type
Post
status
Published
date
Apr 15, 2026
slug
COMP1323NetworksandSecurityNotes
summary
COMP1323 Networks and Security Notes
tags
文字
Notes
Study
学习
category
Note Sharing
icon
password
Chapter 1: Introduction
🔹 1. What is the Internet?
- “Network of networks”: Interconnected ISPs (Internet Service Providers) and networks that enable global communication.
- Two perspectives:
- Nuts and Bolts View: Physical components (hosts, routers, links, protocols).
- Service View: Provides infrastructure for applications (web, email, VoIP, IoT, streaming, etc.).
1. 什么是互联网?
- “网络的网络”:互相连接的互联网服务提供商(ISPs)和其他网络,使得全球通信成为可能。
- 两种视角:
- 设备视角:物理组件(主机、路由器、链路、协议)。
- 服务视角:为各种应用(如网页、电子邮件、VoIP、物联网、流媒体等)提供基础设施。
📌 Key Components:
Component | Description |
Hosts (End Systems) | Devices running apps (laptops, phones, servers, IoT devices). |
Routers / Switches | Packet switches that forward data between networks. |
Communication Links | Physical media: fiber, copper, radio, satellite. |
Bandwidth (R) | Transmission rate (bps) of a link. |
Protocols | Rules governing message format, order, and actions (e.g., TCP, IP, HTTP, WiFi). |
ISPs | Provide access to the Internet: Local → Regional → Tier-1 (global). |
Content Providers | Google, Netflix, Microsoft — run private networks to serve content closer to users. |
IXP (Internet Exchange Point) | Physical location where ISPs peer (exchange traffic directly). |
💡 Fun Fact: From web-enabled toasters to Fitbits — the Internet connects everything (IoT).
📌 关键要素:
组件 | 描述 |
主机(终端系统) | 运行应用程序的设备(笔记本、手机、服务器、物联网设备) |
路由器 / 交换机 | 在网络之间转发数据的数据包交换设备 |
通信链路 | 物理媒介:光纤、双绞铜线、无线电、卫星 |
带宽 (R) | 链路的传输速率 (bps) |
协议 | 控制消息格式、顺序和操作的规则(例如:TCP、IP、HTTP、WiFi) |
ISPs | 提供互联网接入:本地 → 区域 → 全球(Tier-1) |
内容提供商 | Google、Netflix、Microsoft — 运行私有网络以更接近用户地提供内容 |
IXP(互联网交换点) | ISP 之间的物理地点(交换流量) |
💡 有趣知识点:从联网烤面包机到 Fitbit —— 互联网连接的是 万物(IoT)
🔹 2. What is a Protocol?
- Definition: A set of rules that govern communication between devices.
- Human analogy: “Hello”, “What time is it?”, handshakes.
- Network protocol example:
- Key elements:
- Message format
- Message order
- Actions taken on send/receive
🔹 2. 什么是协议?
- 定义:一组规定设备之间通信的规则。
- 人类类比:”你好“、“几点了?“、握手。
- 网络协议示例:客户端: "GET /index.html" → 服务器: "200 OK" + HTML
- 关键要素:
- 消息的格式
- 消息的顺序
- 发送/接收时所采取的操作
📌 Examples:
Protocol | Function |
HTTP | Web page retrieval |
TCP/IP | Reliable data transfer + addressing |
WiFi (802.11) | Wireless LAN access |
4G/5G | Mobile cellular access |
Ethernet | Wired LAN access |
✅ RFCs (Request for Comments) = Official Internet standards documents.✅ IETF = Organization that develops and promotes these standards.
📌 示例:
协议 | 功能 |
HTTP | 获取网页 |
TCP/IP | 可靠数据传输 + 地址分配 |
WiFi(802.11) | 无线局域网接入 |
4G/5G | 移动蜂窝网络接入 |
以太网 | 有线局域网接入 |
✅ RFC(请求评论) = 官方互联网标准文件✅ IETF = 研发并推广这些标准的组织
🔹 3. Network Edge
➤ Hosts
- Clients → Request services (e.g., your laptop browsing a website).
