spyware and trojan horses
Download
Skip this Video
Download Presentation
Spyware and Trojan Horses

Loading in 2 Seconds...

play fullscreen
1 / 53

Spyware and Trojan Horses - PowerPoint PPT Presentation


  • 158 Views
  • Uploaded on

Spyware and Trojan Horses – Computer Security Seminar 12 th February 2004. Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk. Spyware and Trojan Horses. Computer Security Seminar Series [SS1].

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Spyware and Trojan Horses' - zeal


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
spyware and trojan horses

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Spyware and Trojan Horses

Computer Security Seminar Series [SS1]

your computer could be watching your every move

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Your computer could be watching your every move!

Image Source - http://www.clubpmi.it/upload/servizi_marketing/images/spyware.jpg

introduction

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Introduction
seminar overview

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Seminar Overview
  • Introduction to Spyware / Trojan Horses
  • Spyware – Examples, Mechanics, Effects, Solutions
  • Tracking Cookies – Mechanics, Effects, Solutions
  • Trojan Horses – Mechanics, Effects, More Examples
  • Solutions to the problems posed
  • Human Factors – Human interaction with Spyware
  • “System X” – Having suitable avoidance mechanisms
  • Conclusions – Including our proposals for solutions
definitions

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Definitions

A general term for a program that surreptitiously monitors your actions. While they are sometimes sinister, like a remote control program used by a hacker, software companies have been known to use Spyware to gather data about customers. The practice is generally frowned upon.

SPYWARE

Definition from: BlackICE Internet Security Systems - http://blackice.iss.net/glossary.php

TROJAN

HORSE

An apparently useful and innocent program containing additional hidden code which allows the unauthorized collection, exploitation, falsification, or destruction of data.

Definition from: Texas State Library and Archives Commission - http://www.tsl.state.tx.us/ld/pubs/compsecurity/glossary.html

symptoms

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Symptoms
  • Targeted Pop-ups
  • Slow Connection
  • Targeted E-Mail (Spam)
  • Unauthorized Access
  • Spam Relaying
  • System Crash
  • Program Customisation

SPYWARE

SPYWARE / TROJAN

SPYWARE

TROJAN HORSE

TROJAN HORSE

SPYWARE / TROJAN

SPYWARE

summary of effects

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Summary of Effects
  • Collection of data from your computer without consent
  • Execution of code without consent
  • Assignment of a unique code to identify you
  • Collection of data pertaining to your habitual use
  • Installation on your computer without your consent
  • Inability to remove the software
  • Performing other undesirable tasks without consent
similarities differences

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Similarities / Differences

Source – Table derived and produced by; Andrew Brown, Tim Cocks and Kumutha Swampillai, February 2004.

spyware

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Spyware

Image Source – The Gator Corporation – http://www.gator.com

software examples

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Software Examples
  • GAIN / Gator
  • Gator E-Wallet
  • Cydoor
  • BonziBuddy
  • MySearch Toolbar
  • DownloadWare
  • BrowserAid
  • Dogpile Toolbar

Image Sources…

GAIN Logo – The Gator Corporation – http://www.gator.com

BonziBuddy Logo – Bonzi.com - http://images.bonzi.com/images/gorillatalk.gif

DownloadWare Logo – DownloadWare - http://www.downloadware.net

advantages

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Advantages
  • Precision Marketing
    • Relevant pop-ups are better than all of them!
    • You may get some useful adverts!
  • Useful Software
    • DivX Pro, IMesh, KaZaA, Winamp Pro
    • (Experienced) people understand what they are installing.
  • Enhanced Website Interaction
    • Targeted banner adverts
    • Website customisation

User Perspective - I

disadvantages

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Disadvantages
  • Browsing profiles created for users without consent
    • Used for target marketing and statistical analysis
  • Unable to remove Spyware programs or disable them
  • Increased number of misleading / inappropriate pop-ups
  • Invasion of user privacy (hidden from user)
  • Often badly written programs corrupt user system
  • Automatically provides unwanted “helpful” tools
  • “20 million+ people have Spyware on their machines.”

