Internet and It’s uses

Internet
WWW (World Wide Web)
Differences Between Internet and WWW
 Uniform Resource Locator (URL)

Address of a website is known as URL.

Example: https://www.hoddereducation.edu.uk/ict

URL contains three elements:

• Protocol (http or https)

• Web sever Name / Website Address (www.hoddereducation.edu.uk)
• File Name (ict)
 Web Address
Web address itself has different Components.
Path and File Name
 HTTP VS HTTPS

HYPERTEXT TRANSFER PROTOCOL (HTTP) is a set of rules that

must be obeyed when transferring files across the internet.
The letter s after http refers to http over secure. It is slower to
use https than http; https is usually only adopted where
sensitive or private data is being transferred across the
internet.
Web Browser
 Domain Name System (DNS)

When URL is translated into a numeric address that address becomes the
Domain Name System (DNS). It converts the alphanumeric URL address into the
numeric IP address. When alphanumeric address in the address bar of the web
browser, the DNS translates it into the IP address.
 Domain Name Server (DNS)
The DNS is a worldwide system of servers that stores location pointers
to websites. It stores the information in the form of an IP address. It
works as a phone book for the internet.
 How does the web work?

Requested:
•A web browser is used.
•User enters the URL or web address (into the address bar) or clicks a link containing the web address or
clicks an element of the webpage.
•The URLorweb address specifies the protocol protocols used are Hyper Text Transfer Protocol (HTTP) or
Hyper Text Transfer Protocol Secure (HTTPS).

Sent:
•The URL / web address contains the domain name.
•The Internet Service Provider (ISP) looks up the IP address of the company.
•The domain name server (DNS) stores an index of domain names and IP addresses.
•If IP address is found on DNS (Domain Name Server)
•Web browser sends a request to the web server / IP address.

Received:
•Data for the website is stored on the company’s web server.
•Webserver sends the data for the website back to the web browser.
•The data is transferred into Hyper Text Mark-up Language (HTML).
•HTML is interpreted by the web browser (to display the website).
Retrieval and Location of Webpage
How DNS is used to locate and retrieve a
webpage
Cookies
Types of Cookies
Session Cookies
Persistent Cookies
Summery of Persistent Cookies
 Example of Cookies

Examples of Cookies
•To store personal information/data
•To store login details
•To save items in an online shopping basket
•To track/save internet surfing habits or to track website traffic
•To carry out targeted advertising
•To store payment details
•To customise a webpage or to store user preferences
•Store progress in online games/quizzes
Digital Currency
Cryptocurrency
Blockchaining
How does blockchain work?
How does blockchain work?
How does blockchain work?
Cyber Threats
Brute Force Attacks
Data Interception
How to prevent Data Interception?
 Hacking
Hacking is breaking into a computer system to steal personal data without the owner’s consent or
knowledge (e.g. to steal a password file).

Effects:
•This can lead to identity theft or gaining personal information.
•Data can be deleted, changed or corrupted.

Prevention Methods:
•Activating Firewall.
•Use of strong password and user ids.
•Use of anti – hacking software.
Malware
Virus
 Effects and Prevention Methods of Virus
Effects:
•Can cause the computer to crash, stop functioning normally or become
unresponsive.
•Can delete file data.
•Can Corrupt file data.

Prevention Method:
Install anti-virus software.
Do not use software from unknown source.
Be careful when opening email/attachment from unknown source.
Worms
Trojan Horse
Spyware/Key logging Software

Software’s that gathers information by monitoring key presses

on the user’s keyboard; the information is then sent back to the
person who sent the software.

Effects:
•Give the originator access to all the data entered using a
keyboard on the user’s computer.
•The software is able to install other spyware, read cookie data
and also change a user’s default web browser.

Prevention Method:
•Use of anti-spyware software.
•Using a mouse to select characters from password rather than
typing them in using a keyboard can help reduce the risk.
Adware
Ransomware
Phishing
Pharming
Prevention Methods of Pharming
 Denial of Service Attack
A denial of service attack (DoS) is an attempt at preventing users
from accessing part of a network, notably an internet server. This
is usually temporary but may be a very damaging act or a big
breach of security. It doesn’t just affect networks; an individual
can also be a target for such an attack.

The attacker may be able to prevent a user from:

• accessing their emails

• accessing websites/web pages
• accessing online services (such as banking).
How does Denial of service attack cause the problem?

The server can only handle a finite number of requests. So if it

becomes overloaded by an attacker sending out thousands of
requests, it won’t be able to service the user’s legitimate request.
This is effectively a denial of service.

This can happen to a user’s email account, for example, by an

attacker sending out many spam messages to their email
account. Internet Service Providers (ISPs) only allow a specific
data quota for each user. Consequently, if the attacker sends out
very large or many hundreds of emails to the user’s account, it
will quickly get clogged up and the user won’t be able to receive
legitimate email.
 Prevention Methods and effects of DOS

Prevention Methods
• using an up-to-date malware/virus checker.
• setting up a firewall to restrict traffic to and from the internet
server or user’s computer.
• applying email filters to manage or filter out unwanted traffic
or spam emails.

Effects
• slow network performance (opening files or accessing certain
websites)
• unavailability or inability to access particular websites
• large amounts of spam mail reaching the user’s email
account.
Social Engineering
Types of threats
Course of action taken by cybercriminal
Anti Malware
Features of Anti Spyware
 Authentication
AUTHENTICATION is used to verify that data comes from a trusted source. It works with encryption to
strengthen internet security.
Passwords and User Names
Features of strong Password
Biometrics
Finger Print
Drawbacks of Fingerprint
Retina Scan
Benefits and Drawbacks of Biometrics
Biometric Password and Text based password

Text based password

•A minimum number of characters that can be typed at a keyboard.
•Set or can be changed by the user.
•Text based passwords are easier to hack than biometric passwords.

Biometric password
•A stored physical measurement e.g. fingerprint that is compared to
a previously scanned human measurement.
•Biometric Password can not be changed by the user.
•Biometric passwords are unique to that person/cannot be shared.
Two-Step Solution
 Firewalls

•A FIREWALL can be either software or hardware. It sits between the user’s computer and an external
network (e.g. the internet) and filters information in and out of the computer.
•The firewall can be a hardware interface which is located somewhere between the computer (or internal
network external link) and the internet connection. It is often referred to in this case as a GATEWAY.
•Alternatively, the firewall can be software installed on a computer; in some cases, this is part of the
operating system.

•Examining the ‘traffic’ between the user’s computer (or internal network) and a public network (e.g. the
internet).
•Checking whether incoming or outgoing data meets a given set of criteria.
•If the data fails the criteria, the firewall will block the ‘traffic’ and give the user (or network manager) a
warning that there may be a security issue.
•Logging all incoming and outgoing ‘traffic’ to allow later interrogation by the user (or network manager).
•Criteria can be set to prevent access to certain undesirable sites; the firewall can keep a list of all
undesirable IP addresses.
•helping to prevent viruses or hackers entering the user’s computer (or internal network) warning the
user if some software on their system is trying to access an external data source (e.g. automatic software
upgrade); the user is given the option of allowing it to go ahead or requesting that such access is denied.
 Limitation of Firewall
There are certain circumstances where the firewall can’t prevent
potential harmful ‘traffic’:
• It cannot prevent individuals, on internal networks, using their own
modems to bypass the firewall.
• Employee misconduct or carelessness cannot be controlled by
firewalls (for example, control of passwords or use of accounts).
• Users on stand-alone computers can chose to disable the firewall,
leaving their computer open to harmful ‘traffic’ from the internet.
• All of these issues require management control or personal control
(on a single computer) to ensure that the firewall is allowed to do its
job effectively.
 PROXY SERVER

PROXY SERVERS act as an intermediary between the user and a web server.

Functions of proxy servers include:

•allowing the internet ‘traffic’ to be filtered; they can block access to a website if necessary (similar type
or reaction as a firewall)
•by using the feature known as a CACHE, they can speed up access to information from a website; when
the website is first visited, the home page is stored on the proxy server; when the user next visits the
website, it now goes through the proxy server cache instead, giving much faster access
•keeping the user’s IP address secret – this clearly improves security
•acting as a firewall.
 Security protocols

There are two forms of security protocols when using the internet:
•Secure Sockets Layer (SSL)
•Transport Layer Security (TLS).
 SECURE SOCKET LAYER
•SECURE SOCKETS LAYER (SSL) is a type of protocol (a set of rules used by computers to communicate
with each other across a network).

•This allows data to be sent and received securely over the internet.

•When a user logs onto a website, SSL encrypts the data – only the user’s computer and the web server
are able to make sense of what is being transmitted.

• A user will know if SSL is being applied when they see https or the small greenpadlock in the address
bar at the top of the screen.
How does SSL Work?
Application of SSL

• Online shopping or Online payment systems or Online booking

• Email
• Cloud based storage
• Intranet/extranet
• VPN
• VoIP or video conferencing
• Instant messaging (IM) or social networking or online gaming
 TRANSPORT LAYER SECURITY (TLS)

•TRANSPORT LAYER SECURITY (TLS) is similar to SSL but is a more recent security system. TLS is a form of protocol
that ensures the security and privacy of data between devices and users when communicating over the internet.

•It is essentially designed to provide encryption, authentication and data integrity in a more effective way than its
predecessor SSL.

TLS is formed of two layers:

•Record protocol: this part of the communication can be used with or without encryption (it contains the data
being transferred over the internet).

•Handshake protocol: this permits the website and the client (user) to authenticate each other and to make use of
encryption algorithms (a secure session between client and website is established).
 Difference between SSL and TLS

•It is possible to extend TLS by adding new authentication methods.

•TLS can make use of SESSION CACHING which improves the overall performance
•compared to SSL.
•TLS separates the handshaking process from the record protocol (layer) which holds all the data.
 Application of TLS
• Online banking
•Online shopping or Online payment systems
•Email
•Cloud based storage
•Intranet/extranet
•VPN
•VoIP
•Instant messaging (IM) or social networking.