Data encryption Books

Book SynopsisFocusing on the human factors involved with information security, this book explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system.Trade Review“…a fascinating read…” (ForTean Times, June 2004) "...a lot of interesting cautionary tales..." (New Scientist, January 2004)Table of ContentsForeword. Preface. Introduction. Part 1: Behind the Scenes. Chapter 1: Security's Weakest Link. Part 2: The Art of the Attacker. Chapter 2: When Innocuous Information Isn't. Chapter 3: The Direct Attack: Just Asking for It. Chapter 4: Building Trust. Chapter 5: "Let Me Help You". Chapter 6: "Can You Help Me?". Chapter 7: Phony Sites and Dangerous Attachments. Chapter 8: Using Sympathy, Guilt, and Intimidation. Chapter 9: The Reverse Sting. Part 3: Intruder Alert. Chapter 10: Entering the Premises. Chapter 11: Combining Technology and Social Engineering. Chapter 12: Attacks on the Entry-Level Employee. Chapter 13: Clever Cons. Chapter 14: Industrial Espionage. Part 4: Raising the Bar. Chapter 15: Information Security Awareness and Training. Chapter 16: Recommended Corporate Information Security Policies. Security at a Glance. Sources. Acknowledgments. Index.

Read more less

Book SynopsisReflecting the latest developments and emerging trends from the field, Ciampa's COMPTIA SECURITY+ GUIDE TO NETWORK SECURITY FUNDAMENTALS, 8th Edition, helps you prepare for professional certification and career success. The text fully maps to the new CompTIA Security+ SY0-701 Certification Exam, providing thorough coverage of all domain objectives. In addition to its comprehensive coverage of the fundamental essentials of network and computer security, the 8th edition includes expanded coverage of information security management, artificial intelligence, compliance, cryptography and cloud and virtualization security. Practical, Hands-On Projects, case activities and online virtual labs help you put what you learn into real-world practice.Table of ContentsI. SECURITY FOUNDATIONS. 1. Introduction to Information Security. a. What is Information Security? i. Understanding Security. ii. Principles of Security. iii. Cybersecurity Versus Information Security. iv. Defining Information Security. b. Threat actors and Their Motivations. i. Unskilled Attackers. ii. Shadow IT. iii. Organized Crime. iv. Insider Threats. v. Hacktivists. vi. Nation-state Actors. vii. Other Threat Actors. c. How Attacks Occur. i. Threat Vectors and Attack Surfaces. ii. Categories of Vulnerabilities. iii. Impacts of Attacks. d. Information Security Resources. i. Frameworks. ii. Regulations. iii. Legislation. iv. Standards. v. Benchmarks/Secure Configuration Guides. vi. Information Sources. 2. Pervasive Attack Surfaces and Controls. a. Social Engineering Attacks. i. Examples of Human Manipulation. ii. Types of Social Engineering Attacks. b. Physical Security Controls. i. Perimeter Defenses. ii. Preventing Data Leakage. iii. Computer Hardware Security. c. Data Controls. i. Data Classifications. ii. Types of Data. iii. Data Breach Consequences. iv. Protecting Data. II. CRYPTOGRAPHY. 3. Fundamentals of Cryptography. a. Defining Cryptography. i. Steganography: Hiding the message. ii. Cryptography: Hiding the meaning. iii. Benefits of Cryptography. b. Cryptographic Algorithms. i. Variations of Algorithms. ii. Hash Algorithms. iii. Symmetric Cryptographic Algorithms. iv. Asymmetric Cryptographic Algorithms. c. Using Cryptography. i. Encryption Through Software. ii. Hardware Encryption. iii. Blockchain. d. Cryptographic Limitations and Attacks. i. Limitations of Cryptography. ii. Attacks on Cryptography. 4. Advanced Cryptography. a. Digital Certificates. i. Defining Digital Certificates. ii. Managing Digital Certificates. iii. Types of Digital Certificates. b. Public Key Infrastructure (PKI). i. What is Public Key Infrastructure (PKI)? ii. Trust Models. iii. Managing PKI. iv. Key Management. c. Secure Communication and Transport Protocols. i. Transport Layer Security (TLS). ii. IP Security (IPSec). iii. Other Protocols. d. Implementing Cryptography. i. Key Strength. ii. Secret Algorithms. iii. Block Cipher Modes of Operation. III. DEVICE SECURITY. 5. Endpoint Vulnerabilities, Attacks, and Defenses. a. Malware Attacks. i. Kidnap. ii. Eavesdrop. iii. Masquerade. iv. Launch. v. Sidestep. vi. Indicator of Attack (IoA). b. Application Vulnerabilities and Attacks. i. Application Vulnerabilities. ii. Application Attacks. c. Securing Endpoint Devices. i. Protecting Endpoints. ii. Hardening Endpoints. 