Internet, Database, Cyber Crime
Transcript of Internet, Database, Cyber Crime
Lecture 12Internet, Database,
Cyber Crime
Lecturer: Sumaira Hussain
S.M.I University
Internet
A collection of interconnected networks – looks like a single, unified network
Internet
Enables users located at far-way locations to easily share information with others located all over the world
Enables users to easily and inexpensively communicate with others located all over the world
Enables the users to operate and run programs on computers located all over the world
The Internet is unlike any previous human invention. It is a world-wide resource, accessible to all of the humankind.
Key Characteristics
Geographic DistributionGlobal - reaches around the
world Robust Architecture
Adapts to damage and error Speed
Data can travels at near ‘c’ on copper, fiber, airwaves
Key Characteristics
Universal AccessSame functionality to everyone
Growth RateThe fastest growing technology
ever Freedom of Speech
Promotes freedom of speech The Digital Advantage
Is digital: can correct errors
Internet Networking Protocol
Communications on the Internet is controlled by a set of two protocols: TCP and IPTCP/IP Transmission Control Protocol/Internet ProtocolTCP breaks down the message to be sent over the Internet into packetsIP routes these packets through the Internet to get them to their destinationWhen the packets reach the destination computer, TCP reassembles them into the original message
IP Address
A unique identifier for a computer on a TCP/IP network
Format: four 8-bit numbers separated by periods. Each 8-bit number can be 0 to 255
Example: www.smiu.edu.pk (192.254.232.36)
Domain Name
A domain name is a meaningful, easy-to-remember ‘label’ for an IP address
Example: www.smiu.edu.pk (192.254.232.36)
Domain Name System
DNS is the way that Internet domain names are located & translated into IP addresses
Internet Services
FTP Telnet Web eMail Instant messaging VoIP
File Transfer Protocol (FTP)
Used to transfer files between computers on a TCP/IP network (e.g. Internet)
Simple commands allow the user to: List, change, create folders on a remote
computer Upload and download files Typical use: Transferring Web content from
the developer’s PC to the Web server
Telnet Protocol
Using Telnet, a user can remotely log on to a computer (connected to the user’s through a TCP/IP network, e.g. Internet) & have control over it like a local user, including control over running various programs
In contrast, FTP allows file operations only Typical use: Configuring and testing of a
remote Web server
Web
The greatest, shared resource of information created by humankind
A user may access any item on the Web through a URL, e.g.
http://smiu.edu.pk/under-graduate-programs.php
Protocol Identifier
Server Address Directory & File Name
E-Mail Computer-to-computer messaging Components:eMail Clients Programs used for writing, sending, receiving, and
displaying eMail messages Example: YahooMailSMTP: Simple Mail Transfer Protocol A protocol used to send and receive eMail
messages over a TCP/IP networkPOP3: Post Office Protocol A protocol used for receiving eMail messages A POP3 server maintains text files (one file per user
account) containing all messages received by a user
Instant Messaging
The IM services available on the Internet (e.g. ICQ, AIM, MSN Messenger, Yahoo! Messenger) allow us to maintain a list of people (contacts) that we interact with regularly
We can send an instant messages to any of the contacts in our list as long as that contact is online
Voice over IP (VoIP)
Voice delivered from one device to another using the Internet Protocol
Voice is first converted into a digital form, is broken down into packets, and then transmitted over a TCP/IP network (e.g. Internet)
Data & Information
Data refers to raw facts & figures Information is an organized form of
data
Data Integrity
Integrity refers to maintaining the correctness and consistency of the data
– Correctness: Free from errors– Consistency: No conflict among related data items Integrity can be compromised in many ways:– Typing errors– Transmission errors– Hardware malfunctions– Program bugs– Viruses– Fire, flood, etc.
Database
A collection of data organized in such a fashion that the computer can quickly search for a desired data item
Database Management System
DBMS takes care of the storage, retrieval, and management of large data sets on a database
It provides SW tools needed to organize & manipulate that data in a flexible manner
It includes facilities for:– Adding, deleting, and modifying data– Making queries about the stored data– Producing reports summarizing the required contents
Database Characteristics
Similar items of data form a column Fields placed in a particular row are strongly
interrelated One can sort the table w.r.t. any column That makes searching straight forward e.g., for all
the books written by a certain author Similarly, searching for the 10 cheapest/most
expensive books can be easily accomplished through a sort
Effort required for adding a new column to the table is much smaller
Example
Title Author Publisher Price InStock
The TerribleTwins
Bhola Champion
BholiBooks 199 Y
Calculus &AnalyticalGeometry
SmithSahib
GoodPublishers
325 N
AccountingSecrets
ZaminGeoffry
Sung-e-KilometerPublishers
29 Y
Example
Customer Title Shipment TypeSaad The Terrible
Twins24-10-2014 Air
Asad Calculus &AnalyticalGeometry
23-03-2014 Surface
Ali AccountingSecrets
12-06-2014 Air
They share a column, & are related through it A program can match info from a field in one table with info in a corresponding field of another table to generate a 3rd table that combines requested data from both tables
Question
who has spent the most money on the online bookstore
Answer
Customer PriceSaad 199
Asad 325
Ali 29
Relational Database
Databases consisting of two or more related tables are called relational databases
A typical relational database may have anywhere from 10 to over a thousand tables
Each column of those tables can contain only a single type of data (contrast this with spreadsheet columns!)
Table rows are called records; row elements are called fields
A relational database stores all its data inside tables, and nowhere else
All operations on data are done on those tables or those that are generated by table operations
RDBMS
Relational DBMS software Contains facilities for creating, populating,
modifying, and querying relational databases
Examples:–Access – DB2–FileMaker Pro – Objectivity/DB–SQL Server – MySQL–Oracle – Postgres
Terminologies
Primary Key is a field that uniquely identifies each record stored in a table
Queries are used to view, change, and analyze data. They can be used to:
– Combine data from different tables, efficiently– Extract the exact data that is desired Forms can be used for entering, editing, or viewing data, one
record at a time Reports are an effective, user-friendly way of presenting data. Data normalization is the process of efficiently organizing
data in a database. There are two goals of the normalization process:
– Eliminate redundant data– Storing only related data in a table
Cyber Crime
07 February 2000• Users trying to get on to the Web sites of Yahoo, couldn’t!• Reason: Their servers were extremely busy!• They were experiencing a huge number of hits• The hit-rate was superior to the case when a grave incident (e.g. 9/11) occurs,
andpeople are trying to get info about what has happened• The only problem was that nothing of note had taken place!What was going on?• A coordinated, distributed DoS (Denial of Service) attack was taking place• Traffic reached 1 GB/s; many times of normal!• In the weeks leading to the attack, there was a noticeable rise in the number ofscans that Internet servers were receiving• Many of these scans appeared to originate from IP addresses that traced back toKorea, Indonesia, Taiwan, Australia
Three Phases of the DoS1. Search for Drones• The attackers set about acquiring the control over the computers to be used in theattack … • by scanning – using e.g. Sscan SW – a large numbers of computers attached to theInternet• Once a computer with a weak security scheme is identified, the attackers try abreak-in• Once conquered, that computer – called a drone – will be used to scan others2. Arming the Drones• After several drones have been conquered, the DoS SW is loaded on to them• Examples: Tribal Flood Network, Trinoo, TFN2K• Like a time-bomb, that SW can be set to bring itself into action at a specified time• Alternatively, it can wait for a commencement command from the attacker3. The Actual Attack• At the pre-specified time or on command, the SW implanted on all of the droneswakes-up and starts sending a huge number of messages to the targeted servers• Responding to those messages overburdens the targeted servers and they becomeunable to perform their normal functions
DoS Attack: A Cyber Crime DoS is a crime, but of a new type - made possible by the
existence of the Internet A new type of policing and legal system is required to tackle
such crimes and their perpetrators Internet does not know any geographical boundaries,
therefore jurisdiction is a key issue when prosecuting the cyber-criminal
Cyber crime can be used to … Damage a home computer Bring down a business Weaken the telecom, financial, or even defense-related
systems of a country
Viruses Self-replicating SW that eludes detection and is
designed to attach itself to other files Infects files on a computers through:– Floppy disks, CD-ROMs, or other storage media– The Internet or other networks Viruses cause tens of billions of dollars of damage each
year One such incident in 2001 – the LoveBug virus – had an
estimated cleanup/lost productivity cost of US$8.75 billion
The first virus that spread world-wide was the Brain virus, and was allegedly designed by someone in Lahore
Antivirus SW
Designed for detecting viruses & inoculating Continuously monitors a computer for known
viruses and for other tell-tale signs like:– Most – but, unfortunately not all – viruses increase
the size of the file they infect– Hard disk reformatting commands– Rewriting of the boot sector of a hard disk The moment it detects an infected file, it can
automatically inoculate it, or failing that, erase it