About Hacker Techniques used in Attacks on Networks and Systems

Advanced Programming Specialist Group event

Date/Time:
Thursday 13th December 2007, 6.00pm

Venue:
The Davidson Building,5 Southampton Street, London WC2 7HA. Nearest Underground stations Covent Garden, Charing Cross.

Speaker:
Professor Klaus Brunnstein, Hamburg University

Summary:
As introduction, some major hacker attacks will be discussed. This part will include also a short discourse about the self-understanding of "ethical hackers", which is also an essential basis both of professional penetration testing methods (used to assure the robustness of business networks and systems against malicious attacks), as well as the ground on which digital investigation of crimes (such as FBI's Carnivore and German BKA's "Federal Trojan") are established.

Hacker attacks use weaknesses in systems or of social organisations. While techniques of "social engineering" are just mentioned, the presentation goes into some detail of how vulnerabilities (e.g. 0-day exploits, different forms of malicious software, weaknesses of Internet protocol IP v.4) are used to invade active systems (most of which are persistently "on the net" with almost no supervision) and install persistent watchdogs (e.g. trojan horses, spyware).

Such attacks can be placed in direct ("manual") mode, or specific attack software (e.g. networked malicious robots: botnets) can be used to automagically scan networks for weak systems. Attacks may also be added "in transit" to software using interpretative systems (e.g. SQL injection, malicious software embedded in Office macros, html messages and, recently, pdf files).

Finally, the profile of (malevolent) "crackers" versus "ethical hackers" will be highlighted with selected examples (e.g. Phishing and Pharming attacks for monetarial profit, versus Western European "ethical hackers", demonstrating system weaknesses though not for monetarial gains).

Admission:
Free, but to gain admission please email your name to our Vice-Chairman, Dr Frank Martin, at - frank.martin@bcs.org

CPD Value:
Half Unit