6. Mobile and Embedded Device Security. a. Securing Mobile Devices. i. Introduction to Mobile Devices. ii. Mobile Device Risks. iii. Protecting Mobile Devices. b. Embedded Systems and Specialized Devices. i. Types of Devices. ii. Security Considerations. c. Application Security. i. Application Development Concepts. ii. Secure Coding Techniques. iii. Code Testing. 7. Identity and Access Management (IAM). a. Types of Authentication Credentials. i. Something You Know: Passwords. ii. Something You Have: Tokens and Security Keys. iii. Something You Are: Biometrics. iv. Something You Do: Behavioral biometrics. b. Authentication Best Practices. i. Securing Passwords. ii. Secure Authentication Technologies. c. Access Controls. i. Access Control Schemes. ii. Access Control Lists. IV. INFRASTRUCTURE AND ARCHITECTURES. 8. Infrastructure Threats and Security Monitoring. a. Attacks on Networks. i. On-Path Attacks. ii. Domain Name System (DNS) Attacks. iii. Distributed Denial of Service (DDoS). iv. Malicious Coding and Scripting Attacks. v. Layer 2 Attacks. vi. Credential Relay Attacks. b. Security Monitoring and Alerting. i. Monitoring Methodologies. ii. Monitoring Activities. iii. Tools for Monitoring and Alerting. c. Email Monitoring and Security. i. How Email Works. ii. Email Threats. iii. Email Defenses. 9. Infrastructure Security. a. Security Appliances. i. Common Network Devices. ii. Infrastructure Security Hardware. b. Software Security Protections. i. Web Filtering. ii. DNS Filtering. iii. File Integrity Monitoring (FIM). iv. Extended Protection and Response. c. Secure Infrastructure Design. i. What is Secure Infrastructure Design? ii. Virtual LANs (VLANs). iii. Demilitarized Zone (DMZ). iv. Zero Trust. d. Access Technologies. i. Virtual Private Network (VPN). ii. Network Access Control (NAC). 10. Wireless Network Attacks and Defenses. a. Wireless Attacks. i. Cellular Networks. ii. Bluetooth Attacks. iii. Near Field Communication (NFC) Attacks. iv. Radio Frequency Identification (RFID) Attacks. v. Wireless Local Area Network Attacks. b. Vulnerabilities of WLAN Security. i. Wired Equivalent Privacy (WEP). ii. Wi-Fi Protected Setup (WPS). iii. MAC Address Filtering. iv. Wi-Fi Protected Access (WPA). c. Wireless Security Solutions. i. Wi-Fi Protected Access 2 (WPA2). ii. Wi-Fi Protected Access 3 (WPA3). iii. Additional Wireless Security Protections. 11. Cloud and Virtualization Security. a. Introduction to Cloud Computing. i. What is Cloud Computing? ii. Types of Clouds. iii. Cloud Locations. iv. Cloud Architecture. v. Cloud Models. vi. Cloud Management. vii. Cloud-native Microservices. b. Cloud Computing Security. i. Cloud-based Security. ii. Cloud Vulnerabilities. iii. Cloud Security Controls. c. Virtualization Security. i. Defining Virtualization. ii. Infrastructure as Code. iii. Security Concerns for Virtual Environments. V. OPERATIONS AND MANAGEMENT. 12. Vulnerability Management. a. Vulnerability Scanning. i. Vulnerability Scan Basics. ii. Sources of Threat Intelligence. iii. Scanning Decisions. iv. Running a Vulnerability Scan. v. Analyzing Vulnerability Scans. vi. Addressing Vulnerabilities. b. Audits and Assessments. i. Internal Audits. ii. External Assessments. iii. Penetration Testing. 13. Incident Preparation and Investigation. a. Preparatory Plans. i. Business Continuity Planning. ii. Incident Response Planning. b. Resilience Through Redundancy. i. Servers. ii. Drives. iii. Networks. iv. Power. v. Sites. vi. Clouds. vii. Data. c. Incident Investigation. i. Data Sources. ii. Digital forensics. 14. Oversight and Operations. a. Administration. i. Governance. ii. Compliance. b. Security Operations. i. Automation. ii. Orchestration. iii. Threat Hunting. iv. Artificial Intelligence. 15. Information Security Management. a. Asset Protection. i. Asset Management. ii. Change Management. b. Risk Management. i. Defining Risk. ii. Analyzing Risks. iii. Managing Risks.

Read more less

Book SynopsisTable of Contents1. Introduction to Information Security. 2. The Need for Security. 3. Legal, Ethical, and Professional Issues in Information Security. 4. Security Management. 5. Incident Response and Contingency Planning. 6. Risk Management. 7. Security Technology: Firewalls, VPNs, and Wireless. 8. Security Technology: Intrusion Detection and Prevention Systems and Other Security Tools. 9. Cryptography. 10. Implementing Information Security. 11. Security and Personnel. 12. Information Security Maintenance.

