Network

Network is a broad term similar to system. Network is a communication

system which support many users.
The interconnection of one station to many stations is called as networking.
A network is any interconnection of two or more stations that wish to
communicate.

Each station in a communication network is called as a node. The nodes are

connected in different way to each other to form a network.
The most familiar network is the telephone system.

Information
1
Information is processed, structured, or organized data that carries
meaning and can be used for decision-making.
Data is nothing but raw facts of real world objects which can be stored. The
raw facts can be in any form like numbers, alphabets, alphanumeric, special
symbols, images, video etc.
When this data is process with some mechanism, we will get meaningful
data which is called as an information.
Example:
- Raw data: GPW, IT, CR, Abhishek
- When this raw data is process with some application we will get
meaningful data as
- Information: Abhishek is a CR of IT department of GPW Institute.

In short, information = processed data.

Information provides context and meaning to data, making it useful for

analysis and decision-making.

Security
Security is the protection of data from unauthorized access, malware, or
harm.
It ensures the confidentiality, integrity and availability of information.
2
Example: Locking a phone using a password to prevent unauthorized
access.
Types of Security:
1. Physical Security – Locking doors, CCTV cameras
2. Cybersecurity – Firewalls, antivirus, encryption
3. Information Security – Protecting sensitive data (like passwords)

Computer Security
Computer security is the protection of data, computer systems from
unauthorized access, malware, or harm.

Computer security, also called cyber security or IT security, is the protection

of information systems from theft or harm to the hardware, the software,

3
and to the information on them, moreover as from disruption or misdirection
of the services they supply.

Computer security deals with the prevention and detection of unauthorized

actions by users of a computer system.
Computer security is nothing but to provide security to data, computer
system, services and supporting procedures. For this purpose various
technologies were used like access control, mechanism, cryptography.
Computer security requires the methods used to ensure the security of a
system. Now a day’s computers are connected to each other via a network,
which then introduces the term network security. It is used to refer to the
protection of the multiple computers and other devices that are connected
together.
Information security and information assurance, which focuses on the
security process not on the hardware and software being used but on the
data that is processed by them. Assurance also introduces the availability of
the systems and information when we want them.
Data security is related to the content of information and source of the data
transfer should be secure. Only valid users can access or change the data.
Data should be secured from modification, insertion, deletion or reply from
unauthorized person.

Example:

- Installing antivirus software

- Using strong passwords

- Keeping software updated

- Not sharing personal info on unknown websites
4
 Need of Computer Security
For prevention of data theft such as bank accounts, numbers, credit card
information, passwords, work related documents or sheets, etc.

To make data remain safe and confidential.

To provide confidentiality which ensures that only those individuals should

ever be able to view data they are not entitled to.

To provide integrity which ensures that only authorized individuals should

ever be able change or modify information.

To provide availability which ensure that the data or system itself is

available for use when authorized user wants it.
5
To provide authentication which deals with the desire to ensure that can an
authorized individuals.

To Prevent Unauthorized Access

To Stop Malware & Viruses

To Ensure Data Integrity

To Maintain Availability

To Follow Legal and Ethical Rules

Protect the organization’s ability to function.

Protects the data the organization collects and uses.

Safeguard the technology assets in use at the organization.

Foundations of Computer Security

1. Personal security
2. Corporate security
3. Energy security
4. Homeland security
5. Operational security
6. Communication security
7. Network security
8. System security

6
 Elements of Computer Security
1. Confidentiality
2. Integrity
3. Availability
4. Accountability
5. Non-Repudiation
6. Authentication
7. Authorization
8. Reliability

1. Confidentiality:

Confidentiality is an essential element of computer security.

7
 Confidentiality ensures that only authorized individuals can access
sensitive information.

It prevents unauthorized disclosure of data.

Example:

- In above fig. C (unauthorized person) tries to access the message.

- It is loss of confidentiality.

For example: A bank encrypts customer data so that only authorized

employees can view account details.

It is to ensuring that information is accessible only to those authorized to

have access.

2. Integrity:

Confidentiality is an essential element of computer security.

8
 Integrity ensures that only authorized users should be able to modify the
data when needed.

It prevents unauthorized or unlawful modification of information.

Example:

- A sends a message to B.
- During transmission, C (an unauthorized person) modifies the
message before it reaches B.
- It is a loss of integrity.

