May 09, 2007

Innovative Course Leads Students Through Dark World Of Computer Security

From fork bombs to worms to viruses called Cookie Monster, computer science students at Sonoma State University are exploring the world of "malicious software" this semester thanks to a new course.

By cautiously confining a single computer network on campus to a small mobile cart with four computers running on different operating systems, professor George Ledin is teaching students about the dark world of computer viruses.

In a course about "malware," students are learning the intricacies of how computer viruses are constructed in much the same way biology students learn about the intricacies of bacterial organisms and other life forms that cause disease.

Ledin hopes to create a new career path for CS students who can join the ranks of computer security professionals to protect from the perils of cyber attacks.

In the brightly lit CS lab in Darwin 25, one of Ledin's students, Dan Fogle, shows how a not-so-cuddly Cookie Monster works, persisting in its demands for a cookie (an imaginary digital biscuit,) and, if denied the treat, activating hidden commands that cause the machine to be crippled.

Although the concepts are not new, students, such as Fogle, have been able to write the malware themselves and lead the class to a better understanding of how some viruses can alter and destroy the machine's operating system registry.

The viruses written by the students work undetected by all antivirus software, and they crash not only all previous operating systems, such as Windows 98, Windows 2000, and Windows XP, but also the newest one, Vista.

That same day another student, Lincoln Peters,demonstrates the workings of his "fork bomb," an utterly simple but extremely annoying and potentially deadly code segment that fills up the computer screen with a never ending proliferation of windows.

The goal is for students to use their knowledge of the "dark side" of programming to build future computer systems that are better equipped to guard against and even combat these malicious programs.

Learning about viruses and malware is like learning a martial art. One has to learn how to attack in order to develop an effective defense, says John Sullins, a philosophy professor who is working with Ledin on the ethics of the course.

"Ledin's class provides students with an uncommon opportunity to learn, not only how to react and defend against malicious computer programs, but also how they are used and the logic behind their construction."

"Ledin is like a sensei in a virtual dojo, he not only instructs his students in the nuts and bolts of the creation of malicious software, but he also guides their understanding of when one should, and shouldn't, use the skills they are learning in his class."

Sullins says this gives the students an increased ability to protect themselves, their friends and family, and their employers from the harm that malicious software can do.

The malware course is based on the ethical arguments presented by Ledin in his widely disseminated editorial, published in the January 2005 issue of the Communications of the Association for Computing Machinery, the worldwide society of computer scientists and computing specialists.

It is essential, Ledin argues, that computer scientists know malware as intimately as life scientists know biological viruses, bacteria, parasites, and other disease-causing micro-organisms.

"We cannot afford to wait for the computer equivalent of 9/11 to learn what the bad guys were doing. Not teaching viruses and worms is a prescription for disaster," he says.

Jean Wasp
Media Relations Coordinator
University Affairs
(707) 664-2057