Data encryption Books

Book SynopsisFocusing on the human factors involved with information security, this book explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system.Trade Review“…a fascinating read…” (ForTean Times, June 2004) "...a lot of interesting cautionary tales..." (New Scientist, January 2004)Table of ContentsForeword. Preface. Introduction. Part 1: Behind the Scenes. Chapter 1: Security's Weakest Link. Part 2: The Art of the Attacker. Chapter 2: When Innocuous Information Isn't. Chapter 3: The Direct Attack: Just Asking for It. Chapter 4: Building Trust. Chapter 5: "Let Me Help You". Chapter 6: "Can You Help Me?". Chapter 7: Phony Sites and Dangerous Attachments. Chapter 8: Using Sympathy, Guilt, and Intimidation. Chapter 9: The Reverse Sting. Part 3: Intruder Alert. Chapter 10: Entering the Premises. Chapter 11: Combining Technology and Social Engineering. Chapter 12: Attacks on the Entry-Level Employee. Chapter 13: Clever Cons. Chapter 14: Industrial Espionage. Part 4: Raising the Bar. Chapter 15: Information Security Awareness and Training. Chapter 16: Recommended Corporate Information Security Policies. Security at a Glance. Sources. Acknowledgments. Index.

Read more less

Book SynopsisReflecting the latest developments and emerging trends from the field, Ciampa's COMPTIA SECURITY+ GUIDE TO NETWORK SECURITY FUNDAMENTALS, 8th Edition, helps you prepare for professional certification and career success. The text fully maps to the new CompTIA Security+ SY0-701 Certification Exam, providing thorough coverage of all domain objectives. In addition to its comprehensive coverage of the fundamental essentials of network and computer security, the 8th edition includes expanded coverage of information security management, artificial intelligence, compliance, cryptography and cloud and virtualization security. Practical, Hands-On Projects, case activities and online virtual labs help you put what you learn into real-world practice.Table of ContentsI. SECURITY FOUNDATIONS. 1. Introduction to Information Security. a. What is Information Security? i. Understanding Security. ii. Principles of Security. iii. Cybersecurity Versus Information Security. iv. Defining Information Security. b. Threat actors and Their Motivations. i. Unskilled Attackers. ii. Shadow IT. iii. Organized Crime. iv. Insider Threats. v. Hacktivists. vi. Nation-state Actors. vii. Other Threat Actors. c. How Attacks Occur. i. Threat Vectors and Attack Surfaces. ii. Categories of Vulnerabilities. iii. Impacts of Attacks. d. Information Security Resources. i. Frameworks. ii. Regulations. iii. Legislation. iv. Standards. v. Benchmarks/Secure Configuration Guides. vi. Information Sources. 2. Pervasive Attack Surfaces and Controls. a. Social Engineering Attacks. i. Examples of Human Manipulation. ii. Types of Social Engineering Attacks. b. Physical Security Controls. i. Perimeter Defenses. ii. Preventing Data Leakage. iii. Computer Hardware Security. c. Data Controls. i. Data Classifications. ii. Types of Data. iii. Data Breach Consequences. iv. Protecting Data. II. CRYPTOGRAPHY. 3. Fundamentals of Cryptography. a. Defining Cryptography. i. Steganography: Hiding the message. ii. Cryptography: Hiding the meaning. iii. Benefits of Cryptography. b. Cryptographic Algorithms. i. Variations of Algorithms. ii. Hash Algorithms. iii. Symmetric Cryptographic Algorithms. iv. Asymmetric Cryptographic Algorithms. c. Using Cryptography. i. Encryption Through Software. ii. Hardware Encryption. iii. Blockchain. d. Cryptographic Limitations and Attacks. i. Limitations of Cryptography. ii. Attacks on Cryptography. 4. Advanced Cryptography. a. Digital Certificates. i. Defining Digital Certificates. ii. Managing Digital Certificates. iii. Types of Digital Certificates. b. Public Key Infrastructure (PKI). i. What is Public Key Infrastructure (PKI)? ii. Trust Models. iii. Managing PKI. iv. Key Management. c. Secure Communication and Transport Protocols. i. Transport Layer Security (TLS). ii. IP Security (IPSec). iii. Other Protocols. d. Implementing Cryptography. i. Key Strength. ii. Secret Algorithms. iii. Block Cipher Modes of Operation. III. DEVICE SECURITY. 5. Endpoint Vulnerabilities, Attacks, and Defenses. a. Malware Attacks. i. Kidnap. ii. Eavesdrop. iii. Masquerade. iv. Launch. v. Sidestep. vi. Indicator of Attack (IoA). b. Application Vulnerabilities and Attacks. i. Application Vulnerabilities. ii. Application Attacks. c. Securing Endpoint Devices. i. Protecting Endpoints. ii. Hardening Endpoints. 6. Mobile and Embedded Device Security. a. Securing Mobile Devices. i. Introduction to Mobile Devices. ii. Mobile Device Risks. iii. Protecting Mobile Devices. b. Embedded Systems and Specialized Devices. i. Types of Devices. ii. Security Considerations. c. Application Security. i. Application Development Concepts. ii. Secure Coding Techniques. iii. Code Testing. 7. Identity and Access Management (IAM). a. Types of Authentication Credentials. i. Something You Know: Passwords. ii. Something You Have: Tokens and Security Keys. iii. Something You Are: Biometrics. iv. Something You Do: Behavioral biometrics. b. Authentication Best Practices. i. Securing Passwords. ii. Secure Authentication Technologies. c. Access Controls. i. Access Control Schemes. ii. Access Control Lists. IV. INFRASTRUCTURE AND ARCHITECTURES. 8. Infrastructure Threats and Security Monitoring. a. Attacks on Networks. i. On-Path Attacks. ii. Domain Name System (DNS) Attacks. iii. Distributed Denial of Service (DDoS). iv. Malicious Coding and Scripting Attacks. v. Layer 2 Attacks. vi. Credential Relay Attacks. b. Security Monitoring and Alerting. i. Monitoring Methodologies. ii. Monitoring Activities. iii. Tools for Monitoring and Alerting. c. Email Monitoring and Security. i. How Email Works. ii. Email Threats. iii. Email Defenses. 9. Infrastructure Security. a. Security Appliances. i. Common Network Devices. ii. Infrastructure Security Hardware. b. Software Security Protections. i. Web Filtering. ii. DNS Filtering. iii. File Integrity Monitoring (FIM). iv. Extended Protection and Response. c. Secure Infrastructure Design. i. What is Secure Infrastructure Design? ii. Virtual LANs (VLANs). iii. Demilitarized Zone (DMZ). iv. Zero Trust. d. Access Technologies. i. Virtual Private Network (VPN). ii. Network Access Control (NAC). 10. Wireless Network Attacks and Defenses. a. Wireless Attacks. i. Cellular Networks. ii. Bluetooth Attacks. iii. Near Field Communication (NFC) Attacks. iv. Radio Frequency Identification (RFID) Attacks. v. Wireless Local Area Network Attacks. b. Vulnerabilities of WLAN Security. i. Wired Equivalent Privacy (WEP). ii. Wi-Fi Protected Setup (WPS). iii. MAC Address Filtering. iv. Wi-Fi Protected Access (WPA). c. Wireless Security Solutions. i. Wi-Fi Protected Access 2 (WPA2). ii. Wi-Fi Protected Access 3 (WPA3). iii. Additional Wireless Security Protections. 11. Cloud and Virtualization Security. a. Introduction to Cloud Computing. i. What is Cloud Computing? ii. Types of Clouds. iii. Cloud Locations. iv. Cloud Architecture. v. Cloud Models. vi. Cloud Management. vii. Cloud-native Microservices. b. Cloud Computing Security. i. Cloud-based Security. ii. Cloud Vulnerabilities. iii. Cloud Security Controls. c. Virtualization Security. i. Defining Virtualization. ii. Infrastructure as Code. iii. Security Concerns for Virtual Environments. V. OPERATIONS AND MANAGEMENT. 12. Vulnerability Management. a. Vulnerability Scanning. i. Vulnerability Scan Basics. ii. Sources of Threat Intelligence. iii. Scanning Decisions. iv. Running a Vulnerability Scan. v. Analyzing Vulnerability Scans. vi. Addressing Vulnerabilities. b. Audits and Assessments. i. Internal Audits. ii. External Assessments. iii. Penetration Testing. 13. Incident Preparation and Investigation. a. Preparatory Plans. i. Business Continuity Planning. ii. Incident Response Planning. b. Resilience Through Redundancy. i. Servers. ii. Drives. iii. Networks. iv. Power. v. Sites. vi. Clouds. vii. Data. c. Incident Investigation. i. Data Sources. ii. Digital forensics. 14. Oversight and Operations. a. Administration. i. Governance. ii. Compliance. b. Security Operations. i. Automation. ii. Orchestration. iii. Threat Hunting. iv. Artificial Intelligence. 15. Information Security Management. a. Asset Protection. i. Asset Management. ii. Change Management. b. Risk Management. i. Defining Risk. ii. Analyzing Risks. iii. Managing Risks.

Read more less

Book SynopsisTable of Contents1. Introduction to Information Security. 2. The Need for Security. 3. Legal, Ethical, and Professional Issues in Information Security. 4. Security Management. 5. Incident Response and Contingency Planning. 6. Risk Management. 7. Security Technology: Firewalls, VPNs, and Wireless. 8. Security Technology: Intrusion Detection and Prevention Systems and Other Security Tools. 9. Cryptography. 10. Implementing Information Security. 11. Security and Personnel. 12. Information Security Maintenance.

Read more less

Book SynopsisTable of ContentsPrologue xxv Chapter 1 Getting Started 1 Why This Book is Different 2 What You Will and Won’t Find in This Book 2 Getting to Know Your Fellow Experts 3 A Note on Cryptocurrencies 4 What You Need to Know 4 Paid Tools and Historical Data 5 What about Maltego? 5 Prerequisites 5 Know How to Use and Configure Linux 5 Get Your API Keys in Order 6 Important Resources 6 OSINT Framework 6 OSINT.link 6 IntelTechniques 7 Termbin 8 Hunchly 9 Wordlists and Generators 9 SecLists 9 Cewl 10 Crunch 10 Proxies 10 Storm Proxies (Auto-Rotating) 10 Cryptocurrencies 101 11 How Do Cryptocurrencies Work? 12 Blockchain Explorers 13 Following the Money 15 Identifying Exchanges and Traders 17 Summary 18 Chapter 2 Investigations and Threat Actors 19 The Path of an Investigator 19 Go Big or Go Home 20 The Breach That Never Happened 21 What Would You Do? 22 Moral Gray Areas 24 Different Investigative Paths 25 Investigating Cyber Criminals 26 The Beginning of the Hunt (for TDO) 27 The Dark Overlord 27 List of Victims 28 A Brief Overview 29 Communication Style 30 Group Structure and Members 30 Cyper 31 Arnie 32 Cr00k (Ping) 35 NSA (Peace of Mind) 36 The Dark Overlord 38 Summary 41 Part I Network Exploration 43 Chapter 3 Manual Network Exploration 45 Chapter Targets: Pepsi.com and Cyper.org 46 Asset Discovery 46 ARIN Search 47 Search Engine Dorks 48 DNSDumpster 49 Hacker Target 52 Shodan 53 Censys (Subdomain Finder) 56 Censys Subdomain Finder 56 Fierce 57 Sublist3r 58 Enumall 59 Results 60 Phishing Domains and Typosquatting 61 Summary 64 Chapter 4 Looking for Network Activity (Advanced NMAP Techniques) 67 Getting Started 67 Preparing a List of Active Hosts 68 Full Port Scans Using Different Scan Types 68 TCP Window Scan 70 Working against Firewalls and IDS 70 Using Reason Response 71 Identifying Live Servers 71 Firewall Evasion 73 Distributed Scanning with Proxies and TOR 73 Fragmented Packets/MTU 74 Service Detection Trick 74 Low and Slow 76 Bad Checksums, Decoy, and Random Data 76 Firewalking 79 Comparing Results 79 Styling NMAP Reports 81 Summary 82 Chapter 5 Automated Tools for Network Discovery 83 SpiderFoot 84 SpiderFoot HX (Premium) 91 Intrigue.io 95 Entities Tab 96 Analyzing uberpeople.net 99 Analyzing the Results 104 Exporting Your Results 105 Recon-NG 107 Searching for Modules 111 Using Modules 111 Looking for Ports with Shodan 115 Summary 116 Part II Web Exploration 119 Chapter 6 Website Information Gathering 121 BuiltWith 121 Finding Common Sites Using Google Analytics Tracker 123 IP History and Related Sites 124 Webapp Information Gatherer (WIG) 124 CMSMap 129 Running a Single Site Scan 130 Scanning Multiple Sites in Batch Mode 130 Detecting Vulnerabilities 131 WPScan 132 Dealing with WAFs/WordPress Not Detected 136 Summary 141 Chapter 7 Directory Hunting 143 Dirhunt 143 Wfuzz 146 Photon 149 Crawling a Website 151 Intrigue.io 152 Summary 157 Chapter 8 Search Engine Dorks 159 Essential Search Dorks 160 The Minus Sign 160 Using Quotes 160 The site: Operator 161 The intitle: Operator 161 The allintitle: Operator 162 The fi letype: Operator 162 The inurl: Operator 163 The cache: Operator 165 The allinurl: Operator 165 The fi lename: Operator 165 The intext: Operator 165 The Power of the Dork 166 Don’t Forget about Bing and Yahoo! 169 Automated Dorking Tools 169 Inurlbr 169 Using Inurlbr 171 Summary 173 Chapter 9 WHOIS 175 WHOIS 175 Uses for WHOIS Data 176 Historical WHOIS 177 Searching for Similar Domains 177 Namedroppers.com 177 Searching for Multiple Keywords 179 Advanced Searches 181 Looking for Threat Actors 182 Whoisology 183 Advanced Domain Searching 187 Worth the Money? Absolutely 188 DomainTools 188 Domain Search 188 Bulk WHOIS 189 Reverse IP Lookup 189 WHOIS Records on Steroids 190 WHOIS History 192 The Power of Screenshots 193 Digging into WHOIS History 193 Looking for Changes in Ownership 194 Reverse WHOIS 196 Cross-Checking All Information 197 Summary 199 Chapter 10 Certificate Transparency and Internet Archives 201 Certificate Transparency 201 What Does Any of This Have to Do with Digital Investigations? 202 Scouting with CTFR 202 Crt.sh 204 CT in Action: Side-stepping Cloudflare 204 Testing More Targets 208 CloudFlair (Script) and Censys 209 How Does It Work? 210 Wayback Machine and Search Engine Archives 211 Search Engine Caches 212 CachedView.com 214 Wayback Machine Scraper 214 Enum Wayback 215 Scraping Wayback with Photon 216 Archive.org Site Search URLs 217 Wayback Site Digest: A List of Every Site URL Cached by Wayback 219 Summary 220 Chapter 11 Iris by DomainTools 221 The Basics of Iris 221 Guided Pivots 223 Configuring Your Settings 223 Historical Search Setting 224 Pivootttt!!! 225 Pivoting on SSL Certificate Hashes 227 Keeping Notes 228 WHOIS History 230 Screenshot History 232 Hosting History 232 Bringing It All Together 234 A Major Find 240 Summary 241 Part III Digging for Gold 243 Chapter 12 Document Metadata 245 Exiftool 246 Metagoofil 248 Recon-NG Metadata Modules 250 Metacrawler 250 Interesting_Files Module 252 Pushpin Geolocation Modules 254 Intrigue.io 257 FOCA 261 Starting a Project 262 Extracting Metadata 263 Summary 266 Chapter 13 Interesting Places to Look 267 TheHarvester 268 Running a Scan 269 Paste Sites 273 Psbdmp.ws 273 Forums 274 Investigating Forum History (and TDO) 275 Following Breadcrumbs 276 Tracing Cyper’s Identity 278 Code Repositories 280 SearchCode.com 281 Searching for Code 282 False Negatives 283 Gitrob 284 Git Commit Logs 287 Wiki Sites 288 Wikipedia 289 Summary 292 Chapter 14 Publicly Accessible Data Storage 293 The Exactis Leak and Shodan 294 Data Attribution 295 Shodan’s Command-Line Options 296 Querying Historical Data 296 CloudStorageFinder 298 Amazon S3 299 Digital Ocean Spaces 300 NoSQL Databases 301 MongoDB 302 Robot 3T 302 Mongo Command-Line Tools 305 Elasticsearch 308 Querying Elasticsearch 308 Dumping Elasticsearch Data 311 NoScrape 311 MongoDB 313 Elasticsearch 314 Scan 314 Search 315 Dump 317 MatchDump 317 Cassandra 318 Amazon S3 320 Using Your Own S3 Credentials 320 Summary 321 Part IV People Hunting 323 Chapter 15 Researching People, Images, and Locations 325 PIPL 326 Searching for People 327 Public Records and Background Checks 330 Ancestry.com 331 Threat Actors Have Dads, Too 332 Criminal Record Searches 332 Image Searching 333 Google Images 334 Searching for Gold 335 Following the Trail 335 TinEye 336 EagleEye 340 Searching for Images 340 Cree.py and Geolocation 343 Getting Started 343 IP Address Tracking 346 Summary 347 Chapter 16 Searching Social Media 349 OSINT.rest 350 Another Test Subject 355 Twitter 357 SocialLinks: For Maltego Users 358 Skiptracer 361 Running a Search 361 Searching for an Email Address 361 Searching for a Phone Number 364 Searching Usernames 366 One More Username Search 368 Userrecon 370 Reddit Investigator 372 A Critical “Peace” of the TDO Investigation 374 Summary 375 Chapter 17 Profile Tracking and Password Reset Clues 377 Where to Start (with TDO)? 377 Building a Profile Matrix 378 Starting a Search with Forums 379 Ban Lists 381 Social Engineering 381 SE’ing Threat Actors: The “Argon” Story 383 Everyone Gets SE’d—a Lesson Learned 387 The End of TDO and the KickAss Forum 388 Using Password Reset Clues 390 Starting Your Verification Sheet 391 Gmail 391 Facebook 393 PayPal 394 Twitter 397 Microsoft 399 Instagram 400 Using jQuery Website Responses 400 ICQ 403 Summary 405 Chapter 18 Passwords, Dumps, and Data Viper 407 Using Passwords 408 Completing F3ttywap’s Profile Matrix 409 An Important Wrong Turn 412 Acquiring Your Data 413 Data Quality and Collections 1–5 413 Always Manually Verify the Data 415 Where to Find Quality Data 420 Data Viper 420 Forums: The Missing Link 421 Identifying the Real “Cr00k” 422 Tracking Cr00k’s Forum Movements 423 Timeline Analysis 423 The Eureka Moment 427 Vanity over OPSEC, Every Time 429 Why This Connection is Significant 429 Starting Small: Data Viper 1.0 430 Summary 431 Chapter 19 Interacting with Threat Actors 433 Drawing Them Out of the Shadows 433 Who is WhitePacket? 434 The Bev Robb Connection 435 Stradinatras 436 Obfuscation and TDO 437 Who is Bill? 439 So Who Exactly is Bill? 440 YoungBugsThug 440 How Did I Know It Was Chris? 441 A Connection to Mirai Botnet? 442 Why Was This Discovery So Earth-Shattering? 444 Question Everything! 445 Establishing a Flow of Information 446 Leveraging Hacker Drama 447 Was Any of That Real? 448 Looking for Other Clues 449 Bringing It Back to TDO 450 Resolving One Final Question 451 Withdrawing Bitcoin 451 Summary 452 Chapter 20 Cutting through the Disinformation of a 10-Million-Dollar Hack 453 GnosticPlayers 454 Sites Hacked by GnosticPlayers 456 Gnostic’s Hacking Techniques 457 GnosticPlayers’ Posts 459 GnosticPlayers2 Emerges 461 A Mysterious Third Member 462 NSFW/Photon 463 The Gloves Come Off 464 Making Contact 465 Gabriel/Bildstein aka Kuroi’sh 465 Contacting His Friends 467 Weeding through Disinformation 468 Verifying with Wayback 468 Bringing It All Together 469 Data Viper 469 Trust but Verify 472 Domain Tools’ Iris 474 Verifying with a Second Data Source 475 The End of the Line 476 What Really Happened? 476 Outofreach 476 Kuroi’sh Magically Appears 477 What I Learned from Watching Lost 477 Who Hacked GateHub? 478 Unraveling the Lie 479 Was Gabriel Involved? My Theory 479 Gabriel is Nclay: An Alternate Theory 479 All roads lead back to NSFW 480 Summary 481 Epilogue 483 Index 487

Read more less

Book SynopsisOffering graduate students with the necessary theoretical tools for applying algebraic geometry to information theory, this title covers primary applications in coding theory and cryptography. It includes a discussion of the interplay between nonsingular projective curves and algebraic function fields over finite fields.Trade Review"Coding theory has a rapidly growing corpus of knowledge, and now appears explicitly in several classifications in the MSC. [This] book ... is certainly an important addition to the literature in this area and a serious candidate for becoming one of the standard textbooks in related courses."--Cicero Carvalho, Mathematical ReviewsTable of ContentsPreface ix Chapter 1: Finite Fields and Function Fields 1 1.1 Structure of Finite Fields 1 1.2 Algebraic Closure of Finite Fields 4 1.3 Irreducible Polynomials 7 1.4 Trace and Norm 9 1.5 Function Fields of One Variable 12 1.6 Extensions of Valuations 25 1.7 Constant Field Extensions 27 Chapter 2: Algebraic Varieties 30 2.1 Affine and Projective Spaces 30 2.2 Algebraic Sets 37 2.3 Varieties 44 2.4 Function Fields of Varieties 50 2.5 Morphisms and Rational Maps 56 Chapter 3: Algebraic Curves 68 3.1 Nonsingular Curves 68 3.2 Maps Between Curves 76 3.3 Divisors 80 3.4 Riemann-Roch Spaces 84 3.5 Riemann's Theorem and Genus 87 3.6 The Riemann-Roch Theorem 89 3.7 Elliptic Curves 95 3.8 Summary: Curves and Function Fields 104 Chapter 4: Rational Places 105 4.1 Zeta Functions 105 4.2 The Hasse-Weil Theorem 115 4.3 Further Bounds and Asymptotic Results 122 4.4 Character Sums 127 Chapter 5: Applications to Coding Theory 147 5.1 Background on Codes 147 5.2 Algebraic-Geometry Codes 151 5.3 Asymptotic Results 155 5.4 NXL and XNL Codes 174 5.5 Function-Field Codes 181 5.6 Applications of Character Sums 187 5.7 Digital Nets 192 Chapter 6: Applications to Cryptography 206 6.1 Background on Cryptography 206 6.2 Elliptic-Curve Cryptosystems 210 6.3 Hyperelliptic-Curve Cryptography 214 6.4 Code-Based Public-Key Cryptosystems 218 6.5 Frameproof Codes 223 6.6 Fast Arithmetic in Finite Fields 233 A Appendix 241 A.1 Topological Spaces 241 A.2 Krull Dimension 244 A.3 Discrete Valuation Rings 245 Bibliography 249 Index 257

