Protecting computer systems from cyber threats: Ethical hacking in the practice and research
Laszlo Erdodi, Associate Professor, UiO, Department of Informatics, Cyber Security Group.
Attacks against computer systems have become one of the biggest challenges of the information technology nowadays. This is due to the use of computers in practically all fields of the life. In order to serve all kinds of expectations (entertainment, public media, design, automatized systems, critical infrastructures) computer systems, software, networks and hardware are rather complex and can have multiple types of vulnerabilities.
All these involve that the effect or consequence of a cyber-attack is often serious. To avoid these dangerous attacks high emphasis is put on cyber security protections nowadays. Based on experience one the most efficient defense method is the so-called penetration testing of systems that is a simulation of a kind of attack under controlled conditions against the system to be protected. This provides precious information on the security level and shows the weak points of the investigated system.
The presentation itself gives an insight into the practice and theory of ethical hacking: how the hackers work, what kind of tools they use, how an attack looks like. Several important details will be shown and discussed like the exploitation of software bugs and their possible consequences (e.g. Stuxnet story on the attack of the centrifuges for separating nuclear material). In addition, the most relevant and up-to-date research topics and results in offensive security will be introduced and we will sketch how the future may look like from cyber security point of view.