UNIT 1

Introduction to Cyber Crime

BE_CE Sem 7
LDRP-ITR

LDRP_ITR, BE_CE By Janak Tank

 Information System Security

► Thus they are exposed to the outside world directly.

► Threats from the outside world must be addressed.

► Damage from a non-secure IS can result in catastrophic

consequences for the organization.

► Thus organizations must investigate and evaluate the factors

that could be a threat.

►
➢What Is Information Security???

Protection of information systems against

unauthorized access to or modification of information,
whether in storage, processing or transit, and against
the denial of service to unauthorized users or the
provision of the service to unauthorized users,
including those measures necessary to detect,
document, and counter such threats.

►
 What is a Security Attack?

• A security attack is an intentional exploitation of

computer systems, networks, and technology-dependent
enterprises. These attacks use malicious code to modify
computer code, data, or logic. Culminating into
destructive consequences that can compromise your data
and promulgate securitycrimes such as information and
identity theft. A security attack is also known as a
computer network attack (CNA).
Why Information Security???
► Use of IT across businesses
► Fast growth of Internet
► Commercialization of Internet
► Web site defacement
► Theft of confidential data
► Financial Frauds
► Legal requirements

►
➢Why Information Security???
► Increased rate of cyber crime issues.

► Cyber crime is defined as criminal activity involving the IT

infrastructure, including illegal access, illegal interception,
data interference, misuse of devices, ID theft and electronic
fraud.

►
Cyber Crime Techniques
➢ Data Scavenging
➢Piggy Backing
➢ Man In the middle
➢ Social Engineering
➢ Password Sniffing
➢ Web Jacking
➢Online Fraud
➢Software Piracy

►
➢Information Security threats
► Denial of Service (DoS)
► Making system unavailable to legitimate users.
► Impersonation
►Assuming someone else’s identity and enjoying his privileges.
► Salami Technique
► Diverting small amount of money from a large number of
accounts maintained by the system.
► Small amounts go unnoticed.
► Spoofing
► Configuring a computer to assume some other computers
identity.
 Types of attacks
Spear Phishing Attacks:-
❖ Spear phishing is an email aimed at a particular individual or organization, desiring
unauthorized access to crucial information. These hacks are not executed by random
attackers but are most likely done by individuals out for trade secrets, financial gain,
or military intelligence.
❖ Spear phishing emails appear to originate from an individual within the recipient’s
own organization or someone the target knows personally. Quite often, government-
sponsored hacktivists and hackers perform these activities. Security criminals also
carry out these attacks with the aim of reselling confidential data to private companies
and governments. These attackers employ social engineering and individually-
designed approaches to effectively personalize websites and messages.

Phishing Attacks:-
❖ Phishing is a type of social engineering usually employed to steal user data such as
credit card numbers and login credentials. It happens when an attacker, posing as a
trusted individual, tricks the victim to open a text message, email, or instant message.
The victim is then deceived to open a malicious link that can cause the freezing of a
system as part of a ransomware attack, revealing sensitive information, or installation
of malware.
❖ This breach can have disastrous results. For an individual, this includes identity theft,
stealing of funds, or unauthorized purchases.
Whale Phishing Attack:-
❖ A whale phishing attack is a type of phishing that centers
on high-profile employees such as the CFO or CEO. It is
aimed at stealing vital information since those holding
higher positions in a company have unlimited access to
sensitive information. Most whaling instances manipulate
the victim into permitting high-worth wire transfers to the
attacker.
❖ The term whaling signifies the size of the attack, and
whales are targeted depending on their position within the
organization. Since they are highly targeted, whaling
attacks are more difficult to notice compared to the
standard phishing attacks.
❖ In a business, system security administrators can lessen
the effectiveness of such a hack by encouraging the
corporate management staff to attend security awareness
training.
Malware Attacks:-
❖Malware is a code that is made to stealthily affect a
compromised computer system without the consent of the
user. This broad definition includes many particular types
of malevolent software (malware) such as spyware,
ransom ware, command, and control.
❖Many well-known businesses, states, and criminal actors
have been implicated of and discovered deploying
malware.
❖Malware differs from other software in that it can spread
across a network, cause changes and damage, remain
undetectable, and be persistent in the infected system. It
can destroy a network and bring a machine’s performance
to its knees.
Drive-by Attack:-
❖ A security attacker looks for an insecure website and
plants a malicious script into PHP or HTTP in one of
the pages. This script can install malware into the
computer that visits this website or become an
IFRAME that redirects the victim’s browser into a site
controlled by the attacker. In most cases, these scripts
are obfuscated, and this makes the code to be
complicated to analyze by security researchers. These
attacks are known as drive-by because they don’t
require any action on the victim’s part except visiting
the compromised website. When they visit the
compromised site, they automatically and silently
become infected if their computer is vulnerable to the
malware, especially if they have not applied security
updates to their applications.
Ransomware:-
❖Ransomware blocks access to a victims data,
typically threating delete it if a ransom is paid. There
is no guarantee that paying a ransom will regain
access to the data. Ransomware is often carried out
via a Trojan delivering a payload disguised as a
legitimate file.
Trojan Horses:-
❖A Trojan is a malicious software program that
misrepresents itself to appear useful. They spread by
looking like routine software and persuading a victim
to install. Trojans are considered among the most
dangerous type of all malware, as they are often
designed to steal financial information
 Goals of Security
• To save data from external threats.
• To protect our data from vulnerabilities.
• To protect our data from fishing.
• To restrict data from unauthorised activities.
• To imply properly configured rule in to
systems
• Analyze every suspicious activities happed
over system by viewing its logs.
Why Information Security???
* Cookies
* Cross Site Scripting (XSS)
► SPAM
* Salami Attack
* Virus / Worms/ Trojans
* Spyware / Adware
* Phishing
* Email Spoofing..........................Etc.