Read more less

Book SynopsisThe world''s most infamous hacker offers an insider''s view of the low-tech threats to high-tech security Kevin Mitnick''s exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world''s most notorious hacker gives new meaning to the old adage, It takes a thief to catch a thief. Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustTrade Review“…authoritative…” (Retail Systems, December 2005) Mitnick is the most famous computer hacker in the world. Since his first arrest in 1981, at age 17, he has spent nearly half his adult life either in prison or as a fugitive. He has been the subject of three books and his alleged 1982 hack into NORAD inspired the movie WarGames. Since his plea-bargain release in 2000, he says he has reformed and is devoting his talents to helping computer security. It's not clear whether this book is a means toward that end or a, wink-wink, fictionalized account of his exploits, with his name changed to protect his parole terms. Either way, it's a tour de force, a series of tales of how some old-fashioned blarney and high-tech skills can pry any information from anyone. As entertainment, it's like reading the climaxes of a dozen complex thrillers, one after the other. As a security education, it's a great series of cautionary tales; however, the advice to employees not to give anyone their passwords is bland compared to the depth and energy of Mitnick's description of how he actually hacked into systems. As a manual for a would-be hacker, it's dated and nonspecific -- better stuff is available on the Internet—but it teaches the timeless spirit of th e hack. Between the lines, a portrait emerges of the old-fashioned hacker stereotype: a socially challenged, obsessive loser addicted to an intoxication sense of power that comes from stalking and spying. (Oct.) Forecast: Mitnick's notoriety and his well written, entertaining stories should generate positive word-of-mouth. With the double appeal of a true-crime memoir and a manual for computer security, this book will enjoy good sales. (Publishers Weekly, June 24, 2002) "...an interesting read..." (www.infosecnews.com, 17 July 2002) "...highly entertaining...will appeal to a broad audience..." (Publishing News, 26 July 2002) The world's most famous computer hacker and cybercult hero, once the subject of a massive FBI manhunt for computer fraud, has written a blueprint for system security based on his own experiences. Mitnick, who was released from federal prison in 1998 after serving a 22-month term, explains that unauthorized intrusion into computer networks is not limited to exploiting security holes in hardware and software. He focuses instead on a common hacker technique known as social engineering in which a cybercriminal deceives an individual into providing key information rather than trying to use technology to reveal it. Mitnick illustrates the tactics comprising this "art of deception" through actual case studies, showing that even state-of-the-art security software can't protect businesses from the dangers of human error. With Mitnick's recommended security policies, readers gain the information their organizations need to detect and ward off the threat of social engineering. Required reading for IT professionals, this book is highly recommended for public, academic, and corporate libraries. [This should not be confused with Ridley Pearson's new thriller, The Art of Deception. —Ed]—Joe Accardi, William Rainey Harper Coll. Lib., Palatine, IL (Library Journal, August 2002) He was the FBI's most-wanted hacker. But in his own eyes, Mitnick was simply a small-time con artist with an incredible memory, a knack for social engineering, and an enemy at The New York Times. That foe, John Markoff, made big bucks selling two books about Mitnick - without ever interviewing him. This is Mitnick's account, complete with advice for how to protect yourself from similar attacks. I believe his story. (WIRED Magazine, October 2002) Kevin Mitnick spent five years in jail at the federal authorities' behest, but The Art of Deception: Controlling the Human Element of Security (Kevin Mitnick and William Simon), reveals that he was no lowly grifter. Rather, by impersonating others in order to talk guileless employees out of access protocols, Mr. Mitnick was practicing "the performance art called social engineering." While every society has had its demimonde-like the Elizabethan coney catchers who duped visitors to 16th-century London--it's in the United States that con artists assumedlegendary status. The definitive book is still The Big Con from 1940 (Anchor Books), which commemorates a golden age already receding when it was published: the grifters it describes--like the High Ass Kid and Slobbering Bob--thrived between 1914 and 1929, when technological advances and unparalleled prosperity generated a roller-coaster stock market. That sounds a lot like the past decade. So how did the culture of the con do during the Internet era? On Mr. Mitnick's evidence, it flourished and evolved. The Art of Deception is itself a bit of a fraud as far as advice on upgrading security. But the book does deliver on "social engineering" exercises. Some aren't even illegal and Mr. Mitnick -- weasel that he is -- lovingly records their most elaborate convolutions. One way or another, you'll find the information useful. (Red Herring, October 2002) "Mitnick outlines dozens of social engineering scenarios in his book, dissecting the ways attackers can easily exploit what he describes as 'that natural human desire to help others and be a good team player.'" (Wired.com, October 3, 2002) Finally someone is on to the real cause of data security breaches--stupid humans. Notorious hacker Kevin Mitnick--released from federal prison in January 2000 and still on probation--reveals clever tricks of the "social engineering" trade and shows how to fend them off in The Art of Deception: Controlling the Human Element of Security (Wiley, $27.50). Most of the book, coauthored by William Simon (not the one running for governor of California), is a series of fictional episodes depicting the many breathtakingly clever ways that hackers can dupe trusting souls into breaching corporate and personal security--information as simple as an unlisted phone number or as complicated as plans for a top-secret product under development. The rest lays out a fairly draconian plan of action for companies that want to strengthen their defenses. Takeaway: You can put all the technology you want around critical information, but all it takes to break through is one dolt who gives up his password to a "colleague" who claims to be working from the Peoria office. What's useful about this book is its explanation of risks in seemingly innocuous systems few people think about. The caller ID notification that proves you're talking to a top executive of your firm? Easily forged. The password your assistant logs in with? Easily guessed. The memos you toss into the cheap office shredder? Easily reconstructed. The extension that you call in the IT department? Easily forwarded. Physical security can be compromised, too. It's not hard to gain access to a building by "piggybacking" your way in the door amid the happy throng returning from lunch. You'd better have confidence in your IT professionals, because they're likely to have access to everything on the corporate system, including your salary and personal information. Mitnick offers some ideas for plugging these holes, like color-coded ID cards with really big photos. Implementing the book's security action plan in full seems impossible, but it's a good idea to warn employees from the boss down to the receptionist and janitors not to give out even innocuous information to people claiming to be helpful IT folks without confirming their identity--and to use things like encryption technology as fallbacks. Plenty of would-be Mitnicks--and worse--still ply their trade in spaces cyber and psychological. --S.M. (Forbes Magazine - October 14, 2002) "...the book describes how people can get sensitive information without even stepping near a computer through 'social engineering' -- the use of manipulation or persuasion to deceive people by convincing them that you are someone else." (CNN.com's Technology section, October 9, 2002) "...engaging style...fascinating true stories..." (The CBL Source, October/December 2002) "…the book describes how people can get information without even stepping near a computer…" (CNN, 16 October 2002) "…each vignette reads like a mini-cybermystery thriller…I willingly recommend The Art of Deception. It could save you from embarrassment or an even worse fate…" (zdnet.co.uk, 15 October 2002) "…details the ways that employees can inadvertently leak information that can be exploited by hackers to compromise computer systems…the book is scary in ways that computer security texts usually do not manage to be…" (BBC online, 14 October 2002) "…more educational than tell-all…" (Forbes, 2 October 2002) "…would put a shiver into anyone responsible for looking after valuable computer data…the exploits are fictional but realistic…the book is about hacking peoples heads…" (The Independent, 21 October 2002) "…the key strength of The Art of Deception is the stream of anecdotes - with explanations about how and why hacks succeed…provides a solid basis for staff training on security…" (Information Age, October 2002) "…should be on the list of required reading. Mitnick has done an effective job of showing exactly what the greatest threat of attack is - people and their human nature…" (Unix Review, 18 October 2002 "…disturbingly convincing…" (Fraud Watch, Vol.10, No.5, 2002 "…the worlds most authoritative handbook…an unputdownable succession of case studies…chilling…trust me, Kevin Mitnick is right…" (Business a.m, 29 October 2002) "…a damn good read…I would expect to see it as required reading on courses that cover business security…Should you read this book? On several levels the answer has to be yes. If you run your own business, work in one, or just want a good read, this is worth it…" (Acorn User, 29 October 2002) "...the analysis of individual cases is carried out thoroughly...ultimately, the value of the book is that it may encourage security managers to be more assiduous in teaching their staff to check the identities of the people they deal with, and better corporate security will be the result..." (ITWeek, 1 November 2002) "...a penetrating insight into the forgotten side of computer security..." (IT Week, 4 November 2002) "...a highly entertaining read...Mitnick has a laid-back style which makes the book easy to read and of great interest, even to those of us who have no interest in computers..." (Business Age, September 2002) "...one of the hacker gurus of our time...makes it abundantly clear that everyone can be fooled and cheated by the professionals...." (The Times Higher Education Supplement, 15 November 2002) "...focuses on teaching companies how to defeat someone like him…full of specific examples of the ways apparently innocent bits of information can be stitched together to mount a comprehensive attack on an organisation's most prized information..." (New Scientist, 23 November 2002) "...all simple things, little titbits of seemingly innocuous information, which when gathered together give the hacker the power to cripple the biggest corporation or the smallest home business..." (New Media Age, 14 November 2002) "…highly acclaimed…a fascinating account…" (Information Security Management, November 2002) "...His new book, The Art of Deception, presents itself as a manual to help companies defeat hackers..." Also listed in recommended reading list (The Guardian, 13 December 2002) “…gets it’s point across and contains some valuable pointers…”(MacFormat, January 2003) “…supremely educational…a sexy way to hammer home a relevant point…what makes it sing is the clear information that Mitnick brings to the table…”(Business Week, 8 January 2003) “…Indispensable…”(Focus, February 2003) "...incredibly intriguing...a superb book which would be beneficial for anyone to read..." (Telecomworldwire, 4 February 2003) "...a good overview of one of the most neglected aspects of computer security..." (Technology and Society, 7 February 2003) "...fascinating to read...should strike fear into the hearts of commercial computer security departments..." (Business Week, 3 September 2003) "...a penetrating insight into the forgotten side of computer security..." (Accountancy Age, 19 February 2003) Top 10 Popular Science Books (New Scientist, 21 February f2003) "...should be assigned as required reading in every IT department...excellent advice..." (Electronic Commerce Guide, 12 February 2003) “…an interesting and educational read for anyone with a role to play in corporate security…”(Computer Business Review, 6 March 2003) “…if you were not having security nightmares before, read this book and you certainly will…” (IT Showcase News, 6 March 2003) “….easy to understand and actually fun to read…”(Slashdot, 6 March 2003) “…a good read, well written…” (Managing Information, March 2003) “…structured like a mini detective story series…the unfolding attacks are compulsive reading…” (Aberdeen Evening Express, 7 June 21003) “…a real eye-opener…well written and produced…an easy and valuable read…” (Accounting Web, 19 June 2003) “…a superb book which would be beneficial for anyone to read…” (M2 Best Books, 4 February 2003) “…the insights for earlier chapters are fascinationg, and that alone makes it worth blagging a copy for review…”(Mute, Summer/Autumn 2003) “…a good read, well-written…this accessibility makes it doubly important…” (Managing Information – 5 star rating, October 2003)Table of ContentsForeword. Preface. Introduction. Part 1: Behind the Scenes. Chapter 1: Security's Weakest Link. Part 2: The Art of the Attacker. Chapter 2: When Innocuous Information Isn't. Chapter 3: The Direct Attack: Just Asking for It. Chapter 4: Building Trust. Chapter 5: "Let Me Help You". Chapter 6: "Can You Help Me?". Chapter 7: Phony Sites and Dangerous Attachments. Chapter 8: Using Sympathy, Guilt, and Intimidation. Chapter 9: The Reverse Sting. Part 3: Intruder Alert. Chapter 10: Entering the Premises. Chapter 11: Combining Technology and Social Engineering. Chapter 12: Attacks on the Entry-Level Employee. Chapter 13: Clever Cons. Chapter 14: Industrial Espionage. Part 4: Raising the Bar. Chapter 15: Information Security Awareness and Training. Chapter 16: Recommended Corporate Information Security Policies. Security at a Glance. Sources. Acknowledgements. Index.

Read more less

Book SynopsisSSH is a popular protocol for securing your network connections. It's reliable, robust, and reasonably easy to use, and both free and commercial implementations are widely available for most operating systems. Everything you want to know about SSH is in our updated second edition of 'SSH, the Secure Shell: The Definitive Guide'.Trade Review"Still the best SSH book out there by a long shot, but too much on Tectia and not enough on OpenSSH 4." - Paul Hudson, Linux Format, October 2005 "The authors manage to convey what SSH is all about as a concept and how to use it in the real world with equal aplomb, and highly technical configuration details are explained with clarity. They are happy to related how to integrate SSH into non-Unix clients, which makes a pleasant change from the typical Unix gurus who write books such as this. Whenever with see the words "definitive guide' included in the title of a book, we usually prepare ourselves for something far from it. The exception being when O'Reilly are the publishers, and this SSH guide is certainly as definitive as any you are likely to read. And read it you should if you are seriously involved with network security." Davey Winder, PC Plus, November 2005Table of ContentsPreface 1. Introduction to SSH 1.1 What Is SSH? 1.2 What SSH Is Not 1.3 The SSH Protocol 1.4 Overview of SSH Features; 1.5 History of SSH 1.6 Related Technologies 1.7 Summary; 2. Basic Client Use 2.1 A Running Example 2.2 Remote Terminal Sessions with ssh 2.3 Adding Complexity to the Example; 2.4 Authentication by Cryptographic Key 2.5 The SSH Agent; 2.6 Connecting Without a Password or Passphrase 2.7 Miscellaneous Clients 2.8 Summary 3. Inside SSH 3.1 Overview of Features 3.2 A Cryptography Primer 3.3 The Architecture of an SSH System 3.4 Inside SSH-2 3.5 Inside SSH-1; 3.6 Implementation Issues 3.7 SSH and File Transfers (scp and sftp) 3.8 Algorithms Used by SSH 3.9 Threats SSH Can Counter; 3.10 Threats SSH Doesn't Prevent 3.11 Threats Caused by SSH; 3.12 Summary 4. Installation and Compile-Time Configuration; 4.1. Overview 4.2 Installing OpenSSH 4.3 Installing Tectia; 4.4 Software Inventory 4.5 Replacing r-Commands with SSH; 4.6 Summary 5. Serverwide Configuration 5.1 Running the Server 5.2 Server Configuration: An Overview 5.3 Getting Ready: Initial Setup 5.4 Authentication: Verifying Identities; 5.5 Access Control: Letting People In 5.6 User Logins and Accounts 5.7 Forwarding 5.8 Subsystems 5.9 Logging and Debugging 5.10 Compatibility Between SSH-1 and SSH-2 Servers; 5.11 Summary 6. Key Management and Agents 6.1 What Is an Identity? 6.2 Creating an Identity 6.3 SSH Agents; 6.4 Multiple Identities 6.5 PGP Authentication in Tectia; 6.6 Tectia External Keys 6.7 Summary 7. Advanced Client Use; 7.1 How to Configure Clients 7.2 Precedence 7.3 Introduction to Verbose Mode 7.4 Client Configuration in Depth 7.5 Secure Copy with scp 7.6 Secure, Interactive Copy with sftp 7.7 Summary 8. Per-Account Server Configuration 8.1 Limits of This Technique 8.2 Public-Key-Based Configuration 8.3 Hostbased Access Control 8.4 The User rc File 8.5 Summary; 9. Port Forwarding and X Forwarding 9.1 What Is Forwarding?; 9.2 Port Forwarding 9.3 Dynamic Port Forwarding 9.4 X Forwarding 9.5 Forwarding Security: TCP-wrappers and libwrap; 9.6 Summary 10. A Recommended Setup 10.1 The Basics; 10.2 Compile-Time Configuration 10.3 Serverwide Configuration; 10.4 Per-Account Configuration 10.5 Key Management 10.6 Client Configuration 10.7 Remote Home Directories (NFS, AFS); 10.8 Summary 11. Case Studies 11.1 Unattended SSH: Batch or cron Jobs 11.2 FTP and SSH 11.3 Pine, IMAP, and SSH; 11.4 Connecting Through a Gateway Host 11.5 Scalable Authentication for SSH 11.6 Tectia Extensions to Server Configuration Files 11.7 Tectia Plugins 12. Troubleshooting and FAQ 12.1 Debug Messages: Your First Line of Defense; 12.2 Problems and Solutions 12.3 Other SSH Resources; 13. Overview of Other Implementations 13.1 Common Features; 13.2 Covered Products 13.3 Other SSH Products 14. OpenSSH for Windows 14.1 Installation 14.2 Using the SSH Clients 14.3 Setting Up the SSH Server 14.4 Public-Key Authentication; 14.5 Troubleshooting 14.6 Summary 15. OpenSSH for Macintosh; 15.1 Using the SSH Clients 15.2 Using the OpenSSH Server; 16. Tectia for Windows 16.1 Obtaining and Installing 16.2 Basic Client Use 16.3 Key Management 16.4 Accession Lite; 16.5 Advanced Client Use 16.6 Port Forwarding 16.7 Connector; 16.8 File Transfers 16.9 Command-Line Programs 16.10 Troubleshooting 16.11 Server17. SecureCRT and SecureFX for Windows 17.1 Obtaining and Installing 17.2 Basic Client Use 17.3 Key Management 17.4 Advanced Client Use 17.5 Forwarding; 17.6 Command-Line Client Programs 17.7 File Transfer 17.8 Troubleshooting 17.9 VShell 17.10 Summary 18. PuTTY for Windows 18.1 Obtaining and Installing 18.2 Basic Client Use; 18.3 File Transfer 18.4 Key Management 18.5 Advanced Client Use 18.6 Forwarding 18.7 Summary; A. OpenSSH 4.0 New Features; B. Tectia Manpage for sshregex; C. Tectia Module Names for Debugging; D. SSH-1 Features of OpenSSH and Tectia; E. SSH Quick Reference Index

Read more less

Book SynopsisSince 2004, built-in security measures on compilers and operating systems have become commonplace. The black hats have kept up with security enhancements. Have you?Table of ContentsAbout the Authors vii Acknowledgments xi Introduction to the Second Edition xxiii Part I Introduction to Exploitation: Linux on X 86 Chapter 1 Before You Begin 3 Basic Concepts 3 Memory Management 4 Assembly 6 Recognizing C and C++ Code Constructs in Assembly 7 Conclusion 10 Chapter 2 Stack Overflows 11 Buffers 12 The Stack 13 Functions and the Stack 15 Overflowing Buffers on the Stack 18 Controlling EIP 22 An Interesting Diversion 23 Using an Exploit to Get Root Privileges 25 The Address Problem 27 The NOP Method 33 Defeating a Non-Executable Stack 35 Return to libc 35 Conclusion 39 Chapter 3 Shellcode 41 Understanding System Calls 42 Writing Shellcode for the exit() Syscall 44 Injectable Shellcode 48 Spawning a Shell 50 Conclusion 59 Chapter 4 Introduction to Format String Bugs 61 Prerequisites 61 What Is a Format String? 61 What Is a Format String Bug? 63 Format String Exploits 68 Crashing Services 69 Information Leakage 70 Controlling Execution for Exploitation 75 Why Did This Happen? 84 Format String Technique Roundup 85 Conclusion 88 Chapter 5 Introduction to Heap Overflows 89 What Is a Heap? 90 How a Heap Works 91 Finding Heap Overflows 91 Basic Heap Overflows 93 Intermediate Heap Overflows 98 Advanced Heap Overflow Exploitation 105 Conclusion 107 Part II other Platforms—windows, Solaris, OS/X, and Cisco Chapter 6 The Wild World of Windows 111 How Does Windows Differ from Linux? 111 Win32 API and PE-COFF 112 Heaps 114 Threading 115 The Genius and Idiocy of the Distributed Common Object Model and DCE-RPC 116 Recon 118 Exploitation 120 Tokens and Impersonation 120 Exception Handling under Win 32 122 Debugging Windows 124 Bugs in Win 32 124 Writing Windows Shellcode 125 A Hacker’s Guide to the Win32 API 126 A Windows Family Tree from the Hacker’s Perspective 126 Conclusion 127 Chapter 7 Windows Shellcode 129 Syntax and Filters 129 Setting Up 131 Parsing the PEB 132 Heapoverflow.c Analysis 132 Searching with Windows Exception Handling 148 Popping a Shell 153 Why You Should Never Pop a Shell on Windows 153 Conclusion 154 Chapter 8 Windows Overflows 155 Stack-Based Buffer Overflows 156 Frame-Based Exception Handlers 156 Abusing Frame-Based Exception Handling on Windows 2003 Server 161 A Final Note about Frame-Based Handler Overwrites 166 Stack Protection and Windows 2003 Server 166 Heap-Based Buffer Overflows 173 The Process Heap 173 Dynamic Heaps 173 Working with the Heap 173 How the Heap Works 174 Exploiting Heap-Based Overflows 178 Overwrite Pointer to RtlEnterCriticalSection in the PEB 178 Overwrite Pointer to Unhandled Exception Filter 185 Repairing the Heap 191 Other Aspects of Heap-Based Overflows 193 Wrapping Up the Heap 194 Other Overflows 194 .data Section Overflows 194 TEB/PEB Overflows 196 Exploiting Buffer Overflows and Non-Executable Stacks 197 Conclusion 203 Chapter 9 Overcoming Filters 205 Writing Exploits for Use with an Alphanumeric Filter 205 Writing Exploits for Use with a Unicode Filter 209 What Is Unicode? 210 Converting from ASCII to Unicode 210 Exploiting Unicode-Based Vulnerabilities 211 The Available Instruction Set in Unicode Exploits 212 The Venetian Method 213 An ASCII Venetian Implementation 214 Decoder and Decoding 218 The Decoder Code 219 Getting a Fix on the Buffer Address 220 Conclusion 221 Chapter 10 Introduction to Solaris Exploitation 223 Introduction to the SPARC Architecture 224 Registers and Register Windows 224 The Delay Slot 227 Synthetic Instructions 228 Solaris/SPARC Shellcode Basics 228 Self-Location Determination and SPARC Shellcode 228 Simple SPARC exec Shellcode 229 Useful System Calls on Solaris 230 NOP and Padding Instructions 231 Solaris/SPARC Stack Frame Introduction 231 Stack-Based Overflow Methodologies 232 Arbitrary Size Overflow 232 Register Windows and Stack Overflow Complications 233 Other Complicating Factors 233 Possible Solutions 234 Off-By-One Stack Overflow Vulnerabilities 234 Shellcode Locations 235 Stack Overflow Exploitation In Action 236 The Vulnerable Program 236 The Exploit 238 Heap-Based Overflows on Solaris/SPARC 241 Solaris System V Heap Introduction 242 Heap Tree Structure 242 Basic Exploit Methodology (t_delete) 263 Standard Heap Overflow Limitations 266 Targets for Overwrite 267 Other Heap-Related Vulnerabilities 270 Off-by-One Overflows 270 Double Free Vulnerabilities 270 Arbitrary Free Vulnerabilities 271 Heap Overflow Example 271 The Vulnerable Program 272 Other Solaris Exploitation Techniques 276 Static Data Overflows 276 Bypassing the Non-Executable Stack Protection 276 Conclusion 277 Chapter 11 Advanced Solaris Exploitation 279 Single Stepping the Dynamic Linker 281 Various Style Tricks for Solaris SPARC Heap Overflows 296 Advanced Solaris/SPARC Shellcode 299 Conclusion 311 Chapter 12 OS X Shellcode 313 OS X Is Just BSD, Right? 314 Is OS X Open Source? 314 OS X for the Unix-aware 315 Password Cracking 316 OS X PowerPC Shellcode 316 OS X Intel Shellcode 324 Example Shellcode 326 ret2libc 327 ret2str(l)cpy 329 OS X Cross-Platform Shellcode 332 OS X Heap Exploitation 333 Bug Hunting on OS X 335 Some Interesting Bugs 335 Essential Reading for OS X Exploits 337 Conclusion 338 Chapter 13 Cisco IOS Exploitation 339 An Overview of Cisco IOS 339 Hardware Platforms 340 Software Packages 340 IOS System Architecture 343 Vulnerabilities in Cisco IOS 346 Protocol Parsing Code 347 Services on the Router 347 Security Features 348 The Command-Line Interface 348 Reverse Engineering IOS 349 Taking the Images Apart 349 Diffing IOS Images 350 Runtime Analysis 351 Exploiting Cisco IOS 357 Stack Overflows 357 Heap Overflows 359 Shellcodes 364 Conclusion 373 Chapter 14 Protection Mechanisms 375 Protections 375 Non-Executable Stack 376 W^X (Either Writable or Executable) Memory 381 Stack Data Protection 388 AAAS: ASCII Armored Address Space 394 ASLR: Address Space Layout Randomization 396 Heap Protections 399 Windows SEH Protections 407 Other Protections 411 Implementation Differences 413 Windows 413 Linux 417 OpenBSD 421 Mac OS X 422 Solaris 423 Conclusion 425 Part III Vulnerability Discovery Chapter 15 Establishing a Working Environment 429 What You Need for Reference 430 What You Need for Code 430 gcc 430 gdb 430 NASM 431 WinDbg 431 OllyDbg 431 Visual C++ 431 Python 432 What You Need for Investigation 432 Useful Custom Scripts/Tools 432 All Platforms 434 Unix 434 Windows 435 What You Need to Know 436 Paper Archives 438 Optimizing Shellcode Development 439 Plan the Exploit 439 Write the Shellcode in Inline Assembler 439 Maintain a Shellcode Library 441 Make It Continue Nicely 441 Make the Exploit Stable 442 Make It Steal the Connection 443 Conclusion 443 Chapter 16 Fault Injection 445 Design Overview 447 Input Generation 447 Fault Injection 450 Modification Engines 450 Fault Delivery 455 Nagel Algorithm 455 Timing 455 Heuristics 456 Stateless versus State-Based Protocols 456 Fault Monitoring 456 Using a Debugger 457 FaultMon 457 Putting It Together 458 Conclusion 459 Chapter 17 The Art of Fuzzing 461 General Theory of Fuzzing 461 Static Analysis versus Fuzzing 466 Fuzzing Is Scalable 466 Weaknesses in Fuzzers 468 Modeling Arbitrary Network Protocols 469 Other Fuzzer Possibilities 469 Bit Flipping 469 Modifying Open Source Programs 470 Fuzzing with Dynamic Analysis 470 Spike 471 What Is a Spike? 471 Why Use the SPIKE Data Structure to Model Network Protocols? 472 Other Fuzzers 480 Conclusion 480 Chapter 18 Source Code Auditing: Finding Vulnerabilities in C-Based Languages 481 Tools 482 Cscope 482 Ctags 483 Editors 483 Cbrowser 484 Automated Source Code Analysis Tools 484 Methodology 485 Top-Down (Specific) Approach 485 Bottom-Up Approach 485 Selective Approach 485 Vulnerability Classes 486 Generic Logic Errors 486 (Almost) Extinct Bug Classes 487 Format Strings 487 Generic Incorrect Bounds-Checking 489 Loop Constructs 490 Off-by-One Vulnerabilities 490 Non-Null Termination Issues 492 Skipping Null-Termination Issues 493 Signed Comparison Vulnerabilities 494 Integer-Related Vulnerabilities 495 Different-Sized Integer Conversions 497 Double Free Vulnerabilities 498 Out-of-Scope Memory Usage Vulnerabilities 499 Uninitialized Variable Usage 499 Use After Free Vulnerabilities 500 Multithreaded Issues and Re-Entrant Safe Code 500 Beyond Recognition: A Real Vulnerability versus a Bug 501 Conclusion 501 Chapter 19 Instrumented Investigation: A Manual Approach 503 Philosophy 503 Oracle extproc Overflow 504 Common Architectural Failures 508 Problems Happen at Boundaries 508 Problems Happen When Data Is Translated 509 Problems Cluster in Areas of Asymmetry 511 Problems Occur When Authentication and Authorization Are Confused 512 Problems Occur in the Dumbest Places 512 Bypassing Input Validation and Attack Detection 513 Stripping Bad Data 513 Using Alternate Encodings 514 Using File-Handling Features 515 Evading Attack Signatures 517 Defeating Length Limitations 517 Windows 2000 SNMP DOS 520 Finding DOS Attacks 521 SQL-UDP 522 Conclusion 523 Chapter 20 Tracing for Vulnerabilities 525 Overview 526 A Vulnerable Program 527 Component Design 529 Building VulnTrace 538 Using VulnTrace 543 Advanced Techniques 546 Conclusion 548 Chapter 21 Binary Auditing: Hacking Closed Source Software 549 Binary versus Source-Code Auditing: The Obvious Differences 550 IDA Pro—The Tool of the Trade 550 Features: A Quick Crash Course 551 Debugging Symbols 552 Binary Auditing Introduction 552 Stack Frames 552 Calling Conventions 554 Compiler-Generated Code 556 memcpy-Like Code Constructs 560 strlen-Like Code Constructs 560 C++ Code Constructs 561 The this Pointer 561 Reconstructing Class Definitions 562 vtables 562 Quick but Useful Tidbits 563 Manual Binary Analysis 563 Quick Examination of Library Calls 564 Suspicious Loops and Write Instructions 564 Higher-Level Understanding and Logic Bugs 565 Graphical Analysis of Binaries 566 Manual Decompilation 566 Binary Vulnerability Examples 566 Microsoft SQL Server Bugs 566 LSD’s RPC-DCOM Vulnerability 567 IIS WebDAV Vulnerability 568 Conclusion 570 Part IV Advanced Materials Chapter 22 Alternative Payload Strategies 573 Modifying the Program 574 The SQL Server 3-Byte Patch 575 The MySQL 1-Bit Patch 578 OpenSSH RSA Authentication Patch 580 Other Runtime Patching Ideas 581 GPG 1.2.2 Randomness Patch 583 Upload and Run (or Proglet Server) 584 Syscall Proxies 584 Problems with Syscall Proxies 587 Conclusion 596 Chapter 23 Writing Exploits that Work in the Wild 597 Factors in Unreliability 597 Magic Numbers 597 Versioning 598 Shellcode Problems 599 Countermeasures 601 Preparation 602 Brute Forcing 602 Local Exploits 603 OS/Application Fingerprinting 603 Information Leaks 605 Conclusion 606 Chapter 24 Attacking Database Software 607 Network Layer Attacks 608 Application Layer Attacks 618 Running Operating System Commands 619 Microsoft SQL Server 619 Oracle 620 IBM DB 2 621 Exploiting Overruns at the SQL Level 623 SQL Functions 623 Conclusion 625 Chapter 25 Unix Kernel Overflows 627 Kernel Vulnerability Types 627 0day Kernel Vulnerabilities 636 OpenBSD exec_ibcs2_coff_prep_zmagic() Stack Overflow 636 The Vulnerability 638 Solaris vfs_getvfssw() Loadable Kernel Module Traversal Vulnerability 642 The sysfs() System Call 644 The mount() System Call 645 Conclusion 646 Chapter 26 Exploiting Unix Kernel Vulnerabilities 647 The exec_ibcs2_coff_prep_zmagic() Vulnerability 647 Calculating Offsets and Breakpoints 652 Overwriting the Return Address and Redirecting Execution 654 Locating the Process Descriptor (or the Proc Structure) 655 Kernel Mode Payload Creation 658 Returning Back from Kernel Payload 659 Getting root (uid=0) 665 Solaris vfs_getvfssw() Loadable Kernel Module Path Traversal Exploit 672 Crafting the Exploit 673 The Kernel Module to Load 674 Getting root (uid=0) 678 Conclusion 678 Chapter 27 Hacking the Windows Kernel 681 Windows Kernel Mode Flaws—An Increasingly Hunted Species 681 Introduction to the Windows Kernel 682 Common Kernel-Mode Programming Flaws 683 Stack Overflows 684 Heap Overflows 688 Insufficient Validation of User-Mode Addresses 688 Repurposing Attacks 689 Shared Object Attacks 689 Windows System Calls 690 Understanding System Calls 690 Attacking System Calls 692 Communicating with Device Drivers 693 I/O Control Code Components 693 Finding Flaws in IOCTL Handlers 694 Kernel-Mode Payloads 695 Elevating a User-Mode Process 696 Running an Arbitrary User-Mode Payload 699 Subverting Kernel Security 701 Installing a Rootkit 703 Essential Reading for Kernel Shellcoders 703 Conclusion 704 Index 705