- Servers → Provide services (e.g., Google’s server hosting Gmail). → Often located in data centers.
🔹 3. 网络边缘
➤ 主机
- 客户端 → 请求服务(例如,你的笔记本浏览网站)。
- 服务器 → 提供服务(例如,Google 的服务器托管 Gmail) → 常常位于 数据中心 中。
➤ Access Networks
How end systems connect to the edge router:
Type | Description | Key Features |
Residential (Cable) | HFC (Hybrid Fiber Coax) | Up to 1.2 Gbps down, 30–100 Mbps up; shared bandwidth |
Residential (DSL) | Uses phone line | 24–52 Mbps down, 3.5–16 Mbps up; dedicated line |
Wired Ethernet | LAN in homes/offices | 100 Mbps – 10 Gbps |
WiFi (WLAN) | IEEE 802.11 | 54 Mbps – 450 Mbps; within ~100 ft |
Cellular (4G/5G) | Mobile networks | 10s–100s Mbps; coverage ~10 km |
Enterprise | Company/university | Mix of Ethernet (wired) and WiFi; connects to ISP via router |
Data Center | High-speed server farms | Links: 10s–100s Gbps; hundreds to thousands of servers |
🔧 Home Network: Cable/DSL modem → Router (with NAT, firewall) → WiFi/Ethernet → devices.
➤ 接入网络
终端系统如何连接到 边缘路由器:
类型 | 描述 | 关键特点 |
家庭网络(有线) | HFC(混合光纤同轴) | 下载速度最高 1.2 Gbps,上传 30–100 Mbps;共享带宽 |
家庭网络(DSL) | 使用电话线 | 下载 24–52 Mbps,上传 3.5–16 Mbps;专用线路 |
有线以太网 | 家庭或办公室内的局域网 | 100 Mbps – 10 Gbps |
WiFi(无线局域网) | IEEE 802.11 | 54 Mbps – 450 Mbps;在约 100 英尺内 |
蜂窝网络(4G/5G) | 移动网络 | 10 到 100 Mbps;10 公里范围 |
企业网络 | 公司/大学用网络 | 混合以太网(有线)与 WiFi;通过路由器连接至 ISP |
数据中心 | 高速服务器群 | 链路速率 10–100 Gbps;数百到数千台服务器 |
🔧 家庭网络:电缆/DSL 调制解调器 → 路由器(有 NAT 和防火墙) → WiFi/Ethernet → 设备
🔹 4. Network Core
➤ Key Functions:
Function | Description |
Forwarding | Local: Move packet from input link → output link using forwarding table (router). |
Routing | Global: Determine end-to-end path using routing algorithms (e.g., OSPF, BGP). |
🔹 4. 网络核心
➤ 关键功能:
功能 | 描述 |
转发 | 在本地,使用 转发表(路由器)将数据包从输入链路转到输出链路 |
路由 | 全局,使用 路由算法(如 OSPF、BGP)确定端到端路径 |
➤ Two Switching Techniques:
Circuit Switching | Packet Switching |
Dedicated path reserved for call (e.g., traditional phone) | Data broken into packets; routed independently |
Fixed bandwidth allocated | Shared bandwidth; dynamic allocation |
Delay: Constant | Delay: Variable (due to queueing) |
No loss if bandwidth sufficient | Loss possible if buffer overflows |
Inefficient for bursty traffic | Efficient for bursty traffic |
Uses FDM or TDM | Uses store-and-forward |
➤ 两种交换技术:
电路交换 | 分组交换 |
为通话保留专用路径(例如传统电话) | 数据被分成分组并独立传输 |
固定带宽分配 | 共享带宽;动态分配 |
延迟:恒定 | 延迟:可变(由于排队) |
带宽充足时不丢失 | 缓存溢出时可能发生丢失 |
对突发流量效率低下 | 对突发流量效率高 |
使用 FDM 或 TDM | 使用 存储-转发方式 |
💡 Circuit Switching Techniques:
- FDM (Frequency Division Multiplexing): Each user gets a unique frequency band.
