Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 6: Computer and Network Security

Published byGregory Conley Modified over 6 years ago

Similar presentations

Presentation on theme: "Chapter 6: Computer and Network Security"— Presentation transcript:

1 Chapter 6: Computer and Network Security
Ethics for the Information Age Forth Edition by Michael J. Quinn

2 Chapter Overview Introduction Viruses, worms, and Trojan horses
Phreaks and hackers Denial-of-service attacks Online voting

3 Introduction Computers getting faster and less expensive
Utility of computers increasing Web surfing Shopping Managing personal information Increasing use of computers  growing importance of computer security

4 Viruses Virus: piece of self-replicating code embedded within another program (host) Viruses associated with program files Hard disks, floppy disks, CD-ROMS attachments How viruses spread Diskettes or CDs Files downloaded from Internet Well-known viruses Brain Michelangelo Melissa Love Bug Viruses today Commercial antivirus software Few people keep up-to-date

5 Worms Worm Famous worms
Self-contained program (send by social engineering) Spreads through a computer network Exploits security holes in networked computers Famous worms WANK Code Red Sapphire (Slammer) Blaster Sasser

6 Thu 3-4 The Internet Worm Robert Tappan Morris, Jr. Effect of worm
Graduate student at Cornell Released worm onto Internet from MIT computer Effect of worm Spread to 6,000 Unix computers Infected computers kept crashing or became unresponsive Took a day for fixes to be published Impact on Morris Suspended from Cornell 3 years’ probation hours community service $150,000 in legal fees and fines

7 Ethical Evaluation Kantian evaluation
Morris used others by gaining access to their computers without permission Social contract theory evaluation Morris violated property rights of organizations Utilitarian evaluation Benefits: Organizations learned of security flaws Harms: Time spent by those fighting worm, unavailable computers, disrupted network traffic, Morris’s punishments Morris was wrong to have released the Internet worm

8 Thu 11-7 Trojan Horses Trojan horse: program with benign capability that masks a sinister purpose. They do not replicate themselves. Remote access Trojan (RAT): Trojan horse that gives attack access to victim’s computer Back Orifice SubSeven RAT servers often found within files downloaded from erotica/porn Usenet sites provide the attacker with complete control of the victim's system. Attackers usually hide these Trojan horses in games and other small programs that unsuspecting users then execute on their PCs.

9 Sun 6-7 Bot Networks Bot: A software program that responds to commands from a program on another computer Some bots support legitimate activities Internet Relay Chat Multiplayer Internet games Other bots support illegitimate activities Distributing spam Collecting person information for ID theft Distributed denial-of-service attacks

10 Defensive Measures System administrators play key role
Authorization: determining that a user has permission to perform a particular action Authentication: determining that people are who they claim to be Firewall: a computer monitoring packets entering and leaving a local area network Ex: packet filter which accepts packets only from trusted computer on the Internet

11 Hackers (1/2) Original meaning (1950s) Hacker ethic Explorer
Risk-taker Technical virtuoso Make a system do something never done before MIT developed a system to control movement of trains (1950s) Hacker ethic Hands-on imperative Access to computers that might teach you something about the work Free exchange of information Mistrust of authority--- promote decentralization Value skill above all else  not degrees, position, … Optimistic view of technology  computer can change your life to the better

12 Sun 6-4 Hackers (2/2) Meaning of “hacker” changed
Movie WarGames (1983) Teenagers accessing corporate or government computers by trying to get user names and passwords: Dumpster diving Looking through garbage for interesting bits of information Social engineering: manipulation of a person inside an organization to gain access to confidential info. A hacker calling a system admin. Pretending he is his boss’s boss and asks for revealing passwords. Modern use of hacking means Malicious acts Computer break-ins Destroying databases Stealing confidential personal information

13 Phone Phreaking Phone phreak: someone who manipulates phone system to make free calls Most popular methods Steal long-distance telephone access codes Guess long-distance telephone access codes Use a “blue box” to get free access to long-distance lines --- mimic the actual frequency Access codes posted on “pirate boards” by phreaks to share codes and credit card No.

14 Penalties for Hacking Examples of illegal activities
Accessing without authorization any Internet computer Transmitting a virus or worm Trafficking in computer passwords Intercepting a telephone conversation, , or any other data transmission Accessing stored messages without authorization Adopting another identity to carry out an illegal activity Maximum penalty: 20 years in prison + $250,000 fine

15 Mon 7-12 Denial-of-Service Attacks
Denial-of-service attack: an intentional action designed to prevent legitimate users from making use of a computer service Goal of attack: disrupt a server’s ability to respond to its clients About 4,000 Web sites attacked each week Asymmetrical attack: a single person can harm huge organization (multinational organization) Asymmetrical attack that may prove popular with terrorists Ex: mafiaboy Dos of amazon, yahoo, cnn, ebay, dell

16 Tue 8-8 SATAN Security Administrator Tool for Analyzing Networks (SATAN) Allows administrators (especially novices) to test their systems for security holes. Could be used by a hacker to probe other computers for security weaknesses Critics worried SATAN would turn unskilled teenagers into hackers That never happened

17 Tue 3-12 Motivation for Online Voting
2000 U.S. Presidential election closely contested Florida pivotal state Most Florida counties used keypunch voting machines Two voting irregularities traced to these machines Hanging chad “Butterfly ballot” in Palm Beach County

18

19 12-12 Benefits of Online Voting
More people would vote Votes would be counted more quickly No ambiguity with electronic votes Cost less money Eliminate ballot box tampering Software can prevent accidental over-voting Software can prevent under-voting (caused by poor ballot design)

20 Tue 3-12 Risks of Online Voting
Gives unfair advantage to those with home computers More difficult to preserve voter privacy The system records the ballot as well as the identity of voter More opportunities for vote selling X:voter, y: candidate, z: broker who watch voting of x from his PC Obvious target for a DDoS attack Security of election depends on security of home computers Susceptible to vote-changing virus or RAT (take control of your PC) Susceptible to phony (fake) vote servers Redirected to phony server, getting credentials, then vote on your behalf from the actual site No paper copies of ballots for auditing or recounts

Download ppt "Chapter 6: Computer and Network Security"

Similar presentations

Good or Bad?.  One of the closest contests in US history  Florida was the pivotal state  Neither Democrat Al Gore nor Republican George W. Bush had.

Good or Bad?.  One of the closest contests in US history  Florida was the pivotal state  Neither Democrat Al Gore nor Republican George W. Bush had.
Chapter 6 Computer and Network Security. Copyright © 2006 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Slide 4- 2 Chapter Overview Introduction.

Chapter 6 Computer and Network Security. Copyright © 2006 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Slide 4- 2 Chapter Overview Introduction.
Computer Viruses and Worms* *Referred to slides by Dragan Lojpur, Zhu Fang at Florida State University.

Computer Viruses and Worms* *Referred to slides by Dragan Lojpur, Zhu Fang at Florida State University.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.

Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Computer Crime Computer and Network Security. Copyright © 2006 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Slide 4- 2 Identity Theft.

Computer Crime Computer and Network Security. Copyright © 2006 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Slide 4- 2 Identity Theft.
Copyright © 2009 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 6: Computer and Network Security Ethics for the Information Age Forth.

Copyright © 2009 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 6: Computer and Network Security Ethics for the Information Age Forth.
Computers in Society Week 8: Computer Security and Hacking.

Computers in Society Week 8: Computer Security and Hacking.
Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.

Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
Copyright © 2009 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 6: Computer and Network Security Ethics for the Information Age Third.

Copyright © 2009 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 6: Computer and Network Security Ethics for the Information Age Third.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.

S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
2012-05-14 Chapter 6: Computer and Network Security Ethics for the Information Age Fourth Edition by Michael J. Quinn Copyright © 2011 Pearson Education,

Chapter 6: Computer and Network Security Ethics for the Information Age Fourth Edition by Michael J. Quinn Copyright © 2011 Pearson Education,
 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.

 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.
Malware  Viruses  E-mail Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
BUSINESS B1 Information Security.

BUSINESS B1 Information Security.

Similar presentations

Ads by Google