Cyber Security – Chapter 1

1. Data Communication – Definition, Components, Types, Channels

Transferring data over a transmission medium between two or more devices, systems, or places is known
as data communication. Nowadays, computing and telecommunications depend heavily on this data
transmission, which makes a variety of applications conceivable, including email, video chatting, the
Internet, and many more things.

In this article, we will learn about Data communication, Definition, Components, Types, and Channels.

Components of Data Communication

A communication system is made up of the following components:

1. Message: A message is a piece of information that is to be transmitted from one person to

another. It could be a text file, an audio file, a video file, etc.

2. Sender: It is simply a device that sends data messages. It can be a computer, mobile, telephone,
laptop, video camera, or workstation, etc.

3. Receiver: It is a device that receives messages. It can be a computer, telephone mobile,

workstation, etc.

4. Transmission Medium / Communication Channels: Communication channels are the medium

that connect two or more workstations. Workstations can be connected by either wired media
or wireless media.

5. Set of rules (Protocol): When someone sends the data (The sender), it should be
understandable to the receiver also otherwise it is meaningless. For example, Sonali sends a
message to Chetan. If Sonali writes in Hindi and Chetan cannot understand Hindi, it is a
meaningless conversation.
Therefore, there are some set of rules (protocols) that is followed by every computer connected to the
internet and they are:

• TCP(Transmission Control Protocol): It is responsible for dividing messages into packets on the
source computer and reassembling the received packet at the destination or recipient computer.
It also makes sure that the packets have the information about the source of the message data,
the destination of the message data, the sequence in which the message data should be re-
assembled, and checks if the message has been sent correctly to the specific destination.

• IP(Internet Protocol): Do You ever wonder how computer determines which packet belongs to
which device. What happens if the message you sent to your friend is received by your father?
Scary Right. Well! IP is responsible for handling the address of the destination computer so that
each packet is sent to its proper destination.

Type of data communication

As we know that data communication is communication in which we can send or receive data from one
device to another. The data communication is divided into three types:

1. Simplex Communication: It is one-way communication or we can say that unidirectional

communication in which one device only receives and another device only sends data and
devices uses their entire capacity in transmission. For example, IoT, entering data using a
keyboard, listening music using a speaker, etc.

2. Half Duplex communication: It is a two-way communication, or we can say that it is a

bidirectional communication in which both the devices can send and receive data but not at the
same time. When one device is sending data then another device is only receiving and vice-
versa. For example, walkie-talkie.

3. Full-duplex communication: It is a two-way communication or we can say that it is a

bidirectional communication in which both the devices can send and receive data at the same
time. For example, mobile phones, landlines, etc.

Communication Channels

Communication channels are the medium that connects two or more workstations. Workstations can be
connected by either wired media or wireless media. It is also known as a transmission medium. The
transmission medium or channel is a link that carries messages between two or more devices. We can
group the communication media into two categories:

• Guided media transmission

• Unguided media transmission

1. Guided Media: In this transmission medium, the physical link is created using wires or cables
between two or more computers or devices, and then the data is transmitted using these cables in terms
of signals. Guided media transmission of the following types:
1. Twisted pair cable: It is the most common form of wire used in communication. In a twisted-pair
cable, two identical wires are wrapped together in a double helix. The twisting of the wire reduces the
crosstalk. It is known as the leaking of a signal from one wire to another due to which signal can corrupt
and can cause network errors. The twisting protects the wire from internal crosstalk as well as external
forms of signal interference. Types of Twisted Pair Cable :

• Unshielded Twisted Pair (UTP): It is used in computers and telephones widely. As the name
suggests, there is no external shielding so it does not protects from external interference. It is
cheaper than STP.

• Shielded Twisted Pair (STP): It offers greater protection from crosstalk due to shield. Due to
shielding, it protects from external interference. It is heavier and costlier as compare to UTP.

2. Coaxial Cable: It consists of a solid wire core that is surrounded by one or more foil or wire shields.
The inner core of the coaxial cable carries the signal and the outer shield provides the ground. It is
widely used for television signals and also used by large corporations in building security systems. Data
transmission of this cable is better but expensive as compared to twisted pair.

3. Optical fibers: Optical fiber is an important technology. It transmits large amounts of data at very high
speeds due to which it is widely used in internet cables. It carries data as a light that travels inside a thin
glass fiber. The fiber optic cable is made up of three pieces:

1. Core: Core is the piece through which light travels. It is generally created using glass or plastic.

2. Cladding: It is the covering of the core and reflects the light back to the core.

3. Sheath: It is the protective covering that protects fiber cable from the environment.

2. Unguided Media: The unguided transmission media is a transmission mode in which the signals are
propagated from one device to another device wirelessly. Signals can wave through the air, water, or
vacuum. It is generally used to transmit signals in all directions. Unguided Media is further divided into
various parts :

1. Microwave: Microwave offers communication without the use of cables. Microwave signals are just
like radio and television signals. It is used in long-distance communication. Microwave transmission
consists of a transmitter, receiver, and atmosphere. In microwave communication, there are parabolic
antennas that are mounted on the towers to send a beam to another antenna. The higher the tower, the
greater the range.

