CHAPTER TWO
Networked
Communications
Prof. Hatem Abd-Elkader
Dr. Sherif M. Tawfik
1
Learning Objectives
1. Introduction
2. Introduction to Computer Networks
3. Challenges Posed by the Internet
4. Online Crimes
5. World Internet Censorship
6. Internet technologies as tools for censorship
7. Breaking trust
8. Cyberbullying
9. Proven Security Protocols and Best Practices
2
Introduction
• Networked communications integral to our
lives
– Internet
– Cellular networks
• Variety of uses
– Communicating
– Information gathering
– Shopping
– Game-playing
– Etc.
3
Far More People Have Access to Cell Phones
than Electricity or Clean Water
Charles Sturge/Alamy
4
Introduction to Computer Networks
• A computer network is a distributed system
consisting of loosely coupled computing elements
and other devices
– communicate through a wired or wireless medium.
• Communication is based on a set of
communicating rules called protocols.
• The hardware components of a computer network
consist of a collection of nodes that include:
– Hosts – as end systems,
– intermediate switching elements like hubs, bridges,
routers, and gateways.
5
• Two common network configuration models - the
centralized and distributed
• Computer networks- centralized or distributed, come
in different sizes depending on the number of
computers and other devices the network has.
• The number of devices, computers or otherwise, in a
network and the geographical area covered by the
network determine the network type:
– Local Area Network (LAN)
– Wide Area Networks (WANs)
– Metropolitan Area Networks (MANs)
6
The World Wide Web
• WWW : networked hypertext system
• Stimulated tremendous growth in popularity
of Internet
• Two important attributes
– It is decentralized
– Every Web object has a unique address
7
Challenges Posed by the Internet
• Many-to-many communications
• Dynamic connections
• Huge numbers of Web sites
• Extends beyond national borders, laws
• Hard to distinguish between minors and
adults
8
How We Use the Internet
• Shopping
• Socializing (e.g., Facebook)
• Contributing content (e.g., wikis)
• Blogging
• Visiting secret Web sites
• Crowdsourcing
• Learning
• Exploring our roots
• Entering virtual worlds
• Controlling the Internet of Things
• Paying taxes
• Gambling
• Taking humanitarian action
• Lots more!
9
Rise of the App
• People spending more time on smartphones
and tablets
• Using Web browsers awkward on mobile
devices
• Mobile apps replace Web browsers as way
to access Internet on mobile devices
10
Example : Twitter
• Web-based social networking service
• More than 200 million users
• Blogging tool
• Business promotion
• Role in Arab Spring uprisings debated
– (+) Social networks lead to politicization
– (-) Ties in social networks too weak for high-
risk activism
11
Online Crimes
• An online crime is a crime like any other crime, except it involves a connected
computing system either as an object of a crime, an instrument used to commit a
crime or a repository of evidence related to a crime.
• The International Convention of Cyber Crimes and the European Convention
on Cyber Crimes both list the following crimes as online crime [1]:
– Unlawful access to information
– Illegal interception of information
– Unlawful use of telecommunication equipment.
– Forgery with use of computer measures
– Intrusions of the Public Switched and Packet Network
– Network integrity violations
– Privacy violations
– Industrial espionage
– Pirated computer software
– Fraud using a computing system
– Internet/email abuse
– Using computers or computer technology to commit murder, terrorism,
pornography, and hacking.
12
The Spam Epidemic (1/3)
• Spam: Unsolicited, bulk email
• Spam is profitable
– $10 to send an ad to a million email addresses
– More than 30,000 times cheaper than “junk mail”
• Amount of email that is spam has ballooned
– 8% in 2001
– 90% in 2009
13
The Spam Epidemic (2/3)
14
This figure shows the major types of products and services hawked
through spam e-mail messages and the industries that receive15the
most spam.
The Spam Epidemic (3/3)
• How firms get email addresses
– Web sites, chat-room conversations, newsgroups
– Computer viruses harvest addresses from PC address books
– Dictionary attacks
– Contests
• Most spam sent out by bot herders who control huge
networks of computers
• Spam filters block most spam before it reaches users’
inboxes
16
Jeremy Jaynes
17
World Internet Censorship
18
What do people think about Censorship?
Georgia Institute of Technology’s College of Computing surveyed
people online 19
Is Internet Censorship possible?
• Internet is immense - Tracking down criminals is an extremely
hard task.
