UNIT - V

Application Layer –Domain name system, SNMP, Electronic Mail; the World WEB, HTTP,
Streaming audio and video.

INTRODUCTION

Application layer is the top most layer in OSI and TCP/IP layered model. This layer exists in
both layered Models because of its significance, of interacting with user and user
applications. This layer is for applications which are involved in communication system.
A user may or may not directly interacts with the applications. Application layer is where
the actual communication is initiated and reflects. Because this layer is on the top of the
layer stack, it does not serve any other layers. Application layer takes the help of Transport
and all layers below it to communicate or transfer its data to the remote host.
When an application layer protocol wants to communicate with its peer application layer
protocol on remote host, it hands over the data or information to the Transport layer. The
transport layer does the rest with the help of all the layers below it.

There’is an ambiguity in understanding Application Layer and its protocol. Not every user
application can be put into Application Layer. except those applications which interact with
the communication system. For example, designing software or text-editor cannot be
considered as application layer programs.
On the other hand, when we use a Web Browser, which is actually using Hyper Text
Transfer Protocol (HTTP) to interact with the network. HTTP is Application Layer protocol.
Another example is File Transfer Protocol, which helps a user to transfer text based or
binary files across the network. A user can use this protocol in either GUI based software
like FileZilla or CuteFTP and the same user can use FTP in Command Line mode.
Hence, irrespective of which software you use, it is the protocol which is considered at
Application Layer used by that software. DNS is a protocol which helps user application
protocols such as HTTP to accomplish its work.
The application layer in the OSI model is the closest layer to the end user which means that
the application layer and end user can interact directly with the software application. The
application layer programs are based on client and servers.
The Application layer includes the following functions:
o Identifying communication partners: The application layer identifies the
availability of communication partners for an application with data to transmit.
o Determining resource availability: The application layer determines whether
sufficient network resources are available for the requested communication.
o Synchronizing communication: All the communications occur between the
applications requires cooperation which is managed by an application layer.

2. SERVICES OF APPLICATION LAYERS

o Network Virtual terminal: An application layer allows a user to log on to a remote

host. To do so, the application creates a software emulation of a terminal at the remote
host. The user's computer talks to the software terminal, which in turn, talks to the
host. The remote host thinks that it is communicating with one of its own terminals,
so it allows the user to log on.
o File Transfer, Access, and Management (FTAM): An application allows a user to
access files in a remote computer, to retrieve files from a computer and to manage
files in a remote computer. FTAM defines a hierarchical virtual file in terms of file
structure, file attributes and the kind of operations performed on the files and their
attributes.
o Addressing: To obtain communication between client and server, there is a need for
addressing. When a client made a request to the server, the request contains the server
address and its own address. The server response to the client request, the request
contains the destination address, i.e., client address. To achieve this kind of
addressing, DNS is used.
o Mail Services: An application layer provides Email forwarding and storage.
o Directory Services: An application contains a distributed database that provides
access for global information about various objects and services.
Authentication: It authenticates the sender or receiver's message or both.
Network Application Architecture
Application architecture is different from the network architecture. The network architecture
is fixed and provides a set of services to applications. The application architecture, on the
other hand, is designed by the application developer and defines how the application should
be structured over the various end systems.
Application architecture is of two types:
o Client-server architecture: An application program running on the local machine
sends a request to another application program is known as a client, and a program
that serves a request is known as a server. For example, when a web server receives a
request from the client host, it responds to the request to the client host.
Characteristics Of Client-server architecture:
o In Client-server architecture, clients do not directly communicate with each other. For
example, in a web application, two browsers do not directly communicate with each
other.
o A server is fixed, well-known address known as IP address because the server is
always on while the client can always contact the server by sending a packet to the
sender's IP address.
Disadvantage Of Client-server architecture:
It is a single-server based architecture which is incapable of holding all the requests from the
clients. For example, a social networking site can become overwhelmed when there is only
one server exists.
o P2P (peer-to-peer) architecture: It has no dedicated server in a data center. The
peers are the computers which are not owned by the service provider. Most of the
peers reside in the homes, offices, schools, and universities. The peers communicate
with each other without passing the information through a dedicated server, this
architecture is known as peer-to-peer architecture. The applications based on P2P
architecture includes file sharing and internet telephony.

Features of P2P architecture

o Self scalability: In a file sharing system, although each peer generates a workload by
requesting the files, each peer also adds a service capacity by distributing the files to
the peer.
o Cost-effective: It is cost-effective as it does not require significant server
infrastructure and server bandwidth.
Client and Server processes
o A network application consists of a pair of processes that send the messages to each
other over a network.
o In P2P file-sharing system, a file is transferred from a process in one peer to a process
in another peer. We label one of the two processes as the client and another process as
the server.
 o With P2P file sharing, the peer which is downloading the file is known as a client, and
the peer which is uploading the file is known as a server. However, we have observed
in some applications such as P2P file sharing; a process can be both as a client and
server. Therefore, we can say that a process can both download and upload the files.
3. DOMAIN NAME SYSTEM

An application layer protocol defines how the application processes running on different
systems, pass the messages to each other.
o DNS stands for Domain Name System.
o DNS is a directory service that provides a mapping between the name of a host on the
network and its numerical address.
o DNS is required for the functioning of the internet.
o Each node in a tree has a domain name, and a full domain name is a sequence of
symbols specified by dots.
o DNS is a service that translates the domain name into IP addresses. This allows the
users of networks to utilize user-friendly names when looking for other hosts instead
of remembering the IP addresses.
o For example, suppose the FTP site at EduSoft had an IP address of 132.147.165.50,
most people would reach this site by specifying ftp.EduSoft.com. Therefore, the
domain name is more reliable than IP address.
DNS is a TCP/IP protocol used on different platforms. The domain name space is divided
into three different sections: generic domains, country domains, and inverse domain.