Read more less

Book SynopsisTable of ContentsPrologue xxv Chapter 1 Getting Started 1 Why This Book is Different 2 What You Will and Won’t Find in This Book 2 Getting to Know Your Fellow Experts 3 A Note on Cryptocurrencies 4 What You Need to Know 4 Paid Tools and Historical Data 5 What about Maltego? 5 Prerequisites 5 Know How to Use and Configure Linux 5 Get Your API Keys in Order 6 Important Resources 6 OSINT Framework 6 OSINT.link 6 IntelTechniques 7 Termbin 8 Hunchly 9 Wordlists and Generators 9 SecLists 9 Cewl 10 Crunch 10 Proxies 10 Storm Proxies (Auto-Rotating) 10 Cryptocurrencies 101 11 How Do Cryptocurrencies Work? 12 Blockchain Explorers 13 Following the Money 15 Identifying Exchanges and Traders 17 Summary 18 Chapter 2 Investigations and Threat Actors 19 The Path of an Investigator 19 Go Big or Go Home 20 The Breach That Never Happened 21 What Would You Do? 22 Moral Gray Areas 24 Different Investigative Paths 25 Investigating Cyber Criminals 26 The Beginning of the Hunt (for TDO) 27 The Dark Overlord 27 List of Victims 28 A Brief Overview 29 Communication Style 30 Group Structure and Members 30 Cyper 31 Arnie 32 Cr00k (Ping) 35 NSA (Peace of Mind) 36 The Dark Overlord 38 Summary 41 Part I Network Exploration 43 Chapter 3 Manual Network Exploration 45 Chapter Targets: Pepsi.com and Cyper.org 46 Asset Discovery 46 ARIN Search 47 Search Engine Dorks 48 DNSDumpster 49 Hacker Target 52 Shodan 53 Censys (Subdomain Finder) 56 Censys Subdomain Finder 56 Fierce 57 Sublist3r 58 Enumall 59 Results 60 Phishing Domains and Typosquatting 61 Summary 64 Chapter 4 Looking for Network Activity (Advanced NMAP Techniques) 67 Getting Started 67 Preparing a List of Active Hosts 68 Full Port Scans Using Different Scan Types 68 TCP Window Scan 70 Working against Firewalls and IDS 70 Using Reason Response 71 Identifying Live Servers 71 Firewall Evasion 73 Distributed Scanning with Proxies and TOR 73 Fragmented Packets/MTU 74 Service Detection Trick 74 Low and Slow 76 Bad Checksums, Decoy, and Random Data 76 Firewalking 79 Comparing Results 79 Styling NMAP Reports 81 Summary 82 Chapter 5 Automated Tools for Network Discovery 83 SpiderFoot 84 SpiderFoot HX (Premium) 91 Intrigue.io 95 Entities Tab 96 Analyzing uberpeople.net 99 Analyzing the Results 104 Exporting Your Results 105 Recon-NG 107 Searching for Modules 111 Using Modules 111 Looking for Ports with Shodan 115 Summary 116 Part II Web Exploration 119 Chapter 6 Website Information Gathering 121 BuiltWith 121 Finding Common Sites Using Google Analytics Tracker 123 IP History and Related Sites 124 Webapp Information Gatherer (WIG) 124 CMSMap 129 Running a Single Site Scan 130 Scanning Multiple Sites in Batch Mode 130 Detecting Vulnerabilities 131 WPScan 132 Dealing with WAFs/WordPress Not Detected 136 Summary 141 Chapter 7 Directory Hunting 143 Dirhunt 143 Wfuzz 146 Photon 149 Crawling a Website 151 Intrigue.io 152 Summary 157 Chapter 8 Search Engine Dorks 159 Essential Search Dorks 160 The Minus Sign 160 Using Quotes 160 The site: Operator 161 The intitle: Operator 161 The allintitle: Operator 162 The fi letype: Operator 162 The inurl: Operator 163 The cache: Operator 165 The allinurl: Operator 165 The fi lename: Operator 165 The intext: Operator 165 The Power of the Dork 166 Don’t Forget about Bing and Yahoo! 169 Automated Dorking Tools 169 Inurlbr 169 Using Inurlbr 171 Summary 173 Chapter 9 WHOIS 175 WHOIS 175 Uses for WHOIS Data 176 Historical WHOIS 177 Searching for Similar Domains 177 Namedroppers.com 177 Searching for Multiple Keywords 179 Advanced Searches 181 Looking for Threat Actors 182 Whoisology 183 Advanced Domain Searching 187 Worth the Money? Absolutely 188 DomainTools 188 Domain Search 188 Bulk WHOIS 189 Reverse IP Lookup 189 WHOIS Records on Steroids 190 WHOIS History 192 The Power of Screenshots 193 Digging into WHOIS History 193 Looking for Changes in Ownership 194 Reverse WHOIS 196 Cross-Checking All Information 197 Summary 199 Chapter 10 Certificate Transparency and Internet Archives 201 Certificate Transparency 201 What Does Any of This Have to Do with Digital Investigations? 202 Scouting with CTFR 202 Crt.sh 204 CT in Action: Side-stepping Cloudflare 204 Testing More Targets 208 CloudFlair (Script) and Censys 209 How Does It Work? 210 Wayback Machine and Search Engine Archives 211 Search Engine Caches 212 CachedView.com 214 Wayback Machine Scraper 214 Enum Wayback 215 Scraping Wayback with Photon 216 Archive.org Site Search URLs 217 Wayback Site Digest: A List of Every Site URL Cached by Wayback 219 Summary 220 Chapter 11 Iris by DomainTools 221 The Basics of Iris 221 Guided Pivots 223 Configuring Your Settings 223 Historical Search Setting 224 Pivootttt!!! 225 Pivoting on SSL Certificate Hashes 227 Keeping Notes 228 WHOIS History 230 Screenshot History 232 Hosting History 232 Bringing It All Together 234 A Major Find 240 Summary 241 Part III Digging for Gold 243 Chapter 12 Document Metadata 245 Exiftool 246 Metagoofil 248 Recon-NG Metadata Modules 250 Metacrawler 250 Interesting_Files Module 252 Pushpin Geolocation Modules 254 Intrigue.io 257 FOCA 261 Starting a Project 262 Extracting Metadata 263 Summary 266 Chapter 13 Interesting Places to Look 267 TheHarvester 268 Running a Scan 269 Paste Sites 273 Psbdmp.ws 273 Forums 274 Investigating Forum History (and TDO) 275 Following Breadcrumbs 276 Tracing Cyper’s Identity 278 Code Repositories 280 SearchCode.com 281 Searching for Code 282 False Negatives 283 Gitrob 284 Git Commit Logs 287 Wiki Sites 288 Wikipedia 289 Summary 292 Chapter 14 Publicly Accessible Data Storage 293 The Exactis Leak and Shodan 294 Data Attribution 295 Shodan’s Command-Line Options 296 Querying Historical Data 296 CloudStorageFinder 298 Amazon S3 299 Digital Ocean Spaces 300 NoSQL Databases 301 MongoDB 302 Robot 3T 302 Mongo Command-Line Tools 305 Elasticsearch 308 Querying Elasticsearch 308 Dumping Elasticsearch Data 311 NoScrape 311 MongoDB 313 Elasticsearch 314 Scan 314 Search 315 Dump 317 MatchDump 317 Cassandra 318 Amazon S3 320 Using Your Own S3 Credentials 320 Summary 321 Part IV People Hunting 323 Chapter 15 Researching People, Images, and Locations 325 PIPL 326 Searching for People 327 Public Records and Background Checks 330 Ancestry.com 331 Threat Actors Have Dads, Too 332 Criminal Record Searches 332 Image Searching 333 Google Images 334 Searching for Gold 335 Following the Trail 335 TinEye 336 EagleEye 340 Searching for Images 340 Cree.py and Geolocation 343 Getting Started 343 IP Address Tracking 346 Summary 347 Chapter 16 Searching Social Media 349 OSINT.rest 350 Another Test Subject 355 Twitter 357 SocialLinks: For Maltego Users 358 Skiptracer 361 Running a Search 361 Searching for an Email Address 361 Searching for a Phone Number 364 Searching Usernames 366 One More Username Search 368 Userrecon 370 Reddit Investigator 372 A Critical “Peace” of the TDO Investigation 374 Summary 375 Chapter 17 Profile Tracking and Password Reset Clues 377 Where to Start (with TDO)? 377 Building a Profile Matrix 378 Starting a Search with Forums 379 Ban Lists 381 Social Engineering 381 SE’ing Threat Actors: The “Argon” Story 383 Everyone Gets SE’d—a Lesson Learned 387 The End of TDO and the KickAss Forum 388 Using Password Reset Clues 390 Starting Your Verification Sheet 391 Gmail 391 Facebook 393 PayPal 394 Twitter 397 Microsoft 399 Instagram 400 Using jQuery Website Responses 400 ICQ 403 Summary 405 Chapter 18 Passwords, Dumps, and Data Viper 407 Using Passwords 408 Completing F3ttywap’s Profile Matrix 409 An Important Wrong Turn 412 Acquiring Your Data 413 Data Quality and Collections 1–5 413 Always Manually Verify the Data 415 Where to Find Quality Data 420 Data Viper 420 Forums: The Missing Link 421 Identifying the Real “Cr00k” 422 Tracking Cr00k’s Forum Movements 423 Timeline Analysis 423 The Eureka Moment 427 Vanity over OPSEC, Every Time 429 Why This Connection is Significant 429 Starting Small: Data Viper 1.0 430 Summary 431 Chapter 19 Interacting with Threat Actors 433 Drawing Them Out of the Shadows 433 Who is WhitePacket? 434 The Bev Robb Connection 435 Stradinatras 436 Obfuscation and TDO 437 Who is Bill? 439 So Who Exactly is Bill? 440 YoungBugsThug 440 How Did I Know It Was Chris? 441 A Connection to Mirai Botnet? 442 Why Was This Discovery So Earth-Shattering? 444 Question Everything! 445 Establishing a Flow of Information 446 Leveraging Hacker Drama 447 Was Any of That Real? 448 Looking for Other Clues 449 Bringing It Back to TDO 450 Resolving One Final Question 451 Withdrawing Bitcoin 451 Summary 452 Chapter 20 Cutting through the Disinformation of a 10-Million-Dollar Hack 453 GnosticPlayers 454 Sites Hacked by GnosticPlayers 456 Gnostic’s Hacking Techniques 457 GnosticPlayers’ Posts 459 GnosticPlayers2 Emerges 461 A Mysterious Third Member 462 NSFW/Photon 463 The Gloves Come Off 464 Making Contact 465 Gabriel/Bildstein aka Kuroi’sh 465 Contacting His Friends 467 Weeding through Disinformation 468 Verifying with Wayback 468 Bringing It All Together 469 Data Viper 469 Trust but Verify 472 Domain Tools’ Iris 474 Verifying with a Second Data Source 475 The End of the Line 476 What Really Happened? 476 Outofreach 476 Kuroi’sh Magically Appears 477 What I Learned from Watching Lost 477 Who Hacked GateHub? 478 Unraveling the Lie 479 Was Gabriel Involved? My Theory 479 Gabriel is Nclay: An Alternate Theory 479 All roads lead back to NSFW 480 Summary 481 Epilogue 483 Index 487

