You are on page 1of 6

The expression computer security often conjures up notions that are related to:

reliability
availability
safety
integrity
confidentiality
privacy.
Confidentiality focuses on protecting against un- authorized disclosure of information to third parties.
Integrity can be understood as preventing unauthorized modification of files.
Availability means preventing unauthorized withholding of information from those who need it when they need it.
Some computer-related crimes have no direct implications for computer security.
Cyber-related issues involving privacy and security often overlap.
Another sense of "computer security" is concerned with vulnerability to unauthorized access of data.
Examples of malicious programs that disrupted system security:
Internet Worm (1988)
ILOVEYOU Virus (2001)
Code Red Worm (2002)
Blaster virus (2004)
A virus is a "program that can 'infect' other programs by modifying them to include a possibly evolved copy of
itself."
A worm is an "independent program that replicates from machine to machine across network connections often
clogging networks and information systems as it spreads."
Hacking activities in cyberspace embrace three principles:
(1) Information should be free; This view is regarded by critics as idealistic or romantic.
(2) Hackers provide society with a useful and important service;
(3) Activities in cyberspace are virtual in nature and thus do not harm real people in the real (physical) world.
Denning (2000) defines cyberterrorism as the "convergence of cyberspace and terrorism."
Denning (2000) defines cyberterrorism as the "convergence of cyberspace and terrorism.
Activism includes the normal, non-disruptive use of the Internet to support a cause.
Hacktivism is the convergence of activism and computer hacking, which uses hacking techniques against a target
Internet site with intent to disrupt normal operations but without intending to cause serious damage caused by
"e-mail bombs"
Computer Security

System Security Data Security

Resident Data Transmitted Data

Cybercrimes Cyberrelated Crimes

Cyberspecific Cyberexacerbated Cyberassisted

Income-tax cheating (with a computer)


Physical assault with a computer Property
damage
Cyberpiracy Cyberstalking
using a computer
Cybertrespass Internet Pedophilia
hardware device (e.g., throwing a hardware
Cybervandalism Internet Pornography
device through a window)
Denning (1999) defines information warfare (or IW) as "operations that target or exploit information media in
order to win some objective over an adversary."
Hacktivism
The convergence of political activism and computer hacking techniques to engage in a new form of civil
disobedience.
Cyberterrorism
The convergence of cyber-technology and terrorism for carrying acts of terror in (or via) cyberspace.
Information Warfare
Using information to deceive the enemy; and using conventional warfare tactics to take out an enemy's
computer and information systems.
Security should be embedded in the systems themselves (not added on).
Four Types of Security Countermeasures
Firewalls.. Power defines a firewall as a system or combination of systems that enforces a boundary between
two or more networks. A firewall is a "blockade

Anti-Virus SoftwareAnti-virus software is designed to "inoculate" computer systems against viruses, worms,
and other malicious or rogue programs.

Encryption ToolsEncryption is the technique used to convert the information in a message composed in
ordinary text ("plain text"), into "ciphertext."

Anonymity Tools.. Users want to secure the integrity and confidentiality of their electronic communications.
They also wish to protect their identity while engaging in on-line activities.
For Schneier, security is a process, not a product.
Schneier believes that risk can be understood and assessed in terms of the net result
of the impacts of five elements: risk analysis:
Assets;
Threats;
Sometimes hackers have been portrayed as heroes
Perceptions about hacking and computer crime are changing because of increased dependency on the Internet for our
infrastructure.
Parker believes that typical computer hackers tend to exhibit three common traits:
Precociousness;
Curiosity;
persistence.
Computer criminals are often referred to as hackers.
The term "hacker" has taken on a pejorative connotation (judgmental meaning).
The Hacker Jargon File defines a "cracker" is one "who breaks security on a system."
White hat hackers" refers to "innocent" or non-malicious forms of hacking, while "black hat hackers" refers roughly to what we
described above as "cracking
Some crimes have involved technologies other than computers, but we do not have separate categories of crime for them?
a criminal act in which a computer is used as the principal tool. [Italics added]
Forester and Morrison's definition of computer crime might seem plausible.
Cybercrime the criminal act can be carried out only through the use of cyber-technology and can take place only in
the cyber realm. (Tavani, 2000)
Many crimes that involve the use of cyber-technology are not genuine cybercrimes.
Cyber-related crimes could be further divided into two sub-categories:
cyber-exacerbated crimes;
cyber-assisted crimes.
Thus, crimes involving cybertechnology could be classified in one of three ways:
Cyber-specific crimes (genuine cybercrimes);
Cyber-exacerbated crimes;
Cyber-assisted crimes.
Racketeering-related crimes, regardless of where and how they are committed, are often considered "old-style" crimes.
New forms of hacking-related crimes, on the other hand, tend to grab the headlines.
.. Law Enforcement Techniques to Catch Cybercriminals
Keystroke monitoring records every key struck by a user and every character of the response that the system returns to the
user.
Echelon is the federal government's once super secret system for monitoring voice and data communication worldwide.
Carnivore is a controversial "packet sniffing" program that monitors the data traveling between networked computers.
A recent draft of that treaty addresses four types of criminal activity in cyberspace:
Offenses against the confidentiality, availability and integrity of data and computer systems;
Computer-related offenses (such as fraud);
Content-related offenses (such as child pornography);
Copyright-related offenses.
Some Tools/Technologies for Combating Cybercrime
Some encryption and biometrics technologies have been controversial.
One controversial form of encryption technology was the Clipper Chip.
Property laws and norms establish relationships between and among individuals, different sorts of objects, and the
When discussing property, we tend to think of tangible items.
Property should not be viewed in terms of items or things, but rather as a certain kind of relationship between individuals in reference to things.
Ownership claims involving "intellectual objects" are both similar to and different from ownership of tangible objects.
The expression intellectual objects refers to various forms of intellectual property.
Intellectual property consists of objects that are not tangible.
Non-tangible or "intellectual" objects represent creative works and inventions, which are the manifestations or expressions of ideas.
Tangible objects are exclusionary in nature, intellectual objects (e.g., such as software programs) are non-exclusionary.
The sense of scarcity that applies to physical objects, which often causes competition and rivalry, need not exist for intellectual objects.
Intellectual objects can be easily reproduced.
Its object code is made up of "executable images" that run on the computer's hardware after they have been converted from the original source code.
Copyright Protection Schemes
Copyright law;.. A copyright is a legal form of protection given to a "person" or author. (e.g., art works
A software programs source code can be read by humans.
Its "executable code," which "runs" on a computer, cannot be read by humans. Programs that have a similar user interface are referred to as "workalike"
programs. The first-sale doctrine is another balancing scheme in copyright law.
It must be:
original;
non-functional;
fixed in a tangible medium.
Patents;.. A patent is a form of legal protection given to individuals who create an invention or process. Unlike copyrights, patents offer a 20-year
must be satisfied:
Usefulness;
Novelty;
non-obviousness.
Computer hardware inventions clearly satisfied the requirements of patent law.
Computer software did not (initially). E g Amazon.com v.Barnesandnoble
Trademarks; A trademark is a word, name phrase, or symbol that identifies a product or service. e.g., BMW label
Trade secrets. A trade secret is information used in the operation of a business or other enterprise that is sufficiently valuable and secret to afford an
actual or potential economic advantage over others.
Trade secrets can be used to protect:
formulas (such as the one used by Coca-Cola); blueprints for future projects;
Fair use means that every author or publisher may
make limited use of another person's copyrighted
work for purposes such as criticism, comment,
news, reporting, teaching, scholarship, and
research.