Read more less

Book SynopsisTable of ContentsPreface xvii Acknowledgment xxvii 1 A Comprehensive Study of Security Issues and Research Challenges in Different Layers of Service-Oriented IoT Architecture 1 Ankur O. Bang, Udai Pratap Rao and Amit A. Bhusari 1.1 Introduction and Related Work 2 1.2 IoT: Evolution, Applications and Security Requirements 4 1.2.1 IoT and Its Evolution 5 1.2.2 Different Applications of IoT 5 1.2.3 Different Things in IoT 7 1.2.4 Security Requirements in IoT 8 1.3 Service-Oriented IoT Architecture and IoT Protocol Stack 10 1.3.1 Service-Oriented IoT Architecture 10 1.3.2 IoT Protocol Stack 11 1.3.2.1 Application Layer Protocols 12 1.3.2.2 Transport Layer Protocols 13 1.3.2.3 Network Layer Protocols 15 1.3.2.4 Link Layer and Physical Layer Protocols 16 1.4 Anatomy of Attacks on Service-Oriented IoT Architecture 24 1.4.1 Attacks on Software Service 24 1.4.1.1 Operating System–Level Attacks 24 1.4.1.2 Application-Level Attacks 25 1.4.1.3 Firmware-Level Attacks 25 1.4.2 Attacks on Devices 26 1.4.3 Attacks on Communication Protocols 26 1.4.3.1 Attacks on Application Layer Protocols 26 1.4.3.2 Attacks on Transport Layer Protocols 28 1.4.3.3 Attacks on Network Layer Protocols 28 1.4.3.4 Attacks on Link and Physical Layer Protocols 30 1.5 Major Security Issues in Service-Oriented IoT Architecture 31 1.5.1 Application – Interface Layer 32 1.5.2 Service Layer 33 1.5.3 Network Layer 33 1.5.4 Sensing Layer 34 1.6 Conclusion 35 References 36 2 Quantum and Post-Quantum Cryptography 45 Om Pal, Manoj Jain, B.K. Murthy and Vinay Thakur 2.1 Introduction 46 2.2 Security of Modern Cryptographic Systems 46 2.2.1 Classical and Quantum Factoring of A Large Number 47 2.2.2 Classical and Quantum Search of An Item 49 2.3 Quantum Key Distribution 49 2.3.1 BB84 Protocol 50 2.3.1.1 Proposed Key Verification Phase for BB84 51 2.3.2 E91 Protocol 51 2.3.3 Practical Challenges of Quantum Key Distribution 52 2.3.4 Multi-Party Quantum Key Agreement Protocol 53 2.4 Post-Quantum Digital Signature 53 2.4.1 Signatures Based on Lattice Techniques 54 2.4.2 Signatures Based on Multivariate Quadratic Techniques 55 2.4.3 Hash-Based Signature Techniques 55 2.5 Conclusion and Future Directions 55 References 56 3 Artificial Neural Network Applications in Analysis of Forensic Science 59 K.R. Padma and K.R. Don 3.1 Introduction 60 3.2 Digital Forensic Analysis Knowledge 61 3.3 Answer Set Programming in Digital Investigations 61 3.4 Data Science Processing with Artificial Intelligence Models 63 3.5 Pattern Recognition Techniques 63 3.6 ANN Applications 65 3.7 Knowledge on Stages of Digital Forensic Analysis 65 3.8 Deep Learning and Modelling 67 3.9 Conclusion 68 References 69 4 A Comprehensive Survey of Fully Homomorphic Encryption from Its Theory to Applications 73 Rashmi Salavi, Dr. M. M. Math and Dr. U. P. Kulkarni 4.1 Introduction 73 4.2 Homomorphic Encryption Techniques 76 4.2.1 Partial Homomorphic Encryption Schemes 77 4.2.2 Fully Homomorphic Encryption Schemes 78 4.3 Homomorphic Encryption Libraries 79 4.4 Computations on Encrypted Data 83 4.5 Applications of Homomorphic Encryption 85 4.6 Conclusion 86 References 87 5 Understanding Robotics through Synthetic Psychology 91 Garima Saini and Dr. Shabnam 5.1 Introduction 91 5.2 Physical Capabilities of Robots 92 5.2.1 Artificial Intelligence and Neuro Linguistic Programming (NLP) 93 5.2.2 Social Skill Development and Activity Engagement 93 5.2.3 Autism Spectrum Disorders 93 5.2.4 Age-Related Cognitive Decline and Dementia 94 5.2.5 Improving Psychosocial Outcomes through Robotics 94 5.2.6 Clients with Disabilities and Robotics 94 5.2.7 Ethical Concerns and Robotics 95 5.3 Traditional Psychology, Neuroscience and Future Robotics 95 5.4 Synthetic Psychology and Robotics: A Vision of the Future 97 5.5 Synthetic Psychology: The Foresight 98 5.6 Synthetic Psychology and Mathematical Optimization 99 5.7 Synthetic Psychology and Medical Diagnosis 99 5.7.1 Virtual Assistance and Robotics 100 5.7.2 Drug Discovery and Robotics 100 5.8 Conclusion 101 References 101 6 An Insight into Digital Forensics: History, Frameworks, Types and Tools 105 G Maria Jones and S Godfrey Winster 6.1 Overview 105 6.2 Digital Forensics 107 6.2.1 Why Do We Need Forensics Process? 107 6.2.2 Forensics Process Principles 108 6.3 Digital Forensics History 108 6.3.1 1985 to 1995 108 6.3.2 1995 to 2005 109 6.3.3 2005 to 2015 110 6.4 Evolutionary Cycle of Digital Forensics 111 6.4.1 Ad Hoc 111 6.4.2 Structured Phase 111 6.4.3 Enterprise Phase 112 6.5 Stages of Digital Forensics Process 112 6.5.1 Stage 1 - 1995 to 2003 112 6.5.2 Stage II - 2004 to 2007 113 6.5.3 Stage III - 2007 to 2014 114 6.6 Types of Digital Forensics 115 6.6.1 Cloud Forensics 116 6.6.2 Mobile Forensics 116 6.6.3 IoT Forensics 116 6.6.4 Computer Forensics 117 6.6.5 Network Forensics 117 6.6.6 Database Forensics 118 6.7 Evidence Collection and Analysis 118 6.8 Digital Forensics Tools 119 6.8.1 X-Ways Forensics 119 6.8.2 SANS Investigative Forensics Toolkit – SIFT 119 6.8.3 EnCase 119 6.8.4 The Sleuth Kit/Autopsy 122 6.8.5 Oxygen Forensic Suite 122 6.8.6 Xplico 122 6.8.7 Computer Online Forensic Evidence Extractor (COFEE) 122 6.8.8 Cellebrite UFED 122 6.8.9 OSForeniscs 123 6.8.10 Computer-Aided Investigative Environment (CAINE) 123 6.9 Summary 123 References 123 7 Digital Forensics as a Service: Analysis for Forensic Knowledge 127 Soumi Banerjee, Anita Patil, Dipti Jadhav and Gautam Borkar 7.1 Introduction 127 7.2 Objective 128 7.3 Types of Digital Forensics 129 7.3.1 Network Forensics 129 7.3.2 Computer Forensics 142 7.3.3 Data Forensics 147 7.3.4 Mobile Forensics 149 7.3.5 Big Data Forensics 154 7.3.6 IoT Forensics 155 7.3.7 Cloud Forensics 157 7.4 Conclusion 161 References 161 8 4S Framework: A Practical CPS Design Security Assessment & Benchmarking Framework 163 Neel A. Patel, Dhairya A. Parekh, Yash A. Shah and Ramchandra Mangrulkar 8.1 Introduction 164 8.2 Literature Review 166 8.3 Medical Cyber Physical System (MCPS) 170 8.3.1 Difference between CPS and MCPS 171 8.3.2 MCPS Concerns, Potential Threats, Security 171 8.4 CPSSEC vs. Cyber Security 172 8.5 Proposed Framework 173 8.5.1 4S Definitions 174 8.5.2 4S Framework-Based CPSSEC Assessment Process 175 8.5.3 4S Framework-Based CPSSEC Assessment Score Breakdown & Formula 181 8.6 Assessment of Hypothetical MCPS Using 4S Framework 187 8.6.1 System Description 187 8.6.2 Use Case Diagram for the Above CPS 188 8.6.3 Iteration 1 of 4S Assessment 189 8.6.4 Iteration 2 of 4S Assessment 195 8.7 Conclusion 200 8.8 Future Scope 201 References 201 9 Ensuring Secure Data Sharing in IoT Domains Using Blockchain 205 Tawseef Ahmed Teli, Rameez Yousuf and Dawood Ashraf Khan 9.1 IoT and Blockchain 205 9.1.1 Public 208 9.1.1.1 Proof of Work (PoW) 209 9.1.1.2 Proof of Stake (PoS) 209 9.1.1.3 Delegated Proof of Stake (DPoS) 210 9.1.2 Private 210 9.1.3 Consortium or Federated 210 9.2 IoT Application Domains and Challenges in Data Sharing 211 9.3 Why Blockchain? 214 9.4 IoT Data Sharing Security Mechanism On Blockchain 216 9.4.1 Double-Chain Mode Based On Blockchain Technology 216 9.4.2 Blockchain Structure Based On Time Stamp 217 9.5 Conclusion 219 References 219 10 A Review of Face Analysis Techniques for Conventional and Forensic Applications 223 Chethana H.T. and Trisiladevi C. Nagavi 10.1 Introduction 224 10.2 Face Recognition 225 10.2.1 Literature Review on Face Recognition 226 10.2.2 Challenges in Face Recognition 228 10.2.3 Applications of Face Recognition 229 10.3 Forensic Face Recognition 229 10.3.1 Literature Review on Face Recognition for Forensics 231 10.3.2 Challenges of Face Recognition in Forensics 233 10.3.3 Possible Datasets Used for Forensic Face Recognition 235 10.3.4 Fundamental Factors for Improving Forensics Science 235 10.3.5 Future Perspectives 237 10.4 Conclusion 238 References 238 11 Roadmap of Digital Forensics Investigation Process with Discovery of Tools 241 Anita Patil, Soumi Banerjee, Dipti Jadhav and Gautam Borkar 11.1 Introduction 242 11.2 Phases of Digital Forensics Process 244 11.2.1 Phase I - Identification 244 11.2.2 Phase II - Acquisition and Collection 245 11.2.3 Phase III - Analysis and Examination 245 11.2.4 Phase IV - Reporting 245 11.3 Analysis of Challenges and Need of Digital Forensics 246 11.3.1 Digital Forensics Process has following Challenges 246 11.3.2 Needs of Digital Forensics Investigation 247 11.3.3 Other Common Attacks Used to Commit the Crime 248 11.4 Appropriateness of Forensics Tool 248 11.4.1 Level of Skill 248 11.4.2 Outputs 252 11.4.3 Region of Emphasis 252 11.4.4 Support for Additional Hardware 252 11.5 Phase-Wise Digital Forensics Techniques 253 11.5.1 Identification 253 11.5.2 Acquisition 254 11.5.3 Analysis 256 11.5.3.1 Data Carving 257 11.5.3.2 Different Curving Techniques 259 11.5.3.3 Volatile Data Forensic Toolkit Used to Collect and Analyze the Data from Device 260 11.5.4 Report Writing 265 11.6 Pros and Cons of Digital Forensics Investigation Process 266 11.6.1 Advantages of Digital Forensics 266 11.6.2 Disadvantages of Digital Forensics 266 11.7 Conclusion 267 References 267 12 Utilizing Machine Learning and Deep Learning in Cybesecurity: An Innovative Approach 271 Dushyant Kaushik, Muskan Garg, Annu, Ankur Gupta and Sabyasachi Pramanik 12.1 Introduction 271 12.1.1 Protections of Cybersecurity 272 12.1.2 Machine Learning 274 12.1.3 Deep Learning 276 12.1.4 Machine Learning and Deep Learning: Similarities and Differences 278 12.2 Proposed Method 281 12.2.1 The Dataset Overview 282 12.2.2 Data Analysis and Model for Classification 283 12.3 Experimental Studies and Outcomes Analysis 283 12.3.1 Metrics on Performance Assessment 284 12.3.2 Result and Outcomes 285 12.3.2.1 Issue 1: Classify the Various Categories of Feedback Related to the Malevolent Code Provided 285 12.3.2.2 Issue 2: Recognition of the Various Categories of Feedback Related to the Malware Presented 286 12.3.2.3 Issue 3: According to the Malicious Code, Distinguishing Various Forms of Malware 287 12.3.2.4 Issue 4: Detection of Various Malware Styles Based on Different Responses 287 12.3.3 Discussion 288 12.4 Conclusions and Future Scope 289 References 292 13 Applications of Machine Learning Techniques in the Realm of Cybersecurity 295 Koushal Kumar and Bhagwati Prasad Pande 13.1 Introduction 296 13.2 A Brief Literature Review 298 13.3 Machine Learning and Cybersecurity: Various Issues 300 13.3.1 Effectiveness of ML Technology in Cybersecurity Systems 300 13.3.2 Machine Learning Problems and Challenges in Cybersecurity 302 13.3.2.1 Lack of Appropriate Datasets 302 13.3.2.2 Reduction in False Positives and False Negatives 302 13.3.2.3 Adversarial Machine Learning 302 13.3.2.4 Lack of Feature Engineering Techniques 303 13.3.2.5 Context-Awareness in Cybersecurity 303 13.3.3 Is Machine Learning Enough to Stop Cybercrime? 304 13.4 ML Datasets and Algorithms Used in Cybersecurity 304 13.4.1 Study of Available ML-Driven Datasets Available for Cybersecurity 304 13.4.1.1 KDD Cup 1999 Dataset (DARPA1998) 305 13.4.1.2 NSL-KDD Dataset 305 13.4.1.3 ECML-PKDD 2007 Discovery Challenge Dataset 305 13.4.1.4 Malicious URL’s Detection Dataset 306 13.4.1.5 ISOT (Information Security and Object Technology) Botnet Dataset 306 13.4.1.6 CTU-13 Dataset 306 13.4.1.7 MAWILab Anomaly Detection Dataset 307 13.4.1.8 ADFA-LD and ADFA-WD Datasets 307 13.4.2 Applications ML Algorithms in Cybersecurity Affairs 307 13.4.2.1 Clustering 309 13.4.2.2 Support Vector Machine (SVM) 309 13.4.2.3 Nearest Neighbor (NN) 309 13.4.2.4 Decision Tree 309 13.4.2.5 Dimensionality Reduction 310 13.5 Applications of Machine Learning in the Realm of Cybersecurity 310 13.5.1 Facebook Monitors and Identifies Cybersecurity Threats with ML 310 13.5.2 Microsoft Employs ML for Security 311 13.5.3 Applications of ML by Google 312 13.6 Conclusions 313 References 313 14 Security Improvement Technique for Distributed Control System (DCS) and Supervisory Control-Data Acquisition (SCADA) Using Blockchain at Dark Web Platform 317 Anand Singh Rajawat, Romil Rawat and Kanishk Barhanpurkar 14.1 Introduction 318 14.2 Significance of Security Improvement in DCS and SCADA 322 14.3 Related Work 323 14.4 Proposed Methodology 324 14.4.1 Algorithms Used for Implementation 327 14.4.2 Components of a Blockchain 327 14.4.3 MERKLE Tree 328 14.4.4 The Technique of Stack and Work Proof 328 14.4.5 Smart Contracts 329 14.5 Result Analysis 329 14.6 Conclusion 330 References 331 15 Recent Techniques for Exploitation and Protection of Common Malicious Inputs to Online Applications 335 Dr. Tun Myat Aung and Ni Ni Hla 15.1 Introduction 335 15.2 SQL Injection 336 15.2.1 Introduction 336 15.2.2 Exploitation Techniques 337 15.2.2.1 In-Band SQL Injection 337 15.2.2.2 Inferential SQL Injection 338 15.2.2.3 Out-of-Band SQL Injection 340 15.2.3 Causes of Vulnerability 340 15.2.4 Protection Techniques 341 15.2.4.1 Input Validation 341 15.2.4.2 Data Sanitization 341 15.2.4.3 Use of Prepared Statements 342 15.2.4.4 Limitation of Database Permission 343 15.2.4.5 Using Encryption 343 15.3 Cross Site Scripting 344 15.3.1 Introduction 344 15.3.2 Exploitation Techniques 344 15.3.2.1 Reflected Cross Site Scripting 345 15.3.2.2 Stored Cross Site Scripting 345 15.3.2.3 DOM-Based Cross Site Scripting 346 15.3.3 Causes of Vulnerability 346 15.3.4 Protection Techniques 347 15.3.4.1 Data Validation 347 15.3.4.2 Data Sanitization 347 15.3.4.3 Escaping on Output 347 15.3.4.4 Use of Content Security Policy 348 15.4 Cross Site Request Forgery 349 15.4.1 Introduction 349 15.4.2 Exploitation Techniques 349 15.4.2.1 HTTP Request with GET Method 349 15.4.2.2 HTTP Request with POST Method 350 15.4.3 Causes of Vulnerability 350 15.4.3.1 Session Cookie Handling Mechanism 350 15.4.3.2 HTML Tag 351 15.4.3.3 Browser’s View Source Option 351 15.4.3.4 GET and POST Method 351 15.4.4 Protection Techniques 351 15.4.4.1 Checking HTTP Referer 351 15.4.4.2 Using Custom Header 352 15.4.4.3 Using Anti-CSRF Tokens 352 15.4.4.4 Using a Random Value for each Form Field 352 15.4.4.5 Limiting the Lifetime of Authentication Cookies 353 15.5 Command Injection 353 15.5.1 Introduction 353 15.5.2 Exploitation Techniques 354 15.5.3 Causes of Vulnerability 354 15.5.4 Protection Techniques 355 15.6 File Inclusion 355 15.6.1 Introduction 355 15.6.2 Exploitation Techniques 355 15.6.2.1 Remote File Inclusion 355 15.6.2.2 Local File Inclusion 356 15.6.3 Causes of Vulnerability 357 15.6.4 Protection Techniques 357 15.7 Conclusion 358 References 358 16 Ransomware: Threats, Identification and Prevention 361 Sweta Thakur, Sangita Chaudhari and Bharti Joshi 16.1 Introduction 361 16.2 Types of Ransomwares 364 16.2.1 Locker Ransomware 364 16.2.1.1 Reveton Ransomware 365 16.2.1.2 Locky Ransomware 366 16.2.1.3 CTB Locker Ransomware 366 16.2.1.4 TorrentLocker Ransomware 366 16.2.2 Crypto Ransomware 367 16.2.2.1 PC Cyborg Ransomware 367 16.2.2.2 OneHalf Ransomware 367 16.2.2.3 GPCode Ransomware 367 16.2.2.4 CryptoLocker Ransomware 368 16.2.2.5 CryptoDefense Ransomware 368 16.2.2.6 CryptoWall Ransomware 368 16.2.2.7 TeslaCrypt Ransomware 368 16.2.2.8 Cerber Ransomware 368 16.2.2.9 Jigsaw Ransomware 369 16.2.2.10 Bad Rabbit Ransomware 369 16.2.2.11 WannaCry Ransomware 369 16.2.2.12 Petya Ransomware 369 16.2.2.13 Gandcrab Ransomware 369 16.2.2.14 Rapid Ransomware 370 16.2.2.15 Ryuk Ransomware 370 16.2.2.16 Lockergoga Ransomware 370 16.2.2.17 PewCrypt Ransomware 370 16.2.2.18 Dhrama/Crysis Ransomware 370 16.2.2.19 Phobos Ransomware 371 16.2.2.20 Malito Ransomware 371 16.2.2.21 LockBit Ransomware 371 16.2.2.22 GoldenEye Ransomware 371 16.2.2.23 REvil or Sodinokibi Ransomware 371 16.2.2.24 Nemty Ransomware 371 16.2.2.25 Nephilim Ransomware 372 16.2.2.26 Maze Ransomware 372 16.2.2.27 Sekhmet Ransomware 372 16.2.3 MAC Ransomware 372 16.2.3.1 KeRanger Ransomware 373 16.2.3.2 Go Pher Ransomware 373 16.2.3.3 FBI Ransom Ransomware 373 16.2.3.4 File Coder 373 16.2.3.5 Patcher 373 16.2.3.6 ThiefQuest Ransomware 374 16.2.3.7 Keydnap Ransomware 374 16.2.3.8 Bird Miner Ransomware 374 16.3 Ransomware Life Cycle 374 16.4 Detection Strategies 376 16.4.1 Unevil 376 16.4.2 Detecting File Lockers 376 16.4.3 Detecting Screen Lockers 377 16.4.4 Connection-Monitor and Connection-Breaker Approach 377 16.4.5 Ransomware Detection by Mining API Call Usage 377 16.4.6 A New Static-Based Framework for Ransomware Detection 377 16.4.7 White List-Based Ransomware Real-Time Detection Prevention (WRDP) 378 16.5 Analysis of Ransomware 378 16.5.1 Static Analysis 379 16.5.2 Dynamic Analysis 379 16.6 Prevention Strategies 380 16.6.1 Access Control 380 16.6.2 Recovery After Infection 380 16.6.3 Trapping Attacker 380 16.7 Ransomware Traits Analysis 380 16.8 Research Directions 384 16.9 Conclusion 384 References 384 Index 389

