SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

In this Chapter
» Introduction to Computer INTRODUCTION TO COMPUTER NETWORKS
Networks We are living in a connected world. Information
» Evolution of Networking is being produced, exchanged, and traced across
» Types of Networks the globe in real time. It's possible as almost
» Network Devices everyone and everything in the digital world is
interconnected through one way or the other.
» Networking Topologies
» Identifying Nodes
in a Networked
Communication
» Internet, Web and the
Internet of Things
» Domain Name System

Figure 10.1: Interconnection forming a social network

Prof. Manjunatha S, Assistant Professor, SVFC. Page 1

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

A group of two or more similar things or people interconnected with each other
is called network (Figure 10.1). Some of the examples of network in our everyday
life includes:
• Social network
Mobile network
• Network of computers
• Airlines, railway, banks, hospitals networks
A computer network (Figure 10.2) is an interconnection among two or more
computers or computing devices. Such interconnection allows computers to share
data and resources among each other. A basic network may connect a few
computers placed in a room.
The network size may vary from small to large depending on the number of

Networking
Device

computers it connects. A computer network can include different types of hosts

(also called nodes) like server, desktop, laptop, cellular phones.
Figure 10.2: A computer network
Apart from computers, networks include networking devices like switch,
router, modem, etc. Networking devices are used to connect multiple computers
in different settings. For communication, data in a network is divided into
smaller chunks called packets. These packets are then carried over a network.
Devices in a network can be connected either through wired media like cables
or wireless media like air.
In a communication network, each device that is a part of a network and
that can receive, create, store or send data to different network routes is
called anode. In the context of data communication, a node can be a device such
as a modem, hub, bridge, switch, router, digital telephone handset, a printer, a
computer or a server.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 2

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

Interconnectivity of computing devices in a network Activity

allows us to exchange information simultaneously with Create a hotspot using
many parties through email, websites, audio/video a smartphone and
calls, etc. Network allows sharing of resources. For connect other
example, a printer can be made available to multiple devices to it.
computers through a network; a networked storage
can be accessed by multiple computers. People often
connect their devices through hotspot, thus forming a
small personal network.

EVOLUTION OF NETWORKING
In the 1960s a research project was commissioned by
Advanced Research Projects Agency Network (ARPANET)
in the U.S. Department of Defence to connect the
academic and research institutions located at different
places for scientific collaborations. The first message was
communicated between the University of California, Los
Angeles (UCLA) and Stanford Research Institute (SRI).
Slowly but gradually, more and more organisations
joined the ARPANET, and many independent smaller
networks were formed. Few of the milestones in the
magnificent journey of evolution of computer networks
is depicted in the timeline shown in Figure 10.3.
The idea of Advanced First version of Wi-fi
Research Project Agency TCP/IP introduced as (802.11) standard was
Network (ARPANET) is standard protocol on introduced
conceptualized ARPANET National Science
Roy Tomlinson develops Foundation brings
network messaging or connectivity to more
E-mail. Symbol @ people with its NSFNET
comes to mean "at" program
1961 1997
1982
1971 1986

1969 1983
1990
1974 Domain Name System
ARPANET became
introduced
functional by
connecting UCLA and
SRI
The term Internet was The Berners-Lee at
coined, CERN developed HTML
and URL, thus giving
First commercial use of birth to World Wide Web
ARPANET, was started (www)
in the name of Telenet

Figure 10.3: Timeline showing evolution of networking

Prof. Manjunatha S, Assistant Professor, SVFC. Page 3

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

TYPES OF NETWORKS
There are various types of computer networks ranging
from network of handheld devices (like mobile phones
or tablets) connected through Wi-Fi or Bluetooth within
a single room to the millions of computers spread across
the globe. Some are connected wireless while others are
connected through wires.
Based on the geographical area covered and data
transfer rate, computer networks are broadly categorised
as:
• PAN ( Personal Area Network)
• LAN (Local Area Network)
• MAN (Metropolitan Area Network)
• WAN (Wide Area Network)

Personal Area Network (PAN)

It is a network formed by connecting a few personal
devices like computers, laptops, mobile phones, smart
phones, printers etc., as shown in Figure 10.4. All these
devices lie within an approximate range of 10 metres.
A personal area network may be wired or wireless.
For example, a mobile phone connected to the laptop
through USB forms a wired PAN while two smartphones
communicating with each other through Bluetooth
technology form a wireless PAN or WPAN.

Figure 10.4: A Personal Area Network

Prof. Manjunatha S, Assistant Professor, SVFC. Page 4

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

Local Area Network (LAN)

It is a network that connects computers, mobile phones, Explore and find out
tablet, mouse, printer, etc., placed at a limited distance. the minimum internet
The geographical area covered by a LAN can range from speed required to
a single room, a floor, an office having one or more make a video call.
buildings in the same premise, laboratory, a school,
college, or university campus. The connectivity is done
by means of wires, Ethernet cables, fibre optics, or Wi-Fi.
A Local Area Network (LAN) is shown in Figure 10.5.

Figure 10.5: A Local Area Network

LAN is comparatively secure as only authentic

users in the network can access other computers or
shared resources. Users can print documents using
a connected printer, upload/download documents
and software to and from the local server. Such LANs
provide the short range communication with the high
speed data transfer rates. These types of networks can
be extended up to 1 km. Data transfer in LAN is quite
high, and usually varies from 10 Mbps (called Ethernet)
to 1000 Mbps (called Gigabit Ethernet), where Mbps
stands for Megabits per second. Ethernet is a set of rules
that decides how computers and other devices connect
with each other through cables in a local area network
or LAN.
Metropolitan Area Network (MAN) Metropolitan Area
Network (MAN) is an extended form ofLAN which covers
a larger geographical area like a city ora town. Data
transfer rate in MAN also ranges in Mbps,

Prof. Manjunatha S, Assistant Professor, SVFC. Page 5

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64
It is possible to access
your bank account
from any part of the
world. Whether the
bank’s network is a
LAN, MAN, WAN or
any other type?
Prof. Manjunatha S, Assistant Professor, SVFC.
but it is considerably less as compared to LAN. Cable TV
network or cable based broadband internet services are
examples of MAN. This kind of network can be extended
up to 30-40 km. Sometimes, many LANs are connected
together to form MAN, as shown in Figure 10.6.
LAN 1
Networking LAN 3
Device
LAN 2
Figure 10.6: A Metropolitan Area Network
Wide Area Network (WAN)
Wide Area Network connects computers and other
LANs and MANs, which are spread across different
geographical locations of a country or in different
countries or continents. A WAN could be formed
by connecting a LAN to other LANs (Figure 10.7) via
wired/wireless media. Large business, educational
and government organisations connect their different
branches in different locations across the world through
WAN. The Internet is the largest WAN that connects
billions of computers, smartphones and millions of
LANs from different continents.
Page 6
 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

Network User Network User

Network User Network User

Network Switch Network Switch

Network User Network User

Internet

Network User Network User Network User Network User

LAN 1 - Delhi LAN 1 - Shimla

Figure 10.7: A Wide Area Network

NETWORK DEVICES
To communicate data through different transmission
media and to configure networks with different
functionality, we require different devices like Modem,
Hub, Switch, Repeater, Router, Gateway, etc. Let us
explore them in detail.
Modem
Modem stands for ‘MOdulator DEModulator’. It refers to
a device used for conversion between analog signals and
digital bits. We know computers store and process data
in terms of 0s and 1s. However, to transmit data from
a sender to a receiver, or while browsing the internet,
digital data are converted to an analog signal and the
medium (be it free-space or a physical media) carries
the signal to the receiver. There are modems connected
to both the source and destination nodes. The modem
at the sender’s end acts as a modulator that converts
the digital data into analog signals. The modem at the
receiver’s end acts as a demodulator that converts
the analog signals into digital data for the destination
node to understand. Figure 10.8 shows connectivity
using a modem.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 7

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

Analog Signal
Modulation Demodulation
Digital Signal Digital Signal
Demodulation Modulation

Telephone Line
Modem Modem

Figure 10.8: Use of modem

Ethernet Card
Ethernet card, also known as Network Interface Card
(NIC card in short) is a network adapter used to set
up a wired network.
It acts as an interface
between computer and
the network. It is a circuit
board mounted on the
motherboard of a computer
as shown in Figure
10.9. The Ethernet cable
connects the computer to
the network through NIC.
Ethernet cards can support
data transfer between 10
Mbps and 1 Gbps (1000
Mbps). Each NIC has a
MAC address, which helps
in uniquely identifying the
computer on the network.
Figure 10.9: A Network Interface Card

RJ45
RJ 45 or Registered Jack-45 is an
eight-pin connector (Figure 10.10)
that is used exclusively with
Ethernet cables for networking.
It is a standard networking
interface that can be seen at
the end of all network cables.
Basically, it is a small plastic plug
that fits into RJ-45 jacks of the
Figure 10.10: RJ 45
Ethernet cards present in various
computing devices.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 8

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

Repeater
Data are carried in the form of signals over the cable.
These signals can travel a specified distance (usually
about 100 m). Signals lose their strength beyond this
limit and become weak. In such conditions, original An Internet service
signals need to be regenerated. provider (ISP) is any
A repeater is an analog device that works with signals organisation that
provides services
on the cables to which it is connected. The weakened
for accessing the
signal appearing on the cable is regenerated and put Internet.
back on the cable by a repeater.
Hub
An Ethernet hub (Figure 10.11) is a network device used
to connect different devices through wires. Data arriving
on any of the lines are sent out on all the others. The
limitation of Hub is that if data from two devices come
at the same time, they will collide.

Activity
1 2 3 4 5 6 7 8 Find and list a
few ISPs in your
region.

Figure 10.11: A network hub with 8 ports

Switch
A switch is a networking device (Figure 10.12) that
plays a central role in a Local Area Network (LAN). Like
a hub, a network switch is used to connect multiple
computers or communicating devices. When data
arrives, the switch extracts the
destination address from the data
packet and looks it up in a table to
see where to send the packet. Thus,
it sends signals to only selected
devices instead of sending to all.
It can forward multiple packets at
the same time. A switch does not
forward the signals which are noisy
or corrupted. It drops such signals
and asks the sender to resend it. Figure 10.12: Cables connected to a network switch

Ethernet switches are common in homes/offices

to connect multiple devices thus creating LANs or to
access the Internet.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 9

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

Router
A router (Figure 10.13) is a network device that can
receive the data, analyse it and transmit it to other
networks. A router connects a local area network to the
internet. Compared to a hub or a switch, a router has
advanced capabilities as it can analyse the data being
carried over a network, decide/alter how it is packaged,
and send it to another network of a different type. For
example, data has been divided into packets of a certain
size. Suppose these packets are to be carried over a
different type of network which cannot handle bigger
packets. In such a case, the data is to be repackaged
as smaller packets and then sent over the network by
a router.

Figure 10.13: A router

A router can be wired or wireless. A wireless router
can provide Wi-Fi access to smartphones and other
devices. Usually, such routers also contain some ports
to provide wired Internet access. These days, home Wi-Fi
routers perform the dual task of a router and a modem/
switch. These routers connect to incoming broadband
lines, from ISP (Internet Service Provider), and convert
them to digital data for computing devices to process.
Gateway
As the term “Gateway” suggests, it is a key access point
that acts as a “gate” between an organisation's network
and the outside world of the Internet (Figure 10.14).
Gateway serves as the entry and exit point of a network,
as all data coming in or going out of a network must
first pass through the gateway in order to use routing
paths. Besides routing data packets, gateways also
maintain information about the host network's internal
connection paths and the identified paths of other
remote networks. If a node from one network wants to
communicate with a node of a foreign network, it will

Prof. Manjunatha S, Assistant Professor, SVFC. Page 10

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

pass the data packet to the gateway, which then routes

it to the destination using the best possible route.

10.0.0.0/8 Server GATEWAY Server 20.0.0.0/8

IP ADDRESS IP ADDRESS

PC 4 PC 5 PC 4 PC 5

PC 1 PC 2 PC 3 PC 1 PC 2 PC 3

Figure 10.14: A network gateway

For simple Internet connectivity at homes, the

gateway is usually the Internet Service Provider that
provides access to the entire Internet. Generally, a
router is configured to work as a gateway device
in computer networks. But a gateway can be
implemented completely in software, hardware, or
a combination of both. Because a network gateway
is placed at the edge of a network, the firewall is
usually integrated with it.

NETWORKING TOPOLOGIES
We have already discussed that a number of computing
devices are connected together to form a Local Area
Network (LAN), and interconnections among millions of
LANs forms the Internet. The arrangement of computers
and other peripherals in a network is called its topology.
Common network topologies are Mesh, Ring, Bus, Star
and Tree.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 11

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

Mesh Topology
In this networking topology, each communicating
device is connected with every other device in the
network as shown in Figure 10.15. Such a network can
handle large amounts of traffic since multiple nodes
can transmit data simultaneously. Also, such networks
are more reliable in the sense that even if a node gets
down, it does not cause any break in the transmission
of data between other nodes. This topology is also
more secure as compared to other topologies because
each cable between two nodes carries different data.
However, wiring is complex and cabling cost is high in
creating such networks and there are many redundant
or unutilised connections.

Figure 10.15: A mesh topology

To build a fully-
Ring Topology
connected mesh
topology of n nodes, In ring topology (Figure 10.16), each node is connected
it requires n(n-1)/2 to two other devices, one each on either side, as shown
wires. in Figure 10.16. The nodes connected with each
other thus forms a ring. The link in a ring topology is
unidirectional. Thus, data can be transmitted in one
direction only (clockwise or counterclockwise).

Figure 10.16: A ring topology

Bus Topology
In bus topology (Figure 10.17), each communicating
device connects to a transmission medium, known as
bus. Data sent from a node are passed on to the bus
and hence are transmitted to the length of the bus in
both directions. That means, data can be received by
any of the nodes connected to the bus.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 12

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

Bus

Figure 10.17: A bus topology

In this topology, a single backbone wire called bus is
shared among the nodes, which makes it cheaper and
easier to maintain. Both ring and bus topologies are
considered to be less secure and less reliable.
Star Topology
In star topology (Figure 10.18), each communicating
How will a Bus and
device is connected to a central node, which is a Ring topology behave
networking device like a hub or a switch, as shown in in case a Node is
Figure 10.18. down?
Star topology is considered very effective, efficient
and fast as each device is directly connected with the
central device. Although disturbance in one device will
not affect the rest of the network, any failure in a central
networking device may lead to the failure of complete
network.

Figure 10.18: A star topology

The central node can be either a broadcasting device

means data will be transmitted to all the nodes in the
network, or a unicast device means the node can identify
the destination and forward data to that node only.
Tree or Hybrid Topology
It is a hierarchical topology, in which there are multiple
branches and each branch can have one or more basic
topologies like star, ring and bus. Such topologies are
usually realised in WANs where multiple LANs are
connected. Those LANs may be in the form of a ring,
bus or star. In figure 10.19, a hybrid topology is shown
connecting 4-star topologies in a bus.
In this type of network, data transmitted from source
first reaches the centralised device and from there the
data passes through every branch where each branch
can have links for more nodes.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 13

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

Figure 10.19: A hybrid topology

IDENTIFYING NODES IN A NETWORKED

COMMUNICATION
Each node in a network should be uniquely identified
so that a network device can identify the sender and
receiver and decide a routing path to transmit data.
Let us explore further and know how each node is
distinguished in a network.
MAC Address
MAC stands for Media Access Control. The MAC address,
also known as the physical or hardware address, is a
unique value associated with a network adapter called
a NIC. The MAC address is engraved on NIC at the time
of manufacturing and thus it is a permanent address
and cannot be changed under any circumstances. The
machine on which the NIC is attached, can be physically
identified on the network using its MAC address.
Each MAC address is a 12-digit hexadecimal numbers
(48 bits in length), of which the first six digits (24 bits)
contain the manufacturer’s ID called Organisational
Unique Identifier (OUI) and the later six digits (24 bits)
represents the serial number assigned to the card by
the manufacturer. A sample MAC address looks like:

Activity 10.4
Explore how can you
find the MAC
IP Address
address of your
computer
IP address, also known as Internet Protocol address,
system. is also a unique address that can be used to uniquely
identify each node in a network. The IP addresses

Prof. Manjunatha S, Assistant Professor, SVFC. Page 14

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

are assigned to each node in a network that uses the

Internet Protocol for communication. Thus, if we know Do mobile phones
a computer’s IP address, we can communicate with have a MAC address?
that computer from anywhere in the world. However, Is it different from
unlike MAC address, IP address can change if a node the IMEI number of
mobile phones?
is removed from one network and connected to another
network.
The initial IP Address called version 4 (IPV4 in short),
is a 32 bit numeric address, written as four numbers
separated by periods, where each number is the decimal
(base-10) representation for an 8-bit binary (base-2)
number and each can take any value from 0 - 255. A
sample IPV4 address looks like:
192:168:0:178
With more and more devices getting connected to
the Internet, it was realised that the 32-bit IP address
will not be sufficient as it offers just under 4.3 billion
unique addresses. Thus, a 128 bits IP address, called IP
version 6 (IPV6 in short) was proposed. An IPv6 address
is represented by eight groups of hexadecimal (base-16)
numbers separated by colons. A sample IPV6 address
looks like:
2001:CDBA:0000:0000:0000:0000:3257:9652

INTERNET, WEB AND THE INTERNET OF THINGS

The Internet is the global network of computing devices
including desktop, laptop, servers, tablets, mobile
phones, other handheld devices, printers, scanners,
routers, switches, gateways, etc. Moreover, smart
electronic appliances like TV, AC, refrigerator, fan, light,
etc. can also communicate through a network. The list
of such smart devices is always increasing e.g., drones,
vehicles, door lock, security camera. We have already
studied IoT and WoT in class 11.
The Internet is evolving every day and it is difficult
to visualise or describe each and every aspect of the
architecture of the Internet. Computers are either
connected to a modem through a cable or wirelessly (Wi-
Fi). That modem, be it wired or wireless, is connected to
a local Internet Service Provider (ISP) who then connects
to a national network. Many such ISPs connect together
forming a regional network and regional networks
connect together forming a national network, and such
country-wise networks form the Internet backbone.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 15

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64
You are encouraged
to take up any area
of concern where
you think IoT can be
immensely beneficial
and discuss it with
your peers. An
example for the same
can be preventing
road accidents.
Prof. Manjunatha S, Assistant Professor, SVFC.
The Internet today is a widespread network, and its
influence is no longer limited to the technical fields of
computer communications. It is being used by everyone
in the society as is evident from the increasing use of
online tools for education, creativity, entertainment,
socialisation, and e-commerce.
10.7.1 The World Wide Web (WWW)
The World Wide Web (WWW) or web in short, is an
ocean of information, stored in the form of trillions
of interlinked web pages and web resources. The
resources on the web can be shared or accessed
through the Internet.
Earlier, to access files residing in different
computers, one had to login individually to each
computer through the Internet. Besides, files in
different computers were sometimes in different
formats, and it was difficult to understand each other’s
files and documents. Sir Tim Berners-Lee — a British
computer scientist invented the revolutionary World
Wide Web in 1990 by defining three fundamental
technologies that lead to creation of web:
• HTML – HyperText Markup Language. It is a language
which is used to design standardised Web Pages so
that the Web contents can be read and understood
from any computer. Basic structure of every webpage
is designed using HTML.
• URI – Uniform Resource Identifier. It is a unique
address or path for each resource located on the
web. It is also known as Uniform Resource Locator
(URL). Every page on the web has a unique URL.
Examples are: https://www.mhrd.gov.in,http://
www.ncert.nic.in,http://www.airindia.in, etc. URL
is sometimes also called web address. However,
a URL is not only the domain name. It contains
other information that completes a web address,
as depicted below:
Domain Name
http://www.ncert.nic.in/textbook/textbook.htm
URL
• HTTP – The HyperText Transfer Protocol is a set of
rules which is used to retrieve linked web pages
across the web. The more secure and advanced
version is HTTPS.
Page 16
 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

Many people confuse the web with the Internet.

The Internet as we know is the huge global network
of interconnected computers, which may or may not
have any file or webpage to share with the world. The
web on the other hand is the interlinking of collection
of Webpages on these computers which are accessible
over the Internet. WWW today gives users access to a
vast collection of information created and shared by
people across the world. It is today the most popular
information retrieval system

DOMAIN NAME SYSTEM

The Internet is a vast ocean where information is
available in the form of millions of websites. Each website
is stored on a server which is connected to the Internet,
which means each server has an IP address. Every
device connected to the Internet has an IP address. To
access a website, we need to enter its IP address on our
web browser. But it is very difficult to remember the IP
addresses of different websites as they are in terms of
numbers or strings.
However, it is easier to remember names, and
therefore, each computer server hosting a website or
web resource is given a name against its IP address.
These names are called the Domain names or hostnames
corresponding to unique IP addresses assigned to each
server. For easy understanding, it can be considered
as the phonebook where instead of remembering each
person’s phone number, we assign names to their
numbers. For example, IP addresses and domain names
of some websites are as follows:
Table 10.1 Examples of domain names and their
mapped IP addresses
Domain Name IP Address
ncert.nic.in 164.100.60.233
cbse.nic.in 164.100.107.32
mhrd.gov.in 164.100.163.45

wikipedia.org 198.35.26.96

DNS Server
Instead of remembering IP addresses, we assign a
domain name to each IP. But, to access a web resource,
a browser needs to find out the IP address corresponding
to the domain name entered. Conversion of the domain

Prof. Manjunatha S, Assistant Professor, SVFC. Page 17

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

name of each web server to its corresponding IP address

is called domain name resolution. It is done through
a server called DNS server. Thus, when we enter a
URL on a web browser, the HTTP protocol approaches
a computer server called DNS server to obtain the IP
address corresponding to that domain name. After
getting the IP address, the HTTP protocol retrieves the
information and loads it in our browser.
In Figure 10.20, an example is shown in which the
HTTP requests a DNS server for corresponding IP addss,
and the server sends back an IP address.
DNS root servers
User
are named using
alphabets A through
M for the first
13 letters of the
alphabet. Ten of 164.100.60.233
these servers are HTTP in DNS
www.ncert.nic.in
in the US, one in Browser Server
London, one in
Stockholm, and
one in Japan.
The organisation
Figure 10.20: Request of IP address corresponding to domain name
Internet Assigned
Numbers Authority A DNS server maintains a database of domain names
(IANA) keeps this
list of DNS root and their corresponding IP addresses. To understand
servers. how the domain name resolution works, we have to
understand how and where the DNS servers are kept.
The DNS servers are placed in hierarchical order. At
the top level, there are 13 servers called root servers.
Then below the root servers there are other DNS servers
at different levels. A DNS server may contain the IP
address corresponding to a domain or it will contain
the IP address of other DNS servers, where this domain
entry can be searched.

SUMMARY
• A computer network is an interconnection among
two or more computers or computing devices.
• A computer network allows computers to share
data and resources among each other.
• Networking devices are used to connect multiple
computers in different settings.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 18

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

• In a communication network, each device that is

a part of a network and that can receive, create,
store or send data to different network routes is
called a node.
• Based on the geographical area covered and data
transfer rate, computer networks are broadly
categorised into LAN (Local Area Network), MAN
(Metropolitan Area Network) and WAN (Wide Area
Network).
• LAN is a network that connects a variety of nodes
placed at a limited distance ranging from a single
room, a floor, an office or a campus having one or
more buildings in the same premises.
• Ethernet is a set of rules that decides how
computers and other devices connect with each
other through cables in a LAN.
• Metropolitan Area Network (MAN) is an extended
form of LAN which covers a larger geographical
area like a city or a town.
• Cable TV network or cable based broadband
internet services are examples of MAN.
• Wide Area Network (WAN) connects computers
and other LANs and MANs, which are spread
across different geographical locations of a
country or in different countries or continents.
• The Internet is the largest WAN that connects
billions of computers, smartphones and millions
of LANs from different continents.
• Modem stands for ‘MOdulator DEModulator’,
is a device used for conversion between electric
signals and digital bits.
• Ethernet card, also known as Network Interface
Card (NIC card in short) is a network adaptor
used to set up a wired network.
• Each NIC has a MAC address, which helps in
uniquely identifying the computer on the network.
• A repeater is an analog device that regenerate the
signals on the cables to which it is connected.
• A switch is a networking device used to connect
multiple computers or communicating devices.
• A router is a network device that can receive the
data, analyse it and transmit it to other networks.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 19

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

• Gateway serves as the entry and exit point of a

network, as all data coming in or going out of a
network must first pass through the gateway in
order to use routing paths.
• The arrangement of computers and other
peripherals in a network is called its topology.
• Common network topologies are Mesh, Ring, Bus,
Star and Tree.
• In mesh topology each communicating device is
connected with every other device in the network.
• In ring topology, each node is connected to two
other devices, one each on either side.
• In bus topology, a single backbone wire called
bus is shared among the nodes, which makes it
cheaper and easy to maintain.
• In star topology, each communicating device is
connected to a central networking device like a
hub or a switch.
• In tree or hybrid topology, there are multiple
branches and each branch can have one or more
basic topologies like star, ring and bus.
• The MAC address, also known as the physical or
hardware address, is a unique permanent value
associated with a network adapter called a NIC.
It is used to physically identify a machine on the
network.
• IP address, also known as Internet Protocol
address, is a unique address that can be used to
uniquely identify each node in a network.
• Unlike MAC address, IP address can change if a
node is removed from one network and connected
to another network.
• The Internet is the global network of computing
devices.
• The World Wide Web (WWW) or web in short, is an
ocean of information, stored in the form of trillions
of interlinked web pages and web resources.
• Sir Tim Berners-Lee — a British computer
scientist invented the revolutionary World Wide
Web in 1990.
• HTML (HyperText Markup Language) is a
language which is used to design standardised
Web Pages so that the Web contents can be read

Prof. Manjunatha S, Assistant Professor, SVFC. Page 20

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

and understood from any computer.

• URI (Uniform Resource Identifier) or URL (Uniform
Resource Locator) is a unique address or path for
each resource located on the web.
• HTTP – The HyperText Transfer Protocol is a set of
rules which is used to retrieve linked web pages
across the web. The more secure and advanced
version is HTTPS.
• Each computer server hosting a website or web
resource is given a name against its IP address.
These names are called the Domain names or
hostnames.
• Conversion of the domain name of each web server
to its corresponding IP address is called domain
name resolution. It is done through a server called
DNS server.

Model Questions on Computer Networks

1. Expand the following:
a) ARPANET
b) MAC
c) ISP
d) URI
2. What do you understand by the term network?
3. Mention any two main advantages of using a network of
computing devices.
4. Differentiate between LAN and WAN.
5. Write down the names of few commonly used networking
devices.
6. Two universities in different States want to transfer
information. Which type of network they need to use for
this?
7. Define the term topology. What are the popular network
topologies?
8. How is tree topology different from bus topology?
9. Identify the type of topology from the following:
a) Each node is connected with the help of a single cable.
b) Each node is connected with central switching
through independent cables.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 21

 SAI VIDYA FIRST GRADE COLLGE, Rajanukunte, Bengaluru-64

10. What do you mean by a modem? Why is it used?

11. Explain the following devices:
a) Switch
b) Repeater
c) Router
d) Gateway
e) NIC
12. Draw a network layout of star topology and bus
topology connecting five computers.
13. What is the significance of MAC address?
14. How is IP address different from MAC address?
Discuss briefly.
15. What is DNS? What is a DNS server?
16. Sahil, a class X student, has just started understanding
the basics of Internet and web technologies. He is a bit
confused in between the terms “World Wide Web” and
“Internet”. Help him in understanding both the terms
with the help of suitable examples of each.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 22

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

Security Aspects

In this Chapter
THREATS AND PREVENTION
» Threats and Prevention
Being alone is the most ideal situation for an
» Malware
individual in terms of security. It applies to
» Antivirus computers as well. A computer with no link to
» Spam an external device or computer is free from the
» HTTP vs HTTPS security threats arising otherwise. However,
» Firewall it is not an ideal solution for a human being
or a computer to stay aloof in order to mitigate
» Cookies
any security threats, as the world at present
» Hackers and Crackers is on its way to become fully connected. This
» Network Security Threats connectedness of various devices and computers
has brought into our focus the various network
threats and its prevention.
Network security is concerned with protection
of our device as well as data from illegitimate access
or misuse. Threats include all the ways in which
one can exploit any vulnerability or weakness in
a network or communication system in order to
cause harm or damage one’s reputation.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 1

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

MALWARE
Malware is a short term used for MALicious softWARE.
It is any software developed with an intention to damage
hardware devices, steal data, or cause any other trouble
to the user. Various types of malware have been created
from time-to-time, and large-scale damages have been
inflicted. Many of these malware programs have been
identified and counter measures have been initiated.
However, different types of malware keep on coming on a
regular basis that compromise the security of computer
systems and cause intangible damages. Besides, each
year, malware incur financial damages worth billions
of dollars worldwide. Viruses, Worms, Ransomware,
Trojans, and Spyware are some of the kinds of malware.
Virus
The term computer virus was coined by Fred Cohen in
1985 and has been borrowed from biological science
with almost similar meaning and behavior, the only
difference is that the victim is a computer system and
the virus is a malicious software. A virus is a piece of
software code created to perform malicious activities
and hamper resources of a computer system like CPU
time, memory, personal files, or sensitive information.
Mimicking the behaviour of a biological virus, the
computer virus spreads on contact with another system,
i.e. a computer virus infects other computer systems
that it comes into contact with by copying or inserting
its code into the computer programs or software
(executable files). A virus remains dormant on a system
and is activated as soon as the infected file is opened
(executed) by a user.
Viruses behave differently, depending upon the
reason or motivation behind their creation. Some of
the most common intentions or motives behind viruses
include stealing passwords or data, corrupting files,
spamming the user’s email contacts, and even taking
control of the user’s machine. Some well-known viruses
include CryptoLocker, ILOVEYOU, MyDoom, Sasser
and Netsky, Slammer, Stuxnet, etc.
Worms
The Worm is also a malware that incurs unexpected or
damaging behaviour on an infected computer system.
The major difference between a worm and a virus is that

Prof. Manjunatha S, Assistant Professor, SVFC. Page 2

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

unlike a virus, a worm does not need a host program or

software to insert its code into. Worms are standalone
programs that are capable of working on its own. Also,
a virus needs human triggering for replication (i.e. when
a user opens/executes the infected file), while a worm
replicates on its own and can spread to other computers
through the network. Some prominent examples of
worms include Storm Worm, Sobig, MSBlast, Code Red,
Nimda, Morris Worm, etc.
Ransomware
It is a type of malware that targets user data. It
either blocks the user from accessing their own data
or threatens to publish the personal data online and
demands ransom payment against the same. Some
ransomware simply block the access to the data while
others encrypt data making it very difficult to access.
In May 2017, a ransomware WannaCry infected almost
200,000 computers across 150 countries. It worked by
encrypting data and demanding ransom payments in
the Bitcoin cryptocurrency. It literally made its victims
“cry” and hence the name.

Figure 12.1: A ransomware

Trojan
Since the ancient Greeks could not infiltrate the city
of Troy using traditional warfare methods, they gifted
the king of Troy with a big wooden horse with hidden
soldiers inside and eventually defeated them. Borrowing

Prof. Manjunatha S, Assistant Professor, SVFC. Page 3

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

the concept, a Trojan is a malware, that looks like a

legitimate software and once it tricks a user into installing
it, it acts pretty much like a virus or worm. However,
a Trojan does not self-replicate or infect other files, it
spreads through user interaction such as opening an
email attachment or downloading and executing a file
from the Internet. Some Trojans create backdoors to
give malicious users access to the system.

Figure 12.2: A trojan horse

Spyware
It is a type of malware that spies on a person or an
organisation by gathering information about them,
without the knowledge of the user. It records and sends
the collected information to an external entity without
consent or knowledge of the user.
Spyware usually tracks internet usage data and sells
them to advertisers. They can also be used to track and
capture credit card or bank account information, login
and password information or user’s personal identity.
Adware
An Adware is a malware that is created to generate
revenue for its developer. An adware displays
online advertisements using pop-ups, web pages, or
installation screens. Once an adware has infected a
substantial number of computer systems, it generates
revenue either by displaying advertisements or using
“pay per click” mechanism to charge its clients against
the number of clicks on their displayed ads. Adware

Prof. Manjunatha S, Assistant Professor, SVFC. Page 4

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

is usually annoying, but harmless. However, it often

paves way for other malware by displaying unsafe links
as advertisements. To implement a
keylogger in hardware,
Keyloggers a thin transparent
keyboard is placed
A keylogger can either be malware or hardware. The atop the actual
main purpose of this malware is to record the keys keyboard or input
pressed by a user on the keyboard. A keylogger makes pad of the intended
logs of daily keyboard usage and may send it to an machine, which then
external entity as well. In this way, very sensitive and records the keystrokes
pressed by the user.
personal information like passwords, emails, private
conversations, etc. can be revealed to an external
entity without the knowledge of the user. One strategy
to avoid the threat of password leaks by keyloggers is
to use a virtual keyboard while signing into your online
accounts from an unknown computer.

(A) Online Virtual Keyboard Vs On-Screen Keyboard

The names “on-screen” and “virtual” keyboard refer to
any software-based keyboard and are sometimes used
interchangeably. But, there exists a notable difference
between “on-screen” and “online virtual” keyboards.
Both types of keyboards may look the same, but the
difference is in terms of the layout or ordering of the
keys. The on-screen keyboard of an operating system
uses a fixed QWERTY key layout (Figure 12.3), which
can be exploited by sophisticated keylogger software.
However, an online virtual keyboard randomises the
key layout every time it is used (Figure 12.4), thereby
making it very difficult for a keylogger software to know
or record the key(s) pressed by the user.

Figure 12.3: A QWERTY keyboard layout

Prof. Manjunatha S, Assistant Professor, SVFC. Page 5

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

Figure 12.4: Online virtual keyboard

Modes of Malware distribution

A malware once designed, can take many routes to
reach your computer. Some of the common distribution
channels for malware are:

• Downloaded from the Internet: Most of the time,

malware is unintentionally downloaded into the
hard drive of a computer by the user. Of course, the
malware designers are smart enough to disguise
their malware, but we should be very careful while
downloading files from the Internet (especially those
highlighted as free stuff).
• Spam Email: We often receive an unsolicited email
with embedded hyperlinks or attachment files. These
links or attached files can be malware.
• Removable Storage Devices: Often, the replicating
malware targets the removable storage media
like pen drives, SSD cards, music players, mobile
phones, etc. and infect them with malware that
gets transferred to other systems that they are
plugged into.
• Network Propagation: Some malware like Worms
have the ability to propagate from one computer to
another through a network connection.

Combating Malware
Common signs of some malware infection include the
following:

Prof. Manjunatha S, Assistant Professor, SVFC. Page 6

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

• frequent pop-up the malware discussed earlier.

windows  Using antivirus, anti-malware, and other related
prompting you to software and updating them on a regular basis.
visitsome website  Configure your browser security settings
and/or download
 Always check for a lock button in the address bar while
some software;
making payments.
• changes to the
default homepage  Never use pirated on unlicensed software. Instead
of your web go for Free and Open Source Software (FOSS).
browser;  Applying software updates and patches released byits
• mass emails manufacturers.
being sent from  Taking a regular backup of important data.
your email
 Enforcing firewall protection in the network.
account;
• unusually slow  Avoid entering sensitive (passwords, pins) or personal
computer with information on unknown or public computers.
frequent crashes;  Avoid entering sensitive data on an unknown network
• unknown (like Wi-Fi in a public place) using your own computer
programs also.
startup as you  Avoid clicking on links or downloading attachments from
turn on your unsolicited emails.
computer;  Scan any removable storage device with an antivirus
• programs software before transferring data to and from it.
opening and
 Never share your online account or banking
closing
password/pins with anyone.
automatically;
• sudden lack of  Remove all the programs that you don’t recognise from
storage space, your system.
random
messages,
sounds, or music
start to appear;
• programs or files
appear or
disappear
without your
knowledge.
Malware exists
and continues to
evolve, and so is the
mechanism to
combat them. As the
saying goes that
prevention is better
than cure, we list
some preventive
measures against

Prof. Manjunatha S, Assistant Professor, SVFC. Page 7

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

 Do not install an anti-spyware or antivirus program

presented to you in a pop-up or ad.
 Use the pop-up window’s ‘X’ icon located on the top-
right of the popup to close the ad instead of clicking
on the ‘close’ button in the pop-up. If you notice an
installation has been started, cancel immediately to
avoid further damage.

ANTIVIRUS
Antivirus is a software, also known as anti-malware.
Initially, antivirus software was developed to detect
and remove viruses only and hence the name anti-
virus. However, with time it has evolved and now comes
bundled with the prevention, detection, and removal of
a wide range of malware.
Methods of Malware Identification used by
Antivirus
(A) Signature-based detection
In this method, an antivirus works with the help of
a signature database known as “Virus Definition File
(VDF)”. This file consists of virus signatures and is
updated continuously on a real-time basis. This makes
the regular update of the antivirus software a must. If
there is an antivirus software with an outdated VDF, it
is as good as having no antivirus software installed, as
Virus Signature the new malware will infect the system without getting
A virus signature detected. This method also fails to detect malware that
is a consecutive has an ability to change its signature (polymorphic) and
sequence of bytes that the malware that has some portion of its code encrypted.
is commonly found
in a certain malware (B) Sandbox detection
sample. That means
In this method, a new application or file is executed
it’s contained within
the malware or the in a virtual environment (sandbox) and its behavioural
infected file and not in fingerprint is observed for a possible malware. Depending
unaffected files.
on its behaviour, the antivirus engine determines if it
is a potential threat or not and proceeds accordingly.
Although this method is a little slow, it is very safe as
the new unknown application is not given access to
actual resources of the system.
(C) Data mining techniques
This method employs various data mining and machine
learning techniques to classify the behaviour of a file as
either benign or malicious.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 8

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

(D) Heuristics
Often, a malware infection follows a certain pattern.
Here, the source code of a suspected program is
compared to viruses that are already known and are
in the heuristic database. If the majority of the source
code matches with any code in the heuristic database,
the code is flagged as a possible threat.
(E) Real-time protection
Some malware remains dormant or gets activated after
some time. Such malware needs to be checked on a real-
time basis. In this technique, the anti-malware software
keeps running in the background and observes the
behavior of an application or file for any suspicious
activity while it is being executed i.e. when it resides in
the active (main) memory of the computer system.

SPAM
Spam is a broad term and applies to various digital
platforms like messaging, forums, chatting, emailing,
advertisement, etc. However, the widely recognised
form is email spam. Depending on their requirements,
organisations or individuals buy or create a mailing
list (list of email addresses) and repeatedly send
advertisement links and invitation emails to a large
number of users. This creates unnecessary junk in the
inbox of the receiver’s email and often tricks a user into
buying something or downloading a paid software or
malware.
Nowadays, email services like Gmail, Hotmail, etc.
have an automatic spam detection algorithm that filters
emails and makes things easier for the end users. A
user can also mark an undetected unsolicited email as
“spam”, thereby ensuring that such type of email is not
delivered into the inbox as normal email in future.

HTTP VS HTTPS Always look for

the “https://” at
Both the HTTP (Hyper Text Transfer Protocol) and its the beginning of
variant HTTPS (Hyper Text Transfer Protocol Secure) the address (URL)
are a set of rules (protocol) that govern how data can be of the websites
transmitted over the WWW (World Wide Web). In other while entering your
banking, personal,
words, they provide rules for the client web browser and or other sensitive
servers to communicate. information.
HTTP sends information over the network as it is. It
does not scramble the data to be transmitted, leaving

Prof. Manjunatha S, Assistant Professor, SVFC. Page 9

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

it vulnerable to attacks from hackers. Hence, HTTP is

Activity 12.1
Ask your teacher
to show you how to
enable and disable
firewall on your
computer.
sufficient for websites with public information sharing
like news portals, blogs, etc. However, when it comes to
dealing with personal information, banking credentials
and passwords, we need to communicate data more
securely over the network using HTTPS. HTTPS encrypts
the data before transmission. At the receiver end, it
decrypts to recover the original data. The HTTPS based
websites require SSL Digital Certificate.
FIREWALL
Computer firewall is a network security system designed
to protect a trusted private network from unauthorised
access or traffic originating from an untrusted outside
network (e.g., the Internet or different sections of the
same network) to which it is connected (Figure 12.5).
Firewall can be implemented in software, hardware or
both. As discussed earlier, a malware like worm has the
capability to move across the networks and infect other
computers. The firewall acts as the first barrier against
malware.

LAN

WAN
Firewall

Figure 12.5: A firewall between two networks

A firewall acts as a network filter and based on the

predefined security rules, it continuously monitors
and controls the incoming and outgoing traffic. As an
example, a rule can be set in the firewall of a school
LAN, that a student cannot access data from the finance

Prof. Manjunatha S, Assistant Professor, SVFC. Page 10

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

server, while the school accountant can access the

finance server.
12.6.1 Types of Firewall
• Network Firewall: If the firewall is placed between
two or more networks and monitors the network
traffic between different networks, it is termed as
Network Firewall.
• Host-based Firewall: If the firewall is placed on a
computer and monitors the network traffic to and
from that computer, it is called a host-based firewall.

COOkIES Assume students in

a class are to finish
The term "cookie" was derived from the term "magic their project. For
cookie" used by Unix programmers to indicate a packet this, the access to
of data that a program receives and sends it back the Internet has also
been given. To ensure
unchanged. A computer cookie is a small file or data
maximum output i.e
packet, which is stored by a website on the client’s timely completion, can
computer. A cookie is edited only by the website that you utilise Firewall
created it, the client’s computer acts as a host to store to prevent distraction
the cookie. Cookies are used by the websites to store while surfing the net?
browsing information of the user. For example, while
going through an e-commerce website, when a user adds
items to cart, the website usually uses cookies to record
the items in the cart. A cookie can also be used to store
other user-centric information like login credentials,
language preference, search queries, recently viewed
web pages, music choice, favorite cuisine, etc., that
helps in enhancing the user experience and making
browsing time more productive.
Depending upon their task, there are different types
of cookies. Session cookies keep track of the current
session and even terminate the session when there is a
time-out (banking website). So, if you accidentally left
your e-banking page open, it will automatically close
after the time-out. Similarly, authentication cookies
are used by a website to check if the user is previously
logged in (authenticated) or not. This way, you don’t Activity
need to login again and again while visiting different Open your internet
web pages or links of the same website. You might have browser and check the
also noticed that certain information like your Name, settings for cookies.
Address, Contact, D.O.B, etc. automatically fills up Also, try to locate some
cookie files on
while filling an online form. This auto-fill feature is also your computer
implemented by websites using cookies. system.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 11

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

Threats due to Cookies

Usually, cookies are used for enhancing the user’s
browsing experience and do not infect your computer
with malware. However, some malware might disguise
as cookies e.g. “supercookies”. There is another type of
cookie known as “Zombie cookie” that gets recreated
after being deleted. Some third-party cookies might
share user data without the consent of the user for
advertising or tracking purposes. As a common example,
if you search for a particular item using your search
engine, a third-party cookie will display advertisements
showing similar items on other websites that you
visit later. So, one should be careful while granting
permission to any websites to create and store cookies
on the user computer.

HACkERS AND CRACkERS

Hackers and crackers are people having a thorough
knowledge of the computer systems, system software
(operating system), computer networks, and
programming. They use this knowledge to find loopholes
and vulnerabilities in computer systems or computer
networks and gain access to unauthorised information.
In simple terms, a hacker is a person that is skilled
enough to hack or take control of a computer system.
Depending on the intent, there are different types
of hackers.
White Hats: Ethical Hacker
A hacktivist is a
hacker with an aim to If a hacker uses its knowledge to find and help in fixing
bring about political the security flaws in the system, its termed as White
and social change. Hat hacker. These are the hackers with good intentions.
They are actually security experts. Organisations hire
ethical or white hat hackers to check and fix their
systems for potential security threats and loopholes.
Technically, white hats work against black hats.
Black Hats: Crackers
If hackers use their knowledge unethically to break
the law and disrupt security by exploiting the flaws
and loopholes in a system, then they are called black
hat hackers.
Grey Hats
The distinction between different hackers is not always
clear. There exists a grey area in between, which

Prof. Manjunatha S, Assistant Professor, SVFC. Page 12

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

represents the class of hackers that are neutral, they

hack systems by exploiting its vulnerabilities, but they
don’t do so for monetary or political gains. The grey
hats take system security as a challenge and just hack
systems for the fun of it.

NETWORk SECURITY THREATS

Denial of Service
Denial of Service (DoS) is a scenario, wherein an attacker
(Hacker) limits or stops an authorised user to access
a service, device, or any such resource by overloading
that resource with illegitimate requests. The DoS attack
floods the victim resource with traffic, making the
resource appear busy. If attackers carry out a DoS attack
on a website, they will flood it with a very large number
of network packets by using different IP addresses.
This way, the web server would be overloaded and will
not be able to provide service to a legitimate user. The
users will think that the website is not working, causing
damage to the victim’s organisation. Same way, DoS
attacks can be done on resources like email servers,
network storage, disrupting connection between
two machines or disrupting the state of information
(resetting of sessions).
If a DoS attack makes a server crash, the server or
resource can be restarted to recover from the attack.
However, a flooding attack is difficult to recover from,
as there can be some genuine legitimate requests in it
as well.
A variant of DoS, known as Distributed Denial of
Service (DDoS) is an attack, where the flooded requests
come from compromised computer (Zombies) systems
distributed across the globe or over a very large area.
The attacker installs a malicious software known as Bot
on the Zombie machines, which gives it control over
these machines. Depending upon the requirement and
availability, the attacker activates a network of these
Zombie computers known as Bot-Net to carry out the
DDoS attack. While as a simple DoS attack may be
countered by blocking requests or network packets from
a single source, DDoS is very difficult to resolve, as the
attack is carried from multiple distributed locations.

Prof. Manjunatha S, Assistant Professor, SVFC. Page 13

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

Intrusion Problems
Network Intrusion refers to any unauthorised activity
on a computer network. These activities may involve
unauthorised use of network resources (DoS) or
threatening the security of the network and the data.
Network intrusion is a very serious problem and the
network administrator needs to devise strategy and
implement various security measures to protect the
network. We have already discussed some of the
intrusion attacks such as DoS, Trojans, and Worms.
The remaining attacks are briefly discussed below.
(A) Asymmetric Routing
The attacker tends to avoid detection by sending the
intrusion packets through multiple paths, thereby
bypassing the network intrusion sensors.
(B) Buffer Overflow Attacks
In this attack, the attacker overwrites certain memory
areas of the computers within the network with code
(set of commands) that will be executed later when the
buffer overflow (programming error) occurs. Once the
malicious code is executed, an attacker can initiate a
DoS attack or gain access to the network.
(C) Traffic Flooding
It is one of the most trivial methods of network intrusion.
It involves flooding the network intrusion detection
system with message packets. This huge load leaves the
network detection system incapable of monitoring the
packets adequately. The hacker takes advantage of this
congested and chaotic network environment to sneak
into the system undetected.
Snooping
URL Snooping
Snooping means secretly listening to a conversation.
It is a software In the context of networking, it refers to the process of
package that secret capture and analysis of network traffic. It is a
downloads and stores
a web stream as a file, computer program or utility that has a network traffic
that can be viewed monitoring capability. In this attack, the hacker taps or
or used later. The listens to a channel of communication by picking all of
common online video the traffic passing through it. Once the network packets
downloaders use the are analysed by the snooping device or software, it
same techniques to
reproduces the exact traffic packets and places them
download videos from
the Web. back in the channel, as if nothing has happened. So,
if the data that is being sent over the network is not
encrypted, it is vulnerable to snooping and eventually

Prof. Manjunatha S, Assistant Professor, SVFC. Page 14

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

may cause serious damage, depending upon the type of

information leak. However, snooping is not always an
attack, at times it is also used by network administrators
for troubleshooting various network issues. Snooping is
also known as Sniffing.
Various snooping software exist that act as network
traffic analyser. Besides, various network hubs and
switches have a SPAN (Sniffer Port Analyser) port
function for snooping.
Eavesdropping
The term eavesdropping has been derived from the
literal practice of secretly listening to the conversations
of people by standing under the eaves of a house. Unlike
snooping, where the network traffic can be stored for later
analysis, eavesdropping is an unauthorised real-time
interception or monitoring of private communication
between two entities over a network. Also, the targets
1
0

Figure 12.6: Eavesdropping

are usually the private communication channels like
phone calls (VoIP), instant messages, video conference,
fax transmission, etc. In older days, eavesdropping
was performed on the conventional telephone line and
was known as wiretapping. Digital devices like laptops
and cell phones that have a built-in microphone or
camera can be easily hacked and eavesdropped using
rootkit malware.
Eavesdropping is different from Snooping. While the
former happens in real time, the latter does not. As an

Prof. Manjunatha S, Assistant Professor, SVFC. Page 15

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

example, in eavesdropping, imagine someone listening

to your private conversation with the help of a hidden
microphone in your room or by physically standing near
the window of your room. However, in snooping, that
person may make a copy of a letter that is addressed to
your friend and keep the copy with himself and send the
original letter to the intended address.

SUMMARY
• Malware is a software developed with an intention
to damage computer hardware, software, steal
data, or cause any other trouble to a user.
• A virus is a piece of software code created
to perform malicious activities and hamper
resources of a computer system.
• The Worm is also a malware that incurs
unexpected or damaging behaviour on an infected
computer system.
• Worms are standalone programs that are capable
of working on its own.
• Ransomware is a type of malware that targets
user data.
• Ransomware either blocks the user from
accessing their own data or threatens to publish
their personal data online and demands ransom
payment against the same.
• Trojan is a malware, that looks like a legitimate
software and once it tricks a user into installing
it, it acts pretty much like a virus or a worm.
• Spyware records and sends the collected
information to an external entity without the
consent or knowledge of a user.
• An adware displays unwanted online
advertisements using pop-ups, web pages, or
installation screens.
• A keylogger makes logs of daily keyboard usage
and may send it to an external entity as well.
• The on-screen keyboard is an application software
that uses a fixed QWERTY key layout.
• Online virtual keyboard is a web-based or a
standalone software with a randomised key
layout every time it is used.
• A malware can take many routes to reach your
computer, which include: Downloaded from the

Prof. Manjunatha S, Assistant Professor, SVFC. Page 16

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

Internet, Spam Email, using infected Removable

Storage Devices, and network propagation.
• An antivirus software is used to detect and remove
viruses and hence the name anti-virus.
• Antiviruses now come bundled with the prevention,
detection, and removal of a wide range of malware.
• Some of the prominent methods of malware
identification used by an antivirus include:
Signature-based detection, Sandbox detection,
Heuristics.
• Any unwanted data, information, email,
advertisement, etc. is called Spam.
• HTTP (Hyper Text Transfer Protocol) and HTTPS
(Hyper Text Transfer Protocol Secure) are a set
of rules or protocol that govern how data can be
transmitted over the World Wide Web.
• Firewall is a network security system designed
to protect a trusted private network from
unauthorised access or traffic originating from an
untrusted external network.
• There are two basic types of firewalls — Network
Firewall and Host-based Firewall.
• A computer cookie is a small file or data packet,
which is stored by a website on the client’s
computer.
• Cookies are used by the websites to store browsing
information of the user.
• Hackers/Crackers find loopholes and
vulnerabilities in computer systems or computer
networks and gain access to unauthorised
information.
• If a hacker uses its knowledge to find and help in
fixing the security flaws in the system, its termed
as White Hat hacker.
• If hackers use their knowledge unethically to
break the law and disrupt security by exploiting
the flaws and loopholes in a system, then they are
called black hat hackers.
• The grey hats take system security as a challenge
and just hack systems for the fun of it.
• The Denial of Service (DoS) attack floods the
victim resource with traffic, making the resource
appear busy.
• Distributed Denial of Service (DDoS) is an
attack, where the flooded requests come from

Prof. Manjunatha S, Assistant Professor, SVFC. Page 17

 SAI VIDYA FIRST GRADE COLLEGE, Rajanukunte, Bengaluru-64.

compromised computer (Zombies) systems

distributed across the globe or over a very
large area.
• Network Intrusion refers to any unauthorised
activity on a computer network.
• Snooping is the process of secret capture and
analysis of network traffic by malicious users.
• Eavesdropping is an unauthorised real-
time interception or monitoring of private
communication between two entities over
a network.

MODEL QUESTIONS ON SECURITY ASPECTS

1. Why is a computer considered to be safe if it is not
connected to a network or Internet?
2. What is a computer virus? Name some computer viruses
that were popular in recent years.
3. How is a computer worm different from a virus?
4. How is Ransomware used to extract money from users?
5. How did a Trojan get its name?
6. How does an adware generate revenue for its creator?
7. Briefly explain two threats that may arise due to a
keylogger installed on a computer.
8. How is a Virtual Keyboard safer than On Screen
Keyboard?
9. List and briefly explain different modes of malware
distribution.
10. List some common signs of malware infection.
11. List some preventive measures against malware
infection.
12. Write a short note on different methods of malware
identification used by antivirus software.
13. What are the risks associated with HTTP? How can we
resolve these risks by using HTTPS?
14. List one advantage and disadvantage of using Cookies.
15. Write a short note on White, Black, and Grey Hat
Hackers.
16. Differentiate between DoS and DDoS attack.
17. How is Snooping different from Eavesdropping?

Prof. Manjunatha S, Assistant Professor, SVFC. Page 18