Chapter 5

The difference between the

internet and world wide web
• Internet
• Definition:The Internet is a vast network that connects
computers all over the world.
• Through the Internet, people can share information and
communicate from anywhere with an Internet connection.
• World wide web
• World Wide Web, which is also known as a Web, is a
collection of websites or web pages stored in web servers
and connected to local computers through the internet.
• These websites contain text pages, digital images, audios,
videos, etc.
Difference between internet and www
Uniform resource locator
• A URL (uniform resource locator) it’s a type of uniform
resource identifier (URI) that provides a way to access
information from remote computers, like a web server and
cloud storage.
• The structure of a URL is as follows
protocol://website address/path/file name
Uniform Resource Locator

The protocol is usually either http or https.

The website address is:
• domain host (www),
• domain name (website name),
• domain type (.com, .org, .net, .gov, for example),
• and sometimes country code (.uk, .de, .cy, for example).
• The path is the web page, but is often omitted and it then becomes the root directory of the website (see
example below).
• The file name is the item on the web page. For example:
• https://www.hoddereducation.co.uk/ict
 Definition: Browsers are software that allow a user to access
and display web pages on their device screens. Browsers
interpret (translate) the HTML from websites and show the
result of the translation.
Features
Browsers and • they have a home page

its features • they can store a user’s favourite websites/web pages

(referred to as bookmarks)
• they keep a history of websites visited by the user (user
history)
• they have the ability to allow the user to navigate forwards
and backwards
Retrieval and location
of webpages
• The user opens their browser and types in the URL and the
browser asks the DNS server for the IP address of the website.
• address is sent back to the DNS server which now puts this IP
address and associated URL into its cache/database.
• This IP address is then sent back to the user’s computer.
• The computer now sets up a communication with the website
server and the required pages are downloaded.
• HTML files are sent from the website server to the computer.
• The browser interprets the HTML, which is used to structure
content, and then displays the information on the user’s
computer.
 • Cookies are small files or code stored on a user’s computer
which are sent by a web server to a browser on a user’s
computer.
• Each cookie is effectively a small look-up table containing
pairs of (key, data) values, for example, (surname, Jones)
Cookies (music, rock).
There are two types of cookie:
» session cookie
» persistent (or permanent) cookie.
Session cookies

Session cookies are cookies that last for a session.

A session starts when you launch a website or web app and ends
when you leave the website or close your browser window.

Session cookies contain information that is stored in a temporary

memory location which is deleted after the session ends.
 • A persistent cookie is a file stored on a user's computer
that remembers information, settings, preferences, or sign-
Persistent on credentials that the user has previously saved.

cookies • This saves time and creates a more convenient website

experience.
• Webservers set an expiration date on these cookies.
 Uses of cookies

ARE USED IN ONLINE ALLOW PROGRESS IN ONLINE ALLOW SOCIAL NETWORKING ALLOW DIFFERENT STORE USERS’ PREFERENCES
FINANCIAL TRANSACTIONS GAMES AND QUIZZES TO BE SITES TO RECOGNISE CERTAIN LANGUAGES TO BE USED ON (FOR EXAMPLE, RECOGNISE
STORED PREFERENCES AND BROWSING THE WEB PAGES CUSTOMISED WEB PAGES)
HISTORIES AUTOMATICALLY AS SOON AS
USERS LOG ON.
Digital currency

• What is digital currency?

• Digital currency is a term for money that exists
in only a digital form.
• There are no physical papers, but you can
transfer and exchange them for other forms of
currencies.
• For instance, you can use digital currency to
shop online and pay bills just as you would use
the money on your mobile banking application.
• Unlike the money in your bank, though, digital
currency has no physical papers or coins.
 Crypto currency

Cryptocurrency, as the name, implies It exists only on the internet and is The issuance, distribution, and other Transactions are almost impossible to
is a form of digital currency backed by not controlled or issued by any central monetary policies are hard-coded into reverse and stored on the database
cryptography. party such as your local bank. a decentralized computer network forever.
that all participants can easily verify.
Blockchaining

• Blockchain is a decentralised database.

• All the transactions of networked members are
stored on this database.
• Essentially, the blockchain consists of a number
of interconnected computers but they are not
connected to a central server.
• All transaction data is stored on all computers
in the blockchain network.
How blockchain works?

Whenever a new transaction

therefore it cannot be This effectively removes the
takes place, all the
changed without the consent risk of security issues such as
networked computers get a
of all the network members. hacking.
copy of the transaction;
Uses of blockchain

• cryptocurrency (digital currency) exchanges

• smart contracts
• research (particularly within pharmaceutical
companies)
• politics
• education.
Cyber security threats

A cyber security threat is a type of threat that targets computer networks,

systems, and user data. These threats can come in the form of malware, phishing,
and other malicious activity.

List of cyber threats

• brute force attacks

• data interception
• distributed denial of service (DDoS) attacks

• hacking

• malware (viruses, worms, Trojan horse, spyware, adware and ransomware)

• phishing

• pharming

• social engineering.
Distributed denial-of-service (DDoS) attack

• A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal

traffic of a targeted server, service or network by overwhelming the target or its
surrounding infrastructure with a flood of Internet traffic.
How does a DDoS
attack work?
• DDoS attacks are carried out with networks of Internet-connected machines.
• These networks have been infected with malware, allowing them to be controlled
remotely by an attacker. These individual devices are referred to as bots.
• Once a botnet has been established, the attacker is able to direct an attack by
sending remote instructions to each bot.
• When a victim’s server or network is targeted by the botnet, each bot sends
requests to the target’s IP address, potentially causing the server or network to
become overwhelmed, resulting in a denial-of-service to normal traffic.
• Because each bot is a legitimate Internet device, separating the attack traffic from
normal traffic can be difficult.
 How to identify a DDoS attack

Suspicious amounts of traffic originating from a single IP address or IP range.

A flood of traffic from users who share a single behavioural profile, such as device type,
geolocation, or web browser version.

An unexplained surge in requests to a single page or endpoint.

Odd traffic patterns such as spikes at odd hours of the day or patterns that appear to be
unnatural (e.g. a spike every 10 minutes).
 How to guard against DDoS attack

1 2 3
using an up-to-date setting up a firewall to applying email filters
malware checker restrict traffic to and to filter out unwanted
from the web server traffic (for example,
or user’s computer spam).
Brute force attack

• A brute force attack is a hacking method that uses trial and error to crack passwords, login
credentials, and encryption keys.
• It is a simple yet reliable tactic for gaining unauthorized access to individual accounts and
organizations’ systems and networks.
• The hacker tries multiple usernames and passwords, often using a computer to test a
wide range of combinations, until they find the correct login information.
Hacking

• Hacking is generally the act of gaining illegal access to a computer system without the
user’s permission.
• This can lead to identity theft or the gaining of personal information; data can be deleted,
passed on, changed or corrupted.
• Hacking in cyber security refers to the misuse of devices like computers, smartphones,
tablets, and networks to cause damage to or corrupt systems, gather information on
users, steal data and documents, or disrupt data-related activity.
Types of hacking

Ethical hacking
• An authorized attempt to acquire unauthorized access to a computer
system, application, or data is referred to as ethical hacking.
• Duplicating the techniques and behaviours of malicious attackers is part
of ethical hacking.
• This approach helps detect security flaws, which can subsequently be
addressed before a malevolent attacker can exploit them.
Types of hacking

Malicious hacking
• Malicious hackers, also referred to as black hat hackers operate with malicious intent to
compromise security, steal sensitive data, or disrupt systems.
• Their motivation varies from financial gain to ideological reasons, seeking personal benefit
at the expense of others.
Types of
malwares
Phishing
• Phishing occurs when a cybercriminal sends
out legitimate-looking emails to users.
• The emails may contain links or
attachments that, when initiated, take the
user to a fake website; or they may trick the
user into responding with personal data (for
example, bank account details or
credit/debit card details).
How to prevent phishing attacks?
• users need to be aware of new phishing scams;
• it is important not to click on any emails links unless totally certain that it is
safe to do so;
• it is important to run anti-phishing toolbars on browsers since these will
alert the user to malicious websites contained in an email.
• always look out for https or the green padlock symbol in the address bar.
• regular checks of online accounts are also advisable as well as maintaining
passwords on a regular basis.
• ensure an up-to-date browser is running on the computer device
• be very wary of pop-ups and use the browser to block them;
Pharming

• Pharming is malicious code

installed on a user’s computer or
on an infected website.
• The code redirects the user’s
browser to a fake website
without the user’s knowledge.
How to mitigate against the risk of pharming?
• Use of anti-virus software can detect unauthorised alterations to a
website address and warn the user of the potential risks.
• Many modern browsers can alert users to pharming and phishing
attacks.
• It is very important to check the spelling of websites to ensure the
web address used is correct.
• Use of https or the green padlock symbol in the address bar is an
additional form of defence.
 • Social engineering occurs when a cybercriminal creates a

Social social situation that can lead to a potential victim dropping

their guard. It involves the manipulation of people into
engineering breaking their normal security procedures and not
following best practice.
Types of
threats
which
commonly
exist
Access levels
• Access levels are a way for organizations to control who has access to
information or resources.
• They are also known as security labels, permissions, roles, rights, or
privileges.
• Access levels are often used to determine whether someone should
be able to view certain documents or perform certain tasks.
Types of access levels
There are usually four access levels:
1. Public access (this refers to the data anyone from the general public
can access)
2. friends (only people identified as ‘friends’ by the owner of the data
can see certain data)
3. custom (this allows the user to further refine what data can be seen
by ‘friends’ allowing them to exclude certain content from selected
people)
4. data owner (this is data only the owner of the data can see).
Anti-spyware
• Anti-spyware is a cybersecurity tool designed to detect and remove
spyware (malware that is secretly installed on a device to collect data
about the user).
General features
• detect and remove spyware already installed on a device
• prevent a user from downloading spyware
• encrypt files to make the data more secure in case it is ‘spied’ on
• encryption of keyboard strokes to help remove the risk posed by the
keylogging aspects of some spyware
Authentication
• Authentication is a security process followed to verify and
confirm the identity of an individual, device, or system
attempting to access a particular resource or service.
Biometrics
• Biometrics can be used in much the same way as passwords as a way
of identifying a user. Biometrics relies on certain unique
characteristics of human beings; examples include:
• fingerprint scans
• retina scans
• face recognition
• voice recognition.
Two factor authentication
• Two-factor authentication (2FA) is a security system in which
the user trying to access a system or application is required to
verify in two distinct ways instead of just a password.
Firewalls
A firewall is a network security device that monitors incoming and outgoing network traffic and
decides whether to allow or block specific traffic based on a defined set of security rules.
Main tasks carried out by a firewall
• to examine the ‘traffic’ between user’s computer (or internal network) and a public network (for
example, the internet)
• checks whether incoming or outgoing data meets a given set of criteria
• if the data fails the criteria, the firewall will block the ‘traffic’ and give the user a warning that
there may be a security issue
• the firewall can be used to log all incoming and outgoing ‘traffic’ to allow later interrogation by
the user (or network manager)
• criteria can be set so that the firewall prevents access to certain undesirable sites; the firewall can
keep a list of all undesirable IP addresses
• it is possible for firewalls to help prevent viruses or hackers entering the user’s computer (or
internal network)
Proxy server
• A proxy server refers to a server that acts as an intermediary
between the request made by clients, and a particular server
for some services or requests for some resources.
Features of proxy server
• allows internet traffic to be filtered; it is possible to block access to a website if necessary
• keeps users’ IP addresses secret which improves security
• if the internet traffic is valid, access to the web server is allowed
• if the internet traffic is invalid, access to the web server is denied
• it is possible to block requests from certain IP addresses
• prevents direct access to a web server by sitting between the user and the web server
• if an attack is launched, it hits the proxy server instead – this helps to prevent hacking, DoS, and so on
• used to direct invalid traffic away from web servers which gives additional protection
• by using the feature known as a cache, it is possible to speed up access to information/data from a website;
• when the website is first visited, the home page is stored on the proxy server; when the user next visits the
website, it now comes from the proxy server cache instead, giving much faster access
• proxy servers can also act as firewalls.
Privacy settings
Privacy settings are the controls available on web browsers, social networks and other websites that
are designed to limit who can access and see a user’s personal profile. They were discussed earlier
in the section on access rights.
Privacy settings can refer to:
• a ‘do not track’ setting; the intention here is to stop websites collecting and
• using browsing data which leads to improved security
• a check to see if payment methods have been saved on websites; this is a useful safety feature
which prevents the need to type in payment details again
• safer browsing; an alert is given when the browser encounters a potentially dangerous website
• web browser privacy options (e.g. storing browsing history, storing cookies)
• website advertising opt-outs; a website may be tracked by any number of third
• parties who gather information about your browsing behaviour for advertising purposes apps; for
instance, the sharing of location data in map apps can be switched off.
Secure Socket Layer

• Secure Sockets Layer (SSL) is a type of

protocol – a set of rules used by
computers to communicate with each
other across a network. This allows
data to be sent and received securely
over the internet.
Examples where SSL can be used
• online banking and all online financial transactions
• online shopping/commerce
• when sending software out to a restricted list of users
• sending and receiving emails
• using cloud storage facilities
• intranets and extranets (as well as the internet)
• Voice over Internet Protocols (VoIP) when carrying out video chatting
and/or audio chatting over the internet
• used in instant messaging
• when making use of a social networking site.