For Example: If you send a file from your computer to your teacher,
integrity makes sure that the file reaches the teacher without any
changes.

Integrity ensures that the information is accurate, complete reliable and

is in its original form.

3. Availability:

Availability is an essential element of computer security.

9
 Availability ensures that data should be available to users when needed.

It prevents unauthorized or unlawful with holding of information or

resources.

Example:

- Above fig. shows the information can be available for 24/7 or 365
days.

For example: In online banking system uses backup servers and 24/7
maintenance to make sure customers can access their accounts anytime,
even during peak hours or technical issues.

Availability is ensuring that the inf```````qormation is accessible that the

information to authorized person when required without delay.

4. Accountability:

Accountability is an essential element of computer security.

Accountability ensures that every individual working with an information

system has specific responsibilities for maintaining information
assurance.

It prevents unauthorized actions and misuse of data.

For example: In an office network, every employee logs in with a unique

ID. All their actions — like accessing files or sending emails — are
logged. If a security breach occurs, the system can trace it back to the
specific user.
10
5. Non-Repudiation:

Non-Repudiation is an essential element of computer security.

Non-repudiation ensures that a person or system cannot deny the

authenticity of their actions or communications.

Non-repudiation prevents a party from denying their actions, such as

sending a message or performing a transaction, by providing proof (e.g.,
digital signatures or logs) that can verify the authenticity and integrity of
the action.

6. Reliability:

Reliability ensures that a system or component consistently performs its intended function without failure
over time.

Reliability prevents system failures, downtime, performance issues, and inconsistent results, ensuring consistent
and stable operation.

For example:

 Transactions are processed correctly every time without errors.

 The website or app stays operational even during high traffic, preventing outages.

7. Authentication:

Authentication ensures that only authorized users, devices, or systems

can access resources, data, or services.

Authentication prevents unauthorized access, impersonation, security

breaches, and data theft by verifying the identity of users or systems.

For example

 Something you know: Entering your username and password.

 Something you have: Receiving a one-time code on your phone for two-factor authentication (2FA).

 Something you are: Using facial recognition to verify your identity.

11
8. Authorization:

Authorization ensures that users can only access resources or perform actions they are permitted to, based
on their roles or permissions.

Authorization prevents unauthorized access, actions, and data breaches by limiting user permissions.

 Regular users can view files but cannot delete or edit them.

 Admins have permission to view, edit, delete, and manage users.

Risk and Threat Analysis

Risk analysis is a core process in computer security. Computer security is
the protection of computer systems from unauthorized access, malware, or
harm.

Risk is the possibility of loss, damage, or harm that may happen due to a
threat or weakness in a system.

Risk Analysis is the process of identifying, evaluating, and

understanding risks in order to reduce their impact on a computer
system.

The process of risk analysis will refer to assets, threats and vulnerabilities.

Types of Risk Analysis

1. Quantitative Risk Analysis

2. Qualitative Risk Analysis
12
1. Quantitative Risk Analysis

Quantitative Risk Analysis is a type of Risk Analysis. Risk Analysis is the

process of identifying, evaluating, and understanding risks in order
to reduce their impact on a computer system.

Qualitative Risk Analysis is a non-numerical, descriptive method used to

identify, assess, and prioritize risks based on their probability and impact
using categories like low, medium, or high.

Qualitative risk analysis is the process of evaluating risks based on their

severity and likelihood using expert opinions, experience, and descriptive
scales — without using exact numerical values.

2. Qualitative Risk Analysis

Qualitative Risk Analysis is a type of Risk Analysis. Risk Analysis is the

process of identifying, evaluating, and understanding risks in order
to reduce their impact on a computer system.

Qualitative Risk Analysis is a method used to identify, evaluate,

and prioritize risks based on their likelihood and impact using
descriptive terms like low, medium, or high — without using
numbers or formulas.

Qualitative risk analysis is a subjective approach that uses expert

judgment, experience, and category-based scales to assess how
serious a risk is and how likely it is to occur.

Elements of Risk Analysis:

1. Assets
2. Threats
3. Vulnerabilities

1. Assets:

13
 Assets is an element of Risk Analysis. Risk analysis is the process of
identifying, evaluating and understanding risks in order to reduce their
impact on a computer system.

In computer security, an asset is anything valuable to a person,

organization, or system that must be protected from threats or harm.

