CYBER SECURITY
1. Network Security: Understanding how to protect computer networks from unauthorized access, data breaches, and
other security threats.
2. Cryptography: Learning about encryption techniques to secure data transmission and storage.
3. Cyber Law: Exploring legal aspects related to cybercrime, privacy, and intellectual property.
4. Ethical Hacking: Gaining knowledge about ethical hacking practices to identify vulnerabilities and improve system
security.
5. Risk Assessment: Evaluating potential risks and vulnerabilities in information systems.
6. Incident Response: Developing strategies to handle security incidents effectively.
1. OSI Model:
○ The Open Systems Interconnection (OSI) model is a conceptual framework that standardizes communication
between different computer systems. It consists of seven layers, each responsible for specific tasks:
■ Physical Layer (Layer 1): Deals with physical connections, cables, and transmission of raw bits.
■ Data Link Layer (Layer 2): Manages data framing, error detection, and MAC addresses.
■ Network Layer (Layer 3): Handles routing, logical addressing (IP addresses), and packet forwarding.
■ Transport Layer (Layer 4): Ensures reliable data transfer (e.g., using TCP or UDP).
■ Session Layer (Layer 5): Establishes, maintains, and terminates communication sessions.
■ Presentation Layer (Layer 6): Translates data formats (e.g., encryption, compression).
■ Application Layer (Layer 7): Provides user-level services (e.g., HTTP, FTP, SMTP).
2. TCP/IP Model:
○ The Transmission Control Protocol/Internet Protocol (TCP/IP) model is a simplified version of the OSI model,
commonly used in networking:
■ Application Layer: Corresponds to the OSI Application Layer.
■ Transport Layer: Combines the OSI Transport and Session Layers.
■ Internet Layer: Similar to the OSI Network Layer (handles IP addressing and routing).
■ Link Layer: Combines the OSI Data Link and Physical Layers.
3. Three-Way Handshake:
○ When establishing a TCP connection, the three-way handshake ensures reliable communication:
1. SYN (Synchronize): The client sends a SYN packet to the server, requesting a connection.
2. SYN-ACK (Synchronize-Acknowledge): The server responds with a SYN-ACK packet, acknowledging
the request.
3. ACK (Acknowledge): The client acknowledges the server's response with an ACK packet.
4. TCP Flags:
○ TCP packets include control flags to manage communication:
■ SYN: Initiates a connection.
■ ACK: Acknowledges received data.
■ FIN: Indicates the end of data transmission.
■ RST: Resets the connection.
■ URG: Urgent data (rarely used).
■ PSH: Pushes data to the application layer (immediately).
■ CWR and ECE: Congestion control flags.
1. Network Address Translation (NAT):
○ Definition: Network Address Translation (NAT) is a process that allows multiple devices within a private
network to share a single public IP address for accessing the Internet. It translates local (private) IP addresses
to global (public) IP addresses and vice versa.
○ Working:
■ A border router (usually configured for NAT) handles translation between local and global IP
addresses.
■ When a packet leaves the local network, NAT converts the local IP address to a global one.
■ When a packet enters the local network, the global IP address is converted to a local one.
■ NAT also masks port numbers to avoid conflicts.
, ○ Types of NAT:
■ Inside Local Address: Assigned to hosts within the local network (private IP addresses).
■ Inside Global Address: Represents inside local IP addresses to the outside world (public IP addresses).
■ Outside Addresses: Not controlled by the organization (used for translation).
○ Why Mask Port Numbers?: To prevent ambiguity when multiple hosts request the same destination on the
same port simultaneously.
○ Use Cases: NAT is commonly used in routers and firewalls [1].
2. Transmission Media:
○ Transmission media are physical pathways for data transmission between devices. They include:
■ Guided Media (Wired):
● Twisted Pair Cable: Consists of insulated copper wires twisted together. Types include
Unshielded Twisted Pair (UTP) and Shielded Twisted Pair (STP).
● Coaxial Cable: Has an outer plastic covering, insulation layer, and parallel conductors. Used
in cable TV and analog TV networks.
● Optical Fiber Cable: Uses refraction of light through a glass or plastic core for high-speed
data transmission.
■ Unguided Media (Wireless):
● Includes radio waves, microwaves, and infrared signals.
● Examples: Wi-Fi, Bluetooth, cellular networks.
○ Factors Influencing Choice: Distance, data rate, cost, and environmental considerations [6] [ ] [8].
3. Information Security:
○ Definition: Information security refers to technologies, policies, and procedures that protect communication
infrastructure from cyberattacks, unauthorized access, and data loss.
○ Goals:
■ Confidentiality: Ensuring that only authorized parties can access sensitive information.
■ Integrity: Preventing unauthorized modification of data.
■ Availability: Ensuring data and services are accessible when needed.
○ Security Principles Supported:
■ Steganography: Supports confidentiality and authentication.
■ Cryptography: Supports confidentiality, authentication, data integrity, and non-repudiation [7].
4. Cryptography vs. Steganography:
○ Steganography:
■ Hides secret messages within cover media (e.g., images, audio).
■ Structure of data remains unchanged.
■ Provides confidentiality and authentication.
○ Cryptography:
■ Converts plain text into ciphertext using encryption algorithms.
■ Alters data structure.
■ Provides confidentiality, integrity, and non-repudiation.
○ Mathematical Involvement:
■ Steganography: Minimal mathematical transformations.
■ Cryptography: Involves number theory and mathematics.
○ Visibility:
■ Steganography hides the fact that secret communication is taking place.
■ Cryptography hides only the secret message itself [11].
1. Hacking:
○ Definition and Context:
■ Hacking refers to the practice of gaining unauthorized access to computer systems, networks, or
digital devices. It involves exploring vulnerabilities, manipulating code, and bypassing security
measures.
■ While hacking has a negative connotation due to its association with cybercrime, it's essential to
recognize that not all hacking is malicious. Ethical hacking (discussed later) plays a crucial role in
improving security.
○ Types of Hackers:
1. Network Security: Understanding how to protect computer networks from unauthorized access, data breaches, and
other security threats.
2. Cryptography: Learning about encryption techniques to secure data transmission and storage.
3. Cyber Law: Exploring legal aspects related to cybercrime, privacy, and intellectual property.
4. Ethical Hacking: Gaining knowledge about ethical hacking practices to identify vulnerabilities and improve system
security.
5. Risk Assessment: Evaluating potential risks and vulnerabilities in information systems.
6. Incident Response: Developing strategies to handle security incidents effectively.
1. OSI Model:
○ The Open Systems Interconnection (OSI) model is a conceptual framework that standardizes communication
between different computer systems. It consists of seven layers, each responsible for specific tasks:
■ Physical Layer (Layer 1): Deals with physical connections, cables, and transmission of raw bits.
■ Data Link Layer (Layer 2): Manages data framing, error detection, and MAC addresses.
■ Network Layer (Layer 3): Handles routing, logical addressing (IP addresses), and packet forwarding.
■ Transport Layer (Layer 4): Ensures reliable data transfer (e.g., using TCP or UDP).
■ Session Layer (Layer 5): Establishes, maintains, and terminates communication sessions.
■ Presentation Layer (Layer 6): Translates data formats (e.g., encryption, compression).
■ Application Layer (Layer 7): Provides user-level services (e.g., HTTP, FTP, SMTP).
2. TCP/IP Model:
○ The Transmission Control Protocol/Internet Protocol (TCP/IP) model is a simplified version of the OSI model,
commonly used in networking:
■ Application Layer: Corresponds to the OSI Application Layer.
■ Transport Layer: Combines the OSI Transport and Session Layers.
■ Internet Layer: Similar to the OSI Network Layer (handles IP addressing and routing).
■ Link Layer: Combines the OSI Data Link and Physical Layers.
3. Three-Way Handshake:
○ When establishing a TCP connection, the three-way handshake ensures reliable communication:
1. SYN (Synchronize): The client sends a SYN packet to the server, requesting a connection.
2. SYN-ACK (Synchronize-Acknowledge): The server responds with a SYN-ACK packet, acknowledging
the request.
3. ACK (Acknowledge): The client acknowledges the server's response with an ACK packet.
4. TCP Flags:
○ TCP packets include control flags to manage communication:
■ SYN: Initiates a connection.
■ ACK: Acknowledges received data.
■ FIN: Indicates the end of data transmission.
■ RST: Resets the connection.
■ URG: Urgent data (rarely used).
■ PSH: Pushes data to the application layer (immediately).
■ CWR and ECE: Congestion control flags.
1. Network Address Translation (NAT):
○ Definition: Network Address Translation (NAT) is a process that allows multiple devices within a private
network to share a single public IP address for accessing the Internet. It translates local (private) IP addresses
to global (public) IP addresses and vice versa.
○ Working:
■ A border router (usually configured for NAT) handles translation between local and global IP
addresses.
■ When a packet leaves the local network, NAT converts the local IP address to a global one.
■ When a packet enters the local network, the global IP address is converted to a local one.
■ NAT also masks port numbers to avoid conflicts.
, ○ Types of NAT:
■ Inside Local Address: Assigned to hosts within the local network (private IP addresses).
■ Inside Global Address: Represents inside local IP addresses to the outside world (public IP addresses).
■ Outside Addresses: Not controlled by the organization (used for translation).
○ Why Mask Port Numbers?: To prevent ambiguity when multiple hosts request the same destination on the
same port simultaneously.
○ Use Cases: NAT is commonly used in routers and firewalls [1].
2. Transmission Media:
○ Transmission media are physical pathways for data transmission between devices. They include:
■ Guided Media (Wired):
● Twisted Pair Cable: Consists of insulated copper wires twisted together. Types include
Unshielded Twisted Pair (UTP) and Shielded Twisted Pair (STP).
● Coaxial Cable: Has an outer plastic covering, insulation layer, and parallel conductors. Used
in cable TV and analog TV networks.
● Optical Fiber Cable: Uses refraction of light through a glass or plastic core for high-speed
data transmission.
■ Unguided Media (Wireless):
● Includes radio waves, microwaves, and infrared signals.
● Examples: Wi-Fi, Bluetooth, cellular networks.
○ Factors Influencing Choice: Distance, data rate, cost, and environmental considerations [6] [ ] [8].
3. Information Security:
○ Definition: Information security refers to technologies, policies, and procedures that protect communication
infrastructure from cyberattacks, unauthorized access, and data loss.
○ Goals:
■ Confidentiality: Ensuring that only authorized parties can access sensitive information.
■ Integrity: Preventing unauthorized modification of data.
■ Availability: Ensuring data and services are accessible when needed.
○ Security Principles Supported:
■ Steganography: Supports confidentiality and authentication.
■ Cryptography: Supports confidentiality, authentication, data integrity, and non-repudiation [7].
4. Cryptography vs. Steganography:
○ Steganography:
■ Hides secret messages within cover media (e.g., images, audio).
■ Structure of data remains unchanged.
■ Provides confidentiality and authentication.
○ Cryptography:
■ Converts plain text into ciphertext using encryption algorithms.
■ Alters data structure.
■ Provides confidentiality, integrity, and non-repudiation.
○ Mathematical Involvement:
■ Steganography: Minimal mathematical transformations.
■ Cryptography: Involves number theory and mathematics.
○ Visibility:
■ Steganography hides the fact that secret communication is taking place.
■ Cryptography hides only the secret message itself [11].
1. Hacking:
○ Definition and Context:
■ Hacking refers to the practice of gaining unauthorized access to computer systems, networks, or
digital devices. It involves exploring vulnerabilities, manipulating code, and bypassing security
measures.
■ While hacking has a negative connotation due to its association with cybercrime, it's essential to
recognize that not all hacking is malicious. Ethical hacking (discussed later) plays a crucial role in
improving security.
○ Types of Hackers:
