Selected Topics in Computer and Information Science
седмица | Име | Опис |
---|---|---|
21.10@16:30 online and in P19 -> Outline of the Course, and Hacking Ethics | COURSE SLACK CHANNEL | This is the slack channel for the course. |
Presentation (outline and ethics) [pdf] | These are the slides from the lecture |
|
Wannacry - outline | A bit about WannaCry |
|
A set of links about notPetya | Additional links: https://www.theregister.co.uk/2017/06/28/petya_notpetya_ransomware/ https://www.bleepingcomputer.com/news/security/security-firms-find-thin-lines-connecting-notpetya-to-ukraine-power-grid-attacks/ |
|
Fiske, Alan Page, & Tetlock, Philip E. (1997). Taboo Trade-offs: Reactions to Transactions That Transgress the Spheres of Justice | Fiske, Alan Page, & Tetlock, Philip E. (1997). Taboo Trade-offs: Reactions to Transactions That Transgress the Spheres of Justice. Political Psychology, 18(2), 255-297. doi: 10.1111/0162-895X.00058 |
|
Slovene criminal law (6th edition) in Slovene | Kaznivih dejanj lažnega izdajanja za uradno ali vojaško osebo po 1. odstavku 305. člena KZ-1 – kazen do 1. leta zapora vsakič. Kraja identitete se vodi po kz kot zloraba osebnih podatkov: http://pravninasvet.com/blog/kraja-identitete-2del (praviloma okoli 3 leta zapora) Kraja poslovnih skrivnosti: https://zakonodaja.com/zakon/kz-1/236-clen-izdaja-in-neupravicena-pridobitev-poslovne-skrivnosti |
|
Kohlberg's theory of Moral development (1958) | Summary by Saul McLeod https://www.simplypsychology.org/kohlberg.html |
|
Sykes, Gresham M., & Matza, David. (1957). Techniques of Neutralization: A Theory of Delinquency | -Sykes,
Gresham M., & Matza, David. (1957). Techniques of Neutralization: A Theory
of Delinquency. American
Sociological Review, 22(6),
664-670. |
|
28.10.@16:30 -> PENetration TESTing, and Breach databases | Penetration Testing process and Breach databases [slides] | Slides for lecture 2 and 3 |
EU Data Protection Directive | The EU law that specifies handling of sensitive data (amongst other things) |
|
SI-CERT resource on SI laws on cybercrime (In SLO) | ||
A sample penetration testing report (by offensive security) | https://www.offensive-security.com/reports/penetration-testing-sample-report-2013.pdf |
|
Nasu, H. (2015). STATE SECRETS LAW AND NATIONAL SECURITY | Nasu, Hitoshi. (2015). STATE SECRETS LAW AND NATIONAL SECURITY. International and Comparative Law Quarterly, 64(2), 365-404. doi: 10.1017/S0020589315000056 (... When to disclose, and when not to, because this jeopardises national security) |
|
Ars Technica article on a huge passwords leak | ||
nmap cheat sheet | Sample commands for nmap |
|
haveibeenpwned? | Online resource to check your password security. |
|
4.11.@16:30 -> Open source Intelligence Gathering | Lecture 5. OSINT | SLides for OSINT Lecture |
NATO OSINT Manual | NATO OSINT Manual [now declassified] |
|
Google hacking tutorial | Google hacking cheat-sheet |
|
The Google Hacker’s Guide | Long, Johnny. (2005). The Google Hacker’s Guide: Understanding and Defending Against the Google Hacker. online: self-published. |
|
Lovell, K. , Modic, D., & Maennel, O.M.. (2018). Exercise Mercury [REPORT] | Lovell, Kieren , Modic, David, & Maennel, Olaf Manuel. (2018). Exercise Mercury: An Ethical Hacking Exercise [report] (U. I. Services, Trans.) (pp. 9). Cambridge, UK: University of Cambridge. |
|
kovter (malware package) | About a popular malware package, called kovter... |
|
Password reuse statistics | ... 52% of the users studied have the same passwords (or very similar and easily hackable ones) for different services.... ... With 85% of passwords reused or slightly changed in the case of online shopping, and 62% for email ... |
|
Modic, D., Anderson, R., & Palomäki, J. (2018). We will make you like our research: The development of a susceptibility-to-persuasion scale | Modic, David, Anderson, Ross, & Palomäki, Jussi. (2018). We will make you like our research: The development of a susceptibility-to-persuasion scale. PLOS ONE, 13(3), e0194119. doi: 10.1371/journal.pone.0194119 |
|
Long, Johnny, E, Skoudis, & A., van Eijkelenborg. (2004). Google hacking for penetration testers | Long, Johnny, E, Skoudis, & A., van Eijkelenborg. (2004). Google hacking for penetration testers. Burlington, MA: Syngress Pub. |
|
Wilhelm, Thomas, & Andress, Jason. (2011). Ninja hacking : unconventional penetration testing tactics and techniques | Wilhelm, Thomas, & Andress, Jason. (2011). Ninja hacking : unconventional penetration testing tactics and techniques. Burlington, MA: Syngress/Elsevier. |
|
18.11@16:30 -> Shodan | Shodan Presentation | SHODAN |
Shodan search terms | Keywords used in Shodan searches. |
|
Shodan null-byte Online tutorial | ||
Shodan API overview | ||
Shodan Beginner tutorial | ||
Lee, Seungwoon, Shin, Seung-Hun, & Roh, Byeong-hee. (2017). Abnormal Behavior-Based Detection of Shodan and Censys-Like Scanning | Lee, Seungwoon, Shin, Seung-Hun, & Roh, Byeong-hee. (2017). Abnormal Behavior-Based Detection of Shodan and Censys-Like Scanning. Paper presented at the Ninth International Conference on Ubiquitous and Future Networks (ICUFN), Milan. |
|
Ercolani, V. J., Patton, M. W., & Chen, H. (2016). Shodan visualized | Ercolani, V. J., Patton, M. W., & Chen, H. (2016). Shodan visualized. Paper presented at the IEEE Conference on Intelligence and Security Informatics (ISI), Tucson, AZ. |
|
Phan, Thai, Krum, David M., & Bolas, Mark. (2016). ShodanVR Immersive visualization of text records from the Shodan database | Phan, Thai, Krum, David M., & Bolas, Mark. (2016). ShodanVR Immersive visualization of text records from the Shodan database. Paper presented at the 2016 Workshop on Immersive Analytics (IA), Greenville, SC, . |
|
Harsha, M. S., Bhavani, B. M., & Kundhavai, K. R. (2018). Analysis of vulnerabilities in MQTT security using Shodan API and implementation of its countermeasures via authentication and ACLs | Harsha, M. S., Bhavani, B. M., & Kundhavai, K. R. (2018). Analysis of vulnerabilities in MQTT security using Shodan API and implementation of its countermeasures via authentication and ACLs. Paper presented at the 2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI), Bangalore, India. |
|
Al-Alami, H., Hadi, A., & Al-Bahadili, H. (2017). Vulnerability scanning of IoT devices in Jordan using Shodan | Al-Alami, H., Hadi, A., & Al-Bahadili, H. (2017). Vulnerability scanning of IoT devices in Jordan using Shodan. Paper presented at the, 2nd International Conference on the Applications of Information Technology in Developing Renewable Energy Processes & Systems (IT-DREPS), Amman |
|
Matherly, J. (2016). The Complete Guide to Shodan | Matherly, J. (2016). The Complete Guide to Shodan. Collect. Analyze. Visualize. Make Internet Intelligence Work For You. Kindle Edition Amazon. |
|
18.11@17:30 -> metasploit | metasploitable presentation | (c) Aleksander Mundjar |
More in-depth tutorial course (recommended) | More in-depth tutorial course (recommended) |
|
Metasploitable2 os guide | Metasploitable2 os guide |
|
25.11.@16:30 -> Human Attack Vectors Part 1 | Presentation slides (part 1) [pdf] | Psychology of Security part 1 |
Humphrey, N. (1976). The Social Function of Intellect | Humphrey, N. (1976). The Social Function of Intellect. In P. P. G. Bateson & R. A. Hinde (Eds.), Growing Points in Ethology (pp. 303-317). Cambridge, UK: Cambridge University Press. |
|
Modic, D., Anderson, R., & Palomäki, J. (2018). We will make you like our research | Modic, D., Anderson, R., & Palomäki, J. (2018). We will make you like our research: The development of a susceptibility-to-persuasion scale. PLoS One, 13(3), e0194119. Retrieved from https://doi.org/10.1371/journal.pone.0194119. doi:10.1371/journal.pone.0194119 |
|
Herley, C. (2009). So Long, And No Thanks for the Externalities | Herley, C. (2009). So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users. New York: Assoc Computing Machinery. |
|
Dyrud, M. A. (2005). I Brought You a Good News: An Analysis of Nigerian 419 Letters | Dyrud, M. A. (2005). I Brought You a Good News: An Analysis of Nigerian 419 Letters. Paper presented at the 70th Annual Convention of The Association for Business Communication, Irvine, CA. Analysis retrieved from http://www.businesscommunication.org/conventions/Proceedings/2005/PDFs/07ABC05.pdf |
|
Shadel, D. P., & Pak, K. B. S. (2007). The Psychology of Consumer Fraud | Shadel, D. P., & Pak, K. B. S. (2007). The Psychology of Consumer Fraud. (PhD), Tillbrook University, Stanford Center on Longevity. |
|
Fischer, P., Lea, S., & Evans, K. (2009). The Psychology of Scams | Fischer, P., Lea, S., & Evans, K. (2009). The Psychology of Scams: Provoking and Commiting Errors of Judgement. Research for the Office of Fair Trading (OFT1070). Retrieved from Exeter, UK: http://www.oft.gov.uk/shared_oft/reports/consumer_protection/oft1070.pdf |
|
Modic, D., & Lea, S. E. G. (2011). How neurotic are scam victims, really? The big five and Internet scams | Modic, D., & Lea, S. E. G. (2011). How neurotic are scam victims, really? The big five and Internet scams. Paper presented at the 2011 Conference of the International Confederation for the Advancement of Behavioral Economics and Economic Psychology, Exeter, United Kingdom. |
|
Modic, D., & Anderson, R. (2015). It’s All Over but the Crying | Modic, D., & Anderson, R. (2015). It’s All Over but the Crying: The Emotional and Financial Impact of Internet Fraud. Ieee Security & Privacy, 13(5), 99-103. doi:10.1109/MSP.2015.107 |
|
Titus, R. M., & Dover, A. R. (2001). Personal Fraud: The Victims and the Scams | Titus, R. M., & Dover, A. R. (2001). Personal Fraud: The Victims and the Scams. Crime Prevention Studies, 12, 133-151. |
|
Copes, H., Kerley, K. R., Mason, K. A., & Van Wyk, J. (2001). Reporting behavior of fraud victims and Black's theory of law: An empirical assessment | Copes, H., Kerley, K. R., Mason, K. A., & Van Wyk, J. (2001). Reporting behavior of fraud victims and Black's theory of law: An empirical assessment. Justice Quarterly, 18(2), 343-363. doi:10.1080/07418820100094931 |
|
Modic, D., & Lea, S. E. G. (2013). Scam Compliance and the Psychology of Persuasion | Modic, D., & Lea, S. E. G. (2013). Scam Compliance and the Psychology of Persuasion [pre-print]. Social Sciences Research Network, Available at SSRN: http://ssrn.com/abstract=2364464. Retrieved from http://ssrn.com/abstract=2364464. |
|
Kanfer, F. H., & Karoly, P. (1972). Self-control: A behavioristic excursion into the lion's den | Kanfer, F. H., & Karoly, P. (1972). Self-control: A behavioristic excursion into the lion's den. Behavior Therapy, 3(3), 398-416. Retrieved from http://www.sciencedirect.com/science/article/pii/S0005789472801400. doi:10.1016/s0005-7894(72)80140-0 |
|
Muraven, M., & Baumeister, R. F. (2000). Self-regulation and depletion of limited resources: Does self-control resemble a muscle? | Muraven, M., & Baumeister, R. F. (2000). Self-regulation and depletion of limited resources: Does self-control resemble a muscle? Psychological Bulletin, 126(2), 247-259. Retrieved from http://search.ebscohost.com/login.aspx?direct=true&db=pdh&AN=bul-126-2 |
|
Nadel, S. F. (1953). Social Control and Self-Regulation | Nadel, S. F. (1953). Social Control and Self-Regulation. Social Forces, 31(3), 265-273. Retrieved from http://www.jstor.org/stable/2574226. -247&site=ehost-live. doi:10.1037/0033-2909.126.2.247 |
|
Gailliot, M. T., Baumeister, R. F., DeWall, C. N., Maner, J. K., Plant, E. A., Tice, D. M., . . . Schmeichel, B. J. (2007). Self-control relies on glucose as a limited energy source: Willpower is more than a metaphor | Gailliot, M. T., Baumeister, R. F., DeWall, C. N., Maner, J. K., Plant, E. A., Tice, D. M., . . . Schmeichel, B. J. (2007). Self-control relies on glucose as a limited energy source: Willpower is more than a metaphor. Journal of Personality and Social Psychology, 92(2), 325-336. Retrieved from http://search.ebscohost.com/login.aspx?direct=true&db=pdh&AN=psp-92-2-325&site=ehost-live |
|
Wegner, D. M., Schneider, D. J., Carter, S. R., & White, T. L. (1987). Paradoxical effects of thought suppression | Wegner, D. M., Schneider, D. J., Carter, S. R., & White, T. L. (1987). Paradoxical effects of thought suppression. Journal of Personality and Social Psychology, 53(1), 5-13. Retrieved from http://search.ebscohost.com/login.aspx?direct=true&db=pdh&AN=psp-53-1-5&site=ehost-live. doi:10.1037/0022-3514.53.1.5 |
|
Logue, A. W. (1988). Research on self-control: An integrating framework | Logue, A. W. (1988). Research on self-control: An integrating framework. Behavioral and Brain Sciences, 11(04), 665-679. Retrieved from http://dx.doi.org/10.1017/S0140525X00053978. doi:doi:10.1017/S0140525X00053978 |
|
Metcalfe, J., & Mischel, W. (1999). A hot/cool-system analysis of delay of gratification: Dynamics of willpower | Metcalfe, J., & Mischel, W. (1999). A hot/cool-system analysis of delay of gratification: Dynamics of willpower. Psychological Review, 106(1), 3-19. Retrieved from http://search.ebscohost.com/login.aspx?direct=true&db=pdh&AN=rev-106-1-3&site=ehost-live. doi:10.1037/0033-295x.106.1.3 |
|
Muraven, M., Tice, D. M., & Baumeister, R. F. (1998). Self-control as a limited resource: Regulatory depletion patterns | Muraven, M., Tice, D. M., & Baumeister, R. F. (1998). Self-control as a limited resource: Regulatory depletion patterns. Journal of Personality and Social Psychology, 74(3), 774-789. Retrieved from http://search.ebscohost.com/login.aspx?direct=true&db=pdh&AN=psp-74-3-774&site=ehost-live. doi:10.1037/0022-3514.74.3.774 |
|
Kuijer, R., de Ridder, D., Ouwehand, C., Houx, B., & van den Bos, R. (2008). Dieting as a case of behavioural decision making. Does self-control matter? | Kuijer, R., de Ridder, D., Ouwehand, C., Houx, B., & van den Bos, R. (2008). Dieting as a case of behavioural decision making. Does self-control matter? Appetite, 51(3), 506-511. Retrieved from <Go to ISI>://WOS:000259930900014. doi:10.1016/j.appet.2008.03.014 |
|
McCrae, R. R., & Costa, P. T. (1987). Validation of the five-factor model of personality across instruments and observers | McCrae, R. R., & Costa, P. T. (1987). Validation of the five-factor model of personality across instruments and observers. Journal of Personality and Social Psychology, 52(1), 81-90. Retrieved from http://search.ebscohost.com/login.aspx?direct=true&db=pdh&AN=psp-52-1-81&site=ehost-live. doi:10.1037/0022-3514.52.1.81 |
|
16.12.@16:45 Team assignment overview IS POSPTPONED. Today: UNPACKING MALWARE and a short Q&A if there are any. | Presentation [pptx] |