►
Elements of Information Security
► Three basic elements of Information Security.

► Confidentiality

► Integrity

► Availability

►
Confidentiality
► It is the principle that information will not be
disclosed to unauthorized subjects.

* Examples:
► Unauthorized network data sniffing
► Listening a phone conversation.
Integrity
► It is the protection of system information or process from intentional or
accidental unauthorized changes.

Availability

It defines that information or resources are available when required.

Information Security

► In another words.......

► ......Information security means making sure to

provide required information for the correct people at
the correct time.

►
Other Elements of Info. Sec.
► Identification - recognition of an entity by a system.

► Authentication-Process of verifying identity.

► Accountability -Tracing activities of individual on

a system.

► Authorization- Granting access or other

permissions.

► Privacy- Right of individual to control the sharing of

information about him.
►
How to achieve Information Security?
* Information Security does not mean only installing antivirus
and firewalls.
* Information security tends to protect hardware, software, data,
procedures, records, supplies and human resources.

• Information assets are those resources that store, transport,

create, use or are information.

• Physical Controls- controlled physical access to resources,

monitoring, no USB or CDROM etc.

• Technical Controls- Access controls, encryption, Firewalls, IDS,

IPS,HTTPS.

• Administrative Controls- Policies, Security awareness trainings.

Information System Security
* Threat
* A threat is a possible event that can damage
or harm an Information System.

* Vulnerability
* It is the weakness within a system. It is the degree of
exposure in view of threat.

* Countermeasures
* It is a set of actions implemented to prevent threats.

►
Information Security Services

► Network Level Threats

► Attacker requires network access to organization
systems or networks.
► Hacking Computers, Implementing Spywares

► Information Level Threats

► Attack on the information.
► Sending fake queries to sales department
► Submitting false information.
► Creating revenge web sites.

►
 UNIT 2
Date:-8/7/2020
Information Systems Concepts
& Security Attacks

BECE Sem 7
LDRP-ITR
LDRP_ITR, BE,CE By Janak Tank
 UNIT 2

Information Systems Concepts

& Security Attacks
23/6/2021
BECE Sem 7
LDRP-ITR
LDRP_ITR, BE,CE By Janak Tank
 Information Security Concepts.
• Information Security Overview ,
• Types of Attacks,
• Goals for Security,
• Computer Forensics,
• E-commerce security,
• Security Engineering
 •Types of Attacks
• A cyber attack is an intentional act conducted by one or
more cybercriminals to steal data, fabricate information, or
disable digital systems. To deal with these multiple types of
cyber attacks, organizations require Cyber Security experts
and specialists.
• Through cyber security attacks, cybercriminals get illegal
and unauthorized access to one or more computers that they
use according to their benefits. There are various types of
cyber attacks that affect individuals across the globe. So,
what are the most common types of cyber attacks that are
prevalent today? You’d be surprised to know that there is a
long list to go through.
Cyber Crime Techniques
➢Reconnaissance
➢Launching an Access
➢Man In the middle
➢ Social Engineering
➢ Password Sniffing
➢ Web Jacking
➢Online Fraud
➢Software Piracy