• Internet is anonymous - Difficult to determine the identity & age
of user.
• Internet has no physical boundaries – Hard to tell when a law is
broken.
• Once any information is posted online, deleting this material
becomes almost impossible.
– Duplication of information.
– Spam mail.
• Anti-Spam and Popup blockers are inefficient.
20
Why is Internet Censorship Hard?
• Government would have to monitor:
• E-mail
• News
• Forum/website
• IRC (Internet Relay Chat) channels
• Database linked to a server
• FTP (File Transfer Protocol) sites
• Costly and time consuming.
• Tracking every move of every individual in this world is almost
impossible.
21
Internet Impact
• Internet has attracted people in the Entertainment, Marketing &
Business fields.
• Piracy plays a huge role in the impact of the Internet (Hackers,
Crackers, Phreakers).
• Free distribution of games, applications, movies, and mp3 damaged
software, film, and music industry.
• Internet “Underground” sparked possible Internet censorship
ideologies.
• In October 1998, United States passed the Digital Millennium
Copyright Act (DMCA) that made software cracking and distributing
illegal.
• In May 22, 2001, Europe passed the European Union Copyright
Directive (EUCD).
• Distribution of illegal software still remains, eliminating piracy
would be as hard as tracking down every single computer in this
world. 22
Internet technologies as tools for
censorship
23
Internet technologies as tools for
censorship
1. Cancelbots
– Certain Internet technologies, such as Usenet news, have shown
themselves vulnerable to cancellation of previously published
information, for example through the use of cancelbots.
– A cancelbot is a robot program that sends a message to one or
more Usenet newsgroups to cancel, or remove from posting, a
certain type of message.
• It searches for messages matching a certain pattern, whether it
is a duplicate message or offensive material, and sends out
cancels for them.
• When a message has been cancelled, its status is changed to
‘cancel,’ and the Usenet servers will no longer post them.
24
Internet technologies as tools for
censorship
2. Encryption
• We have seen that encryption technology protects confidentiality and
privacy and can thereby enable freedom of expression. However,
control of, and access to, the same technology can undermine free
speech.
• Examples are the intercepting of e-mail and other forms of electronic
communication by governments and state agencies, and the
monitoring of employees in workplaces.
25
Internet technologies as tools for
censorship
3. Content filters
• A web filter is a piece of software that prevents certain web
pages from being displayed by a browser.
– While a browser application is running, the filter runs as a background
process, checking every page your browser attempts to load.
– If the filter determines the page is objectionable, it prevents the browser from
displaying it.
• Filters can be installed on individual computers, or an ISP may
provide filtering services for its customers. Programs designed to be
installed on individual computers, such as Cyber Sentinel, eBlaster,
and Spector PRO can be set up to e-mail parents as soon as they
detect an inappropriate web page. It also allows parents to look at
logs showing the pages their children have visited. 26
Internet technologies as tools for
censorship
3. Content filters (cont.)
• Filtering software is also used in libraries, educational institutions
and other areas of public Internet use, especially those to which
children have access.
• Typical filters use two different methods to determine if a page
should be blocked.
– The first method is to check the URL of the page against a blacklist of
objectionable sites. If the web page comes from a blacklisted site, it is not
displayed.
– The second method is to look for combinations of letters or words that may
indicate a site has objectionable content.
27
Internet technologies as tools for
censorship
28
Governmental Filtering and
Surveillance
• North Korea: Internet virtually inaccessible
• Saudi Arabia: centralized control center
• China
– Blocks Internet access at times of social unrest
– Has “one of most sophisticated filtering systems in the world”
• Germany: Forbids access to neo-Nazi sites
• United States: Repeated efforts to limit access of minors to
pornography
29
Self-censorship
• Most common form of censorship
• Group decides for itself not to publish
• Reasons
– Avoid subsequent persecution
– Maintain good relations with government officials
(sources of information)
• Ratings systems created to advise potential
audience
– Movies, TVs, CDs, video games
30
INTERNET MONITORING &
CENSORSHIP
• Pros:
– Protecting children (Child violence and
pornography).
– Control of terrorist activities.
– Crime control.
• Cons:
– Violate freedom of speech.
– Violate media freedom.
– Limited access to extensive source of information.
31
Breaking Trust
32
Identity Theft (1/2)
• Identity theft: When a person uses another person’s
electronic identity
• Leading form of identity theft is credit card fraud
• Financial institutions contribute to problem by making it
easy to open new accounts
• In 2012 about 7% of adults in U.S. reported being
victims
• 50% of these victims reported losses exceeding $100
• Consumer’s liability for credit card losses limited to $50
33
Identity Theft (2/2)
• Nearly half of cases from lost credit card, checkbook, etc.
• College students 5 times more likely to be victims
• In 19% of cases, credit card number stolen at time of
making purchase (skimmers)
• About 1 million cases of identity theft annually in United
States from online activities
• Phishing: Use of email to attempt to deceive people into
revealing personal information
• Identity theft a federal crime, but only 1 in 700 cases
results in an arrest
34
Fake Reviews
• Survey of North Americans in 2014
– 88% used online reviews in past year
– 39% read reviews regularly
– Restaurants, hotels, doctors and dentists, beauty salons
• Significant percentage of reviews are fraudulent
• Yelp spends millions of dollars annually to
identify and remove fake reviews
35
Online Predators
• Instant messaging: software supporting
real-time “chat” over the Internet
– Kik Messenger, Whisper: popular apps
• Child predators use apps to find victims
36
CYBER BULLYING
• Being cruel to others by sending or posting harmful
material using technological means.
• An individual or group that uses information and
communication involving electronic technologies to
facilitate deliberate and repeated harassment or threat to
an individual or group.
• In a 2009 survey, 10% admitted to cyberbullying, and
19% said they had been cyberbullied
• Also known as: ‘Electronic Bullying’ & ‘Online Social
Cruelty’
37
How is Cyberbullying Different
from Traditional Bullying?
Victims often don’t know who the bully is or why
they are targeted
Viral – large number of people can find out about it
very quickly
Can be done from a distance and the bully doesn’t
have to see the person’s response (impersonal)
Many adults don’t have technical skills to monitor or
respond
• This has caused adults to be slow to respond which,
in turn, gives the cyberbullying the belief that there
are little to no consequences 38
Defense Against Online Crimes
• Prevention – one of the oldest and probably the
best defence mechanism against online crimes.
39
Students are asked to give
presentation About Best Apps and
Products to Prevent Cyberbullying
https://www.parents.com/
kids/safety/internet/best-apps-
prevent-cyberbullying/
40
Proven Security Protocols and Best
Practices
• There are hundreds of security protocols
and best practices in use today
• The problem for security professional is to
find the best
• Major categories are:
41
• Authentication - a process of validating the
identity of someone or something.
– uses information provided to the authenticator to
determine whether someone or something is in fact who or
what it is declared to be.
– requires one to present credentials or items of value to the
authenticating agent in order to prove the claim of who one
really is.
– items of value or credential are based on: something
you know, something you have, or something you are:
• Something you know: may be something you mentally
possess like a password, a secret word known by the
user and the authenticator. This technique of
authentication is cheap but has weaknesses like
memory lapses.
42
• Something you have:, may be any form of issued or
acquired self identification such as SecurID,
Activcard, or any other forms of cards and tags. This
authentication technique is slightly safer.
• Something you are: These are individual physical
characteristic such as voice, fingerprint, iris pattern
and other biometrics. Biometric authentication are
the safest form of authentication.
• Authentication methods include:
– password
– public-key
– anonymous
– certificate-based
43
• Access Control - a process of determining how access
to the system’s potential resources can be provided to
each of the system users.
– Several control techniques and technologies have been
developed to deal with this problem; they include: Access
Control Matrix, Capability Tables, Access Control Lists,
Role-Based Access Control, Rule-Based Access Control,
Restricted Interfaces, Content-Dependent Access Control and
biometrics.
• Legislation - process of enacting laws intended to curb
the growth of these crimes.
– Sometimes enforceable laws can be productive.
• Self-regulation - individuals finding ways to regulate
objectionable material from reaching the children. This
has become the cornerstone of efforts to stop the
growing rate of online crimes.
44
• Detection - mechanisms for preventing online
crimes through 24-hour monitoring systems
that continuously capture, analyze, and report
on the daily happenings in and around the
network.
• Recovery - a process that consists of two sub
processes:
– Analysis involving taking as much data as possible
gathered during the last intrusion and analysing it for
patterns that can be used in future for a response, for
detection in future, and for prevention.
– Recovery requiring the use of all available resources to
mitigate the problem in progress, recover whatever can be
recovered and build new data in place of or to replace the
destroyed data.
45