Read more less

Book SynopsisOffering graduate students with the necessary theoretical tools for applying algebraic geometry to information theory, this title covers primary applications in coding theory and cryptography. It includes a discussion of the interplay between nonsingular projective curves and algebraic function fields over finite fields.Trade Review"Coding theory has a rapidly growing corpus of knowledge, and now appears explicitly in several classifications in the MSC. [This] book ... is certainly an important addition to the literature in this area and a serious candidate for becoming one of the standard textbooks in related courses."--Cicero Carvalho, Mathematical ReviewsTable of ContentsPreface ix Chapter 1: Finite Fields and Function Fields 1 1.1 Structure of Finite Fields 1 1.2 Algebraic Closure of Finite Fields 4 1.3 Irreducible Polynomials 7 1.4 Trace and Norm 9 1.5 Function Fields of One Variable 12 1.6 Extensions of Valuations 25 1.7 Constant Field Extensions 27 Chapter 2: Algebraic Varieties 30 2.1 Affine and Projective Spaces 30 2.2 Algebraic Sets 37 2.3 Varieties 44 2.4 Function Fields of Varieties 50 2.5 Morphisms and Rational Maps 56 Chapter 3: Algebraic Curves 68 3.1 Nonsingular Curves 68 3.2 Maps Between Curves 76 3.3 Divisors 80 3.4 Riemann-Roch Spaces 84 3.5 Riemann's Theorem and Genus 87 3.6 The Riemann-Roch Theorem 89 3.7 Elliptic Curves 95 3.8 Summary: Curves and Function Fields 104 Chapter 4: Rational Places 105 4.1 Zeta Functions 105 4.2 The Hasse-Weil Theorem 115 4.3 Further Bounds and Asymptotic Results 122 4.4 Character Sums 127 Chapter 5: Applications to Coding Theory 147 5.1 Background on Codes 147 5.2 Algebraic-Geometry Codes 151 5.3 Asymptotic Results 155 5.4 NXL and XNL Codes 174 5.5 Function-Field Codes 181 5.6 Applications of Character Sums 187 5.7 Digital Nets 192 Chapter 6: Applications to Cryptography 206 6.1 Background on Cryptography 206 6.2 Elliptic-Curve Cryptosystems 210 6.3 Hyperelliptic-Curve Cryptography 214 6.4 Code-Based Public-Key Cryptosystems 218 6.5 Frameproof Codes 223 6.6 Fast Arithmetic in Finite Fields 233 A Appendix 241 A.1 Topological Spaces 241 A.2 Krull Dimension 244 A.3 Discrete Valuation Rings 245 Bibliography 249 Index 257

Read more less

Book SynopsisThe world''s most infamous hacker offers an insider''s view of the low-tech threats to high-tech security Kevin Mitnick''s exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world''s most notorious hacker gives new meaning to the old adage, It takes a thief to catch a thief. Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustTrade Review“…authoritative…” (Retail Systems, December 2005) Mitnick is the most famous computer hacker in the world. Since his first arrest in 1981, at age 17, he has spent nearly half his adult life either in prison or as a fugitive. He has been the subject of three books and his alleged 1982 hack into NORAD inspired the movie WarGames. Since his plea-bargain release in 2000, he says he has reformed and is devoting his talents to helping computer security. It's not clear whether this book is a means toward that end or a, wink-wink, fictionalized account of his exploits, with his name changed to protect his parole terms. Either way, it's a tour de force, a series of tales of how some old-fashioned blarney and high-tech skills can pry any information from anyone. As entertainment, it's like reading the climaxes of a dozen complex thrillers, one after the other. As a security education, it's a great series of cautionary tales; however, the advice to employees not to give anyone their passwords is bland compared to the depth and energy of Mitnick's description of how he actually hacked into systems. As a manual for a would-be hacker, it's dated and nonspecific -- better stuff is available on the Internet—but it teaches the timeless spirit of th e hack. Between the lines, a portrait emerges of the old-fashioned hacker stereotype: a socially challenged, obsessive loser addicted to an intoxication sense of power that comes from stalking and spying. (Oct.) Forecast: Mitnick's notoriety and his well written, entertaining stories should generate positive word-of-mouth. With the double appeal of a true-crime memoir and a manual for computer security, this book will enjoy good sales. (Publishers Weekly, June 24, 2002) "...an interesting read..." (www.infosecnews.com, 17 July 2002) "...highly entertaining...will appeal to a broad audience..." (Publishing News, 26 July 2002) The world's most famous computer hacker and cybercult hero, once the subject of a massive FBI manhunt for computer fraud, has written a blueprint for system security based on his own experiences. Mitnick, who