Read more less

Book SynopsisFrom the authors of the fascinating The Age of Cryptocurrency, comes the definitive work on the Internet's next big thing: the blockchain.Many of the legacy systems' once designed to make our lives easier and our economy more efficient are no longer up to the task; big banks have grown more entrenched, privacy exists only until the next hack, and credit card fraud has become a fact of life. However, there is a way past all this?a new kind of operating system with the potential to revolutionise our economy: the blockchain.In The Truth Machine, Michael J. Casey and Paul Vigna demystify the blockchain and explain why it can restore personal control over our data, assets, and identities; grant billions of excluded people access to the global economy; and shift the balance of power to revive society's faith in itself. They reveal the empowerment possible when self-interested middlemen give way to the transparency of the blockchain, while highlighting the job losses, assertion of special intTrade Review‘The authors ably explain highly technical information in layperson’s terms, and the text is neither too dense nor too basic. Readers may pick this one up for the Bitcoin connection and find themselves fascinated with the blockchain’s potential to change the world’s financial systems for the better.’ ―Booklist ‘With thoughtful and well researched analysis, The Truth Machine leads you through a history of cryptocurrencies and blockchains that reveals the path forward towards a decentralized economy, one in which opportunity and access are widely spread.’ ―Andreas M Antonopoulos, author of Mastering Bitcoin and The Internet of Money series ‘The Truth Machine is a brilliant, beautifully written guide to the blockchain revolution that is redefining “trust” for our increasingly globalized world.’ ―Hernando de Soto, President of the Institute for Liberty and Democracy, author of The Mystery of Capital ‘Casey and Vigna are among the blockchain and digital-currency sector's most important visionaries. They are shaping a new understanding of how we can gain greater personal control over our data, assets, identities and creations to forge a more inclusive, collaborative and innovative society.’ ―Imogen Heap, Grammy award-winning singer-songwriter and founder of Mycelia ‘Casey and Vigna have done it again! It turns out that digital currencies may only be the spark for the next major revolution in business and society. The implications of trust being the blockchain’s real killer app cannot be ignored by any serious investor.’ ―Josh Brown, CEO of Ritholtz Wealth Management, star of CNBC’s The Halftime Report ‘This unparalleled examination of the blockchain landscape will open people's eyes to how a decentralized information system can level the playing field for humanity.’ ―Mariana Dahan, founder and CEO, World Identity Network, first coordinator of The World Bank's Identification for Development (ID4D) Initiative

Read more less

Book SynopsisTrade Review"The editor, John Vacca, has pulled together contributions from a large number of experts into a massive tome that touches on pretty much every angle of security and privacy. ...it’s hard to think of anyone with any interest in infosecurity who wouldn’t get something out of it. This is the reference work you want on your bookshelf when you need to quickly get a grounding in some new aspect of security." --Network Security NewsletterTable of Contents1. Information Security in the Modern Enterprise 2. Building a Secure Organization 3. A Cryptography Primer 4. Verifying User and Host Identity 5. Detecting System Intrusions 6. Intrusion Detection in Contemporary Environments 7. Preventing System Intrusions 8. Guarding Against Network Intrusions 9. Fault Tolerance and Resilience in Cloud Computing Environments 10. Securing Web Applications, Services and Servers 11. Unix and Linux Security 12. Eliminating the Security Weakness of Linux and Unix Operating Systems 13. Internet Security 14. The Botnet Problem 15. Intranet Security 16. Wireless Network Security 17. Wireless Sensor Network Security 18. Security for the Internet of Things 19. Cellular Network Security 20. RFID Security 21. Information Security Essentials for IT Managers, Protecting Mission-Critical Systems 22. Security Management Systems 23. Policy-Driven System Management 24. Social Engineering Deceptions and Defenses 25. Ethical Hacking 26. What Is Vulnerability Assessment? 27. Security Education, Training, and Awareness 28. Risk Management 29. Insider Threats 30. Disaster Recovery 31. Disaster Recovery Plans for Small and Medium Business (SMB) 32. Security Certification And Standards Implementation 33. Security Policies And Plans Development 34. Cyber Forensics 35. Cyber Forensics and Incident Response 36. Securing eDiscovery 37. Microsoft Office and Metadata Forensics: A Deeper Dive 38. Hard Drive Imaging 39. Satellite Encryption 40. Public Key Infrastructure 41. Context-Aware Multi-Factor Authentication 42. Instant-Messaging Security 43. Online Privacy 44. Privacy-enhancing Technologies 45. Detection Of Conflicts In Security Policies 46. Supporting User Privacy Preferences in Digital Interactions 47. Privacy and Security in Environmental Monitoring Systems: Issues and Solutions 48. Virtual Private Networks 49. VoIP Security 50. Storage Area Networking Devices Security 51. Securing Cloud Computing Systems 52. Cloud Security 53. Private Cloud Security 54. Virtual Private Cloud Security 55. Protecting Virtual Infrastructure 56. SDN and NFV Security 57. Physical Security Essentials 58. Online Identity and User Management Services 59. Intrusion Prevention and Detection Systems 60. Penetration Testing 61. Access Controls 62. Endpoint Security 63. Fundamentals of Cryptography 64. Securing the Infrastructure 65. Cyber Warfare 66. Security Through Diversity 67. Online e-Reputation Management Services 68. Data Loss Protection 69. Satellite Cyber Attack Search and Destroy 70. Advanced Data Encryption Appendices (Online only)

Read more less

Book SynopsisTable of ContentsI. SECURITY FUNDAMENTALS 1.Introduction to Security a.Who are the attackers? i.Categories of threat actors ii.Attributes of actors b.Attack vectors and their causes i.Avenues of attacks ii.Vulnerabilities that create attack vectors iii.Social engineering attacks c.Cybersecurity standards i.Regulations and standards ii.Frameworks iii.Configuration guidelines d.Sources of information i.Threat intelligence sources ii.Research sources 2.Security Evaluations a.Security assessments i.Threat hunting ii.Vulnerability scans iii.Security information and event management (SIEM) iv.Security orchestration, automation, response (SOAR) b.Penetration testing i.What is penetration testing? ii.Types of reconnaissance iii.Exercise types ( II. DEVICE SECURITY 3.Threats and Attacks on Devices a.Attacks using malware i.Circulation ii.Infection iii.Concealment iv.Payload capabilities b.Adversarial AI attacks c.Application attacks i.Web server application attacks ii.Hijacking iii.Overflow attacks iv.Advertising attacks v.Browser vulnerabilities 4.Client and Application Security a.Securing client devices i.Endpoint protection ii.Boot integrity iii.Database protection iv.Hardware and software protection b.Creating and deploying SecDevOps i.Application development ii.Secure coding techniques iii.Code testing 5.Mobile, Embedded and Specialized Device Security a.Securing mobile devices i.Mobile device types and deployment ii.Mobile device risks iii.Securing mobile devices iv.Mobile management tools b.Embedded and IoT device security i.Types of embedded systems ii.IoT devices iii.Specialized devices c.Keeping specialized devices secure i.Vulnerabilities ii.Securing communications III. CRYPTOGRAPHY 6.Basic Cryptography a.Defining cryptography b.Cryptographic algorithms c.Cryptographic attacks d.Using cryptography 7.Advanced Cryptography and PKI a.Implementing cryptography b.Digital certificates c.Public Key Infrastructure (PKI) d.Cryptographic transport protocols IV. NETWORK SECURITY 8.Network Threats, Assessments, and Defenses a.Attacks on networks i.Interception ii.Poisoning iii.Denial of Service b.Assessing network and organizational security i.Network reconnaissance and discovery ii.File manipulation iii.Shell and script environments iv.Packet capture and replay c.Physical security defenses i.External perimeter defenses ii.Internal physical access security iii.Computer hardware security 9.Network Security Design and Technologies a.Security through network devices i.Standard network devices ii.Network security hardware b.Security through architecture and design c.Implementing secure protocols d.Enterprise network security concepts i.Configuration management ii.Data protection 10.Wireless Network Security a.Wireless attacks i.Bluetooth attacks ii.Near field communication attacks iii.Radio frequency identification attacks iv.Wireless local area network attacks b.Vulnerabilities of IEEE wireless security c.Wireless security solutions i.Wi-Fi Protected Access ii.Wi-Fi Protected Access 2 iii.Additional wireless security protections 11.Cloud and Virtualization Security a.Cloud security i.Cloud concepts and models ii.Cloud security solutions 1.Cloud security controls 2.Cloud security solutions b.Virtualization security i.Virtualization concepts ii.Securing virtual environments ENTERPRISE SECURITY 12.Identity and Access Management (IAM) a.Authentication credentials i.What you know: passwords ii.What you have: tokens, cards, and cell phones iii.What you are: biometrics iv.What you do: behavioral biometrics v.Where you are: geolocation b.Identity and account management controls c.Access services 13.Incident Response and Investigation a.Incident response plans and procedures i.What is an incident response plan? ii.Incident response exercises iii.Attack frameworks b.Investigating an incident by using data sources c.Digital forensics i.What is forensics? ii.Forensics procedures 14.Cybersecurity Resilience a.Control types b.Techniques for resiliency i.Redundancy ii.Replication iii.Data backups c.Using organizational policies for security 15.Risk Management and Data Privacy a.Managing risk i.Threat assessment ii.Risk assessment b.Protecting sensitive data i.Data types ii.Consequences of privacy breaches iii.Breach notifications iv.Roles and responsibilities v.Privacy enhancing technologies

Read more less

Book SynopsisWilson/Simpson/Antill's HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE, 4th edition, equips you with the knowledge and skills to protect networks using the tools and techniques of an ethical hacker. The authors explore the concept of ethical hacking and its practitioners -- explaining their importance in protecting corporate and government data -- and then deliver an in-depth guide to performing security testing. Thoroughly updated, the text covers new security resources, emerging vulnerabilities and innovative methods to protect networks, mobile security considerations, computer crime laws and penalties for illegal computer hacking. A final project brings concepts together in a penetration testing exercise and report, while virtual machine labs, auto-graded quizzes and interactive activities in the online learning platform help further prepare you for your role as a network security professional.Table of ContentsModule 1. Ethical Hacking Overview. Module 2. TCP/IP Concepts Review. Module 3. Network and Computer Attacks. Module 4. Footprinting and Social Engineering. Module 5. Port Scanning. Module 7. Programming for Security Professionals. Module 8. Desktop and Server OS Vulnerabilities. Module 9. Embedded Operating Systems: The Hidden Threat. Module 10. Hacking Web Applications. Module 11. Hacking Wireless Networks. Module 12. Cryptography. Module 13. Network Protection Systems. Module 14. The Final Project. Appendix A. Legal Resources. Appendix B. Resources.

Read more less

Book SynopsisTable of Contents1. Introduction to Cybersecurity. 2. Personal Security. 3. Computer Security. 4. Internet Security. 5. Mobile Security. 6. Privacy.

Read more less

Book SynopsisHow to solve security issues and problems arising in distributed systems. Security is one of the leading concerns in developing dependable distributed systems of today, since the integration of different components in a distributed manner creates new security problems and issues. Service oriented architectures, the Web, grid computing and virtualization form the backbone of today's distributed systems. A lens to security issues in distributed systems is best provided via deeper exploration of security concerns and solutions in these technologies. Distributed Systems Security provides a holistic insight into current security issues, processes, and solutions, and maps out future directions in the context of today's distributed systems. This insight is elucidated by modeling of modern day distributed systems using a four-tier logical model host layer, infrastructure layer, application layer, and service layer (bottom to top). The authors provide an in-depth coverTable of ContentsChapter 1: Introduction 1.1 Background 1.2 Distributed Systems. 1.3 Distributed Systems Security. 1.4 About the Book. Chapter 2: Security Engineering. 2.1 Introduction. 2.2 Secure Development Life Cycle Processes – An Overview. 2.3 A Typical Security Engineering Process. 2.4 Important Security Engineering Guidelines and Resources. 2.5 Conclusion. Chapter 3. Common Security Issues and Technologies. 3.1 Security Issues. 3.2 Common Security Techniques. 3.3 Summary. Chapter 4 – Host level Threats and Vulnerabilities. 4.1 Background. 4.2 Malware. 4.3 Eavesdropping. 4.4 Job faults. 4.5 Resource starvation. 4.6 Overflow. 4.7 Privilege escalation. 4.8 Injection attacks. 4.9 Conclusion. Chapter 5 – Infrastructure Level Threats & Vulnerabilities. 5.1 Introduction. 5.2 Network Level Threats and Vulnerabilities. 5.3 Grid Computing Threats and Vulnerabilities. 5.4 Storage Threats and Vulnerabilities. Chapter 6: Application Level Vulnerabilities and Attacks. 6.1 Introduction. 6.2 Application Layer Vulnerabilities. 6.3 Conclusion. Chapter 7 – Service Level Issues, Threats and Vulnerabilities. 7.1 Introduction. 7.2 SOA and Role of Standards. 7.3 Service Level Security Requirements. 7.4 Service Level Threats and Vulnerabilities. 7.5 Service Level Attacks. 7.6 Services Threat Profile. 7.7 Conclusions. Chapter 8: Host level Solutions. 8.1 Background. 8.2 Sandboxing. 8.3 Virtualization. 8.4 Resource Management 8.5 Proof carrying code. 8.6 Memory firewall 8.7 Anti malware. 8.8 Conclusions. Chapter 9 – Infrastructure Level Solutions 9.1 Introduction. 9.2 Network Level Solutions. 9.3 Grid Level Solutions. 9.4 Storage Level Solutions. Chapter 10: Application Level Solutions. 10.1 Introduction. 10.2 Application Level Security Solutions. 10.3 Conclusion. Chapter 11 – Service Level Solutions. 11.1 Introduction. 11.2 Services Security Policy. 11.3 SOA Security standards stack. 11.4 Standards in Depth. 11.5 Deployment Architectures for SOA Security. 11.6 Managing Service Level Threats. 11.7 Service Threat Solution Mapping. 11.8 XML Firewall Configuration-Threat Mapping. 11.9 Conclusions. Chapter 12 - Case Study – Compliance in Financial Services. 12.1 Introduction. 12.2 SOX compliance. 12.3 SOX Security Solutions. 12.4 Multi-level policy driven solution architecture. 12.5 Conclusions. Chapter 13 – Case Study of Grid. 13.1 Background. 13.2 Financial Application. 13.3 Security Requirements Analysis. 13.4 Final Security Architecture. Chapter 14: Future directions and Conclusions. 14.1 Future directions. 14.2 Conclusions.

Read more less

Book SynopsisHands-on, practical guide to implementing SSL and TLS protocols for Internet security If you are a network professional who knows C programming, this practical book is for you. Focused on how to implement Secure Socket Layer (SSL) and Transport Layer Security (TLS), this book guides you through all necessary steps, whether or not you have a working knowledge of cryptography. The book covers SSLv2, TLS 1.0, and TLS 1.2, including implementations of the relevant cryptographic protocols, secure hashing, certificate parsing, certificate generation, and more. Coverage includes: Understanding Internet Security Protecting against Eavesdroppers with Symmetric Cryptography Secure Key Exchange over an Insecure Medium with Public Key Cryptography Authenticating Communications Using Digital Signatures Creating a Network of Trust Using X.509 Certificates A Usable, Secure Communications Protocol: Client-Side TLS Adding SerTable of ContentsIntroduction xxvii Chapter 1 Understanding Internet Security 1 What Are Secure Sockets? 2 “Insecure” Communications: Understanding the HTTP Protocol 4 Implementing an HTTP Client 5 Adding Support for HTTP Proxies 12 Reliable Transmission of Binary Data with Base64 Encoding 17 Implementing an HTTP Server 21 Roadmap for the Rest of This Book 27 Chapter 2 Protecting Against Eavesdroppers with Symmetric Cryptography 29 Understanding Block Cipher Cryptography Algorithms 30 Implementing the Data Encryption Standard (DES) Algorithm 31 DES Initial Permutation 34 DES Key Schedule 38 DES Expansion Function 40 DES Decryption 45 Padding and Chaining in Block Cipher Algorithms 46 Using the Triple-DES Encryption Algorithm to Increase Key Length 55 Faster Encryption with the Advanced Encryption Standard (AES) Algorithm 60 AES Key Schedule Computation 60 AES Encryption 67 Other Block Cipher Algorithms 83 Understanding Stream Cipher Algorithms 83 Understanding and Implementing the RC4 Algorithm 84 Chapter 3 Converting a Block Cipher to a Stream Cipher: The OFB and COUNTER Block-Chaining Modes 90 Secure Key Exchange over an Insecure Medium with Public Key Cryptography 91 Understanding the Theory Behind the RSA Algorithm 92 Performing Arbitrary Precision Binary Math to Implement Public-Key Cryptography 93 Implementing Large-Number Addition 93 Implementing Large-Number Subtraction 98 Implementing Large-Number Multiplication 101 Implementing Large-Number Division 106 Comparing Large Numbers 109 Optimizing for Modulo Arithmetic 112 Using Modulus Operations to Efficiently Compute Discrete Logarithms in a Finite Field 113 Encryption and Decryption with RSA 114 Encrypting with RSA 115 Decrypting with RSA 119 Encrypting a Plaintext Message 120 Decrypting an RSA-Encrypted Message 124 Testing RSA Encryption and Decryption 126 Achieving Perfect Forward Secrecy with Diffie-Hellman Key Exchange 130 Getting More Security per Key Bit: Elliptic Curve Cryptography 132 How Elliptic Curve Cryptography Relies on Modular Inversions 135 Using the Euclidean Algorithm to compute Greatest Common Denominators 135 Computing Modular Inversions with the Extended Euclidean Algorithm 137 Adding Negative Number Support to the Huge Number Library 138 Supporting Negative Remainders 147 Making ECC Work with Whole Integers: Elliptic-Curve Cryptography over Fp 150 Reimplementing Diffie-Hellman to Use ECC Primitives 150 Why Elliptic-Curve Cryptography? 154 Chapter 4 Authenticating Communications Using Digital Signatures 157 Using Message Digests to Create Secure Document Surrogates 158 Implementing the MD5 Digest Algorithm 159 Understanding MD 5 160 A Secure Hashing Example 161 Securely Hashing a Single Block of Data 166 MD5 Vulnerabilities 169 Increasing Collision Resistance with the SHA- 1 Digest Algorithm 171 Understanding SHA-1 Block Computation 171 Understanding the SHA-1 Input Processing Function 174 Understanding SHA-1 Finalization 176 Even More Collision Resistance with the SHA- 256 Digest Algorithm 180 Preventing Replay Attacks with the HMAC Keyed-Hash Algorithm 184 Implementing a Secure HMAC Algorithm 186 Completing the HMAC Operation 190 Creating Updateable Hash Functions 190 Defining a Digest Structure 191 Appending the Length to the Last Block 194 Computing the MD5 Hash of an Entire File 196 Where Does All of This Fit into SSL? 200 Understanding Digital Signature Algorithm (DSA) Signatures 201 Implementing Sender-Side DSA Signature Generation 202 Implementing Receiver-Side DSA Signature Verification 205 How to Make DSA Efficient 209 Getting More Security per Bit: Elliptic Curve DSA 210 Rewriting the Elliptic-Curve Math Functions to Support Large Numbers 211 Implementing ECDSA 215 Generating ECC Keypairs 218 Chapter 5 Creating a Network of Trust Using X.509 Certificates 221 Putting It Together: The Secure Channel Protocol 222 Encoding with ASN.1 225 Understanding Signed Certificate Structure 225 Version 226 serialNumber 227 signature 227 issuer 229 validity 232 subject 233 subjectPublicKeyInfo 235 extensions 237 Signed Certificates 238 Summary of X.509 Certificates 241 Transmitting Certificates with ASN.1 Distinguished Encoding Rules (DER) 241 Encoded Values 241 Strings and Dates 242 Bit Strings 243 Sequences and Sets: Grouping and Nesting ASN.1 Values 243 ASN.1 Explicit Tags 244 A Real-World Certificate Example 244 Using OpenSSL to Generate an RSA KeyPair and Certificate 244 Using OpenSSL to Generate a DSA KeyPair and Certificate 251 Developing an ASN.1 Parser 252 Converting a Byte Stream into an ASN.1 Structure 252 The asn1parse Code in Action 259 Turning a Parsed ASN.1 Structure into X.509 Certificate Components 264 Joining the X.509 Components into a Completed X. 509 Certificate Structure 268 Parsing Object Identifiers (OIDs) 270 Parsing Distinguished Names 271 Parsing Certificate Extensions 275 Signature Verification 279 Validating PKCS #7-Formatted RSA Signatures 280 Verifying a Self-Signed Certificate 281 Adding DSA Support to the Certificate Parser 286 Managing Certificates 292 How Authorities Handle Certificate Signing Requests (CSRs) 292 Correlating Public and Private Keys Using PKCS # 12 Formatting 293 Blacklisting Compromised Certificates Using Certificate Revocation Lists (CRLs) 294 Keeping Certificate Blacklists Up-to-Date with the Online Certificate Status Protocol (OCSP) 295 Other Problems with Certificates 296 Chapter 6 A Usable, Secure Communications Protocol: Client-Side TLS 297 Implementing the TLS 1.0 Handshake (Client Perspective) 299 Adding TLS Support to the HTTP Client 300 Understanding the TLS Handshake Procedure 303 TLS Client Hello 304 Tracking the Handshake State in the TLSParameters Structure 304 Describing Cipher Suites 308 Flattening and Sending the Client Hello Structure 309 TLS Server Hello 316 Adding a Receive Loop 317 Sending Alerts 318 Parsing the Server Hello Structure 319 Reporting Server Alerts 323 TLS Certificate 324 TLS Server Hello Done 328 TLS Client Key Exchange 329 Sharing Secrets Using TLS PRF (Pseudo-Random Function) 329 Creating Reproducible, Unpredictable Symmetric Keys with Master Secret Computation 336 RSA Key Exchange 337 Diffie-Hellman Key Exchange 343 TLS Change Cipher Spec 344 TLS Finished 346 Computing the Verify Message 347 Correctly Receiving the Finished Message 352 Secure Data Transfer with TLS 353 Assigning Sequence Numbers 353 Supporting Outgoing Encryption 355 Adding Support for Stream Ciphers 358 Updating Each Invocation of send_message 359 Decrypting and Authenticating 361 TLS Send 364 TLS Receive 365 Implementing TLS Shutdown 368 Examining HTTPS End-to-end Examples (TLS 1.0) 369 Dissecting the Client Hello Request 370 Dissecting the Server Response Messages 372 Dissecting the Key Exchange Message 373 Decrypting the Encrypted Exchange 374 Exchanging Application Data 377 Differences Between SSL 3.0 and TLS 1.0 378 Differences Between TLS 1.0 and TLS 1.1 379 Chapter 7 Adding Server-Side TLS 1.0 Support 381 Implementing the TLS 1.0 Handshake from the Server’s Perspective 381 TLS Client Hello 387 TLS Server Hello 390 TLS Certificate 391 TLS Server Hello Done 393 TLS Client Key Exchange 394 RSA Key Exchange and Private Key Location 395 Supporting Encrypted Private Key Files 399 Checking That Decryption was Successful 406 Completing the Key Exchange 407 TLS Change Cipher Spec 409 TLS Finished 409 Avoiding Common Pitfalls When Adding HTTPS Support to a Server 411 When a Browser Displays Errors: Browser Trust Issues 412 Chapter 8 Advanced SSL Topics 415 Passing Additional Information with Client Hello Extensions 415 Safely Reusing Key Material with Session Resumption 420 Adding Session Resumption on the Client Side 421 Requesting Session Resumption 422 Adding Session Resumption Logic to the Client 422 Restoring the Previous Session’s Master Secret 424 Testing Session Resumption 425 Viewing a Resumed Session 427 Adding Session Resumption on the Server Side 428 Assigning a Unique Session ID to Each Session 429 Adding Session ID Storage 429 Modifying parse_client_hello to Recognize Session Resumption Requests 433 Drawbacks of This Implementation 435 Avoiding Fixed Parameters with Ephemeral Key Exchange 436 Supporting the TLS Server Key Exchange Message 437 Authenticating the Server Key Exchange Message 439 Examining an Ephemeral Key Exchange Handshake 442 Verifying Identity with Client Authentication 448 Supporting the CertificateRequest Message 449 Adding Certificate Request Parsing Capability for the Client 450 Handling the Certificate Request 452 Supporting the Certificate Verify Message 453 Refactoring rsa_encrypt to Support Signing 453 Testing Client Authentication 458 Viewing a Mutually-Authenticated TLS Handshake 460 Dealing with Legacy Implementations: Exportable Ciphers 463 Export-Grade Key Calculation 463 Step-up Cryptography 465 Discarding Key Material Through Session Renegotiation 465 Supporting the Hello Request 466 Renegotiation Pitfalls and the Client Hello Extension 0xFF01 468 Defending Against the Renegotiation Attack 469 Implementing Secure Renegotiation 471 Chapter 9 Adding TLS 1.2 Support to Your TLS Library 479 Supporting TLS 1.2 When You Use RSA for the Key Exchange 479 TLS 1.2 Modifications to the PRF 481 TLS 1.2 Modifications to the Finished Messages Verify Data 483 Impact to Diffie-Hellman Key Exchange 485 Parsing Signature Types 485 Adding Support for AEAD Mode Ciphers 490 Maximizing Throughput with Counter Mode 490 Reusing Existing Functionality for Secure Hashes with CBC-MAC 494 Combining CTR and CBC-MAC into AES-CCM 496 Maximizing MAC Throughput with Galois-Field Authentication 502 Combining CTR and Galois-Field Authentication with AES-GCM 505 Authentication with Associated Data 510 Incorporating AEAD Ciphers into TLS 1.2 517 Working ECC Extensions into the TLS Library 523 ECDSA Certificate Parsing 527 ECDHE Support in TLS 533 ECC Client Hello Extensions 540 The Current State of TLS 1.2 540 Chapter 10 Other Applications of SSL 543 Adding the NTTPS Extension to the NTTP Algorithm 543 Implementing “Multi-hop” SMTP over TLS and Protecting Email Content with S/MIME 545 Understanding the Email Model 545 The SSL/TLS Design and Email 546 Multipurpose Internet Mail Extensions (MIME) 547 Protecting Email from Eavesdroppers with S/MIME 549 Securing Email When There Are Multiple Recipients 550 S/MIME Certificate Management 552 Securing Datagram Traffic 552 Securing the Domain Name System 553 Using the DNS Protocol to Query the Database 555 Disadvantages of the DNS Query 555 Preventing DNS Cache Poisoning with DNSSEC 556 TLS Without TCP — Datagram TLS 559 Supporting SSL When Proxies Are Involved 560 Possible Solutions to the Proxy Problem 560 Adding Proxy Support Using Tunneling 561 SSL with OpenSSL 564 Final Thoughts 566 Appendix A Binary Representation of Integers: A Primer 567 The Decimal and Binary Numbering Systems 567 Understanding Binary Logical Operations 568 The AND Operation 568 The OR Operation 569 The NOT Operation 569 The XOR Operation 569 Position Shifting of Binary Numbers 570 Two’s-Complement Representation of Negative Numbers 570 Big-Endian versus Little-Endian Number Formats 571 Appendix B Installing TCPDump and OpenSSL 573 Installing TCPDump 573 Installing TCPDump on a Windows System 574 Installing TCPDump on a Linux System 575 Installing OpenSSL 575 Installing OpenSSL on a Windows System 575 Installing OpenSSL on a Linux system 577 Appendix C Understanding the Pitfalls of SSLv 2 579 Implementing the SSL Handshake 582 SSL Client Hello 588 SSL Server Hello 592 SSL Client Master Key 600 SSL Client Finished 607 SSL Server Verify 612 SSL Server Finished 616 SSL send 617 SSL recv 617 Examining an HTTPS End-to-End Example 619 Viewing the TCPDump Output 619 Problems with SSLv 2 626 Man-in-the-Middle Attacks 626 Truncation Attacks 626 Same Key Used for Encryption and Authentication 626 No Extensions 627 Index 629

