Sarah Gordon’s research while affiliated with Florida Institute of Technology and other places

What is this page?


This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.

Publications (4)


Cent, Five Cent, Ten Cent, Dollar: Hitting Botnets Where it Really Hurts ABSTRACT
  • Article

September 2006

·

65 Reads

·

24 Citations

Richard Ford

·

Sarah Gordon

Spyware, Adware, Bots. In each case, there is significant evidence that there is an increasing financial motivation behind the writing and distribution of these programs. In this paper, the concept of using our knowledge of these financial motivators to combat malicious software is introduced. Can attacks on business models actually provide relief that technology alone cannot? Can we deploy our technology differently, in order to receive direct benefits of this indirect attack on revenue streams? Our conclusion is that not only is this a possible solution, but that it may be an extremely effective one. This is illustrated by a description of our business model attack generator, MARK - the Multihost Adware Revenue Killer. Using MARK, we demonstrate simple but effective attacks against Malicious-code generated revenue streams. However, the creation and deployment of MARK raises thorny legal and ethical questions, as the impact of the technology is widespread and could easily be targeted at legitimate online marketing models. Do the ends justify the means?


On the Definition and Classification of Cybercrime

August 2006

·

6,305 Reads

·

313 Citations

Journal in Computer Virology

The idea of Cybercrime is not new, yet there is significant confusion amongst academics, computer security experts and users as to the extent of real Cybercrime. In this paper, we explore the breadth of computer-based crime, providing a definition of the emerging terms “Cybercrime” and “crimeware”. We then divide Cybercrime into two distinct categories: Type I Cybercrime, which is mostly technological in nature, and Type II Cybercrime, which has a more pronounced human element. We then use two case studies to illustrate the role of crimeware in different types of Cybercrime, and offer some observations on the role of cognition in the process of Cybercrime. Finally we provide several suggestions for future work in the area of Cybercrime.



Cyberterrorism?

November 2002

·

821 Reads

·

67 Citations

Computers & Security

The term cyberterrorism is becoming increasingly common in the popular culture, yet a solid definition of the word seems to be hard to come by. While the phrase is loosely defined, there is a large amount of subjectivity in what exactly constitutes cyberterrorism. In the aftermath of the September 11th attacks, this is somewhat disconcerting. In an attempt to define cyberterrorism more logically, a study is made of definitions and attributes of terrorism and terrorist events. From these attributes a list of attributes for traditional terrorism is developed. This attribute list is then examined in detail with the addition of the computer and the Internet considered for each attribute. Using this methodology, the online world and terrorism is synthesized to produce a broader but more useful assessment of the potential impact of computer-savvy terrorists. Most importantly, the concept of ‘traditional’ cyberterrorism, which features the computer as the target or the tool is determined to be only a limited part of the true risk faced. Finally, the authors discuss the impact this new view of cyberterrorism has on the way in which one should build one’s defenses. In particular, the breadth of the issue poses significant questions for those who argue for vertical solutions to what is certainly a horizontal problem. Thus, the validity of special cyberterrorism task forces that are disconnected or loosely connected with other agencies responsible for fighting the general problem of terrorism is questioned, and a broader, more inclusive method suggested.

Citations (4)


... There have been eforts towards both gaining insight on the economic infrastructure behind botnets, and inventing new disruption methods, based on economy related elements of botnets' operations (see Table 7). Ford and Gordon [46] focus on analyzing the economic incentive behind spreading malicious applications such as spyware and adware, credential theft and sale, DDoS attacks and botnet sale/rent, that can be used to generate revenue for botmasters. They argue that emphasizing disruption eforts on the business models utilised by botmasters, shows signiicant promise. ...

Reference:

Botnet Business Models, Takedown Attempts, and the Darkweb Market: A Survey
Cent, Five Cent, Ten Cent, Dollar: Hitting Botnets Where it Really Hurts ABSTRACT
  • Citing Article
  • September 2006

... This complicates counterterrorism efforts, as terrorist acts within the cyber-realm have even less regard for borders than terrorist acts within geographic regions. An urgent need for the development of minimum standards of security for computer networks remains (Gordon and Ford, 2002), together with the mindful use of surveillance and research methods to share and collect information on terrorist activities -while respecting the growth of internet capacity, user privacy and sovereignty. ...

Cyberterrorism?
  • Citing Article
  • November 2002

Computers & Security

... Another approach proposed before, but, to the best of our knowledge, never applied in practice is to combat the botnet problem at its root, i.e. the economy that drives it. Ford et al. propose [57] deliberately infecting large numbers of decoy virtual machines (honeypots) to join the botnet but remain under control of the white hats. By disruptive, unpredictable behaviour, these sybils will actively undermine the economic relationship between the botmaster and clients. ...

Cent, five cent, ten cent, dollar: hitting botnets where it
  • Citing Conference Paper
  • January 2006