- TDM (Time Division Multiplexing): Each user gets time slots in sequence.
➤ Packet Switching: Store-and-Forward
- Transmission delay:
d_trans = L / R→ L = packet size (bits), R = link speed (bps)
- Queueing delay: Time waiting in router buffer.
- Entire packet must arrive before forwarding → causes delay but enables sharing.
➤ Example: Circuit vs Packet Switching
1 Gbps link, each user active 10% of the time at 100 Mbps→ Circuit: Max 10 users (1 Gbps / 100 Mbps)→ Packet: Can support 35+ users with negligible probability (>10 active at once) ≈ 0.0004
✅ Packet Switching Advantages:
- Better for bursty traffic
- No call setup
- More efficient resource use
❌ Packet Switching Drawbacks:
- Variable delay → bad for real-time apps
- Packet loss → requires congestion control and retransmission
🔄 Q: How to make packet switching “circuit-like”?→ Use QoS (Quality of Service), traffic shaping, prioritization (covered later).
💡 电路交换技术:
- FDM(频分复用):每用户分配一个独一无二的频率带宽。
- TDM(时分复用):按照顺序为每用户分配时间片。
➤ 分组交换:存储-转发
- 传输延迟:
d_trans = L / R→ L = 分组大小(位),R = 链路速率(bps)
- 排队延迟:在路由器缓存中等待的时间。
- 整个分组必须到达后才能转发 → 会带来延迟,但允许共享。
➤ 例子:电路交换 vs 分组交换
1 Gbps 链路,每个用户 10% 时间的 100 Mbps 活动→ 电路交换:最多支持 10 用户 (1 Gbps / 100 Mbps)→ 分组交换:可支持 35+ 用户,同时有超过 10 个用户活动的概率极低 ≈ 0.0004
✅ 分组交换的优势:
- 更适合突发流量
- 没有呼叫建立的过程
- 更高效地利用资源
❌ 分组交换的劣势:
- 延迟可变 → 不适合实时应用
- 分组丢失 → 需要拥塞控制和重传
🔄 问题:如何让分组交换具有“电路交换”特征?→ 使用 QoS(服务质量)、流量整形、优先级标记(后面会讲到)
🔹 5. Performance Metrics
➤ Four Sources of Delay
d_nodal = d_proc + d_queue + d_trans + d_prop🔹 5. 性能指标
➤ 四种延迟来源
d_nodal = d_proc + d_queue + d_trans + d_propDelay Type | Formula | Description |
Processing (d_proc) | < 1 µs | Check for errors, determine output link |
Queueing (d_queue) | Varies | Time in router buffer; depends on congestion |
Transmission (d_trans) | L / R | Time to push packet out onto link |
Propagation (d_prop) | d / s | Time for bit to travel physical distance; s ≈ 2×10⁸ m/s |
延迟类型 | 公式 | 描述 |
处理延迟(d_proc) | < 1 微秒 | 检查错误,确定输出链路 |
排队延迟(d_queue) | 不确定 | 路由器缓存中等待的时间;依赖于拥塞情况 |
传输延迟(d_trans) | L / R | 将数据包推出链路所需的时间 |
传播延迟(d_prop) | d / s | 比特在物理距离上传播所需的时间; s ≈ 2×10⁸ m/s |
✅ Caravan Analogy (L=10 bits, R=10 bit/sec, d=100 km, s=100 km/hr):
- Time to transmit caravan = 120 sec
- Propagation time = 1 hr
- Total = 1 hr 52 min
✅ 车队类比(L = 10 位,R = 10 位/秒,d = 100 公里,s = 100 公里/小时):
- 车队传输时间 = 120 秒
- 传播时间 = 1 小时
- 总计 = 1 小时 52 分
➤ Traffic Intensity: La / R
L= packet size (bits)
a= average packet arrival rate (packets/sec)
R= link rate (bps)
➤ 流量强度:La/R
L= 分组大小(位)
a= 平均分组到达率(分组/秒)
R= 链路速率(bps)
La/R | Queueing Delay |
≈ 0 | Very low |
→ 1 | Very high → unstable |
> 1 | Infinite delay (buffer overflow → loss) |
La/R | 排队延迟 |
≈ 0 | 非常低 |
→ 1 | 非常高 → 不稳定 |
> 1 | 无限延迟(缓存溢出 → 丢包) |
➤ Throughput
- Definition: Rate bits are delivered from sender to receiver.
