DOCSLIB.ORG

Cyber Crime and Cyber Terrorism Investigator's Handbook / Babak Akhgar, Francesca Bosco, Andrew Staniforth

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cyber Crime and Cyber Terrorism Investigator's Handbook / Babak Akhgar, Francesca Bosco, Andrew Staniforth Cyber Crime and Cyber Terrorism Investigator’s Handbook Cyber Crime and Cyber Terrorism Investigator’s Handbook Edited by Babak Akhgar Andrew Staniforth Francesca Bosco AMSTERDAM • BOSTON • HEIDELBERG • LONDON NEW YORK • OXFORD • PARIS • SAN DIEGO SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO Syngress is an Imprint of Elsevier Acquiring Editor: Steve Elliot Editorial Project Manager: Benjamin Rearick Project Manager: Priya Kumaraguruparan Designer: Mark Rogers Syngress is an imprint of Elsevier 225 Wyman Street, Waltham, MA 02451, USA Copyright © 2014 Elsevier Inc. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher’s permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions. This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein). Notices Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described here in. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility. To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein. Library of Congress Cataloging-in-Publication Data Akhgar, Babak. Cyber crime and cyber terrorism investigator's handbook / Babak Akhgar, Francesca Bosco, Andrew Staniforth. pages cm Includes bibliographical references and index. 1. Computer crimes–Investigation. 2. Cyberterrorism–Investigation. 3. Computer crimes– Investigation–Case studies. 4 Cyberterrorism–Investigation–Case studies. I. Bosco, Francesca II. Staniforth, Andrew. III. Title. HV8079.C65A37 2014 363.25'968–dc23 2014017880 British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library ISBN: 978-0-12-800743-3 For information on all Syngress publications, visit our website at http://store.elsevier.com/syngress This book has been manufactured using Print On Demand technology. Each copy is produced to order and is limited to black ink. The online version of this book will show color figures where appropriate Acknowledgments The editors wish to thank the multidisciplinary team of experts who have contributed to this book, sharing their knowledge and experience. Thanks are also extended to Lord Carlile of Berriew CBE QC for supporting this work. We would also like to take this opportunity to acknowledge the contribution of the team at CENTRIC (Centre of excellence in terrorism, resilience, intelligence, and organized crime research, at Sheffield Hallam University) and for the support provided by West Yorkshire Police, the Office of the Police and Crime Commissioner for West Yorkshire, and the United Nations Interregional Crime and Justice Research Institute (UNICRI). And finally, we express our gratitude and appreciation to Dr. Eleanor Lockley. Her contribution and dedication has made this edited volume possible. We would particularly like to acknowledge the following organizations and indi- viduals for their support: Sheffield Hallam University West Yorkshire Police Office of the Police and Crime Commissioner for West Yorkshire United Nations Interregional Crime and Justice Research Institute v Endorsements “This authoritative volume provides all security practitioners with a trusted reference and resource to guide them through the complexities of investigating cyber crime and cyber terrorism.” Lord Carlile of Berriew CBE QC “The global multi-disciplinary team of expert contributors have compiled an excellent operational reference and resource to support the new generation of cyber investigators.” John D Parkinson OBE Chair of Centre of Excellence in Terrorism, Resilience, Intelligence & Organised Crime Research (CENTRIC) vii Contributors Babak Akhgar Director of CENTRIC, Sheffield Hallam University, UK Ameer Al-Nemrat University of East London, UK P. Saskia Bayerl Rotterdam School of Management, Erasmus University, The Netherlands Francesca Bosco University of Milan, Italy Giovanni Bottazzi Dipartimento di Ingegneria Civile e Ingegneria Informatica, Unversita di Roma 'Tor Vergata', Roma Ben Brewster CENTRIC, Sheffield Hallam University, UK Emelyn Butterfield Lecturer, Leeds Metropolitan University, UK Daniel Cohen Research Fellow, The Institute of National Security Studies, Tel Aviv University, Israel Alan Cook Agenci Information Security (AIS) Consultancy, UK Mohammed Dastbaz Dean of the Faculty of the Arts, Environment and Technology, Leeds Metropolitan University, UK Ruairidh Davison Human Systems Integration Group, Coventry University, UK David Day Senior Lecturer, Sheffield Hallam University, UK Konstantinos Domdouzis CENTRIC, Sheffield Hallam University, UK Helen Gibson CENTRIC, Sheffield Hallam University, UK Edward Halpin Leeds Metropolitan University, UK Bruno Halupeau European Crime Centre EC3, Eurpol xvii xviii Contributors Gary Hibberd Agenci Information Security (AIS) Consultancy, UK Amin Hosseinian-Far Williams College, UK John Huddlestone Coventry University, UK Hamid Jahankhani Director of Research and Consultancy Development, Williams College, UK Eleanor Lockley Researcher, CENTRIC, Sheffield Hallam University, UK Eric Luiijf TNO Networked Organisations Principal Consultant