Article

Viruses 101

Authors:

K. BarkerAuthors Info & Claims

SIGCSE '05: Proceedings of the 36th SIGCSE technical symposium on Computer science education

Pages 152 - 156

https://doi.org/10.1145/1047344.1047404

Published: 23 February 2005 Publication History

Abstract

The University of Calgary introduced a controversial course in the fall of 2003 on computer viruses and malware. The primary objection about this course from the anti-virus community was that students were being taught how to create viruses in addition to defending against them. Unfortunately, the reaction to our course was based on a dearth of information, which we remedy in this paper by describing key pedagogical elements of the course.Specifically, we present four aspects of our course: how students are vetted for entry, operation of the course, course content, and the instructional materials used. In addition, we pay particular attention to the controversial course assignments, discussing the assignments and the need for balance, objectivity, security, and learning in a university environment. Our experiences with the course and future plans may be helpful for other institutions considering such course offerings. It should also provide opponents of the course with valuable information about the true nature of the course, the pedagogy used, and the value provided to the computer community as computer science graduates with this kind of expertise take their place as the next generation computer security experts.

References

[1]

J. Aycock and K. Barker. Creating a secure virus laboratory. In 13th Annual EICAR Conference, 2004. 13pp.

[2]

S. Baase. A Gift of Fire. Prentice Hall, 2nd edition, 2003.

[3]

K. Beck. Extreme Programming Explained. Addison-Wesley, 2000.

Digital Library

[4]

V. Bontchev. Should we teach virus writing? In 6th Association of anti Virus Asia Researchers Conference (AVAR 2003), 2003. 15pp.

[5]

CNN Headline News: Hot Wired. News broadcast, 28 May 2004.

[6]

F. Cohen. CJ 528/628 -- Computer viruses and malicious code. http://unhca.com/CJ628/CJ628.html. Course syllabus, University of New Haven.

[7]

J. Erickson. Hacking: The Art of Exploitation. No Starch Press, 2003.

Digital Library

[8]

S. Gordon. The generic virus writer. In 4th International Virus Bulletin Conference, 1994.

[9]

S. Gordon. The generic virus writer II. In 6th International Virus Bulletin Conference, 1996.

[10]

D. Harley, R. Slade, and U. E. Gattiker. Viruses Revealed. Osbourne, 2001.

Digital Library

[11]

Health Canada. The Laboratory Biosafety Guidelines. M. Best and M. Heisz, eds., 3rd (draft) edition, 2001. http://www.hc-sc.gc.ca/pphb-dgspsp/ols-bsl/lbg-ldmbl/index.html.

[12]

J. Koziol, D. Litchfield, D. Aitel, C. Anley, S. Eren, N. Mehta, and R. Hassell. The Shellcoder's Handbook. Wiley, 2004.

[13]

J. Kuo. Alberta strikes again. Virus Bulletin, page 2, July 2003.

[14]

J. Nazario. Defense and Detection Strategies against Internet Worms. Artech House, 2004.

Digital Library

[15]

B. Read. How to write a computer virus, for college credit (cover story). Chronicle of Higher Education, 50(19):A33, 2pp., Jan. 2004.

[16]

Reuters. Looking into the mind of a virus writer. CNN.com, 19 March 2003.

[17]

E. Skoudis. Malware: Fighting Malicious Code. Prentice Hall, 2004.

Digital Library

[18]

Sophos. Sophos CEO says: "I won't hire virus writing students". http://www.sophos.com/virusinfo/articles/calgary2.html, 28 May 2003.

[19]

P. Svensson. Antivirus industry steamed over virus article, college class. Associated Press (New York), 11 June 2003.

[20]

E. Wilson. Anger at 'virus' lessons. Sydney Morning Herald (Sydney, Australia), 6 October 2003.

Cited By

Ojha NKumar ATyagi NRanjan PVaish A(2023)Use of Machine Learning in Forensics and Computer SecurityArtificial Intelligence and Cyber Security in Industry 4.010.1007/978-981-99-2115-7_9(211-236)Online publication date: 14-Jun-2023
https://doi.org/10.1007/978-981-99-2115-7_9
Zaheer MKhan A(2021)Design of Hardware for Detection of System CorruptionProceedings of Integrated Intelligence Enable Networks and Computing10.1007/978-981-33-6307-6_13(119-129)Online publication date: 24-Apr-2021
https://doi.org/10.1007/978-981-33-6307-6_13
van Oorschot Pvan Oorschot P(2021)Malicious SoftwareComputer Security and the Internet10.1007/978-3-030-83411-1_7(183-211)Online publication date: 14-Oct-2021
https://doi.org/10.1007/978-3-030-83411-1_7
Show More Cited By

Index Terms

Viruses 101
1. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
  2. Systems security
    1. Operating systems security
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Viruses 101

