EPiC Series in Computing
Volume 82, 2022, Pages 102–111
Proceedings of 37th International Conference on Computers and Their Applications
Ethical Hacking: Skills to Fight Cybersecurity
Threats
Logan A. Smith1, MD Minhaz Chowdhury1 and Shadman Latif2
1
East Stroudsburg University, East Stroudsburg, PA, USA
American International University, Dhaka, Bangladesh
lsmith77@live.esu.edu, mchowdhur1@esu.edu, Sadmanxp@gmail.com
2
Abstract
Ethical hacking education prepares future information security professionals with
the tools and skills to fight and prevent cybersecurity threats. Businesses, schools,
governments, and individuals have an increasing concern to keep their systems,
networks, and data secure from outside threats. Most information security technologies
use a defensive approach to keep client’s data safe; however, ethical hacking provides
one of the only proactive/aggressive methods for information security professionals to
utilize. Teaching inexperienced information security professionals these aggressive
tactics can be viewed as a double- edged sword. Since they are the same methods used
by malicious hackers, educating new security professionals will undoubtedly educate
more malicious hackers.
1 Introduction
The internet and its importance are expanding at an incredible rate. Schools, businesses,
governments, and individuals are all becoming reliant on the Internet and Internet of Things (IoT)
devices. IoT devices can include but are not limited to desktops, laptops, smartphones, smartwatches,
etc. With so many institutions relying on the Internet and devices connected to the Internet, their
security from outside threats becomes the owner’s highest priority. The rise of information technology
and the Internet have brought cybercrime to the forefront of everyday life. Information technology has
created a new, seemingly anonymous, avenue for criminals to operate and cause damage. Malicious
users find new ways to penetrate IoT devices nearly every day, allowing many security measures to
only be reactive in nature. Ethical hacking is one security measure that provides an exception to these
reactive measures and is viewed as a proactive one. These hackers use the same skills and tools as
malicious hackers; however, there are many strict guidelines they must follow, and a certification
must be obtained to become a legally recognized ethical hacker. Therefore, it is important for
instructors to correctly inform their students about the repercussions of malicious hacking to help
encourage them to complete their program and become a certified ethical hacker.
B. Gupta, A. Bandi and M. Hossain (eds.), CATA2022 (EPiC Series in Computing, vol. 82), pp. 102–111
Ethical Hacking: Skills to Fight Cybersecurity Threats
L. Smith, M. Mi. Chowdhury and S. Latif
Organizations, schools, governments, etc. have historically used a defensive approach to secure
networks, systems, and data. This approach leveraged technologies such as firewalls,
antivirus/antimalware software, network segmentation, and access control lists to defend against
unauthorized access (Thomas et al., 2018). It is important to note that these technologies, for the most
part, cannot stop an active breach into a system. Sometimes they can prevent a breach from happening
but only if it is through a known vulnerability. Thus, the importance of ethical hacking becomes
evident. No organization wants to fall victim to a data breach from a malicious hacker just to discover
a vulnerability in their computer security. Ethical hackers discover these risks and vulnerabilities in a
system or network from within a controlled environment, with no intention to cause damage to or
steal data from the owners of the system/network. However, ethical hackers and their instruction raise
important questions about their implications such as “Is teaching students how to hack worsening the
problem of malicious hackers?” and “If a student uses the information provided to him by an
institution to commit a crime, who is at fault?”.
Ethical hacking is performed by trained/certified individuals who carry out actions like that of
malicious hackers in hopes of finding vulnerabilities in a system or network before a hacker has the
chance to exploit it. Hartley defines ethical hacking as penetrating a system as a hacker but with
benign intentions (Hartley et al., 2017). Not only must ethical hackers adhere to a strict code of ethics,
but they must also be conscious of the law while performing their job. For an individual to become an
ethical hacker they must be taught the strategies and methods of malicious hackers; therefore,
teaching students these tactics has the potential to compound, rather than fix, the problem of the
increasing number of malevolent hackers.
Ultimately, it is the students’ decision whether to use their newfound skills in an ethical or
malicious way; however, it is important for instructors and instructing institutions to provide the
students with not only the proper skills but a strong moral standing as well.
The purpose of this paper is to analyze ethical hacking, its use in information security, and the
implications that occur from teaching individuals ethical hacking. To do this, a brief history of
hacking will be provided, and a basic understanding of what hacking must be reached. This paper will
discuss the different classifications of hackers along with what side of legality they are placed. The
actions of some are not always black and white in terms of the law. Then it will delve into ethical
hacking itself. This will include the significance of ethical hacking, the code of ethics these hackers
must follow, and an ethical hacker’s methodology on the job. Next it will discuss the implications of
teaching ethical hacking to students and some good practices that can be employed to not only protect
the instructing institution but the students as well. Finally, this paper will call attention to some
common laws for hackers to be aware of along with some recent data breaches caused by malicious
hackers.
The remainder of this paper will be organized as follows: Section 2 introduces relevant
background information on hacking. This information will include a short history on hacking, the
three main classifications hackers are put under, and what classification ethical hackers are considered
a part of. Section 3 will analyze ethical hacking in depth. This section will evaluate the significance of
ethical hacking with information security, present the code of ethics that ethical hackers must adhere
to, and discuss the methodology used by ethical hackers on the job. The analysis section will also
discuss the benefits and implications ethical hacking has on society. Further, in Section 3, possible
solutions will be analyzed that may alleviate the impact of the ethical hacking implications brought
forward in the analysis section. Finally, Section 3 will conclude with call attention drawn to federal
laws that both malicious and ethical hackers should be aware of when they decide to use their skills.
Finally, the conclusion of the paper will be in Section 4.
103
Ethical Hacking: Skills to Fight Cybersecurity Threats
L. Smith, M. Mi. Chowdhury and S. Latif
2 Background
This section describes the history of hacking, the types of hackers and at what category the ethical
hackers fall into.
2.1 Origin of Hacking
The origin of hacking can be traced to college campuses such as Stanford University and
Massachusetts Institute of Technology in the 1960s; however, the term hack or verb hacking was a
reference to methods or actions taken as shortcuts to finish tasks in an efficient manner. Despite
hacking’s connotation today, original hackers enjoyed and explored new technology without
malicious intent (Hartley et al., 2017). Though hacking began innocently, some hackers quickly
learned they could use their skills and knowledge to exploit companies. In the 1970s, Steve Jobs and
Steve Wozniak, the future founders of Apple Computer, made and sold devices known as a “blue
box”. These devices utilized a whistle, obtained from a Cap’n Crunch cereal box, that allowed users
to make free phone calls through AT&T (Farsole et al., 2010).
In the early 1980s some of the first known hacker groups were formed which further caused havoc
through an online battle to jam phone lines. The actions of these groups lead to a governmental
response with the Computer Fraud and Abuse Act passed in 1986, which made breaking into
computer systems a federal crime (Farsole et al., 2010). This could be viewed as the beginning of the
negative connotation that hacking is known for now. After the Computer Fraud and Abuse Act was
passed; the first computer worm was made and unleashed, a hacker’s manifesto was published, and
hacking groups have attacked government and college websites (Farsole et al., 2010) (Peacock,
2013).
2.2 Types of Hackers
Hackers have been classified into three overarching categories. The three categories are White
Hat, Black Hat, and Gray Hat hackers. These categories and the hackers placed in them were
determined from the intentions and actions of those that exist within them. The two most common
categories are white and black hat hackers because these two categories were formulated from the
hacker’s intentions and whether they were good or bad. However, the third category, gray hat hacker,
was created for those that did not fit cleanly within black or white hat (Peacock, 2013).
