyware software depends on individual needs,
business requirements, and the overall cybersecurity framework. Below are the
key types of anti-spyware programs available, each offering unique benefits
and potential limitations:

Standalone Anti-Spyware Software:

This type of software is specifically designed to detect, remove, and prevent
spyware. It focuses solely on spyware protection, often providing advanced
tools to address these threats effectively.

Integrated Security Suites:

Integrated security suites combine anti-spyware with other security tools,
including antivirus, firewalls, and anti-malware. These suites offer a
multi-layered defense strategy to address a wide range of threats.

Free Anti-Spyware:
Free options can be effective for individual users or small businesses with
limited budgets. However, they usually come with fewer features, and updates
may be less frequent, leaving gaps in protection against newer threats.
Paid Anti-Spyware:
Paid solutions offer more robust protection, including advanced features such
as behavioral analysis to detect fileless malware and regular updates. They
typically also provide better customer support.

9. Intrusion Detection System (IDS):

An Intrusion Detection System (IDS) is a security solution designed to monitor
network traffic or system activities for malicious activities, unauthorized access,
and policy violations. IDS detects unusual patterns and sends alerts to
administrators, allowing them to take immediate action to mitigate threats.
9.1 How an IDS Works:

Type of IDS Description

Monitors traffic across multiple devices by being
Network Intrusion
strategically placed within a network, such as near
Detection System (NIDS)
firewalls, to detect breaches or malicious activity.
Installed on individual devices or hosts to monitor traffic
Host Intrusion Detection
specific to that system and alert administrators about
System (HIDS)
suspicious activities like file modifications.
Focuses on monitoring specific protocols, such as HTTPS,
Protocol-Based Intrusion
between users and servers to detect anomalies and
Detection System (PIDS)
secure web communication.
Application Tracks communications within specific application-level
Protocol-Based protocols, such as SQL queries, to identify abnormal
IDS (APIDS) behaviors and potential threats.
Integrates multiple IDS approaches (e.g., NIDS and HIDS)
Hybrid Intrusion
to provide comprehensive monitoring and enhanced
Detection System
security across the entire network.
9.2 Detection Techniques of IDS: