Fundamentals of Cyber space

Introduction– Reinvented by Norbert Weiner in 1948, the term ‘cyber’ denotes anything related to computer, communications or network syastems. In the present world, they have become essential for our life. Relationships, governance, managements or war, all resonate now on the cyberspace. Security of the huge IOT systems is the biggest challenge today. Cyber offences or use of cyber tools for other offences, are not only becoming common, but also keep changing very fast. An institutionalized mechanism to upgrade our security & investigative abilities, is call of the hour.

To keep pace with time, we yearn to adopt cyber techniques in prevention & detection of crime.We need to setup cyber cells in every Zonal Rly. The instant handbook is meant to regulate and standardize their functioning, as well as to provide a foundation stone for their future progress.

Definitions-

• Computer-means any electronic, magnetic, optical or other high speed data processing device or system which performs logical, arithmetic and memory functions by manipulations of electronic. Magnetic or optical impulses and includes all inputs, output processing, storage, in a computer system or computer network. [Sec 2(1)(i), IT Act 2000]

Example:- A washing machine has a ‘fuzzy logic’ system and ‘read only memory’  but it cannot perform arithmetic calculations like addition, subtration, division etc. Then, that cannot be referred as a computer. Similar logic should be applied to other electronic devices.

• Central Processing Unit(CPU)- It is the most primary part of a computer which processes instructions/inputs with the use of arithmetic, logical operations to give output. Earlier it used to structure in a separate box, but now comes integrated with the monitor.
• Data- means a representations of information, knowledge, facts, concepts or instructions which are being prepared or have been prepared in a formalized manner, and has intented to be processed, is being processed or has been processed in a computer system or computer network, or may be any form(including computer printouts, magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer.[2(1)(o), ITA 2000]
• Random Access Memory(RAM)- It is the “primary memory chip” installed on motherboard of a computer system. It is considered volatile as data is lost as soon as power is turned off. But being a type of storage, it may contain important evidences. Data can be extracted only when the computer is in running state.
• Motherboard- It is a “printed circuit board” contained inside the computer cabinet, which allows communication between the electronic components of the system, such as CPU and memory. It also provides connection for other peripherals.
• Hard Disc- It is an electro-mechanical or solid-state device, which can store and retrieve digital information in electromagnetic forms. It is ‘secomdary memory’ of a computer.

Common types of hard discs:-

1. PATA(Parallel Advanced Technology Attachment)
2. SATA(Serial Advanced Technolgy Attachment)
3. SCSI(Small Computer System Interface)
4. SAS(Serial Attached SCSI)
5. ZIF(Zero Insertion Force)
6. SSD(Solid State Device)

• Computer system- means a device or collections of devices, including inputs and output support devices and excluding calculators which are not programmable and capable of being used in conjunction with external files, which contain computer progarms, electronic instructions, input data and output data that performs logic, arithmetic, data storage and retrieval, communication control and other functions;[Sec.2(1)(1),IT Act 2000]
• Communication Device- means cell phones, personal digital assistance, or combination of both or any other device used to communicate, send or transmit any text, video, audio, or images. [Sec. 2(1) (ha), IT Act 2000]
• Computer Network- It means the inter-connection of one or more computers or computer systems or communicate devices through-the use of satellite, microwave, terrestrial line, wire, wireless or other communication media; and [Sec. 2(1)(j), IT Act 2000]. Terminals or a complex consisting of two or more interconnected computers or communication device whether or not the interconnection is continuously maintained.
• Ethernet Hub/Switch- It is commonly used to connect segments of a Local Area Network(LAN) and acts as a common connection point for devices in a network. That could be vulnerable and insecure. A switch is a more intelligent device, which sends packet only to the intended ports. That provides better network efficiency and higher levels of security.
• Network Interface Controller- It is a computer hardware that provides a computer with the ability to access the transmission media. It has the ability to process low-level network information as well.
• MAC (Media Access Control) Address- Each network interface controller has a unique MAC address, usually stored in the NIC’s permanent memory given to it at the time of manufacture. It I a 12-digit hexadecimal nuber(e.g. d8:32:e3:fe:04:0e) assigned to the netwok interfaces which acts as unique identifier for them.
• Router- It is an inter-networking device which connects two or more networks; one may be the LAN and the other may be an internet. It forwards data packets between networks.
• Computer Resources- means computer, computer network, data, computer database or software. [Sec. 2(1)(k), IT Act 2000]
• Originator/Intermediary- Originator means a person who sends, generates, stores or transmits any electronic message; or cause any electronic message to be sent, generated, stored or transmitted to any other person but does not include an intermediary. On the other hand, with respect to that any particular electronic records, Intermediary means any person who on behalf of another person receives, stores or transmits that records or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online market places and cyber cafes. [Sec. 2(1)(za) & (w), IT Act 2000 respectively]

• Protocol- It is the set of rules which defines the way two devices can communicate across the network. FTP (File Trabsfer Protocol), TCP (Transmission Control Protocol/Internet protocol), HTTP (Hypertext Transfer Protocol) are some coomon examples.
• Internet/ World Wide Web- Internet is a comprehensive network of computers distributed across the globe. World Wide web(www) is the collection of web pages to be accessed by a user through internet, using the ‘http’ protocol. All the web pages registered with ‘www’ start with http://www or https://www. Thus, www is a means to access information in internet.
• Domain Name- It is unique name that identifies a website. It is virtual name of the website. These are developed to easily identify the entities on internet, rather than using IP addresses which are long string of numbers or alpha- numeric.

• IP Aaddress (Internet Protocol Address)- It is a unique numerical address given to every device participating in a network which uses TCP/IP protocol for communication. Two common versions of IP addresses are- IPv4 (e.g. 47.00.155.99, 32 bits) ang IPv6 (e.g. 2001:0:9d35:6ab5:1c84:3b1c:a95a:b2c5, 128 bits). The IPv6 is the most recent communication protocol that provides an identification and location system for computers on networks and routes traffic across the internet.

• Domain Name System- It is an internet service that translate domain names into IP addresses. They are alphabetic and hence easier to remember. However, the internet is actually based on IP addresses. Every time one use a domain name, the DNS service translates the domain name into the corresponding IP address.

• Cloud Computing- It is delivery of services through sharedresources, software and data that is provided to a computer over a network. A simple example is Google services, which provides e-mail, calendar services, word processing and data storage over the internet. It refers to a more distributed model, where data and resources are spread over many different physical computers, connected through internet.

• Internet of things- It is a network of (non- computer) physical devices connected to the internet and identifying themselves to other devices through communication methods like- Wi-Fi, RFID, QR codes etc. For example- a TV and its remote, a TV and a mobile connected to each other for streaming you tube over Wi-Fi etc.

• Indexing- It is a technique to efficiently retrieve data from the database of a network entity, based on some attributes. It is just like index of a book. The most common example is the details of the websites collected by Google and their retrieval, as and when required.

• VPN– It is a private network (or virtual tunnel), built over a public network with security mechanism like- encryption etc. It allows a user to securely access a network from different locations, even on a public or insecure network.

• IMEI/IMSI/SIM- International Mobile Equipment Identity(IMEI) is a 15-digit unique number given to every single mobile handset. IMEI of the cellphones connected to a GSM network are stored in EIR IEquipment Identity Register) database containing all valid mobile equipment. It consists four groups (nnnnnn-nn-nnnnn-n). The first group is type approval (TAC; country & assembly) code, the second group identities the manufacturer, the third group is the serial number of the mobile phone and the last group is an additional number, usually ‘0’. It can be viewed by typing *#06# on the handset. International Mobile subscriber Identity (IMSI) is a unique 15-20 digit code stored in a SIM for identificaion of the subscriber. Subscriber Identity Module (SIM) is a ‘portable memory chip’ that enaables identification of the subscriber and processing of the services offered by the service provider.

• CDR/IPDR- Call Detail Record is a data record of all the information related to the mobile call like- caller or called number, date & duration, incoming/outgoing messages etc., mandatorily stored by the service provider. Internet Protocol Detail Record (IPDR) is the data record which provides information about the internet protocol usage like- voice call on Whatsapp, duration of call, destination IP address etc. Subject to the Govt. guidelines, both are to be made available to the Law Enforcing Agencies(LEA) for investigation, intelligence or security puposes, as and when required.

• Hash Value- It is a numeric value of fixed length which identifies a data uniquely. Due its incorruptible nature, it can be considered as fingerprint of a file. In cyber forensics, it is used to ascertain integrity of the digital evidences.
• Write Blocker- These are devices which allow acquisition of information on a drive without creating the possibility of accidentally damaging the drive contents. They pass the read commands but block the write commands. They are used before imaging the data.

• SOC (System on Chip)- It is a circuit that integrates all components of a computer, like-CPU, memory, ports and storage etc.—on a single microchip, normally the size of a coin. Its components usually include a graphical processing unit (GPU), a central processing unit (CPU) that may be multi-core and a system memory (RAM). Depending on the application, it may contain digital, analog, or radio frequency signal processing functions.