Running Head: COMPUTER SECURITY

COMPUTER SECURITY: Safety in Cyberspace

Brianna Besinaiz
Ocean Lakes High School

Running Head: COMPUTER SECURITY

Executive Summary
My capstone project consisted of attending a cyber security workshop for 60 hours, and
then performing a mentorship for 40 hours. The cyber security workshop was at Norfolk State
University, and was mostly led by Dr. Jonathan Graham. Dr. Graham is the head of the computer
science department at Norfolk University and specializes in cyber security. This field is defined
simply as methods taken to protect a computer or computer system (as on the Internet) against
unauthorized access or attack. Therefore, the field is very diverse in professions, but one
profession that peaked my interest was Information Security Specialist. To hold a career in this
profession, an individual must acquire a Bachelors Degree and five years of work experience in
a related field.
For the other part of my capstone project, I performed a mentorship at the Department of
Technology of Virginia Beach Public Schools, under the guidance of Mary McElligot who is a
System Administrator at the Plaza Annex in Virginia Beach. Her job responsibilities in computer
imaging includes packaging the school updates to push to the computers, helping to resolve
technological glitches, and staying on top of the organization of the computers. In the field of the
network and computer systems administrator, an individual will need a Bachelors degree
information systems, information technology, computer science, or some other related degree to
enter the field. No prior experience in the field is needed.
During my project, I performed different activities at each experience. For the cyber
security workshop, I looked at how to hack into systems, create viruses, and computer forensics.
In my mentorship at the DOT, I helped to image the computers in order to get them ready for
students in the upcoming school year. I found it appropriate to start off my first case study with
computer languages since they are the foundation of interfacing with the hardware of computers.
In both the workshop and mentorship, a computer language was used in order to allow users to
utilize the computers features.
The second case study deals with data storage and security. In the workshop, there were a few
discussions on various ways to store data and how to maintain security on a users personal files.
I feel that a case study speaking on information security is necessary since cyber security mainly
consists of keeping computer data safe from prying eyes. In my third case study, the focus shifted
to the different forms of cybercrime in society. During the workshop, I examined ways to hack
into a computer, create a virus, and how to secure myself from hackers. With these being such
pivotal blocks in cyber security, it is crucial to cover such information.
Although I did not dedicate any case studies to my mentorship at the DOT I still found my whole
experience interesting. The process of imaging computers can keep an individual busy all day,
but does not offer a significant amount of material to perform a whole case study on. In all, in
both my experiences I found myself very much intrigued in the technology field. I enjoyed the
combination of the responsibilities of monitoring computer networks to protect from intrusions
and ensuring that the computer systems were up to date for future use. Both these experiences
have helped to guide me in a career path based in cyber security.

Running Head: COMPUTER SECURITY

Computer Programming Languages

Computer languages, also known as programming languages, have existed since the mid1800s. By definition, A programming language is a special language programmers use to
develop applications, scripts, or other set of instructions for computers to execute1. These set of
instructions have evolved tremendously overtime from doing arduous math calculations to
becoming the fundamental building blocks of modern world applications.
The definitions of computer languages seem simple, but the languages themselves are
complex in nature and not very human friendly. In the computer world, two types of languages
exist: low level and high level. Low level languages are mainly used for direct communication
with a computers components. This type of language usually consists of binary code of 1s and
0s. The second type of language is high level language which provides a more human friendly
experience by using letters and symbols for programming instructions. A majority of this paper
will focus on high level computer languages.
Before delving in to high level, one must first observe the low level languages. As
mentioned before, low level deals with binary code. In my mentorship experience, binary code
was one of the more explored topics. Binary consists of 1s that tell the computer to turn on a
certain aspect and of 0s, which tell it to turn off a certain aspect. Binary is useful since
computers store memory in tiny capsules called bits. There are a total of 8 bits that make up a
byte. Every character on a screen uses a byte of memory. Take for instance the letter B. The
user sees it as just B but the computer sees it as 110000101. With the many combinations of
endless streams of code, it can become quite easy to make a mistake in translating the computer
code from binary to characters or vice versa2.

Running Head: COMPUTER SECURITY

To avoid translational mistakes, binary code is translated to hexadecimal for human use2.
Hexadecimal involves the combination of numbers and letters to represent the binary code of a
letter. During my mentorship, an activity involving the translation of my name into binary code
was done. I first looked up the letters of my name on an ASCII chart, which gives the
hexadecimal values. My first name (Brianna) was spelled as 42 72 69 61 6E 6E 61 in
hexadecimal. Now the next step was to translate it into binary, which resulted in a much longer
string of 48 1s and 0s. During the translation, I found I performed a few easy mistakes by
misplacing a 1 or 0. Unlike hexadecimal, the spaces, between the sequences of numbers, are not
allowed; so it becomes quite easy to misinterpret a certain symbol in binary. This is the main
reason why most computer programs are not created in low level language. In addition, low level
languages are closely associated with mechanical and assembly languages. Mechanical language,
as explained before, use only the 1s and 0s while assembly language possess a little more
sophistication.
The purpose of an assembly language is to help to translate binary code into a more
usable form. In any case, both languages require a vast reservoir of the computers architecture
since every computers mechanical and assembly language are created specifically for the
computer model it operates on. The benefits of using assembly language is the use of
placeholders. A user may type in words or phrases such as write add pay, total instead of a
long string of 1s and 0s in order to give instructions to add two numbers together3.
To get around requiring an extensive understanding of the computers mechanics, high
level languages were developed. This type of language is more closely related to human
languages, since words and symbols are used to replace the binary text of 1s and 0s. However,
high level languages still require knowledge of programming to utilize them. The benefits of