Read more less

Book SynopsisSecurity is the number one concern for businesses worldwide. The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information.Table of ContentsPreface. 1. Our Design Philosophy. 2. The Context of Cryptography. 3. Introduction to Cryptography. I Message Security. 4. Block Ciphers. 5. Block Cipher Modes. 6. Hash Functions. 7. Message Authentication Codes. 8. The Secure Channel. 9. Implementation. Issues (I). II Key Negotiation. 10. Generating Randomness. 11. Primes. 12. Diffie-Hellman. 13. RSA. 14. Introduction to Cryptographic Protocols. 15. Negotiation Protocol. 16. Implementation Issues. III Key Management. 17. The Clock. 18. Key Servers. 19. The Dream of PKI. 20. PKI Reality. 21. PKI Practicalities. 22. Storing Secrets. IV Miscellaneous. 23. Standards. 24. Patents. 25. Involving Experts. Acknowledgments. Bibliography. Index.

Read more less

Book SynopsisA dictionary and handbook that defines the field and provides unique insight Turn to Minoli-Cordovana''s Authoritative Computer and Network Security Dictionary for clear, concise, and up-to-date definitions of terms, concepts, methods, solutions, and tools in the field of computer and network security. About 5,555 security- and IT-related words and phrases are defined. Drawing their definitions from their work experience and from a variety of established and respected sources, the authors have created a single, up-to-the-minute, and standardized resource that users can trust for accuracy and authority. The dictionary is written for industry executives, managers, and planners who are charged with the responsibility of protecting their organizations from random, negligent, or planned attacks on their information technology resources. It not only defines terms, but also provides these professionals with critical insight into the terms'' use and applicabiliTrade Review"Although this book is written for industry executives, managers, and planners, students in computer science or information science programs will find it a valuable resource. At the current price, it is an excellent buy." (CHOICE, March 2007) "…well researched and unique. It is recommended for technical and business reference collections." (American Reference Books Annual, March 2007) "…this book is mostly for managers and professionals who need a clue about a particular term or acronym…" (Computing Reviews.com, January 19, 2007)

Read more less

Book SynopsisKevin Mitnick, the world's most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In The Art of Intrusion, Mitnick offers hair-raising stories of real-life computer break-ins, and shows how the victims could have prevented them.Table of ContentsChapter 1 Hacking the Casinos for a Million Bucks 1 Chapter 2 When Terrorists Come Calling 23 Chapter 3 The Texas Prison Hack 49 Chapter 4 Cops and Robbers 69 Chapter 5 The Robin Hood Hacker 91 Chapter 6 The Wisdom and Folly of Penetration Testing 115 Chapter 7 Of Course Your Bank Is Secure — Right? 139 Chapter 8 Your Intellectual Property Isn’t Safe 153 Chapter 9 On the Continent 195 Chapter 10 Social Engineers — How They Work and How to Stop Them 221 Chapter 11 Short Takes 247 Index 261

Read more less

Book SynopsisPraise for Sarbanes-Oxley Guide for Finance and Information Technology Professionals Effective SOX programs enlist the entire organization to build and monitor a compliant control environment. However, even the best SOX programs are inefficient at best, ineffective at worst, if there is a lack of informed, competent finance and IT personnel to support the effort. This book provides these important professionals a needed resource for and road map toward successfully implementing their SOX initiative. Scott Green Chief Administrative Officer, Weil, Gotshal & Manges LLP and author, Sarbanes-Oxley and the Board of Directors As a former CFO and CIO, I found this book to be an excellent synopsis of SOX, with impressive implementation summaries and checklists. Michael P. Cangemi CISA, Editor in Chief, Information Systems Control Journal and author, Managing the Audit Function An excellent introduction to the Sarbanes-Oxley Act fTable of ContentsPREFACE. ACKNOWLEDGEMENTS. INTRODUCTION. PART I: Sarbanes-Oxley For The Finance Professional. CHAPTER 1: Scope and Assessment of the Act. Integrity. Independence. Proper Oversight. Accountability. Strong Internal Controls. Transparency. Deterrence. Corporate Process Management. CHAPTER 2: Internal Controls. Components of Internal Control. Purpose of Internal Control. Developing an Internal Control System. CHAPTER 3: Control Environment. Risk Assessment. Information and Communication. Monitoring. CHAPTER 4: Material Weaknesses. Specific Internal Controls to Evaluate. Disclosure Committee. CHAPTER 5: Implementing Sarbanes-Oxley: What Does Compliance Look Like? Time Line. Checklists. Reporting, Documentation, and Archiving. Disclosure. CHAPTER 6: Technology Implications. Storage Systems. IT Solutions. Changes in IT Management. CHAPTER 7: Sarbanes-Oxley–Related Bodies. Public Company Accounting Oversight Board. Committee of Sponsoring Organizations. Securities and Exchange Commission. Financial Accounting Standards Board. CHAPTER 8: Opportunities and Challenges Created by Sarbanes-Oxley. Opportunities. Challenges. CHAPTER 9: Summary for the CFO. Changes to Corporate Governance. Catalyst for Improvement. PART II: Sarbanes-Oxley For The IT Professional. CHAPTER 10: Impact of Sarbanes-Oxley. Impact on the Enterprise, the CEO, and the CFO. Impact of Sarbanes-Oxley on Corporate Management Systems. Impact of Sarbanes-Oxley on the Technology Infrastructure. CHAPTER 11: Technologies Affected by Sarbanes-Oxley: From Sarbanes-Oxley to SOCKET. Separate Vendor Hype from Reality. Sarbanes-Oxley Compliance as an IT Project. Perspective on Sarbanes-Oxley Goals. Steps for Sarbanes-Oxley Compliance. Sarbanes-Oxley and The SEC. CHAPTER 12: Enterprise Technology Ecosystem. Organic IT Architecture. Ecosystem and Sarbanes-Oxley. CHAPTER 13: Implementing the SOCKET Methodology. Species or Components of the Enterprise Technology Ecosystem. COSO Framework. SOCKET Technologies. Transactional Systems: ERP, SCM, CRM. Analytical and Reporting Systems. Data Warehousing. CHAPTER 14: SOCKET and Enterprise Information Management. Document Management and Sarbanes-Oxley. Document Security. Communication and Networking. CHAPTER 15: The Process. Introduction to the Process. Strategic (Top-Down) Approach. Tactical (Bottom-Up) Approach. Monitoring the Audit Team. Implementation Process: Reengineering for Sarbanes-Oxley Compliance. Beyond Sarbanes-Oxley: From SOCKET to Success Ecosystem. Conclusions. APPENDIX A Sarbanes-Oxley Implementation Plan: Developing an Internal Control System for Compliance (Focusing on Sections 302 and 404). APPENDIX B Project to Process: Making the House a Home. APPENDIX C Enterprise Project Management and the Sarbanes-Oxley Compliance Project. APPENDIX D Enterprise Risk Management—Integrated Framework. APPENDIX E COBIT 3—Executive Summary. APPENDIX F COBIT 4—Executive Summary. INDEX.

Read more less

Book SynopsisSteganography, the art of hiding of information in apparently innocuous objects or images, is a field with a rich heritage, and an area of rapid current development. This clear, self-contained guide shows you how to understand the building blocks of covert communication in digital media files and how to apply the techniques in practice, including those of steganalysis, the detection of steganography. Assuming only a basic knowledge in calculus and statistics, the book blends the various strands of steganography, including information theory, coding, signal estimation and detection, and statistical signal processing. Experiments on real media files demonstrate the performance of the techniques in real life, and most techniques are supplied with pseudo-code, making it easy to implement the algorithms. The book is ideal for students taking courses on steganography and information hiding, and is also a useful reference for engineers and practitioners working in media security and informatiTrade Review'… a very useful book for beginners in steganography and anyone who wants to learn more about the field.' Todor Todorov, Reviews.com'The distinguishing feature of the book is that it presents not only methods of hiding information in digital media files, but also an in-depth analysis of detecting the use of such methods (steganalysis) … excellent for teaching the subject of information hiding or security related courses. it enhances the landscape of textbooks on the subject. I am convinced that it will grip the reader as it touches on the most important aspects of steganography and steganalysis.' IEEE Communications MagazineTable of ContentsPreface; Acknowledgments; 1. Introduction; 2. Digital image formats; 3. Digital image acquisition; 4. Steganographic channel; 5. Naive steganography; 6. Steganographic security; 7. Practical steganographic methods; 8. Matrix embedding; 9. Non-shared selection channel; 10. Steganalysis; 11. Selected targeted attacks; 12. Blind steganalysis; 13. Steganography; A. Statistics; B. Information theory; C. Linear codes; D. Signal detection and estimation; E. Support vector machines; Notation; Glossary; References; Index.

Read more less

Book SynopsisA study of the pseudo-random generator, a basic primitive in crytography which is useful for constructing a private key cryptosystem that is secure against chosen plaintext attack. The author stresses rigorous definitions and proofs related to private key cryptography.Table of ContentsOverview and Usage Guide ix Mini-Courses xiii Acknowledgments xv Preliminaries 3 Introduction of some basic notation that is used in all subsequent lectures. Review of some computational complexity classes. Description of some useful probability facts. Lecture 1 Introduction to private key cryptosystems, pseudorandom generators, one-way functions. Introduction of some specific conjectured one-way functions. 13 Lecture 2 Discussions of security issues associated with the computing environment of a party, including the security parameter of a protocol. Definition of an adversary, the achievement ratio of an adversary for a protocol, and the security of a protocol. Definitions of one-way functions and one-way permutations, and cryptographic reduction. 21 Lecture 3 Definition of a weak one-way function. Reduction from a weak oneway function to a one-way function. More efficient security preserving reductions from a weak one-way permutation to a one-way permutation. 35 Lecture 4 Proof that the discrete log problem is either a one-way permutation or not even weak one-way permutation via random self-reducibility. Definition of a pseudorandom generator, the next bit test, and the proof that the two definitions are equivalent. Construction of a pseudorandom generator that stretches by a polynomial amount from a pseudorandom generator that stretches by one bit. 49 Lecture 5 Introduction of a two part paradigm for derandornizing probabilistic algorithms. Two problems are used to exemplify this approach: witness sampling and vertex partitioning. 56 Lecture 6 Definition of inner product bit for a function and what it means to be a hidden bit. Description and proof of the Hidden Bit Theorem that shows the inner product bit is hidden for a one-way function. Lecture 7 Definitions of statistical measures of distance between probability distributions and the analogous computational measures. Restatement of the, Hidden Bit Theorem in these terms and application of this theorem to construct a pseudorandom generator from a one-way permutation. Description and proof of the Many Hidden Bits Theorem that shows many inner product bit are hidden for a one-way function. Lecture 8 Definitions of various notions of statistical entropy, computational entropy and pseudoentropy generators. Definition of universal hash Functions. Description and proof of the Smoothing Entropy Theorem. 79 Lecture 9 Reduction from a one-way one-to-one function to a pseudorandom generator using the Smoothing Entropy Theorem and the Hidden Bit Theorem. Reduction from a one-way regular function to a pseudorandom generator using the Smoothing Entropy Theorem and Many Hidden Bits Theorem. 88 Lecture 10 Definition of a false entropy generator. Construction and proof of a pseudorandom generator from a false entropy generator. Construction and proof of a false entropy generator from any one-way function in the non- uniform sense. 95 Lecture 11 Definition of a stream private key cryptosystem, definitions of several notions of security, including passive attack and chosen plaintext. attack, and design of a stream private key cryptosystern that is secure against these attacks based on a pseudorandom generator. 105 Lecture 12 Definitions and motivation for a block cryptosystern and security against chosen plaintext attack. Definition and construction of a pseudorandom function generator from a pseudorandom generator. Construction of a block private key cryptosystern secure against chosen plaintext attack based on a pseudorandom function generator. 117 Lecture 13 Discussion of the Data Encryption Standard. Definition of a pseudorandom invertible permutation generator and discussion of applications to the construction of a block private key cryptosystern secure against chosen plaintext attack. Construction of a perfect random permutation based on a perfect random function. 128 Lecture 14 Construction of a pseudorandom invertible permutation generator from a pseudorandom function generator. Definition and construction of a super pseudorandom invertible permutation generator. Applications to block private key cryptosystems. 138 Lecture 15 Definition of trapdoor one-way functions, specific examples, and construction of cryptosystems without initial communication using a private line. 146 Lecture 16 Definition and construction of a universal one-way hash function. 154 Lecture 17 Definition and construction of secure one bit and many bit signature schemes. 162 Lecture 18 Definition of interactive proofs IP and the zero knowledge restriction of this class ZKIP. Definition and construction of a hidden bit commitment scheme based on a one-way function. Construction of a ZKIP for all NP based on a hidden bit commitment scheme. 174 List of Exercises and Research Problems 185 List of Primary Results 195 Credits and History 199 References 211 Notation 221 Index 225

Read more less

Book SynopsisDatabases are the nerve center of our economy. Every piece of your personal information is stored there-medical records, bank accounts, employment history, pensions, car registrations, even your children''s grades and what groceries you buy. Database attacks are potentially crippling-and relentless. In this essential follow-up to The Shellcoder''s Handbook, four of the world''s top security experts teach you to break into and defend the seven most popular database servers. You''ll learn how to identify vulnerabilities, how attacks are carried out, and how to stop the carnage. The bad guys already know all this. You need to know it too. * Identify and plug the new holes in Oracle and Microsoft(r) SQL Server * Learn the best defenses for IBM''s DB2(r), PostgreSQL, Sybase ASE, and MySQL(r) servers * Discover how buffer overflow exploitation, privilege escalation through SQL, stored procedure or trigger abuse, and SQL injection enable hacker access * ReTable of ContentsAbout the Authors. Preface. Acknowledgments. Introduction. Part I: Introduction. Chapter 1: Why Care About Database Security? Part II: Oracle. Chapter 2: The Oracle Architecture. Chapter 3: Attacking Oracle. Chapter 4: Oracle: Moving Further into the Network. Chapter 5: Securing Oracle. Part III: DB2. Chapter 6: IBM DB2 Universal Database. Chapter 7: DB2: Discovery, Attack, and Defense. Chapter 8: Attacking DB2. Chapter 9: Securing DB2. Part IV: Informix. Chapter 10: The Informix Architecture. Chapter 11: Informix: Discovery, Attack, and Defense. Chapter 12: Securing Informix. Part V: Sybase ASE. Chapter 13: Sybase Architecture. Chapter 14: Sybase: Discovery, Attack, and Defense. Chapter 15: Sybase: Moving Further into the Network. Chapter 16: Securing Sybase. Part VI: MySQL. Chapter 17: MySQL Architecture. Chapter 18: MySQL: Discovery, Attack, and Defense. Chapter 19: MySQL: Moving Further into the Network. Chapter 20: Securing MySQL. Part VII: SQL Server. Chapter 21: Microsoft SQL Server Architecture. Chapter 22: SQL Server: Exploitation, Attack, and Defense. Chapter 23: Securing SQL Server. Part VIII: PostgreSQL. Chapter 24: The PostgreSQL Architecture. Chapter 25: PostgreSQL: Discovery and Attack. Chapter 26: Securing PostgreSQL. Appendix A: Example C Code for a Time-Delay SQL Injection Harness. Appendix B: Dangerous Extended Stored Procedures. Appendix C: Oracle Default Usernames and Passwords. Index.

Read more less

Book SynopsisToday's uber viruses, worms, and trojans may seem more damaging than ever, but the attacking malware and malicious hackers are using the same tricks they always have. With this book, Microsoft MVP Roger Grimes exposes the real threat to Windows computers and offers practical guidance to secure those systems.Table of ContentsAcknowledgments. Introduction. Part I: The Basics in Depth. Chapter 1: Windows Attacks. Chapter 2: Conventional and Unconventional Defenses. Chapter 3: NTFS Permissions 101. Part II: OS Hardening. Chapter 4: Preventing Password Crackers. Chapter 5: Protecting High-Risk Files. Chapter 6: Protecting High-Risk Registry Entries. Chapter 7: Tightening Services. Chapter 8: Using IPSec. Part III: Application Security. Chapter 9: Stopping Unauthorized Execution. Chapter 10: Securing Internet Explorer. Chapter 11: Protecting E-mail. Chapter 12: IIS Security. Chapter 13: Using Encrypting File System. Part IV: Automating Security. Chapter 14: Group Policy Explained. Chapter 15: Designing a Secure Active Directory Infrastructure. Book Summary. Index.

Read more less

Book SynopsisDelivering up-to-the-minute coverage, COMPUTER SECURITY AND PENETRATION TESTING, Second Edition offers readers of all backgrounds and experience levels a well-researched and engaging introduction to the fascinating realm of network security. Spotlighting the latest threats and vulnerabilities, this cutting-edge text is packed with real-world examples that showcase today's most important and relevant security topics. It addresses how and why people attack computers and networks--equipping readers with the knowledge and techniques to successfully combat hackers. This edition also includes new emphasis on ethics and legal issues. The world of information security is changing every day readers are provided with a clear differentiation between hacking myths and hacking facts. Straightforward in its approach, this comprehensive resource teaches the skills needed to go from hoping a system is secure to knowing that it is.Trade Review1. Ethics of Hacking and Cracking. 2. Reconnaissance. 3. Scanning Tools. 4. Sniffers. 5. TCP/IP Vulnerabilities. 6. Techniques of Password Cracking. 7. Spoofing. 8. Session Hijacking. 9. Hacking Network Devices. 10. Trojan Horses. 11. Denial of Service Attacks. 12. Buffer Overflows. 13. Programming Exploits. 14. Mail Vulnerabilities. 15. Web Application Vulnerabilities. 16. Windows Vulnerabilities. 17. Linux Vulnerabilities. 18. Incident Handling. Glossary. References.Table of Contents1. Ethics of Hacking and Cracking. 2. Reconnaissance. 3. Scanning Tools. 4. Sniffers. 5. TCP/IP Vulnerabilities. 6. Techniques of Password Cracking. 7. Spoofing. 8. Session Hijacking. 9. Hacking Network Devices. 10. Trojan Horses. 11. Denial of Service Attacks. 12. Buffer Overflows. 13. Programming Exploits. 14. Mail Vulnerabilities. 15. Web Application Vulnerabilities. 16. Windows Vulnerabilities. 17. Linux Vulnerabilities. 18. Incident Handling. Glossary. References.

Read more less

Book SynopsisFrom the world's most renowned security technologist, Bruce Schneier, this 20th Anniversary Edition is the most definitive reference on cryptography ever published and is the seminal work on cryptography. Cryptographic techniques have applications far beyond the obvious uses of encoding and decoding information.Table of ContentsCONTENTS INTRODUCTION XIII FOREWORD BY WHITFIELD DIFFIE XVII PREFACE XXI HOW TO READ THIS BOOK XXII ACKNOWLEDGMENTS XXIV ABOUT THE AUTHOR XXV 1 FOUNDATIONS 7 1.1 TERMINOLOGY 1 1 .2 STEGANOGRAPHY 9 1.3 SUBSTITUTION CIPHERS AND TRANSPOSITION CIPHERS 10 1.4 SIMPLE XOR 13 1.5 ONE-TIME PADS 15 1.6 COMPUTER ALGORITHMS 17 1.7 LARGE NUMBERS 17 PART I CRYPTOGRAPHIC PROTOCOLS 2 PROTOCOL BUILDING BLOCKS 27 2.1 INTRODUCTION TO PROTOCOLS 21 2.2 COMMUNICATIONS USING SYMMETRIC CRYPTOGRAPHY 28 2.3 ONE-WAY FUNCTIONS 29 2.4 ONE-WAY HASH FUNCTIONS 30 2.5 COMMUNICATIONS USING PUBLIC-KEY CRYPTOGRAPHY 31 2.6 DIGITAL SIGNATURES 34 2.7 DIGITAL SIGNATURES WITH ENCRYPTION 47 2.8 RANDOM AND PSEUDO-RANDOM SEQUENCE GENERATION 44 3 BASIC PROTOCOLS 47 3.1 KEY EXCHANGE 47 3.2 AUTHENTICATION 52 3.3 AUTHENTICATION AND KEY EXCHANGE 56 3.4 FORMAL ANALYSIS OF AUTHENTICATION AND KEY-EXCHANGE PROTOCOLS 65 3.5 MULTIPLE-KEY PUBLIC-KEY CRYPTOGRAPHY 68 3.6 SECRET SPLITTING 70 3.7 SECRET SHARING 71 3.8 CRYPTOGRAPHIC PROTECTION OF DATABASES 73 4 INTERMEDIATE PROTOCOLS 75 4.1 TIMESTAMPING SERVICES 75 4.2 SUBLIMINAL CHANNEL 79 4.3 UNDENIABLE DIGITAL SIGNATURES 81 4.4 DESIGNATED CONFIRMER SIGNATURES 82 4.5 PROXY SIGNATURES 83 4.6 GROUP SIGNATURES 84 4.7 FAIL-STOP DIGITAL SIGNATURES 85 4.8 COMPUTING WITH ENCRYPTED DATA 85 4.9 BIT COMMITMENT 86 4.10 FAIR COIN FLIPS 89 4.11 MENTAL POKER 92 4.12 ONE-WAY ACCUMULATORS 95 4.13 ALL-OR-NOTHING DISCLOSURE OF SECRETS 96 4.14 KEY ESCROW 97 5 ADVANCED PROTOCOLS 101 5.1 ZERO-KNOWLEDGE PROOFS 101 5.2 ZERO-KNOWLEDGE PROOFS OF IDENTITY 109 5.3 BLIND SIGNATURES 112 5.4 IDENTITY-BASED PUBLIC-KEY CRYPTOGRAPHY 115 5.5 OBLIVIOUS TRANSFER 226 5.6 OBLIVIOUS SIGNATURES 227 5.7 SIMULTANEOUS CONTRACT SIGNING 228 5.8 DIGITAL CERTIFIED MAIL 122 5.9 SIMULTANEOUS EXCHANGE OF SECRETS 123 6 ESOTERIC PROTOCOLS 125 6.1 SECURE ELECTIONS 125 6.2 SECURE MULTIPARTY COMPUTATION 234 6.3 ANONYMOUS MESSAGE BROADCAST 237 6.4 DIGITAL CASH 239 PART II CRYPTOGRAPHIC TECHNIQUES 7 KEY LENGTH 151 7.1 SYMMETRIC KEY LENGTH 151 7.2 PUBLIC-KEY KEY LENGTH 158 7.3 COMPARING SYMMETRIC AND PUBLIC-KEY KEY LENGTH 165 7.4 BIRTHDAY ATTACKS AGAINST ONE-WAY HASH FUNCTIONS 165 7.5 HOW LONG SHOULD A KEY BE? 166 7.6 CAVEAT EMETOR 168 8 KEY MANAGEMENT 169 8.1 GENERATING KEYS 170 8.2 NONLINEAR KEYSPACES 175 8.3 TRANSFERRING KEYS 176 8.4 VERIFYING KEYS 178 8.5 USING KEYS 179 8.6 UPDATING KEYS 180 8.7 STORING KEYS 180 8.8 BACKUP KEYS 181 8.9 COMPROMISED KEYS 182 8.10 LIFETIME OF KEYS 183 8.11 DESTROYING KEYS 181 8.12 PUBLIC-KEY KEY MANAGEMENT 185 9 ALGORITHM TYPES AND MODES 189 9.1 ELECTRONIC CODEBOOK MODE 189 9.2 BLOCK REPLAY 191 9.3 CIPHER BLOCK CHAINING MODE 193 9.4 STREAM CIPHERS 197 9.5 SELF-SYNCHRONIZING STREAM CIPHERS 198 9.6 CIPHER-FEEDBACK MODE 200 9.7 SYNCHRONOUS STREAM CIPHERS 202 9.8 OUTPUT-FEEDBACK MODE 203 9.9 COUNTER MODE 205 9.10 OTHER BLOCK-CIPHER MODES 206 9.11 CHOOSING A CIPHER MODE 208 9.12 INTERLEAVING 210 9.13 BLOCK CIPHERS VERSUS STREAM CIPHERS 210 10 USING ALGORITHMS 213 10.1 CHOOSING AN ALGORITHM 214 10.2 PUBLIC-KEY CRYPTOGRAPHY VERSUS SYMMETRIC CRYPTOGRAPHY 216 10.3 ENCRYPTING COMMUNICATIONS CHANNELS 216 10.4 ENCRYPTING DATA FOR STORAGE 220 10.5 HARDWARE ENCRYPTION VERSUS SOFTWARE ENCRYPTION 223 10.6 COMPRESSION, ENCODING, AND ENCRYPTION 226 10.7 DETECTING ENCRYPTION 226 10.8 HIDING CIPHERTEXT IN CIPHERTEXT 227 10.9 DESTROYING INFORMATION 228 PART III CRYPTOGRAPHIC ALGORITHMS 11 MATHEMATICAL BACKGROUND 233 11.1 INFORMATION THEORY 233 11.2 COMPLEXITY THEORY 237 11.3 NUMBER THEORY 242 11.4 FACTORING 255 11.5 PRIME NUMBER GENERATION 258 11.6 DISCRETE LOGARITHMS IN A FINITE FIELD 262 12 DATA ENCRYPTION STANDARD (DES) 265 12.1 BACKGROUND 265 12.2 DESCRIPTION OF DES 270 12.3 SECURITY OF DES 278 12.4 DIFFERENTIAL AND LINEAR CRYPTANALYSIS 285 12.5 THE REAL DESIGN CRITERIA 293 12.6 DES VARIANTS 204 12.7 HOW SECURE IS DES TODAY? 300 13 OTHER BLOCK CIPHERS 303 13.1 LUCIFER 303 13.2 MADRYGA 304 13.3 NEWDES 306 13.4 FEAL 308 13.5 REDOC 311 13.6 LOKI 314 13.7 KHUFU AND KHAFRE 316 13.8 RC2 328 13.9 IDEA 319 13.10 MMB 325 13.11 CA-1.1 327 13.12 SKIPJACK 328 14 STILL OTHER BLOCK CIPHERS 332 14.1 GOST 332 14.2 CAST 334 14.3 BLOWFISH 336 14.4 SAFER 339 14.5 3-WAY 341 14.6 CRAB 342 14.7 SXAL8/MBAL 344 14.8 RC5 344 14.9 OTHER BLOCK ALGORITHMS 346 14.10 THEORY OF BLOCK CIPHER DESIGN 346 14.11 USING ONE-WAY HASH FUNCTIONS 351 14.12 CHOOSING A BLOCK ALGORITHM 354 15 COMBINING BLOCK CIPHERS 357 15.1 DOUBLE ENCRYPTION 357 15.2 TRIPLE ENCRYPTION 358 15.3 DOUBLING THE BLOCK LENGTH 363 15.4 OTHER MULTIPLE ENCRYPTION SCHEMES 363 15.5 CDME KEY SHORTENING 366 15.6 WHITENING 366 15.7 CASCADING MULTIPLE BLOCK ALGORITHMS 367 15.8 COMBINING MULTIPLE BLOCK ALGORITHMS 368 16 PSEUDO-KANDOM-SEQUENCE GENERATORS AND STREAM CIPHERS 369 16.1 LINEAR CONGRUENTIAL GENERATORS 369 16.2 LINEAR FEEDBACK SHIFT REGISTERS 372 16.3 DESIGN AND ANALYSIS OF STREAM CIPHERS 379 16.4 STREAM CIPHERS USING LFSRS 381 16.5 A5 389 16.6 HUGHES XPD/KPD 389 16.7 NANOTEO 390 16.8 RAMBUTAN 390 16.9 ADDITIVE GENERATORS 390 16.10 GIFFORD 392 16.11 ALGORITHM M 393 16.12 PKZ1P 394 17 OTHER STREAM CIPHERS AND REAL RANDOM-SEQUENCE GENERATORS 397 17.1 RC4 397 17.2 SEAL 398 17.3 WAKE 400 17.4 FEEDBACK WITH CARRY SHIFT REGISTERS 402 17.5 STREAM CIPHERS USING FCSRS 405 17.6 NONLINEAR-FEEDBACK SHIFT REGISTERS 412 17.7 OTHER STREAM CIPHERS 413 17.8 SYSTEM-THEORETIC APPROACH TO STREAM-CIPHER DESIGN 415 17.9 COMPLEXITY-THEMATIC APPROACH TO STREAM-CIPHER DESIGN 416 17.10 OTHER APPROACHES TO STREAM-CIPHER DESIGN 418 17.11 CASCADING MULTIPLE STREAM CIPHERS 419 17.12 CHOOSING A STREAM CIPHER 420 17.13 GENERATING MULTIPLE STREAMS FROM A SINGLE PSEUDO-RANDOM-SEQUENCE GENERATOR 420 17.14 REAL RANDOM-SEQUENCE GENERATORS 421 18 ONE-WAY HASH FUNCTIONS 429 18.1 BACKGROUND 429 18.2 SNEFRU 431 18.3 N-HASH 432 18.4 MD4 435 18.5 MD5 436 18.6 MD2 441 18.7 SECURE HASH ALGORITHM (SHA) 441 18.8 RIPE-MD 445 18.9 HAVAL 445 18.10 OTHER ONE-WAY HASH FUNCTIONS 446 18.11 ONE-WAY HASH FUNCTIONS USING SYMMETRIC BLOCK ALGORITHMS 446 18.12 USING PUBLIC-KEY ALGORITHMS 455 18.13 CHOOSING A ONE-WAY HASH FUNCTION 455 18.14 MESSAGE AUTHENTICATION CODES 455 19 PUBLIC-KEY ALGORITHMS 461 19.1 BACKGROUND 461 19.2 KNAPSACK ALGORITHMS 462 19.3 RSA 466 19.4 POHLIG-HELLMAN 474 19.5 RABIN 475 19.6 ELGAMAL 476 19.7 MCELIECE 479 19.8 ELLIPTIC CURVE CRYPTOSYSTEMS 480 19.9 LUC 481 19.10 FINITE AUTOMATON PUBLIC-KEY CRYPTOSYSTEMS 482 20 PUBLIC-KEY DIGITAL SIGNATURE ALGORITHMS 483 20.1 DIGITAL SIGNATURE ALGORITHM [DSA] 483 20.2 DSA VARIANTS 494 20.3 GOST DIGITAL SIGNATURE ALGORITHM 495 20.4 DISCRETE LOGARITHM SIGNATURE SCHEMES 496 20.5 ONG-SCHNORR-SHAMIR 498 20.6 ESIGN 499 20.7 CELLULAR AUTOMATA 500 20.8 OTHER PUBLIC-KEY ALGORITHMS 500 21 IDENTIFICATION SCHEMES 503 21.1 FEIGE-FIAT-SHAMIR 503 21.2 GUTLLOU-QUISQUATER 508 21.3 SCHNORR 510 21.4 CONVERTING IDENTIFICATION SCHEMES TO SIGNATURE SCHEMES 512 22 KEY-EXCHANGE ALGORITHMS 513 22.1 DIFFIE-HELLMAN 513 22.2 STATION-TO-STATION PROTOCOL 516 22.3 SHAMIR'S THREE-PASS PROTOCOL 516 22.4 COMSET 577 22.5 ENCRYPTED KEY EXCHANGE 518 22.6 FORTIFIED KEY NEGOTIATION 522 22.7 CONFERENCE KEY DISTRIBUTION AND SECRET BROADCASTING 523 23 SPECIAL ALGORITHMS FOR PROTOCOLS 527 23.1 MULTIPLE-KEY PUBLIC-KEY CRYPTOGRAPHY 527 23.2 SECRET-SHARING ALGORITHMS 528 23.3 SUBLIMINAL CHANNEL 531 23.4 UNDENIABLE DIGITAL SIGNATURES 536 23.5 DESIGNATED CONFIRMER SIGNATURES 539 23.6 COMPUTING WITH ENCRYPTED DATA 540 23.7 FAIR COIN FLIPS 541 23.8 ONE-WAY ACCUMULATORS 543 23.9 ALL-OR-NOTHING DISCLOSURE OR SECRETS 543 23.10 FAIR AND FAILSAFE CRYPTOSYSTEMS 546 23.11 ZERO-KNOWLEDGE PROOFS OF KNOWLEDGE 548 23.12 BLIND SIGNATURES 549 23.13 OBLIVIOUS TRANSFER 550 23.14 SECURE MULTIPARTY COMPUTATION 552 23.15 PROBABILISTIC ENCRYPTION 552 23.16 QUANTUM CRYPTOGRAPHY 554 PART IV THE REAL WORLD 24 EXAMPLE IMPLEMENTATIONS 561 24.1 IBM SECRET-KEY MANAGEMENT PROTOCOL 561 24.2 MITRENET 562 24.3 ISDN 563 24.4 STU-III 565 24.5 KERBEROS 566 24.6 KRYPTOKNIGHT 572 24.7 SESAME 572 24.8 IBM COMMON CRYPTOGRAPHIC ARCHITECTURE 573 24.9 ISO AUTHENTICATION FRAMEWORK 574 24.10 PRIVACY-ENHANCED MAIL (PEM) 577 24.11 MESSAGE SECURITY PROTOCOL (MSP) 584 24.12 PRETTY GOOD PRIVACY (PGP) 584 24.13 SMART CARDS 587 24.14 PUBLIC-KEY CRYPTOGRAPHY STANDARDS (PKCS) 588 24.15 UNIVERSAL ELECTRONIC PAYMENT SYSTEM (UEPS) 589 24.16 CLIPPER 591 24.17 CAPSTONE 593 24.18 AT&T MODEL 3600 TELEPHONE SECURITY DEVICE (TSD) 594 25 POLITICS 597 25.1 NATIONAL SECURITY AGENCY (NSA) 597 25.2 NATIONAL COMPUTER SECURITY CENTER (NCSC) 599 25.3 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY (NIST) 600 25.4 RSA DATA SECURITY, INC. 603 25.5 PUBLIC KEY PARTNERS 604 25.6 INTERNATIONAL ASSOCIATION FOR CRYPTOGRAPHIC RESEARCH (IACR) 605 25.7 RACE INTEGRITY PRIMITIVES EVALUATION (RIPE) 605 25.8 CONDITIONAL ACCESS FOR EUROPE (CAFE) 606 25.9 ISO/IEC 9979 607 25.10 PROFESSIONAL, CIVIL LIBERTIES, AND INDUSTRY GROUPS 608 25.11 SCICRYPT 608 25.12 CYPHERPUNKS 609 25.13 PATENTS 609 25.14 U.S. EXPORT RULES 610 25.15 FOREIGN IMPORT AND EXPORT OF CRYPTOGRAPHY 617 25.16 LEGAL ISSUES 618 Afterword by Matt Blaze 619 PART V SOURCE CODE Source Code 623 References 675

Read more less

Book SynopsisA definitive guide to cybersecurity law Expanding on the author s experience as a cybersecurity lawyer and law professor, Cybersecurity Law is the definitive guide to cybersecurity law, with an in-depth analysis of U.S.Table of ContentsAbout the Author xv Acknowledgement xvii Introduction xix 1 Data Security Laws and Enforcement Actions 1 1.1 FTC Data Security 2 1.1.1 Overview of Section 5 of the FTC Act 2 1.1.2 Wyndham: Does the FTC Have Authority to Regulate Data Security under Section 5 of the FTC Act? 5 1.1.3 LabMD: What Constitutes Unfair or Deceptive Data Security? 9 1.1.4 FTC June 2015 Guidance on Data Security 11 1.1.5 FTC Protecting Personal Information Guide 14 1.1.6 Lessons from FTC Cybersecurity Complaints 15 1.1.6.1 Failure to Secure Highly Sensitive Information 16 1.1.6.1.1 Use Industry-Standard Encryption for Sensitive Data 16 1.1.6.1.2 Routine Audits and Penetration Testing Are Expected 17 1.1.6.1.3 Health-Related Data Requires Especially Strong Safeguards 18 1.1.6.1.4 Data Security Protection Extends to Paper Documents 19 1.1.6.1.5 Business-to-Business Providers Also Are Accountable to the FTC For Security of Sensitive Data 20 1.1.6.1.6 Companies Are Responsible for the Data Security Practices of Their Contractors 22 1.1.6.1.7 Make Sure That Every Employee Receives Regular Data Security Training for Processing Sensitive Data 23 1.1.6.1.8 Privacy Matters, Even in Data Security 23 1.1.6.1.9 Limit the Sensitive Information Provided to Third Parties 24 1.1.6.2 Failure to Secure Payment Card Information 24 1.1.6.2.1 Adhere to Security Claims about Payment Card Data 24 1.1.6.2.2 Always Encrypt Payment Card Data 25 1.1.6.2.3 Payment Card Data Should Be Encrypted Both in Storage and at Rest 26 1.1.6.2.4 In-Store Purchases Pose Significant Cybersecurity Risks 26 1.1.6.2.5 Minimize Duration of Storage of Payment Card Data 28 1.1.6.2.6 Monitor Systems and Networks for Unauthorized Software 29 1.1.6.2.7 Apps Should Never Override Default App Store Security Settings 29 1.1.6.3 Failure to Adhere to Security Claims 30 1.1.6.3.1 Companies Must Address Commonly Known Security Vulnerabilities 30 1.1.6.3.2 Ensure That Security Controls Are Sufficient to Abide by Promises about Security and Privacy 31 1.1.6.3.3 Omissions about Key Security Flaws Also Can Be Misleading 33 1.1.6.3.4 Companies Must Abide by Promises for Security-Related Consent Choices 33 1.1.6.3.5 Companies That Promise Security Must Ensure Adequate Authentication Procedures 34 1.1.6.3.6 Adhere to Promises about Encryption 35 1.2 State Data Breach Notification Laws 36 1.2.1 When Consumer Notifications Are Required 37 1.2.1.1 Definition of Personal Information 37 1.2.1.2 Encrypted Data 38 1.2.1.3 Risk of Harm 39 1.2.1.4 Safe Harbors and Exceptions to Notice Requirement 39 1.2.2 Notice to Individuals 40 1.2.2.1 Timing of Notice 40 1.2.2.2 Form of Notice 40 1.2.2.3 Content of Notice 41 1.2.3 Notice to Regulators and Consumer Reporting Agencies 41 1.2.4 Penalties for Violating State Breach Notification Laws 42 1.3 State Data Security Laws 42 1.3.1 Oregon 43 1.3.2 Rhode Island 45 1.3.3 Nevada 45 1.3.4 Massachusetts 46 1.4 State Data Disposal Laws 49 2 Cybersecurity Litigation 51 2.1 Article III Standing 52 2.1.1 Applicable Supreme Court Rulings on Standing 53 2.1.2 Lower Court Rulings on Standing in Data Breach Cases 57 2.1.2.1 Injury-in-Fact 57 2.1.2.1.1 Broad View of Injury-in-Fact 57 2.1.2.1.2 Narrow View of Injury-in-Fact 60 2.1.2.2 Fairly Traceable 62 2.1.2.3 Redressability 63 2.2 Common Causes of Action Arising from Data Breaches 64 2.2.1 Negligence 64 2.2.1.1 Legal Duty and Breach of Duty 65 2.2.1.2 Cognizable Injury 66 2.2.1.3 Causation 69 2.2.2 Negligent Misrepresentation or Omission 70 2.2.3 Breach of Contract 72 2.2.4 Breach of Implied Warranty 76 2.2.5 Invasion of Privacy by Publication of Private Facts 80 2.2.6 Unjust Enrichment 81 2.2.7 State Consumer Protection Laws 82 2.3 Class Action Certification in Data Breach Litigation 84 2.4 Insurance Coverage for Cybersecurity Incidents 90 2.5 Protecting Cybersecurity Work Product and Communications from Discovery 94 2.5.1 Attorney-Client Privilege 96 2.5.2 Work Product Doctrine 98 2.5.3 Non-Testifying Expert Privilege 101 2.5.4 Applying the Three Privileges to Cybersecurity: Genesco v. Visa 102 3 Cybersecurity Requirements for Specific Industries 105 3.1 Financial Institutions: Gramm Leach Bliley Act Safeguards Rule 106 3.1.1 Interagency Guidelines 106 3.1.2 Securities and Exchange Commission Regulation S P 109 3.1.3 FTC Safeguards Rule 110 3.2 Financial Institutions and Creditors: Red Flag Rule 112 3.2.1 Financial Institutions or Creditors 113 3.2.2 Covered Accounts 113 3.2.3 Requirements for a Red Flag Identity Theft Prevention Program 114 3.3 Companies That Use Payment and Debit Cards: Payment Card Industry Data Security Standard (PCI DSS) 115 3.4 Health Providers: Health Insurance Portability and Accountability Act (HIPAA) Security Rule 118 3.5 Electric Utilities: Federal Energy Regulatory Commission Critical Infrastructure Protection Reliability Standards 124 3.5.1 CIP 003 6: Cybersecurity Security Management Controls 124 3.5.2 CIP 004 6: Personnel and Training 125 3.5.3 CIP 006 6: Physical Security of Cyber Systems 125 3.5.4 CIP 007 6: Systems Security Management 125 3.5.5 CIP 009 6: Recovery Plans for Cyber Systems 126 3.5.6 CIP 010 2: Configuration Change Management and Vulnerability Assessments 126 3.5.7 CIP 011 2: Information Protection 126 3.6 Nuclear Regulatory Commission Cybersecurity Regulations 127 4 Cybersecurity and Corporate Governance 133 4.1 Securities and Exchange Commission Cybersecurity Expectations for Publicly Traded Companies 134 4.1.1 10-K Disclosures: Risk Factors 135 4.1.2 10-K Disclosures: Management s Discussion and Analysis of Financial Condition and Results of Operations (MD&A) 137 4.1.3 10-K Disclosures: Description of Business 137 4.1.4 10-K Disclosures: Legal Proceedings 138 4.1.5 10-K Disclosures: Examples 138 4.1.5.1 Wal-Mart 138 4.1.5.2 Berkshire Hathaway 142 4.1.5.3 Target Corp 143 4.1.6 Disclosing Data Breaches to Investors 146 4.2 Fiduciary Duty to Shareholders and Derivative Lawsuits Arising from Data Breaches 149 4.3 Committee on Foreign Investment in the United States and Cybersecurity 151 4.4 Export Controls and the Wassenaar Arrangement 153 5 Anti-Hacking Laws 157 5.1 Computer Fraud and Abuse Act 158 5.1.1 Origins of the CFAA 158 5.1.2 Access without Authorization and Exceeding Authorized Access 159 5.1.2.1 Narrow View of Exceeds Authorized Access and without Authorization 161 5.1.2.2 Broader View of Exceeds Authorized Access and without Authorization 165 5.1.2.3 Attempts to Find a Middle Ground 167 5.1.3 The Seven Sections of the CFAA 168 5.1.3.1 CFAA Section (a)(1): Hacking to Commit Espionage 170 5.1.3.2 CFAA Section (a)(2): Hacking to Obtain Information 170 5.1.3.3 CFAA Section (a)(3): Hacking a Federal Government Computer 174 5.1.3.4 CFAA Section (a)(4): Hacking to Commit Fraud 176 5.1.3.5 CFAA Section (a)(5): Hacking to Damage a Computer 179 5.1.3.5.1 CFAA Section (a)(5)(A): Knowing Transmission That Intentionally Damages a Computer without Authorization 179 5.1.3.5.2 CFAA Section (a)(5)(B): Intentional Access without Authorization That Recklessly Causes Damage 182 5.1.3.5.3 CFAA Section (a)(5)(C): Intentional Access without Authorization That Causes Damage and Loss 183 5.1.3.5.4 CFAA Section (a)(5): Requirements for Felony and Misdemeanor Cases 184 5.1.3.6 CFAA Section (a)(6): Trafficking in Passwords 186 5.1.3.7 CFAA Section (a)(7): Threatening to Damage or Obtain Information from a Computer 188 5.1.4 Civil Actions under the CFAA 191 5.1.5 Criticisms of the CFAA 193 5.2 State Computer Hacking Laws 196 5.3 Section 1201 of the Digital Millennium Copyright Act 199 5.3.1 Origins of Section 1201 of the DMCA 200 5.3.2 Three Key Provisions of Section 1201 of the DMCA 201 5.3.2.1 DMCA Section 1201(a)(1) 201 5.3.2.2 DMCA Section 1201(a)(2) 206 5.3.2.2.1 Narrow Interpretation of Section (a)(2): Chamberlain Group v. Skylink Technologies 207 5.3.2.2.2 Broad Interpretation of Section (a)(2): MDY Industries, LLC v. Blizzard Entertainment, Inc. 209 5.3.2.3 DMCA Section 1201(b)(1) 213 5.3.3 Section 1201 Penalties 215 5.3.4 Section 1201 Exemptions 216 5.3.5 The First Amendment and DMCA Section 1201 222 5.4 Economic Espionage Act 225 5.4.1 Origins of the Economic Espionage Act 226 5.4.2 Criminal Prohibitions on Economic Espionage and Theft of Trade Secrets 227 5.4.2.1 Definition of Trade Secret 228 5.4.2.2 Knowing Violations of the Economic Espionage Act 232 5.4.2.3 Purpose and Intent Required under Section 1831: Economic Espionage 232 5.4.2.4 Purpose and Intent Required under Section 1832: Theft of Trade Secrets 234 5.4.3 Civil Actions for Trade Secret Misappropriation: The Defend Trade Secrets Act of 2016 236 5.4.3.1 Definition of Misappropriation 237 5.4.3.2 Civil Seizures 238 5.4.3.3 Injunctions 239 5.4.3.4 Damages 239 5.4.3.5 Statute of Limitations 240 6 Public-Private Cybersecurity Partnerships 241 6.1 U.S. Government s Civilian Cybersecurity Organization 242 6.2 Department of Homeland Security Information Sharing under the Cybersecurity Act of 2015 243 6.3 Energy Department s Cyber-Threat Information Sharing 247 6.4 Critical Infrastructure Executive Order and the National Institute of Standards and Technology s Cybersecurity Framework 248 6.5 U.S. Military Involvement in Cybersecurity and the Posse Comitatus Act 254 7 Surveillance and Cyber 257 7.1 Fourth Amendment 258 7.1.1 Was the Search or Seizure Conducted by a Government Entity or Government Agent? 259 7.1.2 Did the Search or Seizure Invade an Individual s Protected Interests? 263 7.1.3 Did the Government Have a Warrant? 267 7.1.4 If the Government Did Not Have a Warrant, Did an Exception to the Warrant Requirement Apply? 269 7.1.5 Was the Search or Seizure Reasonable under the Totality of the Circumstances? 271 7.2 Electronic Communications Privacy Act 273 7.2.1 Stored Communications Act 274 7.2.1.1 Section 2701: Third Party Hacking of Stored Communications 276 7.2.1.2 Section 2702: Restrictions on Service Providers Ability to Disclose Stored Communications and Records to the Government and Private Parties 277 7.2.1.2.1 The Cybersecurity Act of 2015: Allowing Service Providers to Disclose Cybersecurity Threats to the Government 280 7.2.1.3 Section 2703: Government s Ability to Force Service Providers to Turn over Stored Communications and Customer Records 282 7.2.2 Wiretap Act 284 7.2.3 Pen Register Act 288 7.2.4 National Security Letters 289 7.3 Communications Assistance for Law Enforcement Act (CALEA) 291 7.4 Encryption and the All Writs Act 292 8 Cybersecurity and Federal Government Contractors 297 8.1 Federal Information Security Management Act 298 8.2 NIST Information Security Controls for Government Agencies and Contractors 299 8.3 Classified Information Cybersecurity 304 8.4 Covered Defense Information and Controlled Unclassified Information 307 9 Privacy Laws 315 9.1 Section 5 of the FTC Act and Privacy 316 9.2 Health Insurance Portability and Accountability Act 322 9.3 Gramm-Leach-Bliley Act and California Financial Information Privacy Act 324 9.4 CAN-SPAM Act 325 9.5 Video Privacy Protection Act 326 9.6 Children s Online Privacy Protection Act 328 9.7 California Online Privacy Laws 330 9.7.1 California Online Privacy Protection Act (CalOPPA) 330 9.7.2 California Shine the Light Law 331 9.7.3 California Minor Eraser Law 333 9.8 Illinois Biometric Information Privacy Act 335 10 International Cybersecurity Law 337 10.1 European Union 338 10.2 Canada 344 10.3 China 348 10.4 Mexico 351 10.5 Japan 354 Appendix A: Text of Section 5 of the FTC Act 359 Appendix B: Summary of State Data Breach Notification Laws 367 Appendix C: Text of Section 1201 of the Digital Millennium Copyright Act 411 Appendix D: Text of the Computer Fraud and Abuse Act 423 Appendix E: Text of the Electronic Communications Privacy Act 431 Index 483