2. Radio wave: When communication is carried out by radio frequencies, then it is termed radio waves
transmission. It offers mobility. It is consists of the transmitter and the receiver. Both use antennas to
radiate and capture the radio signal.

3. Infrared: It is short-distance communication and can pass through any object. It is generally used in TV
remotes, wireless mouse, etc.
2. Network Reference Model: OSI and TCP/IP Model

OSI Model

OSI stands for Open Systems Interconnection. It has 7 layers Physical layer, Data Link layer, Network
layer, Transport layer, Session layer, Presentation layer, and Application layer. Each layer performs its
task independently. It was developed in 1984 by the International Organization for Standardization
(ISO).

OSI Model
Data Flow in OSI Model

The data flow in the OSI (Open Systems Interconnection) model describes how data is transmitted
from one device to another through the seven layers of the OSI model. This process involves
encapsulation and decapsulation at each layer to ensure proper data transmission and reception.

The data flow in the OSI model involves encapsulating data at each layer on the sender side,
transmitting it over the network, and decapsulating it at each layer on the receiver side to ensure the
data reaches its intended destination correctly and reliably.

OSI Model

Advantages

• Both connection-oriented services and connectionless services are supported.

• It is quite flexible.

• All the layers work independently.

Disadvantages

• Setting up a model is a challenging task.

• Sometimes, it becomes difficult to fit a new protocol into this model.

• It is only used as a reference model.

TCP/IP Model

TCP/IP stands for Transmission Control Protocol/Internet Protocol. It has 4 layers named as Physical
layer, Network layer, Transport layer, and Application layer. It also can be used as a communications
protocol in a private computer network. It was designed by Vint Cerf and Bob Kahn in the 1970s.

Advantages

• Many Routing protocols are supported.

• It is highly scalable and uses a client-server architecture.

• It is lightweight.

Disadvantages

• Little difficult to set up.

• Delivery of packets is not guaranteed by the transport layer.

• Vulnerable to a synchronization attack.

Similarities Between OSI Model and TCP/IP Model

OSI and TCP/IP both are logical models. One of the main similarities between the OSI and TCP/IP
models is that they both describe how information is transmitted between two devices across a
network. Both models define a set of layers. Each layer performs a specific set of functions to enable
the transmission of data.

Another similarity between the two models is that they both use the concept of encapsulation, in
which data is packaged into a series of headers and trailers that contain information about the data
being transmitted and how it should be handled by the network.
For more information, you can refer Similarities between TCP/IP model and the OSI model article.

Differences Between OSI Model and TCP/IP Model

The OSI (Open Systems Interconnection) Model and the TCP/IP (Transmission Control
Protocol/Internet Protocol) Model are two frameworks used to understand how data moves through
networks. While they both help in organizing network communication, they have distinct structures
and purposes. Understanding these differences is essential for anyone learning about or working
with computer networks.

OSI vs TCP/IP

Parameters OSI Model TCP/IP Model

TCP/IP stands for

Full Form OSI stands for Open Systems Interconnection Transmission Control
Protocol/Internet Protocol

Layers It has 7 layers It has 4 layers

Usage It is low in usage It is mostly used

Approach It is vertically approached It is horizontally approached

Parameters OSI Model TCP/IP Model

Delivery of the package is

Delivery of the package is guaranteed in OSI
Delivery not guaranteed in TCP/IP
Model
Model

Replacement of tools and changes can easily Replacing the tools is not
Replacement
be done in this model easy as it is in OSI Model

It is more reliable than OSI

Reliability It is less reliable than TCP/IP Model
Model

Not tied to specific protocols, but examples

Protocol include HTTP (Application), SSL/TLS HTTP, FTP, TCP, UDP, IP,
Example (Presentation), TCP (Transport), IP (Network), Ethernet
Ethernet (Data Link)

Error Handling Built into Data Link and Transport layers Built into protocols like TCP

Both connection-oriented (TCP) and

Connection TCP (connection-oriented),
connectionless (UDP) protocols are covered
Orientation UDP (connectionless)
at the Transport layer