Running Head: COMPUTER SECURITY

high level languages is their gravitation farther away from machine language and not requiring
complete dependence on the machine itself to operate. A majority of computer languages, such as
C++, Java, Python, and Ruby still currently operate on the use of high level languages4.
History
The first computer language originated in 1843, by Augusta Ada countess of Lovelace4.
Originally the language was intended for the Analytical Engine which was more of a mechanical
computer3. The analytical engine was crafted by Charles Babbage who was an advanced
computer engineer in his time. From 1834-1836, the analytical engine was created as a computer
that relied on the motion of parts such as gears, levers, or switches in order to function.
Babbages intended purpose of the computer was to solve virtually any type of mathematical
problem, provided the operator gave it instructions on how to do it5. The major innovation came
when Ada Lovelace, Babbages friend and an accomplished mathematician herself, added
additional commentary notes to an article Babbage previously published on the workings of the
analytical engine. These notes helped to significantly double the article and served as the
foundation blocks for the first programming languages3.
The next step in computer evolution did not come until the early 1950s when assembly
languages were introduced. Later on in the late 1950s a major breakthrough came when the high
level language of Fortran, Cobol, and Lisp were brought onto the platform6. These languages are
considered the oldest computer languages still in use today and are mainly used for
supercomputing4. In a specific breakdown, each language serves different purposes: Fortran for
scientific computation, Cobol for business data processing, and Lisp for symbol processing6. In
addition, a little known fact is that Grace Hopper, a lady with a PhD in mathematics, developed
the Cobol language7. Cobol played a significant role in programming history and matured to

Running Head: COMPUTER SECURITY

become the most popular programming language for many years. In all, the fundaments that
enabled these languages to gain such notoriety was that they offered a more concise and easier
process of writing code6.
Foundation Languages
A few decades later, in the 1970s the C language was born. C served as the basic building
blocks for all other successor languages. It was developed in 1972, by Dennis Ritchie in Bell
laboratories. The language has few key words but lends itself to the writing of programs that
function on a low level, such as operating systems, spreadsheets, and word processing. The
language was great for the Unix operating that became popular in the 1970s8.
In the summer workshop, I explored the Unix operating system. In general, an operating
system is software that tells the hardware how to function. Each operating system (OS), for
example Unix, Linux, Microsoft, and Mac OS, vary by function and the Graphical User Interface
(GUI). The GUI is basically the software the user sees on the screen in order to interact with a
computer. Unix features a plain GUI of a command prompt screen to give the computer
commands. For this reason, I prefer the Linux design since it offers more than just a command
prompt but still retains the simplicity of the Unix OS commands.
Moving on with the evolution of languages, C++ emerged after C. This language,
developed by Bjarne Stroustrup in 1983 was also created with Bell laboratories4. The language
still carried the main assets of C but also offered object oriented programming. In essence, object
oriented programming simplifies the programming process by not having to recreate a part of a
program if one of its components become altred9. It also featured classes, virtual functions, and
templates9 which help to aid in the simplification of coding.

Running Head: COMPUTER SECURITY

The next major language was Object Oriented Extension of C10 which was developed
for the Mac OS. The language originated in 1983 in the Step Stone laboratories by Brad Cox and
Tom Love4. This language copies many aspects of C but offers a more simplistic and user
friendly approach to programming11. One main difference is that it allows the user to post pone
finalizing certain programming decisions until the program actually starts running12. In addition,
it also allows the construction of sophisticated development tools to monitor, intervene, and
reveal the underlying structure and activity of Objective-C applications12. In common terms, the
language gives the programmer more flexibility and power when it comes to writing programs
for apps.
Modern Day
After Objective-C came Java which holds the title as a universal programming
language for its ability to be interpreted by many computers13. Java was created in 1995 by
James Closing by Sun Mircosystmes.4 The program features object orientation and also acts as
an extension of C and C++13. It is widely used by the Web for its flexibility in changing
appearance on the web, creating reports about the site, and sharing information between
databases13. One aspect that truly sets Java apart from C and C++ is the fact that the language has
applets. Applets are small applications designed to run within another application but cannot
be run directly by the operating system14. Java applets are designed to run only when the Java
program is present but does offer more versatility and features14. The main use of Java today is
used for network programming, web applications, software, and GUI4. A majority of Android OS
apps are created using the Java language.
Another more important programming language is JavaScript. Technically, JavaScript did
not start out as a computer language; but as time progressed, the script evolved into a language of

Running Head: COMPUTER SECURITY

its own. JavaScript was created in 1995 by Brendan Eich4. It was created with the purpose to
create dynamic webpages and is unrelated to Java.4 Dynamic webpages allow users to have
more interaction with the web such as filling out and submitting forms. Basically, JavaScript
enables the browser to follow a set of instructions to make changes within a browser window
based on site-user input. 14 When used with applets, it enhances its features by adding more
interactivity. An example would be taking a multiple choice quiz where the chosen answers are
compared with the correct answers stored in the script.14
Future Development
Although many advances in the programming history have been made, there are still
many bounds that can be achieved. Currently researchers are exploring more exotic forms of
languages involving speech, gestures, pictures, and templates.6
The engineers as Google have made a major dent in advancement by way of their Dart
language in 2011. Google believes that JavaScript is irreparably flawed and therefore hopes Dart
will replace JavaScript as the new mainstream computer language of the web15. Currently,
JavaScripts main flaw is its slow load and run time which becomes especially noticeable on
mobile devices16. With Dart, Google hopes to create a language that produces higher efficiency in
performance particularly with the use of apps, simple enough for programmers to use, and have
the support necessary to take on large projects15. With these goals in mind, Google plans to
revolutionize Dart as the new mainstream computer language.
With so many new innovations to technology, it still is intriguing that spoken computer
languages have not evolved yet. The key reason as to why spoken languages have not occurred is
because the nature of programming is text based.17 Computer languages were based on the
principles to operate based on rigid text input, not by the fluidity of human language. Therefore,

Running Head: COMPUTER SECURITY

in order to see any big breakthroughs, the whole dynamics of computer language would need to
be reassessed and changed. However, overall, computers have come a long way from displaying
long strings of numbers to implementing more human like tendencies.

Running Head: COMPUTER SECURITY

10

Cited References
1. Computer Hope [Internet]. Riverton (UT):; c1998-2014. What is programming
language?; [cited 2014 Oct 21]; [about 1 screen]. Available from:
http://www.computerhope.com/jargon/p/proglang.htm
2. Graham, J. (2014, June 30). Intro to computer forensics. Address at Robinson building,
Norfolk State University, Norfolk, VA.
3. Hemmendinger, D, Encyclopedia Britannica Online [Internet]. Chicago (IL):; c2015.
Computer programming language: [modified 2014 January 12; cited 2014 Oct 20]; [about
6 pages]. Available from: http://www.britannica.com/EBchecked/topic/130670/computerprogramming-language
4. DeAngelis G, Bianco D, Computers: processing the data. Minneapolis (MN): Oliver
Press; 2005
5. DuPaul N, Veracode. [Internet]. c2006-2015. The history of programming languages
infographic; [modified 2013 Apr 15, cited 2014 Oct 19]. Available from
http://www.veracode.com/blog/2013/04/the-history-of-programming-languagesinfographic/
6. Aho AV. 2004. Software and the future of programming languages. Science
303(5662):1331-3.
7. Vining M. 2012. Grace hopper and the invention of the information age. Technology and
Culture 53(2):516-7.
8. Storey, P, Grolier Online [Internet]. Scholastic Inc. c2014. C (computer language); [cited
2014 Oct 14]. Available from http://gme.grolier.com/article?assetid=0047741-08

Running Head: COMPUTER SECURITY

11

9. Vineger, B Webopedia [Internet] (n.d.). Object-oriented programming. Webopedia.com.

Retrieved October 24, 2014.
10. Evolution of Programming. (2012, January 6). PC Quest.9 redo
"Evolution of Programming." PC Quest 6 Jan. 2012. General OneFile. Web. 18 Jan. 2015.
11. Developer.apple.com,. (2014). Programming with Objective-C: About Objective-C.
12. Support.apple.com,. (2012, February 18). C++ Versus Objective C. Retrieved 24 October
2014.
13. Developer.apple.com..(2010, November 15). Why objective-c?. Retrieved 24 October
2014.
14. Java (computer language). (2014). Grolier Multimedia Encyclopedia. Retrieved October
24, 2014
15. Claburn T. 2011. Google aims dart to kill JavaScript. Informationweek - Online .
16. Claburn T. 2011. Google launches dart programming language. Informationweek - Online
.
17. Gordon, B. (n.d.). Developing a Language for Spoken Programming. Retrieved October
24, 2014

Running Head: COMPUTER SECURITY

12

Data Storage and Security

Society lives in a world of data. Basic events, functions, and communications all use a
medium of computer interactions. As computers have risen to the surface of daily functions, so
has the necessity for larger and more secure data storage. The confidentiality of storing ones
information digitally has become increasingly harder to maintain. This paper will focus on
popular ways and places to store data as well as the level of security in which it can be stored. It
will also delve into the possibilities of recovering discarded data and how to safeguard against
that.
Background
As mentioned in the previous case study, computers store data using the binary system of
1s and 0s. As electricity flows through the on and off switches, they form units of memory
called bytes1. The computer intern recognizes the certain patterns of bytes and translates them
into characters that are seen on the computer screen. Data can be stored on a platform of devices
such as hard drives, flash drives, and even in the cloud which is becoming more popular.
However, with all the vast ways to store data it is hard to tell the most secure and efficient device
to store data on.
Storage
On a computer, there are two ways to store data, either on the Random Access Memory
(RAM) or Read Only Memory (ROM). RAM can be stored on a RAM card located in the
computer and has a volatile nature. Volatile memory means that a memory cache is made
available while the computer stays on and runs; but when the computer is shut down, all the
memory stored gets deleted. On the other hand, a computer can store memory onto the hard drive
using ROM. This storage of memory stays on the computer until deleted. As a result, ROM can

Running Head: COMPUTER SECURITY

13

prove to be detrimental in keeping ones information secure, since once the computer writes to
the hard drive, it can become an arduous process to completely erase that information. The
process of erasing hard drive data will be covered later on.
Another popular way to store data is through cloud storage, which is a sub-category of
cloud computing. In the cyber security workshop, the benefits of cloud storage was briefly
discussed. This type of storage refers to saving data to an off-site storage system maintained by
a third party2. Data centers are the usual store house to hold the physical data banks of cloud
data. Often times, cloud companies will practice redundancy in which the same user
information is stored on different computers, in order to prevent loss of accessibility to data if
one of the data machines need to be repaired or become broken2. A main advantage of cloud
computing is the ability to access personal user information wherever as long as an internet
connection is available. In addition, in the workshop, Dr. Graham suggested that backing up
information via the cloud was the best storage method, since it eliminated the worry of a faulty
drive occurring or losing all ones information in at home disaster1.
Although there are several positive benefits to cloud computing, there are some
drawbacks. One problem is the limited bandwidth. This entails that if a user has a slow internet
experience then they may experience a delay or difficulties accessing or sharing their files3.
Another drawback is the debate over who owns the information. A circulating question amongst
companies and constituents is whether a users data still remains the users property once it gets
released over to a company2. Also, the next question that arises, is what happens to the users
information when a cloud company goes out of business. There still has not been any major
resolves to these questions, therefore cloud users should remain mindful of the company policies
for cloud use.

Running Head: COMPUTER SECURITY

14

After discussing some of the old and modern from of storing information, there have
been some shocking new advances. The main major innovation is storing data onto strands of
synthetic DNA. A DNA team was able to convert the bits of binary language of the 1s and 0s into
trits, which are 1s, 0s, and 2s. Then they translated the trits into As, Gs, Ts, and Cs which are
the first letters of the nucleic acids (adenine, guanine, thymine, and cytosine) that make up
DNA4.
The appeal of using DNA as a storage device arose because DNA machines will always
be an essential part in human society. Humans will always show a strong fascination for the
intricacies and secrets DNA possesses. In addition, DNA offers the potential to store information
for thousands of years if kept in a cool dark environment. Therefore, not only can DNA last a
long time, but it can store large amounts of data. The DNA team was able to store 750 kilobytes
on DNA strands which included: Watson and Crick's paper describing the structure of DNA, a
JPEG image, an mp3 excerpt of Martin Luther King Jr.'s "I Have a Dream" speech, all 154 of
Shakespeare's sonnets in text, and another text file containing a code used in the translation
process. Based on the sheer amount a strand can hold, DNA could possibly be the next method to
store extensive government records or library texts. In addition, some say that DNA storage
could take the place of the big bulky machines used to store the ever expanding cloud data that
has become so popular among digital users today4.
Deletion
Although there are a host of mediums to save, back up, and store information, the ability
to delete personal information is much harder. Take for instance when a user deletes a file from a
folder, it simply does not get erased. In the cyber security workshop, the discussion of deleting
files was explained by imagining a word document as a puzzle. As one types out the document

Running Head: COMPUTER SECURITY

15

and saves it, the picture of the puzzle is all put together. However, when a user decides to
delete the file, the document or puzzle gets scrambled up and is no longer easily recognizable
by the computer.1 The file is still present on the hard drive, but just not immediately accessible.
There are several methods that have emerged to aid in recovering a deleted file. One way
is through using computer forensics software. In the workshop, computer forensics took up a few
days of class discussion because of its importance. Computer forensics is the practice of
investigating and analyzing available, deleted, or hidden information on a media device that may
serve as evidence in a legal matter.1 I used a forensics software called Forensics Took Kit Imager
(FTK Imager) to analyze an image of a C drive. The main goal of analyzing the drive was to
uncover clues for a staged bank robbery forensics case. With the software, I was able to uncover
deleted files and emails, encoded information, secret code names, and agendas. The advantage of
using the FTK imager helped immensely to solve the robbery, especially since most of their
agendas and lines of communication were through the computer. The FTK imager software goes
to show that simply hitting delete on all the files on the computer will not actually delete the
files. It will only simply take the file out of plain site while noting to the computer that the space
is now free to write over on.
For information to get truly deleted, several steps need to be taken. First, note that a file
can remain unrecoverable if the computers ROM needs to use the deleted space for memory
storage. The computer needs to write a file of equal or larger size over the deleted file in order to
make it generally unrecoverable5. However, if this is not a viable option for a user, say if the
user plans to sell the computer, then outside software may be required to delete such sensitive
information. There is a vast array of software out there that can do the job, but some can be better
than others. The function of the software is to go over the data already present with random

Running Head: COMPUTER SECURITY

16

data6. Passing over the data multiple times can help to ensure heavier protection from being
recovered. Conversely, although using software to cover information may be great for the
average user, higher security measures may be needed for more private information such as
government computers. The act of physically destroying the hard drives, whether it be by
smashing, grinding into a powder, or even melting them may be necessary to protect such
information6.
On the other side of the spectrum of storing personal information, one has to deal with
the digital footprint left behind from online use. A users footprint can either showcase a
positive side of themselves or an extremely negative side. For users who are trying to get rid of
the negative footprints, there will never be a way to simply delete the information from the face
of the internet7. Instead, users can opt to pay a company to put the bad material more towards the
bottom of search engines results lists7. If the user shows more persistence in having the bad
information disappear, then they can try going to the source and requesting that it be removed.
There is no guarantee the request will be granted.
However, a breakthrough in deleting bad history from the internet will possibly come into
effect in 2015. A Californian bill proposes to give teens a redo button of their digital lives. It
suggests that big social media networks such as Facebook, Tumblr, and Twitter offer a way to
permanently delete all text, videos, and photos from their sites. This bill is only available to teens
who have reached the age of 18, but this step into offering ways to delete such information helps
to add in erasing a users digital footprint. Do not be fooled though, somewhere, someplace in
cyberspace the information may still lurk. At least the negative information will not be the
topmost readily available information when a future employer decides to run a check on the type
of individuals looking to be hired8.

Running Head: COMPUTER SECURITY

17

Security
With all these possibilities on how to store information, there have been a high levels of
security measure set in place to keep prying eyes away. In ordinary desktop and laptop
computers, many users carry some form of anti-virus software to avoid getting hacked or
contracting a virus. In the cloud, to keep information safe, administrators will use a combination
of encryption, authentication, and authorization. Encryption uses a complex algorithm to encode
the information. Although it may be possible to crack the code, most hackers do not have access
to the power resources needed to decrypt the information. The next precautions are
authentication which is creating a username/password to log in, and then authorization which
allows the user to pick who can access the information stored on the cloud.2
To take security to another level, one can make their identity more secure. One way is by
creating multiple identities on the internet and using those identities to sign up for various
accounts. The key to this method is still having your full name present but fabricating a different
reality for each identity that may seem similar to the truth but is not the truth7.
Conclusion
The world of technology offers many ways to store technology. The main problem faced
with todays society is the issue of having enough room to store a users videos, music, and other
personal files all while maintaining confidentiality of the information. As discussed in the paper,
DNA strands offer an impactful solution in storing large amounts of data into small storage
packets, but this does not touch bases on security. A user can install various types of anti-virus
software and still find that their data was hacked. In essence, to ensure security, it goes back to

Running Head: COMPUTER SECURITY

the basic principal of not giving personal information out to everybody and being mindful of
what gets posted to the Internet.

18

Running Head: COMPUTER SECURITY

19

Cited References
1. Graham, J. (2014, June 30). Intro to computer forensics. Address at Robinson building,
Norfolk State University, Norfolk, VA.
2. Strickland, J. Cloud computing [Internet]. Place: HowStuffWorks.com; c.2008 April 30.
2008. HowStuffWorks.com. How cloud computing works?. [cited 2014 November 4]; [about
5 p.]. Available from http://computer.howstuffworks.com/cloud-computing/cloud-storage.htm
3. Beal, V. Cloud storage [Internet]. Webopedia. Benefits and disadvantages of cloud
computing. [cited 2014 November 3]; [about 1 para.]. Available from
http://www.webopedia.com/TERM/C/cloud_storage.html
4. Ehrenberg, R. (2013, Feb 23). DNA could soon prove practical for long-term data storage.
Science News, 183, 5-6. Retrieved from http://search.proquest.com/docview/1316091058?
accountid=3785
5. Dart, A. akdart.com. c. 2014 July 28 [cited 2014 November 3]. Available from
http://www.akdart.com/priv9.html
6. 'Delete' not finish and klaar. (2011, Aug 10). The Mercury Retrieved from
http://search.proquest.com/docview/882453940?accountid=3785
7. "How to fight back against privacy pirates; You can't delete digital data, but you can mask
your Internet identity." Network World 7 May 2012. Computer Database. Web. 27 Oct. 2014.
Document URL http://go.galegroup.com/ps/i.do?id=GALE
%7CA288834778&v=2.1&u=va_s_128_0960&it=r&p=CDB&sw=w&asid=0901b35e96331
065eafe76410d73eb22Dent G. 2013. Kids of today are lucky to be able to erase youth.
Belfast Telegraph;24.
Cybercrime
Every week, there seems to be a new cyber terror on the rise. Often around the holidays,
newsgroups warn citizens to protect their phones, monitor their checking accounts, and be wary
of credit card scams. With much of our daily lives orbiting around electronic devices, the

Running Head: COMPUTER SECURITY

20

information on them has become invaluable. This predicament has led to malicious users
abusing this reliance on devices by trying to gain unauthorized access into such devices.
Mostly when the topic of cybercrime is broached, individuals automatically think of
hackers infiltrating computers, while discounting the role of crackers. In cybercrime there is a
difference between hackers and crackers. Hackers are the good guys since they use their talents
in a positive manner to help develop innovative ways to alter how computers operate. Crackers
on the other hand have malicious objectives to steal and erase user files, obtain banking
information, and vandalize web pages. Often times, the media confuses the terms since hacker
is more commonly known and usually carries a connotation of invading a users personal
information. For the purposes of this paper, to refer to an individual with a malicious intent,
malicious hacker or cracker will be used1.
History
The first incidents of hacking originated back in the 1970s by way of phreaking.
Phreaking originated from curious individuals hacking into the ambiguous phone companies.
Individuals found the phone companies interesting since little information was known on how
they operated. Through phreaking, individuals learned how the telephone network operated,
observed how calls were routed, and eventually picked up the techniques on how to make free
calls to other individuals. As time progressed, more phreakers began to turn their focus to
computers which transpired into them becoming the first hackers1.
At the early stages of hacking, the hacker world was largely unknown. Often times,
malicious hackers mainly consisted of disgruntled company employees looking for financial
gains or seeking revenge on another individual. In the 1980s, malicious hackers began to

Running Head: COMPUTER SECURITY

21

transition from single targeted attacks to expanding their scope to target large random groups of
individuals. It wasnt until the movie War Games, released in 1983, that hackers and crackers
gained mainstream focus. The movie depicted a teen boy, with immense skills around computers,
who was only looking for a few exciting computer games. Through his endeavors, he almost
caused a nuclear war. With the fascination of being able to hack and crack into computers, an
increased amount of teens looked into hacking. In a short span of time hackers gained worldwide
attention1.
Forms of Cybercrime
In cybercrime, there are several different ways a malicious hacker may compromise the
privacy of another user. The levels of severity can range from simply gaining access to personal
emails to destroying whole hard drives. The most frequently used method a users information
can be unlawfully accessed is through cracking into the system, distributing viruses, spreading
worms, and sending Trojan Horses. In addition, to make the most threat, any one of these
methods can be used in combination with each other or another method to form heavily
devastating blended threat2.
The whole fiasco of cracking into a system requires swift skills and patience. In the cyber
security workshop, I practiced the technique of cracking into a simulated computer system a
couple of times to find various information. The first time I cracked into a system, I used the
Unix operating system in order to view other users documents. The Unix operating system is
only comprised of a command prompt (CMD) which is a dialog box that allows the user to input
certain command lines to tell the system to execute certain tasks. Knowing command lines is
crucial for crackers since it allows them to navigate through the computer without having to
physically click on anything. While using the CMD, I was able to get into other users

Running Head: COMPUTER SECURITY

22

computers, see the documents they had created, and also was able to modify them. After peeking
into others documents, I transitioned into learning how to encrypt the documents so that no one
else could crack into them.
In addition, I cracked into another computer simulated system. The labs focus was to
crack into a someones personal computer and then embed a file all while using the Unix
operating system. In order prepare for the lab, various user accounts and passwords had to be
created. Once all of the components were ready, I used the password cracking software called
John the Ripper in order to get into the users accounts. Prior to the lab, I imagined the idea of
cracking to be a quick and easy process; however, in reality, it was an arduous and tedious
process. If one letter, symbol, or space in the command line is messed up then the command will
not execute. Also, one cannot simply crack into a system in a few minutes. Running a password
cracking software can require hours to days of effort, depending on the complexity of the
software. Therefore, to be a good cracker, one must pay attention to the details and know the
specific targeted information.
Cracking into a system is one of the more known cybercrimes, and viruses are usually
closely associated with it. A virus is a form of malware (malicious software) that by definition is
a program or code that replicates itself2 without any outside assistance3. Although a virus can
replicate on its own, it can only spread through human actions4. Viruses commonly spread
through a user unknowingly opening an infected file which then intern launches the virus code. .
Until outside intervention occurs, such as anti-virus software, the virus code will typically
continue to stay stored on the computers memory and keep on infecting additional files as the
user opens them2.

Running Head: COMPUTER SECURITY

23

Viruses may seem devastating, but worms prove to be one of the worst forms of malware.
Worms are a form of malware that replicates itself and infects files on a users computer system5.
Unlike viruses, worms can not only replicate but can also spread on their own without any
human interaction3. A worm primarily uses networks in order to spread itself. The worm first
originates from a malicious user creating the code and then running it. The worm can then spread
itself through the network by scanning random IP addresses to find other computers with security
vulnarabilities6. Once found, it then sends out a data packet to the computer in order to infect it.
When received, the worm can then steal or erase hard drive information, slow down pre-installed
programs, and even crash the infected computer5. In the process, it will scan the address books
and email lists on the computer to send itself out to more users and keep the cycle going4.
Worms truly pose a major threat in network security especially in recent developments.
Malicious coders have now turned to using a blended threat of Autonomous Logic paired with a
worm to cause a considerable amount of damage5. Autonomous logic is a type of software that is
capable of performing a certain function without needing human instructions to aid it along the
way. It can achieve this feat by learning from its environment to overcome obstacles and through
building a database of passwords to possibly use in future use5. The damage of this type of worm
is immense since it can destroy the computer system through changing all passwords, filling up
the computer memory to capacity, and most of all sending the computer into an infamous loop of
the Blue Screen of Death6. Although this is only one way an autonomous logic worm can cause
damage, there are a large number of other damage this type of worm can perform also. Malicious
coders now prefer this type of worm, as it offers to maximum potential damage to a certain host
all while minimizing collateral damage on other computers or sectors6.

Running Head: COMPUTER SECURITY

24

Lastly, the lesser used but still dangerous threat in cybercrime are Trojan horses. Trojan
horses live up to their name as they put up the facade of helpful software but are malicious code
in disguise7. Trojans are much more limited in their proliferation since they rely on first tricking
the user into downloading software and then triggering the installation process on a computer8.
Trojans spread commonly through web sites, email attachments, or by a malicious hacker
physically accessing a users computer8. Take for example a user, under an anonymous identity,
uploads free software that has an infected Trojan file attached. An unsuspecting user downloads
this software with the infected file and begins to run the program. At some point the Trojan will
be launched either in the initial stages of running the program or through a certain action. If the
user decided to share the infected software then the Trojan will have the opportunity to spread to
other computers8.
Even though Trojans are limited in spreading, there are a few levels of severity. One level
is joke Trojan Horses which simply perform annoying task such as warping a users computer
screen or playing an annoying sound when launched8. Joke Trojans are generally harmless and
are easy to delete8. A more serious type of Trojan is a destructive Trojan8. This type of Trojan
has an agenda to either wipe select data files or an entire drive8. Although the damage can be
immense, the spread of infection is limited since in the process of attacking the computer, it will
ultimately reveal itself. In addition, other types of Trojans have an objective to gain users
personal information by monitoring their key strokes to gain personal and banking information8.
In order for this type of Trojan to work, it must first trick the user into downloading certain
software, such as games or utilities, and then use spyware2 to collect personal information such
as usernames, passwords, and financial information7.
Safety

Running Head: COMPUTER SECURITY

25

Cybercrime has become a very prevalent technological issue in this last decade; however,
there are several basic guards to help prevent invasions. It is true that threats such as viruses,
worms, and Trojans have become craftier to evade anti-virus software. However, it is critical for
a user to stay updated across all platforms. The biggest protection is through keeping an up-todate antivirus security software. This entails having updated security enhancements as well as
having an updated virus definition database2. To bring optimal protection, configuring the antivirus system scan for updates for every few days will help to keep up with the continuously
emerging threats. In addition, users should keep an up-to-date operating system and Internet
browser to ensure that the computer does not become vulnerable to emerging cyber-attacks.
Furthermore, the typical user needs to exercise common sense while in cyberspace. For
one, the user needs to take precaution on what gets clicked. While viewing emails, follow the
common principles of not opening unknown or suspicious emails; since they could pose as a
launch pad for malware to infect the computer system9. Also, users should avoid clicking on
popups as they can bring a user to untrustworthy websites with malware waiting to infect the
computer10. Furthermore, users should get into the habit of creating complex passwords for their
accounts. A recent survey estimated that a typical user usually has nineteen online accounts, but
75% online users fail to create complex passwords9. To ensure complexity, it is suggested that
three separate words and a symbol be used to create more complexity9.
The last major tip for user safety is to not become frivolous with personal information.
Users need to take into consideration what gets posted on social media. From social media,
scammers and malicious hackers can easily build a profile of attack based on the information
gathered from a users social media account9. Also, another mundane precaution is to clear out
the cache in the browsers. Popups can store information on a browsers cache which can lead to

Running Head: COMPUTER SECURITY

26

them constantly popping up while surfing online10. Lastly, users need to exercise selectivity with
the groups in which they decide to share information. If the scenario seems to convincing to be
true, then it probably is just a setup.
Conclusion
From cyber threats involving viruses, worms, and Trojans to all the new emerging threats,
cybercrime will always have a foothold in a society. Malicious hackers will continue to come up
with ways to infiltrate and utilize the users information. With this knowledge, a user does not
need to stay fearful while living online. It simply puts the responsibilities on users to use
common sense when surfing the web and downloading files. There are a host of programs and
software to help protect against computer invasions. At the end of the day, it is up to the user to
exercise precautions for their computer system.

Running Head: COMPUTER SECURITY

27

Cited References
1. Knittel J, Soto M. The Dangers of Computer Hacking. New York (NY): Rosen Publishing
Group, Inc.;
2. Fleming WA. 2003. Viruses, worms, trojan horses, and other security vulnerabilities.
Inside NetWare: 6-7.
3. Szor, P. The Art of Computer Virus Research and Defense. Upper Saddle River (NJ):
Symantec Press; 2005
4. Beal, V. Webopedia [Internet]. Place (PL): Quinstreet Inc.; c2014. The Difference
Between a Computer Virus, Worm and Trojan Horse; 2014 October 28. [cited 2014
December 9]; [about 1 screen.]. Available from
http://www.webopedia.com/TERM/C/cloud_storage.html
5. Penn state; code defends against 'stealthy' computer worms. 2010. Computer Business
Week :21.
6. Johnston R. 2014. New approach needed to counter malicious software. National Defense
98(724):36-7.
7. J.D. BIERSDORFER. 2002. Trojan horses are programs that harbor code that's intrusive
or harmful. Milwaukee Journal Sentinel;0.
8. Wang W. 2001. Trojan horses 101. Boardwatch 15(1):150.
9. Jones H. 2014. How to avoid falling victim to cybercrime. Express (Online);.
10. Snelling D. 2014. Cyber attack: How to protect from devastating computer viruses.
Express (Online);.