Source - Dec ’02 GartnerG2 Report

User Perspective - II

example pop up

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Example Pop-up

Misleading Pop-up

User Perspective - III

Image Source – Browser Cleanser – Directed pop-up from http://www.browsercleanser.com/

network overview

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Network Overview
  • Push
    • Advertising
  • Pull
    • Tracking
    • Personal data

Technical Analysis - I

Image Source – Image derived and produced by; Andrew Brown, Tim Cocks and Kumutha Swampillai, February 2004.

client side operation

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Client-Side Operation

Technical Analysis - II

Image Source – Image derived and produced by; Andrew Brown, Tim Cocks and Kumutha Swampillai, February 2004.

server side operation

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Server-Side Operation
  • Server-side operation is relatively unknown. However, if we were to develop such a system, it would contain…

Technical Analysis - III

Image Source – Image derived and produced by; Andrew Brown, Tim Cocks and Kumutha Swampillai, February 2004.

spyware defence

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Spyware Defence

User Initiatives…

  • Issue Awareness
  • Use Legitimate S/W Sources
  • Improved Technical Ability
  • Choice of Browser
  • Choice of OS
  • Legal action taken against breaches of privacy
    • Oct ’02 Doubleclick

Technical Initiatives...

  • Spyware Removal Programs
  • Pop-up Blockers
  • Firewall Technology
  • Disable ActiveX Controls
    • Not Sandboxed
  • E-Mail Filters
  • Download Patches
gain case study

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

GAIN Case Study
  • Installed IMesh, which includes Gator Installation
  • We accessed multiple internet sites
  • We simultaneously analyzed network traffic (using IRIS)
  • We found the packets of data being sent to GAIN
  • Packets were encrypted and we could not decrypt them
  • See Example ->
slide19

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Image Source – Screenshot of IRIS v3.7 Network Analyser – Professional Networks Ltd. See http://www.pnltools.com.

spyware removers

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Spyware Removers

Ad-aware (by Lavasoft)

  • Reverse Engineer Spyware
  • Scans Memory, Registry and Hard Drive for…
    • Data Mining components
    • Aggressive advertising components
    • Tracking components
  • Updates from Lavasoft
  • Plug-ins available
    • Extra file information
    • Disable Windows Messenger Service

Image Source – Screenshot of Ad-aware 6.0. LavaSoft. See http://www.lavasoft.com

vulnerable systems

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Vulnerable Systems
  • Those with an internet connection!
  • Microsoft Windows 9x/Me/NT/2000/XP
  • Does not affect Open Source OSs
  • Non - fire-walled systems
  • Internet Explorer, executes ActiveX plug-ins
  • Other browsers not affected
tracking cookies

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Tracking Cookies

cookies

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Cookies
  • A Cookie is a small text file sent to the user from a website.
    • Contains Website visited
    • Provides client-side personalisation
    • Supports easy Login
  • Cookies are controlled by…
    • Website’s Application Server
    • Client-side Java Script
  • The website is effectively able to ‘remember’ the user and their activity on previous visits.
  • Spyware companies working with websites are able to use this relatively innocent technology to deliver targeted REAL TIME marketing, based on cookies and profiles.
case study doubleclick

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Case Study - DoubleClick
  • Most regular web users will have a “doubleclick.net” cookie.
  • Affiliated sites request the DoubleClick cookie on the users computer.
  • The site then sends…
    • Who you are
    • All other information in your cookie file
  • In return for…
    • All available marketing information on you - collected from other affiliated sites which the you have hit.
case study doubleclick25

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Case Study – DoubleClick
  • Site targets banner adverts, e-mails and pop-ups to the user.
  • If the user visits an affiliated site without a DoubleClick cookie, then one is sent to the user.
  • The whole process is ‘opaque’ to the user and occurs without their consent.
tracking cookie implementation

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Tracking Cookie Implementation
  • Protocol designed to only allow the domain who created a cookie to access it.
  • IE has a number of security holes…
    • Up to IE 5, domain names specified incorrectly.
    • Up to IE 6, able to fool IE into believing it is in another domain.
  • Patches and IE 6 solved a number of problems
  • Since then, tracking cookies are still proving a large problem, there are still a number of holes still open.
tracking cookie implementation27

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Tracking Cookie Implementation

Image Source – Image produced by Andrew Brown, Tim Cocks and Kumutha Swampillai; partially inspired by a diagram from [16].

tracking cookie defence

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Tracking Cookie Defence
  • Replace tracking cookies with write protected zero length files of the same name.
  • DoubleClick offer an opt-out cookie, which can be obtained from their website.
  • Disable cookies
    • Makes many websites unusable
  • Delete cookies after session
  • Spyware remover (Ad-aware)

Image Source – Screenshot of DoubleClick OptOut Cookie displayed in Microsoft Notepad.

trojan horses

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Trojan Horses
installation

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Installation
  • Secretly installed when an infected executable is run
    • Much like a virus
    • Executables typically come from P2P networks or unscrupulous websites
  • ActiveX controls on websites
    • ActiveX allows automatic installation of software from websites
    • User probably does not know what they are running
    • Misleading descriptions often given
    • Not sandboxed!
    • Digital signatures used, signing not necessary
installation31

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Installation
  • Certificate Authority
  • Misleading Certificate Description
  • Who is trusted?