C(I)IP& Cyber Ops Networked Organisations, The Hague, The Netherlands Alessandro Mantelero Polytechnic University of Turin, Italy Gianluigi Me CeRSI, Research Center in Information Systems, LUISS Guido Carli University, Roma Dale Richards Senior Lecturer, Human Technology Centre, Coventry University, UK Fraser Sampson Chief Executive and Solicitor of the Office of Police and Crime Commissioner, West Yorkshire Police, UK Siraj A. Shaikh Digital Security and Forensics (SaFe) Research Group, Coventry University, UK Andrew Staniforth West Yorkshire Police, UK Alex W. Stedmon Reader in Human Factors, Human Systems Integration Group, Coventry University, UK Giuseppe Vaciago Polytechnic University of Turin, Italy Sufian Yousef Anglia Ruskin University, UK Author Biography BABAK AKHGAR Babak Akhgar is Professor of Informatics and Director of CENTRIC (Center of excel- lence in terrorism, resilience, intelligence and organized crime research) at Sheffield Hallam University and Fellow of the British Computer Society. Akhgar graduated from Sheffield Hallam University in Software Engineering. He gained considerable commercial experience as a Strategy Analyst and Methodology Director for several international companies. Prof. Babak Akhgar obtained a Master degree (with distinc- tion) in Information Systems in Management and a PhD in Information Systems. He has more than 100 referred publications in international journals and confer- ences on information systems with specific focus on knowledge management (KM). He is member of editorial boards of a number of international Journals, Chair and programme committee member of several international conferences. Akhgar has ex- tensive and hands on experience in development, management and execution of KM projects and large international security initiatives (e.g., Application of social me- dia in crisis management, intelligence-based combating of terrorism and organised crime, Gun crime, cyber security, Public Order and cross cultural ideology polariza- tion) with multimillion Euros budgets. In addition to this he is the technical lead of two EU Security projects; “Courage” which focuses on Cyber Crime and Cyber Terrorism and “Athena project” which focuses on the application of social media and mobile devices in crisis management. He has co-edited a book on Intelligence management (Knowledge Driven frame- works for combating Terrorism and Organised crime). His recent books are titled Strategic Intelligence Management (National Security Imperatives and Information and Communications Technologies) 2013 and Emerging Trends in ICT Security 2014. Prof. Akhgar is also a member of academic advisory board of SAS UK. ANDREW STANIFORTH Detective Inspector Andrew Staniforth has extensive operational counter-terrorism ex- perience in the UK. As a qualified teacher he has designed national counter-terrorism exercise programmes and delivers training to police commanders from across the world at the UK College of Policing. He is the author of the Blackstone’s Counter-Terrorism Handbook (Oxford University Press, 2013), the Blackstone’s Handbook of Ports and Borders Security (Oxford University Press, 2013), the Routledge Companion to UK Counter-Terrorism (Routledge, 2012) and Preventing Terrorism and Violent Extremism (Oxford University Press, 2014). Andrew is a Senior Research Fellow at the Centre of Excellence
Load more

Recommended publications
  • Report Criminal Law in the Face of Cyberattacks
    APRIL 2021 REPORT CRIMINAL LAW IN THE FACE OF CYBERATTACKS Working group chaired by Bernard Spitz, President of the International and Europe Division of MEDEF, former President of the French Insurance Federation (FFA) General secretary: Valérie Lafarge-Sarkozy, Lawyer, Partner with the law firm Altana ON I SS I AD HOC COMM CRIMINAL LAW IN THE FACE OF CYBERATTACKS CRIMINAL LAW IN THE FACE OF CYBERATTACKS CLUB DES JURISTES REPORT Ad hoc commission APRIL 2021 4, rue de la Planche 75007 Paris Phone : 01 53 63 40 04 www.leclubdesjuristes.com FIND US ON 2 PREFACE n the shadow of the global health crisis that has held the world in its grip since 2020, episodes of cyberattacks have multiplied. We should be careful not to see this as mere coincidence, an unexpected combination of calamities that unleash themselves in Ia relentless series bearing no relation to one another. On the contrary, the major disruptions or transitions caused in our societies by the Covid-19 pandemic have been conducive to the growth of offences which, though to varying degrees rooted in digital, are also symptoms of contemporary vulnerabilities. The vulnerability of some will have been the psychological breeding ground for digital offences committed during the health crisis. In August 2020, the Secretary-General of Interpol warned of the increase in cyberattacks that had occurred a few months before, attacks “exploiting the fear and uncertainty caused by the unstable economic and social situation brought about by Covid-19”. People anxious about the disease, undermined by loneliness, made vulnerable by their distress – victims of a particular vulnerability, those recurrent figures in contemporary criminal law – are the chosen victims of those who excel at taking advantage of the credulity of others.
    [Show full text]
  • DETECTING BOTS in INTERNET CHAT by SRITI KUMAR Under The
    DETECTING BOTS IN INTERNET CHAT by SRITI KUMAR (Under the Direction of Kang Li) ABSTRACT Internet chat is a real-time communication tool that allows on-line users to communicate via text in virtual spaces, called chat rooms or channels. The abuse of Internet chat by bots also known as chat bots/chatterbots poses a serious threat to the users and quality of service. Chat bots target popular chat networks to distribute spam and malware. We first collect data from a large commercial chat network and then conduct a series of analysis. While analyzing the data, different patterns were detected which represented different bot behaviors. Based on the analysis on the dataset, we proposed a classification system with three main components (1) content- based classifiers (2) machine learning classifier (3) communicator. All three components of the system complement each other in detecting bots. Evaluation of the system has shown some measured success in detecting bots in both log-based dataset and in live chat rooms. INDEX WORDS: Yahoo! Chat room, Chat Bots, ChatterBots, SPAM, YMSG DETECTING BOTS IN INTERNET CHAT by SRITI KUMAR B.E., Visveswariah Technological University, India, 2006 A Thesis Submitted to the Graduate Faculty of The University of Georgia in Partial Fulfillment of the Requirements for the Degree MASTER OF SCIENCE ATHENS, GEORGIA 2010 © 2010 Sriti Kumar All Rights Reserved DETECTING BOTS IN INTERNET CHAT by SRITI KUMAR Major Professor: Kang Li Committee: Lakshmish Ramaxwamy Prashant Doshi Electronic Version Approved: Maureen Grasso Dean of the Graduate School The University of Georgia December 2010 DEDICATION I would like to dedicate my work to my mother to be patient with me, my father for never questioning me, my brother for his constant guidance and above all for their unconditional love.
    [Show full text]
  • Ioncube Ltd. Presentation to Kent University 2015 Hello!
    ionCube Ltd. Presentation to Kent University 2015 Hello! I am Nick Lindridge MD ionCube Ltd. - Software company ioncube.com ioncube24.com Overview About ionCube What ionCube offers Who are we looking for Technologies we use Questions - anything not covered? Demo 1. About ionCube About ionCube - where are we? Located close to Canterbury On bus routes About ionCube - we had a unit built About ionCube - offices About ionCube - what we do Develop #infosec solutions. ionCube PHP Encoder - protect/license PHP code online PHP Encoder ionCube24 - real-time protection against website vulnerability exploits Top countries USA, Germany, UK, China, Russia, Netherlands, Indonesia, Turkey, India, Italy, France, 100+. Products - PHP Encoder PHP remains highly popular - used by 81.6% of websites - w3techs.com, 8 dec 2015 Many commercial developers want to protect and license code Website owners (should) want to protect database passwords Products - PHP Encoder Compiles PHP to modified VM bytecode ionCube Loader PHP extension with modified execution engine Encrypt code sections with runtime generated encryption keys to solve static key issue // @ioncube.dk g(14) -> "octoberon" function fn($p) Licensing solutions Products - PHP Encoder Encoder/Loader codebase - C GUI - C++ / wxWidgets Windows, Linux, FreeBSD, OS X Updated to support new versions of PHP and run code from previous Encoders, plus new features “ Five a day Website vulnerabilities Customer reports 5 website vuln exploits per day for their small hosting business with 1000
    [Show full text]
  • Creating a Total Army Cyber Force: How to Integrate the Reserve Component Into the Cyber Fight
    No. 103W SEPTEMBER 2014 Creating a Total Army Cyber Force: How to Integrate the Reserve Component into the Cyber Fight Christopher R. Quick Creating a Total Army Cyber Force: How to Integrate the Reserve Component into the Cyber Fight by Christopher R. Quick The Institute of Land Warfare ASSOCIATION OF THE UNITED STATES ARMY AN INSTITUTE OF LAND WARFARE PAPER The purpose of the Institute of Land Warfare is to extend the educational work of AUSA by sponsoring scholarly publications, to include books, monographs and essays on key defense issues, as well as workshops and symposia. A work selected for publication as a Land Warfare Paper represents research by the author which, in the opinion of ILW’s editorial board, will contribute to a better understanding of a particular defense or national security issue. Publication as an Institute of Land Warfare Paper does not indicate that the Association of the United States Army agrees with everything in the paper but does suggest that the Association believes the paper will stimulate the thinking of AUSA members and others concerned about important defense issues. LAND WARFARE PAPER NO. 103W, September 2014 Creating a Total Army Cyber Force: How to Integrate the Reserve Component into the Cyber Fight by Christopher R. Quick Lieutenant Colonel Christopher R. Quick is currently the J39 Information Operations Branch Chief for Special Operations Command Forward–West Africa in Kelly Barracks, Stuttgart, Germany. He previously served as the Information Operations Branch Chief and Director of Communication Synchronization for U.S. Army Cyber Command/Second Army at Fort Belvoir, Virginia.
    [Show full text]
  • WEB GUI Configuration
    WEB GUI MANUAL Contents INTRODUCTION...................................................................................................................................3 Key Features .....................................................................................................................................3 GLOSSARY.............................................................................................................................................4 Packet loss......................................................................................................................................... 4 VoIPmonitor loss.......................................................................................................................... 4 Packet delay variation PDV............................................................................................................. 4 VoIPmonitor Packet delay variation..............................................................................................5 Jitter buffer....................................................................................................................................... 5 MOS score......................................................................................................................................... 5 VoIPmonitor MOS prediction....................................................................................................... 7 INSTALLATION...................................................................................................................................
    [Show full text]
  • Attacker Chatbots for Randomised and Interactive Security Labs, Using Secgen and Ovirt
    Hackerbot: Attacker Chatbots for Randomised and Interactive Security Labs, Using SecGen and oVirt Z. Cliffe Schreuders, Thomas Shaw, Aimée Mac Muireadhaigh, Paul Staniforth, Leeds Beckett University Abstract challenges, rewarding correct solutions with flags. We deployed an oVirt infrastructure to host the VMs, and Capture the flag (CTF) has been applied with success in leveraged the SecGen framework [6] to generate lab cybersecurity education, and works particularly well sheets, provision VMs, and provide randomisation when learning offensive techniques. However, between students. defensive security and incident response do not always naturally fit the existing approaches to CTF. We present 2. Related Literature Hackerbot, a unique approach for teaching computer Capture the flag (CTF) is a type of cyber security game security: students interact with a malicious attacker which involves collecting flags by solving security chatbot, who challenges them to complete a variety of challenges. CTF events give professionals, students, security tasks, including defensive and investigatory and enthusiasts an opportunity to test their security challenges. Challenges are randomised using SecGen, skills in competition. CTFs emerged out of the and deployed onto an oVirt infrastructure. DEFCON hacker conference [7] and remain common Evaluation data included system performance, mixed activities at cybersecurity conferences and online [8]. methods questionnaires (including the Instructional Some events target students with the goal of Materials Motivation Survey (IMMS) and the System encouraging interest in the field: for example, PicoCTF Usability Scale (SUS)), and group interviews/focus is an annual high school competition [9], and CSAW groups. Results were encouraging, finding the approach CTF is an annual competition for students in Higher convenient, engaging, fun, and interactive; while Education (HE) [10].
    [Show full text]
  • Cyber Mission Analysis
    UNCLASSIFIED//FOR OFFICIAL USE ONLY Cyber Mission Analysis Mission Analysis for Cyber Operations of Department of Defense Submitted in compliance with the reporting requirement contained in the Fiscal Year 2014 National Defense Authorization Act section 933(d), Public Law 113-66 Preparation of this study/report cost the Department of Defense approximately $587,000 for the 2014 Fiscal Year. This includes $15,000 in expenses and $572,000 in DoD labor Generated on 2014 August 21 RefID: E-0CD45F6 1 UNCLASSIFIED//FOR OFFICIAL USE ONLY UNCLASSIFIED//FOR OFFICIAL USE ONLY Table of Contents I. Executive Summary ............................................................................................................... 4 II. Current State .......................................................................................................................... 6 Threat Landscape ............................................................................................................. 6 Policies, Oversight, and Relationships ............................................................................. 6 Cyber Missions ................................................................................................................ 8 Operational Command & Control (C2) ......................................................................... 10 Resilience, Mission Assurance, and Continuity of Operations...................................... 10 Recruitment, Retention, Management, Equipping, and Training the Force .................. 10 III. Current
    [Show full text]
  • Tomenet-Guide.Pdf
    .==========================================================================+−−. | TomeNET Guide | +==========================================================================+− | Latest update: 17. September 2021 − written by C. Blue ([email protected]) | | for TomeNET version v4.7.4b − official websites are: : | https://www.tomenet.eu/ (official main site, formerly www.tomenet.net) | https://muuttuja.org/tomenet/ (Mikael’s TomeNET site) | Runes & Runemastery sections by Kurzel ([email protected]) | | You should always keep this guide up to date: Either go to www.tomenet.eu | to obtain the latest copy or simply run the TomeNET−Updater.exe in your | TomeNET installation folder (desktop shortcut should also be available) | to update it. | | If your text editor cannot display the guide properly (needs fixed−width | font like for example Courier), simply open it in any web browser instead. +−−− | Welcome to this guide! | Although I’m trying, I give no guarantee that this guide | a) contains really every detail/issue about TomeNET and | b) is all the time 100% accurate on every occasion. | Don’t blame me if something differs or is missing; it shouldn’t though. | | If you have any suggestions about the guide or the game, please use the | /rfe command in the game or write to the official forum on www.tomenet.eu. : \ Contents −−−−−−−− (0) Quickstart (If you don’t like to read much :) (0.1) Start & play, character validation, character timeout (0.1a) Colours and colour blindness (0.1b) Photosensitivity / Epilepsy issues (0.2) Command reference
    [Show full text]
  • Perspectives on Building a Cyber Force Structure
    Permission to make digital or hard copies of all or parts of 163 this work for internal use within NATO and for personal or Conference on Cyber Conflict educational use not done for profit or commercial purpose Proceedings 2010 is granted providing that copies bear this notice and a full C. Czosseck and K. Podins (Eds.) citation on the first page. Any other reproduction or trans- CCD COE Publications, 2010, Tallinn, Estonia. mission requires prior written permission. PERSPECTIVES ON BUILDING A CYBER FORCE STRUCTURE Stuart STARRa,1, Daniel KUEHLb,2, Terry PUDASc,3 aCenter for Technology and National Security Policy (CTNSP), Washington, DC, USA biCollege of the NDU. Washington, DC, USA cCTNSP, NDU, Washington, DC, USA Abstract: This paper explores the US’s cyber force structure with special em- phasis on the cyber workforce. To achieve that goal, this paper addresses several issues: it characterizes the nature of the cyber security problem; it draws on insights from senior decision-makers to identify cyber force struc- ture needs; it characterizes current capabilities by summarizing the key ini- tiatives that are being pursued by the US Services and key joint activities; and it identifies a spectrum of actions to mitigate shortfalls in the existing cyber forces structure (i.e. education; higher education and recruitment; cer- tification, retention, professional development, and workforce management; exercises; and security clearance requirements). The paper concludes by iden- tifying actions that NATO might pursue to improve its cyber force structure (e.g. conduct realistic, stressful exercises) and by identifying residual issues to address (e.g. career progression; value of employing “patriotic hackers”).
    [Show full text]
  • Cubismo: Decloaking Server-Side Malware Via Cubist Program Analysis
    Cubismo: Decloaking Server-side Malware via Cubist Program Analysis Abbas Naderi-Afooshteh, Yonghwi Kwon, Anh Nguyen-Tuong, Mandana Bagheri-Marzijarani, and Jack W. Davidson Department of Computer Science, University of Virginia {abiusx;yongkwon;nguyen;mb3wz;jwd}@virginia:edu ABSTRACT 1 INTRODUCTION Malware written in dynamic languages such as PHP routinely Web-based malware, particularly server-side malware, is one employ anti-analysis techniques such as obfuscation schemes and of the most prevalent security threats nowadays. Numerous re- evasive tricks to avoid detection. On top of that, attackers use ports describe the prevalence of server-side malware. Sucuri, a firm automated malware creation tools to create numerous variants specializing in managed security and system protection, analyzed with little to no manual effort. 34,371 infected websites and reported that 71% of those contained This paper presents a system called Cubismo to solve this press- PHP-based, hidden backdoors [52]. Incapsula discovered that out ing problem. It processes potentially malicious files and decloaks of 500 infected websites detected on their network, the majority their obfuscations, exposing the hidden malicious code into multiple of them contained PHP malware [27]. Verizon’s 2017 Data Breach files. The resulting files can be scanned by existing malware detec- reported that a sizable number of web server compromises are a tion tools, leading to a much higher chance of detection. Cubismo means to an end, allowing attackers to set up for other targets [26]. achieves improved detection by exploring all executable statements This prevalence is in part because server-side malware is typ- of a suspect program counterfactually to see through complicated ically equipped with advanced anti-analysis and anti-debugging polymorphism, metamorphism and, obfuscation techniques and techniques such as obfuscation and metamorphism.
    [Show full text]
  • Multi-Phase IRC Botnet and Botnet Behavior Detection Model
    International Journal of Computer Applications (0975 – 8887) Volume 66– No.15, March 2013 Multi-phase IRC Botnet and Botnet Behavior Detection Model Aymen Hasan Rashid Al Awadi Bahari Belaton Information Technology Research Development School of Computer Sciences Universiti Sains Center, University of Kufa, Najaf, Iraq Malaysia 11800 USM, Penang, Malaysia School of Computer Sciences Universiti Sains Malaysia 11800 USM, Penang, Malaysia ABSTRACT schools, banks and any of governmental institutes making use of system vulnerabilities and software bugs to separate and Botnets are considered one of the most dangerous and serious execute a lot of malicious activities. Recently, bots can be the security threats facing the networks and the Internet. major one of the major sources for distributing or performing Comparing with the other security threats, botnet members many kinds of scanning related attacks (Distributed Denial-of- have the ability to be directed and controlled via C&C Service DoS) [1], spamming [2], click fraud [3], identity messages from the botmaster over common protocols such as fraud, sniffing traffic and key logging [4] etc. The nature of IRC and HTTP, or even over covert and unknown the bots activities is to respond to the botmaster's control applications. As for IRC botnets, general security instances command simultaneously. This responding will enable the like firewalls and IDSes do not provide by themselves a viable botmaster to get the full benefit from the infected hosts to solution to prevent them completely. These devices could not attack another target like in DDoS [5]. From what stated differentiate well between the legitimate and malicious traffic earlier, the botnet can be defined as a group of connected of the IRC protocol.
    [Show full text]
  • IRC:N Käyttö Yritysten Viestinnässä
    Maarit Klami IRC:n käyttö yritysten viestinnässä Metropolia Ammattikorkeakoulu Insinööri (AMK) Tietotekniikan koulutusohjelma Insinöörityö 3.5.2012 Tiivistelmä Tekijä Maarit Klami Otsikko IRC:n käyttö yritysten viestinnässä Sivumäärä 34 sivua + 2 liitettä Aika 3.5.2012 Tutkinto insinööri (AMK) Koulutusohjelma tietotekniikka Suuntautumisvaihtoehto ohjelmistotekniikka Ohjaaja lehtori Peter Hjort Tässä työssä perehdyttiin IRC:n käyttömahdollisuuksiin yritysten sisäisessä ja ulkoisessa viestinnässä. Työssä verrattiin IRC:tä muihin pikaviestimiin sekä sosiaalisen median tarjoamiin viestintä- ja markkinointimahdollisuuksiin. Eräs tarkastelluista seikoista on yrityksen koon vaikutus siihen, kuinka mittava operaatio IRC:n käyttöönotto yrityksessä on. Työssä on esitetty myös mahdollisuuksia muiden pikaviestimien integroimiseksi IRC:hen. Työ on tehty mielenkiinnosta käyttää IRC:tä viestinnän apuna yrityksissä. Tietoturva on keskeisessä roolissa yritysten toiminnassa, josta johtuen asia on huomioitava myös viestintäjärjestelmien käytöönotossa ja päivittäisessä käytössä. Työssä tietoturvaa on käsitelty sekä tekniseltä että inhimilliseltä kannalta. Työssä yhtenä keskeisenä osana on tutustuttu IRC-bottien hyödyntämiseen yritysten toiminnassa. Osana työtä tehtiin Eggdropilla IRC-botti, jolle perusominaisuuksien laajentamiseksi ohjelmoitiin TCL-ohjelmointikieltä käyttäen halutun toiminnalisuuden toteuttava skripti. Työssä esitellään botin käyttöönoton vaatimat toimenpiteet sekä skriptin totetuttaminen. Lisäksi työssä on esitelty erilaisia bottien toiminnallisuuksia
    [Show full text]