The Internet

The World Wide Web

The internet is the infrastructure while the wolrd wide web is a collection of websites and web pages accessed using the internet.

Uniform Resource Locator

A URL is a text-based address for a web page. It can contain the protocol, the domain name, and the name of the web page or file.

For example, https://igcse.cyclic.app/sitemap.xml is a URL where:

  • https is the protocol
  • igcse.cyclic.app is the domain name
  • sitemap.xml is the file name
🤔
Sitemaps allow web crawlers like Googlebot to index web pages and display them in search engine results.

Protocols

Some of the most common protocols are:

  • HyperText Transfer Protocol
  • HyperText Transfer Protocol Secure
  • Simple Mail Transfer Protocol
  • WebSocket

HTTP

HTTP is the protocol used for transferring data between a client and a server on the internet. It sends data in plain text format which makes it vulnerable to interception.

HTTPS

HTTPS is a secure version of HTTP that uses encryption to protect data transferred between a client and a server.

HTTPS uses security protocols such as SSL or TLS (successor of SSL). These security protocols use a combination of symmetric and asymmetric encryption to secure data.

  • Browser (client) requests secure connection to server
  • Browser requests server to identify itself
  • Server provides a digital certificate
  • Browser validates certificate
  • Data transmission takes place

Web Browser

The main purpose of a web browser is to render HyperText Markup Language (HTML) on a web page.

âš 
HTML is not a programming language.

Other functions of a web browser include:

  • storing bookmarks
  • recording user history
  • allowing use of multiple tabs
  • storing cookies
  • providing navigation tools
  • providing an address bar

Web Page Retrieval

Websites are hosted on a web server that has its own IP address. A browser needs to know the IP address of this web server to locate its resources such as HTML web pages and other files. A Domain Name System (DNS) is used to find the IP address of the domain name in a URL. This makes it easier for users to locate web pages because they can memorise domain names more easily than IP addresses.

A URL is converted into an IP address suring the DNS process. This process can involve multiple DNS servers if the first server is unable to find the IP of the given URL.

  1. User clicks a link or enters a URL in the address bar of browser
  2. Browser requests DNS server for the IP of URL
  3. DNS server maps the URL to an IP
  4. DNS server sends IP to browser
  5. Browser initiates communication with web server and downloads the requested web pages
  6. Browser renders HTML and displays it to user

Cookies

Cookies are small text files that are sent between a web browser and a web server.

Cookies have a variety of functions such as:

  • storing login details
  • saving personal details
  • tracking user preferences
  • holding items in an online shopping cart
🤔
Coookies are harmless, but hackers could use the data stored in cookies to steal personal information. They are not very tasty either.

Digital Currency

A digital currency is a type of currency that only exists electronically. It has no physical form like fiat currency issued by governments.

Blockchain

Blockchain is an example of a decentralised system because it is not controlled by a singular and central authority.

Blockchain is basically a digital ledger with a time-stamped series of records that are impossible to alter. Each block:

  • represents a transaction and contains data related to the:
    • sender
    • recipient
    • amount of money
    • currency
  • has a timestamp
  • has a hash that acts as a unique identifier or digital fingerprint
  • except the first block stores the hash value of the previous block in the chain

Cyber Security

Threats

Different cyber security threats have different aims and processes although most have similar aims.

Brute-Force

A brute-force attack relies on trial and error to guess a password.

  • Combinations are repeatedly entered until correct password is found
  • Can be done automatically by software or manually

These attacks have many aims such as:

  • damaging reputation of a business
  • installing malware
  • stealing, deleting, and changing data
  • locking accounts

Denial of Service

A DoS attack is carried out by sending multiple requests per second to overwhelm a web server and make it unresponsive.

A distributed denial of service (DDoS) attack involved multiple devices making requests. It is often done using a botnet.

  • Offender installs malware on multiple devices to create a botnet
  • Offender initiates DDoS attack remotely
  • Botnet sends multiple requests to web server
  • Server is overwhelmed and shuts down
  • Legitimate users are no longer able to connect to the unresponsive web server

Pharming

Pharming happens when malware downloaded on a user's hard drive or a web server redirects the user to a fake website which usually serves a malicious purpose.

  1. User clicks malicious link and downloads malware
  2. User types in a web address or clicks a link but gets redirected to a fake website

Solutions

Access Levels

Access levels provide users with different permissions for data. They notably limit access to:

  • reading data
  • editing data

An access level is usually controlled by a username. Users with a higher access level will have more permissions or higher privileges.

Firewall

A firewall is software or hardware that:

  • filters traffic
  • blocks unauthorised access
  • maintains logs

Firewalls can also be configured to warn the user of a potentially malicious website and prevent the user from accessing it.