- Bottleneck Link: The link with the lowest capacity on the path determines end-to-end throughput.
- e.g., If server link = 100 Mbps, client link = 10 Mbps → Throughput = 10 Mbps
- Shared bottleneck:
If N users share link of rate R → per-user throughput ≈
min(Rc, Rs, R/N)
➤ Packet Loss
- Occurs when buffer (queue memory) fills up.
- Packets are dropped → may be retransmitted (e.g., TCP) or discarded (e.g., UDP).
- Detected via traceroute ( = timeout/loss).
➤ Traceroute
- Sends 3 packets with TTL=1,2,3,… → each router returns ICMP error
- Measures delay to each hop
- Reveals network path and latency spikes
➤ 吞吐量
- 定义:从发送端到接收端,数据以多少位每秒传输。
- 瓶颈链路:路径上传输的所有链路中,容量最低的链路决定端到端的吞吐量。
- 例如,如果服务器链路为 100 Mbps,客户端链路为 10 Mbps → 吞吐量 = 10 Mbps
- 共享瓶颈:
如果 N 个用户共享速率为 R 的链路 → 每个用户的吞吐量 ≈
min(Rc, Rs, R/N)
➤ 丢包
- 当缓存(队列内存)满了时发生丢包。
- 分组被丢弃 → 可能重新传输(如 TCP)或直接丢弃(如 UDP)。
- 通过 traceroute( = 超时/丢包)进行检测。
➤ traceroute
- 发送 3 个包,TTL = 1,2,3,… → 每个路由器返回 ICMP 错误。
- 测量到每个跳转点的延迟。
- 揭示网络路径和延迟峰值。
👉 Example:1 cs-gw (1ms)2 border1… (1ms)3 ...8 62.40… (104ms) ← trans-oceanic jump!
👉 举个例子:
1 cs-gw(1ms)
2 border1...(1ms)
3 ...
8 62.40...(104ms)← 跨洋跳跃!
🔹 6. Network Security (Critical!)
Original Internet Vision: “Mutually trusting users on a transparent network” → ❌ No security by design
🔥 Common Attacks:
Attack | Description |
Packet Sniffing | Capture packets on shared media (e.g., WiFi) → steal passwords (Wireshark) |
IP Spoofing | Send packet with fake source IP → impersonate another host |
Denial of Service (DoS/DDoS) | Overwhelm server with traffic from botnet (compromised devices) → service unavailable |
攻击 | 描述 |
数据包嗅探 | 在共享媒介(如 WiFi)上捕获数据包 → 盗取密码(Wireshark) |
IP 欺骗 | 发送带有 伪造源 IP 的数据包 → 模仿其他主机 |
拒绝服务(DoS/DDoS) | 用 僵尸网络(被入侵设备)生成的流量淹没服务器 → 服务不可用 |
✅ Defense Mechanisms:
Technique | Purpose |
Authentication | Prove identity (e.g., SIM cards in mobile) |
Encryption | Confidentiality (e.g., TLS, AES) |
Digital Signatures | Integrity + non-repudiation |
Firewalls | Filter packets by IP/port/protocol; block malicious traffic |
VPNs | Encrypted tunnels over public networks |
技术 | 目的 |
身份验证 | 证明身份(如手机中的 SIM 卡) |
加密 | 保密性(如 TLS、AES) |
数字签名 | 完整性 + 不可抵赖性 |
防火墙 | 根据 IP/端口/协议过滤数据包,阻止恶意流量 |
虚拟专用网络(VPN) | 在公共网络上传输加密通道 |
⚠️ Security is needed at every layer: Application, Transport, Network, Link, Physical.⚠️ 安全需要在每一层实现:应用层、传输层、网络层、链路层、物理层
🔹 7. Protocol Layers & Encapsulation (CORE EXAM TOPIC!)## 协议分层与封装
➤ Internet Protocol Stack (5 layers) ➤ 互联网协议堆栈(5 层)
Layer | Name | Function | Protocols |
1 | Application | End-user programs | HTTP, SMTP, DNS, FTP, Zoom |
2 | Transport | Process-to-process delivery | TCP (reliable), UDP (unreliable) |
3 | Network | Host-to-host routing | IP, ICMP, Routing Protocols (BGP, OSPF) |
4 | Link | Node-to-node data transfer | Ethernet, WiFi (802.11), PPP |
5 | Physical | Bits on wire | Fiber, copper, radio signals |
层级 | 名称 | 功能 | 协议 |
1 | 应用层 | 用户端程序 | HTTP、SMTP、DNS、FTP、Zoom |
2 | 传输层 | 进程到进程通信 | TCP(可靠)、UDP(不可靠) |
3 | 网络层 | 主机到主机路由 | IP、ICMP、路由协议(BGP、OSPF) |
4 | 链路层 | 节点到节点数据传输 | 以太网、WiFi(802.11)、PPP |
5 | 物理层 | 有线上的比特 | 光纤、双绞铜线、无线电信号 |
✅ No Presentation/Session layers (unlike OSI).→ Those services implemented in application layer if needed.✅ 注意:互联网堆栈中没有表示层与会话层(不同于 OSI)→ 如果有需要,这些服务会在应用层实现。
➤ Encapsulation (Take this seriously!)
- Each layer adds its own header (and sometimes trailer) to data from layer above.
- Analogous to Matryoshka dolls (Russian nesting dolls).
➤ 封装(请重视!)
- 每一层都在数据中添加自己的头部(有时包括尾部)。
- 类似于俄式套娃(嵌套娃娃)。
Layer | Data Unit | Encapsulation Flow |
Application | Message (M) | → |
Transport | Segment = (Ht + M) | Ht = TCP/UDP header |
Network | Datagram = (Hn + Ht + M) | Hn = IP header |
Link | Frame = (Hl + Hn + Ht + M) | Hl = Ethernet header/trailer |
Physical | Bits | ➔ transmitted over medium |
层级 | 数据单元 | 封装流程 |
应用层 | 消息 (M) | → |
传输层 | 段 = (传输层头部 + 消息) | 传输层头部 = TCP/UDP 头部 |
网络层 | 分组 = (网络层头部 + 传输层头部 + 消息) | 网络层头部 = IP 头部 |
链路层 | 帧 = (链路层头部 + 网络层头部 + 传输层头部 + 消息) | 链路层头部/尾部 = 以太网头部/尾部 |
物理层 | 比特 | ➔ 在媒介上传输 |
✅ Encapsulation at Each Node:
- Sender: Adds headers → downward through layers
- Router: Reads IP header → forwards → strips link header → adds new link header → sends
- Receiver: Removes headers bottom-up → delivers M to app
✅ 每个节点的封装过程:
- 发送端:添加头部 → 向下通过各层
- 路由器:读取 IP 头部 → 转发 → 剥离链路头部 → 添加新的链路头部 → 发送
- 接收端:自下而上剥离头部 → 将消息(M)递交给应用层
💡 Key Exam Question:“What parts of the original message arrive at the destination?”→ The entire payload M — headers are stripped away!💡 关键考试问题:
→ 整个有效载荷 M —— 头部被剥离掉了!
➤ OSI Model (For Awareness)
Layer | Name |
7 | Application |
6 | Presentation (encryption, compression) → Not in Internet |
5 | Session (sync, checkpoint) → Not in Internet |
4 | Transport |
3 | Network |
2 | Data Link |
1 | Physical |
层级 | 名称 |
7 | 应用 |
6 | 表示层(加密、压缩)→ 未在互联网层中使用 |
5 | 会话层(同步、检查点)→ 未在互联网层中使用 |
4 | 传输 |
3 | 网络 |
2 | 数据链路 |
1 | 物理 |
❗ 重要:互联网堆栈 不使用 表示层与会话层 —— 合并到应用层中。❗ Important: Internet stack does not use Presentation/Session — roll into Application layer.
🔹 8. Internet History (Timeline Summary)
Year | Milestone |
1961 | Kleinrock → Packet switching theory |
1964 | Baran → Military packet networks |
1969 | First ARPAnet node |
1972 | First email, NCP protocol, 15 nodes |
1974 | Cerf & Kahn → TCP/IP architecture (basis of today’s Internet) |
1983 | TCP/IP replaces NCP → Birth of modern Internet |
1983–85 | DNS, FTP, SMTP defined |
1988 | TCP Congestion Control implemented |
1991 | NSF lifts commercial restrictions |
1993 | Mosaic Browser → Web explosion |
1990s–2000s | Web, P2P, mobile, security become critical |
2008 | SDN (Software Defined Networking) emerges |
2010s | 4G/5G, Cloud (AWS, Azure), IoT surge |
2017 | More mobile than fixed devices |
2023 | ~15 billion Internet-connected devices |
💡 Key Takeaway: Internet evolved from research project → global utility → critical infrastructure
✅ Final Summary Checklist (Exam Must-Knows)
Topic | Must Know? |
Internet = Network of Networks | ✔️ |
Hosts/End Systems, Routers, Links | ✔️ |
That’s a protocol? → Rules → Format, Order, Actions | ✔️ |
Circuit vs Packet Switching → Pros/Cons, Efficiency, FDM/TDM | ✔️✔️ |
Store-and-forward, d_trans = L/R | ✔️ |
4 Delays: Proc, Queue, Trans, Prop → Know formula for Trans/Prop | ✔️ |
Traffic Intensity = La/R → >1 = loss | ✔️ |
Throughput = bottleneck rate | ✔️ |
Packet loss = buffer overflow | ✔️ |
Security threats: Sniffing, Spoofing, DoS → Defenses: Encryption, Firewalls | ✔️✔️ |
5-Layer Stack (Application → Physical) → Protocols per layer | ✔️✔️ |
Encapsulation: M → Segment → Datagram → Frame → Bits | ✔️✔️✔️ (Draw it!) |
OSI layers: Presentation & Session NOT in Internet stack | ✔️ |
Internet History: Key years (1969, 1974, 1983, 1991, 2008, 2023) | ✔️ |
🧠 Exam Tips
- Draw the encapsulation stack with headers/footers — you’ll lose marks if you skip this!
- Traceroute output analysis: What do mean? Why does delay jump at hop 8?
- Compare circuit vs packet using the 100 Mbps user example.
- Remember: “The Internet didn’t plan for security — we’re fixing it now.”
- Use keywords like: bottleneck, store-and-forward, traffic intensity, encapsulation, tier-1 ISP, IXP, DoS, QoS
📘 Recommended Practice
- Try Wireshark capture (labs): Identify Ethernet, IP, TCP headers.
- Use
traceroutefrom your computer.
- Practice the caravan analogy with different numbers.
- Watch Kurose & Ross’s interactive applets: http://gaia.cs.umass.edu/kurose_ross/interactive
- Author:Skim
- URL:https://liuqi.cc/Note%20Sharing/COMP1323NetworksandSecurityNotes
- Copyright:All articles in this blog, except for special statements, adopt BY-NC-SA agreement. Please indicate the source!