The terms “white hat” and “black hat” are derived from old western movies in which the good guy
wore a white hat, and the bad guy wore a black hat (Peacock, 2013) (Pace & Jagnarine, 2005). A
white hat hacker is typically an information security professional that possesses a hacker’s toolset that
uses this toolset to determine where weaknesses occur in a system and either deploy or recommend
countermeasures (Peacock, 2013). White hat hackers will obtain proper authorization from the person
or organization that owns the rights to the system they will break into. They work in a structed
environment that the owner of the system is fully aware of at the time of the attempted hack.
In contrast to white hat hackers, black hats are viewed as the stereotypical bad guy. These hackers
have malicious intentions. Though the two main categories of hackers use the same or similar tools to
access the system, the primary thing that separates the two is their intentions. They use their skills to
disrupt, damage, and steal from computer systems and their owners. Black hat hackers are seeking
personal gain from their actions which can range from selling stolen data to destroying data to cause
problems for the authorized user later. Not only do their intentions separate them from white hat
hackers but their lack of authorization to access a system also separates them (Pace & Jagnarine,
2005).
Gray hat hackers exist in a moral gray area. For the most part they act illegally and do not acquire
formal or correct authorization to access a computer system. However, their intentions are not
104
Ethical Hacking: Skills to Fight Cybersecurity Threats
L. Smith, M. Mi. Chowdhury and S. Latif
completely malicious. Many gray hats begin as black hats and later utilize their skills for their
perception of good (Thomas et al., 2018). Hackers that work for the government are considered gray
hat hackers. These hackers are performing their duties as a government employee to ensure national
security through hacking foreign governments (Thomas et al., 2018). A common occurrence for nongovernmental gray hats is breaking into a website or company computer system without permission
and afterwards contacting the company for compensation in return for details on the security flaw.
Though their actions might have good intentions, they are still considered illegal because permission
was never granted.
2.3 Who are Ethical Hackers
Ethical hackers will typically fall under the category of white hat hackers. These hackers possess a
certification from the EC-Council, which requires them to have experience in information security
and to pass an exam. Ethical hackers are hired by organizations to test and validate their security
controls (Thomas et al., 2018). Organizations that hire ethical hackers are typically inquiring into the
safety and security of sensitive data and if the hired ethical hacker obtains access to this
information/data they must be trusted to not steal or utilize the data for personal gain. What separates
ethical hackers from white hats is the code of ethics they must follow to remain an ethical hacker.
This code of ethics grants them more trust and credibility than regular white hat hackers.
Though an ethical hacker must follow the ECCouncil’s code of ethics it is also important for them
to stay informed on new penetration methods. However, in doing so their professional ethics might
come in question. Resulting in the creation of larger implications for ethical hackers and ethical
hacking as a whole (Thomas et al., 2018). A certified ethical hacker’s trustworthiness directly relates
to the possibility of employment and if their ethics ever come into question, it may cost them their
career.
3 Analysis
This section will take a more in-depth look at ethical hackers. The code of ethics formulated by
ECCouncil will be addressed and evaluated on how feasible it is for all certified ethical hackers to
follow. Then both the benefits and implications of ethical hacking within education will be discussed.
Following the implications, potential solutions will be given to ease the impact of these implications.
Finally, a brief overview of the most significant federal laws that affect malicious and ethical hackers
alike will be presented.
3.1 Code of Ethics
To become an ethical hacker, an information security professional must pass a certification exam
conducted by the EC-Council. However, to maintain possession of their certification, ethical hackers
must follow the EC-Council’s code of ethics. Though most of these rules rely on common sense and
are black and white, a few remain ambiguous and may vary in meaning in different situations. It is
this ambiguity in an ethical hacker’s code of ethics that can call into question their professional ethics.
