a case study in malware research ethics education
play

A Case Study in Malware Research Ethics Education When teaching bad - PowerPoint PPT Presentation

Feb 24, 2023 •169 likes •297 views

A Case Study in Malware Research Ethics Education When teaching bad is good John P Sullins Department of Philosophy Sonoma State University 1801 East Cotati Ave. Rohnert Park, CA 94928 Cyber-security Research Email: john.sullins@sonoma.edu

  1. A Case Study in Malware Research Ethics Education When teaching bad is good John P Sullins Department of Philosophy Sonoma State University 1801 East Cotati Ave. Rohnert Park, CA 94928 Cyber-security Research Email: john.sullins@sonoma.edu Ethics Dialog & Strategy Workshop (CREDS II - The Sequel) San José, May 17, 2014

  2. Introduction Academic malware • research is on the rise Professor George Ledin, • SSU John Aycock, Calgary • presentation outline topics in ethics presented • in the class How they are presented • and assessed rationale for requiring • students to keep ethical norms in mind as they do their research projects involving malware design The team behind the SSU malware research course. The Author, George Ledin, and Roger Mamer. http://www.sonoma.edu/insights/archive/08 fall/malware_class.shtml

  3. MALWARE ETHICS

  4. Background and Research Collaboration • Malware Ethics has been slow to emerge – Oxymoron for ethicists • On the other hand… – George Ledin • Must know the enemy to defeat them – John Aycock • Malware can be ethically and artistically designed – And others • Teaching malware is a public good

  5. Ethical Problems in the Study of Malware • Human Subjects – “No worse off” – Problems with IRB • Malware and Information Ethics – Recording data and informed consent – Communicating dangerous findings – Synthesizing or acting on data in unethical ways

  6. CASE STUDY—A COURSE IN MALWARE ETHICS

  7. Rationale • Traditional computer ethics – Some help here • Medical ethics – Some help also but mostly it is too specific to medicine • We must rethink ethics SSU computer science student Ben Corr demonstrates for for the milieu of fellow students his project, which attempts to bypass security and gain access to a computer set up in class. (MARK ARONOFF / PD) malware http://www.pressdemocrat.com/article/20070522/news /705220312

  8. Basic Ethics Concepts Taught • Start with ACM Code of • Some of my influences (In no Ethics particular order of importance ) – But malware research quickly contradicts these rules • Greatest hits in ethics James Moor John Dewey Deborah Johnson – Utilitarianism – Deontology – Human rights – Unified common goods Mario Bunge approach of James Moor Luciano Floridi – Virtue ethics – Information ethics Charles Ess Terrell Ward Bynum And many more…

  9. Virtues in Security • Virtue is culturally • Some of my influences in dependent this area – What are virtues in the security community? • Professional virtues • Software virtues – CIA » Confidentiality Mariarosaria Taddeo Shannon Vallor » Integrity » Availability • We critique – Firewall illusion – Data level security – Personal encryption – Cyberwarfare ethics

  10. Ethical Hacks Students are not treated as passive • receptors of ethical thought – Active agents creating new ethical norms – Building ethical commitments to each other and society – Therefore we focus on personal motivations – Personal codes of conduct are more important and decisive than any institutionally produced code of ethics Assessments • – Discussion and reflection Student Lincoln Peters sits at the helm of a closed network of four operating – Quizzes systems which are used to test malware – Ethical warrants analysis on projects he has designed. Photo by Roger Mamer. – Personal ethos statement http://www.sonoma.edu/insights/archi ve/08fall/malware_class.shtml

  11. Conclusions • Must not overlook ethics in malware research • Teach ethics early on • Focus on special challenges of malware research • Keep it personal • We are an example of a successful implementation of these Student Mike Drew demonstrates the workings of a ideas "Honeypot," a system on the Internet that is expressly set up to attract and "trap" people who attempt to penetrate other people's computers. http://www.sonoma.edu/insights/archive/08fall/malware_class. shtml

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Automatically Evading Classifiers A Case Study on PDF Malware Classifiers Weilin Xu

Automatically Evading Classifiers A Case Study on PDF Malware Classifiers Weilin Xu

Automatically Evading Classifiers A Case Study on PDF Malware Classifiers Weilin Xu David Evans Yanjun Qi University of Virginia Machine Learning is Solving Our Problems Fake Fake Spam IDS

1.07k views • 34 slides
How does Malware Use RDTSC? A Study on Operations Executed by Malware with CPU Cycle Measurement

How does Malware Use RDTSC? A Study on Operations Executed by Malware with CPU Cycle Measurement

How does Malware Use RDTSC? A Study on Operations Executed by Malware with CPU Cycle Measurement Yoshihiro Oyama University of Tsukuba 1 Background Many malware programs execute operations for analysis evasion Detection of

