Поиск

Полнотекстовый поиск:
Где искать:
везде
только в названии
только в тексте
Выводить:
описание
слова в тексте
только заголовок

Рекомендуем ознакомиться

Остальные работы->Реферат
I Should Never Have Gone To This Funeral, I Should Never Have Come To This Country, I Was A Stranger” (182). A Stranger In His Own Land, So Feels Mr. ...полностью>>
Остальные работы->Реферат
I will not allow anybody to minimize my life, not anybody, not a living soul- nobody, no lover, no mother, no son, no boss, no president, no body. (Ma...полностью>>
Остальные работы->Реферат
Sally was uniquely odd from ordinary timid girls. She had keen interest in sports. I remember getting bullied by neighborhood boys for associating wit...полностью>>
Остальные работы->Реферат
The Gaia Hypothesis is a hypothesis that was developed by James Lovelock and Lynn Margulis in the late 1970’s. James Lovelock is a British scientist, ...полностью>>

Главная > Реферат >Остальные работы

Сохрани ссылку в одной из сетей:

Electronic Crime Essay, Research Paper

Electronic Crime

Introduction

In the past decade, computer and networking technology has seen enormous

growth. It is now possible for people all over the world to communicate and

share information from virtually anywhere. This growth however, has not come

without a price. With the advent of the "Information Highway", as it’s

coined, a new methodology in crime has been created. Electronic crime has been

responsible for some of the most financially devastating victimizations in

society.

In the recent past, society has seen malicious editing of the Justice

Department web page unauthorized access into classified government computer

files, phone card and credit card fraud, and electronic embezzlement. All these

crimes are committed in the name of "free speech." These new breed of

criminals claim that information should not be suppressed or protected and that

the crimes they commit are really not crimes at all. What they choose to deny is

that the nature of their actions are slowly consuming the fabric of our

country’s moral and ethical trust in the information age.

Federal law enforcement agencies, as well as commercial computer companies,

have been scrambling around in an attempt to "educate" the public on

how to prevent computer crime from happening to them. They inform us whenever

there is an attack, provide us with mostly ineffective anti-virus software, and

we are left feeling isolated and vulnerable. I do not feel that this defensive

posture is effective because it is not pro-active. Society is still being

attacked by highly skilled computer criminals of which we know very little about

them, their motives, and their tools of the trade. Therefore, to be effective in

defense, we must understand how these attacks take place from a technical

stand-point. To some degree, we must learn to become a computer criminal. Then

we will be in a better position to defend against these victimizations that

affect us on both the financial and emotional level. In this paper, we will

explore these areas of which we know so little, and will also see that computers

are really extensions of people. An attack on a computer’s vulnerabilities are

really an attack on peoples’ vulnerabilities.

Today, computer systems are under attack from a multitude of sources. These

range from malicious code, such as viruses and worms, to human threats, such as

hackers and phone "phreaks." These attacks target different

characteristics of a system. This leads to the possibility that a particular

system is more susceptible to certain kinds of attacks.

Malicious code, such as viruses and worms, attack a system in one of two

ways, either internally or externally. Traditionally, the virus has been an

internal threat (an attack from within the company), while the worm, to a large

extent, has been a threat from an external source (a person attacking from the

outside via modem or connecting network).

Human threats are perpetrated by individuals or groups of individuals that

attempt to penetrate systems through computer networks, public switched

telephone networks or other sources. These attacks generally target known

security vulnerabilities of systems. Many of these vulnerabilities are simply

due to configuration errors.

Malicious Code

Viruses and worms are related classes of malicious code; as a result they are

often confused. Both share the primary objective of replication. However, they

are distinctly different with respect to the techniques they use and their host

system requirements. This distinction is due to the disjoint sets of host

systems they attack. Viruses have been almost exclusively restricted to personal

computers, while worms have attacked only multi-user systems.

A careful examination of the histories of viruses and worms can highlight the

differences and similarities between these classes of malicious code. The

characteristics shown by these histories can be used to explain the differences

between the environments in which they are found. Viruses and worms have very

different functional requirements; currently no class of systems simultaneously

meets the needs of both.

A review of the development of personal computers and multi-tasking

workstations will show that the gap in functionality between these classes of

systems is narrowing rapidly. In the future, a single system may meet all of the

requirements necessary to support both worms and viruses. This implies that

worms and viruses may begin to appear in new classes of systems. A knowledge of

the histories of viruses and worms may make it possible to predict how malicious

code will cause problems in the future.

Basic Definitions

To provide a basis for further discussion, the following definitions will be

used throughout the report;

Trojan Horse – a program which performs a useful function, but also performs

an unexpected action as well;

Virus – a code segment which replicates by attaching copies to existing

executables;

Worm – a program which replicates itself and causes execution of the new copy

and

Network Worm – a worm which copies itself to another system by using common

network facilities, and causes execution of the copy on that system.

In essence, a computer program which has been infected by a virus has been

converted into a "trojan horse". The program is expected to perform a

useful function, but has the unintended side effect of viral code execution. In

addition to performing the unintended task, the virus also performs the function

of replication. Upon execution, the virus attempts to replicate and

"attach" itself to another program. It is the unexpected and

uncontrollable replication that makes viruses so dangerous. As a result, the

host or victim computer falls prey to an unlimited amount of damage by the

virus, before anyone realizes what has happened.

Viruses are currently designed to attack single platforms. A platform is

defined as the combination of hardware and the most prevalent operating system

for that hardware. As an example, a virus can be referred to as an IBM-PC virus,

referring to the hardware, or a DOS virus, referring to the operating system.

"Clones" of systems are also included with the original platform.

History of Viruses

The term "computer virus" was formally defined by Fred Cohen in

1983, while he performed academic experiments on a Digital Equipment Corporation

VAX system. Viruses are classified as being one of two types: research or

"in the wild." A research virus is one that has been written for

research or study purposes and has received almost no distribution to the

public. On the other hand, viruses which have been seen with any regularity are

termed "in the wild." The first computer viruses were developed in the

early 1980s. The first viruses found in the wild were Apple II viruses, such as

Elk Cloner, which was reported in 1981 [Den90]. Viruses were found on the

following platforms:

Apple II

IBM PC

Macintosh

Atari

Amiga

These computers made up a large percentage of the computers sold to the

public at that time. As a result, many people fell prey to the Elk Cloner and

virus’s similar in nature. People suffered losses in data from personal

documents to financial business data with little or no protection or recourse.

Viruses have "evolved" over the years due to efforts by their

authors to make the code more difficult to detect, disassemble, and eradicate.

This evolution has been especially apparent in the IBM PC viruses; since there

are more distinct viruses known for the DOS operating system than any other.

The first IBM-PC virus appeared in 1986 [Den90]; this was the Brain virus.

Brain was a boot sector virus and remained resident in the computer until

"cleaned out". In 1987, Brain was followed by Alameda (Yale), Cascade,

Jerusalem, Lehigh, and Miami (South African Friday the 13th). These viruses

expanded the target executables to include COM and EXE files. Cascade was

encrypted to deter disassembly and detection. Variable encryption appeared in

1989 with the 1260 virus. Stealth viruses, which employ various techniques to

avoid detection, also first appeared in 1989, such as Zero Bug, Dark Avenger and

Frodo (4096 or 4K). In 1990, self-modifying viruses, such as Whale were

introduced. The year 1991 brought the GP1 virus, which is

"network-sensitive" and attempts to steal Novell NetWare passwords.

Since their inception, viruses have become increasingly complex and equally

destructive.

Examples from the IBM-PC family of viruses indicate that the most commonly

detected viruses vary according to continent, but Stoned, Brain, Cascade, and

members of the Jerusalem family, have spread widely and continue to appear. This

implies that highly survivable viruses tend to be benign, replicate many times

before activation, or are somewhat innovative, utilizing some technique never

used before in a virus.

Personal computer viruses exploit the lack of effective access controls in

these systems. The viruses modify files and even the operating system itself.

These are "legal" actions within the context of the operating system.

While more stringent controls are in place on multi-tasking, multi-user

operating systems (LAN Networks or Unix), configuration errors, and security

holes (security bugs) make viruses on these systems more than theoretically

possible. This leads to the following initial conclusions:

Viruses exploit weaknesses in operating system controls and human patterns of

system use/misuse;

Destructive viruses are more likely to be eradicated and

An innovative virus may have a larger initial window to propagate before it

is discovered and the "average" anti-viral product is modified to

detect or eradicate it. If we reject the hypothesis that viruses do not exist on

multi-user systems because they are too difficult to write, what reasons could

exist? Perhaps the explosion of PC viruses (as opposed to other personal

computer systems) can provide a clue. The population of PCS and PC compatible is

by far the largest. Additionally, personal computer users exchange disks

frequently. Exchanging disks is not required if the systems are all connected to

a network. In this case large numbers of systems may be infected through the use

of shared network resources.

One of the primary reasons that viruses have not been observed on multi-user

systems is that administrators of these systems are more likely to exchange

source code rather than executables. They tend to be more protective of

copyrighted materials, so they exchange locally developed or public domain

software. It is more convenient to exchange source code, since differences in

hardware architecture may preclude exchanging executables. It is this type of

attitude towards network security that could be viewed as victim precipitation.

The network administrators place in a position to be attacked, despite the fact

that they are unaware of the activity. The following additional conclusions can

be made:

To spread, viruses require a large population of similar systems and exchange

of executable software;

Destructive viruses are more likely to be eradicated;

An innovative virus may have a larger initial window to propagate before it

is discovered and the "average" anti-viral product is modified to

detect or eradicate it.

Preventive Action

Although many anti-virus tools and products are now available, personal and

administrative practices and institutional policies, particularly with regard to

shared or external software usage, should form the first line of defense against

the threat of virus attack. Users should also consider the variety of anti-virus

products currently available.

There are three classes of anti-virus products: detection tools,

identification tools, and removal tools. Scanners are an example of both

detection and identification tools. Vulnerability monitors and modification

detection programs are both examples of detection tools. Disinfectors are

examples of a removal tools. A detailed description of the tools is provided

below.

Scanners and disinfectors, the most popular classes of anti-virus software,

rely on a great deal of a prior knowledge about the viral code. Scanners search

for "signature strings" or use algorithmic detection methods to

identify known viruses. Disinfectors rely on substantial information regarding

the size of a virus and the type of modifications to restore the infected file’s

contents.

Vulnerability monitors, which attempt to prevent modification or access to

particularly sensitive parts of the system, may block a virus from hooking

sensitive interrupts. This requires a lot of information about

"normal" system use, since personal computer viruses do not actually

circumvent any security features. This type of software also requires decisions

from the user.

Modification detection is a very general method, and requires no information

about the virus to detect its presence. Modification detection programs, which

are usually checksum based, are used to detect virus infection or Trojan horses.

This process begins with the creation of a baseline, where checksums for clean

executables are computed and saved. Each following iteration consists of



Похожие страницы:

  1. Electronic Monitoring Essay Research Paper Electronic MonitoringLast

    Реферат >> Остальные работы
    Electronic Monitoring Essay, Research Paper Electronic Monitoring Last year, state prison ... , with the increase in population, crime, and cost of incarceration, the ... . 37-49 Brown, Micheal P. “Crime and Delinquency” Electronic House Arrest: An Examination ...
  2. Electronic Monitoring Today Essay Research Paper Electronic

    Реферат >> Остальные работы
    Electronic Monitoring Today Essay, Research Paper Electronic Monitoring Today Electronic monitoring has emerged as ... have reached some extremely crime-ridden times. Crime rates are soaring, ... technology of the electronic monitoring device. As crime increases so ...
  3. Crime Essay Research Paper his research paper

    Реферат >> Остальные работы
    Crime Essay, Research Paper his research paper deals with the history, the ... boxes that emit or cancel electronically impulses that allow simpler action ... world. Viruses are life-like, electronically produced, creatures that stay in ...
  4. Computer Crime Essay Research Paper Computer CrimeComputer

    Реферат >> Остальные работы
    Computer Crime Essay, Research Paper Computer Crime Computer crimes need to be ... As subjects of crime, computers represent the electronic environment in which frauds ... crimes–mostly simple but costly electronic trespassing, copyrighted-information piracy, and ...
  5. Computer Crime Essay Research Paper Computer Crime

    Реферат >> Остальные работы
    Computer Crime Essay, Research Paper Computer Crime It’s the weekend, you have ... call or he can use Electronic Toll Fraud Devices. Codes ... not more than 10. Electronic Toll Fraud Devices are known ... go too deep. They are electronic devices than do various things ...

Хочу больше похожих работ...

Generated in 0.0017979145050049