Computer Networks, Cyber Security and Preventing Cyber Security Threats

Types of Network

• A network is two or more devices connected together for sharing resources.

• Three main types of networks:

  • Local Area Network (LAN)

  • Wide Area Network (WAN)

  • Personal Area Network (PAN)

Advantages of having a network:

• Users can share resources like printers and internet connections.

• Users can access files from any computer on the network.

• Communication is easier via email and social networks.

• Users can easily share files and folders, such as central databases and spreadsheets.

• Servers can provide centralized backups, updates, and security.

Disadvantages of having a network:

• Increased security risk to data.

• Malicious software can infiltrate the network.

• Servers and switches can be central points of failure.

• Factors can impact network performance, such as the number of users and data.

Local Area Network (LAN)

• Small geographical area (under 1 mile).

• All hardware is owned by the company/organization/household.

• Uses unshielded twisted pair (UTP) cable, fiber optic cable, or wireless connections (Wi-Fi).

Wide Area Network (WAN)

• Large geographical area (over 1 mile).

• A collection of LANs joined together.

• Computers are connected via routers.

• Hardware used to connect the networks may not be owned by the company/organization/household.

• Uses fiber optic cable, telephone lines, and satellite to connect the LANs together.

Personal Area Network (PAN)

• Used for data transmission between devices in close proximity.

• Very short range (10 meters).

• Bluetooth is the most widely used PAN.

• Examples: wireless headphones, mobile phones, tablets, laptops.

Worked Example

• (a) Wireless method for PAN: Bluetooth

• (b) Differences between LAN and WAN:

  • LANs cover smaller geographical areas; WANs cover larger areas.

  • LANs are often owned by a single entity; WANs often have distributed ownership.

  • WANs are usually several LANs connected together.

  • WANs usually have more devices/users than LANs.

  • LAN has lower latency; WAN has higher latency.

  • WANs are usually slower than LANs.

  • The cost-per-byte for transmission is higher on a WAN.

  • LANs and WANs use different protocols.

Wired & Wireless Networks

Wired Networks

• Use physical cables to join devices together.

• Common types of cables:

  • Ethernet

  • Fiber optic

  • Copper

Ethernet

• Wired networking standard for carrying electrical signals between devices on a LAN.

• Common in offices and homes.

• Uses twisted pair cables for duplex communication.

Fiber Optic

• Uses light to transmit data on a WAN.

• Higher speed and bandwidth compared to copper cables.

• Not susceptible to interference, making it secure.

• Can cover long distances without degradation.

Copper Cable

• Originally used in telecommunication for voice signals.

• Can deliver network traffic on a WAN.

• Degrades over time, limiting range.

• Susceptible to interference.

• Slower data transfer rate and lower bandwidth compared to fiber optic.

Advantages & Disadvantages of Wired Networks

• Advantages:

  • Speed: Fast data transfer.

  • Security: Better physical security.

  • Range: High (up to 100m), less susceptible to interference.

• Disadvantages:

  • Portability: Limited by physical cable.

  • Cost: More cables are needed to add a new device.

  • Safety: Cables can be trip hazards.

Wireless Networks

• Use radio waves to transmit data through the air.

• Common types of wireless connections:

  • Wi-Fi

  • Bluetooth

Wi-Fi

• Wireless fidelity.

• Common in homes and offices.

• Devices communicate with a wireless access point (WAP).

Bluetooth

• Used for direct connections between two devices.

• Common for headphones, controllers, keyboards, and mice.

Advantages and Disadvantages of Wireless Networks

• Advantages:

  • Portability: Easy to move around, limited only by range.

  • Cost: Less expensive to set up and add new devices.

  • Compatibility: Most devices are manufactured with a built-in wireless adapter.

• Disadvantages:

  • Speed: Slower data transfer than wired networks.

  • Security: Less secure than wired networks.

  • Range: Relies on signal strength to the WAP, signals can be obstructed (up to 90m).

Worked Example

• Advantages of using a wireless network instead of a wired network:

  • Flexibility to expand the network/add users.

  • No need to drill holes or install cabling.

  • Mobility of users/devices.

  • Modern devices are more likely to connect wirelessly.

  • Guest access.

  • No trip hazards.

LAN Topologies

Network Topology

• The physical structure of the network.

• Defines how network hardware will be arranged.

• Two popular topologies:

  • Star Topology

  • Bus Topology

Star Network Topology

• Has a central switch to which all other devices connect.

• The switch ensures traffic goes only to the intended device.

• Common in homes, businesses, organizations, and schools.

Advantages of a Star Topology

• If a single cable stops working, the rest of the network continues to work.

Disadvantages of a Star Topology

• The central switch is a single point of failure.

  • If the switch fails, all connected devices lose network connectivity.

Bus Network Topology

• All devices are connected to a single 'bus' cable, terminated at each end.

• Terminators prevent signal bouncing and errors.

• Devices 'listen' to electrical signals, check data packets for their address, and ignore unrecognized packets.

• Largely replaced by more efficient topologies like the star topology.

Advantages of a Bus Topology

• Easy and cheap to set up as only one cable is required.

• Does not rely on other network hardware such as a central server/switch.

Disadvantages of a Bus Topology

• Low security as data is seen by all devices on the network.

• Slow data transfer and prone to data collisions.

• If the cable breaks, the whole network is affected (central point of failure).

Network Protocols

Protocol Definition

• A set of rules that govern communication on a network.

• Different protocols for different purposes.

Examples of Protocols

• Ethernet & Wi-Fi

• TCP/IP & UDP

• HTTP & HTTPS

• FTP

• IMAP & SMTP

Ethernet & Wi-Fi

Ethernet

• A family of related protocols used in data communication/transfer on a wired local area network (LAN).

Wi-Fi

• A family of related protocols used in data communication/transfer on a wireless local area network (LAN).

• Wi-Fi is a trademark; the generic term is wireless local area network (WLAN).

TCP/IP & UDP

TCP/IP

• Transmission Control Protocol (TCP) and Internet Protocol (IP).

• Allows communication over the internet (WAN).

• TCP ensures error-free communication between routers.

• IP ensures data is delivered to the right device on a wide area network (WAN).

UDP

• User Datagram Protocol.

• An alternative to TCP to send data across a wide area network (WAN).

• Faster than TCP but less secure and does not guarantee error-free transmission.

• Used in activities where some data loss is acceptable (e.g., online gaming).

HTTP & HTTPS

HTTP

• Hypertext Transfer Protocol.

• Allows communication between clients and servers for website viewing.

• Clients receive data from the server (fetching a webpage) and send data to the server (submitting a form, uploading a file).

HTTPS

• Works the same way as HTTP but with an added layer of security.

• All data sent and received is encrypted.

• Used to protect sensitive information such as passwords, financial information, and personal data.

FTP

FTP

• File Transfer Protocol.

• Allows sending and receiving files between computers.

• Uploading and downloading files to/from a web server.

• Offers greater efficiency and support for bulk transfers and large files, such as resuming interrupted transfers.

• FTP clients are software applications that use the FTP protocol to make the process easier for users.

IMAP & SMTP

• A family of protocols that handle sending and receiving email across the internet (WAN).

SMTP

• Simple Mail Transfer Protocol.

• Allows communication between an email sender and the email server, and between different email servers using the internet.

IMAP

• Internet Message Access Protocol.

• A protocol for downloading emails to a device from an email server.

• Once the email has been retrieved, a copy is retained on the mail server.

Worked Example

• Purpose of HTTPS protocol:

  • Sending/receiving web pages using an encrypted connection.

  • Provides an encrypted version of HTTP.

  • Secure web transactions.

  • Authentication of the website being visited.

  • Encryption of the data between the server and the client.

  • Reduces the likelihood of man-in-the-middle attacks.

Network Security

The Need for Network Security

• Sensitive data is increasingly stored on networks, making it a target for hackers.

• Computer networks face a variety of threats.

Main Methods of Securing Networks

• Authentication

• Encryption

• Firewalls

• MAC address filtering

Authentication

Authentication Definition

• The process of using credentials to check if a user is who they say they are.

• Credentials typically include:

  • Usernames & passwords

  • ID badges

  • Access/security codes

  • Biometrics (fingerprints, retina, voice etc.)

• Credentials are verified to see if they match what is stored by the system.

When Authentication is Used

• Computer systems when data or services require approved access.

• Examples:

  • Logging into networked computers (i.e., school, office etc.)

  • Accessing online services (i.e., banking, social media, entertainment streaming platforms etc.)

Encryption

Encryption Definition

• A method of converting plaintext into ciphertext.

• Uses complex mathematical algorithms to scramble the text.

• Asymmetric encryption (private key, public key) is often used for web pages and other communication.

When Encryption is Used

• Any situation where sensitive data is being transmitted across a network.

• Examples:

  • Passwords

  • Bank details

  • Personal information

Firewalls

Firewall Definition

• A barrier between a network and the internet.

• Prevents unwanted traffic from entering a network by filtering requests.

• Can be hardware and software, often used together to provide stronger security.

When Firewalls are Used

• Hardware firewalls: protect a whole network.

• Software firewalls: protect an individual device on the network.

MAC Address Filtering

MAC Address Filtering Definition

• Using a device's MAC address to determine if it can connect to a network.

• Devices with allowed MAC addresses are placed on a 'whitelist'; those not allowed are on a 'blacklist'.

• If a device tries to connect and the MAC address is not on the list, the connection is refused.

• A MAC address is a unique identifier embedded into a device during manufacturing.

When MAC Address Filtering is Used

• Predominantly used on Wi-Fi networks to limit access to only devices on the 'whitelist'.

• Only approved physical devices can connect to the network.

Worked Example

• Security measure in addition to a password:

  • A code can be sent to your phone as a text message/email/pop-up for verification.

  • An authenticator app on a mobile phone can generate a code.

  • Use two-factor authentication (2FA)/multi-factor authentication requiring a second form of identification.

  • Biometrics: comparing reference data to individual biometric data.

  • Smart cards/fobs requiring insertion into a reader and PIN entry.

  • Security/memorable questions.

The Concept of Layers

Layer Concept

• Networks rely on many complex parts working together.

• Dividing network tasks into layers reduces complexity and makes each layer more manageable.

• The TCP/IP protocol uses a 4-layer model known as a 'stack'.

Advantages of Layers

• Layers are self-contained, making managing, repairing, and upgrading easier.

• Layers allow focus on specific parts of a protocol without affecting other layers.

• Promotes data exchange (interoperability) between hardware and software.

TCP/IP Model

TCP/IP Model Definition

• Made up of two protocols (TCP & IP), containing 4 layers.

• Works together to package, address, transmit, and receive data on a wide area network (Internet).

TCP/IP Layers

• Application

• Transport

• Internet

• Link

Layer Functions and Protocols

• Application Layer:

  • Function: Application software operates here.

  • Protocols: HTTP, HTTPS, FTP, SMTP, IMAP

• Transport Layer:

  • Function: Enables communication between two hosts to agree on settings.

  • Protocols: TCP, UDP

• Internet Layer:

  • Function: Addresses and packages data for transmission; routes packets.

  • Protocol: IP

• Link Layer:

  • Function: Physical network hardware is located here; OS device drivers.

Worked Example

• Definition of a 'layer':

  • Breaking up a complex task into more manageable subtasks.

• Advantage of using layers:

  • Self-contained.

  • Allows developers to concentrate on one aspect of the network.

  • A layer can be edited without affecting other layers.

  • Promotes interoperability between vendors and systems.

Cyber Security & Threats

Cyber Security Definition

• Processes, practices, and technologies designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access.

Main Cyber Security Threats

• Social engineering techniques

• Malicious code (malware)

• Pharming

• Weak and default passwords

• Misconfigured access rights

• Removable media

• Unpatched and/or outdated software

Social Engineering

Social Engineering Definition

• Exploiting weaknesses in a computer system by targeting the people that use or have access to them.