3. TCP/IP Three way handshake

What is the TCP 3-Way Handshake?
The TCP 3-Way Handshake is a fundamental process used in the Transmission Control Protocol
(TCP) to establish a reliable connection between a client and a server before data transmission
begins. This handshake ensures that both parties are synchronized and ready for
communication.
TCP Segment Structure
A TCP segment consists of data bytes to be sent and a header that is added to the data by TCP as
shown:
 The header of a TCP segment can range from 20-60 bytes. 40 bytes are for options. If there are
no options, a header is 20 bytes else it can be of upmost 60 bytes. Header fields:
• Source Port Address: A 16-bit field that holds the port address of the application that is sending
the data segment.
• Destination Port Address: A 16-bit field that holds the port address of the application in the host
that is receiving the data segment.
• Sequence Number: A 32-bit field that holds the sequence number , i.e, the byte number of the
first byte that is sent in that particular segment. It is used to reassemble the message at the
receiving end of the segments that are received out of order.
• Acknowledgement Number: A 32-bit field that holds the acknowledgement number, i.e, the
byte number that the receiver expects to receive next. It is an acknowledgement for the
previous bytes being received successfully.
• Header Length (HLEN): This is a 4-bit field that indicates the length of the TCP header by a
number of 4-byte words in the header, i.e if the header is 20 bytes(min length of TCP header ),
 then this field will hold 5 (because 5 x 4 = 20) and the maximum length: 60 bytes, then it’ll hold
the value 15(because 15 x 4 = 60). Hence, the value of this field is always between 5 and 15.
• Control flags: These are 6 1-bit control bits that control connection establishment, connection
termination, connection abortion, flow control, mode of transfer etc. Their function is:
o URG: Urgent pointer is valid
o ACK: Acknowledgement number is valid( used in case of cumulative acknowledgement)
o PSH: Request for push
o RST: Reset the connection
o SYN: Synchronize sequence numbers
o FIN: Terminate the connection
• Window size: This field tells the window size of the sending TCP in bytes.
• Checksum: This field holds the checksum for error control . It is mandatory in TCP as opposed to
UDP.
• Urgent pointer: This field (valid only if the URG control flag is set) is used to point to data that is
urgently required that needs to reach the receiving process at the earliest. The value of this field
is added to the sequence number to get the byte number of the last urgent byte.
TCP 3-way Handshake Process
The process of communication between devices over the internet happens according to the
current TCP/IP suite model(stripped-out version of OSI reference model). The Application layer is
a top pile of a stack of TCP/IP models from where network-referenced applications like web
browsers on the client side establish a connection with the server. From the application layer, the
information is transferred to the transport layer where our topic comes into the picture. The two
important protocols of this layer are – TCP, and UDP(User Datagram Protocol) out of which TCP
is prevalent(since it provides reliability for the connection established). However, you can find an
application of UDP in querying the DNS server to get the binary equivalent of the Domain Name
used for the website.

TCP provides reliable communication with something called Positive Acknowledgement with
Re-transmission(PAR) . The Protocol Data Unit(PDU) of the transport layer is called a segment.
Now a device using PAR resend the data unit until it receives an acknowledgement. If the data
unit received at the receiver’s end is damaged(It checks the data with checksum functionality of
the transport layer that is used for Error Detection ), the receiver discards the segment. So the
 sender has to resend the data unit for which positive acknowledgement is not received. You can
realize from the above mechanism that three segments are exchanged between sender(client)
and receiver(server) for a reliable TCP connection to get established. Let us delve into how this
mechanism works

• Step 1 (SYN): In the first step, the client wants to establish a connection with a server, so it sends
a segment with SYN(Synchronize Sequence Number) which informs the server that the client is
likely to start communication and with what sequence number it starts segments with
• Step 2 (SYN + ACK): Server responds to the client request with SYN-ACK signal bits set.
Acknowledgement(ACK) signifies the response of the segment it received and SYN signifies with
what sequence number it is likely to start the segments with
• Step 3 (ACK): In the final part client acknowledges the response of the server and they both
establish a reliable connection with which they will start the actual data transfer

4. Network Address Translator (NAT)

Network Address Translation (NAT) is a process in which one or more local IP addresses are
translated into one or more Global IP addresses and vice versa to provide Internet access to the
local hosts. It also does the translation of port numbers, i.e., masks the port number of the host
with another port number in the packet that will be routed to the destination. It then makes the
corresponding entries of IP address and port number in the NAT table. NAT generally operates on
a router or firewall.
Network Address Translation

Working of Network Address Translation (NAT)

Generally, the border router is configured for NAT i.e. the router which has one interface in the
local (inside) network and one interface in the global (outside) network. When a packet traverse
outside the local (inside) network, then NAT converts that local (private) IP address to a global
(public) IP address. When a packet enters the local network, the global (public) IP address is
converted to a local (private) IP address.

If NAT runs out of addresses, i.e., no address is left in the pool configured then the packets will
be dropped and an Internet Control Message Protocol (ICMP) host unreachable packet to the
destination is sent.

