A good share of the Internet’s popularity is due to the widespread image of it being totally anonymous. The truth, however, is somewhat different. Anonimity and privacy are no matter of course, but human rights, and their infiltration was never closer than today. The following paper will shed light on the modern means of private and commercial espionage and discuss precautions we can take to protect our privacy in the information age.
{"title":"Security, privacy, and anonymity","authors":"Thomas Wright","doi":"10.1145/1144403.1144408","DOIUrl":"https://doi.org/10.1145/1144403.1144408","url":null,"abstract":"A good share of the Internet’s popularity is due to the widespread image of it being totally anonymous. The truth, however, is somewhat different. Anonimity and privacy are no matter of course, but human rights, and their infiltration was never closer than today. The following paper will shed light on the modern means of private and commercial espionage and discuss precautions we can take to protect our privacy in the information age.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117205743","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Computer attacks are now commonplace. By connecting your computer to the Internet, you increase the risk of having someone break in, install malicious programs and tools on it, and possibly use it to attack other machines on the Internet by controlling it remotely.Several major banks have been subject to attacks, in which attackers gained access into customers' accounts and viewed detailed information about the activities on these accounts. In some instances the attackers stole credit card information to blackmail e-commerce companies by threatening to sell this information to unauthorized entities. Several online trading companies and e-commerce sites were shut down temporarily due to major packet flood attacks, also known as Denial-of-Service (DoS) attacks, causing these companies to lose revenue, customer satisfaction, and trust [10]. A major software development company discovered that attackers had broken into its network and stolen the source code for future releases of its popular products. Just recently, the source code of the future flagship product belonging to a major software development company was stolen and made publicly available on the Internet.In order to combat this growing trend of computer attacks, both academic and industry groups have been developing systems to monitor networks and systems and raise alarms of suspicious activities. These systems are called Intrusion Detection Systems (IDS).
{"title":"Computer security and intrusion detection","authors":"Khaled Labib","doi":"10.1145/1031859.1031861","DOIUrl":"https://doi.org/10.1145/1031859.1031861","url":null,"abstract":"Computer attacks are now commonplace. By connecting your computer to the Internet, you increase the risk of having someone break in, install malicious programs and tools on it, and possibly use it to attack other machines on the Internet by controlling it remotely.Several major banks have been subject to attacks, in which attackers gained access into customers' accounts and viewed detailed information about the activities on these accounts. In some instances the attackers stole credit card information to blackmail e-commerce companies by threatening to sell this information to unauthorized entities. Several online trading companies and e-commerce sites were shut down temporarily due to major packet flood attacks, also known as Denial-of-Service (DoS) attacks, causing these companies to lose revenue, customer satisfaction, and trust [10]. A major software development company discovered that attackers had broken into its network and stolen the source code for future releases of its popular products. Just recently, the source code of the future flagship product belonging to a major software development company was stolen and made publicly available on the Internet.In order to combat this growing trend of computer attacks, both academic and industry groups have been developing systems to monitor networks and systems and raise alarms of suspicious activities. These systems are called Intrusion Detection Systems (IDS).","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"116 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130400188","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper, a secure environment for electronic commerce is introduced. The environment is formed via a synthesis of biometrics consumer authentication with a security token. Such a token is a smart card containing cryptographic keys and a cryptographic microprocessor for data encryption. The keys are used to further authenticate the possessor of the card as the actual owner and also to facilitate secure electronic financial transactions. New technologies like these bring benefits to society by enhancing the standard of living, however, numerous challenges are introduced [1].Biometrics is a Greek composite word stemming from the synthesis of bio and metric, meaning life measurement. In this context, the science of biometrics is concerned with the accurate measurement of unique biological characteristics of an individual in order to securely identify them to a computer or other electronic system. Biological characteristics measured usually include fingerprints, voice patterns, retinal and iris scans, face patterns, and even the chemical composition of an individual's DNA [9].
{"title":"DNA smart card for financial transactions","authors":"Sofia Gleni, P. Petratos","doi":"10.1145/1031859.1031863","DOIUrl":"https://doi.org/10.1145/1031859.1031863","url":null,"abstract":"In this paper, a secure environment for electronic commerce is introduced. The environment is formed via a synthesis of biometrics consumer authentication with a security token. Such a token is a smart card containing cryptographic keys and a cryptographic microprocessor for data encryption. The keys are used to further authenticate the possessor of the card as the actual owner and also to facilitate secure electronic financial transactions. New technologies like these bring benefits to society by enhancing the standard of living, however, numerous challenges are introduced [1].Biometrics is a Greek composite word stemming from the synthesis of bio and metric, meaning life measurement. In this context, the science of biometrics is concerned with the accurate measurement of unique biological characteristics of an individual in order to securely identify them to a computer or other electronic system. Biological characteristics measured usually include fingerprints, voice patterns, retinal and iris scans, face patterns, and even the chemical composition of an individual's DNA [9].","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"398 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116691100","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Dhaval Gada, Rajat Gogri, P. Rathod, Zalak Dedhia, Nirali Mody, S. Sanyal, A. Abraham
In an ad hoc wireless network where wired infrastructures are not feasible, energy and bandwidth conservation are the two key elements presenting challenges to researchers. Limited bandwidth makes a network easily congested by the control signals of the routing protocol. Routing schemes developed for wired networks seldom consider restrictions of this type. Instead, they assume that the network is mostly stable and that the overhead for routing messages is negligible. Considering these differences between wired and wireless network, it is necessary to develop a wireless routing protocol that limits congestion in the network [1, 5, 8, 9, 10, 11].This paper proposes minor modifications to the existing Ad hoc On Demand Vector (AODV) routing protocol (RFC 3561) in order to restrict congestion in networks during a particular type of Denial of Service (DoS) attack. In addition to this, it incurs absolutely no additional overhead [4]. We describe the DoS attack caused due to Route Request (RREQ) flooding and its implications on existing AODV-driven Mobile Ad hoc Networks (MANET) [2, 14]. To combat this DoS attack, a proactive scheme [12] is proposed. We present an illustration to describe the implications of RREQ flooding on pure AODV and the modified AODV protocols. To quantify the effectiveness of the proposed scheme, we simulated a DoS [6] attack in a mobile environment and study the performance results.
{"title":"A distributed security scheme for ad hoc networks","authors":"Dhaval Gada, Rajat Gogri, P. Rathod, Zalak Dedhia, Nirali Mody, S. Sanyal, A. Abraham","doi":"10.1145/1031859.1031864","DOIUrl":"https://doi.org/10.1145/1031859.1031864","url":null,"abstract":"In an ad hoc wireless network where wired infrastructures are not feasible, energy and bandwidth conservation are the two key elements presenting challenges to researchers. Limited bandwidth makes a network easily congested by the control signals of the routing protocol. Routing schemes developed for wired networks seldom consider restrictions of this type. Instead, they assume that the network is mostly stable and that the overhead for routing messages is negligible. Considering these differences between wired and wireless network, it is necessary to develop a wireless routing protocol that limits congestion in the network [1, 5, 8, 9, 10, 11].This paper proposes minor modifications to the existing Ad hoc On Demand Vector (AODV) routing protocol (RFC 3561) in order to restrict congestion in networks during a particular type of Denial of Service (DoS) attack. In addition to this, it incurs absolutely no additional overhead [4]. We describe the DoS attack caused due to Route Request (RREQ) flooding and its implications on existing AODV-driven Mobile Ad hoc Networks (MANET) [2, 14]. To combat this DoS attack, a proactive scheme [12] is proposed. We present an illustration to describe the implications of RREQ flooding on pure AODV and the modified AODV protocols. To quantify the effectiveness of the proposed scheme, we simulated a DoS [6] attack in a mobile environment and study the performance results.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125649440","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Over the past few years, IEEE 802.11 wireless networks have become increasingly widely deployed. Wireless LANs can be found in coffee shops, airports, hospitals, and all major institutes. However, as for conventional wired networks, the spread of such networks may have been faster than the diffusion of security knowledge about them. As a consequence, 802.11 is the new playground for many hackers, who are attracted to the environment by virtue of its anonymity. Attacks may be traced back to the wireless network, but the intruder could have been anyone driving by within the radius of the network, making it hard, if not impossible, for him/her to be traced. Securing wireless networks is a hard task, because the standard solutions do not work effectively in guaranteeing privacy and authentication, as this article shows; as a consequence, many wireless networks are left open.This article is structured as follows: initially, an overview of the 802.11 protocol is presented. This is followed by an analysis of the steps involved in connection to and use of such a network, first in the absence of encryption and then taking into account WEP. Attacks for these different scenarios are presented and analyzed, leading to the conclusion that WEP is unsuitable as the sole security measure for such links. Finally, attacks on wired networks that are connected to a wireless LAN are analyzed.The article concludes that existing standards for wireless security as applied to the most widely used wireless standard, 802.11, are inadequate in several ways, can be attacked using publicly available tools, and lead to a false sense of security. Some advice about mitigation of threats is offered throughout the article, but the most effective solution is awareness of potential attacks and the maximization of the amount of time and effort needed to break into the network by using defence in depth.