►
➢Information Security threats
➢Denial of Service (DoS)
➢Impersonation
➢ Salami Technique
➢Spoofing
➢Whale Phishing Attack
➢Internal Threats
➢External threats
➢Ransomeware
➢SQL injection and more….
•Goals for Security

➢Crime targeted at individuals

➢Crime targeted at Property.

➢Crime targeted at Organization

➢Single event of Cybercrime

➢Series of events
 • Computer Forensics

• What is computer forensics?

Forensics is the process of using scientific knowledge for collecting,

analyzing, and presenting evidence to the courts. Forensics deals primarily
with the recovery and analysis of latent evidence. Latent evidence can take
many forms, from fingerprints left on a window to DNA evidence
recovered from blood stains to the files on a hard drive. computer forensics
as the discipline that combines elements of law and computer science to
collect and analyze data from computer systems, networks, wireless
communications, and storage devices.
• Why is Computer Forensics Important?
• computer forensics will help you ensure the overall integrity
and survivability of your network infrastructure. You can help
your organization if you consider computer forensics as a new
basic element in what is known as a “defense-in-depth”. To
understanding the legal and technical aspects of computer
forensics will help you capture vital information if your
network is compromised and will help you prosecute the case
if the intruder is caught.
• Two basic types of data are collected in computer
forensics.

• Persistent data is the data that is stored on a local hard

drive and is preserved when the computer is turned
off.
• Volatile data is any data that is stored in memory, or
exists in transit, that will be lost when the computer
loses power or is turned off. Volatile data resides in
registries, cache, and random access memory (RAM).
Since volatile data is ephemeral, it is essential an
investigator knows reliable ways to capture it
 Types of Computer Forensics attacks

• Forgery

• Breech of Computer Security

• Fraud/Theft

• Copyright Violations

• Identity Theft

• Threats
 Types of Computer Forensics attacks

• Burglary

• Homicide

• Administrative Investigations

• Cyber Terrorism

• Sales and Investment Fraud

• Electronic Fund Transfer Fraud

 The E-commerce Security Environment:
The Scope of the Problem
• Overall size of cybercrime unclear; amount of losses significant but stable;
individuals face new risks of fraud that may involve substantial uninsured
losses
– Symantec: Cybercrime on the rise from 2006

– Internet Crime Complaint Center (IC3): Logged 1 000 000+ consumer complaints
about alleged online fraud or cyber crime and referred 460,000+ complaints to law
enforcement agencies

– 2007 Computer Security Institute (CSI) survey: 46% detected security breach; 91%
suffered financial loss as a result. The average annual loss reported in this year’s survey
shot up to $350,424 from $168,000 the previous year.

– Underground economy marketplace that offers sales of stolen information growing.

 E-commerce security

• Confidentiality
• Integrity
• Availability
• Authenticity
• Encryption

Secure socket layer(SSL)

Secure Hypertext Transfer Protocol(SHTTP)
 The Different Dimensions of E-commerce Security
(E-commerce, Laudon, 3rd ed., 2007)

• Integrity
– The ability to ensure that information being displayed on a web site or transmitted or
received over the internet has not been altered in any way by an unauthorized party
• Nonrepudiation
– The ability to ensure that e-commerce participants do not deny (i.e. repudiate) their online
actions
• Authenticity
– The ability to identify the identity of a person or entity with whom you are dealing in the
internet
• Confidentiality
– The ability to ensure that messages and data are available only to those who are authorized
to view them
• Privacy
– The ability to control the use of information about oneself
• Availability
– The ability to ensure that an e-commerce site continues top function as intended
 Security Threats in the E-commerce Environment

• Three key points of vulnerability:

– Client
– Server
– Communications channel
 Public Key Encryption using Digital
Signatures and Hash Digests

• Application of hash function (mathematical algorithm)

by sender prior to encryption produces hash digest that
recipient can use to verify integrity of data