An asset is any data, device, system, or resource that has value

and must be safeguarded.

It includes hardware, software, data and information, and

reputation.

2. Vulnerabilities:

Vulnerability is an element of Risk Analysis. Risk Analysis is the process of

identifying, evaluating and understanding risks in order to reduce their
impact on a computer system.

A vulnerability is a weakness or flaw in a system that can be

exploited by threats to gain unauthorized access or cause harm.

Vulnerabilities can exist in hardware, software, configurations, or

human behavior.

Examples include: weak passwords, outdated software, open ports,

misconfigured firewalls, or lack of user training.

3. Threats:

Threats is also an element of Risk Analysis. Risk Analysis is the process of

identifying, evaluating and understanding risks in order to reduce their
impact on a computer system.

A threat is any potential danger that could harm a system, network, or

data.

Threats can be natural (e.g., floods), accidental (e.g., human

error), or intentional (e.g., hacking).

14
 Examples of threats include: viruses, malware, phishing attacks,
hackers, hardware failure, fire, or power outage.

Threat to Security
1. Software attacks:
 Methods of software attack:
i) Virus
ii) Worm
iii)Trojan
iv)Intruders
v) Insiders

2. Malware:
 Methods of software attack:
i) Infection methods
ii) Malware actions

Threat is any potential danger that could harm a system, network or data.
Threats are divided into five categories:
1. Disclosure: Unauthorized access to information.
2. Deception: Access of wrong data.
3. Disruption: Prevention of correct action.
4. Usurpation: Unauthorized access to system or part of system.

15
 Viruses:
Viruses is a method of software attack. Software attack is malicious to
exploit vulnerabilities in software to gain unauthorized access, steal data,
disrupt operations or damage a system.

A virus is a malicious program that attaches itself to files and spread when
the infected file is executing.

The main objective of viruses is to modify the information.

It requires a host file and usually needs user action to spread, such as
opening an infected file or running a program.

It spread when the infected file is executed.

It is more harmful.

Antivirus software is used for protection against viruses.

Viruses can’t be controlled by remote.

Its spreading speed is slower as compared to worms.

Example:

1. Creeper
2. Blaster
3. Slammer
4. ILOVEYOU

16
 Phases of Viruses
1. Dormant phase
2. Propagation phase
3. Triggering phase
4. Execution phase

1. Dormant Phase:

Dormant Phase is a phase of virus. Virus is malicious program

that attaches itself to files and spread when the infected file is
executing.

In this phase, the virus is idle and does not perform any harmful activity
immediately.

It is eventually activated by a specific event such as A particular date,

The presence of a specific program or file, Disk usage exceeding a certain
limit.

It waits for a condition or trigger before moving to the next phase.

17
2. Propagation Phase:

Propagation phase is a phase of virus lifecycle. Virus is malicious

program that attaches itself to files and spread when the
infected file is executing.

In this phase, the virus starts to replicate itself.

It spreads to other files, folders, or even to other systems through:

 Infected USB drives

 Network connections
 Sharing of infected files or emails

The goal of this phase is to infect as many systems or files as possible, without being detected.
The virus remains hidden during this process to avoid early detection.

3. Triggering Phase:

In this phase, the virus is activated when a specific condition is met, such as:

 A certain date or time

 A specific program or file being opened
 A particular user action

This phase acts as the switch that tells the virus, “Now it’s time to start the attack.”
Until this point, the virus may stay hidden.

4. Execution Phase:

This is the final and most dangerous phase.

Once triggered, the virus executes its payload, which could involve:

 Deleting or corrupting files

 Displaying unwanted messages
 Stealing data
 Slowing down or crashing the system

The damage can range from mild disruptions to severe system failure or data loss.

18
 Types of Virus
1. File infector virus
2. Boot sector virus
3. Macro virus
4. Source code virus
5. Polymorphic virus
6. Encrypted virus
7. Stealth virus
8. Tunneling virus
9. Multilateral virus
10. Armored virus
11. Rootkit virus
12. Ransomware

19
 Dealing with Virus
1. Detection
2. Identification
3. Removal

1. Detection:

Find out the location of virus.

2. Identification:

Identify the specific virus that has attacked.

3. Removal:

After identification, it is necessary to remove all traces of the

virus and restore the affected file to its original state with the
help of anti-virus.

20
 Worms
Worms is a method of software attack. Software attack is a
malicious to exploit vulnerabilities in software to gain unauthorized
access, steal data, disrupt operation, or damage a system.

A worm is a malicious program that spread automatically across

networks without needing a host file or user action.

The main objective of worms is to eat system resources.

It does not requires a host file and user action to replicate from one
computer to another.

It spread automatically or independently without needing a host

file.

It is less harmful as compared to virus.

Worms can be detected and removed by antivirus and firewall.

Example:

1. Morris worm
2. Strom worm
3. Wannacry worm

Worms can be controlled be remote.

Its spreading speed is faster.

21
 Trojan horse
Trojan horse is a method of software attack. A software attack is a
malicious attempt to exploit vulnerabilities in software to gain
unauthorized access, steal data, disrupt operations, or damage a
system.

A Trojan Horse is a malicious program that disguises itself as a legitimate or

useful software to trick users into installing it. It does not replicate
automatically like worms or viruses.

The main objective of a Trojan Horse is to steal information and secretly

control the system.

It does not need a host file but requires user action (like installation or
opening a file) to execute.

It does not spread automatically and requires user action to activate.

It is more dangerous than worms.

Trojans can be detected and removed using updated antivirus and anti-
malware tools.

Examples:

1. Zeus Trojan – steals banking information

2. Emotet Trojan – spreads through spam emails
3. FakeAV Trojan – pretends to be antivirus software

Trojans can be controlled remotely by hackers.

Its spreading speed is slower compared to worms.

22
 Intruders
An intruder is an unauthorized person or program that attempts to
access, damage, or steal information from a computer system or
network.

Insiders
Intrusion is any unauthorized attempt to access, use, modify, or
damage a computer system, network, or data.

Attacks

23
An attack is an information security threat. Threat is any potential danger
that could harm a system, network or data.

An attack is any attempt by an attacker to access, damage, steal, or disrupt

computer systems, networks, or data without authorized access or
permission.

Type of Attacks
1. Passive Attack
2. Active Attack

Passive Attack

24
A passive attack is a type of attack. An attack is any attempt by an attacker
to access, damage, steal, or disrupt computer systems, networks, or data
without authorized access or permission.
The meaning of passive is just watching or listening without doing anything.
A passive attack is an attack where the attacker secretly monitors, listens,
or captures data without changing or damaging it.
The goal is usually to steal information secretly.

In a passive attack, the attacker only watches or monitors the information

without making any changes or alterations to it.

- In above fig. the sender sends a message to the receiver over the
internet. During transmission, an attacker secretly monitors or
listens to the message without changing or damaging it. The
attacker only tries to gather information. This is called a passive
attack.
Passive attacks are hard to detect because they do not affect system
resources or data.

Types of Passive Attack

1. The release of message content
25
 2. Traffic analysis

1. The release of message content:

The release of message content is a type of passive attack. A

passive attack is an attack where the attacker secretly monitors, listens,
or captures data without changing or damaging it.

The release of message content attack occurs when an attacker

intercepts and reads the actual contents of a message during the
transmission of data without altering it.

In this attack, the attacker can read or listen to the message

during its transmission without making any modification or damage
to the data.

The main goal of release of message content is unauthorized

disclosure of confidential information.

- In above fig. the sender sends a message to the receiver, and

during transmission, an attacker can read the content of the
message without altering it. This is called release of message
content.

For example: Reading someone private emails or chat messages without

the sender or receiver knowing.

2. Traffic Analysis:

26
Traffic analysis is a type of passive attack. A passive attack is an attack
where the attacker secretly monitors, listens, or captures data without
changing or damaging it.

Traffic analysis attack occurs when an attacker observes the patterns,

timing, and volume of transmitted data to gather sensitive information,
even without accessing the actual content of the messages.

In this attack, the attacker observe the pattern, timing and volume of
transmitted data to gather sensitive information without accessing the
actual content of the message.

The main goal of traffic analysis is to gather sensitive information by

studying communication patterns without reading the actual content.

- In above fig. the sender sends a message to the receiver, and during
transmission, an attacker can observe pattern of the message
without accessing the actual content of message. This is called
traffic analysis.

For example: Watching who is sending messages to whom and how often.

Active Attack
27
An active attack is a type of attack. An attack is any attempt by an attacker
to access, damage, steal, or disrupt computer systems, networks, or data
without authorized access or permission.

The meaning of active is to taking action or doing something that causes

change.

In an active attack, the attacker tries to alter, modify, disrupt, or

destroy the data or system.

The goal of an active attack is to modify, disrupt, or destroy data or

communication to harm the system or deceive the users.

In an active attacks, the attacker modify the data stream or the creation of
a false stream.

- In above fig. the sender sends a message to the receiver over the
internet. During transmission, an attacker modifying the message
and then send it to the receiver. The attacker tries to modify the
message. This is called a active attack.

Active attacks are easier to detect because they attempt to modify,

damage, or disrupt system resources or data during transmission.

Types of Active Attack

28
 1. Interruption
2. Modification
3. Fabrication
4. Replay
5. Masquerade
6. Denial of Service

Sniffing Attack
Sniffing is a type of attack.

29
Sniffing attack is a type of passive attack. A passive attack is an attack
where an attacker secretly monitors, listens, or captures data without
changing or damaging it.
Sniffing means secretly capturing and monitoring data as it travels
across a network.
Sniffing is an attack where an attacker secretly monitor and capture all data
packets passing through a given network using software or a hardware
device.
Sniffing attack is a process of monitoring and capturing all data packets passing through a given
network using software or a hardware device.
It is form of wiretap applied to computer networks.
Attacker use sniffers to capture data containing sensitive information such as password, account
information, etc.

Sniffers are also known as network protocol analyzers.

- In the above figure, if you send a request to a website that uses only
HTTP (not HTTPS), your data is not encrypted. Since HTTP is not
secure, a sniffer present on the network can capture and read the
data packets you send. This is called a sniffing attack.

For example: Imagine you want to send a file from your computer to your
friend's computer. Suppose both of you are connected to a particular
network, and a sniffer is also connected to the same network. When the file
is transferred, it is divided into packets at the sender's side. During
transmission, the sniffer can capture and read these packets. This process is
known as packet sniffing, and it is called a sniffing attack.

To detect sniffer, we can use ping method, ARP request method, DNS lookup
test, using detection tool etc.

30
To protect from sniffer attack we can Use HTTPS Instead of HTTP, Use a VPN
(Virtual Private Network), Avoid Public Wi-Fi for Sensitive Tasks, Use
Antivirus and Firewall etc.

Sniffing tools:

1. Wireshark
2. TCP dump
3. Cain and cable
4. Capsa network analyzer
5. Colasoft
6. Nmap

DoS
Denial of Service (DoS) is a cyberattack. A cyberattack is a deliberate
attempt by hackers or malicious individuals to damage, disrupt, steal, or
gain unauthorized access to computers, networks, or data.
In which an attacker overloads a system, server, or network with excessive
traffic or malicious requests, making it slow, unresponsive, or completely
unavailable to legitimate users.
Working:
1 Attacker sends a large number of fake requests to a target server.
2️⃣ The server becomes overwhelmed with the high traffic.
3️⃣ Legitimate users cannot access the service because the server is
too busy handling fake requests.
4️⃣ The website, network, or application crashes or slows down
significantly.

📊 Types of DoS Attacks:

🔹 Flood Attacks – Overloading a system with excessive traffic (e.g., ICMP flood, UDP flood).
🔹 Crash Attacks – Exploiting software vulnerabilities to crash a system.

31
Information Security

32
Information is processed, structured, or organized data that carries
meaning and can be used for decision-making.
Information security is the process of protecting and securing information
and its related data from unauthorized access, misuse, information loss, and
other security threats.
It is also called as cybersecurity or Information Technology (IT) security.
Information security is important for protecting the confidentiality, integrity,
and availability of information systems.
It involves security measures such as data encryption, passwords, antivirus
software, firewalls, and etc. diagram.
Examples:
1. .
2. .
3. .
4. .

Need of Information Security

Elements of Information Security

Information Classification
Information classification defines what kind of information is stored on the
system.

33
Information Classification is the process of organizing data into
categories based on its level of sensitivity and the impact to the
organization if that information is disclosed, altered, or lost.
Levels of Information Classification:
1. Unclassified
2. Sensitive but unclassified
3. Confidential
4. Secret
5. Top secret
6. Public
7. Sensitive
8. Private
Criteria for Information Classification:
1. Value
2. Age
3. Useful life
4. Personal association

34