Difference between revisions of "Lecture 11"

From CyberSecurity
Jump to: navigation, search
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
--[[User:Gorchard|Gorchard]] 09:47, 10 November 2005 (PST) For the first time, I came out of the lectures last night with a sense of optimism. I thought the first two speakers especially (Dave Aucsmith and Steve Gribble) painted a picture that managing nefarious internet activity is possible and already well under way. We seem to have a pretty good understanding of how these guys operate, and it's comforting to know that the people making the attacks are not actually clever enough to discover the vulnerabilities themselves. They also make mistakes like URL typos and allowing themselves to be tracked down through Watson reports. It seems we're not fighting a losing battle. I also found it reassuring to hear Steve Gribble's spyware statistics - that only a small percentage of spyware programs actually do really bad things like keystroke monitoring and calling expensive toll numbers, while most spyware busies itself with 'harmless' activites such as pop-up ads or browser hijacking.
+
'''Large-Scale Internet Criminal Activity'''
  
 +
==Speakers==
 +
* Dave Aucsmith, Senior Director, Institute for Advanced Technology in Governments, Microsoft Corp.
 +
* Steve Gribble, UW:  Spyware
 +
* Butler Lampson, Microsoft:  Computer Security in the Real World
  
[[User:Hiatus|Drew Hoskins]]
+
==Readings==
Here is an interesting take on the "10 worst bugs in history".  Naturally, the first three aren't security-related, but then that starts to pick up in 1988.  It's interesting that they choose some of the older internet worms rather than new ones like Sasser and Blaster.  They are putting emphasis on how seminal an exploit is.<br>
 
The "AT&T Network Outage" is an interesting example of exponential growth that we keep encountering with nuclear, biological, and cybercrime attacks.  <br>
 
The other interesting one is the "Kerberos Random Number Generator" which illustrates how far the hacking community has come; there's no way this type of exploit would be left untouched now.<br>
 
http://wired.com/news/technology/bugs/0,2924,69355,00.html?tw=wn_tophead_1
 
  
 +
* David Moore, Geoffrey Voelker, and Stefan Savage, “Inferring Internet Denial of Service Activity.” Proc. 2001 USENIX Security Symposium, August 2001.  [http://www.cse.ucsd.edu/users/savage/papers/UsenixSec01.pdf http://www.cse.ucsd.edu/users/savage/papers/UsenixSec01.pdf]
 +
* Stefan Saroiu, Steven D. Gribble, and Henry M. Levy, “Measurement and Analysis of Spyware in a University Environment,” Proc. NSDI 2004, March 2004.  [http://www.cs.washington.edu/homes/gribble/papers/spyware.pdf http://www.cs.washington.edu/homes/gribble/papers/spyware.pdf]
 +
* The Honeynet Project & Research Alliance, “Know your Enemy: Tracking Botnets,” March 2005.  http://www.honeynet.org/papers/bots
 +
* Computer Security in the Real World, [http://www.research.microsoft.com/lampson/64-SecurityInRealWorld/Abstract.html http://www.research.microsoft.com/lampson/64-SecurityInRealWorld/Abstract.html]
  
Re: our discussion on Sony's DRM Rootkit
+
==Discussion==
[[User:EimanZ|Eiman Zolfaghari]]
+
Participate in the [http://cubist.cs.washington.edu/CyberSecurity/index.php/Talk:Lecture_11 wiki-discussion].
There's a Slashdot article saying that someone has already written a trojan using Sony's DRM rootkit. I believe Dave Aucsmith predicted this in his lecture, and yep, he was right. It's only a matter of time. Good thing this DRM software is not widely installed.
 
<br>
 
Here's the link: <br>http://it.slashdot.org/it/05/11/10/1615239.shtml?tid=172&tid=233
 

Latest revision as of 23:16, 10 November 2005

Large-Scale Internet Criminal Activity

Speakers

  • Dave Aucsmith, Senior Director, Institute for Advanced Technology in Governments, Microsoft Corp.
  • Steve Gribble, UW: Spyware
  • Butler Lampson, Microsoft: Computer Security in the Real World

Readings

Discussion

Participate in the wiki-discussion.

Retrieved from "http://cubist.cs.washington.edu/CyberSecurity/index.php?title=Lecture_11&oldid=2640"