Case Study

White hat hackers - hired by companies to seek out security holes

Black/Grey hat hackers - malicious hackers.


Hacking - people, can adapt, breaking into a system to get the resources

Viruses - autonomous, self contained code, can't adapt new situations, programs, main purpose: disrupt the operation of a server


How did the "landscape" change - has become more professional, countries are now engaged in the hacking


Bot zombies - control over bots. The hacker has control, the zombie is the computer (not in control of themselves)

Spam - an irrelevant or unsolicted sent typically through internet. Usually sent through large numbers of users. Purpose: advertising, phishing


Bringing down spam techniques:

- Advertisements by spam are now replaced by advertisements on sites such as facebook

- Increased security

- Benevolent




Questions from page 3

1. What are "browser-based attacks"? Yusuke

2. Find an example of information gathering malware? Yusuke

3. How do bots replicate themselves? Yusuke

4. How do worms function? Yusuke

5. What are toolkits? YeongBae

6. Are toolkits legal? YeongBae

7. How do you use toolkits? YeongBae

8. Describe the Zeus Botnet (appendix) YeongBae

9. Look up Stuxnet, Duqu, Flame GeunHo

10. How are APTs (Advanced Persistent Threats) more of a style than a specific method? GeunHo

11. What are some other weapons used in APTs? GeunHo

12. How can you use social engineering to target organizations in an APT? Elsa

13. Describe zero-day attacks, and include examples? Elsa

14. How does ssignature-based detection work? Elsa

15. How do packet-filtering firewalls discover threats? Neel

16. How does anomaly-based detection of malware work? Neel

17. Define whitelisting. Avinash

18. Why must contents of packages be inspected, as opposed to just filtering the kinds and origins of network traffic? Avinash

19. What are the characteristics of Next Generation Firewalls (NGFW)? Jana

20. What is the function of ports on computers and how do they relate to security? Federico

21. Describe SSL & TLS encryption Federico

22. What do we mean by man-in-the-middle attacks. Federico