• Double encryption with sender’s private key (digital

signature) helps ensure authenticity and nonrepudiation
• Thank you
 Types of attacks
Spear Phishing Attacks:-
❖ Spear phishing is an email aimed at a particular individual or organization, desiring
unauthorized access to crucial information. These hacks are not executed by random
attackers but are most likely done by individuals out for trade secrets, financial gain,
or military intelligence.
❖ Spear phishing emails appear to originate from an individual within the recipient’s
own organization or someone the target knows personally. Quite often, government-
sponsored hacktivists and hackers perform these activities. Security criminals also
carry out these attacks with the aim of reselling confidential data to private companies
and governments. These attackers employ social engineering and individually-
designed approaches to effectively personalize websites and messages.

Phishing Attacks:-
❖ Phishing is a type of social engineering usually employed to steal user data such as
credit card numbers and login credentials. It happens when an attacker, posing as a
trusted individual, tricks the victim to open a text message, email, or instant message.
The victim is then deceived to open a malicious link that can cause the freezing of a
system as part of a ransomware attack, revealing sensitive information, or installation
of malware.
❖ This breach can have disastrous results. For an individual, this includes identity theft,
stealing of funds, or unauthorized purchases.
Whale Phishing Attack:-
❖ A whale phishing attack is a type of phishing that centers
on high-profile employees such as the CFO or CEO. It is
aimed at stealing vital information since those holding
higher positions in a company have unlimited access to
sensitive information. Most whaling instances manipulate
the victim into permitting high-worth wire transfers to the
attacker.
❖ The term whaling signifies the size of the attack, and
whales are targeted depending on their position within the
organization. Since they are highly targeted, whaling
attacks are more difficult to notice compared to the
standard phishing attacks.
❖ In a business, system security administrators can lessen
the effectiveness of such a hack by encouraging the
corporate management staff to attend security awareness
training.
Malware Attacks:-
❖Malware is a code that is made to stealthily affect a
compromised computer system without the consent of the
user. This broad definition includes many particular types
of malevolent software (malware) such as spyware,
ransom ware, command, and control.
❖Many well-known businesses, states, and criminal actors
have been implicated of and discovered deploying
malware.
❖Malware differs from other software in that it can spread
across a network, cause changes and damage, remain
undetectable, and be persistent in the infected system. It
can destroy a network and bring a machine’s performance
to its knees.
Drive-by Attack:-
❖ A security attacker looks for an insecure website and
plants a malicious script into PHP or HTTP in one of
the pages. This script can install malware into the
computer that visits this website or become an
IFRAME that redirects the victim’s browser into a site
controlled by the attacker. In most cases, these scripts
are obfuscated, and this makes the code to be
complicated to analyze by security researchers. These
attacks are known as drive-by because they don’t
require any action on the victim’s part except visiting
the compromised website. When they visit the
compromised site, they automatically and silently
become infected if their computer is vulnerable to the
malware, especially if they have not applied security
updates to their applications.
Ransomware:-
❖Ransomware blocks access to a victims data,
typically threating delete it if a ransom is paid. There
is no guarantee that paying a ransom will regain
access to the data. Ransomware is often carried out
via a Trojan delivering a payload disguised as a
legitimate file.
Trojan Horses:-
❖A Trojan is a malicious software program that
misrepresents itself to appear useful. They spread by
looking like routine software and persuading a victim
to install. Trojans are considered among the most
dangerous type of all malware, as they are often
designed to steal financial information
 UNIT 3

Security Threats and vulnerabilities.

17/07/2020
BECE Sem 7
LDRP-ITR
LDRP_ITR, BE,CE By Janak Tank
 Threats
• The people eager, willing and qualified to take an advantage of
each security vulnerability, and continually search for new
exploits and weaknesses.
• Threats can be many like software attacks, theft of intellectual
property, identity theft, theft of information and information
extortion.
• Software attacks means attack by Viruses, Worms, Trojan
Horses etc.
• Malware means malicious software that is program code or a
malicious operations on system.
• Four main classes of threats:

▪ Structured Threats: technical person who is trying to

access to your network
▪ Unstructured Threats non-technical person trying to
access to your network
▪ Internal Threats form inside your network
▪ External Threats from outside your network
• Malware can be divided in 2 categories:
▪ Infection Methods:
▪ Virus replicate by hooking them to the program on the
host computer. e.g. File Virus, Macro Virus, Boot sector
Virus.
▪ Worms are self replicating but it don’t hook to the
program on host computer. e.g. slowing down the
computer.
▪ Trojan their purpose is executed their task of either
stealing information or steal your valuable data without
your knowledge and permission. e.g. FTP Trojans,
Proxy Trojans etc.
▪ Bots they are automated processes that are designed to
interact over the internet without the need of human
interaction.
• Malware can be divided in 2 categories:
▪ Malware Actions:
▪ Adware they display ads on computer’s or inside
individual programs. They monitor your interests and
display relevant ads. An attacker can embed malicious
code inside the software and adware can monitor user’s
system activities.
▪ Spyware is a program or software that monitors user’s
activities on computer. e.g. Keylogger
▪ Ransomware is encrypt user’s file or will lock your
computer. e.g. ransom in exchange.
▪ Scareware a tool or software is executed it will infect
your system or completely destroy.
▪ Theft of intellectual property means copyrights,
patents etc.
▪ Identity theft like accessing the computer or
social media account of a person by login into the
account. e.g. login credentials.
• Some of these are new generation threats
▪ Technology with weak security like very few
devices are fully secured and follows information
security principles.
▪ Social media attacks it identify that to steal
persons information's.
▪ Mobile Malware e.g. user to download a game or
any unknown application from internet then
unintentionally user will install malware or virus in
the device.
▪ Outdated security software updation in security
software.
▪ Social engineering
 UNIT 3

Security Threats and vulnerabilities.

20/07/2020
BECE Sem 7
LDRP-ITR
LDRP_ITR, BE,CE By Janak Tank
• Cyber crime – Mobile security Threats
▪ Types of mobile security Threats:
▪ Web-Based Threats happen when people visit sites
▪ Phishing through links are sent through messages, emails, or
any social media platforms.
▪ Forced Downloads drive-by downloads
▪ Physical Threats physically tries to access your device
▪ No Password Protection
▪ Encryption
▪ Network-Based Threats cybercriminal can steal
unencrypted data while people use public WiFi network
▪ Public WiFi in public provided with public open WiFi
▪ Network Exploits weakness in the OS in user’s mobile device
▪ Types of mobile security Threats:

▪ Application-Based Threats designed to carry malicious

activities.
▪ Malware unwanted messages to recipients
▪ Spyware software used to collect specific information
• Steps to prevent from Mobile Security
Threats

▪ Application it should be encrypt data transfer

▪ Update your device software regularly
▪ Unique passwords
▪ Do not allow forced downloads from brower
▪ Stop sharing of network
▪ Do not add or upload your data to public servers
Hacking Techniques
• Types of Hackers

▪ White Hat Hackers who is authorized or the certified

hackers who work for the government and organizations .

▪ Black Hat Hackers who is trying to unauthorized access

of your system or data.

▪ Gray Hat Hackers are not legally authorized hackers, they

work for both good and bad intentions.
• Some common Hacking Techniques
▪ Bait and Switch through advertisement on website’s page,
after clicking it redirected to malicious web-page.
▪ Virus, Trojan and other Spyware malicious code that
installs it on the victim’s computer
▪ Cookie Theft different websites store cookies in your
browser, that includes our search history, some account
passwords.
▪ Denial of Service flooding the network with huge amount
of data packets to system down.
▪ Keylogger these log files can contain some useful data that
may be account information and different passoword.
Insecure Network Connections
▪ An unsecure network most often refers to a free Wi-Fi
network, like at a coffee house or retail store. It means there's
no special login or screening process to get on the network,
which means you and anyone else can use it means the Wi-Fi
is open to anyone.

How to Secure Network Connections

▪ Monitor Firewall performance
▪ Update passwords
▪ Anti-Virus Software
▪ Through VPN
 THREATS IN NETWORK
• Main aims of threats are to compromise
confidentiality, integrity applied against data,
software, hardware by nature accidents, non-
malicious humans and malicious attackers.
What Makes A Network Vulnerable?
• 1. Anonymity
• 2. Many Points Of Attack
• 3. Sharing
• 4. Complexity Of System
 Threat Precursors:

• 1. Port scan
• 2. Social Engineering
• 3. Reconnaissance
• 4. Operating System and Application finger printing
• 5. Bulletin Boards and chats
• 6. Availability of Documentation
 Securing the Insecure network
• Strong Authentication:
• Access Controls:
• Alarms and Alerts:
• Honey Pot
• Firewalls.
• Intrusion Detection System:
 Types of Firewalls.