The University of Calgary introduced a controversial course in the fall of 2003 on computer viruses and malware. The primary objection about this course from the anti-virus community was that students were being taught how to create viruses in addition ...
Defense against the dark arts
SIGCSE '08: Proceedings of the 39th SIGCSE technical symposium on Computer science education

Computer science faculty must attract and retain students by offering innovative courses that spark student interest, yet still teach core, computer science concepts. These efforts have become particularly important as computer science enrollments have ...
An approach to containing computer viruses

This paper presents a mechanism for containing the spread of computer viruses by detecting at run-time whether or not an executable has been modified since its installation. The detection strategy uses encryption and is held to be better for virus ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGCSE '05: Proceedings of the 36th SIGCSE technical symposium on Computer science education

February 2005

610 pages

ISBN:1581139977

DOI:10.1145/1047344

Conference Chairs:
Wanda Dann
Ithaca College
,
Tom Naps
University of Wisconsin - Oshkosh
,
Program Chairs:
Paul Tymann
Rochester Institute of Technology
,
Doug Baldwin
SUNY Geneseo

ACM SIGCSE Bulletin Volume 37, Issue 1
2005
562 pages
ISSN:0097-8418
DOI:10.1145/1047124
Issue’s Table of Contents

Copyright © 2005 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 February 2005

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

SIGCSE05

Sponsor:

SIGCSE05: Technical Symposium on Computer Science Education

February 23 - 27, 2005

Missouri, St. Louis, USA

Acceptance Rates

Overall Acceptance Rate 1,595 of 4,542 submissions, 35%

Upcoming Conference

SIGCSE Virtual 2024

Sponsor:
sigcse

1st ACM Virtual Global Computing Education Conference

December 5 - 8, 2024

Virtual Event , NC , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

19
Total Citations
View Citations
2,637
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ojha NKumar ATyagi NRanjan PVaish A(2023)Use of Machine Learning in Forensics and Computer SecurityArtificial Intelligence and Cyber Security in Industry 4.010.1007/978-981-99-2115-7_9(211-236)Online publication date: 14-Jun-2023
https://doi.org/10.1007/978-981-99-2115-7_9
Zaheer MKhan A(2021)Design of Hardware for Detection of System CorruptionProceedings of Integrated Intelligence Enable Networks and Computing10.1007/978-981-33-6307-6_13(119-129)Online publication date: 24-Apr-2021
https://doi.org/10.1007/978-981-33-6307-6_13
van Oorschot Pvan Oorschot P(2021)Malicious SoftwareComputer Security and the Internet10.1007/978-3-030-83411-1_7(183-211)Online publication date: 14-Oct-2021
https://doi.org/10.1007/978-3-030-83411-1_7
van Oorschot Pvan Oorschot P(2021)Software Security—Exploits and Privilege EscalationComputer Security and the Internet10.1007/978-3-030-83411-1_6(155-182)Online publication date: 14-Oct-2021
https://doi.org/10.1007/978-3-030-83411-1_6
Wehbe TMooney VKeezer D(2018)Hardware-Based Run-Time Code Integrity in Embedded DevicesCryptography10.3390/cryptography20300202:3(20)Online publication date: 30-Aug-2018
https://doi.org/10.3390/cryptography2030020
Aycock JGroeneveldt AKroepfl HCopplestone TPolycarpou IRead JAndreou PArmoni M(2018)Exercises for teaching reverse engineeringProceedings of the 23rd Annual ACM Conference on Innovation and Technology in Computer Science Education10.1145/3197091.3197111(188-193)Online publication date: 2-Jul-2018
https://dl.acm.org/doi/10.1145/3197091.3197111
Chatvichienchai S(2017)A Novel System for Securely Sharing Macros of Spreadsheets of OrganizationsJournal of Advances in Information Technology10.12720/jait.8.2.86-91(86-91)Online publication date: 2017
https://doi.org/10.12720/jait.8.2.86-91
Aycock JDhanjal SAhmed F(2016)Code ProtectionProceedings of the 21st Western Canadian Conference on Computing Education10.1145/2910925.2910929(1-5)Online publication date: 6-May-2016
https://dl.acm.org/doi/10.1145/2910925.2910929
Williams-King DAycock Jde Castro DAyfer RImpagliazzo JLaxer C(2010)EnbugProceedings of the fifteenth annual conference on Innovation and technology in computer science education10.1145/1822090.1822100(28-32)Online publication date: 26-Jun-2010
https://dl.acm.org/doi/10.1145/1822090.1822100
Murad KShirazi SZikria YIkram N(2010)Evading Virus Detection Using Code ObfuscationFuture Generation Information Technology10.1007/978-3-642-17569-5_39(394-401)Online publication date: 2010
https://doi.org/10.1007/978-3-642-17569-5_39
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents