To establish communication

with other entity

you have to process
several functions
To establish communication
with other entity
you have to process
several functions
Functions are grouped in what we call Layers
To establish communication
with other entity
you have to process
several functions
Functions are grouped in what we call Layers
ISO defined 7 Layers in OSI Reference model standard
To establish communication
with other entity
you have to process
several functions
Functions are grouped in what we call Layers
ISO defined 7 Layers in OSI Reference model standard
DOD defined 4 Layers in TCP/IP Reference model
ISO 7 Layers
ISO 7 Layers
ISO 7 Layers
ISO 7 Layers
ISO 7 Layers
ISO 7 Layers
ISO 7 Layers
ISO 7 Layers
ISO 7 Layers

All People Seem To Need Data Processing

Please Don’t tell secret Password Any
time
ISO 7 Layers

Functions of Physical Layer

Representation of Bits: Data in this layer consists of stream of bits. The

bits must be encoded into signals for transmission. It defines the type of
encoding i.e. how 0's and 1's are changed to signal.

Interface: The physical layer defines the transmission interface between

devices and transmission medium.
Topologies: Devices must be connected using the following topologies:
Mesh, Star, Ring and Bus.
Transmission Modes: Physical Layer defines the direction of transmission
between two devices: Simplex, Half Duplex, Full Duplex.
ISO 7 Layers

Functions:
- framing.
- Mac Addresses.
- Error control.

Sub-layers:
- LLC (logical link control).
- MAC (Media Access Control).
ISO 7 Layers

Functions :
- Logical Addressing.
- Encapsulating.
- Routing.
ISO 7 Layers

Functions:
- Segmenting.
- TCP / UDP Protocols.
ISO 7 Layers

Function :
Initiate , Manage , Terminate Session.
ISO 7 Layers

Functions :
- encryption.
- Compression.
- Formatting.
ISO 7 Layers

• The communication between two nodes is actually connection

process between 2 Apps .
ISO 7 Layers Network Devices
and Working Layers
ISO 7 Layers Network Devices
and Working Layers
ISO 7 Layers Network Devices
and Working Layers
ISO 7 Layers Network Devices
and Working Layers
ISO 7 Layers Network Devices
and Working Layers
 Comm.
Protocols
ISO 7 Layers Network Devices
and Working
and Working Layers
Layers
 Comm.
Protocols
ISO 7 Layers Network Devices
and Working
and Working Layers
Layers
 Comm.
Protocols
ISO 7 Layers Network Devices
and Working
and Working Layers
Layers
 Comm.
Protocols
ISO 7 Layers Network Devices
and Working
and Working Layers
Layers
 Comm.
Protocols
ISO 7 Layers Network Devices
and Working
and Working Layers
Layers
 Comm.
Protocols
ISO 7 Layers Network Devices
and Working
and Working Layers
Layers
 Comm.
Protocols
ISO 7 Layers Network Devices
and Working
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs)
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs)
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs)
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs)
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs)
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs)
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs)
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs)
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs) TCP/IP 4 Layers
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs) TCP/IP 4 Layers
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs) TCP/IP 4 Layers
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs) TCP/IP 4 Layers
and Working Layers
Layers
 Comm. Protocols
Protocols Data Units
ISO 7 Layers Network Devices
and Working (PDUs) TCP/IP 4 Layers
and Working Layers
Layers
 ISO/OSI
Reference
Model

ISO is the organization.

Note OSI is the model.
All People Seem To Need Data Processing
Reliable process-to-process delivery of a message

Hop-to-hop delivery
Endpoint Security
Endpoint Protection
• Endpoints are hosts which commonly consist
of laptops, desktops, servers, and IP phones,
as well as employee-owned devices.
Endpoints are particularly susceptible to
malware-related attacks that originate
through email or web browsing.
• Endpoints have typically used traditional
host-based security features, such as
antivirus/antimalware, host-based firewalls,
and host-based intrusion prevention systems
(HIPSs).
• Endpoints today are best protected by a
combination of NAC, an email security
appliance (ESA), and a web security appliance
(WSA).
Layer 2 Security Threats
Layer 2 Vulnerabilities
Recall that the OSI reference model is divided into seven
layers which work independently of each other. The figure
shows the function of each layer and the core elements
that can be exploited.

Network administrators routinely implement security

solutions to protect the elements in Layer 3 up through
Layer 7. They use VPNs, firewalls, and IPS devices to
protect these elements. However, if Layer 2 is
compromised, then all the layers above it are also
affected. For example, if a threat actor with access to the
internal network captured Layer 2 frames, then all the
security implemented on the layers above would be
useless. The threat actor could cause a lot of damage on
the Layer 2 LAN networking infrastructure.
Data threats:
1. cybercrime.
2. Data Threats from force majeure.
3. From employees , ISP and external providers.
Encryption

51
 Security Services
• Authentication - assurance that the communicating entity is the one claimed

• Access Control - prevention of the unauthorized use of a resource

• Data Confidentiality –protection of data from unauthorized disclosure

• Data Integrity - assurance that data received is as sent by an authorized entity

• Non-Repudiation - protection against denial by one of the parties in a communication

52
 Data Confidentiality

• Data Confidentiality
De f I n I t I o n

• Protection of data from unauthorized disclosure

• By using encryption (cryptography)

53
 Definitions
• Plaintext: easy to understand form (original message)

• Ciphertext: difficult to understand form

De f I n I t I o n

• Encryption: encoding (plaintext -> ciphertext)

• Decryption: decoding (ciphertext -> plaintext)

• Cryptology: study of encryption

• Cryptography: use of encryption

• Cryptanalysis: breaking encryption

54
 Definitions
• Hacking.

• Cracking.
De f I n I t I o n

• Ethical hacking.

56
list of important terms used in the field
of hacking:
• Adware − Adware is software designed to force pre-chosen ads to display on your system.
• Back door − A back door, or trap door, is a hidden entry to a computing device or software that bypasses security measures, such as logins and
password protections.
• Clone phishing − Clone phishing is the modification of an existing, legitimate email with a false link to trick the recipient into providing personal
information.
• Malware − Malware is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, Trojan
horses, spyware, adware, scareware, and other malicious programs.
• Spyware − Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such
information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge.
• SQL Injection − SQL injection is an SQL code injection technique, used to attack data-driven applications, in which malicious SQL statements are
inserted into an entry field for execution (e.g. to dump the database contents to the attacker).
• Trojan − A Trojan, or Trojan Horse, is a malicious program disguised to look like a valid program, making it difficult to distinguish from programs that
are supposed to be there designed with an intention to destroy files, alter information, steal passwords or other information.
• Virus − A virus is a malicious program or a piece of code which is capable of copying itself and typically has a detrimental effect, such as corrupting the
system or destroying data.
• Zombie Drone − A Zombie Drone is defined as a hi-jacked computer that is being used anonymously as a soldier or 'drone' for malicious activity, for
example, distributing unwanted spam e-mails.
 Encryption (Ciphering)

• Encryption/ Decryption needs

• Encryption Algorithm A5,AES,md5,snow 3G
• Encryption Key

58
 Classes: Block cipher vs. Stream cipher

Block ciphers encrypt plaintext in units of blocks

and likewise decrypt cipher text in units of blocks.

Stream ciphers encrypt plaintext in one stream and

decrypt cipher text likewise.

62
 Classes: Block cipher vs. Stream cipher

Block ciphers encrypt plaintext in units of blocks

and likewise decrypt cipher text in units of blocks. • Usually 64, 128, … bit per block

• More secure in most cases

• Usually more complex and slower in

operation

• Example: AES, DES, 3DES,

63
 Classes: Block cipher vs. Stream cipher

• Usually byte or bit depended

• Equally secure if properly designed

• Usually very simple and much faster.

• Example: RC4, A5, SNOW, …

Stream ciphers encrypt plaintext in one stream and

decrypt cipher text likewise.

64
Modes: (ECB, CBC, CFB, OFB, CTR)

65
Modes: (ECB, CBC, CFB, OFB, CTR)

66
 Encryption - Types

Symmetrical Encryption

Encryption

Asymmetrical Encryption

67
 Symmetrical Encryption

• Uses conventional / secret-key / single-key

• Sender and recipient share a common key
• The only type prior to invention of public-key in 1970’s
68
 Symmetrical Encryption

Symmetrical Classic

Symmetrical Encryption[
Symmetrical Modern

• Two types of symmetrical encryption :

• Symmetrical Classic (historical – only to understand the modern symmetrical)
• Symmetrical Modern

69
 Symmetrical Classic Encryption
• Example of Symmetrical Classic Encryption:
• Caesar / Rot-13 …
• Vigenere …
• Hill …
• Substitution / Atbash …
• Playfair …
• ADFGVX …
• Byte Addition …
• XOR …
• Vernam …
• Homophone…
• Permutation / Transposition …
• Solitaire …

70
 Caesar Cipher (too old – not used today)
• can define transformation as:
a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

• mathematically give each letter a number

a b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y Z
13 14 15 16 17 18 19 20 21 22 23 24 25

• example:
• K=3
meet me after the party
PHHW PH DIWHU WKH SDUWB
• then have Caesar cipher as:
C = E(p) = (p + k) mod (26)
p = D(C) = (C – k) mod (26)

71
where P = plaintext, C = ciphertext, E = the encryption method, D = the decryption method, and k = the key.
 How to find the key ?
Only 26 possible keys – try them all !
 Example Cryptanalysis
• given ciphertext:
UZQSOVUOHXMOPVGPOZPEVSGZWSZOPFPESXUDBMETSXAIZ

VUEPHZHMDZSHZOWSFPAPPDTSVPQUZWYMXUZUHSX

EPYEPOPDZSZUFPOMBZWPFUPZHMDJUDTMOHMQ

• count relative letter frequencies (see text)

• guess ZW is th and hence ZWP is the

• proceeding with trial and error finally get:

it was disclosed yesterday that several informal but First page of Al-Kindi's 9th century
direct contacts have been made with political Manuscript on Deciphering
Cryptographic Messages
representatives of the viet cong in moscow
English Letters Frequency
Arabic Letters Frequency
 Vigenère Cipher

• write the plaintext out

• write the keyword repeated above it
• use each key letter as a caesar cipher key
• encrypt the corresponding plaintext letter
• eg using keyword deceptive
key: deceptivedeceptivedeceptive
plaintext: wearediscoveredsaveyourself
ciphertext:ZICVTWQNGRZGVTWAVZHCQYGLMGJ
 Example Cryptanalysis
(What is wrong in this paragraph)

This is an unusual paragraph. I’m curious how quickly you can find out what is so unusual about it. It looks so
plain you would think nothing was wrong with it. In fact, nothing is wrong with it! It is unusual though. Study it,
and think about it, but you still may not find anything odd. But if you work at it a bit, you might find out! Try to
do so without any coaching! You probably won’t, at first, find anything particularly odd or unusual or in any way
dissimilar to any ordinary composition. That is not at all surprising, for it is no strain to accomplish in so short a
paragraph a stunt similar to that which an author did throughout all of his book, without spoiling a good writing
job, and it was no small book at that. By studying this paragraph assiduously, you will shortly, I trust, know what
is its distinguishing oddity. Upon locating that “mark of distinction,” you will probably doubt my story of this
author and his book of similar unusuality throughout. It is commonly known among book-conscious folk and
proof of it is still around. If you must know, this sort of writing is known as a lipogram, but don’t look up that
word in any dictionary until you find out what this is all about.—Unknown
Modern Symmetrical Encryption

78
 Symmetrical Encryption

Symmetrical Classic

Symmetrical Encryption[
Symmetrical Modern

• Two types of symmetrical encryption :

• Symmetrical Classic (historical – only to understand the modern symmetrical)
• Symmetrical Modern

79
 Symmetrical Modern Encryption

Example of Symmetrical Classic Encryption:

• Most Common Algorithms • Less Common Algorithms

• AES • RC2
• Twofish • RC5
• Serpent • DES
• Blowfish • IDEA
• CAST5 • CAST-128
• RC4 • TEA
• 3DES (Triple-DES) • ...

80
Asymmetrical Encryption
 Public Key Encryption – Encryption
Asymmetrical Encryption
 Digital Signature
Asymmetrical Encryption

• Sender encrypts message with their private key

• Receiver can decrypt using senders public key

• This authenticates sender, who is only person who has the matching key

• Does not give privacy of data

• Decrypt key is public
 Public Key Encryption
Authentication
Asymmetrical Encryption
 Asymmetric-key or Public-key Cryptosystems
Asymmetrical Encryption

Commonly used public-key systems including:

• Diffie-Hellman

• Rivest, Shamir, Adleman (RSA)

• Elliptic Curve Cryptography (ECC)

 Diffie-Hellman
Example
Asymmetrical Encryption

• Users Alice & Bob who wish to swap keys agree on:
• Prime q=353 and α=3

• Select random secret keys:

• A chooses xA=97, B chooses xB=233

• Compute public keys:

97
• yA=3 mod 353 = 40 (Alice)
233
• yB=3 mod 353 = 248 (Bob)

• Compute shared session key as:

xA 97
KAB= yB mod 353 = 248 = 160 (Alice)
xB 233
KAB= yA mod 353 = 40 = 160 (Bob)