Firewalls have a wide range of capabilities.

Types of firewalls include
• Packet filtering gateways or screening routers
• Stateful inspection firewalls
• Application proxies
• Guards
• Personal firewalls
 Types of IDS
• Signature-Based Intrusion Detection:
• Heuristic Intrusion Detection:
• Stealth Mode:
Thank you all
Basic Networking Concepts
1. Introduction
2. Protocols
3. Protocol Layers
4. Network Interconnection/Internet

1
1. Introduction
-A network can be defined as a group of computers and other devices
connected in some ways so as to be able to exchange data.
-Each of the devices on the network can be thought of as a node; each
node has a unique address.
-Addresses are numeric quantities that are easy for computers to work
with, but not for humans to remember.
Example: 204.160.241.98
-Some networks also provide names that humans can more easily
remember than numbers.
Example: www.javasoft.com, corresponding to the above numeric
address.
…

NIC addr1 NIC addr2 NIC addrN

2
Addressing
Internet address
Consists of 4 bytes separated by periods
Example: 136.102.233.49
-The R first bytes (R= 1,2,3) correspond to the network address;
-The remaining H bytes (H = 3,2,1) are used for the host machine.
-InterNIC Register: organization in charge of the allocation of the
address ranges corresponding to networks.
-Criteria considered:
→ Geographical area (country)
→ Organization, enterprise
→ Department
→ Host
Domain Name System (DNS)
-Mnemonic textual addresses are provided to facilitate the manipulation
of internet addresses.
-DNS servers are responsible for translating mnemonic textual Internet
3
addresses into hard numeric Internet addresses.
Ports
-An IP address identifies a host machine on the Internet.
-An IP port will identify a specific application running on an Internet host
machine.
-A port is identified by a number, the port number.
-The number of ports is not functionally limited, in contrast to serial
communications where only 4 ports are allowed.
-There are some port numbers which are dedicated for specific
applications.
Applications Port numbers

HTTP 80
FTP 20 and 21
Gopher 70
SMTP (e-mail) 25
POP3 (e-mail) 110
Telnet 23
Finger 79 4
Data Transmission
-In modern networks, data are transferred using packet switching.
-Messages are broken into units called packets, and sent from one
computer to the other.
-At the destination, data are extracted from one or more packets and
used to reconstruct the original message.
-Each packet has a maximum size, and consists of a header and a data
area.
-The header contains the addresses of the source and destination
computers and sequencing information necessary to reassemble
the message at the destination.

packet
header data
1001….101 00010000111…000000110001100
5
Types of Networks
There are two principle kinds of networks: Wide Area Networks
(WANs) and Local Area Networks (LANs).
WANs
-Cover cities, countries, and continents.
-Based on packet switching technology
-Examples of WAN technology: Asynchronous Transfer Mode (ATM),
Integrated Services Digital Network (ISDN)
LANs
-Cover buildings or a set of closely related buildings.
-Examples of LAN technology: Ethernet, Token Ring, and Fibber
Distributed Data Interconnect (FDDI).
Ethernet LANs: based on a bus topology and broadcast communication
Token ring LANs: based on ring topology
FDDI LANs: use optical fibbers and an improved token ring mechanism
based on two rings flowing in opposite directions.
6
 Shared
bus

(a) Ethernet LAN

Dual ring
Ring

(b) Token Ring LAN (c) FDDI LAN

7
Network connectivity type Speed Transmission time
for 10 Mbytes
(Telephone) dial-up modem 14.4 Kbps 90 min

ISDN modem 56/128 Kbps 45/12min

T1 connection 1.54 Mbps 50s

Ethernet 10 Mbps 9s

Token ring 4/16 Mbps

Fast Ethernet 100 Mbps

FDDI 100 Mbps

Gigabit Ethernet 1 Gbps

ATM 25Mbps/2.4Gbs

8
Interconnection
-Networks of low capacity may be connected together via a backbone
network which is a network of high capacity such as a FDDI network, a
WAN network etc.
-LANs and WANs can be interconnected via T1 or T3 digital leased
lines
-According to the protocols involved, networks interconnection is
achieved using one or several of the following devices:
→Bridge: a computer or device that links two similar LANs based on
the same protocol.
→ Router: a communication computer that connects different types of
networks using different protocols.
→ B-router or Bridge/Router: a single device that combines both the
functions of bridge and router.
→ Gateway: a network device that connects two different systems, using
direct and systematic translation between protocols.
9
 Vancouver branch
Toronto branch

Gateway
Ethernet LAN Router Frame Token Ring LAN
Relay
ATM
T1 line

NY headquaters
Bridge/Route

Bridge/Router Router
Bridge

Ethernet

Token Ring LAN

10
Network Topology Diagram
The specification of the network topology diagram requires the
definition of the characteristics and entities underlying the network:
-Geographical locations of the different components or subnets
involved in the network.
-Description of the LAN topology
-Description of the WAN topology
-Description of the network connectors such as routers, bridges,
repeaters, and gateways.

11
2. Protocols
-Define the rules that govern the communications between two
computers connected to the network.

-Roles: addressing and routing of messages, error detection and

recovery, sequence and flow controls etc.

-A protocol specification consists of the syntax, which defines the kinds

and formats of the messages exchanged, and the semantic, which
specifies the action taken by each entity when specific events occur.

Example: HTTP protocol for communication between web browsers

and servers.

12
Request For Comments (RFC): specifications of the protocols involved
in Internet Communications.
-Example: sample of RFC 821 describing communications between
SMTP server and client.

S: MAIL FROM: Paul@Alpha.ARPA

R: 250 OK

S: RCPT TO: Jack@Beta.ARPA

R: 250 OK

S: DATA
R: 354 Beginning of mail; ending by <CRLF>.<CRLF>

S: Blah blah blah

S: …etc.
S: <CRLF>.<CRLF>
R: 250 OK
13
-Protocols are designed based on a layered architecture such as the OSI
reference model.
-Each entity at a layer n communicates only with entities at layer n-1.
-The data exchanged, known as Protocol Data Unit (PDU), goes back
and forth through the layers, each layer adds or removes its own header
and vice-versa. Therefore a layer n PDU may become a layer n-1 data.
nth layer nth layer

(n-1)th layer (n-1)th layer

…
…

Network

14
3. Protocol Layers

The OSI (Open Systems Interconnection) Data Model

-ISO standard for computer networks design and functioning.

-Involves at least 7 layers, each playing a specific role when

applications are communicating over the net.

-During the sending process, each layer (from top to down) will add
a specific header to the raw data.

-At the reception, headers are eliminated conversely until the data
arrived to the receiving application.

15
OSI Layers
Application layer
(applications connected to the network)

Presentation layer
(provides standard data representations for applications)

Session layer
(manages sessions among applications)

Transport layer
(provides end-to-end errors detection and correction)

Network layer
(handles connection to the network by the higher layers)

Data-link layer
(provides safe communication of data over the physical network)

Physical layer
(defines the physical characteristics of the network) 16
Physical layer: ensures a safe and efficient travel of data; consists of
electronic circuits for data transmission etc.

Data link layer: in charge of data encapsulation under the form of

packets and their interpretation at the physical layer.

Network layer: in charge of packets transmission from a source A to a

destination B.

Transport layer: in charge of the delivery of packets from a source A

to a destination B

Session layer: in charge of the management of network access.

Presentation layer: determines the format of the data transmitted to
applications, data compressing/decompressing, encrypting etc.

Application layer: contains the applications which are used by the

end-user, such as Java, Word etc. 17
The TCP/IP Model
-Consists of only 4 layers: application, transport, internet and network.

Layers

Application layer
(applications and processes running on the network)

Transport layer
(provides end-to-end data delivery services)

Internet layer
(makes datagrams and handles data routing)

Network layer
(provides routines allowing access to the physical network)

18
Network layer
-Provides the same functionality as the physical, the data link and
network layers in the OSI model.
-Mapping between IP addresses and network physical addresses.
-Encapsulation of IP datagrams, e.g packets, in format understandable
by the network.
Internet layer
-Lies at the heart of TCP/IP.
-Based on the Internet Protocol (IP), which provides the frame for
transmitting data from place A to place B.
Transport layer
-Based on two main protocols: TCP (Transmission Control Protocol)
and UDP (User Datagram protocol)
Application layer
-Combines the functions of the OSI application, presentation, and
session layers.
-Protocols involved in this layer: HTTP, FTP, SMTP etc. 19
4. Networks Interconnection/Internet
Concept of Network Interconnection
-First implemented in the Defense Advanced Research Project Agency
Network (Arpanet), in 1966 in USA.
-Consists of connecting several computer networks based on different
protocols
-Requires the definition of a common interconnection protocol on top
the local protocols.
-The Internet Protocol (IP) plays this role, by defining unique addresses
for a network and a host machine.
FTP Telnet SMTP SNMP

TCP/UDP

IP

Ethernet Arpanet Token ring 20

 P1 P2

IP

P4 P3

21
Internet Protocol (IP)
Overview
-The IP protocol provides two main functionality:
→Decomposition of the initial information flow into packets of
standardized size, and reassembling at the destination.
→Routing of a packet through successive networks, from the source
machine to the destination identified by its IP address.
-Transmitted packets are not guaranteed to be delivered (datagram
protocol).
-The IP protocol does not request for connection (connectionless)
before sending data and does not make any error detection.
Functions
-Decompose the initial data (to be sent) into datagrams.
-Each datagram will have a header including, the IP address and the
port number of the destination.
-Datagrams are then sent to selected gateways, e.g IP routers, connected
at the same time to the local network and to an IP service provider
22
network.
-Datagrams are transferred from gateways to gateways until they arrived
at their final destination.

packet1

Sender

packet2 Receiver

Routers

23
Structure of an IP packet
-The fields at the beginning of the packet, called the frame header,
define the IP protocol’s functionality and limitations.
-32 bits are allocated for encoding source and destination addresses (32
bits for each of these address fields).
-The remainder of the header (16 bits) encodes various information such
as the total packet length in bytes.
-Hence an IP packet can be a maximum of 64Kb long.

0 10 12 16 20 24

Header
Checksum
Source address
Destination address
Options 24
Data
Transmission Control Protocol (TCP)
Overview
-TCP provides by using IP packets a basic service that does guarantee
safe delivery:
→error detection
→safe data transmission
→assurance that data are received in the correct order
-Before sending data, TCP requires that the computers communicating
establish a connection (connection-oriented protocol).
TCP Server
Client
SYN
SYN_ACK
ACK
DATA
DATA

FIN
ACK
DATA
FIN 25
ACK
-TCP provides support for sending and receiving arbitrary amounts of
data as one big stream of byte data (IP is limited to 64Kb).
-TCP does so by breaking up the data stream into separate IP packets.
-Packets are numbered, and reassembled on arrival, using sequence and
sequence acknowledge numbers.
-TCP also improves the capability of IP by specifying port numbers.
→ There are 65,536 different TCP ports (sockets) through which every
TCP/IP machine can talk.
Structure of a TCP packet
0 2 4 8 12 20

Source port
Destination port
Sequence No.
Sequence Ack. No.
Misc. header
Data 26
User Datagram Protocol (UDP)
Overview
-Datagram protocol also built on top of IP.
-Has the same packet-size limit (64Kb) as IP, but allows for port
number specification.
-Provides also 65,536 different ports.
-Hence, every machine has two sets of 65,536 ports: one for TCP and the
other for UDP.
-Connectionless protocol, without any error detection facility.
-Provides only support for data transmission from one end to the other,
without any further verification.
-The main interest of UDP is that since it does not make further
verification, it is very fast.
-Useful for sending small size data in a repetitive way such as time
information.

27
4.5 Internet Application Protocols
On top of TCP/IP, several services have been developed in order to
homogenize applications of same nature:
-FTP (File Transfer Protocol) allows the transfer of collection of files
between two machines connected to the Internet.
-Telnet (Terminal Protocol) allows a user to connect to a remote host in
terminal mode.
-NNTP (Network News Transfer Protocol) allows the constitution of
communication groups (newsgroups) organized around specific topics.
-SMTP (Simple Mail Transfer Protocol) defines a basic service for
electronic mails.
-SNMP (Simple Network Management Protocol) allows the
management of the network.
FTP Telnet SMTP SNMP

TCP/UDP

IP

Ethernet Arpanet Token ring 28