Internet Security Whitepapers

Computer Misuse Act (Of Singapore)

Internet Security Whitepapers Hacking Laws

In this Act, unless the context otherwise requires -- "computer" means an electronic, magnetic, optical, electrochemical, or other data processing device, or a group of such interconnected or related devices, performing logical, arithmetic, or storage functions, and includes any data storage facility or communications facility directly related to or operating in conjunction with such device or group of such interconnected or related devices.

Computer Viruses

Internet Security Whitepapers Viruses and Worms

A computer virus is a program or piece of code that operates by attaching itself to some other program or downloaded file. When this program starts, the virus code unintentionally runs, replicates itself and infects other programs or documents on the PC. A computer virus spreads mainly via e-mail attachments, downloadable files from the Internet or floppy disks. Virus infection can be prevented by installing (and maintaining) anti-virus software, among other strategies, some of which are outlined in this advice sheet.

Computer Viruses: How to Avoid Infection

Internet Security Whitepapers Viruses and Worms

From viruses to worms to Trojan Horses, the catchall term "virus" describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you problems. Once you understand what viruses are and how they can work, you can build a defense.

ContentWatch Internet Filtering End-To-End Technology

Internet Security Whitepapers Internet Content Filtering Techniques

In the world of ever changing Internet content and increasingly mobile computing devices, ContentWatch takes a unique and comprehensive approach to end-to-end Internet filtering solutions. This white paper explains the pros and cons of various deployment options and analysis technologies. It also demonstrates why ContentWatch end-to-end deployment, combined with Dynamic Contextual Analysis, is the most advanced Internet filtering technology available today.

Covert Channel Analysis and Data Hiding in TCP/IP

Internet Security Whitepapers Covert Hacking

This thesis investigates the existence of covert channels in computer networks by analyzing the transport and the Internet layers of the TCP/IP protocol suite. Two approaches for data hiding are identified: packet header manipulation and packet sorting. Each scenario facilitates the interaction of steganographic principles with the existing network security environment. Specifically, we show how associating additional information with IPv4 headers can ease up security mechanisms in network nodes like routers, firewalls and for services such as authentication, audit, and billing. Furthermore, use of packet sorting with the IP Sec framework results in an enhanced network security architecture. The packet sorting approach is simulated at the network layer which provides a feasibility of packet sorting under varying network conditions. While bridging the areas of data hiding, network protocols and network security, both techniques have potential for practical data hiding at the transport and network layers.

Covert Channel Vulnerabilities in Anonymity Systems

Internet Security Whitepapers Covert Hacking

Covert channels transfer information in violation of a security policy. Multilevel secure systems (MLS) aim to protect against unauthorised flows of information, through mandatory access control, backed by covert channel prevention. Similarly, anonymity systems aim to protect a user’s actions and identity from observation by an adversary; an implicit information flow control policy. This thesis will discuss the congruence between covert channel prevention and securing anonymity systems, showing how techniques for attacking and protecting MLS can be used in the analysis and improvement of anonymity systems.

Covert Channels Provided Hackers - Opportunity and Means for Distributed Denial of Service Attacks

Internet Security Whitepapers Covert Hacking

A "covert channel" can be described as: "Any communications channel that can be exploited by a process to transfer information in a manner that violates the system’s security policy." Essentially it is a method of communication that is not part of an actual computer systems design but can be used to transfer information to users or system processes that normally would not be allowed access to the information. Covert channel exploits typically require a malicious client or server program operating on a PC outside the protected network and a malicious server or client program operating on a server inside the protected network.

Cryptography and Evidence

Internet Security Whitepapers Cryptography

The invention of public-key cryptography led to the notion that cryptographically protected messages could be used as evidence to convince an impartial adjudicator that a disputed event had in fact occurred. Information stored in a computer is easily modified, and so records can be falsified or retrospectively modied. Cryptographic protection prevents modification, and it is hoped that this will make cryptographically protected data acceptable as evidence. This usage of cryptography to render an event undeniable has become known as non-repudiation. This dissertation is an enquiry into the fundamental limitations of this application of cryptography, and the disadvantages of the techniques which are currently in use. In the course of this investigation I consider the converse problem, of ensuring that an instance of communication between computer systems leaves behind no unequivocal evidence of its having taken place. Features of communications protocols that were seen as defects from the standpoint of non-repudiation can be seen as benefits from the standpoint of this converse problem, which I call "plausible deniability".

Cyber Crime

Internet Security Whitepapers Hacking Laws

This lesson will introduce students to the criminal implications and consequences of computer crime, specifically hacking.

Cyber Operations and Cyber Terrorism

Internet Security Whitepapers Cyber Warfare and Terrorism

This informational document supplements the basic terrorism handbook and supports operational missions, institutional training, and professional military education for U.S. military forces in the Global War on Terrorism (GWOT). This document provides an introduction to Cyber Terrorism, and addresses the history of the phenomena, how terrorist organizations recruit, the motivations behind use of the tactic, characteristics of Cyber Terrorism, and the types of attacks against networks. Finally, the handbook addresses specific threats to military forces.