Elements of Computer Security

By David Salomon. Published by Springer Verlag late 2010. ISBN 978-0-85729-005-2. LCCN (unassigned). xv+374 pages.

A BibTeX style file and an Errata list are available.

Written March through July 2010, the book consists of 11 chapters, three appendixes (hackers, leet speak, and a virus timeline), a glossary, bibliography, and index.

Dedicated to the many anonymous cybercriminals and hackers, without whom this book would not have been necessary.

From the Preface.

This book is intended as a starting point for those familiar with basic concepts of computers and computations who would like to extend their knowledge into the realm of computer and network security. The book is primarily a textbook for undergraduate classes on computer security. It is mostly non- mathematical and makes no attempt to be complete. The only prerequisite for understanding the material presented here is familiarity with the basic concepts of computers and computations such as (1) the organization of data in bits and bytes, (2) data structures (arrays, trees, and graphs), and (3) network concepts such as IP numbers, input/output ports, and communications protocols.

This book is an up-to-date version of the 2005 text Foundations of Computer Security. The material has been brought up to date, old examples of malware and threats have been replaced with new ones, and material that was judged less important was cut out. Timing. The many phrases "at the time of this writing" found in the book refer to the period from February to June 2010, during which this book was prepared.

Special features that enhance the textbook aspect of the book are the many exercises sprinkled throughout the text (with answers available here), the virus timeline (Appendix C), and the Glossary. Another attractive feature is the jokes (check the index). There are no riddles.

An interesting (and, I believe, also original) feature of this book is its minimal use of the vague term "system." This word is used only (1) in connection with well-defined or commonly-used terms such as "operating system," "file system," and "notational system," (2) when it is part of names of organizations, or (3) when it is included in a quotation or in software code. Many texts use this vague term liberally, thereby confusing the reader. Sentences such as "In addition, the resulting flood may exhaust system memory, resulting in a system crash. The net result is that the system is unavailable or nonfunctional," are confusing. Instead of "system" the author should specify what is being discussed, whether it is a computer, a piece of software, a router, or something else.

While I was at it, I also avoided the use of the cliche "basically," employing "essentially" or "fundamentally" instead. On the other hand, the term "user" is a favorite in this book.

Table of Contents

Book Cover
Preface vii 

Introduction 1 

1 Physical Security 17 
1.1 Side-Channel Attacks 17 
1.2 Physical Threats 22 
1.3 Laptop Security 29 
1.4 Disaster Recovery Planning 32 
1.5 Privacy Protection 33 

2 Viruses 37 
2.1 Operating Systems 38 
2.2 Computer Viruses 40 
2.3 Virus Writers 45 
2.4 Virus Propagation 49 
2.5 Virus Classi�cation 51 
2.6 Boot Sector Viruses 54 
2.7 File Infector Viruses 57 
2.8 Companion Viruses 61 
2.9 Multipartite Viruses 62 
2.10 Macro and Script Viruses 63 
2.11 Infected Images 65 
2.12 Virus Life Cycle 69 
2.13 Viruses and UNIX 71 
2.14 Viruses and the Macintosh 72 
2.15 Virus Replication 72 
2.16 Virus Payload 73 
2.17 Virus Organization 81 
2.18 Virus Naming 82 
2.19 Virus Hiding Methods 83 
2.20 Polymorphism 88 
2.21 Virus Stealth Techniques 90 
2.22 Interrupts and Viruses 92 
2.23 Trapdoors 96

3 Worms 99 
3.1 Code Red I 101 
3.2 Worming Techniques 103 
3.3 Proposing a CCDC 114 
3.4 The Internet Worm 117 
3.5 iPhone Worms 120 

4 Trojan Horses 123 
4.1 Applications of Tro jans 124 
4.2 Installing a Tro jan 126 
4.3 Rigging a Compiler 129 

5 Examples of Malware 137 
5.1 The Lehigh Virus 137 
5.2 The Brain Virus 138 
5.3 The Michaelangelo Virus 139 
5.4 The SirCAM Virus 140 
5.5 The Melissa Virus 141 
5.6 Scores Virus 142 
5.7 Swiss Amiga Virus 143 
5.8 Christmas Card Virus 144 
5.9 VBS.KAK Worm 145 
5.10 The Cruncher Virus 145 
5.11 Opener Virus 146 
5.12 MTX Worm/Virus 148 

6 Prevention and Defense 151 
6.1 Understanding Vulnerabilities 151 
6.2 Defenses Against Malware 156 
6.3 Anti-Virus Software 157 
6.4 Backups and Such 168 
6.5 Botnets, Zombies, and Remote Control 173 
6.6 Hoaxes 175 

7 Network Security 179 
7.1 Internet Vulnerabilities 179 
7.2 Port Scanning 180 
7.3 Spoofs 181 
7.4 Spam 186 
7.5 Denial of Service 199 
7.6 Firewall Basics 202 
7.7 Other Threats 205 

8 Authentication 209 
8.1 Local Authentication 210 
8.2 Biometric Techniques 210 
8.3 Passwords 216

9 Spyware 233 
9.1 Introduction and De�nition 234 
9.2 RIAA and Spyware 238 
9.3 Terrorism and Spyware 239 
9.4 Political Contributions 241 
9.5 Distribution of Spyware 242 
9.6 Remote Reporting 245 
9.7 Adware 248 
9.8 Spyware? 249 

10 Identity Theft 255 
10.1 Introduction 256 
10.2 Shredding 261 
10.3 Internet Cookies 263 
10.4 Phishing 264 
10.5 The Homograph Threat 270 

11 Privacy and Trust 273 
11.1 Privacy Issues 274 
11.2 Online Privacy 277 
11.3 Children's Privacy 279 
11.4 Digital Forensics 285 
11.5 Trust 286 

A The Hacker 291 
B l33t Speak 299 
C Virus Timeline 303 

Concluding Remarks 325 
Glossary 331 
Bibliography 347 
Index 363 

From the back cover

As our society grows ever more reliant on computers, so it also becomes more vulnerable to computer crime. Cyber attacks have been plaguing computer users since the 1980s, and computer security experts are predicting that smart telephones and other mobile devices will also become the targets of cyber security threats in the future.

Developed from the author's highly successful Springer text, Foundations of Computer Security, this accessible, broad-ranging, and versatile textbook has been fully updated and enhanced with resources for students, instructors, and even those motivated to self-study on this topic.

Auxiliary Material

The answers to the exercises in the book are available here (PDF, 244K).

A document on cryptography is available here (PDF, 476K, 26 pages). It has its own exercises and answers.

Spyware: what you don't know can hurt you. A 92-page report of a hearing at the US house of representatives (mentioned in the book's bibiography, page 352, under [House 2004]).

Laptop security. A 5-page article published in the Fall 2004 issue of "The Hacker Quarterly" (author unknown).

[Asonov and Agrawal 2004]. The article on keyboard acoustic emanations mentioned on page 20.

[NIST Handbook 2004], a 290-page Ebook mentioned on page 16 among other important references.

[Staniford et al. 2002], the excellent paper mentioned on pages 99, 101, and 114 in connection with Internet worms.

[Agrawal and Srikant 2004], the reference mentioned on page 34 in connection with privacy protection.

natas selur, The Confessions of a Hacker (from http://www.theeunderground.com/) is a text file with advice and basic information for would-be hackers.

Securing Mac OS X, a guide to security hardening for Apple Mac OS 10.3 by Paul Day, (pd(at)csse.uwa.edu.au), November 2004. A 40-page document discussing numerous methods of securing Apple Mac OS 10.3 and drawbacks to currently accepted methods of security. It covers both security from a local user's perspective and a network perspective.

Securing Mac OS X. Presentation slides (36 pages) for the document above.

Mac OS X System Hardening. Guidelines for Faculty and Staff, 13 pages issued by the University of Tennessee, Knoxville.

Trivia

Page 304 talks about the origins of the fear of Friday the 13th. Few know that the long, complex, and rare term "Paraskavedekatriaphobia" describes this phobia. This term is a concatenation of the Greek words Paraskevi (Friday), dekatreis (thirteen), and phobia (fear).

Last Updated 30 June 2010.