DATA REPRESENTATION

Data representation refers to the methods used internally to represent information stored in the
computer system.

Data and instructions cannot be entered and processed directly into computers using human language.
Any type of data, be it numbers, letters, special symbols, sound or pictures must first be converted into
machine-readable form i.e. binary form. Due to this reason, it is important to understand how a
computer together with its peripheral devices handles data in its electronic circuits, on magnetic media
and in optical devices.

Computers store different types of information, such as

Numbers

Text

Graphics (stills, video, animation)

Sound

The terms bits, bytes, nibble and word are used widely about computer memory and data size.

Bits: means binary digit, which can be 0 or 1. it is the basic unit of data or information in digital
computers.

Byte: a group of bits (8 bits) used to represent a character. A byte is considered as the basic unit of
measuring memory size in4 computer.

A nibble: is half a byte, which is usually a grouping of 4 bytes.

Word: two or more bits make a word. The term word length is used as the measure of the number of
bits in each word. For example, a word can have a length of 16 bits, 32 bits, 64 bits etc.

Data representation in digital circuits

Electronic components, such as a microprocessor, are made up of millions of electronic circuits. The
availability of high voltage(on) in these circuits is interpreted as ‘1’ while a low voltage (off) is
interpreted as ‘0’.This concept can be compared to switching on and off an electric circuit. When the
switch is closed the high voltage in the circuit causes the bulb to light (‘1’ state).on the other hand when
the switch is open, the bulb goes off (‘0’ state). This forms a basis for describing data representation in
digital computers using the binary number system.

Data representation on magnetic media

The laser beam reflected from the land is interpreted, as 1. The laser entering the pot is not reflected.
This is interpreted as 0. The reflected pattern of light from the rotating disk falls on a receiving
photoelectric detector that transforms the patterns into digital form. The presence of a magnetic field in
one direction on magnetic media is interpreted as 1; while the field in the opposite direction is
interpreted as “0”.Magnetic technology is mostly used on storage devices that are coated with special
magnetic materials such as iron oxide. Data is written on the media by arranging the magnetic dipoles of
some iron oxide particles to face in the same direction and some others in the opposite direction

Data representation on optical media

In optical devices, the presence of light is interpreted as ‘1’ while its absence is interpreted as ‘0’.Optical
devices use this technology to read or store data. Take the example of a CD-ROM, if the shiny surface is
placed under a powerful microscope, the surface is observed to have very tiny holes called pits. The
areas that do not have pits are called land.

CHARACTER SET

Character set is a defined list of characters recognized by the computer hardware and software

BCD

BDC means Binary Coded Decimal. It is a digital encoding for decimal numbers in which each number is
represented by its own binary sequence. BDC is usually represented in four bits. It represents 0 to 9.

EBCDIC

Extended Binary Coded Decimal Interchange Code is a character encoding set used by IBM mainframe.
It has 256 8-bit characters for representing both numbers and texts.

ASCII

American Standard Code Information Interchange consists of (0 to 127) 128 symbols which are
characters on a standard keyboard plus a few extra.

ASCII Table
Dec = Decimal Value
Char = Character

'5' has the int value 53

if we write '5'-'0' it evaluates to 53-48, or the int 5
if we write char c = 'B'+32; then c stores 'b'

ASCII TABLE
Dec Char Dec Char Dec Char Dec Char

0 NUL (null) 32 SPACE 64 @ 96 `

1 SOH (start of heading) 33 ! 65 A 97 a

2 STX (start of text) 34 66 B 98 b

3 ETX (end of text) 35 # 67 C 99 c

4 EOT (end of transmission) 36 $ 68 D 100 d

5 ENQ (enquiry) 37 % 69 E 101 e

6 ACK (acknowledge) 38 & 70 F 102 f

7 BEL (bell) 39 ' 71 G 103 g

8 BS (backspace) 40 ( 72 H 104 h

9 TAB (horizontal tab 41 ) 73 I 105 i

10 LF (NL, Line feed, New line) 42 * 74 J 106 j

11 VT (vertical tab) 43 + 75 K 107 k

12 FF (NP, form feed, New page) 44 , 76 L 108 l

13 CR (carriage return) 45 - 77 M 109 m

14 SO (shift out) 46 . 78 N 110 n

15 SI (shift in) 47 / 79 O 111 o

16 DLE (data link escape) 48 0 80 P 112 p

17 DC1 (device control 1) 49 1 81 Q 113 q

18 DC2 (device control 2) 50 2 82 R 114 r

19 DC3 (device control 3) 51 3 83 S 115 s

20 DC4 (device control 4) 52 4 84 T 116 t

21 NAK (negative acknowledge) 53 5 85 U 117 u

22 SYN (synchronous idle) 54 6 86 V 118 v

23 ETB (end of trans. Block) 55 7 87 W 119 w

24 CAN (cancel) 56 8 88 X 120 x

25 EM (end of medium) 57 9 89 Y 121 y

26 SUB (substitute) 58 : 90 Z 122 z

27 ESC (escape) 59 ; 91 [ 123 {

28 FS (file separator) 60 < 92 \ 124 |

29 GS (group separator) 61 = 93 ] 125 }

30 RS (record separator) 62 > 94 ^ 126 ~

31 US (unit separator) 63 ? 95 _ 127 DEL

UNICODE (Multilingual Computing)