Many of the individual rules within the ECCouncil’s code of ethics overlap with professional
ethics. These common ones are do not steal or damage client information, do not involve yourself in
deceptive financial practices, and obtain proper authorization before accessing a system or network, to
name a few (EC-Council, 2021). Although, as stated previously, ethical hackers use methods and
tools that are extremely similar, if not the same, as malicious hackers. Therefore, when the
ECCouncil’s code of ethics requires ethical hackers to avoid contact and affiliation with any black hat
105
Ethical Hacking: Skills to Fight Cybersecurity Threats
L. Smith, M. Mi. Chowdhury and S. Latif
hackers or black hat communities, it can create problems with the ethical hacker when they are trying
to remain up to date on current methods of black hat hackers (Thomas et al., 2018).
The EC-Council provides only one avenue to become a certified ethical hacker and one code of
ethics they require these certified hackers to follow. There are several other professionally recognized
information security organizations and communities that possess their own form of ethics. These
organizations include CREST, ISC2, and ISACA to list a few (Thomas et al., 2018).
3.2 Benefits of Ethical Hacking
It has become more and more apparent over the last decade that information security professionals
are always on the defensive. Many times, they are only able to employ preventative measures to
hinder malicious hackers and when a malicious user gains access to a restricted system or network,
information security professionals play the role of damage control. Ethical hackers provide an
opportunity for security professionals to play a more offensive role in protecting their client’s systems
and networks (Hartley et al., 2017). Thus, as the Internet of Things continues to increase in size, the
threat of users with malicious intent increases along with it. In a 2013 study performed by Ronald
Pike, 206 cybersecurity professionals were asked their beliefs on the best way to prevent malicious
hackers and they unanimously replied with the inclusion of instructional hacking at schools and
universities (Pike, 2013). It is important for most cybersecurity professionals to understand hacking in
some fashion to efficiently protect their systems against it. While most organizations nowadays have
full- time cybersecurity professionals working for them, certified ethical hackers can be viewed as an
extra measure of security or as cybersecurity auditors. Auditors’ objective is to improve upon the
system’s/network’s security, not to damage or steal from the company that hired them (Hartley et al.,
2017).
It has become common practice for organizations and corporations to hire white hat/ethical
hackers to infiltrate their systems. These hacks or penetration tests are viewed as baseline security that
these organizations must have to deter or fully prevent common hacking methods used by malicious
hackers (Pace & Jagnarine, 2005). White hat’s will relay any security risks or vulnerabilities found
along with their severity to the hiring organization and provide potential solutions they can employ to
eliminate or reduce these risks.
3.3 Implications of Ethical Hacking
Permissions abuse is categorized by software re-questing permissions not essential to the
functionality of the program or application, specifically with intentions to use device resources and
collect information about the user. For instance, over the years there has been controversy about the
permissions required by apps like Facebook and Messenger, including the ability to change the state
of network connectivity, send outgoing calls, read text messages, read call logs, contact data, and
more. Although these permissions are indicative of features on the app, it is also possible that they can
be abused without the knowledge of the user in a worst-case scenario. While one may deduce
legitimate reasons for such data collection, it seems increasingly unnecessary as the list goes on, and
some such apps have been found to save this in-formation in persistent records. While apps like this at
least inform the user of the range of permissions, others access devices without giving such notice.
One study on real-time security monitoring on smartphones found that countless apps access location,
device ID, network status, and more without ever informing the user (Enck et al., 2019). Without the
user having a way to detect this, their security is breached, and malicious attackers can exploit their
devices.
106
Ethical Hacking: Skills to Fight Cybersecurity Threats
L. Smith, M. Mi. Chowdhury and S. Latif
3.4 Federal Laws Affecting the Action of Hacking
There are several significant federal laws that directly affect the action of hacking. As stated
previously in the background section of this paper, the Computer Fraud and Abuse Act (CFAA) was
enacted in 1986. The CFAA prohibits unauthorized access to a separate party’s computer system. If
this law is violated, a hacker could face up to ten years in prison depending on the computer system
infiltrated and the information that was compromised (Marshall Jarrett et al., 2015). A second federal
law that hackers should be aware of is the Stored Communications Act (SCA) which was enacted in
1986. The SCA provides protection for the customers of network service providers. It also prohibits
the interception of communications whether they be oral, wired, or electronic. While the punishment
for violating the SCA may not be as lengthy as the CFAA violating the SCA can lead to two years
imprisonment on the first offense.
