Article thumbnail

Future threats to future trust

By Herbert Bos, Erland Jonsson, Sotiris Ioannidis, Engin Kirda and Christoffer Kruegel


Only a few years ago, big worms roamed theplanet, spreading within hours, or even minutes, toevery nook and cranny of the Internet. The damagecaused by them was equally impressive; wormshave taken out alarm phone centers, train signallingsystems, thousands of cash machines, millions ofproduction PCs and servers, and, oh yes, SouthKorea1.No wonder academics and industry scrambledto counter the threat. Indeed, fast spreading flashworms were all the rage among security expertsand millions of euros were spent on projects tocounter them. Alliances were formed, researchgrants applied for, projects started, prototype solutionsdeveloped, refined, and discarded. Unfortunately,by the time we developed practical countermeasures, flash worms had all but disappeared.Instead, we now worry about stealth attacks, botnets,phishing sites, attacks on mobile phones, andwhatever new threats emerged in recent years. Theproblem is that we tend to work on solutions fortoday’s problems and have no time to worry aboutthe threats of the future. The problem is that weare often caught unawares.This need not be the case and there are examplesof threats that we saw coming before they hit us.A well-known example is RFID. An RFID tagis a small, extremely low-cost chip that can beused for purposes like identification and minimalprocessing. By adding RFID tags to everything,from pets to products, industry aims to use RFIDtechnology to create the “Internet of Things”. However,researchers have shown that tags can be usedto propagate malware, which in turn has led aconcerned industry to scrutinize security issues inRFID. All of this happened before any real attackstook place.For this reason the FORWARD initiative intendsto bring together experts to discuss future threatsand develop realistic threat scenarios. As a firststep in that direction, a workshop was organized1The country virtually dropped off the map as a result of theSlammer worm [2].in G\ua8oteborg, Sweden, in April 2008, to discussfuture threats [1]. The workshop consisted of broadplenary sessions interspersed with focused expertsmeetings. This paper summarizes the workshop’sfindings and their bearings on the future of trust.The remainder of this paper discusses the findingsof the targeted expert meetings on criticalinfrastructure and large scale systems (Section II),fraud (Section III), and malware (Section IV).Concluding remarks are in Section V

Topics: Computer and Information Science, Malware, Emerging Threats, Fraud, Critical Infrastructure
Publisher: 'Springer Science and Business Media LLC'
Year: 2008
DOI identifier: 10.1007/978-3-8348-9324-6_5
OAI identifier:
Provided by: Chalmers Research
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.