was released from federal prison in 1998 after serving a 22-month term, explains that unauthorized intrusion into computer networks is not limited to exploiting security holes in hardware and software. He focuses instead on a common hacker technique known as social engineering in which a cybercriminal deceives an individual into providing key information rather than trying to use technology to reveal it. Mitnick illustrates the tactics comprising this "art of deception" through actual case studies, showing that even state-of-the-art security software can't protect businesses from the dangers of human error. With Mitnick's recommended security policies, readers gain the information their organizations need to detect and ward off the threat of social engineering. Required reading for IT professionals, this book is highly recommended for public, academic, and corporate libraries. [This should not be confused with Ridley Pearson's new thriller, The Art of Deception. —Ed]—Joe Accardi, William Rainey Harper Coll. Lib., Palatine, IL (Library Journal, August 2002) He was the FBI's most-wanted hacker. But in his own eyes, Mitnick was simply a small-time con artist with an incredible memory, a knack for social engineering, and an enemy at The New York Times. That foe, John Markoff, made big bucks selling two books about Mitnick - without ever interviewing him. This is Mitnick's account, complete with advice for how to protect yourself from similar attacks. I believe his story. (WIRED Magazine, October 2002) Kevin Mitnick spent five years in jail at the federal authorities' behest, but The Art of Deception: Controlling the Human Element of Security (Kevin Mitnick and William Simon), reveals that he was no lowly grifter. Rather, by impersonating others in order to talk guileless employees out of access protocols, Mr. Mitnick was practicing "the performance art called social engineering." While every society has had its demimonde-like the Elizabethan coney catchers who duped visitors to 16th-century London--it's in the United States that con artists assumedlegendary status. The definitive book is still The Big Con from 1940 (Anchor Books), which commemorates a golden age already receding when it was published: the grifters it describes--like the High Ass Kid and Slobbering Bob--thrived between 1914 and 1929, when technological advances and unparalleled prosperity generated a roller-coaster stock market. That sounds a lot like the past decade. So how did the culture of the con do during the Internet era? On Mr. Mitnick's evidence, it flourished and evolved. The Art of Deception is itself a bit of a fraud as far as advice on upgrading security. But the book does deliver on "social engineering" exercises. Some aren't even illegal and Mr. Mitnick -- weasel that he is -- lovingly records their most elaborate convolutions. One way or another, you'll find the information useful. (Red Herring, October 2002) "Mitnick outlines dozens of social engineering scenarios in his book, dissecting the ways attackers can easily exploit what he describes as 'that natural human desire to help others and be a good team player.'" (Wired.com, October 3, 2002) Finally someone is on to the real cause of data security breaches--stupid humans. Notorious hacker Kevin Mitnick--released from federal prison in January 2000 and still on probation--reveals clever tricks of the "social engineering" trade and shows how to fend them off in The Art of Deception: Controlling the Human Element of Security (Wiley, $27.50). Most of the book, coauthored by William Simon (not the one running for governor of California), is a series of fictional episodes depicting the many breathtakingly clever ways that hackers can dupe trusting souls into breaching corporate and personal security--information as simple as an unlisted phone number or as complicated as plans for a top-secret product under development. The rest lays out a fairly draconian plan of action for companies that want to strengthen their defenses. Takeaway: You can put all the technology you want around critical information, but all it takes to break through is one dolt who gives up his password to a "colleague" who claims to be working from the Peoria office. What's useful about this book is its explanation of risks in seemingly innocuous systems few people think about. The caller ID notification that proves you're talking to a top executive of your firm? Easily forged. The password your assistant logs in with? Easily guessed. The memos you toss into the cheap office shredder? Easily reconstructed. The extension that you call in the IT department? Easily forwarded. Physical security can be compromised, too. It's not hard to gain access to a building by "piggybacking" your way in the door amid the happy throng returning from lunch. You'd better have confidence in your IT professionals, because they're likely to have access to everything on the corporate system, including your salary and personal information. Mitnick offers some ideas for plugging these holes, like color-coded ID cards with really big photos. Implementing the book's security action plan in full seems impossible, but it's a good idea to warn employees from the boss down to the receptionist and janitors not to give out even innocuous information to people claiming to be helpful IT folks without confirming their identity--and to use things like encryption technology as fallbacks. Plenty of would-be Mitnicks--and worse--still ply their trade in spaces cyber and psychological. --S.M. (Forbes Magazine - October 14, 2002) "...the book describes how people can get sensitive information without even stepping near a computer through 'social engineering' -- the use of manipulation or persuasion to deceive people by convincing them that you are someone else." (CNN.com's Technology section, October 9, 2002) "...engaging style...fascinating true stories..." (The CBL Source, October/December 2002) "…the book describes how people can get information without even stepping near a computer…" (CNN, 16 October 2002) "…each vignette reads like a mini-cybermystery thriller…I willingly recommend The Art of Deception. It could save you from embarrassment or an even worse fate…" (zdnet.co.uk, 15 October 2002) "…details the ways that employees can inadvertently leak information that can be exploited by hackers to compromise computer systems…the book is scary in ways that computer security texts usually do not manage to be…" (BBC online, 14 October 2002) "…more educational than tell-all…" (Forbes, 2 October 2002) "…would put a shiver into anyone responsible for looking after valuable computer data…the exploits are fictional but realistic…the book is about hacking peoples heads…" (The Independent, 21 October 2002) "…the key strength of The Art of Deception is the stream of anecdotes - with explanations about how and why hacks succeed…provides a solid basis for staff training on security…" (Information Age, October 2002) "…should be on the list of required reading. Mitnick has done an effective job of showing exactly what the greatest threat of attack is - people and their human nature…" (Unix Review, 18 October 2002 "…disturbingly convincing…" (Fraud Watch, Vol.10, No.5, 2002 "…the worlds most authoritative handbook…an unputdownable succession of case studies…chilling…trust me, Kevin Mitnick is right…" (Business a.m, 29 October 2002) "…a damn good read…I would expect to see it as required reading on courses that cover business security…Should you read this book? On several levels the answer has to be yes. If you run your own business, work in one, or just want a good read, this is worth it…" (Acorn User, 29 October 2002) "...the analysis of individual cases is carried out thoroughly...ultimately, the value of the book is that it may encourage security managers to be more assiduous in teaching their staff to check the identities of the people they deal with, and better corporate security will be the result..." (ITWeek, 1 November 2002) "...a penetrating insight into the forgotten side of computer security..." (IT Week, 4 November 2002) "...a highly entertaining read...Mitnick has a laid-back style which makes the book easy to read and of great interest, even to those of us who have no interest in computers..." (Business Age, September 2002) "...one of the hacker gurus of our time...makes it abundantly clear that everyone can be fooled and cheated by the professionals...." (The Times Higher Education Supplement, 15 November 2002) "...focuses on teaching companies how to defeat someone like him…full of specific examples of the ways apparently innocent bits of information can be stitched together to mount a comprehensive attack on an organisation's most prized information..." (New Scientist, 23 November 2002) "...all simple things, little titbits of seemingly innocuous information, which when gathered together give the hacker the power to cripple the biggest corporation or the smallest home business..." (New Media Age, 14 November 2002) "…highly acclaimed…a fascinating account…" (Information Security Management, November 2002) "...His new book, The Art of Deception, presents itself as a manual to help companies defeat hackers..." Also listed in recommended reading list (The Guardian, 13 December 2002) “…gets it’s point across and contains some valuable pointers…”(MacFormat, January 2003) “…supremely educational…a