Read more less

Book SynopsisHelp for grown-ups new to coding Getting a jump on learning how coding makes technology work is essential to prepare kids for the future. Unfortunately, many parents, teachers, and mentors didn't learn the unique logic and language of coding in school. Helping Kids with Coding For Dummies comes to the rescue. It breaks beginning coding into easy-to-understand language so you can help a child with coding homework, supplement an existing coding curriculum, or have fun learning with your favorite kid. The demand to have younger students learn coding has increased in recent years as the demand for trained coders has far exceeded the supply of coders. Luckily, this fun and accessible book makes it a snap to learn the skills necessary to help youngsters develop into proud, capable coders! Help with coding homework or enhance a coding curriculumGet familiar with coding logic and how to de-bug programsComplete small projects as you learn coding languageApply math skills to coding If you're Table of ContentsIntroduction 1 About This Book 1 Foolish Assumptions 2 Icons Used in This Book 3 Where to Go from Here 3 Part 1: Getting Started with Coding 5 Chapter 1: Welcome To (Or Back To) Coding 7 Why Kids Are Coding 8 What are they learning? 8 How are they learning? 9 What does it mean down the road? 10 Why You Need to Know Coding 11 Fear and loathing (of coding) 11 You may already know more than you think 12 Where Do You Come In? 13 In the classroom 13 Camp or after-school coach 15 Mentor 16 Working with Young Coders 18 Chapter 2: Understanding the Big Ideas 19 Seeing the Big Picture in Coding 19 Acting Out the Big Picture, Unplugged 20 Dramatizing a noncoding process 21 Walking through some daily tasks 22 Creating an Algorithm 23 Turning a picture into words 23 One possible vacuuming algorithm in code 24 Representing Algorithms 26 Acting it out 27 Drawing a picture 27 Creating a storyboard 28 Building a flowchart 28 Writing pseudocode 30 Commenting the bones 31 Organizing with Sequence, Selection, and Repetition 33 Sequence 34 Selection 35 Repetition 36 Including Randomness in Your Coding 38 Chapter 3: Figuring Out Programming Languages 41 What You Want in a Language 42 Free Languages for Tots and Kids 42 The Foos 42 Think & Learn Code-a-Pillar 43 Daisy the Dinosaur 43 Scratch Jr 44 Free Languages for Youth and Tweens 45 Scratch 45 Hopscotch 47 Kodu 47 Languages for Teens and Older 48 Alice 48 MIT App Inventor 2 49 Python 50 JavaScript 53 Java 55 Other Awesome (Not-So-Free) Languages 58 MicroWorlds EX 58 Tynker 58 GameSalad 58 Part 2: Getting Your Hands on Code 61 Chapter 4: Working with Words 63 Communicating with Text 63 Showing Text Onscreen 64 Using pseudocode 64 Using Scratch 64 Using Python 65 Using HTML 66 Using JavaScript in an app 66 Using Java 68 Words In, Words Out 69 Using Scratch 70 Using Python 71 Using HTML and JavaScript 71 Using JavaScript in an app 72 Combining Text Onscreen 74 Using pseudocode 75 Using Scratch 75 Using Python and other languages 75 Formatting Text Onscreen 77 A Mad Libs Example 78 Chapter 5: Knowing Where You Are and Where You’re Going 81 Acting Out Position, Unplugged 82 Setting and Finding Position 85 Using pseudocode 85 Using Scratch to set position 86 Using Scratch to find position 87 Using JavaScript 87 Positioning Objects Randomly 93 Using Scratch 93 Using JavaScript 94 Setting and Finding Direction 95 Using pseudocode 95 Using Scratch 96 Setting Object Direction Randomly 97 Using Scratch 97 Turning 98 Using pseudocode 98 Using Scratch 98 Acting Out Motion, Unplugged 99 Making an Object Move 100 Using pseudocode 100 Using Scratch 101 Using JavaScript 103 Asteroid Blaster 104 Chapter 6: Getting Fancy with Graphics and Sound 107 Sizes of Images and Sounds, Unplugged 108 Activities surrounding images and sounds 108 Knowing your sizes 109 Using Graphics in Your Programs 109 Image file types 109 Creating images 110 Finding images on the web 111 Importing a JPEG or PNG in Scratch 114 Importing a GIF in Scratch 116 Importing a JPEG, PNG, or GIF in JavaScript 117 Adding Sound to Your Programs 117 Sound file types 118 Creating original sounds 118 Finding sounds on the web 119 Importing sounds into Scratch 120 Importing audio into JavaScript 121 Creating a Sound Board 122 Part 3: There is Math on This Test! 125 Chapter 7: Tackling These Ever-Changing Variables 127 Acting Out Variables, Unplugged 127 Variable parts 128 Dramatizing variables 130 I Do Declare (And Initialize) 132 Using pseudocode 132 Using Scratch 133 Using Python 134 Using JavaScript 135 Using Java 136 Checking on Variable Values 137 Using Scratch 138 Using Python 138 Using JavaScript 138 Using Java 140 Incrementing and Decrementing Variables 140 Using pseudocode 140 Using Scratch 141 Using Python 141 Using JavaScript 142 Using Java 142 Creating a Stock Ticker 142 Chapter 8: Computing Using Math 145 Acting Out Math, Unplugged 145 Number types 146 Dramatizing math 146 Doing Simple Math 149 Using pseudocode 149 Using Scratch 149 Using Python 150 Doing Advanced Math Operations 150 Using pseudocode 151 Using Scratch 152 Using Python 153 Oh So Mod — Using the Mod Operation 156 Using pseudocode 157 Using Scratch 157 Using Python 157 Ordering Those Operations (PEMDAS) 157 Using Scratch 158 Using Python 158 Rounding 159 Rounding via casting in Java 160 Rounding decimals to integers via methods 160 Generating and Using Random Numbers 162 Using pseudocode 162 Using Scratch 162 Using Python 163 Coding a Crypto Code Maker 163 Chapter 9: Helping with Logic Operations 167 Simple Logic, Unplugged 167 Programming Simple Conditionals 169 In pseudocode 169 In Scratch 169 In Python 170 In JavaScript 170 In Java 172 Advanced Logic, Unplugged 174 Coding Compound Conditionals (aka, AND, NOT, and OR Will Get You Pretty Far!) 176 In pseudocode 177 Compound conditionals in Scratch 177 In Python 179 In JavaScript 181 In Java 181 Rock, Paper, Scissors 182 Chapter 10: Getting Loopy 185 Loops, Unplugged 185 Repeat fun, unplugged 186 Random loop conditions, unplugged 186 Loop Types and Structures 187 Infinite loops 188 Actions repeated in loops 188 Conditions of loops 188 Using pseudocode 189 Using Scratch 191 Using Python 193 Nesting Loops 196 Using pseudocode 196 Using Scratch 197 Using Python 198 Coding the Classic Fibonacci Sequence 199 Chapter 11: Adding Lists 201 Lists, Unplugged 201 Introducing Lists 203 Using pseudocode 203 Using Scratch 205 Using Java 208 Sorting Lists 215 Selection sort: An easy sorting algorithm 215 Common application: Arranging numbers in order 216 Searching Lists 217 Linear versus binary searching algorithms 217 Common application: Finding a phone number 218 Chapter 12: Coding Subprograms 221 Subprograms, Unplugged 221 Starting with Pseudocode 223 Creating a Spirograph with Subprograms 224 Pseudocode 225 Scratch 225 JavaScript 227 Java 228 Coding Subprograms with Parameters 230 Scratch code block with parameters 230 JavaScript, with parameters 233 Java, with parameters 234 Part 4: Applying What You Know 237 Chapter 13: Fixing Problems by Debugging 239 Debugging, Unplugged 240 Finding Common Syntax Errors 242 Scoping errors 242 Typing errors 243 Incorrect data types 244 Finding Common Semantic Errors 245 Infinite loops 245 Off by one 246 Strategies for Debugging 248 Turning sections on and off 248 Testing sample data 251 Adding output messages 251 Walking Away 253 Chapter 14: Creating a Webpage 255 Getting Set Up 255 Creating a Basic Webpage Layout 261 The skeleton: HTML basics 262 The aesthetics: CSS 265 Getting Fancy with Color and Graphics 272 Adding color to your page 272 Introducing graphics 276 Adding Hyperlinks 278 Going Interactive with JavaScript 280 Adding buttons 280 Changing your page with buttons 282 Combining HTML, CSS, and JavaScript 283 Chapter 15: Building a Mobile Game 289 Getting Started with MIT App Inventor 289 Community and support within MIT App Inventor 291 The layout of MIT App Inventor 292 Using an Emulator versus a Real Device 294 Using the Android Emulator 294 Using a real Android device 295 Testing on the emulator and Android device 295 Designing Mobile Apps 302 Adding the Components in Design View 303 Coding Your Mobile App 306 Getting your puppy moving 306 Setting up your start screen and variables 308 Coding random placement of items 309 Coding collision with items 311 Levels, timers, and final score 312 Distributing Your Apps 315 Chapter 16: Programming Simple Electronics 317 Gathering Your Hardware 317 The micro:bit board 318 Buying the board and components 318 Accessing the Software 320 Navigating the interface 320 Writing and using a program 321 Don’t Wake Baby Gadget 324 Flowcharting the program 324 Writing the code 326 Downloading code to the micro:bit 333 Connecting hardware components 333 Testing the device 334 Trying Wacky and Fun Variations 335 Part 5: The Part of Tens 337 Chapter 17: Ten Do’s and Don’ts for Selecting a Kids Coding Curriculum 339 DO Find the Right Entry Level 340 Getting started in elementary grades 340 Getting started in the middle grades 341 Getting started in high school grades 341 DON’T Assume Cost Equals Quality 343 DO Balance Lessons with Free Exploration 344 DON’T Instantly Dismiss Teaching Languages 344 DO Consult CSTA for Guidance 346 DON’T Buy “Coding” Toys for Babies 346 DO Emphasize the Soft Skills 346 DON’T Let Kids Get Stuck in a Loop 347 DO Present the Bigger Picture 347 DON’T Stereotype Coders 347 Chapter 18: Ten Ways to Keep the Coding Learning Going 349 Unplugged 349 Research Pioneers of Computing 350 Go Lateral from Code 351 Language Tracking 351 Smart Home Projects 352 Include Outside Passions 352 Open-Source Projects 353 Group Projects 354 Community Support 354 Portfolios 355 Index 357

Read more less

Book SynopsisMeet the world's top ethical hackers and explore the tools of the trade Hacking the Hacker takes you inside the world of cybersecurity to show you what goes on behind the scenes, and introduces you to the men and women on the front lines of this technological arms race.Table of ContentsForeword xxxi Introduction xxxiii 1 What Type of Hacker Are You? 1 Most Hackers Aren’t Geniuses 2 Defenders Are Hackers Plus 3 Hackers Are Special 3 Hackers Are Persistent 4 Hacker Hats 4 2 How Hackers Hack 9 The Secret to Hacking 10 The Hacking Methodology 11 Hacking Is Boringly Successful 20 Automated Malware as a Hacking Tool 20 Hacking Ethically 21 3 Profile: Bruce Schneier 23 For More Information on Bruce Schneier 26 4 Social Engineering 27 Social Engineering Methods 27 Phishing 27 Trojan Horse Execution 28 Over the Phone 28 Purchase Scams 28 In-Person 29 Carrot or Stick 29 Social Engineering Defenses 30 Education 30 Be Careful of Installing Software from Third-Party Websites 30 EV Digital Certificates 31 Get Rid of Passwords 31 Anti–Social Engineering Technologies 31 5 Profile: Kevin Mitnick 33 For More Information on Kevin Mitnick 37 6 Software Vulnerabilities 39 Number of Software Vulnerabilities 39 Why Are Software Vulnerabilities Still a Big Problem? 40 Defenses Against Software Vulnerabilities 41 Security Development Lifecycle 41 More Secure Programming Languages 42 Code and Program Analysis 42 More Secure Operating Systems 42 Third-Party Protections and Vendor Add-Ons 42 Perfect Software Won’t Cure All Ills 43 7 Profile: Michael Howard 45 For More Information on Michael Howard 49 8 Profile: Gary McGraw 51 For More Information on Gary McGraw 54 9 Malware 55 Malware Types 55 Number of Malware Programs 56 Mostly Criminal in Origin 57 Defenses Against Malware 58 Fully Patched Software 58 Training 58 Anti-Malware Software 58 Application Control Programs 59 Security Boundaries 59 Intrusion Detection 59 10 Profile: Susan Bradley 61 For More Information on Susan Bradley 63 11 Profile: Mark Russinovich 65 For More on Mark Russinovich 68 12 Cryptography 69 What Is Cryptography? 69 Why Can’t Attackers Just Guess All the Possible Keys? 70 Symmetric Versus Asymmetric Keys 70 Popular Cryptography 70 Hashes 71 Cryptographic Uses 72 Cryptographic Attacks 72 Math Attacks 72 Known Ciphertext/Plaintext 73 Side Channel Attacks 73 Insecure Implementations 73 13 Profile: Martin Hellman 75 For More Information on Martin Hellman 79 14 Intrusion Detection/APTs 81 Traits of a Good Security Event Message 82 Advanced Persistent Threats (APTs) 82 Types of Intrusion Detection 83 Behavior-Based 83 Signature-Based 84 Intrusion Detection Tools and Services 84 Intrusion Detection/Prevention Systems 84 Event Log Management Systems 85 Detecting Advanced Persistent Threats (APTs) 85 15 Profile: Dr. Dorothy E. Denning 87 For More Information on Dr Dorothy E Denning 90 16 Profile: Michael Dubinsky 91 For More Information on Michael Dubinsky 93 17 Firewalls 95 What Is a Firewall? 95 The Early History of Firewalls 95 Firewall Rules 97 Where Are Firewalls? 97 Advanced Firewalls 98 What Firewalls Protect Against 98 18 Profile: William Cheswick 101 For More Information on William Cheswick 105 19 Honeypots 107 What Is a Honeypot? 107 Interaction 108 Why Use a Honeypot? 108 Catching My Own Russian Spy 109 Honeypot Resources to Explore 110 20 Profile: Lance Spitzner 111 For More Information on Lance Spitzner 114 21 Password Hacking 115 Authentication Components 115 Passwords 116 Authentication Databases 116 Password Hashes 116 Authentication Challenges 116 Authentication Factors 117 Hacking Passwords 117 Password Guessing 117 Phishing 118 Keylogging 118 Hash Cracking 118 Credential Reuse 119 Hacking Password Reset Portals 119 Password Defenses 119 Complexity and Length 120 Frequent Changes with No Repeating 120 Not Sharing Passwords Between Systems 120 Account Lockout 121 Strong Password Hashes 121 Don’t Use Passwords 121 Credential Theft Defenses 121 Reset Portal Defenses 122 22 Profile: Dr. Cormac Herley 123 For More Information on Dr. Cormac Herley 126 23 Wireless Hacking 127 The Wireless World 127 Types of Wireless Hacking 127 Attacking the Access Point 128 Denial of Service 128 Guessing a Wireless Channel Password 128 Session Hijacking 128 Stealing Information 129 Physically Locating a User 129 Some Wireless Hacking Tools 129 Aircrack-Ng 130 Kismet 130 Fern Wi-Fi Hacker 130 Firesheep 130 Wireless Hacking Defenses 130 Frequency Hopping 130 Predefined Client Identification 131 Strong Protocols 131 Long Passwords 131 Patching Access Points 131 Electromagnetic Shielding 131 24 Profile: Thomas d’Otreppe de Bouvette 133 For More Information on Thomas d’Otreppe de Bouvette 135 25 Penetration Testing 137 My Penetration Testing Highlights 137 Hacked Every Cable Box in the Country 137 Simultaneously Hacked a Major Television Network and Pornography 138 Hacked a Major Credit Card Company 138 Created a Camera Virus 139 How to Be a Pen Tester 139 Hacker Methodology 139 Get Documented Permission First 140 Get a Signed Contract 140 Reporting 140 Certifications 141 Be Ethical 145 Minimize Potential Operational Interruption 145 26 Profile: Aaron Higbee 147 For More Information on Aaron Higbee 149 27 Profile: Benild Joseph 151 For More Information on Benild Joseph 153 28 DDoS Attacks 155 Types of DDoS Attacks 155 Denial of Service 155 Direct Attacks 156 Reflection Attacks 156 Amplification 156 Every Layer in the OSI Model 157 Escalating Attacks 157 Upstream and Downsteam Attacks 157 DDoS Tools and Providers 158 Tools 158 DDoS as a Service 158 DDoS Defenses 159 Training 159 Stress Testing 159 Appropriate Network Configuration 159 Engineer Out Potential Weak Points 159 Anti-DDoS Services 160 29 Profile: Brian Krebs 161 For More Information on Brian Krebs 164 30 Secure OS 165 How to Secure an Operating System 166 Secure-Built OS 166 Secure Guidelines 168 Secure Configuration Tools 169 Security Consortiums 169 Trusted Computing Group 169 FIDO Alliance 169 31 Profile: Joanna Rutkowska 171 For More Information on Joanna Rutkowska 173 32 Profile: Aaron Margosis 175 For More Information on Aaron Margosis 179 33 Network Attacks 181 Types of Network Attacks 181 Eavesdropping 182 Man-in-the-Middle Attacks 182 Distributed Denial-of-Service Attacks 183 Network Attack Defenses 183 Domain Isolation 183 Virtual Private Networks 183 Use Secure Protocols and Applications 183 Network Intrusion Detection 184 Anti-DDoS Defenses 184 Visit Secure Web Sites and Use Secure Services 184 34 Profile: Laura Chappell 185 For More Information on Laura Chappell 188 35 IoT Hacking 189 How Do Hackers Hack IoT? 189 IoT Defenses 190 36 Profile: Dr. Charlie Miller 193 For More Information on Dr. Charlie Miller 198 37 Policy and Strategy 201 Standards 201 Policies 202 Procedures 203 Frameworks 203 Regulatory Laws 203 Global Concerns 203 Systems Support 204 38 Profile: Jing de Jong-Chen 205 For More Information on Jing de Jong-Chen 209 39 Threat Modeling 211 Why Threat Model? 211 Threat Modeling Models 212 Threat Actors 213 Nation-States 213 Industrial Hackers 213 Financial Crime 213 Hacktivists 214 Gamers 214 Insider Threats 214 Ordinary, Solitary Hackers or Hacker Groups 214 40 Profile: Adam Shostack 217 For More Information on Adam Shostack 220 41 Computer Security Education 221 Computer Security Training Topics 222 End-User/Security Awareness Training 222 General IT Security Training 222 Incident Response 222 OS and Application-Specific Training 223 Technical Skills 223 Certifications 223 Training Methods 224 Online Training 224 Break into My Website 224 Schools and Training Centers 224 Boot Camps 225 Corporate Training 225 Books 225 42 Profile: Stephen Northcutt 227 For More Information on Stephen Northcutt 230 43 Privacy 231 Privacy Organizations 232 Privacy-Protecting Applications 233 44 Profile: Eva Galperin 235 For More Information on Eva Galperin 237 45 Patching 239 Patching Facts 240 Most Exploits Are Caused by Old Vulnerabilities That Patches Exist For 240 Most Exploits Are Caused by a Few Unpatched Programs 240 The Most Unpatched Program Isn’t Always the Most Exploited Program 241 You Need to Patch Hardware Too 241 Common Patching Problems 241 Detecting Missing Patching Isn’t Accurate 241 You Can’t Always Patch 242 Some Percentage of Patching Always Fails 242 Patching Will Cause Operational Issues 242 A Patch Is a Globally Broadcasted Exploit Announcement 243 46 Profile: Window Snyder 245 For More Information on Window Snyder 248 47 Writing as a Career 249 Computer Security Writing Outlets 250 Blogs 250 Social Media Sites 250 Articles 250 Books 251 Newsletters 253 Whitepapers 254 Technical Reviews 254 Conferences 254 Professional Writing Tips 255 The Hardest Part Is Starting 255 Read Differently 255 Start Out Free 255 Be Professional 256 Be Your Own Publicist 256 A Picture Is Worth a Thousand Words 256 48 Profile: Fahmida Y . Rashid 259 For More Information on Fahmida Y. Rashid 262 49 Guide for Parents with Young Hackers 263 Signs Your Kid Is Hacking 264 They Tell You They Hack 264 Overly Secretive About Their Online Activities 264 They Have Multiple Email/Social Media Accounts You Can’t Access 265 You Find Hacking Tools on the System 265 People Complain You Are Hacking 265 You Catch Them Switching Screens Every Time You Walk into the Room 265 These Signs Could Be Normal 265 Not All Hacking Is Bad 266 How to Turn Around Your Malicious Hacker 266 Move Their Computers into the Main Living Area and Monitor 267 Give Guidance 267 Give Legal Places to Hack 267 Connect Them with a Good Mentor 269 50 Hacker Code of Ethics 271 Hacker Code of Ethics 272 Be Ethical, Transparent, and Honest 273 Don’t Break the Law 273 Get Permission 273 Be Confidential with Sensitive Information 273 Do No Greater Harm 273 Conduct Yourself Professionally 274 Be a Light for Others 274 Index 275

