UNIT 3

Network Security
When data or information is shared over internet, it passes via a number of global
network devices that are a component of the public internet. Data that is
transmitted via the open internet leads to the risk of being stolen or hacked by
hackers. Users can be using some mechanism to the safe transfer of data to avoid
hacking. This approach ensures that sensitive information such as personal
details, financial data, or secret communications remains secure as it travels over
networks or is stored on devices.
OR
Network security refers to protect computer networks from unauthorized access,
misuse, or damage. It involves implementing tools, technologies and procedures
to protection systems from unauthorized access, misuse, and cyberattacks. The
goal is to ensure that data transmitted across the network remains safe and secure,
protecting sensitive information from hackers and other threats.
The various methods for network security are following:

Firewalls:
A firewall is used to monitors and controls incoming and outgoing network traffic
based on predetermined security rules. It acts as a barrier between a trusted
network and an untrusted network, such as the Internet. These act as barriers
between trusted internal networks and untrusted external networks. It can block
or allow traffic based on predetermined security rules. They monitor every
attempt between our computer and another network. They do not allow data
packets to be transferred by them unless the data is coming or going from a user-
specified trusted source. Incoming traffic is allowed only through trusted IP
addresses, or sources.
OR
A firewall is used to monitors and filters incoming and outgoing network traffic
based on a defined set of security rules. It acts as a barrier between internal private
networks and external sources (such as the public Internet).
The primary purpose of a firewall is to allow prevent malicious or unwanted data
traffic for protecting the computer from viruses and attacks. A firewall is used to
filters network traffic and helps users block malicious software from accessing
the Internet in infected computers. It is used to set a barrier between the internet
and LAN (local area network). The purpose of a network firewall is to protect our
private LAN. It prevents your private network from outside users.

Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS):

IDS monitors network traffic for doubtful activity and alerts administrators, while
IPS actively blocks detected threats.

Encryption/Decryption:
The word encryption comes from the Greek word kryptos, meaning hidden or
secret. Encryption refers to the process of converting readable data, known as
plaintext, into an unreadable format called ciphertext. This transformation
ensures that the data remains secure and inaccessible to unauthorized users. It is
the process of converting data into an unreadable, encoded version that can only
be read with authorized access. It involves converting the data into encrypted data
called cipher text using a key and then encapsulate the message with this key. It
is a widely used security tool that can prevent the interception of sensitive data
(such as personal details, financial data, or private communications remains
secure as it travels over networks or is stored on devices.) either while stored in
files or while in travel across networks.
OR
It is the process of converting readable information (plaintext) into an unreadable
format (ciphertext) to protect it from unauthorized access. The conversion of
plaintext into ciphertext is known as encryption. It is the process of converting
data into an unreadable, encoded version that can only be read with authorized
access. It is a technique to hide data from unauthorized persons by encoding data
not to be viewed and modified. Encryption is a basis of data security, protecting
sensitive information during transmission.

Decryption:
Decryption is the reverses process of encryption. Decryption reverses the
encryption process to translate the message back into its original form. The sender
in the source machine uses an encryption key to transform the plaintext (original
message) into a cipher text (encrypted message) to encrypt the data. At the
destination machine, the reverse process takes place. The receiver has a key to
translate back the ciphertext into the original plaintext. So, we can say that it
reverses the encryption process to translate the message back into its original
form.
Example- Suppose we have a text in which each letter is shifted by an agreed
number. So, for example, if the agreed number is three, then the message "Be
at the gates at six" becomes "eh dw wkh jdwhv dw vla."

Real Life Example-

• Encryption is used in a variety of conditions. Every time someone carries
out a transaction on an ATM or buys something online with a smartphone,
text or call somebody ,Payment Card Industry Data Security
Standard requires trader/dealer to encrypt customer payment card data
when transmitted across public networks. encryption protects the
transmitted data.
• HTTPS encrypts data transmitted between a browser and a website,
ensuring secure communication.
• When sending sensitive emails, encryption ensures that only the intended
recipient can read the message.
• Applications like WhatsApp use encryption to secure messages, ensuring
only the sender and recipient can read them.
Virtual Private Networks (VPNs):
A Virtual Private Network (VPN) is a network that creates a secure, encrypted
connection over the Internet, allowing users to send and receive data as if their
devices were directly connected to a private network. It creates secure tunnels for
data transmission over the internet, protecting it from any bug and tampering. It
establishes a secure communication channel, referred to as a tunnel, between the
user’s device and the VPN server.
A VPN enabling users to send and receive data securely. It creates a tunnel
through which data travels, ensuring that sensitive information remains private
and protected from unauthorized access. This is particularly useful when using
public WiFi networks, where data can be unsafe to interception. Upon connecting
to a VPN server, the user’s original IP address is hidden, replaced with the server’s
IP address.
Access Control:
Implementing measures to restrict access to sensitive data or systems based on
user roles and permissions helps prevent unauthorized access.

Authentication:
It is the process of verifying the identity of users or devices attempting to access
network resources. It ensures that only authorized entities can interact with the
network, protecting against unauthorized access. It is the process of verifying the
identity of a device or user on a network. This is done to ensure that only
authorized devices and users are able to access network resources. There are
many different methods that can be used for authentication, including passwords,
biometric factors such as fingerprints or facial recognition, Fingerprints, Hand
Geometry (includes the shape, length, and width of fingers), Retinal pattern (It is
concerned with the detailed structure of the eye.), Signature(Every person has a
unique style of handwriting, and this feature is reflected in the signatures of a
person.), Voice(This method records the frequency pattern of the voice of an
single speaker.).
For Example-
Local login
By default, all operating systems save usernames and passwords locally. When a
user types a username and password, the operating system uses the locally stored
database to verify them. If the supplied information are correct, the user logs in.
If they are incorrect, the user fails to log in.
Network login
In the network login, a server system saves usernames and passwords. When a
user types a username and password, the such information forwards them to the
server system. The server system checks its database to allow or deny the login.
If the supplied information are correct, it permits the login. If they are incorrect,
it denies the login request.

Antivirus and Anti-malware Software: These programs help detect and remove
malicious software that could compromise network security.
Security Policies and Training: Establishing clear security policies and training
employees on best practices helps create a security-conscious culture within an
organization.
User Datagram Protocol (UDP)
UDP is a short form for User Datagram protocol. It is one of the simplest transport
layer protocols. It is a connectionless and unreliable transport protocol. The UDP
protocol allows the computer applications to send the messages in the form of
datagrams from one machine to another machine over the Internet Protocol (IP)
network. UDP is a connectionless protocol as it does not require any virtual circuit
to transfer the data. The UDP works by encapsulating the data into the packet and
providing its own header information to the packet. Then, this UDP packet is
encapsulated to the IP packet and sent to its destination. Both the TCP and UDP
protocols send the data over the internet protocol network, so it is also known as
TCP/IP and UDP/IP.
It also provides a different port number to different user requests and also
provides the checksum capability to verify whether the complete data has arrived
or not.
OR
It is a transport layer protocol. It is an unreliable and connectionless protocol. It
is much faster, simpler, and efficient than TCP. However, it doesn't check errors
due to which Bandwidth is saved. It is widely used in real-time services like
videogame, voice, or video communication.
The packets sent by the UDP are called user datagrams.

Key Features of UDP

The various features are following:

1. Connectionless Protocol:
• UDP does not establish a connection before sending data. Each
packet (called a datagram) is sent independently.
2. No Error Recovery:
• UDP does not provide mechanisms for error recovery or
retransmission of lost packets. Applications must handle these
concerns if needed.
3. Low Latency:
 • Due to its minimal overhead, UDP is ideal for applications
requiring fast transmission, such as online gaming, video
conferencing, and live broadcasts.
4. Packet Structure:
A UDP packet consists of four fields:
• Source Port: Port number of the sender.
• Destination Port: Port number of the receiver.
• Length: Total length of the UDP header and data.
• Checksum: Used for error-checking the header and data (though
it's optional in some cases).

5. No Ordering:
• Packets sent over UDP may arrive out of order. It’s up to the
application layer to handle any necessary ordering.
6. Broadcast and Multicast Support:
• UDP supports broadcasting (sending packets to all devices on a
network) and multicasting (sending packets to a group of
devices).

UDP Packet OR User Datagram Format

The UDP packets are commonly known as User Datagram and the size of the
header is fixed that is 8 bytes.
UDP Header Structure

Source port number:

This field identifies the port of the sending application. Source Port is a 2 Byte
long field used to identify the port number of the source. This port number is
mainly used by the process that is running on the source host. It is mainly used to
identify the port of the sending or source application.

Destination port number: This field identifies the port of the receiving
application. It identifies which port is going to accept the information. It is 16-bit
information which is used to identify application-level service on the destination
machine.

Length: This field specifies the total length of the UDP datagram, including the
header and the data. The minimum length is 8 bytes, which is the size of the
header. It is 16-bit field that specifies the entire length of the UDP packet that
includes the header also.

Checksum: It is a 16-bits field, and it is an optional field. This checksum field

checks whether the information is accurate or not as there is the possibility that
the information can be corrupted while transmission. It is an optional field, which
means that it depends upon the application, whether it wants to write the
checksum or not. If it does not want to write the checksum, then all the 16 bits
are zero; otherwise, it writes the checksum. In UDP, the checksum field is applied
to the entire packet, i.e., header as well as data part.

Field Size Description

16
Identifies the sender’s port number.
Source Port bits

Destination 16
Identifies the receiver’s port number.
Port bits

16 Specifies the total length of UDP header and

Length bits data.

16
Used for error detection.
Checksum bits

Advantages:
The various advantages are following:

1-The packet created by UDP is relatively smaller than that of TCP (UDP Header:
8 bytes)

2-Connectionless Transmission

3-It is Faster, Simpler and Efficient

Disadvantages:
The various disadvantages are following:

• There is no guarantee that the sender will receive the data

• Lack of proper Error checking mechanisms
• The lost packets will not be retransmitted
 • There is a possibility of receiving out of order packets

Real-Life Examples of UDP:

The various examples are following:

[Link] Games -
Most of the online games we play use the services of User Datagram Protocol.
Since any amount of delay cannot be tolerated in online games UDP is widely
used over TCP which is quite slower. UDP doesn't retransmit the lost data and is
a connectionless protocol due to which it is much faster.
Ex: All online games

[Link] Conferencing -
Video Conferencing apps like Skype, Gmeet, Zoom, all use the services of UDP
due to the fact that they are real-time applications and any delay in receiving the
data cannot be tolerated.
Ex: Skype, Google Meet, zoom, and Facetime.

[Link] Over IP(VoIP) -

It is similar to Video Conferencing, where apps like Viber, Whatsapp, Google
Hangouts use UDP for converting our voice to digital data and transmit it over
the network, hence the name VoIP.
Ex: Viber, Whatsapp Voice calling, Wi-Fi calling.

4-Trivial File Transfer Protocol (TFTP): A simple protocol for transferring

files without the overhead of error checking.
5-Simple Network Management Protocol (SNMP): Used for network
management and monitoring.