Generic Domains
o It defines the registered hosts according to their generic behavior.
o Each node in a tree defines the domain name, which is an index to the DNS database.
o It uses three-character labels, and these labels describe the organization type.
Label Description

aero Airlines and aerospace companies

biz Businesses or firms

com Commercial Organizations

coop Cooperative business Organizations

edu Educational institutions

gov Government institutions

info Information service providers

int International Organizations

mil Military groups

museum Museum & other nonprofit organizations

name Personal names

net Network Support centers

org Nonprofit Organizations

pro Professional individual Organizations

Country Domain
The format of country domain is same as a generic domain, but it uses two-character country
abbreviations (e.g., us for the United States) in place of three character organizational
abbreviations.
Inverse Domain
The inverse domain is used for mapping an address to a name. When the server has received
a request from the client, and the server contains the files of only authorized clients. To
determine whether the client is on the authorized list or not, it sends a query to the DNS
server and ask for mapping an address to the name.
Working of DNS
o DNS is a client/server network communication protocol. DNS clients send requests to
the. server while DNS servers send responses to the client.
o Client requests contain a name which is converted into an IP address known as a
forward DNS lookups while requests containing an IP address which is converted into
a name known as reverse DNS lookups.
o DNS implements a distributed database to store the name of all the hosts available on
the internet.
 o If a client like a web browser sends a request containing a hostname, then a piece of
software such as DNS resolver sends a request to the DNS server to obtain the IP
address of a hostname. If DNS server does not contain the IP address associated with
a hostname, then it forwards the request to another DNS server. If IP address has
arrived at the resolver, which in turn completes the request over the internet protocol.
4. SNMP

o SNMP stands for Simple Network Management Protocol.

o SNMP is a framework used for managing devices on the internet.
o It provides a set of operations for monitoring and managing the internet.
SNMP Concept

o SNMP has two components Manager and agent.

o The manager is a host that controls and monitors a set of agents such as routers.
o It is an application layer protocol in which a few manager stations can handle a set of
agents.
o The protocol designed at the application level can monitor the devices made by
different manufacturers and installed on different physical networks.
o It is used in a heterogeneous network made of different LANs and WANs connected
by routers or gateways.
Managers & Agents
o A manager is a host that runs the SNMP client program while the agent is a router that
runs the SNMP server program.
o Management of the internet is achieved through simple interaction between a manager
and agent.
o The agent is used to keep the information in a database while the manager is used to
access the values in the database. For example, a router can store the appropriate
 variables such as a number of packets received and forwarded while the manager can
compare these variables to determine whether the router is congested or not.
o Agents can also contribute to the management process. A server program on the agent
checks the environment, if something goes wrong, the agent sends a warning message
to the manager.
Management with SNMP has three basic ideas:
o A manager checks the agent by requesting the information that reflects the behavior
of the agent.
o A manager also forces the agent to perform a certain function by resetting values in
the agent database.
o An agent also contributes to the management process by warning the manager
regarding an unusual condition.
Management Components
o Management is not achieved only through the SNMP protocol but also the use of
other protocols that can cooperate with the SNMP protocol. Management is achieved
through the use of the other two protocols: SMI (Structure of management
information) and MIB(management information base).
o Management is a combination of SMI, MIB, and SNMP. All these three protocols
such as abstract syntax notation 1 (ASN.1) and basic encoding rules (BER).

SMI
The SMI (Structure of management information) is a component used in network
management. Its main function is to define the type of data that can be stored in an object and
to show how to encode the data for the transmission over a network.
MIB
o The MIB (Management information base) is a second component for the network
management.
o Each agent has its own MIB, which is a collection of all the objects that the manager
can manage. MIB is categorized into eight groups: system, interface, address
translation, ip, icmp, tcp, udp, and egp. These groups are under the mib object.
SNMP
SNMP defines five types of messages: GetRequest, GetNextRequest, SetRequest,
GetResponse, and Trap.

GetRequest: The GetRequest message is sent from a manager (client) to the agent (server) to
retrieve the value of a variable.
GetNextRequest: The GetNextRequest message is sent from the manager to agent to retrieve
the value of a variable. This type of message is used to retrieve the values of the entries in a
table. If the manager does not know the indexes of the entries, then it will not be able to
retrieve the values. In such situations, GetNextRequest message is used to define an object.
GetResponse: The GetResponse message is sent from an agent to the manager in response to
the GetRequest and GetNextRequest message. This message contains the value of a variable
requested by the manager.
SetRequest: The SetRequest message is sent from a manager to the agent to set a value in a
variable.
Trap: The Trap message is sent from an agent to the manager to report an event. For
example, if the agent is rebooted, then it informs the manager as well as sends the time of
rebooting.
5. ELECTRONIC MAIL

E-mail is defined as the transmission of messages on the Internet. It is one of the most
commonly used features over communications networks that may contain text, files, images,
or other attachments. Generally, it is information that is stored on a computer sent through a
network to a specified individual or group of individuals.
Email messages are conveyed through email servers; it uses multiple protocols within
the TCP/IP suite. For example, SMTP is a protocol, stands for simple mail transfer
protocol and used to send messages whereas other protocols IMAP or POP are used to
retrieve messages from a mail server. If you want to login to your mail account, you just need
to enter a valid email address, password, and the mail servers used to send and receive
messages.
Although most of the webmail servers automatically configure your mail account, therefore,
you only required to enter your email address and password. However, you may need to
manually configure each account if you use an email client like Microsoft Outlook or Apple
Mail. In addition, to enter the email address and password, you may also need to enter
incoming and outgoing mail servers and the correct port numbers for each one.
Email messages include three components, which are as follows:
o Message envelope: It depicts the email's electronic format.
o Message header: It contains email subject line and sender/recipient information.
o Message body: It comprises images, text, and other file attachments.
The email was developed to support rich text with custom formatting, and the original email
standard is only capable of supporting plain text messages. In modern times, email
supports HTML (Hypertext markup language), which makes it capable of emails to support
the same formatting as websites. The email that supports HTML can contain links,
images, CSS layouts, and also can send files or "email attachments" along with messages.
Most of the mail servers enable users to send several attachments with each message. The
attachments were typically limited to one megabyte in the early days of email. Still,
nowadays, many mail servers are able to support email attachments of 20 megabytes or more
in size.
In 1971, as a test e-mail message, Ray Tomlinson sent the first e-mail to himself. This email
was contained the text "something like QWERTYUIOP." However, the e-mail message was
still transmitted through ARPANET, despite sending the e-mail to himself. Most of the
electronic mail was being sent as compared to postal mail till 1996.

Differences between email and webmail

The term email is commonly used to describe both browser-based electronic mail and non-
browser-based electronic mail today. The AOL and Gmail are browser-based electronic
mails, whereas Outlook for Office 365 is non-browser-based electronic mail. However, to
define email, a difference was earlier made as a non-browser program that needed a dedicated
client and email server. The non-browser emails offered some advantages, which are
enhanced security, integration with corporate software platforms, and lack of advertisements.

Uses of email
Email can be used in different ways: it can be used to communicate either within an
organization or personally, including between two people or a large group of people. Most
people get benefit from communicating by email with colleagues or friends or individuals or
small groups. It allows you to communicate with others around the world and send and
receive images, documents, links, and other attachments. Additionally, it offers benefit users
to communicate with the flexibility on their own schedule.
There is another benefit of using email; if you use it to communicate between two people or
small groups that will beneficial to remind participants of approaching due dates and time-
sensitive activities and send professional follow-up emails after appointments. Users can also
use the email to quickly remind all upcoming events or inform the group of a time change.
Furthermore, it can be used by companies or organizations to convey information to large
numbers of employees or customers. Mainly, email is used for newsletters, where mailing list
subscribers are sent email marketing campaigns directly and promoted content from a
company.
Email can also be used to move a latent sale into a completed purchase or turn leads into
paying customers. For example, a company may create an email that is used to send emails
automatically to online customers who contain products in their shopping cart. This email can
help to remind consumers that they have items in their cart and stimulate them to purchase
those items before the items run out of stock. Also, emails are used to get reviews by
customers after making a purchase. They can survey by including a question to review the
quality of service.

History of E-mail
As compared to ARPANet or the Internet, email is much older. The early email was just a
small advance, which is known as a file directory in nowadays. It was used to just put a
message in other user's directory in the place where they were able to see the message by
logging in. For example, the same as leaving a note on someone's desk. Possibly MAILBOX
was used at Massachusetts Institute of Technology, which was the first email system of this
type from 1965. For sending messages on the same computer, another early program
was SNDMSG.
Users were only able to send messages to several users of the same computer through email
when the internetworking was not beginning. And, the problem became a little more complex
when computers began to talk to each other over networks, we required to put a message in
an envelope and address it for the destination.
Later in 1972, Ray Tomlinson invented email to remove some difficulties. Tomlinson
worked (Like many of the Internet inventors) for Newman and Bolt Beranek as an
ARPANET contractor. To denote sending messages from one computer to another, he picked
up the @ symbol from the keyboard. Then, it became easy to send a message to another with
the help of Internet standards; they were only required to propose name-of-the-user@name-
of-the-computer. One of the first users of the new system was Internet pioneer Jon Postel.
Also, describing as a "nice hack," credited goes to Jon Postel.
Although the World Wide Web offers many services, email is the most widely used facility
and remains the most important application of the Internet. On the international level, over
600 million people use email. There were hundreds of email users by 1974, as ARPANET
ultimately encouraged it. Furthermore, email caused a radical shift in Arpa's purpose, as it
became the savior of Arpanet.
From there were rapid developments in the field of the email system. A big enhancement was
to sort emails; some email folders for his boss were invented by Larry Roberts. To organize
an email, John Vittal developed some software in 1976. By 1976 commercial packages began
to appear, and email had really taken off. The email had changed people and took them from
Arpanet to the Internet. Here was appeared some interesting features that ordinary people all
over the world wanted to use.
Some years later, Ray Tomlinson observed about email. As compared to the previous one,
any single development is stepping rapidly and nearly followed by the next. I think that all
the developments would take a big revolution.
When personal computers came on the scene, the offline reader was one of the first new
developments. Then, email users became able to store their email on their own personal
computers with the help of offline reader and read it. Also, without actually being connected
to the network, they were able to prepare replies like Microsoft Outlook can do today. In
parts of the world, this was specifically useful for people where the telephone was expensive
as compared to the email system.
Without being connected to a telephone, it was able to prepare a reply with connection
charges of many dollars a minute and then get on the network to send it. Also, it was useful
as the offline mode allowed for more simple user interfaces. In this modern time of very few
standards being connected directly to the host email system often resulted in no capacity for
text to wrap around on the screen of the user's computer, and backspace keys and delete keys
may not work and other such annoyances. Offline readers helped out more to overcome these
kinds of difficulties.
The SMTP (simple mail transfer protocol) was the first important email standard. It was a
fairly naïve protocol that is still in use. And, it was made in terms of no attempt to find the
person who sent a message that was the right or not what they claimed to be. In the email
addresses, fraudulent was very easy and is still available. Later, these basic flaws were used
in the protocol by security frauds, worms and viruses, and spammers forging identities. From
2004, some of these problems are still being processed for a solution.
But as developed email system offered some important features that helped out people to
understand easily about email. In 1988, Steve Dorner developed Eudora that was one of the
first good commercial systems. But it did not appear for a long time after Pegasus mail come.
Servers began to appear as a standard when Internet standards POP (Post office protocol) for
email began to mature. Each server was a little different before standard post office protocol
(POP). POP was an important standard that allowed users to work together.
Individual dialup users were required to charges for an email per-minute in those days. Also,
on the Internet, email and email discussion groups were the main uses for most people. There
were several issues on a wide variety of subjects; they became USENET as a body of
newsgroups.
With the World Wide Web (WWW), email became available with a simple user interface that
was offered by providers like Hotmail and Yahoo. And, users did not require to pay any
charges on these platforms. Now everyone wanted at least one email address as it is much
simple and affordable, and the medium was adopted by millions of people.
Internet Service Providers (ISPs) started to connect people with each other all over the world
by the 1980s. Also, by 1993 the use of the Internet was becoming widespread, and the word
electronic mail was replaced by email.
Today, email has become a primary platform to communicate with people all over the world.
There are continuing updates to the system with so many people using email for
communication. Although email has some security issues, there have been laws passed to
prevent the spread of junk email over the years.

Advantages of Email
There are many advantages of email, which are as follows:
o Cost-effective: Email is a very cost-effective service to communicate with others as
there are several email services available to individuals and organizations for free of
cost. Once a user is online, it does not include any additional charge for the services.
o Email offers users the benefit of accessing email from anywhere at any time if they
have an Internet connection.
o Email offers you an incurable communication process, which enables you to send a
response at a convenient time. Also, it offers users a better option to communicate
easily regardless of different schedules users.
o Speed and simplicity: Email can be composed very easily with the correct
information and contacts. Also, minimum lag time, it can be exchanged quickly.
o Mass sending: You can send a message easily to large numbers of people through
email.
o Email exchanges can be saved for future retrieval, which allows users to keep
important conversations or confirmations in their records and can be searched and
retrieved when they needed quickly.
o Email provides a simple user interface and enables users to categorize and filter their
messages. This can help you recognize unwanted emails like junk and spam mail.
Also, users can find specific messages easily when they are needed.
o As compared to traditional posts, emails are delivered extremely fast.
o Email is beneficial for the planet, as it is paperless. It reduces the cost of paper and
helps to save the environment by reducing paper usage.
o It also offers a benefit to attaching the original message at the time you reply to an
email. This is beneficial when you get hundreds of emails a day, and the recipient
knows what you are talking about.
o Furthermore, emails are beneficial for advertising products. As email is a form of
communication, organizations or companies can interact with a lot of people and
inform them in a short time.

Disadvantages of Email
o Impersonal: As compared to other forms of communication, emails are less personal.
For example, when you talk to anyone over the phone or meeting face to face is more
appropriate for communicating than email.
o Misunderstandings: As email includes only text, and there is no tone of voice or
body language to provide context. Therefore, misunderstandings can occur easily with
email. If someone sends a joke on email, it can be taken seriously. Also, well-meaning
information can be quickly typed as rude or aggressive that can impact wrong.
 Additionally, if someone types with short abbreviations and descriptions to send
content on the email, it can easily be misinterpreted.
o Malicious Use: As email can be sent by anyone if they have an only email address.
Sometimes, an unauthorized person can send you mail, which can be harmful in terms
of stealing your personal information. Thus, they can also use email to spread gossip
or false information.
o Accidents Will Happen: With email, you can make fatal mistakes by clicking the
wrong button in a hurry. For instance, instead of sending it to a single person, you can
accidentally send sensitive information to a large group of people. Thus, the
information can be disclosed, when you have clicked the wrong name in an address
list. Therefore, it can be harmful and generate big trouble in the workplace.
o Spam: Although in recent days, the features of email have been improved, there are
still big issues with unsolicited advertising arriving and spam through email. It can
easily become overwhelming and takes time and energy to control.
o Information Overload: As it is very easy to send email to many people at a time,
which can create information overload. In many modern workplaces, it is a major
problem where it is required to move a lot of information and impossible to tell if an
email is important. And, email needs organization and upkeep. The bad feeling is one
of the other problems with email when you returned from vacation and found
hundreds of unopened emails in your inbox.
o Viruses: Although there are many ways to travel viruses in the devices, email is one
of the common ways to enter viruses and infect devices. Sometimes when you get a
mail, it might be the virus come with an attached document. And, the virus can infect
the system when you click on the email and open the attached link. Furthermore, an
anonymous person or a trusted friend or contact can send infected emails.
o Pressure to Respond: If you get emails and you do not answer them, the sender can
get annoyed and think you are ignoring them. Thus, this can be a reason to make
pressure on your put to keep opening emails and then respond in some way.
o Time Consuming: When you get an email and read, write, and respond to emails that
can take up vast amounts of time and energy. Many modern workers spend their most
time with emails, which may be caused to take more time to complete work.
o Overlong Messages: Generally, email is a source of communication with the
intention of brief messages. There are some people who write overlong messages that
can take much time than required.
o Insecure: There are many hackers available that want to gain your important
information, so email is a common source to seek sensitive data, such as political,
financial, documents, or personal messages. In recent times, there have various high-
profile cases occurred that shown how email is insecure about information theft.

Different types of Email

There are many types of email; such are as follows:
Newsletters: It is studying by Clutch, the newsletter is the most common type of email that
are routinely sent to all mailing list subscribers, either daily, weekly, or monthly. These
emails often contain from the blog or website, links curated from other sources, and selected
content that the company has recently published. Typically, Newsletter emails are sent on a
consistent schedule, and they offer businesses the option to convey important information to
their client through a single source. Newsletters might also incorporate upcoming events or
new, webinars from the company, or other updates.
Lead Nurturing: Lead-nurturing emails are a series of related emails that marketers use to
take users on a journey that may impact their buying behavior. These emails are typically sent
over a period of several days or weeks. Lead-nurturing emails are also known as trigger
campaigns, which are used for solutions in an attempt to move any prospective sale into a
completed purchase and educate potential buyers on the services. These emails are not only
helpful for converting emails but also drive engagement. Furthermore, lead-nurturing emails
are initiated by a potential buyer taking initial action, such as clicking links on a promotional
email or downloading a free sample.
Promotional emails: It is the most common type of B2B (Business to Business) email,
which is used to inform the email list of your new or existing products or services. These
types of emails contain creating new or repeat customers, speeding up the buying process, or
encouraging contacts to take some type of action. It provides some critical benefits to buyers,
such as a free month of service, reduced or omitted fees for managed services, or percentage
off the purchase price.
Standalone Emails: These emails are popular like newsletters emails, but they contain a
limitation. If you want to send an email with multiple links or blurbs, your main call-to-action
can weaken. Your subscriber may skip your email and move on, as they may click on the first
link or two in your email but may not come back to the others.
Onboarding emails: An onboarding email is a message that is used to strengthen customer
loyalty, also known as post-sale emails. These emails receive users right after subscription.
The onboarding emails are sent to buyers to familiarize and educate them about how to use a
product effectively. Additionally, when clients faced with large-scale service deployments,
these emails help them facilitate user adoption.
Transactional: These emails are related to account activity or a commercial transaction and
sent from one sender to one recipient. Some examples of transactional email are purchase
confirmations, password reminder emails, and personalized product notifications. These
emails are used when you have any kind of e-commerce component to your business. As
compared to any other type of email, the transactional email messages have 8x the opens and
clicks.
Plain-Text Emails: It is a simple email that does not include images or graphics and no
formatting; it only contains the text. These types of emails may worth it if you try to only
ever send fancy formatted emails, text-only messages. According to HubSpot, although
people prefer fully designed emails with various images, plain text emails with less HTML
won out in every A/B test. In fact, HTML emails contain lower open and click-through rates,
and plain text emails can be great for blog content, event invitations, and survey or feedback
requests. Even if you do not send plainer emails, but you can boost your open and click
through rates by simplifying your emails and including fewer images.
Welcome emails: It is a type of B2B email and common parts of onboarding emails that help
users get acquainted with the brand. These emails can improve subscriber constancy as they
include additional information, which helps to the new subscriber in terms of a business
objective. Generally, welcome emails are sent buyers who got a subscription to a business's
opt-in activities, such as a blog, mailing list, or webinar. Also, these emails can help
businesses to build a better relationship between customers.
Examples of email attacks
Although there are many ways to travel viruses in the devices, email is one of the most
common vectors for cyberattacks. The methods include spoofing, spamming, spear-phishing,
phishing, ransomware, and business email compromise (BEC).
There are many organizations (around 7710) hit by a BEC attack every month, as one out of
every 412 emails contains a malware attack. According to the Symantec Internet Threat
Security Report, spear-phishing is the most widely used infection vector. Below is given a
complete description of these types of attacks:
o Phishing: A form of fraud in which the attacks are the practice of sending fraudulent
communications that appear to come from a reputable entity or person in email or
other communication channels. Usually, it is done through the email; phishing emails
are used by attackers to steal sensitive data like credit card and login information or to
install malware on the victim's machine. Additionally, everyone should learn about a
phishing attack in order to protect themselves, as it is a common type of cyberattack.
The common features of phishing emails are Sense of urgency, Hyperlinks, Too Good
to Be True, Unusual sender, Attachments.
o Spamming: Spam email is unsolicited bulk messages sent without explicit consent
from the recipient, which is also known as junk email. Since the 1990s, spam is a
problem faced by most email users and has been increasing in popularity. Obtained by
spambots, spam mail recipients have had their email addresses (automated programs),
which crawl the Internet to find email addresses. This is the dark side of email
marketing in which spammers use spambots to create email distribution lists.
Typically, an email is sent by a spammer to millions of email addresses with the
expectation that only a few numbers of an email address will respond or interact with
the message.
o Spoofing: Email spoofing is an email message that could be obtained from someone
or somewhere other than the intended source. It is a popular strategy that is used in
spam and phishing campaigns as core email protocols do not have a built-in method
of authentication. And, when people think the email has been sent by a legitimate or
familiar source, they are more likely to open an email. Thus, it is a common tactic
used for spam and phishing emails. The email spoofing is used with the purpose of
getting mail recipients to open emails and possibly respond to a solicitation.
o Business email compromise (BEC): A BEC is an exploit in which an authorized
person or attacker hacks to a business email account and spoofs the owner's identity to
defraud the company, its customers, partners of money. Often, an attacker simply
creates an account with an email address that is almost identical to one on the
corporate network, which creates trust between the victim and their email account.
Sometimes, a BEC is also known as a man-in-the-email attack. Some samples of BEC
email messages that contain the word in subject, such as urgent, transfer, request,
payment, and more. There are five types of BEC scams on the basis of the FBI, which
are False Invoice Scheme, CEO Fraud, Data Theft, Attorney Impersonation, Account
Compromise.
 o Spear-phishing: Email spoofing is an attack where hackers target an individual or
specific organization to gain sensitive information through unauthorized access. Spear
phishing is not initiated by random hackers but attempted by perpetrators to gain
financial benefits or secrets information. It is an attack in which attackers send emails
to specific and well-researched targets while purporting to be a trusted sender. The
main objective of spear phishing is to convince victims to hand over information or
money and infect devices with malware.
o Ransomware: It is a subset of malware that is used to encrypt a victim's files.
Typically, it locks data by encryption on the victim's system. Typically, it locks data
by encryption on the victim's system, and attackers demand payments before the
ransomed data is decrypted. Unlike other types of attacks, the primary goal of
ransomware attacks is just about always monetary. Usually, when the exploit occurs,
a victim is notified about the attack and is given instructions for how to recover from
the attack.

6. WORLD WEB

WWW stands for World Wide Web. A technical definition of the World Wide Web is : all
the resources and users on the Internet that are using the Hypertext Transfer Protocol
(HTTP).
A broader definition comes from the organization that Web inventor Tim Berners-
Lee helped found, the World Wide Web Consortium (W3C).
The World Wide Web is the universe of network-accessible information, an embodiment of
human knowledge.
In simple terms, The World Wide Web is a way of exchanging information between
computers on the Internet, tying them together into a vast collection of interactive
multimedia resources.
Internet and Web is not the same thing: Web uses internet to pass over the information.
Evolution
World Wide Web was created by Timothy Berners Lee in 1989
at CERN in Geneva. World Wide Web came into existence as a proposal by him, to allow
researchers to work together effectively and efficiently at CERN. Eventually it
became World Wide Web.
The following diagram briefly defines evolution of World Wide Web:

WWW Architecture
WWW architecture is divided into several layers as shown in the following diagram:
Identifiers and Character Set
Uniform Resource Identifier (URI) is used to uniquely identify resources on the web
and UNICODE makes it possible to built web pages that can be read and write in human
languages.
Syntax
XML (Extensible Markup Language) helps to define common syntax in semantic web.
Data Interchange
Resource Description Framework (RDF) framework helps in defining core representation
of data for web. RDF represents data about resource in graph form.
Taxonomies
RDF Schema (RDFS) allows more standardized description of taxonomies and
other ontological constructs.
Ontologies
Web Ontology Language (OWL) offers more constructs over RDFS. It comes in following
three versions:
 OWL Lite for taxonomies and simple constraints.
 OWL DL for full description logic support.
 OWL for more syntactic freedom of RDF
Rules
RIF and SWRL offers rules beyond the constructs that are available
from RDFs and OWL. Simple Protocol and RDF Query Language (SPARQL) is SQL
like language used for querying RDF data and OWL Ontologies.
Proof
All semantic and rules that are executed at layers below Proof and their result will be used to
prove deductions.
Cryptography
Cryptography means such as digital signature for verification of the origin of sources is
used.
User Interface and Applications
On the top of layer User interface and Applications layer is built for user interaction.
WWW Operation
WWW works on client- server approach. Following steps explains how the web works:
1. User enters the URL (say, http://www.tutorialspoint.com) of the web page in the
address bar of web browser.
2. Then browser requests the Domain Name Server for the IP address corresponding to
www.tutorialspoint.com.
3. After receiving IP address, browser sends the request for web page to the web server
using HTTP protocol which specifies the way the browser and web server
communicates.
4. Then web server receives request using HTTP protocol and checks its search for the
requested web page. If found it returns it back to the web browser and close the
HTTP connection.
5. Now the web browser receives the web page, It interprets it and display the contents
of web page in web browser’s window.
Future
There had been a rapid development in field of web. It has its impact in almost every area
such as education, research, technology, commerce, marketing etc. So the future of web is
almost unpredictable.
Apart from huge development in field of WWW, there are also some technical issues that
W3 consortium has to cope up with.
User Interface
Work on higher quality presentation of 3-D information is under deveopment. The W3
Consortium is also looking forward to enhance the web to full fill requirements of global
communities which would include all regional languages and writing systems.
Technology
Work on privacy and security is under way. This would include hiding information,
accounting, access control, integrity and risk management.
Architecture
There has been huge growth in field of web which may lead to overload the internet and
degrade its performance. Hence more better protocol are required to be developed.

7. HTTP

o HTTP stands for HyperText Transfer Protocol.

o It is a protocol used to access the data on the World Wide Web (www).
o The HTTP protocol can be used to transfer the data in the form of plain text,
hypertext, audio, video, and so on.
o This protocol is known as HyperText Transfer Protocol because of its efficiency that
allows us to use in a hypertext environment where there are rapid jumps from one
document to another document.
o HTTP is similar to the FTP as it also transfers the files from one host to another host.
But, HTTP is simpler than FTP as HTTP uses only one connection, i.e., no control
connection to transfer the files.
o HTTP is used to carry the data in the form of MIME-like format.
o HTTP is similar to SMTP as the data is transferred between client and server. The
HTTP differs from the SMTP in the way the messages are sent from the client to the
server and from server to the client. SMTP messages are stored and forwarded while
HTTP messages are delivered immediately.

Features of HTTP:
o Connectionless protocol: HTTP is a connectionless protocol. HTTP client initiates a
request and waits for a response from the server. When the server receives the request,
the server processes the request and sends back the response to the HTTP client after
 which the client disconnects the connection. The connection between client and server
exist only during the current request and response time only.
o Media independent: HTTP protocol is a media independent as data can be sent as
long as both the client and server know how to handle the data content. It is required
for both the client and server to specify the content type in MIME-type header.
o Stateless: HTTP is a stateless protocol as both the client and server know each other
only during the current request. Due to this nature of the protocol, both the client and
server do not retain the information between various requests of the web pages.

HTTP Transactions

The above figure shows the HTTP transaction between client and server. The client initiates a
transaction by sending a request message to the server. The server replies to the request
message by sending a response message.

Messages
HTTP messages are of two types: request and response. Both the message types follow the
same message format.
Request Message: The request message is sent by the client that consists of a request line,
headers, and sometimes a body.

Response Message: The response message is sent by the server to the client that consists of a
status line, headers, and sometimes a body.

Uniform Resource Locator (URL)

o A client that wants to access the document in an internet needs an address and to
facilitate the access of documents, the HTTP uses the concept of Uniform Resource
Locator (URL).
o The Uniform Resource Locator (URL) is a standard way of specifying any kind of
information on the internet.
o The URL defines four parts: method, host computer, port, and path.

o Method: The method is the protocol used to retrieve the document from a server. For
example, HTTP.
 o Host: The host is the computer where the information is stored, and the computer is
given an alias name. Web pages are mainly stored in the computers and the computers
are given an alias name that begins with the characters "www". This field is not
mandatory.
o Port: The URL can also contain the port number of the server, but it's an optional
field. If the port number is included, then it must come between the host and path and
it should be separated from the host by a colon.
o Path: Path is the pathname of the file where the information is stored. The path itself
contain slashes that separate the directories from the subdirectories and files.

8. STREAMING AUDIO AND VIDEO

1. INTRODUCTION
We can divide audio and video services into three broad categories: streaming
stored audio/video, streaming live audio/video, and interactive audio/video.
Streaming means a user can listen (or watch) the file after the downloading has

started.

In the first category, streaming stored audio/video, the files are compressed and
stored on a server. A client downloads the files through the Internet. This is
sometimes referred to as on-demand audio/video. In the second category, streaming
live audio/video refers to the broadcasting of radio and TV programs through the
Internet. In the third category, interactive audio/video refers to the use of the
Internet for interactive audio/video applications. A good example of this application
is Internet telephony and Internet teleconferencing.

2. STREAMING STORED AUDIO/VIDEO

Downloading these types of files from a server can be different from downloading
other types of files.
First Approach: Using a Web Server
A compressed audio/video file can be downloaded as a text file. The client
(browser) can use the services of HTTP and send a GET message to download the
file. The Web server can send the compressed file to the browser. The browser can
then use a help application, normally called a media player, to play the file. The file
needs to download completely before it can be played.

Second Approach: Using a Web Server with Metafile

In another approach, the media player is directly connected to the Web server for
downloading the audio/video file. The Web server stores two files: the actual
audio/video file and a metafile that holds information about the audio/video file.
1. The HTTP client accesses the Web server using the GET message.
2. The information about the metafile comes in the response.
3. The metafile is passed to the media player.
4. The media player uses the URL in the metafile to access the audio/video file.
5. The Web server responds.
 Third Approach: Using a Media Server
The problem with the second approach is that the browser and the media player
both use the services of HTTP. HTTP is designed to run over TCP. This is appropriate
for retrieving the metafile, but not for retrieving the audio/video file. The reason is
that TCP retransmits a lost or damaged segment, which is counter to the philosophy
of streaming. We need to dismiss TCP and its error control; we need to use UDP.
However, HTTP, which accesses the Web server, and the Web server itself are

designed for TCP; we need another server, a media server.

1. The HTTP client accesses the Web server using a GET message.
2. The information about the metafile comes in the response.
3. The metafile is passed to the media player.
4. The media player uses the URL in the metafile to access the media server to
download the file. Downloading can take place by any protocol that uses UDP.
5. The media server responds.

Fourth Approach: Using a Media Server and RTSP

The Real-Time Streaming Protocol (RTSP) is a control protocol designed to add
more functionalities to the streaming process. Using RTSP, we can control the playing
of audio/video. Figure 5 shows a media server and RTSP.
 1. The HTTP client accesses the Web server using a GET message.
2. The information about the metafile comes in the response.
3. The metafile is passed to the media player.
4. The media player sends a SETUP message to create a connection with the media
server.
5. The media server responds.
6. The media player sends a PLAY message to start playing (downloading).
7. The audio/video file is downloaded using another protocol that runs over UDP.
8. The connection is broken using the TEARDOWN message.
9. The media server responds.

3. STREAMING LIVE AUDIO/VIDEO

Streaming live audio/video is similar to the broadcasting of audio and video by
radio and TV stations. Instead of broadcasting to the air, the stations broadcast
through the Internet. There are several similarities between streaming stored
audio/video and streaming live audio/video. They are both sensitive to delay; neither
can accept retransmission. However, there is a difference. In the first application, the
communication is unicast and on-demand. In the second, the communication is
multicast and live. Live streaming is better suited to the multicast services of IP and
the use of protocols such as UDP and RTP.
Examples: Internet Radio, Internet Television (ITV), Internet protocol television
(IPTV)

4. REAL-TIME INTERACTIVE AUDIO/VIDEO

In real-time interactive audio/video, people communicate with one another in
real time. The Internet phone or voice over IP is an example of this type of application.
Video conferencing is another example that allows people to communicate visually
and orally.
 Before discussing the protocols used in this class of applications, we discuss some
characteristics of real-time audio/video communication.
  Time Relationship
Real-time data on a packet-switched network require the preservation of the
time relationship between packets of a session.

But what happens if the packets arrive with different delays? For example, the
first packet arrives at 00:00:01 (1-s delay), the second arrives at 00:00:15 (5-s delay),
and the third arrives at 00:00:27 (7-s delay). If the receiver starts playing the first
packet at 00:00:01, it will finish at 00:00:11. However, the next packet has not yet
arrived; it arrives 4 s later. There is a gap between the first and second packets and
between the second and the third as the video is viewed at the remote site. This

phenomenon is called jitter. Jitter is introduced in real-time data by the delay

between packets.

 Timestamp
One solution to jitter is the use of a timestamp. If each packet has a timestamp
that shows the time it was produced relative to the first (or previous) packet, then
the receiver can add this time to the time at which it starts the playback. Imagine
the first packet in the previous example has a timestamp of 0, the second has a
timestamp of 10, and the third a timestamp of 20. If the receiver starts playing back the
first packet at 00:00:08, the second will be played at 00:00:18, and the third at
00:00:28. There are no gaps between the packets.
  Playback Buffer
To be able to separate the arrival time from the playback time, we need a buffer
to store the data until they are played back. The buffer is referred to as a playback
buffer. In the previous example, the first bit of the first packet arrives at 00:00:01; the
threshold is 7 s, and the playback time is 00:00:08. The threshold is measured in time
units of data. The replay does not start until the time units of data are equal to the
threshold value.

 Ordering
We need a sequence number for each packet. The timestamp alone cannot inform
the receiver if a packet is lost.

 Multicasting
Multimedia play a primary role in audio and video conferencing. The traffic can be
heavy, and the data are distributed using multicasting methods. Conferencing requires
two-way communication between receivers and senders.

 Mixing
If there is more than one source that can send data at the same time (as in a video
or audio conference), the traffic is made of multiple streams. Mixing means
combining several streams of traffic into one stream.

 Support from Transport Layer Protocol

TCP is not suitable for interactive traffic. It has no provision for timestamping, and
it does not support multicasting. However, it does provide ordering (sequence
numbers). One feature of TCP that makes it particularly unsuitable for interactive
traffic is its error control mechanism.
UDP is more suitable for interactive multimedia traffic. UDP supports multicasting
and has no retransmission strategy. However, UDP has no provision for timestamping,
sequencing, or mixing. A new transport protocol, Real-Time Transport Protocol (RTP),
provides these missing features.
5. Real-time Transport Protocol (RTP)
Real-time Transport Protocol (RTP) is the protocol designed to handle real-time
traffic on the Internet. RTP does not have a delivery mechanism (multicasting, port
numbers, and so on); it must be used with UDP. RTP stands between UDP and the
application program. The main contributions of RTP are timestamping, sequencing,
and mixing facilities.

RTP Packet Format

The format is very simple and general enough to cover all real-time applications.
An application that needs more information adds it to the beginning of its payload. A

description of each field follows.

 Ver. This 2-bit field defines the version number.
 P. This 1-bit field, if set to 1, indicates the presence of padding at the end of the packet.
There is no padding if the value of the P field is 0.
 X. This 1-bit field, if set to 1, indicates an extra extension header between the basic
header and the data. There is no extra extension header if the value of this field is 0.
 Contributor count. This 4-bit field indicates the number of contributors. Note that we can
have a maximum of 15 contributors because a 4-bit field only allows a number between 0
and 15.
 M. This 1-bit field is a marker used by the application to indicate, for example, the end of
its data.
 Payload type. This 7-bit field indicates the type of the payload. Several payload types have
been defined so far.
 Sequence number. This field is 16 bits in length. It is used to number the RTP packets. The
sequence number of the first packet is chosen randomly; it is incremented by 1 for each
subsequent packet. The sequence number is used by the receiver to detect lost or out of
order packets.
 Timestamp. This is a 32-bit field that indicates the time relationship between packets.
 Synchronization source identifier. If there is only one source, this 32-bit field defines the
 source. However, if there are several sources, the mixer is the synchronization source and
the other sources are contributors. The value of the source identifier is a random number
chosen by the source. The protocol provides a strategy in case of conflict (two sources
start with the same sequence number).
 Contributor identifier. Each of these 32-bit identifiers (a maximum of 15) defines a
source. When there is more than one source in a session, the mixer is the synchronization
source and the remaining sources are the contributors.
 UDP Port
Although RTP is itself a transport layer protocol, the RTP packet is not
encapsulated directly in an IP datagram. Instead, RTP is treated like an application
program and is encapsulated in a UDP user datagram. However, unlike other
application programs, no well-known port is assigned to RTP. The port can be
selected on demand with only one restriction: The port number must be an even
number. The next number (an odd number) is used by the companion of RTP, Real-
Time Transport Control Protocol (RTCP).

6. Real-Time Transport Control Protocol (RTCP)

RTP allows only one type of message, one that carries data from the source to the
destination. In many cases, there is a need for other messages in a session. These
messages control the flow and quality of data and allow the recipient to send
feedback to the source or sources. Real-Time Transport Control Protocol (RTCP) is a
protocol designed for this purpose. RTCP has five types of messages, as shown in the
following Figure. The number next to each box defines the type of the message.

Types of messages

 Sender Report:
The sender report is sent periodically by the active senders in a conference to report
transmission and reception statistics for all RTP packets sent during the interval.

 Receiver Report:
The receiver report is for passive participants, those that do not send RTP packets. The
report informs the sender and other receivers about the quality of service.

 Source Description Message:

The source periodically sends a source description message to give additional information
about itself.

 Bye Message:
A source sends a bye message to shut down a stream. It allows the source to announce that
it is leaving the conference.

 Application-Specific Message
The application-specific message is a packet for an application that wants to use new
applications (not defined in the standard). It allows the definition of a new message type.
 UDP Port
RTCP, like RTP, does not use a well-known UDP port. It uses a temporary port. The
UDP port chosen must be the number immediately following the UDP port selected
for RTP, which makes it an odd-numbered port.

7. VOICE OVER IP (Real-time interactive audio/video application)

The idea is to use the Internet as a telephone network with some additional
capabilities. Instead of communicating over a circuit-switched network, this
application allows communication between two parties over the packet-switched
Internet. Two protocols have been designed to handle this type of communication:
SIP(Session Initiation Protocol) and H.323.