Image Source – Screenshot of Microsoft Internet Explorer 6 security warning, prior to the installation of an ActiveX Control from “Roings”.

effects

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Effects
  • Allows remote access
    • To spy
    • To disrupt
    • To relay a malicious connection, so as to disguise the attacker’s location (spam, hacking)
    • To access resources (i.e. bandwidth, files)
    • To launch a DDoS attack
operation

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Operation
  • Listen for connections
  • Memory resident
  • Start at boot-up
  • Disguise presence
  • Rootkits integrate with kernel
  • Password Protected
example back orifice

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Example: Back Orifice
  • Back Orifice
    • Produced by the “Cult of the Dead Cow”
    • Win95/98 is vulnerable
    • Toast of DefCon 6
    • Similar operation to NetBus
    • Name similar to MS Product of the time
bo protocol

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

BO: Protocol
  • Modular authentication
  • Modular encryption
    • AES and CAST-256 modules available
  • UDP or TCP
  • Variable port
    • Avoids most firewalls
  • IP Notification via. ICQ
    • Dynamic IP addressing not a problem
bo protocol example 1

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

ICQ SERVER

Victim

CONNECTION

TROJAN

IP ADDRESS AND PORT

IP ADDRESS AND PORT

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

BO: Protocol Example (1)

INFECTION OCCURS

Attacker

Image Source – Image derived and produced by; Andrew Brown, Tim Cocks and Kumutha Swampillai, February 2004.

bo protocol example 2

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Attacker

Victim

CONNECTION

COMMAND

REQUEST FOR INFORMATION

INFORMATION

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

BO: Protocol Example (2)

COMMAND EXECUTED

Image Source – Image derived and produced by; Andrew Brown, Tim Cocks and Kumutha Swampillai, February 2004.

bo protocol example 3

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Attacker

Victim

CLEANUP COMMAND

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

BO: Protocol Example (3)

EVIDENCE DESTROYED

Image Source – Image derived and produced by; Andrew Brown, Tim Cocks and Kumutha Swampillai, February 2004.

trojan horse examples

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Trojan Horse Examples
  • M$ Rootkit
    • Integrates with the NT kernel
    • Very dangerous
    • Virtually undetectable once installed
    • Hides from administrator as well as user
    • Private TCP/IP stack (LAN only)
trojan horse examples40

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Trojan Horse Examples
  • iSpyNOW
    • Commercial
    • Web-based client
  • Assassin Trojan
    • Custom builds may be purchased
    • These are not found by virus scanners
    • Firewall circumvention technology
trojan horse examples41

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Trojan Horse Examples
  • Hardware
    • Key loggers
    • More advanced?
  • Magic Lantern
    • FBI developed
    • Legal grey area (until recently!)
    • Split virus checking world
demonstration

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Demonstration

vulnerable systems43

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Vulnerable Systems

Number of trojans in common use…

RELATIVELY SAFE

DANGEROUS

MacOS

WinNT

Win 9x

MacOS X

Linux/Unix

WinNT refers to Windows NT 4, 2000, XP and Server 2003. Win9x refers to Windows 95, 95SE, 98 and ME.Information Source: McAfee Security - http://us.mcafee.com/

Image Source – Image derived and produced by; Andrew Brown, Tim Cocks and Kumutha Swampillai, February 2004.

vulnerable systems44

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Vulnerable Systems

Ease of compromise…

DANGEROUS

RELATIVELY SAFE

WinNT

MacOS

Win 9x

MacOS X

Linux/Unix

WinNT refers to Windows NT 4, 2000, XP and Server 2003. Win9x refers to Windows 95, 95SE, 98 and ME.Information Source: McAfee Security - http://us.mcafee.com/

Image Source – Image derived and produced by; Andrew Brown, Tim Cocks and Kumutha Swampillai, February 2004.

conclusions

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Conclusions

security implications

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Security Implications
  • Divulge personal data
  • Backdoors into system
  • System corruption
  • Disruption / Irritation
  • Aids identity theft
  • Easy virus distribution
  • Increased spam

Short Term

Long Term

  • Mass data collection
  • Consequences unknown
  • Web becomes unusable
  • Web cons outweigh pros
  • Cost of preventions
  • More development work
  • More IP addresses (IPv6)
solutions

