Basic Idea Behind Computer Network

Published Date: 02 Nov 2017

Introduction:

This chapter talks about the literature and studies, which are connected and have direct manner to the anticipated study. It contains of recommended material about computer network; network Monitoring and intrusion detection System, and will also discuss the synthesis of the proposed study.

Related Literature

Basic Idea behind Computer Network:

The basic ideas in all types of communication are that there must be three ingredients for the communication to be effective. First, there must be two entities, dubbed a sender and a receiver. These two must have something they need to share. Second, there must be a medium through which the sharable item is channeled. This is the transmission medium. Finally, there must be an agreed-on set of communication rules or protocols. These three apply to every category or structure of communication.

[Kizza, 09]

Computer Network Characteristic:

What distinguishes a computer network from these other types of networks? Probably the most important characteristic of a computer network is its generality. Computer networks are built primarily from general-purpose programmable hardware, and they are not optimized for a particular application like making phone calls or delivering television signals. Instead, they are able to carry many different types of data, and they support a wide, and ever growing, range of applications. Today's computer networks are increasingly taking over the functions previously performed by single-use networks. This chapter looks at some typical applications of computer networks and discusses the requirements that a network designer who wishes to support such applications must be aware of.

[Peterson, 00]

Reasons For Installing Computer Networks:

Though electronic mail (e-mail) and the World Wide Web have evolved as critical uses of computer networks, there are other reasons to install and use a network. Often the first planned use of a network, and frequently the reason for the decision to network, is resource sharing. The increased use of personal computers and workstations emphasizes the importance of this facility. The advantages offered by networked small computers over a single, large, time-shared system include a superior price-performance ratio, better reliability through resource sharing, greater access to resources outside an organization, and easier growth of computing power through incremental addition of computer stations.

Not every characteristic of a networked system is an advantage, however. Distribution of disk space illustrates this point. In a single large system, all the disk space is available and can be divided among the users as needed. In a collection of workstations, the storage is distributed with the processing power. The decision about how much disk space each user will need is essentially static and made when the machine is purchased. If one user encounters a need for a very large block of storage, which is not available on the local machine, the fact that more than that amount of space is available on another machine may not help.

[Odom, 04]

Computer Network & Connectivity:

To understand the requirements of connectivity more fully, we need to take a closer look at how computers are connected in a network. Connectivity occurs at many different levels. At the lowest level, a network can consist of two or more computers directly connected by some physical medium, such as a coaxial cable or an optical fiber. We call such a physical medium a link, and we often refer to the computers it connects as nodes. (Sometimes a node is a more specialized piece of hardware rather than a computer, but we overlook that distinction for the purposes of this discussion.) As illustrated in Figure 1.2, physical links are sometimes limited to a pair of nodes (such a link is said to be point-to-point), while in other cases more than two nodes may share a single physical link (such a link is said to be multiple-access). Wireless links, such as those provided by cellular networks and Wi-Fi networks, are an increasingly important class of multiple-access links. It is often the case that multiple-access links are limited in size, in terms of both the geographical distance they can cover and the number of nodes they can connect.

[Shannon, 06]

Network Switching:

In the simplest terms, a switch is a mechanism that allows us to interconnect links to form a larger network. A switch is a multi-input, multi-output device that transfers packets from an input to one or more outputs. Thus, a switch adds the star topology to the point-to-point link, bus (Ethernet), and ring topologies established in the last chapter. A star topology has several attractive properties:

� Even though a switch has a fixed number of inputs and outputs, which limits the number of hosts that can be connected to a single switch, large networks can be built by interconnecting a number of switches.

� We can connect switches to each other and to hosts using point-to-point links, which typically means that we can build networks of large geographic scope.

� Adding a new host to the network by connecting it to a switch does not necessarily reduce the performance of the network for other hosts already connected.

[Kundu, 05]

Network Service Model:

A good place to start when you build an internetwork is to define its service model, that is, the host-to-host services you want to provide. The main concern in defining a service model for an internetwork is that we can provide a host-lo-host service only if this service can somehow be provided over each of the underlying physical networks, for example, it would be no good deciding that our internetwork service model was going to provide guaranteed delivery of every packet in 1 ms or less if there were underling network technologies that could arbitrarily delay packets.

The philosophy used in defining the IP service model, therefore, was to make it undemanding enough that just about any network technology that might turn up in an internetwork would be able to provide the necessary service.

[Kizza, 09]

Computer Network Types:

Local Area Network (LAN):

A computer network with two or more computers or clusters of network and their resources connected by a communication medium sharing communication protocols, and confined in a small geographical area such as a building floor, a building, or a few adjacent buildings, is called a local area network (LAN). The advantage of a LAN is that all network elements are close together so the communication links maintain a higher speed of data movement. Also, because of the proximity of the communicating elements, high-cost and quality communicating elements can be used to deliver better service and high reliability.

A wide area network (WAN):

(WAN), on the other hand, is a network made up of one or more clusters of network elements and their resources but instead of being confined to a small area, the elements of the clusters or the clusters themselves are scattered over a wide geographical area like in a region of a country, or across the whole country, several countries, or the entire globe like the Internet for example. Some advantages of a WAN include distributing services to a wider community and availability of a wide array of both hardware and software resources that may not be available in a LAN. However, because of the large geographical areas covered by WANs, communication media are slow and often unreliable.

[Kizza, 02]

Network Topology:

Computer networks, whether LANs or WANs, are constructed based on a topology. There are several topologies including the following popular ones.

Mesh:

A mesh topology allows multiple access links between network elements, unlike other types of topologies. The multiplicity of access links between network elements offers an advantage in network reliability because whenever one network element fails, the network does not cease operations; it simply finds a bypass to the failed element and the network continues to function. Mesh topology is most often applied in MAN networks.

Tree:

A more common type of network topology is the tree topology. In the tree topology, network elements are put in a hierarchical structure in which the most predominant element is called the root of the tree and all other elements in the network share a child-parent relationship. As in ordinary, though inverted trees, there are no closed loops; so dealing with failures of network elements presents complications depending on the position of the failed element in the structure. For example, in a deeply rooted tree, if the root element fails, the network is automatically ruptured and split into two parts.

A more popular topology, especially for LANs, is the bus topology. Elements in a network using a bus topology always share a bus and, therefore, have equal access to all LAN resources. Every network element has full-duplex connections to the transmitting medium, which allows every element on the bus to send and receive data. Because each computing element is directly attached to the transmitting medium, a transmission from any one element propagates through the entire length of the medium in either direction and therefore can be received by all elements in the network. Because of this, precautions need to be taken to make sure that transmissions intended for one element can be received by that element and no other element. The network must also use a mechanism that handles disputes in case two or more elements try to transmit at the same time. The mechanism deals with the likely collision of signals and brings a quick recovery from such a collision. It is also necessary to create fairness in the network so that all other elements can transmit when they need to do so.

A collision control mechanism must also improve efficiency in the network using a bus topology by allowing only one element in the network to have control of the bus at any one time. This network element is then called the bus master and other elements are considered to be its slaves. This requirement prevents collision from occurring in the network as elements in the network try to seize the bus at the same time. LANs commonly use a bus topology.

[Olifer, 06]

What Is Network Security:

Security is a continuous process of protecting an object from attack. That object may be a person, an organization such as a business, or property such as a computer system or a file. When we consider a computer system, for example, its security involves the security of all its resources such as its physical hardware components such as readers, printers, the CPU, the monitors, and others. In addition to its physical resources, it also stores non-physical resources such as data and information that need to be protected.

In a distributed computer system such as a network, the protection covers physical and non-physical resources that make up the network including communication channels and connectors like modems, bridges, switches, and servers, as well as the files stored on those servers. In each one of these cases, therefore, security means preventing unauthorized access, use, alteration, and theft or physical damage to these resources. Security as defined thus involves the following three elements:

1. Confidentiality: to prevent unauthorized disclosure of information to third parties. This includes the disclosure of information about resources.

2. Integrity: to prevent unauthorized modification of resources and maintain the status quo. It includes the integrity of system resources, information, and personnel. The alteration of resources like information may be caused by a desire for personal gain or a need for revenge.

3. Availability: to prevent unauthorized withholding of system resources from those who need them when they need them.

[Peterson, 00]

Physical Security:

A facility is physically secure if it is surrounded by a barrier like a fence, has secure areas both inside and outside, and can resist penetration by intruders. Physical security can be guaranteed if the following four mechanisms are in place: deterrence, prevention, detection, and response.

� Deterrence is usually the first line of defense against intruders who may try to gain access. It works by creating an atmosphere intended to frighten intruders. Sometimes this may involve warnings of severe consequences if security is breached.

� Prevention is the process of trying to stop intruders from gaining access to the resources of the system. Barriers include firewalls, DMZs, and use of access items like keys, access cards, biometrics, and others to allow only authorized users to use and access a facility.

� Detection occurs when the intruder has succeeded or is in the process of gaining access to the system. Signals from the detection process include alerts to the existence of an intruder. Sometimes these alerts can be real time or stored for further analysis by the security personnel.

� Response is an aftereffect mechanism that tries to respond to the failure of the first three mechanisms. It works by trying to stop and/or prevent future damage or access to a facility.

[Wang, 09]

Firewall:

A firewall is hardware or software used to isolate the sensitive portions of an information system facility from the outside world and limit the potential damage that can be done by a malicious intruder. Although there is no standardization in the structure of firewalls because it depends on the system and system manager's anticipated threat to the system, most firewalls are variations of the following three models:

� Packet filters: these are packet-level filters. They contain gates that allow packets to pass through if they satisfy a minimum set of conditions, and choke or prevent those packets that do not meet the entry conditions. The minimum conditions may require packets to have permissible origin or destination addresses, as determined by the network administrator. The filter firewalls can also configure and block packets with specific TCP or UDP packet port numbers and/or filter based on IP protocol types. a weakness of packet filters is that they cannot stop or filter a packet with malicious intent if the packet contains the permissible attributes.

� Proxy servers: With proxy servers, clients direct their requests for the application and the Internet connection through the server. If individual client requests conform to the pre-set conditions, then the firewall will act on the request; otherwise it is dropped. These firewalls require specialized client and server configurations depending on the application.

� State-full inspection: These firewalls combine the filter and proxy functionalities. Because of this, they are considered complex and more advanced. The conditions for a state-full inspection are, like the filter, based on a set of rules. But unlike filters, these rules are not based on TCP or UDP but on applications like proxy servers. They filter packets by comparing their data with archived friendly packets.

[Wang, 09]

Related Studies:

Network Intrusion Detection System:

According to [Admiral Grace Hopper, 89], Life was simple before World War II. After that, we had systems. [Northcutt, 03] study of Network intrusion detection system (IDS) found that these kinds of systems need a lot of data base library to make the system detect the actual attacks.

Also, He summarized the IDS into a simple system that try to detect the signs of a network intruder before damage is done, a service denied, or data lost. And he explained in his study the layer of intrusion detection, which consists according to him into automated tools, commonly referred to as host-based intrusion detection (HIDS). HIDS tools include anti-virus software, personal firewall and a new breed of software that protects system memory against buffer overflow attacks or enforces security policies.

[Mandalas, 05] conducted a study on how network Intrusion system can be improved through using a large online library instead of manual local database. And that helped a lot of companies to install IDS system into their network because it became much easier than before. Although he explained the idea behind the connection of the slandered protocols with IDS and make a fully integrated system.

[Caswell, 07] combined both intrusion system and firewall into an integrated system, which started to detect then block and filtering the traffic according to the online library. And that was a big step in the intrusion detection system. His system focused to provide the best of intrusion detection cycle and in other hand, the best protection by filtering and blocking the unwanted traffic.

Synthesis of the Study

Many studies have been made on computer network security and these studies discovered that network intrusion detection system has a serious problem conduct into the detection engine, which should detect the actual attacks. While it is true that intrusion detection system is an old technology but the development in this field was so much slow because of its complexity. Many companies are still unwilling to install this kind of systems into their network.

According to

Like the previous studies, my study dealt on intrusion detection system. I used the same structure as used by them, such as the integration of intrusion detection and firewall. However, unlike the previous studies, where the system automatically alarms the authorities, my study makes use of SMS to notify the homeowner for any untoward incidents. This would in a way enable the homeowner to monitor and know what is happening in their home even when away.