Unicode is a universal standard for character encoding. The introduction of ASCII characters was
not enough to cover all the languages. Therefore, to overcome this situation, it was introduced.
The Unicode Consortium introduced this encoding scheme.
This standard includes roughly 149,186 characters to represent characters of different languages.
While ASCII uses only 1 byte the Unicode uses 4 bytes to represent characters. Hence, it provides a
very wide variety of encoding. It has three types namely UTF-8, UTF-16, UTF-32. Among them,
UTF-8 is used mostly it is also the default encoding for many programming languages.
UCS
It is a very common acronym in the Unicode scheme. It stands for Universal Character
Set. Furthermore, it is the encoding scheme for storing the Unicode text.
 UCS-2: It uses two bytes to store the characters.
 UCS-4: It uses two bytes to store the characters.
UTF
The UTF is the most important part of this encoding scheme. It stands for Unicode Transformation
Format. Moreover, this defines how the code represents Unicode. It has 3 types as follows:
UTF-7
This scheme is designed to represent the ASCII standard. Since the ASCII uses 7 bits encoding. It
represents the ASCII characters in emails and messages which use this standard.
UTF-8
It is the most commonly used form of encoding. Furthermore, it has the capacity to use up to 4
bytes for representing the characters. It uses:
 1 byte to represent English letters and symbols.
 2 bytes to represent additional Latin and Middle Eastern letters and symbols.
 3 bytes to represent Asian letters and symbols.
 4 bytes for other additional characters.
Moreover, it is compatible with the ASCII standard.
Its uses are as follows:
 Many protocols use this scheme.
 It is the default standard for XML files
 Some file systems Unix and Linux use it in some files.
 Internal processing of some applications.
 It is widely used in web development today.
 It can also represent emojis which is today a very important feature of most apps.
UTF-16
It is an extension of UCS-2 encoding. Moreover, it uses to represent the 65536 characters.
Moreover, it also supports 4 bytes for additional characters. Furthermore, it is used for internal
processing like in java, Microsoft windows, etc.
UTF-32
It is a multibyte encoding scheme. Besides, it uses 4 bytes to represent the characters.
Importance of Unicode
 As it is a universal standard therefore, it allows writing a single application for various
platforms. This means that we can develop an application once and run it on various
platforms in different languages. Hence we don’t have to write the code for the same
application again and again. And therefore the development cost reduces.
 Moreover, data corruption is not possible in it.
 It is a common encoding standard for many different languages and characters.
 We can use it to convert from one coding scheme to another. Since Unicode is the superset
for all encoding schemes. Hence, we can convert a code into Unicode and then convert it
into another coding standard.
 It is preferred by many coding languages. For example, XML tools and applications use this
standard only.
Advantages of Unicode
 It is a global standard for encoding.
 It has support for the mixed-script computer environment.
 The encoding has space efficiency and hence, saves memory.
 A common scheme for web development.
 Increases the data interoperability of code on cross platforms.
 Saves time and development cost of applications.

Difference between Unicode and ASCII

The differences between them are as follows:

Unicode Coding Scheme ASCII Coding Scheme

 It uses variable bit encoding

 It uses 7-bit encoding. As of now, the
according to the requirement. For
extended form uses 8-bit encoding.
example, UTF-8, UTF-16, UTF-32

 It is not a standard all over the

 It is a standard form.
world.

 People use this scheme all over  It has only limited characters hence,
the world. it cannot be used all over the world.
  The Unicode characters
themselves involve all the
 It has its equivalent coding
characters of the ASCII encoding.
characters in the Unicode.
Therefore we can say that it is a
superset for it.

 It has more about 149,186  In contrast, it has only 128

characters. characters.

Difference Between Unicode and ISCII

The differences between them are as follows:

Unicode Coding Scheme ISCII Coding Scheme

 It uses variable bit encoding

according to the requirement.  It uses 8-bit encoding and is an
For example, UTF-8, UTF-16, extension of ASCII.
UTF-32

 It is not a standard all over the

 A Unicode coding scheme is a
world. Moreover, it covers only
standard form.
some Indian languages.

 It covers only limited Indian

 People use this scheme all over
languages hence, it cannot be used
the world.
all over the world.

 The characters themselves

involve all the characters of the  It has its equivalent coding
ISCII encoding. Therefore we can characters in the Unicode.
say that it is a superset for it.

 It has more than 128,000  In contrast, it has only 256

 characters. characters.

SECURITY AND ETHICS

Data security refers to the process of protecting data from unauthorized access and data corruption
throughout its lifecycle. Data security includes data encryption, tokenization, and key management
practices that protect data across all applications and platforms.

Data ethics refer and adhere to the principles and values on which human rights and personal data
protection laws are based

Sources of security breaches

Keeping data safe is very important for many reasons. There can be very confidential details that people
want to keep safe. Data can be corrupted or deleted either through accidental or malicious act. There
are many sources of security breaches

Malware:

This is software used to gain access or damage a computer without the knowledge of the owner. There
are various types of malware including spyware, key loggers, true viruses, worms, or any type of
malicious code that ;

 Infiltrates a computer.
 Disrupts operations.
 Steals sensitive information.
 Allows unauthorized access to system resources.
 Slows computer or web browser speeds.
 Creates problems connecting to networks.
 Results in frequent freezing or crashing.

Hacking:

Hacking is the act of gaining illegal access to a computer system. Hacking can lead to identity theft and
gain of confidential data. Data can be deleted, changed and even corrupted.

Viruses:

Viruses are programs or a program code which can replicate itself with the intention of deleting or
corrupting files, or cause the computer to malfunctions. It can delete files and data and it can corrupt
them. It can also cause the device to crash and not respond.

Phishing:

Phishing is run by a person or a creator that sends out a legitimate looking email. and as soon as the
recipient clicks on the link, they are sent to a fake website. The creator of the email can access personal
data and this can lead to fraud or identity theft.
Pharming:

Pharming is a code installed on a user's hard drive or on the web server which redirects the user to a
fake website without the user knowing. The creator can get access to personal data and leads to fraud
or identity theft.

Wardriving:

The act of locating and using wireless internet connections illegally; it only requires a laptop (or other
portable device), a wireless network card and a antenna to pick up wireless signals. This can potentially
lead to the users internet time to be stolen, and it is very easy to steals a users password and personal
details.

Spyware/Key-Logging software:

Software that gathers information by monitoring key presses on the user’s keyboard; the information is
then sent back to the person who sent the software. This gives access to all the data entered using a
keyboard on the user’s computer. The software is able to install other spyware; read cookie data and
also change user’s default web browser.

Cookies:

is a packet of information sent by a web server to a web browser. Cookies are generated each time the
user visits the website.

Poorly implemented or lack of ICT Policy.

A National ICT Policy is a policy put into place by governments' and stakeholders' who are committed to
the process of bringing digital technology to all individuals and communities so that they can have
access to information. If it is poorly implemented, it can lead to security breach.

Commonly Used Terminologies In The World Of Hacking

Who is a Hacker?
A hacker is a person who finds and exploits the weakness in computer systems and/or networks to gain
access. Hackers are usually skilled computer programmers with knowledge of computer security.
Types of Hackers
Hackers are classified according to the intent of their actions. The following list classifies hackers
according to their intent.
Ethical Hacker (White hat): A hacker who gains access to systems with a view to fix the identified
weaknesses. They may also perform penetration Testing and vulnerability assessments.
Cracker (Black hat): A hacker who gains unauthorized access to computer systems for personal gain. The
intent is usually to steal corporate data, violate privacy rights, transfer funds from bank accounts etc.
Grey hat: A hacker who is in between ethical and black hat hackers. He/she breaks into computer
systems without authority with a view to identify weaknesses and reveal them to the system owner.
Script kiddies: A non-skilled person who gains access to computer systems using already made tools.
Hacktivist: A hacker who use hacking to send social, religious, and political, etc. messages. This is usually
done by hijacking websites and leaving the message on the hijacked website.
Phreaker: A hacker who identifies and exploits weaknesses in telephones instead of computers.
What is Ethical Hacking?
Ethical Hacking is identifying weakness in computer systems and/or computer networks and coming
with countermeasures that protect the weaknesses. Ethical hackers must abide by the following rules.
1. Get written permission from the owner of the computer system and/or computer network before
hacking.
2. Protect the privacy of the organization been hacked.
3. Transparently report all the identified weaknesses in the computer system to the organization.
4. Inform hardware and software vendors of the identified weaknesses.
Why Ethical Hacking?
Information is one of the most valuable assets of an organization. Keeping information secure can
protect an organization’s image and save an organization a lot of money.
Hacking can lead to loss of business for organizations that deal in finance such as PayPal. Ethical hacking
puts them a step ahead of the cyber criminals who would otherwise lead to loss of business.
Legality of Ethical Hacking
Ethical Hacking is legal if the hacker abides by the rules stipulated in the above section on the definition
of ethical hacking. The International Council of E-Commerce Consultants (EC-Council) provides a
certification program that tests individual’s skills. Those who pass the examination are awarded with
certificates. The certificates are supposed to be renewed after some time.
PREVENTIVE MEASURES TO AVOID CYBER SECURITY THREATS FROM POTENTIAL HACKERS
For the organizations:
Risk Management –
Minimizing the adverse impact and the need for a strong base in decision-making are the main reasons
organizations implement Risk Management on the IT systems. Changes to IT resource may likely
introduce vulnerabilities and change the overall risk status. Effective Risk Management helps identify
what are the more critical or sensitive resources so that, more stringent security controls can be applied
or more efforts required to protect.
Integrating the Risk Management into the System Development Life Cycle, help address security at all
the stages in the Life Cycle and would yield effective results.
Incident Management –
An effective Risk Management Program includes effective Incident Management and Response
capabilities. A Risk, not prevented by the Risk Management Controls establishes an incident. The
organizations must have strong Incident Response Team, with clearly defined Roles & Responsibilities
and, Incident Management Plans to manage such incidents with an intent to stop it from leading to
disaster. The Incident Management is more often a crisis management and hence, the policies and
procedures should be clear and to be able to follow easily. The procedures should be periodically
reviewed and tested for more effectiveness.
Periodic Review –
The organizations should continuously monitor the Security Metrics and review their effectiveness,
periodically. This helps know the effectiveness of the implemented security controls, realign the existing
or implement additional controls to manage the Information Security.
Providing periodical trainings on operational knowledge and awareness campaigns on the information
security concepts will help contribute to the Information Security Management
Detection/Prevention Tools –
Most organizations would have Intrusion Detection System or Intrusion Prevention System or both
systems in place to detect and protect the network from malicious attacks or breaches. Apart from
detecting threats or attacks, the IDS or IPS can also be used to identify problems with an organization's
security policy, document existing threats, and use the information to update awareness programs to
stop users from violating organization’s Information Security Policies.
Fine tuning these tools regularly to maximize the accuracy in recognizing real threats while minimizing
the number of false positives would help detect and defend new & zero day attacks effectively.
Patch Management –
The organizations should revisit their patch management process and extend this to the complete IT
systems. The increased attacks on the IoT devices can be addressed by including the Firmware updates
in the Organization's Patch Management process.
Training & Awareness –
People are the greatest risk to any organization. Their actions by mistake, accident, lack of knowledge
and may be occasionally with malicious intent lead to incidents. Providing periodical trainings on
operational knowledge and Awareness campaigns on the information security concepts will help them
contribute in the Information Security Management. Include awareness on Handling email attachments,
Phishing, Vishing, Click-jack, Social Engineering etc., in the training sessions. Test the effectiveness of the
awareness trainings, periodically.
For Individuals/Home Users:
 Install good antivirus, antimalware software and configure it tightly to protect your system.
 Installing a Firewall or Host Intrusion Prevention System adds extra layer of defense but it requires
little extra knowledge to configure the tools effectively.
 Use original software for all your needs and keep them updated.
 If you have to download free / Open Source tools, go to the software developer’s site for
downloading them. 3rd party repositories of the free software, may not have proper measures to
check the hosted software and you may end up downloading your software embedded with
malicious content and infecting your system.
 Be cautions on the email attachments. Do not open unknown email attachments.
 Backup your files to an offline storage and test them regularly to check the integrity of the files
and they can be recovered in any adverse event.
General 10 Ways to Prevent Cyber Attacks
Even if you don’t currently have the resources to bring in an outside expert to test your computer
systems and make security recommendations, there are simple, economical steps you can take to
reduce your risk of falling victim to a costly cyber attack
1. Train employees in cyber security principles.
2. Install, use and regularly update antivirus and antispyware software on every computer used in
your business.
3. Use a firewall for your Internet connection.
4. Download and install software updates for your operating systems and applications as they
become available.
5. Make backup copies of important business data and information.
6. Control physical access to your computers and network components.
7. Secure your Wi-Fi networks. If you have a Wi-Fi network for your workplace make sure it is
secure and hidden.
8. Require individual user accounts for each employee.
9. Limit employee access to data and information and limit authority to install software.
10. Regularly change passwords.