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Solutions
  • Firewall
  • Virus Checker
  • Spyware Remover
  • Frequent OS updates
  • Frequent back-up
  • Learning problems

Short Term

Long Term

  • Add Spyware to Anti-Virus
  • Automatic maintenance
  • Legislation
  • Education on problems
  • Biometric access
  • Semantic web (and search)
firewalls

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Firewalls

Network / Internet

  • 3 Types…
    • Packet Filtering – Examines attributes of packet.
    • Application Layer – Hides the network by impersonating the server (proxy).
    • Stateful Inspection – Examines both the state and context of the packets.
  • Regardless of type; must be configured to work properly.
  • Access rules must be defined and entered into firewall.
firewalls49

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Firewalls

Network / Internet

http - tcp 80

telnet - tcp 23

http - tcp 80

Packet Filtering

ftp - tcp 21

Web Server

Firewall

Allow only http - tcp 80

202.52.222.10: 80

192.168.0.10 : 1020

202.52.222.10: 80

Stateful Inspection

192.168.0.10 : 1020

PC

Firewall

Only allow reply packets for requests made out

Block other unregistered traffic

Image Source – Image produced by Andrew Brown, Tim Cocks and Kumutha Swampillai; partially inspired by a diagram from [4].

intrusion detection systems

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Intrusion Detection Systems

Network

Server

Switch

Firewall

IDS

  • Intrusion Detection – A Commercial Network Solution
  • An “Intelligent Firewall” – monitors accesses for suspicious activity
  • Neural Networks trained by Backpropagation on Usage Data
  • Could detect Trojan Horse attack, but not designed for Spyware
  • Put the IDS in front of the firewall to get maximum detection
  • In a switched network, put IDS on a mirrored port to get all traffic.
  • Ensure all network traffic passes through the IDS host.

Server

PC

Image Source – Image produced by Andrew Brown, Tim Cocks and Kumutha Swampillai; partially inspired by a diagram from [4].

system x

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

“System X”

Network / Internet / Standalone

  • Composed of…
    • Open Source OS
    • Mozilla / Opera / Lynx (!) Browser (Not IE)
    • Stateful Inspection Firewall
    • Anti-Virus Software
    • Careful and educated user
    • Secure permissions system
    • Regularly updated (possibly automatically)
questions

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Questions…

Image Source – Penny Arcade - http://www.penny-arcade.com/view.php3?date=2002-07-19&res=l

bibliography links

Spyware and Trojan Horses – Computer Security Seminar 12th February 2004

Andrew Brown, Tim Cocks and Kumutha Swampillai http://birmingham.f9.co.uk

Bibliography / Links
  • [1] "Spyware" Definition - BlackICE Internet Security Systems - http://blackice.iss.net/glossary.php
  • [2] "Trojan Horse" Definition
    • Texas State Library and Archives Commission - http://www.tsl.state.tx.us/ld/pubs/compsecurity/glossary.html
  • [3] Zeinalipour-Yazti, D. “Exploiting the Security Weaknesses of the Gnutella Protocol”, University of California. 
  • [4] Joshi, R. “Network Security Applications”, Merchantile Communications, CANIT Conference 2003.
  • [5] CERT Advisory CA-1999-02 http://www.cert.org/advisories/CA-1999-02.html
  • [6] Spyware Guide – http://www.spyware-guide.com
  • [7] Trojan Horses - http://www.mpsmits.com/highlights/trojan_horses.shtml
  • [8] Trojan Horse - Back Orifice - http://www.nwinternet.com/~pchelp/bo/bo.html
  • [9] NetBus - http://www.nwinternet.com/~pchelp/nb/netbus.htm
  • [10] BBC News - http://news.bbc.co.uk/1/hi/technology/3153229.stm
  • [11] Wired News – “Judge takes bite out of Gator” www.wired.com/news/politics/0,1283,53875,00.html
  • [12] Tracking Cookies – Demonstration at http://www.irt.org/instant/chapter10/tracker/index4.htm
  • [13] BonziBuddy - http://www.bonzi.com/bonzibuddy/bonzibuddyfreehom.asp
  • [14] Unwanted Links (Spyware) – http://www.unwantedlinks.com
  • [15] Andersen, R. "Security Engineering", First Edition, J. Wiley and Sons, 2001.
  • [16] Scacchi, W. “Privacy and Other Social Issues”, Addison-Wesley, 2003.
    • http://www.ics.uci.edu/~wscacchi/Tech-EC/Security+Privacy/Privacy.ppt
ad