Introduction to Computer Networks and Cybersecurity

Chwan-Hwa "John" Wu joined the faculty of Auburn University, Alabama, in 1987, and is currently a professor of electrical and computer engineering. He has been the principal investigator on research projects funded by NSF, the U.S. Army, NASA, USDA, and many companies, including Northrop Grumman and Lockheed Martin. His current research interests include cybersecurity. He is an author and co-author of two books, 58 journal papers, and more than 130 conference publications. He also holds five U.S. patents. Dr. Wu is a Fellow of the IEEE. J. David Irwin joined Auburn University, Alabama, in 1969, and is currently the Earle C. Williams Eminent Scholar in the Electrical and Computer Engineering Department. He is the author or co-author of numerous publications, including 17 textbooks. He has held numerous positions within the IEEE, including president of both the Industrial Electronics and Education Societies, as well as editor-in-chief of the IEEE Transactions on Industrial Electronics. He is a Life Fellow of the IEEE and a Fellow of both the ASEE and the AAAS. He is the recipient of numerous education and technical awards.

An Introduction to Information Networks
Introduction
The Internet Architecture
Access Networks
The Network Core
Circuit Switching vs. Packet Switching
Packet Switching Delays and Congestion
The Protocol Stack
Providing the Benefits of Circuit Switching to Packet Switching
Cyber Security
History of the Internet
Concluding Remarks
References
Problems

SECTION 1 — APPLICATIONS

The Application Layer
Overview
Client/Server and Peer-to-Peer Architectures
Inter-process Communication through the Internet
Sockets
Transport Layer Services
The Hypertext Transfer Protocol (http)
Cookies: Providing States to HTTP
The Design of Efficient Information Delivery through Use of a Proxy
The File Transfer Protocol (FTP)
Electronic Mail
Concluding Remarks
References
Problems

DNS and Active Directory
The Domain Name Service (DNS)
Active Directory (AD)
Concluding Remarks
References
Problems

XML-Based Web Services
Overview of XML-Based Web Applications
Client/Server Web Application Development
The PHP Server Script
AJAX
XML
XML Schema
The XML Document Object Model (DOM)
Concluding Remarks
References
Problems

Socket Programming
Motivation
Socket Concepts
TCP Socket Programming
Single-Thread TCP Socket Programming
Multi-thread TCP Socket Programming
UDP Socket Programming
Multi-thread UDP Socket Programming
IPv6 Socket Programming
Concluding Remarks
References
Problems

Peer-to-Peer (P2P) Networks and Applications
P2P-vs-Client/Server
Types of P2P Networks
Pure P2P: Gnutella Networks
Partially Centralized Architectures
Hybrid Decentralized (or Centralized) P2P
Structured vs. Unstructured P2P
Skype
P2P Client Software
Peer-to-Peer Name Resolution (PNRP)
Apple’s Bonjour
Wi-Fi Direct Devices and P2P Technology
P2P Security
Internet Relay Chat (IRC)
Concluding Remarks
References
Problems

SECTION 2 — LINK AND PHYSICAL LAYERS

The Data Link Layer and Physical Layer
The Physical Layer
Link Layer Functions
Link Layer Realization
Multiple Access Protocols
The Link Layer Address
MAC Layer Frame Format
The 802.2 Logic Link Control (LLC) Sublayer
Loop Prevention and Multipathing
Error Detection
Concluding Remarks
References
Problems

The Ethernet and Switches
Ethernet Overview
The 802.3 Medium Access Control and Physical Layers
The Ethernet Carrier Sense Multiple Access/Collision Detection Algorithm
Ethernet Hubs
Minimum Ethernet Frame Length
Ethernet Cables and Connectors
Gigabit Ethernet and Beyond
Bridges and Switches
A Layer 2 (L2) Switch and Layer 3 (L3) Switch/Router
Design Issues in Network Processors (NPs) and ASICs
Design Issues for the Packet Buffer/Memory and Switch Fabric
Cut-Through or Store-and-Forward Ethernet for Low-Latency Switching
Switch Management
Concluding Remarks
References
Problems

Virtual LAN, Class of Service, and Multilayer Networks
The Virtual LAN (VLAN-802.11q)
Class of Service (CoS-802.11p)
Switch Design Issues in CoS, Queues and Switch Fabric
Asynchronous Transfer Mode (ATM)
Classical IP over ATM
Multiprotocol Label Switching (MPLS)
Multilayer Network (MLN) Architectures
Concluding Remarks
References
Problems

Wireless and Mobile Networks
An Overview of Wireless Networks
802.11 Wireless LANs
Wireless Personal Area Network (WPAN)
WLANs and WPANs Comparison
WiMAX (802.16)
Cellular Networks
Concluding Remarks
References
Problems

SECTION 3 — NETWORK LAYER

The Network Layer
Network Layer Overview
Connection-Oriented Networks
Connectionless Datagram Forwarding
Datagram Networks vs. Virtual Circuit ATM Networks
Network Layer Functions in the Protocol Stack
The IPv4 Header
IP Datagram Fragmentation/Reassembly
Type of Service (ToS)
The IPv4 Address
The Dynamic Host Configuration Protocol (DHCP)
IP Multicast
Routing between LANs
Multiprotocol Label Switching (MPLS)
Network Address Translation (NAT)
The Internet Control Message Protocol (ICMP)
The Mobile Internet Protocol
Concluding Remarks
References
Problems

IPv6
The Need for IPv6
The IPv6 Packet Format
IPv6 Addresses
The Transition from IPv4 to IPv6
IPv6 Configuration and Testing
Concluding Remarks
References
Problems

Routing and Interior Gateways
Routing Protocol Overview
Configuring a Router
VLAN Routing
Open Shortest Path First (OSPF)
The OSPF Routing Algorithm
The Routing Information Protocol (RIP)
OSPF-vs.-RIP
Concluding Remarks
References
Problems

Border Gateway Routing
Autonomous Systems
Border Gateway Protocol (BGP) Overview
A Real-World BGP Case
BGP Route Advertisements
BGP Route Selection
BGP Import and Export Policies
BGP Security
Concluding Remarks
References
Problems

SECTION 4 — TRANSPORT LAYER

The Transport Layer
Transport Layer Overview
The Socket
The User Datagram Protocol (UDP)
A Reliable Transport Protocol: TCP
The TCP Packet Header and Options
The Buffer and Sliding Window
Features of the Stream Control Transmission Protocol (SCTP)
The SCTP Packet Format
SCTP Association Establishment
The SCTP SHUTDOWN
SCTP Multi-Homing
Concluding Remarks
References
Problems

Packet Loss Recovery
Packet Acknowledgment (ACK) and Retransmission
Round Trip Time and Retransmission Timeout
Cumulative ACK and Duplicate ACK
The Sliding Window and Cumulative ACK
Delayed ACK
Fast Retransmit
Lost Synchronization (SYN) Packet and Recovery
The Silly Window Syndrome/Solution
The TCP Selective Acknowledgment (SACK) Option
Concluding Remarks
References
Problems

TCP Congestion Control
TCP Flow Control
TCP Congestion Control
Standard TCP End-to-end Congestion Control Methods
TCP Tahoe and TCP Reno in Request for Comment (RFC) 2001
An Improvement for the Reno algorithm—RFC 2581 and RFC 5681
TCP NewReno
TCP Throughput for a Real-World Download in Microsoft’s Windows XP
A Selective Acknowledgment (SACK)-Based Loss Recovery Algorithm
High-Speed TCP (HSTCP) Congestion Control Design Issues
CUBIC TCP
Loss-Based TCP End-to-End Congestion Control Summary
Delay-Based Congestion Control Algorithms
Compound TCP (CTCP)
The Adaptive Receive Window Size
TCP Explicit Congestion Control and Its Design Issues
The Absence of Congestion Control in UDP and TCP Compatibility
Concluding Remarks
References
Problems

SECTION 5 — CYBER SECURITY

Cyber Security Overview
Introduction
Security from a Global Perspective
Trends in the Types of Attacks and Malware
The Types of Malware
Vulnerability Naming Schemes and Security Configuration Settings
Obfuscation and Mutations in Malware
The Attacker’s Motivation and Tactics
Zero-Day Vulnerabilities
Attacks on the Power Grid and Utility Networks
Network and Information Infrastructure Defense Overview
Concluding Remarks
References
Problems