{"title":"WiFi exposed","authors":"Andrea Bittau","doi":"10.1145/1031859.1031862","DOIUrl":"https://doi.org/10.1145/1031859.1031862","url":null,"abstract":"Over the past few years, IEEE 802.11 wireless networks have become increasingly widely deployed. Wireless LANs can be found in coffee shops, airports, hospitals, and all major institutes. However, as for conventional wired networks, the spread of such networks may have been faster than the diffusion of security knowledge about them. As a consequence, 802.11 is the new playground for many hackers, who are attracted to the environment by virtue of its anonymity. Attacks may be traced back to the wireless network, but the intruder could have been anyone driving by within the radius of the network, making it hard, if not impossible, for him/her to be traced. Securing wireless networks is a hard task, because the standard solutions do not work effectively in guaranteeing privacy and authentication, as this article shows; as a consequence, many wireless networks are left open.This article is structured as follows: initially, an overview of the 802.11 protocol is presented. This is followed by an analysis of the steps involved in connection to and use of such a network, first in the absence of encryption and then taking into account WEP. Attacks for these different scenarios are presented and analyzed, leading to the conclusion that WEP is unsuitable as the sole security measure for such links. Finally, attacks on wired networks that are connected to a wireless LAN are analyzed.The article concludes that existing standards for wireless security as applied to the most widely used wireless standard, 802.11, are inadequate in several ways, can be attacked using publicly available tools, and lead to a false sense of security. Some advice about mitigation of threats is offered throughout the article, but the most effective solution is awareness of potential attacks and the maximization of the amount of time and effort needed to break into the network by using defence in depth.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124716120","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Educators have used toys in the classroom for as long as toys have been in existence, especially in the field of elementary education. Toys can provide motivation as well as keep the students focused on a particular area of study for longer periods of time something students at the elementary level often struggle with. These students need to obtain fundamental skills for creating, disseminating, retrieving, and evaluating information from electronic media [10]. Using robots as toys and teaching tools is a concept that has also been around for quite a while, and a great way to introduce these fundamental skills [4].
{"title":"Using practical toys, modified for technical learning","authors":"T. Weisheit","doi":"10.1145/1027313.1027319","DOIUrl":"https://doi.org/10.1145/1027313.1027319","url":null,"abstract":"Educators have used toys in the classroom for as long as toys have been in existence, especially in the field of elementary education. Toys can provide motivation as well as keep the students focused on a particular area of study for longer periods of time something students at the elementary level often struggle with. These students need to obtain fundamental skills for creating, disseminating, retrieving, and evaluating information from electronic media [10]. Using robots as toys and teaching tools is a concept that has also been around for quite a while, and a great way to introduce these fundamental skills [4].","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128204819","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
An interface can be defined as a contract that outlines the terms of usefor a class of objects. When a class implements an interface, the classis agreeing to the contract outlined by the interface. In other words,the class is agreeing to provide the logic for all the methods listed inthe interface. The single most important attribute of an interface isits implementation independence. The contract enforced by an interfacedoes not make any assumptions about how the methods are implemented; theimplementation strategy is left to the implementing class. By enforcingwhat a class of objects must do, without placing restrictions onhow it is done, interfaces play a key role in making thebehavior of objects more flexible.
{"title":"The development of a game playing framework using interface-based programming","authors":"M. Cohen","doi":"10.1145/1027313.1027318","DOIUrl":"https://doi.org/10.1145/1027313.1027318","url":null,"abstract":"An interface can be defined as a contract that outlines the terms of usefor a class of objects. When a class implements an interface, the classis agreeing to the contract outlined by the interface. In other words,the class is agreeing to provide the logic for all the methods listed inthe interface. The single most important attribute of an interface isits implementation independence. The contract enforced by an interfacedoes not make any assumptions about how the methods are implemented; theimplementation strategy is left to the implementing class. By enforcingwhat a class of objects must do, without placing restrictions onhow it is done, interfaces play a key role in making thebehavior of objects more flexible.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"99 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123502323","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Programming is an art. As with any other art, it is important to use the right medium. In programming, this translates to the choice of programming language. But why should one pay so much attention to one's first programming language? When there exists a plethora of programming languages and visual editors to make programming so easy, why does it matter which programming language you start with? There are so many books, on-line tutorials, and code samples out there that you could practically learn any language in one day.
{"title":"What is a good first programming language?","authors":"Diwaker Gupta","doi":"10.1145/1027313.1027320","DOIUrl":"https://doi.org/10.1145/1027313.1027320","url":null,"abstract":"Programming is an art. As with any other art, it is important to use the right medium. In programming, this translates to the choice of programming language. But why should one pay so much attention to one's first programming language? When there exists a plethora of programming languages and visual editors to make programming so easy, why does it matter which programming language you start with? There are so many books, on-line tutorials, and code samples out there that you could practically learn any language in one day.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"152 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115823649","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Recent trends in the information technology industry call for substantial changes in computer science education. As an effect of the recession, the increase in the number of computer science graduates, and the outsourcing of information technology (IT) work to other countries, the unemployment rate among engineers and especially among computer science professionals is increasing [11]. In this economic situation, it is imperative that computer science students are well prepared before entering the work force; new graduates must understand what skills the IT industry is seeking.
{"title":"Requirements engineering: closing the gap between academic supply and industry demand","authors":"K. Winbladh","doi":"10.1145/1027313.1027317","DOIUrl":"https://doi.org/10.1145/1027313.1027317","url":null,"abstract":"Recent trends in the information technology industry call for substantial changes in computer science education. As an effect of the recession, the increase in the number of computer science graduates, and the outsourcing of information technology (IT) work to other countries, the unemployment rate among engineers and especially among computer science professionals is increasing [11]. In this economic situation, it is imperative that computer science students are well prepared before entering the work force; new graduates must understand what skills the IT industry is seeking.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"18 3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116091824","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
22 Summer 2008/ Vol. 14, No. 4 www.acm.org/crossroads Crossroads Introduction AAAAAAAAAAHHHHHHHHHHHHHHHHH! Didn’t expect that, did you? Neither did Steve Wolfman’s class when he let loose a bloodcurdling scream on the first day. His goal was to demonstrate the strength of community and pooled resources. This point was clearly illustrated when he asked the entire lecture hall of two hundred students to scream at the top of their lungs. Why? He was using an atypical teaching technique to get the attention of the students and keep them interested. Students do not always learn all that the instructor is trying to get across a lecture. In fact, it is likely that even students who can get the most out of a lecture grow restless and might be more involved in class if it were taught with a twist. In order to capture the interest of students more effectively, instructors could use atypical classroom techniques. Moreover, unlike lecturing and giving homework, these unorthodox techniques can also keep students attentive and target preferred learning styles. This article presents some experimental and anecdotal evidence to support the theory that the use of these techniques improves students’ learning in an introductory Computer Science (CS) class.
{"title":"Mixed nuts: atypical classroom techniques for computer science courses","authors":"Sid Stamm","doi":"10.1145/1027313.1027316","DOIUrl":"https://doi.org/10.1145/1027313.1027316","url":null,"abstract":"22 Summer 2008/ Vol. 14, No. 4 www.acm.org/crossroads Crossroads Introduction AAAAAAAAAAHHHHHHHHHHHHHHHHH! Didn’t expect that, did you? Neither did Steve Wolfman’s class when he let loose a bloodcurdling scream on the first day. His goal was to demonstrate the strength of community and pooled resources. This point was clearly illustrated when he asked the entire lecture hall of two hundred students to scream at the top of their lungs. Why? He was using an atypical teaching technique to get the attention of the students and keep them interested. Students do not always learn all that the instructor is trying to get across a lecture. In fact, it is likely that even students who can get the most out of a lecture grow restless and might be more involved in class if it were taught with a twist. In order to capture the interest of students more effectively, instructors could use atypical classroom techniques. Moreover, unlike lecturing and giving homework, these unorthodox techniques can also keep students attentive and target preferred learning styles. This article presents some experimental and anecdotal evidence to support the theory that the use of these techniques improves students’ learning in an introductory Computer Science (CS) class.","PeriodicalId":429016,"journal":{"name":"ACM Crossroads","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2004-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124425950","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: