Sarah Gordon (computer scientist)

Last updated

Sarah Gordon is a computer security researcher, responsible for early scientific and academic work on virus writers, hackers, and social issues in computing. [1] [2] [3] [4] [5] [6] [7] She was among the first computer scientists to propose a multidisciplinary approach to computer security. Known primarily for work relating to people and computers, the bulk of her original technical work was published or presented between the late 1980s and mid-1990s.

Two of the first "concept viruses" for Microsoft products were discovered by Gordon, refuting the common belief that it was impossible to contract a virus via email and demonstrating the vulnerability of Microsoft Word to macro viruses in 1995. [8] She also wrote the first report on Linux viruses in the wild. [9] She is known for inventing the term "vX" to refer to Virus Exchange. [10] Gordon has always been fascinated with linguistics, and has introduced several other terms into the computer lexicon, including "trigger foot" and "meaningfulness". [11]

Dr. Gordon was appointed to the computer science graduate faculty of the Florida Institute of Technology [12] [ failed verification ] in 2004. Although she has worked for several computer security companies, including Dr. Solomon's Software, Command Software, IBM Research, and Symantec Corporation, her work has continued to be primarily academic. Sarah Gordon is an alumnus of Indiana University South Bend, where she obtained a Bachelor of Science degree in 1997. She has a master's degree in Human Behaviour and Professional Counseling, and a Ph.D in Computer Science from Middlesex University. [13]

Related Research Articles

Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. Researchers tend to classify malware into one or more sub-types.

Spyware is any software with malicious behavior that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's security, or other means. This behavior may be present in malware and in legitimate software. Websites may engage in spyware behaviors like web tracking. Hardware devices may also be affected.

<span class="mw-page-title-main">Antivirus software</span> Computer software to defend against malicious computer viruses

Antivirus software, also known as anti-malware, is a computer program used to prevent, detect, and remove malware.

Rebecca Mercuri is a computer scientist specializing in computer security and computer forensics. She is considered a leading expert on electronic voting systems.

<span class="mw-page-title-main">Edward Felten</span> American computer scientist (born 1963)

Edward William Felten is the Robert E. Kahn Professor of Computer Science and Public Affairs at Princeton University, where he was also the director of the Center for Information Technology Policy from 2007 to 2015 and from 2017 to 2019. On November 4, 2010, he was named Chief Technologist for the Federal Trade Commission, a position he officially assumed January 3, 2011. On May 11, 2015, he was named the Deputy U.S. Chief Technology Officer. In 2018, he was nominated to and began a term as Board Member of PCLOB.

A grey hat is a computer hacker or computer security expert who may sometimes violate laws or typical ethical standards, but usually does not have the malicious intent typical of a black hat hacker.

<span class="mw-page-title-main">Dorothy E. Denning</span> American information security researcher

Dorothy Elizabeth Denning is a US-American information security researcher known for lattice-based access control (LBAC), intrusion detection systems (IDS), and other cyber security innovations. She published four books and over 200 articles. Inducted into the National Cyber Security Hall of Fame in 2012, she is now Emeritus Distinguished Professor of Defense Analysis, Naval Postgraduate School.

A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network. Hackers may be motivated by a multitude of reasons, such as profit, protest, information gathering, challenge, recreation, or evaluation of a system weaknesses to assist in formulating defenses against potential hackers.

<span class="mw-page-title-main">Sony BMG copy protection rootkit scandal</span> Sony BMGs implementation of copy protection measures

The Sony BMG CD copy protection scandal concerns the copy protection measures included by Sony BMG on compact discs in 2005. When inserted into a computer, the CDs installed one of two pieces of software that provided a form of digital rights management (DRM) by modifying the operating system to interfere with CD copying. Neither program could easily be uninstalled, and they created vulnerabilities that were exploited by unrelated malware. One of the programs would install and "phone home" with reports on the user's private listening habits, even if the user refused its end-user license agreement (EULA), while the other was not mentioned in the EULA at all. Both programs contained code from several pieces of copylefted free software in an apparent infringement of copyright, and configured the operating system to hide the software's existence, leading to both programs being classified as rootkits.

FRISK Software International was an Icelandic software company that developed F-Prot antivirus and F-Prot AVES antivirus and anti-spam service. The company was founded in 1993. It was acquired by Cyren in 2012.

Dr. Herbert Hugh Thompson is a computer security expert, an Adjunct Professor in the Computer Science Department at Columbia University, and the Chief Technology Officer of NortonLifeLock. He is also the Chairman of RSA Conference the world's largest information security conference with over 25,000 attendees annually. Thompson is the co-author of a book on human achievement titled The Plateau Effect: Getting from Stuck to Success published by Penguin in 2013 and has co-authored three books on information security including, How to Break Software Security: Effective Techniques for Security Testing published by Addison-Wesley, and The Software Vulnerability Guide published by Charles River 2005. He is perhaps best known for his role in exposing electronic voting machine vulnerabilities as part of the HBO Documentary Hacking Democracy. He was named one of the "Top 5 Most Influential Thinkers in IT Security" by SC Magazine and has been referred to by the Financial Times as "One of the world’s foremost cryptology and internet security experts."

<span class="mw-page-title-main">Robert Slade</span> Canadian information scientist

Robert Michael Slade, also known as Robert M. Slade and Rob Slade, is a Canadian information security consultant, researcher and instructor. He is the author of Robert Slade's Guide to Computer Viruses, Software Forensics, Dictionary of Information Security and co-author of Viruses Revealed. Slade is the author of thousands of technical book reviews, today published on the techbooks mailing list and in the RISKS Digest, and archived in his Internet Review Project. An expert on computer viruses and malware, he is also the Mr. Slade of "Mr. Slade's lists".

<span class="mw-page-title-main">Computer virus</span> Computer program that modifies other programs to replicate itself and spread

A computer virus is a type of malware that, when executed, replicates itself by modifying other computer programs and inserting its own code into those programs. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus, a metaphor derived from biological viruses.

Zeus is a Trojan horse malware package that runs on versions of Microsoft Windows. It is often used to steal banking information by man-in-the-browser keystroke logging and form grabbing. Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation, it became more widespread in March 2009. In June 2009 security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster.com, ABC, Oracle, Play.com, Cisco, Amazon, and BusinessWeek. Similarly to Koobface, Zeus has also been used to trick victims of technical support scams into giving the scam artists money through pop-up messages that claim the user has a virus, when in reality they might have no viruses at all. The scammers may use programs such as Command prompt or Event viewer to make the user believe that their computer is infected.

Stephanie Forrest is an American computer scientist and director of the Biodesign Center for Biocomputing, Security and Society at the Biodesign Institute at Arizona State University. She was previously Distinguished Professor of Computer Science at the University of New Mexico in Albuquerque. She is best known for her work in adaptive systems, including genetic algorithms, computational immunology, biological modeling, automated software repair, and computer security.

The following outline is provided as an overview of and topical guide to computer security:

Lazarus Group is a hacker group made up of an unknown number of individuals, alleged to be run by the government of North Korea. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them between 2010 and 2021. Originally a criminal group, the group has now been designated as an advanced persistent threat due to intended nature, threat, and wide array of methods used when conducting an operation. Names given by cybersecurity organizations include Hidden Cobra and ZINC or Diamond Sleet. According to North Korean defector Kim Kuk-song, the unit is internally known in North Korea as 414 Liaison Office.

<span class="mw-page-title-main">Katie Moussouris</span> American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure

Katie Moussouris is an American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure, and is best known for her ongoing work advocating responsible security research. Previously a member of @stake, she created the bug bounty program at Microsoft and was directly involved in creating the U.S. Department of Defense's first bug bounty program for hackers. She previously served as Chief Policy Officer at HackerOne, a vulnerability disclosure company based in San Francisco, California, and currently is the founder and CEO of Luta Security.

Alisa Shevchenko, professionally known as Alisa Esage, is a Russian-born computer security researcher, entrepreneur and hacker with Ukrainian roots. She is known for working independently with dominant software corporations such as Google and Microsoft to find and exploit security weaknesses in their products; being the first female participant in Pwn2Own, the world's premiere professional hacking competition with significant cash prizes; and being accused by the government of the United States of hacking the presidential elections in 2016.

References

  1. IFIP Technical Committee 11. 1994. Technologically Enabled Crime: Shifting Paradigms for the Year 2000. Curacao, Netherlands Antilles
  2. Stucker, H. 1997. Wired. Among the Virus Thugs
  3. Jackson, 1999. Profiler Analyst. Government Computer News Archived 2007-06-08 at the Wayback Machine
  4. Hattori, J. 2001 CNN. Hacking into the minds of virus writers
  5. USA Today. 2002. Tech
  6. Savage, M. 2001. Delving into the online underworld Archived 2007-08-14 at the Wayback Machine
  7. Slade, R. 2003. Collecting Evidence from the Scene of a Digital Crime. p. 23. McGraw Hill
  8. Shapiro, Scott (2023). Fancy Bear Goes Phishing: The dark history of the information age, in five extraordinary hacks (1st ed.). New York: Farrar, Straus and Giroux. p. 145. ISBN   978-0-374-60117-1.
  9. Gordon, S. 1998. The Worm Has Turned. Virus Bulletin. August issue. pp10-12.
  10. Risks Digest, Volume 16: Issue 91 Tuesday 14 March 1995 citing Slade, R. Viral Morality; Gordon, S. 1993. Virus Exchange BBS: A Legal Crime? Legal, Ethical and Technical Aspects of Computer and Network Use and Abuse. American Association for the Advancement of Science. Irvine, California
  11. Santa Fe Institute Keynote, Examination of Cybercentric Role Models in Film and Media, 2007
  12. Florida Institute of Technology Department of Computer Science
  13. Ford, Sarah Gordon. "Changing the way the world thinks about computer security. PhD thesis, Middlesex University" (PDF). Middlesex University Research Repository. Retrieved 12 August 2017.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.