Firewalls
Overview
Unified Threat Management
Firewalls
Stateless Packet Filtering
Stateful/Session Filtering
Application-Level Gateways
Circuit-Level Gateways
A Comparison of Four Types of Firewalls
The Architecture for a Primary-Backup Firewall
The Windows 7/Vista Firewall as a Personal Firewall
The Cisco Firewall as an Enterprise Firewall
The Small Office/Home Office Firewall
Emerging Firewall Technology
Concluding Remarks
References
Problems

Intrusion Detection/Prevention System
Overview
The Approaches Used for IDS/IPS
Network-Based IDS/IPS
Host-Based IDS/IPS
Honeypots
The Detection of Polymorphic/Metamorphic Worms
Distributed Intrusion Detection Systems and Standards
SNORT
The TippingPoint IPS
The McAfee Approach to IPS
The Security Community’s Collective Approach to IDS/IPS
Concluding Remarks
References
Problems

Hash and Authentication
Authentication Overview
Hash Functions
The Hash Message Authentication Code (HMAC)
Password-Based Authentication
The Password-Based Encryption Standard
The Automated Password Generator Standard
Password-Based Security Protocols
The One-Time Password and Token
Open Identification (OpenID) and Open Authorization (OAuth)
Concluding Remarks
References
Problems

Symmetric Key Ciphers and Wireless LAN Security
Block Ciphers
Stream Ciphers
The US Government’s Cryptography Module Standards
Side Channel Attacks and the Defensive Mechanisms
Concluding Remarks
References
Problems

Public Key Cryptography, Infrastructure and Certificates
Introduction
The Digital Signature Concept
Public Key Cryptography Characteristics
Elliptic Curve Cryptography (ECC)
Certificates and the Public Key Infrastructure
Public Key Cryptography Standards (PKCS)
X.509 certificate and Private Key File Formats
U.S. Government Standards
Attacks Which Target the Public Key Infrastructure and Certificates
Email Security
Concluding Remarks
References
Problems

Secure Socket Layer/Transport Layer Security (SSL/TLS) Protocols for Transport Layer Security
Introductory Overview
The Handshake Protocol
Attacks on the Handshake Protocol
The Record Protocol
SSL/TLS Cryptography
Datagram Transport Layer Security (DTLS)
US Government Recommendations
Extended Validation SSL (EV-SSL)
Establishing a Certificate Authority (CA)
Web Server’s Certificate Setup and Client Computer Configuration
A Certificate Authority’s Self-Signed Root Certificate
Browser Security Configurations
Concluding Remarks
References
Problems

Virtual Private Networks for Network Layer Security
Network Security Overview
Internet Protocol Security (IPsec)
The Internet Key Exchange (IKE)
Data Link Layer VPN Protocols
VPN Configuration Procedure Examples
Concluding Remarks
References
Problems

Network Access Control and Wireless Network Security
An Overview of Network Access Control (NAC)
Kerberos
The Trusted Platform Module (TPM)
Multiple Factor Authentications: Cryptographic Tokens and TPM
802.1X
Enterprise Wireless Network Security Protocols
Concluding Remarks
References
Problems

Cyber Threats and Their Defense
Domain Name System (DNS) Protection
Router Security
Spam/Email Defensive Measures
Phishing Defensive Measures
Web-Based Attacks
Database Defensive Measures
Botnet Attacks and Applicable Defensive Techniques
Concluding Remarks
References
Problems

SECTION 6 — EMERGING TECHNOLOGIES

Network and Information Infrastructure Virtualization
Virtualization Overview
The Virtualization Architecture
Virtual Machine Monitor (VMM) Architecture Options
CPU Virtualization Techniques
Memory Virtualization
I/O Virtualization
Server Virtualization
Virtual Networking
Data Center Virtualization
Cloud Computing
Concluding Remarks
References
Problems

Unified Communications and Multimedia Protocols
Unified Communications (UC)/Unified Messaging (UM)
Internet Protocol Telephony and Public Service Telephone Network Integration
Implementations of Unified Communications
The Session Initiation Protocol (SIP)
The SIP Distributed Architecture
Intelligence in Unified Communications
The Media in a Session Initiation Protocol Session
The Real-Time Protocol (RTP) and Its Packet Format
The Real-Time Control Protocol (RTCP) and Quality of Service (QoS)
Integrated Services in the Internet
The Real-Time Streaming Protocol (RTSP)
Unified Communication/Unified Messaging Security
Concluding Remarks
References
Problems

Glossary of Acronyms

Index