20s-2550: L25 Crimeware
Materials
You can use the L25 slides (pdf) to take notes.
L25 annotated slides (pdf) from lecture have my drawings.
Please see piazza@439 for a link to the recorded video.
Summary
- Examples of XSS and SQL injection from simple programs.
- 5 important principles for avoiding these
- Discussion of cybersecurity crime, different type of strategies
- Trojan horse
- backdoors
- rootkits
- worms
- Common vectors for building a botnet
- Q: how does clicking on a mail attachment lead to malware installation?
- Port scanning
- Application exploits
- Mirai example (password guessing)
- Anatomy of a sample browser exploit
- Botnets are networks of infected computers used by cybercriminals to launch other attacks.
- They have adopted interesting techniques to thwart attempts to “take them down.”
- They inherently rely on a hierarchical structure, with the botmaster at the top giving instructions. This makes them vulnerable.
- The client nodes use different DNS lookups to find their command nodes.
- Many interesting stories of how researchers have to work hard to take these botnets down; for example, predicting future DNS lookups and registering them first.