Lecture 14
Lecture 14
Computer and
Network Security
1-1
Chapter Overview
• Introduction
• Hacking
• Malware
• Cyber crime and cyber attacks
• Online voting
1-2
1-2
7.1 Introduction
1-3
1-3
7.2 Hacking
1-4
1-4
Hackers, Past and Present
• Eavesdropping
• Dumpster diving
• Social engineering
1-6
1-6
Password Dos and Don’ts
1-7
1-7
Computer Fraud and Abuse Act
1-9
1-9
Case Study: Firesheep
1-10
1-10
Act Utilitarian Analysis
1-11
1-11
7.3 Malware
1-12
1-12
Viruses
1-14
1-14
Email Attachment with Possible Virus
1-15
1-15
How an Email Virus Spreads
1-16
1-16
Antivirus Software Packages
1-17
1-17
Worm
• Self-contained program
• Spreads through a computer network
• Exploits security holes in networked
computers
1-18
1-18
How a Worm Spreads
1-19
1-19
The Internet Worm
1-20
1-20
Ethical Evaluation
• Kantian evaluation
– Morris used others by gaining access to their computers without
permission
• Social contract theory evaluation
– Morris violated property rights of organizations
• Utilitarian evaluation
– Benefits: Organizations learned of security flaws
– Harms: Time spent by those fighting worm, unavailable
computers, disrupted network traffic, Morris’s punishments
• Virtue ethics evaluation
– Morris selfishly used Internet as experimental lab
– He deceitfully released worm from MIT instead of Cornell
– He avoided taking responsibility for his actions
• Morris was wrong to have released the Internet worm 1-21
1-21
Cross-site Scripting
1-22
1-22
Drive-by Downloads
1-23
1-23
Trojan Horses and Backdoor Trojans
1-24
1-24
Rootkits
1-25
1-25
Spyware and Adware
1-26
1-26