Running Head: COMPUTER SECURITY

28
Reflection

Entering into the Math & Science Academy my freshman year, I did not expect to be able
to accomplish the feat of my 140 hour capstone project. In the beginning of my junior year, the
ball really started rolling. I knew I wished to do a project in the computer field, but I struggled
with finding the right connections to land a mentorship. My Information Technology teacher
suggested I work in an IT Department. With this idea in mind, I continued to hunt for mentorship
until I stumbled across the Department of Technology for Virginia Beach Public Schools. After
checking out the DOT, I decided this would be where half of my capstone project will be
performed.
At the DOT, I helped to image and update the computers for the students for the
upcoming school year. Computer imaging is basically setting up the BIOS of a computer,
installing the correct student settings, and pushing the schools updates so the computers can be
properly managed. Afterwards, the computers were checked to make sure the correct updates and
settings were put in place before they were released to the schools. Overall, during my
mentorship I learned how large organizations operate in an IT department. In all, I enjoyed
imaging the computers, since it was a dry cut pattern on how to do it. One downside was the fact
that sometimes it could get slow since the computers needed a little bit of time to update
themselves and apply the correct settings. It also became a little frustrating when the updates
would not work correctly and the process had to be restarted again.
In addition, the DOT only was half of my Capstone Project. I also attended a summer
workshop for cyber security at Norfolk State University. I found out about the workshop through
a friend, and also in the past I had already attended another workshop at NSU having to deal with
computers. During my time at the workshop, I thoroughly enjoyed the activities which involved:
steganography, password cracking, virus making, hacking into other computers, and computer
forensics. I especially liked computer forensics since it allowed me to apply the skills I had
learned during the workshop to help solve a crime case at the end of the workshop. The only
downside I saw during the workshop was how tedious some of the labs were since I did not have
a large background dealing with the command lines of computers.
As a wrap up of my capstone experience, I reflect on how much I have grown as a
researcher and student of the Math & Science Academy. I have learned a lot on how IT
departments function, and I have seen a sneak preview of how the cyber world operates. At the
beginning of my experience, I knew very little about computer imaging, and when it came to
cyber security I knew nothing. Both the experiences and case studies performed have helped me
to become more knowledgeable of the computer world. From my experiences, I have gathered
that I am thoroughly excited to continue to pursue a career in cyber security, and I thank the
Math & Science Academy for giving me a platform to explore my interests.

Running Head: COMPUTER SECURITY

29

DIGITAL FORENSICS CONT...

7/1/2014

To start off the day, we began with reviewing the Hexadecimal and Decimal system. This lead into using
this knowledge to tell how a computer classifies a document on the computer. It just doesn't go by
extension since any extension can be put on a document, which will show the document to be one thing,
but really be a totally different file. Then afterward, we went on to learn how to recover deleted files from
a flash drive.
In coding, the largest number is one less than the base of
the decimal system. Take for instance our decimal system
which has a base of 10. The largest number in our
counting system is 9 before the numbers begin to repeat;
and counting from 0-9 there are a total of 10 numbers.
Same is true for the hexadecimal system which has a base
of 16. The system goes from 0-9 with our numbers and
then 10= A, 11= B, 12= C, 13= D, 14= E, and 15= F. After
recapping this information, we learned how to add binary
numbers. It is much the same as in adding binary
numbers, you take the sum and then divide, and then carry
the remainder. You just keep rinsing and repeating until
the end.
This knowledge of the binary system lead to the next activities. We started on Project 3, where there were
a variety of files with .doc, .exe, .avi, etc. extensions. We then used a program called Win Hex to see how
the computer classifies documents. You see, if you simply type in .doc while naming a text file, the
computer will say that it is a Word Document. However, when you click on it, it actually will not open
since it can not recognize the file type. Therefore in Win Hex, as you can see in the bottom pictures, the
first 5-8 digits of code identify the type of file. The code is actually in Hex form, which easily correlates
to binary code when following a chart.
After the morning session, we then came back and used FTK Imager 1.81 to help recover deleted
data. You see, data/information is never truly deleted. When you decide to delete the item, the files
structure is simply "scrambled" but still remains on the device. Also, sometimes the deleted files can be
overwritten but still recoverable. FTK Imager is one of many forensic tools that help to recover deleted
data. The "scrambled" fragments of data carry a particular pattern, and FTK Imager finds it, and puts it
back into a logical state so that the file can be viewed and potentially recovered. Even physically broken
hard drives can still be manipulated to gain the information that is present on it, no matter if it may be
deleted.
For Project 4, we were told to delete several files from the documents folder we were provided on a flash
drive. After setting up the FTK Imager, the flash drive was analyzed and all the deleted information was
revealed. The Images below show the deleted files that were on the flash drive and how they are
recovered. To save them again, all someone has to do is export the file and save it.

Running Head: COMPUTER SECURITY

URL: http://besinaizmsa.weebly.com/cybersecurity-program/digital-forensics-cont

30