346 views • 31 slides
What is ethics case consulta/on? Ethics Case Consulta/on (ECC) A service and a prac/ce staffed

What is ethics case consulta/on? Ethics Case Consulta/on (ECC) A service and a prac/ce staffed

What is ethics case consulta/on? Ethics Case Consulta/on (ECC) A service and a prac/ce staffed by the Lake to support pa/ents, families, and health care teams facing ethical issues What are ethical issues? Ethics Case Consulta/on Unresolved

499 views • 22 slides
Strong vocational education a safe way to the labour market? A case study of the Czech

Strong vocational education a safe way to the labour market? A case study of the Czech

Strong vocational education a safe way to the labour market? A case study of the Czech Republic Jana Strakov Institute for Research and Development of Education, Charles University in Prague jana.strakova@pedf.cuni.cz ET 2020

245 views • 23 slides
Case study 2 Case study 2 Case study 2 Case study 2 Former Industrial Site, London: How has

Case study 2 Case study 2 Case study 2 Case study 2 Former Industrial Site, London: How has

Case study 2 Case study 2 Case study 2 Case study 2 Former Industrial Site, London: How has innovation helped to produce a cost effective remedial design? Challenging contaminant profile Taken a traditional / well understood remedial

910 views • 4 slides
Poverty Research and Poverty Policy A Case Study of the Interaction of Poverty Policy and Social

Poverty Research and Poverty Policy A Case Study of the Interaction of Poverty Policy and Social

Poverty Research and Poverty Policy A Case Study of the Interaction of Poverty Policy and Social Science Research Robert Haveman University of Wisconsin-Madison Melbourne Institute Conference on Childhood, Education and Welfare: Research and

365 views • 18 slides
Data ethics Data ethics is the study and evaluation of Data ethics data problems related to

Data ethics Data ethics is the study and evaluation of Data ethics data problems related to

Data ethics Data ethics is the study and evaluation of Data ethics data problems related to data, algorithms, and generation, recording, curation, processing, dissemination, sharing, & use to formulate Studies & & support

72 views • 6 slides
Enhancing Mobile Malware: an Android RAT Case Study BSIDES VIENNA 2014 November 22 About Marco

Enhancing Mobile Malware: an Android RAT Case Study BSIDES VIENNA 2014 November 22 About Marco

Enhancing Mobile Malware: an Android RAT Case Study BSIDES VIENNA 2014 November 22 About Marco Lancini Security Consultant, CEFRIEL @lancinimarco Roberto Puricelli Security Consultant, CEFRIEL @robywankenoby 2 Introduction Intro

870 views • 35 slides
Research Ethics Workshop A practical workshop on how to complete a human research ethics

Research Ethics Workshop A practical workshop on how to complete a human research ethics

Research Ethics Workshop A practical workshop on how to complete a human research ethics application Professor Nick Zwar Fairfield Hospital, NSW Workshop Program Introduction and reflections on experiences of ethics applications

450 views • 23 slides
Ethics in Education August 201 6 BPS Code of Ethics As an employee of Brevard Public

Ethics in Education August 201 6 BPS Code of Ethics As an employee of Brevard Public

Ethics in Education August 201 6 BPS Code of Ethics As an employee of Brevard Public Schools, we are all bound to a common code of ethics to the extent there is no conflict with any laws, rules or governmental regulations. The BPS

542 views • 31 slides
On the relative importance of training in research ethics Insights from a Norwegian study

On the relative importance of training in research ethics Insights from a Norwegian study

On the relative importance of training in research ethics Insights from a Norwegian study Helene Ingierd, Laura Drivdal, Ingrid Torp Project members: Johannes Hjellbrekke, Matthias Kaiser, Ole Bjrn Rekdal, Heidi Skramstad The Norwegian System

504 views • 11 slides
Ethics and Research Integrity Department of Government London School of Economics and Political

Ethics and Research Integrity Department of Government London School of Economics and Political

Ethics Ethics at LSE Ethics and Research Integrity Department of Government London School of Economics and Political Science Ethics Ethics at LSE 1 Ethics 2 Ethics at LSE Ethics Ethics at LSE 1 Ethics 2 Ethics at LSE Ethics Ethics at LSE

1.15k views • 29 slides
Applied Case Studies in OEHS Ethics Paul A. Zoubek, CSP , CIH Zoubek Consulting, LLC

Applied Case Studies in OEHS Ethics Paul A. Zoubek, CSP , CIH Zoubek Consulting, LLC

Applied Case Studies in OEHS Ethics Paul A. Zoubek, CSP , CIH Zoubek Consulting, LLC paul@zoubekconsulting.com 619-677-8682 December 9, 2015 1 Agenda Review Code of Ethics & Ethics Definitions Code of Ethics & Ethics

954 views • 49 slides
Research ethics one size fits all? Professor Tim Bond 2 Research ethics in difficulty?