The Electronic Communications Privacy Act (ECPA) is directly related to the SCA and was
enacted at the same time with the SCA being Title II of the ECPA. Where the SCA addresses
intercepted communications, the ECPA focuses on stored electronic communications and protects
civilians from governmental wiretaps. These three laws are only a select few of many that
cybersecurity professionals should be aware of and do not include the many different state laws that
could affect malicious and ethical hackers. Therefore, it is important that before an ethical hacker act
while working that they review what laws they may come into conflict with.
3.5 Ethical Hacking Resources Misuse
In a study performed by Ronald Pike, he identified several propositions for educational institutions
to employ to combat increasing the number of malicious hackers while attempting to train ethical
hackers. Pike found that groups of hackers whether they be malicious or ethical, create ethical
frameworks that guide activities and discipline (Pike, 2013). Ethical frameworks work like group
morals. If a white-hat hacker peer would not perform an action, then the white-hat pondering that
action will most likely not act on it. These frameworks are created through social interaction and the
formation of peer groups. It is proposed that hacking instructors should encourage the formation of
peer groups that support white hat hacking methods and practices.
The second proposition that Pike presents is directed toward competition. Students should be
exposed to hacking competitions because it provides real-world scenarios and rewards students that
utilize white hat methods. Competitions also create an opportunity for students to expand their social
network and in turn their ethical framework. The second and third proposition are closely related in
that the third proposition relates to rewarding students for their hacking methods. If a peer group is
rewarded and provided recognition for white hat hacking methods those methods are more likely to be
reinforced over black hat methods. These three propositions will not completely solve malicious
hacker numbers increasing due to ethical hacking education, but they should lead to a decrease in the
overall number of malicious hackers created through formal education.
Another possible solution to decrease malicious hacking is to teach the viewpoints of hacking and
ethics during such instructions and resources documentations.
The resources that are meant for white hat hackers, are now used by malicious hackers (Islam et
al., 2021). There are ethical hacker forums where many threads have malicious intent. The online
marketplace and online information intended for benign purpose are now also used by malicious
hackers. The intent of hackers is becoming so malicious that in many articles, “hackers” are implicitly
means malicious hackers, rather white hat hackers. For example, the author of (Islam et al., 2021)
used hacker to mean malicious hacker for most of their work. There is an example of hackers who
started his carrier as a hacker but later took hacking to an extreme level (Hamid, 2018). He used
online available resources to train himself initially, before joining the terror group. He started hacking
since his teenage and became a hacktivist. He joined online hacking forums. He founded the hacking
107
Ethical Hacking: Skills to Fight Cybersecurity Threats
L. Smith, M. Mi. Chowdhury and S. Latif
group Team Poison that claims to be responsible for several infamous hacking (example, Blackberry
in 2011, NATO website, U.K. ministry of defense records, DoS attack in 2012 etc.). Afterwards, he
started cyber terrorism. This is an example of how freely available online resources and knowledge
can be misused by a hacker to initiate cyber terrorism.
Instructors may effectively increase the number of malicious hackers while intending to increase
the number of white hat and ethical hackers. Hence, a training or teaching of ethics of hacking also
needs to be in place, to teach students (who are learning hacking skills) the different viewpoints of
hacking (Dvorak et al., 2020). The misuse of white hat hackers’ resources also can act as a motivation
for the white hat hackers, probably during their learning phase, to hunt down the malicious hackers.
Attacking malicious hackers by the white hat or ethical hackers is known as hacking back (Holzer &
Lerums, 2016). Hacking back is becoming a common practice in organizations and countries now.