Types of Network Address Translation (NAT)

Static NAT

In this, a single unregistered (Private) IP address is mapped with a legally registered (Public) IP
address i.e one-to-one mapping between local and global addresses. This is generally used for
Web hosting. These are not used in organizations as there are many devices that will need
Internet access and to provide Internet access, a public IP address is needed.

Suppose, if there are 3000 devices that need access to the Internet, the organization has to buy
3000 public addresses that will be very costly.

Dynamic NAT

In this type of NAT, an unregistered IP address is translated into a registered (Public) IP address
from a pool of public IP addresses. If the IP address of the pool is not free, then the packet will
be dropped as only a fixed number of private IP addresses can be translated to public addresses.
Suppose, if there is a pool of 2 public IP addresses then only 2 private IP addresses can be
translated at a given time. If 3rd private IP address wants to access the Internet then the packet
will be dropped therefore many private IP addresses are mapped to a pool of public IP addresses.
NAT is used when the number of users who want to access the Internet is fixed. This is also very
costly as the organization has to buy many global IP addresses to make a pool.

Port Address Translation (PAT)

This is also known as NAT overload. In this, many local (private) IP addresses can be translated
to a single registered IP address. Port numbers are used to distinguish the traffic i.e., which
traffic belongs to which IP address. This is most frequently used as it is cost-effective as
thousands of users can be connected to the Internet by using only one real global (public) IP
address.

5. Information security goals

Information security is necessary to ensure the confidentiality, integrity, and availability of
information, whether it is stored digitally or in other forms such as paper documents. Information
Security programs are build around 3 objectives, commonly known as CIA – Confidentiality,
Integrity, Availability.

• Confidentiality – Means information is not disclosed to unauthorized individuals,

entities and process. For example if we say I have a password for my Gmail account but
someone saw while I was doing a login into Gmail account. In that case my password has
been compromised and Confidentiality has been breached.

• Integrity – Means maintaining accuracy and completeness of data. This means data
cannot be edited in an unauthorized way. For example if an employee leaves an
organisation then in that case data for that employee in all departments like accounts,
should be updated to reflect status to JOB LEFT so that data is complete and accurate and
in addition to this only authorized person should be allowed to edit employee data.

• Availability – Means information must be available when needed. For example if one
needs to access information of a particular employee to check whether employee has
outstanded the number of leaves, in that case it requires collaboration from different
organizational teams like network operations, development operations, incident response
and policy/change management. Denial of service attack is one of the factor that can
hamper the availability of information.
CIA Triad- Information Security

6. Basic Concept of Cryptography and Steganography

What is Steganography?

Steganography is a method in which a secret message is hidden in a cover media. Steganography

means covered writing. Steganography is the idea of preventing secret information by creating
suspicion. Steganography is less popular than Cryptography. In steganography, the structure of
data is not usually altered. The forms of steganography are:

• Text

• Audio

• Video

• Images

• Network or Protocol

What is Cryptography?

Cryptography means secret writing. In cryptography, the sender does not send a message directly
to the receiver, before sending information to the receiver information or plain text is converted
into cipher text by using some encryption algorithm then sent to the receiver and the receiver
decrypts the cipher text into plain text to read the original information. It is of two types:

• Symmetric key cryptography

• Asymmetric key cryptography

Difference between Steganography and Cryptography

Basis Steganography Cryptography

Steganography means covered Cryptography means secret
Definition
writing. writing.
Steganography is less popular While cryptography is more
popularity
than Cryptography. popular than Steganography.
The attack’s name in In cryptography, the Attack’s
Attack Name
Steganography is Steganalysis. name is Cryptanalysis.
In steganography, the structure While in cryptography, the
Data Alteration
of data is not usually altered. structure of data is altered.
Security Steganography supports Cryptography supports
Principles Confidentiality and Confidentiality and
Basis Steganography Cryptography
Authentication security Authentication security
principles. principles as well as Data
integrity and Non-
repudiation.
In steganography, the fact that a
While in cryptography only a
Visibility secret communication is taking
secret message is hidden.
place is hidden.
Cryptography involves the use
In steganography, not many
Mathematical of number theory,
mathematical transformations
Involvement mathematics, etc. to modify
are involved.
data
Information In Steganography the In cryptography, the
Handling information is hidden. information is transformed.
Information The hidden information is not Transformed information is
Visibility visible. visible.
Cryptography Provides
Security Steganography Provides
Confidentiality, Integrity, Non-
Services Confidentiality only.
repudiation.
Cryptography has Various
Steganography doesn’t have
Algorithms recognized and approved
specific algorithms.
algorithms.
The goal of steganography is to
The main goal of cryptography
make the information invisible
is to keep the contents of the
Goal to anyone who doesn’t know
message secret from
where to look or what to look
unauthorized access.
for