Research ethics one size fits all? Professor Tim Bond 2 Research ethics in difficulty?

Research ethics one size fits all? Professor Tim Bond 2 Research ethics in difficulty? Biomedical researchers encumbered with over complex, bureaucratic, inconsistent and slow ethical and governance requirements (Rawlins Report

771 views • 30 slides
Ethics, IRBs, and Network Research Why we need to think about ethics i in our projects j New

Ethics, IRBs, and Network Research Why we need to think about ethics i in our projects j New

Ethics, IRBs, and Network Research Why we need to think about ethics i in our projects j New York Times SEP 08, 2001 S h l Scholar Sets Off Gastronomic False Alarm S t Off G t i F l Al By JOHN KIFNER When Jean-Claude Baker, the owner

273 views • 25 slides
Research Ethics Consultation Services Implementation Strategies for Ethics Integration Purpose

Research Ethics Consultation Services Implementation Strategies for Ethics Integration Purpose

Research Ethics Consultation Services Implementation Strategies for Ethics Integration Purpose of RECS Our model of research ethics consultation has the overall goal of maximizing the benefits and minimizing potential harms of research

192 views • 15 slides
The Value of True Belief Nathan Oserofg Kings College London Third Annual OZSW Philosophy

The Value of True Belief Nathan Oserofg Kings College London Third Annual OZSW Philosophy

The Value of True Belief Nathan Oserofg Kings College London Third Annual OZSW Philosophy Conference, Vrije Universiteit Amsterdam nathan.oseroff@kcl.ac.uk I fjnd the most joyful delight in unraveling a nice, complicated knot. And it

227 views • 18 slides
MENTORI NG, EMPOW ERI NG, AND VALUI NG OTHERS Leadership on Demand AGENDA Taoist Mentoring

MENTORI NG, EMPOW ERI NG, AND VALUI NG OTHERS Leadership on Demand AGENDA Taoist Mentoring

MENTORI NG, EMPOW ERI NG, AND VALUI NG OTHERS Leadership on Demand AGENDA Taoist Mentoring and virtues Empowering and virtues Valuing others Practicing gratitude MENTORI NG What is mentoring? A developmental

616 views • 13 slides
Ten Virtues of Structured Graphs (or why structured graphs can be better than flat ones) Roberto

Ten Virtues of Structured Graphs (or why structured graphs can be better than flat ones) Roberto

Introduction Styles for Visual Support Dynamics ADR Concluding Remarks Ten Virtues of Structured Graphs (or why structured graphs can be better than flat ones) Roberto Bruni also based on join work with F. Gadducci, A. Lluch-Lafuente, U.

904 views • 86 slides
Come to me, all who are tired from carrying heavy loads, and I will give you rest. Matthew

Come to me, all who are tired from carrying heavy loads, and I will give you rest. Matthew

Come to me, all who are tired from carrying heavy loads, and I will give you rest. Matthew 11:8 Are you tired? Worn out? Burned out on religion? Come to me. Get away with me and youll recover your life. Ill show you how to take

487 views • 21 slides
Announcements If you didnt get an email confirmation that I received your referee report, let

Announcements If you didnt get an email confirmation that I received your referee report, let

Announcements If you didnt get an email confirmation that I received your referee report, let me know The empirical project is due April 14th at 5pm Pay attention to what each part is asking for (tables, figures, amount of explanation, etc.)

587 views • 30 slides
Contents 1 The virtues of first order categoricity in power 1 2 Axiomatization vrs

Contents 1 The virtues of first order categoricity in power 1 2 Axiomatization vrs

Outline Contents 1 The virtues of first order categoricity in power 1 2 Axiomatization vrs Formalization 3 3 First Order Logic/Formalization as a Mathematical Tool 5 3.1 Classes of Theories . . . . . . . . . . . . . . . . . . . . . . . .

459 views • 9 slides
ETHICS - CAN and SHOULD are Two Different Things Our Time Together WHY we speak about

ETHICS - CAN and SHOULD are Two Different Things Our Time Together WHY we speak about

ETHICS - CAN and SHOULD are Two Different Things Our Time Together WHY we speak about ethics in the insurance industry Why focus on ETHICS and not Morality A brief history of Ethics To whom do we owe Ethical decisions?

883 views • 51 slides
EMPOWERED Achieving Extraordinary Results with Ordinary People Marty Cagan, Silicon Valley

EMPOWERED Achieving Extraordinary Results with Ordinary People Marty Cagan, Silicon Valley

EMPOWERED Achieving Extraordinary Results with Ordinary People Marty Cagan, Silicon Valley Product Group Product Discovery A rapid series of experiments , primarily using prototypes, that enable us to discover effective solutions to the problems

525 views • 27 slides

More recommend