3.6 Interdisciplinary Research as a Measure Against Malicious Hacking
There are interdisciplinary concepts that can be applied to minimize or harden the activities of
hackers. For example, feature selection method used for reducing feature dimensions of cyber security
dataset (Ahsan et al., 2021), can be used to select mal features of emails (against social engineering
attack). Computational trust can be used trust the activity of another connecting device and malicious
user (M. Chowdhury & Nygard, 2018) (M. M. Chowdhury et al., 2018) (M. M. Chowdhury &
Nygard, 2017) (Md Minhaz Chowdhury, 2017) (Krishna Kambhampaty, Maryam Alruwaythi, Md
Minhaz Chowdhury, 2019) (Nygard et al., 2017) (Kendall E. Nygard, Md Minhaz Chowdhury,
Ahmed Bugalwi, 2017). State-of-the-art methods of securing cloud data can be used to secure data on
cloud (Mayerski & Chowdhury, 2021) (John Hanley, Md Minhaz Chowdhury, Mike Jochen, n.d.) and
methods of securing mobile devices can be used as individual or business best practices (A. Mos &
Chowdhury, 2020) (Helm & Chowdhury, 2021) (Khan & Chowdhury, 2021) (Atanassov &
Chowdhury, 2021). Clients and employees can be trained to follow the best practices against social
engineering attack by hackers and how to automatedly trust a user (Mattera & Chowdhury, 2021)
(Krishna Kambhampaty, Maryam A Maryam Alruwaythi, Md Minhaz Chowdhury, 2019). State-ofthe-art defense against malwares can be practices, example defense against ransomware (M. A. Mos
& Chowdhury, 2020). Device hardening is a good way to discourage attackers (Rae et al., 2019). The
harder the mobile device will be to attack, the less interest a hacker will get. In the worst-case
scenario, such techniques can keep out the script kiddie hackers or low skilled hackers.
4 Conclusion
The article presented the relation between intentions and the methods used for ethical hacking.
The article also presented a tying discussion on hacking with the current laws used for preventing.
The Internet and the Internet of Things are expanding at an exponential rate, and it is becoming
increasingly important to ensure computer systems and networks are sufficiently secure from
malicious hackers. Ethical hacking is becoming an integral part of the cybersecurity field; however,
its practice and education result in significant implications. The use of hacking as a cybersecurity tool
allows information security professionals to seek out vulnerabilities along with the opportunity to
identify any future problems. These implications consist of increasing the number of malicious
hackers through the education of future ethical hackers, the possibility of ethical hackers to break
contract with employers, and whether hacking is ever actually ethical.
Possibly the greatest concern that surrounds ethical hacking, is its instruction to college students.
Cybersecurity professionals and businesses worry that they are increasing the number of malicious
hackers through teaching students how to use the same methods as black hat hackers. Therefore, it is
important for institutions and instructors to instill correct knowledge of laws concerning hacking and
108
Ethical Hacking: Skills to Fight Cybersecurity Threats
L. Smith, M. Mi. Chowdhury and S. Latif
their repercussions. Studies have also shown that the more socially involved and the more students
feel rewarded for their actions while learning ethical hacking, the less likely it is that these students
will turn to black hat hacking.
It is important for certified ethical hackers to follow the EC-Council’s code of ethics. They must
adhere to this code not only to remain certified through EC-Council, but also to remain trusted by
past, present, and future employers. However, for ethical hackers to remain up to date on methods of
malicious hackers their adherence to their code of ethics and their professional ethics may be called
into question.
References
Ahsan, M., Gomes, R., Chowdhury, M. M., & Nygard, K. E. (2021). Enhancing Machine Learning
Prediction in Cybersecurity Using Dynamic Feature Selector. Journal of Cybersecurity and
Privacy, 1(1), 199–218. https://doi.org/10.3390/jcp1010011
Atanassov, N., & Chowdhury, M. M. (2021). Mobile Device Threat: Malware. IEEE International
Conference
on
Electro
Information
Technology,
2021-May,
7–13.
https://doi.org/10.1109/EIT51626.2021.9491845
Chowdhury, M. M., & Nygard, K. E. (2017). Deception in cyberspace: An empirical study on a con
man attack. IEEE International Conference on Electro Information Technology, 410–415.
https://doi.org/10.1109/EIT.2017.8053396
Chowdhury, M. M., Nygard, K. E., Kambhampaty, K., & Alruwaythi, M. (2018). Deception in
Cyberspace: Performance Focused Con Resistant Trust Algorithm. Proceedings - 2017
International Conference on Computational Science and Computational Intelligence, CSCI
2017, 25–30. https://doi.org/10.1109/CSCI.2017.5
Chowdhury, M., & Nygard, K. E. (2018). Machine learning within a con resistant trust model.
Proceedings of the 33rd International Conference on Computers and Their Applications, CATA
2018, 2018-March.
Dvorak, R., Dillon, H., Ralston, N., & Welch, J. M. (2020). Exploring ethical hacking from multiple
viewpoints. ASEE Annual Conference and Exposition, Conference Proceedings, 2020-June.
https://doi.org/10.18260/1-2--34640
EC-Council. (2021). Code Of Ethics - EC-Council. EC-Council. https://www.eccouncil.org/code-ofethics/
Enck, W., Gilbert, P., Chun, B. G., Cox, L. P., Jung, J., McDaniel, P., & Sheth, A. N. (2019).
TaintDroid: An information-flow tracking system for realtime privacy monitoring on
smartphones. Proceedings of the 9th USENIX Symposium on Operating Systems Design and
Implementation, OSDI 2010, 393–407.
Farsole, A. A., Kashikar, A. G., & Zunzunwala, A. (2010). Ethical Hacking. International Journal of
Computer Applications, 1(10), 14–20. https://doi.org/10.5120/229-380
Hamid, N. (2018). The British Hacker Who Became the Islamic State’s Chief Terror Cybercoach: A
Profile of Junaid Hussain – Combating Terrorism Center at West Point. Combating Terrorism
Center,
11(4),
30–37.
https://www.academia.edu/36582618/A_Profile_of_Junaid_Hussain_The_British_Hacker_Who
_Became_the_Islamic_State_s_Chief_Terror_Cybercoach
Hartley, R., Medlin, D., & Houlik, Z. (2017). Ethical Hacking: Educating Future Cybersecurity
Professionals.
Proceedings
of
the
EDSIG
Conference,
October,
1–10.
http://proc.iscap.info/2017/pdf/4341.pdf%0Ahttp://iscap.info
Helm, G., & Chowdhury, M. M. (2021). Security Issues of Mobile Devices: A Survey. IEEE
International Conference on Electro Information Technology, 2021-May, 14–20.
109
Ethical Hacking: Skills to Fight Cybersecurity Threats
L. Smith, M. Mi. Chowdhury and S. Latif
https://doi.org/10.1109/EIT51626.2021.9491840
Holzer, C. T., & Lerums, J. E. (2016, September 14). The ethics of hacking back. 2016 IEEE
Symposium
on
Technologies
for
Homeland
Security,
HST
2016.
https://doi.org/10.1109/THS.2016.7568877
Islam, R., Rokon, M. O. F., Darki, A., & Faloutsos, M. (2021). HackerScope: the dynamics of a
massive hacker online ecosystem. Social Network Analysis and Mining, 11(1), 1–12.
https://doi.org/10.1007/s13278-021-00758-8
John Hanley, Md Minhaz Chowdhury, Mike Jochen, K. K. (n.d.). Cloud Security: Challenges,
Attacks, and Techniques. The Midwest Instruction and Computing Symposium.
Kendall E. Nygard, Md Minhaz Chowdhury, Ahmed Bugalwi, P. K. (2017). People and Intelligent
Machines in Decision Making. International Journal of Computers and Their Applications.
https://www.researchgate.net/publication/330993356_People_and_Intelligent_Machines_in_De
cision_Making
Khan, J. A., & Chowdhury, M. M. (2021). Security Analysis of 5G Network. IEEE International
Conference
on
Electro
Information
Technology,
2021-May,
1–6.
https://doi.org/10.1109/EIT51626.2021.9491923
Krishna Kambhampaty, Maryam A Maryam Alruwaythi, Md Minhaz Chowdhury, K. E. N. (2019).
Identifying Malicious Users Through Behavior. The Midwest Instruction and Computing
Symposium 2019.
Krishna Kambhampaty, Maryam Alruwaythi, Md Minhaz Chowdhury, K. N. (2019). Trust and its
Influence on Technology. The Midwest Instruction and Computing Sym-Posium 2019.
Marshall Jarrett, H., Michael Bailie, E. W., Hagen Assistant, E., & Eltringham, S. (2015). Prosecuting
Computer
Crimes.
741.
https://www.justice.gov/sites/default/files/criminalccips/legacy/2015/01/14/ccmanual.pdf
Mattera, M., & Chowdhury, M. M. (2021). Social Engineering: The Looming Threat. IEEE
International Conference on Electro Information Technology, 2021-May, 56–61.
https://doi.org/10.1109/EIT51626.2021.9491884
Mayerski, J. J., & Chowdhury, M. M. (2021). Measures to Protect Cloud Data: A Survey. IEEE
International Conference on Electro Information Technology, 2021-May, 44–49.
https://doi.org/10.1109/EIT51626.2021.9491872
Md Minhaz Chowdhury, K. E. N. (2017). An Empirical Study on Con Resistant Trust Algorithm for
Cyberspace. The 2017 World Congress in Computer Sci-Ence, Computer Engineering, &
Applied Computing.
Mos, A., & Chowdhury, M. M. (2020). Mobile Security: A Look into Android. IEEE International
Conference
on
Electro
Information
Technology,
2020-July.
https://doi.org/10.1109/EIT48999.2020.9208339
Mos, M. A., & Chowdhury, M. D. M. (2020). The Growing Influence of Ransomware. IEEE
International
Conference
on
Electro
Information
Technology,
2020-July.
https://doi.org/10.1109/EIT48999.2020.9208254
Nygard, K. E., Chowdhury, M. M., & Kotala, P. (2017). Trust & purpose in computing. Proceedings
of the 32nd International Conference on Computers and Their Applications, CATA 2017, 161–
166. https://www.researchgate.net/publication/315317430
Pace, D., & Jagnarine, A. A. (2005). The Role of White Hat Hackers in Information Security. Honors
College
Theses.
Paper,
14.
http://digitalcommons.pace.edu/honorscollege_theseshttp://digitalcommons.pace.edu/honorscoll
ege_theses/14
Peacock, D. (2013). From Underground Hacking to Ethical Hacking.
Pike, R. (2013). The “Ethics” of Teaching Ethical Hacking. Journal of International Technology and
Information Management, 22(4). https://scholarworks.lib.csusb.edu/jitim/vol22/iss4/4
Rae, J. S., Chowdhury, M. M., & Jochen, M. (2019). Internet of things device hardening using
110
Ethical Hacking: Skills to Fight Cybersecurity Threats
L. Smith, M. Mi. Chowdhury and S. Latif
shodan.io and shoVAT: A survey. IEEE International Conference on Electro Information
Technology, 2019-May, 379–385. https://doi.org/10.1109/EIT.2019.8834072
Thomas, G., Burmeister, O., & Low, G. (2018). Issues of Implied Trust in Ethical Hacking. The
ORBIT Journal, 2(1), 1–19. https://doi.org/10.29297/ORBIT.V2I1.77
111