Read more less

Book SynopsisTable of ContentsForeword xxi Introduction xxiii Part I Understanding the Technology 1 Chapter 1 What Is a Cryptocurrency? 3 A New Concept? 3 Leading Currencies in the Field 8 Is Blockchain Technology Just for Cryptocurrencies? 9 Setting Yourself Up as a Bitcoin User 10 Summary 14 Chapter 2 The Hard Bit 15 Hashing 16 Public/Private Key Encryption 21 RSA Cryptography 23 Elliptic Curve Cryptography 28 Building a Simple Cryptocurrency in the Lab 32 Summary 36 Chapter 3 Understanding the Blockchain 39 The Structure of a Block 40 The Block Header 42 Deconstructing Raw Blocks from Hex 47 Applying This to the Downloaded Hex 51 Number of Transactions 55 Block Height 57 Forks 58 The Ethereum Block 61 Summary 65 Chapter 4 Transactions 67 The Concept behind a Transaction 67 The Mechanics of a Transaction 69 Understanding the Mempool 76 Understanding the ScriptSig and ScriptPubKey 77 Interpreting Raw Transactions 79 Extracting JSON Data 81 Analyzing Address History 82 Creating Vanity Addresses 83 Interpreting Ethereum Transactions 85 Summary 86 Chapter 5 Mining 87 The Proof-of-Work Concept 89 The Proof-of-Stake Concept 90 Mining Pools 90 Mining Fraud 92 Summary 93 Chapter 6 Wallets 95 Wallet Types 96 Software Wallets 96 Hardware Wallets 97 Cold Wallets or Cold Storage 98 Why Is Recognizing Wallets Important? 99 Software Wallets 100 Hardware Wallets 100 Paper Wallets 100 The Wallet Import Format (WIF) 101 How Wallets Store Keys 102 Setting Up a Covert Wallet 105 Summary 107 Chapter 7 Contracts and Tokens 109 Contracts 109 Bitcoin 110 Ethereum 110 Tokens and Initial Coin Offerings 112 Summary 116 Part II Carrying Out Investigations 117 Chapter 8 Detecting the Use of Cryptocurrencies 119 The Premises Search 120 A New Category of Search Targets 121 Questioning 124 Searching Online 125 Extracting Private and Public Keys from Seized Computers 130 Commercial Tools 130 Extracting the Wallet File 131 Automating the Search for Bitcoin Addresses 135 Finding Data in a Memory Dump 136 Working on a Live Computer 137 Acquiring the Wallet File 138 Exporting Data from the Bitcoin Daemon 140 Extracting Wallet Data from Live Linux and OSX Systems 144 Summary 145 Chapter 9 Analysis of Recovered Addresses and Wallets 147 Finding Information on a Recovered Address 147 Extracting Raw Data from Ethereum 154 Searching for Information on a Specifi c Address 155 Analyzing a Recovered Wallet 161 Setting Up Your Investigation Environment 161 Importing a Private Key 166 Dealing with an Encrypted Wallet 167 Inferring Other Data 172 Summary 173 Chapter 10 Following the Money 175 Initial Hints and Tips 175 Transactions on Blockchain.info 176 Identifying Change Addresses 177 Another Simple Method to Identify Clusters 181 Moving from Transaction to Transaction 182 Putting the Techniques Together 184 Other Explorer Sites 186 Following Ethereum Transactions 189 Monitoring Addresses 193 Blockonomics.co 193 Bitnotify.com 194 Writing Your Own Monitoring Script 194 Monitoring Ethereum Addresses 196 Summary 197 Chapter 11 Visualization Systems 199 Online Blockchain Viewers 199 Blockchain.info 200 Etherscan.io 201 Commercial Visualization Systems 214 Summary 215 Chapter 12 Finding Your Suspect 217 Tracing an IP Address 217 Bitnodes 219 Other Areas Where IPs Are Stored 226 Is the Suspect Using Tor? 228 Is the Suspect Using a Proxy or a VPN? 229 Tracking to a Service Provider 231 Considering Open-Source Methods 235 Accessing and Searching the Dark Web 237 Detecting and Reading Micromessages 241 Summary 244 Chapter 13 Sniffi ng Cryptocurrency Traffi c 245 What Is Intercept? 246 Watching a Bitcoin Node 247 Sniffi ng Data on the Wire 248 Summary 254 Chapter 14 Seizing Coins 255 Asset Seizure 256 Cashing Out 256 Setting Up a Storage Wallet 259 Importing a Suspect’s Private Key 261 Storage and Security 263 Seizure from an Online Wallet 265 Practice, Practice, Practice 265 Summary 266 Chapter 15 Putting It All Together 267 Examples of Cryptocurrency Crimes 268 Buying Illegal Goods 268 Selling Illegal Goods 268 Stealing Cryptocurrency 269 Money Laundering 269 Kidnap and Extortion 270 What Have You Learned? 270 Where Do You Go from Here? 273 Index 275

Read more less

Book SynopsisIncident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary.Applied Incident Responsedetails effective ways to respond to advanced attacks against local and remote network resources,providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including: Preparing your environment for effective incident responseLeveraging MITRE ATT&CK and threat intelligence for active network defenseLocal and remote triage of systems using PowerShell, WMIC, and open-source toolsAcquiring RAM and disk images locally and remotelyAnalyzing RAM with Volatility and RekallDeep-dive forensic analysis of system drives using open-source or commercial toolsLeveraging Security Onion and ElaTable of ContentsPart I Prepare 1 Chapter 1 The Threat Landscape 3 Attacker Motivations 3 Intellectual Property Theft 4 Supply Chain Attack 4 Financial Fraud 4 Extortion 5 Espionage 5 Power 5 Hacktivism 6 Revenge 6 Attack Methods 6 DoS and DDoS 7 Worms 8 Ransomware 8 Phishing 9 Spear Phishing 9 Watering Hole Attacks 10 Web Attacks 10 Wireless Attacks 11 Sniffing and MitM 11 Crypto Mining 12 Password Attacks 12 Anatomy of an Attack 13 Reconnaissance 13 Exploitation 14 Expansion/Entrenchment 15 Exfiltration/Damage 16 Clean Up 16 The Modern Adversary 16 Credentials, the Keys to the Kingdom 17 Conclusion 20 Chapter 2 Incident Readiness 21 Preparing Your Process 21 Preparing Your People 27 Preparing Your Technology 30 Ensuring Adequate Visibility 33 Arming Your Responders 37 Business Continuity and Disaster Recovery 38 Deception Techniques 40 Conclusion 43 Part II Respond 45 Chapter 3 Remote Triage 47 Finding Evil 48 Rogue Connections 49 Unusual Processes 52 Unusual Ports 55 Unusual Services 56 Rogue Accounts 56 Unusual Files 58 Autostart Locations 59 Guarding Your Credentials 61 Understanding Interactive Logons 61 Incident Handling Precautions 63 RDP Restricted Admin Mode and Remote Credential Guard 64 Conclusion 65 Chapter 4 Remote Triage Tools 67 Windows Management Instrumentation Command-Line Utility 67 Understanding WMI and the WMIC Syntax 68 Forensically Sound Approaches 71 WMIC and WQL Elements 72 Example WMIC Commands 79 PowerShell 84 Basic PowerShell Cmdlets 87 PowerShell Remoting 91 Accessing WMI/MI/CIM with PowerShell 95 Incident Response Frameworks 98 Conclusion 100 Chapter 5 Acquiring Memory 103 Order of Volatility 103 Local Memory Collection 105 Preparing Storage Media 107 The Collection Process 109 Remote Memory Collection 117 WMIC for Remote Collection 119 PowerShell Remoting for Remote Collection 122 Agents for Remote Collection 125 Live Memory Analysis 128 Local Live Memory Analysis 129 Remote Live Memory Analysis 129 Conclusion 131 Chapter 6 Disk Imaging 133 Protecting the Integrity of Evidence 133 Dead-Box Imaging 137 Using a Hardware Write Blocker 139 Using a Bootable Linux Distribution 143 Live Imaging 149 Live Imaging Locally 149 Collecting a Live Image Remotely 154 Imaging Virtual Machines 155 Conclusion 160 Chapter 7 Network Security Monitoring 161 Security Onion 161 Architecture 162 Tools 165 Snort, Sguil, and Squert 166 Zeek (Formerly Bro) 172 Elastic Stack 182 Text-Based Log Analysis 194 Conclusion 197 Chapter 8 Event Log Analysis 199 Understanding Event Logs 199 Account-Related Events 207 Object Access 218 Auditing System Configuration Changes 221 Process Auditing 224 Auditing PowerShell Use 229 Using PowerShell to Query Event Logs 231 Conclusion 233 Chapter 9 Memory Analysis 235 The Importance of Baselines 236 Sources of Memory Data 242 Using Volatility and Rekall 244 Examining Processes 249 The pslist Plug-in 249 The pstree Plug-in 252 The dlllist Plug-in 255 The psxview Plug-in 256 The handles Plug-in 256 The malfi nd Plug-in 257 Examining Windows Services 259 Examining Network Activity 261 Detecting Anomalies 264 Practice Makes Perfect 273 Conclusion 274 Chapter 10 Malware Analysis 277 Online Analysis Services 277 Static Analysis 280 Dynamic Analysis 286 Manual Dynamic Analysis 287 Automated Malware Analysis 299 Evading Sandbox Detection 305 Reverse Engineering 306 Conclusion 309 Chapter 11 Disk Forensics 311 Forensics Tools 312 Time Stamp Analysis 314 Link Files and Jump Lists 319 Prefetch 321 System Resource Usage Monitor 322 Registry Analysis 324 Browser Activity 333 USN Journal 337 Volume Shadow Copies 338 Automated Triage 340 Linux/UNIX System Artifacts 342 Conclusion 344 Chapter 12 Lateral Movement Analysis 345 Server Message Block 345 Pass-the-Hash Attacks 351 Kerberos Attacks 353 Pass-the-Ticket and Overpass-the-Hash Attacks 354 Golden and Silver Tickets 361 Kerberoasting 363 PsExec 365 Scheduled Tasks 368 Service Controller 369 Remote Desktop Protocol 370 Windows Management Instrumentation 372 Windows Remote Management 373 PowerShell Remoting 374 SSH Tunnels and Other Pivots 376 Conclusion 378 Part III Refine 379 Chapter 13 Continuous Improvement 381 Document, Document, Document 381 Validating Mitigation Efforts 383 Building On Your Successes, and Learning from Your Mistakes 384 Improving Your Defenses 388 Privileged Accounts 389 Execution Controls 392 PowerShell 394 Segmentation and Isolation 396 Conclusion 397 Chapter 14 Proactive Activities 399 Threat Hunting 399 Adversary Emulation 409 Atomic Red Team 410 Caldera 415 Conclusion 416 Index 419

Read more less

Book SynopsisLearn to deploy proven cryptographic tools in your applications and services Cryptography is, quite simply, what makes security and privacy in the digital world possible. Tech professionals, including programmers, IT admins, and security analysts, need to understand how cryptography works to protect users, data, and assets. Implementing Cryptography Using Python will teach you the essentials, so you can apply proven cryptographic tools to secure your applications and systems. Because this book uses Python, an easily accessible language that has become one of the standards for cryptography implementation, you'll be able to quickly learn how to secure applications and data of all kinds. In this easy-to-read guide, well-known cybersecurity expert Shannon Bray walks you through creating secure communications in public channels using public-key cryptography. You'll also explore methods of authenticating messages to ensure that they haven't been tampered with in transit. Finally, you'll lTable of ContentsIntroduction xvii Chapter 1 Introduction to Cryptography and Python 1 Exploring Algorithms 2 Why Use Python? 2 Downloading and Installing Python 3 Installing on Ubuntu 4 Installing on macOS 4 Installing on Windows 4 Installing on a Chromebook 4 Installing Additional Packages 5 Installing Pip, NumPy, and Matplotlib 6 Installing the Cryptography Package 7 Installing Additional Packages 8 Testing Your Install 9 Diving into Python Basics 9 Using Variables 10 Using Strings 11 Introducing Operators 11 Understanding Arithmetic Operators 11 Understanding Comparison Operators 13 Understanding Logical Operators 13 Understanding Assignment Operators 14 Understanding Bitwise Operators 15 Understanding Membership Operators 15 Understanding Identity Operators 16 Using Conditionals 16 Using Loops 17 for 17 while 18 continue 18 break 18 else 18 Using Files 19 Understanding Python Semantics 20 Sequence Types 20 Introducing Custom Functions 26 Downloading Files Using Python 27 Introducing Python Modules 28 Creating a Reverse Cipher 29 Summary 30 Chapter 2 Cryptographic Protocols and Perfect Secrecy 31 The Study of Cryptology 32 Understanding Cryptography 32 Cryptography’s Famous Family: Alice and Bob 33 Diffie-Hellman 34 Data Origin Authentication 34 Entity Authentication 35 Symmetric Algorithms 36 Asymmetric Algorithms 36 The Needham-Schroeder Protocols 36 The Otway-Rees Protocol 38 Kerberos 39 Multiple-Domain Kerberos 40 X.509 41 Formal Validation of Cryptographic Protocols 46 Configuring Your First Cryptographic Library 47 Understanding Cryptanalysis 47 Brute-Force Attacks 47 Side-Channel Attacks 48 Social Engineering 48 Analytical Attacks 48 Frequency Analysis 48 Attack Models 49 Shannon’s Theorem 50 One-Time Pad 51 XOR, AND, and OR 51 One-Time Pad Function 56 One-Way Hashes 58 Cryptographic One-Way Hashes 59 Message Authentication Codes 60 Perfect Forward Secrecy 60 Published and Proprietary Encryption Algorithms 61 Summary 62 References 62 Chapter 3 Classical Cryptography 65 Password Best Practices 66 Password Storage 66 Hashing Passwords 67 Salting Passwords 67 Stretching Passwords 68 Password Tools 68 Obfuscating Data 69 ASCII Encoding 70 Base64 Encoding Text 70 Binary Data 72 Decoding 72 Historical Ciphers 72 Scytale of Sparta 73 Substitution Ciphers 73 Caesar Cipher 74 ROT-13 76 Atbash Cipher 77 Vigenère Cipher 77 Playfair 79 Hill 2x2 83 Column Transposition 87 Affine Cipher 90 Summary 93 Chapter 4 Cryptographic Math and Frequency Analysis 95 Modular Arithmetic and the Greatest Common Devisor 96 Prime Numbers 97 Prime Number Theorem 98 School Primality Test 98 Fermat’s Little Theorem 100 Miller-Rabin Primality Test 100 Generate Large Prime Numbers 104 Basic Group Theory 106 Orders of Elements 107 Modular Inverses 109 Fermat’s Little Theorem to Find the Inverse 110 Extending the GCD 111 Euler’s Theorem 111 Pseudorandomness 115 Breaking C’s rand() Function 116 Solving Systems of Linear Equations 117 Frequency Analysis 120 Cryptanalysis with Python 123 Using an Online Word List 125 Determining the Frequency 126 Breaking the Vigenère Cipher 129 Summary 138 Chapter 5 Stream Ciphers and Block Ciphers 139 Convert between Hexdigest and Plaintext 140 Use Stream Ciphers 141 ARC4 147 Vernam Cipher 148 Salsa20 Cipher 149 ChaCha Cipher 151 Use Block Ciphers 156 Block Modes of Operations 158 ECB Mode 158 CBC Mode 159 CFB Mode 160 OFB Mode 162 CTR Mode 163 Tricks with Stream Modes 164 DIY Block Cipher Using Feistel Networks 165 Advanced Encryption Standard (AES) 167 Using AES with Python 167 File Encryption Using AES 169 File Decryption Using AES 169 Summary 169 Chapter 6 Using Cryptography with Images 171 Simple Image Cryptography 171 Images and Cryptography Libraries 174 Understanding the Cryptography Library 174 Understanding the Cryptosteganography Library 175 Image Cryptography 175 File Cryptography Using Fernet 176 Image Cryptography Using Fernet 179 AES and Block Modes of Operations 180 Exploring a Simple ECB Mode Example 181 Exploring a Simple CBC Mode Example 185 Applying the Examples 186 Steganography 187 Storing a Message Inside an Image 188 Storing a Binary File Inside an Image 192 Working with large images 195 Summary 197 Chapter 7 Message Integrity 199 Message Authentication Codes 200 Hash-based Message Authentication Code 201 Using HMAC to Sign Message 202 Message Digest with SHA 203 Binary Digests 204 NIST Compliance 205 CBC-MAC 206 Birthday Attacks 207 Crafting Forgeries 209 The Length Extension Attack 209 Setting Up a Secure Channel 210 Communication Channels 211 Sending Secure Messages over IP Networks 212 Create a Server Socket 212 Create a Client Socket 213 Create a Threaded Server with TCP 214 Adding Symmetric Encryption 215 Concatenate Message and MAC 218 Summary 221 References 222 Chapter 8 Cryptographic Applications and PKI 223 The Public-Key Transformation 224 Exploring the Basics of RSA 226 Generating RSA Certificates 229 Constructing Simple Text Encryption and Decryption with RSA Certificates 231 Constructing BLOB Encryption and Decryption with RSA Certificates 232 The El-Gamal Cryptosystem 235 Elliptic Curve Cryptography 238 Generating ECC Keys 240 Key Lengths and Curves 241 Diffie-Hellman Key Exchange 242 Summary 245 Chapter 9 Mastering Cryptography Using Python 247 Constructing a Plaintext Communications Application 248 Creating a Server 248 Creating the Client 250 Creating the Helper File 251 Execution 252 Installing and Testing Wireshark 253 Implementing PKI in the Application Using RSA Certificates 255 Modifying the Server 256 Modifying the Client 257 Modifying the Helper File 258 Execution 259 Implementing Diffie-Hellman Key Exchange 261 Modifying the Server File 262 Modifying the Client File 264 Modifying the Helper File 266 Creating the Diffie-Hellman Class File 270 Execution 275 Wrapping Up 276 Index 277

Read more less

Book SynopsisCybersecurity experts from across industries and sectors share insights on how to think like scientists to master cybersecurity challenges Humankind's efforts to explain the origin of the cosmos birthed disciplines such as physics and chemistry. Scientists conceived of the cosmic Big Bang' as an explosion of particleseverything in the universe centered around core elements and governed by laws of matter and gravity. In the modern era of digital technology, we are experiencing a similar explosion of ones and zeros, an exponentially expanding universe of bits of data centered around the core elements of speed and connectivity. One of the disciplines to emerge from our efforts to make sense of this new universe is the science of cybersecurity. Cybersecurity is as central to the Digital Age as physics and chemistry were to the Scientific Age. The Digital Big Bang explores current and emerging knowledge in the field of cybersecurity, helping readers think likeTable of ContentsIntroduction xvii Section 1: Binding Strategies 1 1 Speed 5 Speed: The Nucleus of the Cyberfrontier 7Roland Cloutier, ADP Is Speed an Advantage? It Depends on the Context 18Scott Charney, Microsoft 2 Connectivity 23 Managing the Intensifying Connectivity of the IoT Era 25Brian Talbert, Alaska Airlines Cyberspace: Making Some Sense of It All 30Chris Inglis, Former NSA Deputy Director Section 2: Elementary Shortfalls 43 3 Authentication 47 Authentication, Data Integrity, Nonrepudiation, Availability, and Confidentiality: The Five Pillars of Security 50Mike McConnell, Former Director of National Intelligence Authentication and Models of Trust 58Shannon Lietz, Intuit 4 Patching 65 Patching: A Growing Challenge and a Needed Discipline 68Chris Richter, Former VP of Global Security Services, CenturyLink Conquer or Be Conquered 74Renee Tarun, Fortinet 5 Training 79 Fill the Skills Gap with an Environment of Continual Training 82Chris McDaniels, CT Cubed, Inc. Employee Training is Key for Cybersecurity 89Mo Katibeh, AT&T Training is a Mindset 97Dave Rankin, Verisign Section 3: Fundamental Strategies 103 6 Cryptography 105 Cryptography: The Backbone of Cybersecurity 108Taher Elgamal, Salesforce Cryptography: The Good, the Bad, and the Future 117Dan Boneh, Stanford 7 Access Control 127 Managing Access in Challenging Environments 130Erik Devine, Riverside Health A Systematic Approach to Access Control 136George Do, Equinix 8 Segmentation 143 Successful Segmentation Isn’t Separation: It’s Collaboration 147Colin Anderson, Levi Strauss & Co. Why We Need to Segment Networks 153Hussein Syed, RWJBarnabas Health Section 4: Advanced Strategies 161 9 Visibility 164 Visibility: Identifying Pathogens, Risk Factors, and Symptoms of Cyberattacks 167Michael Chertoff, Former Secretary, Department of Homeland Security 20/20 Insight: Redefining Visibility to Stop Modern Cybercrime Syndicates 173Tim Crothers, Target The Challenge of Visibility 180Daniel Hooper, PIMCO 10 Inspection 188 In and Out of the Shadows: The Visibility That Inspection Enables is Not Confined to Technology Alone 192Ed Amoroso, TAG Cyber The Fundamental Importance of Inspection 199Michael Johnson, Capital One 11 Failure Recovery 206 Preparation, Response, and Recovery 209Thad Allen, Booz Allen Hamilton Cyber Event Recovery 219Simon Lambe, Royal Mail Section 5: Higher-Order Dimensions 223 12 Complexity Management 226 Shift Your Mindset to Manage Complexity 229Michael Daniel, Cyber Threat Alliance Seven Steps to Reducing Complexity 238Jay Gonzales, Samsung 13 Privacy 246 Don’t Panic! Security Pros Must Learn to Embrace the New Era of Privacy 249Kevin Miller, MGM Resorts International Stricter Privacy Regulations Are Driving the Conversations—and Innovations—We Need 259Peter Keenan, Global Financial Services Firm 14 Human Frailty 265 Overcoming Human Frailty: People and the Power of Obligation 268Kevin Kealy, Ingram Micro Overcoming Human Frailty by Design 274Theresa Payton, Fortalice The Future 282 Why Cybersecurity Needs AI 290Michael Xie, Fortinet The Future of Cybersecurity 293Ken Xie, Fortinet Index 301

Read more less