• Manipulating people to give up confidential information.

Types of Social Engineering

• Blagging (pretexting): Creating and using an invented scenario to engage a victim to divulge information.

• Phishing: Sending fraudulent emails/SMS to gain access to details.

• Shouldering: Observing a person's private information over their shoulder.

How to Protect Against Social Engineering

• Proper training/education

  • What questions to ask to determine authenticity (blagging)

  • What to look for in an email/SMS (phishing)

  • Being aware of surroundings/location (shouldering)

Malware

Malware Definition

• Malicious software created to cause harm to a computer system.

Issues Caused by Malware

• Files being deleted, corrupted, or encrypted

• Internet connection becoming slow or unusable

• Computer crashing or shutting down

Types of Malware

• Computer virus: replicates itself on a user's computer, causing unwanted events.

• Trojan: disguises itself as legitimate software but contains malicious code.

• Spyware: allows a person to spy on users' activities on their devices.

How to Protect Against Malware

• Ensure code is written correctly

• Keep anti-malware software up to date

• Install a firewall

• Educate users

Pharming

Pharming Definition

• Redirecting a website address to a 'fake' website to trick users into entering sensitive information.

• Altering DNS settings or changing the user's browser settings.

How to Protect Against Pharming

• Keep anti-malware software up to date

• Check URLs regularly

• Make sure the padlock icon is visible

Weak Passwords

Weak Passwords Definition

• Passwords with less than 8-12 characters and without a combination of uppercase, lowercase, numbers, and special characters.

How To Protect Against Weak Passwords

• Use a 'strong' password regularly

• Regularly change passwords

Access Rights

Access Rights Definition

• Pre-determined levels of access for how a user can interact with resources on a computer system.

How to Protect Against Misuse of Access Rights

• Grant minimum access rights unless proven to need more

Removable Media

Removable Media Definition

• Secondary storage devices that are portable and allow the movement of data between computer systems.

How to Protect Against Removable Media

• Restrict/block the use

• Encryption

• Training

Unpatched/Outdated Data

Unpatched/Outdated Definition

• Software released in a less than perfect state with flaws/vulnerabilities that can provide an opportunity for hackers.

How to Protect Against Unpatched/Outdated Data

• Ensure all software is kept up to date

Worked Example

• Dangers of using a USB memory stick:

  • The USB memory stick could contain malware/virus/trojan/spyware, leading to:

    • The spread of malware to other networked devices

    • Files being deleted/corrupted/encrypted

    • Internet connection becoming slow or unusable

    • Computer crashing or shutting down

Methods of Preventing Cyber Security Threats

Penetration Testing

Penetration Testing Definition

• Attempting to gain access to resources without knowledge of usernames, passwords, and other normal means of access.

• Used to test network security and fix any issues found.

Types of Penetration Testing

• Malicious insider (white-box): testing with knowledge of the system.

• External attack: testing without knowledge of the system.

Biometric Measures

Biometric Measures Definition

• Using an individual's personal characteristics to identify them.

Examples of Biometric Measures

• Fingerprints

• Iris/retina scans

• Voice recognition

CAPTCHA

CAPTCHA Definition

• A method of testing if a website request originates from a human or a machine (bot).

Examples of CAPTCHA

• Text: Entering characters from a distorted text box

• Image: Selecting images containing a specific object

• Checkbox: Confirming they are not a robot

Confirming Identity

Confirming Identity Definiton

• One method of confirming the identity of a user is to email a link to check that they are using a valid and working email address. A user does not get access to a service/website until the check is complete. This type of check can be carried out using SMS in the same way.

Automatic Software Updates

Automatic Software Updates Definition

• Reduce the risk of software flaws/vulnerabilities being targeted in out of date software. Automatic updates ensure fast deployment of updates as they release.

#

• Worked Example
  Give three examples of when it would be suitable to use a CAPTCHA system [3]

• Answer
  accountregistration

• account access
  online voting systems

• ticket purchasing / transaction completion on pages where comments / reviews can be posted

• on parts of the website where fraudulent click-throughs may be possible