sexy way to hammer home a relevant point…what makes it sing is the clear information that Mitnick brings to the table…”(Business Week, 8 January 2003) “…Indispensable…”(Focus, February 2003) "...incredibly intriguing...a superb book which would be beneficial for anyone to read..." (Telecomworldwire, 4 February 2003) "...a good overview of one of the most neglected aspects of computer security..." (Technology and Society, 7 February 2003) "...fascinating to read...should strike fear into the hearts of commercial computer security departments..." (Business Week, 3 September 2003) "...a penetrating insight into the forgotten side of computer security..." (Accountancy Age, 19 February 2003) Top 10 Popular Science Books (New Scientist, 21 February f2003) "...should be assigned as required reading in every IT department...excellent advice..." (Electronic Commerce Guide, 12 February 2003) “…an interesting and educational read for anyone with a role to play in corporate security…”(Computer Business Review, 6 March 2003) “…if you were not having security nightmares before, read this book and you certainly will…” (IT Showcase News, 6 March 2003) “….easy to understand and actually fun to read…”(Slashdot, 6 March 2003) “…a good read, well written…” (Managing Information, March 2003) “…structured like a mini detective story series…the unfolding attacks are compulsive reading…” (Aberdeen Evening Express, 7 June 21003) “…a real eye-opener…well written and produced…an easy and valuable read…” (Accounting Web, 19 June 2003) “…a superb book which would be beneficial for anyone to read…” (M2 Best Books, 4 February 2003) “…the insights for earlier chapters are fascinationg, and that alone makes it worth blagging a copy for review…”(Mute, Summer/Autumn 2003) “…a good read, well-written…this accessibility makes it doubly important…” (Managing Information – 5 star rating, October 2003)Table of ContentsForeword. Preface. Introduction. Part 1: Behind the Scenes. Chapter 1: Security's Weakest Link. Part 2: The Art of the Attacker. Chapter 2: When Innocuous Information Isn't. Chapter 3: The Direct Attack: Just Asking for It. Chapter 4: Building Trust. Chapter 5: "Let Me Help You". Chapter 6: "Can You Help Me?". Chapter 7: Phony Sites and Dangerous Attachments. Chapter 8: Using Sympathy, Guilt, and Intimidation. Chapter 9: The Reverse Sting. Part 3: Intruder Alert. Chapter 10: Entering the Premises. Chapter 11: Combining Technology and Social Engineering. Chapter 12: Attacks on the Entry-Level Employee. Chapter 13: Clever Cons. Chapter 14: Industrial Espionage. Part 4: Raising the Bar. Chapter 15: Information Security Awareness and Training. Chapter 16: Recommended Corporate Information Security Policies. Security at a Glance. Sources. Acknowledgements. Index.

Read more less

Book SynopsisSSH is a popular protocol for securing your network connections. It's reliable, robust, and reasonably easy to use, and both free and commercial implementations are widely available for most operating systems. Everything you want to know about SSH is in our updated second edition of 'SSH, the Secure Shell: The Definitive Guide'.Trade Review"Still the best SSH book out there by a long shot, but too much on Tectia and not enough on OpenSSH 4." - Paul Hudson, Linux Format, October 2005 "The authors manage to convey what SSH is all about as a concept and how to use it in the real world with equal aplomb, and highly technical configuration details are explained with clarity. They are happy to related how to integrate SSH into non-Unix clients, which makes a pleasant change from the typical Unix gurus who write books such as this. Whenever with see the words "definitive guide' included in the title of a book, we usually prepare ourselves for something far from it. The exception being when O'Reilly are the publishers, and this SSH guide is certainly as definitive as any you are likely to read. And read it you should if you are seriously involved with network security." Davey Winder, PC Plus, November 2005Table of ContentsPreface 1. Introduction to SSH 1.1 What Is SSH? 1.2 What SSH Is Not 1.3 The SSH Protocol 1.4 Overview of SSH Features; 1.5 History of SSH 1.6 Related Technologies 1.7 Summary; 2. Basic Client Use 2.1 A Running Example 2.2 Remote Terminal Sessions with ssh 2.3 Adding Complexity to the Example; 2.4 Authentication by Cryptographic Key 2.5 The SSH Agent; 2.6 Connecting Without a Password or Passphrase 2.7 Miscellaneous Clients 2.8 Summary 3. Inside SSH 3.1 Overview of Features 3.2 A Cryptography Primer 3.3 The Architecture of an SSH System 3.4 Inside SSH-2 3.5 Inside SSH-1; 3.6 Implementation Issues 3.7 SSH and File Transfers (scp and sftp) 3.8 Algorithms Used by SSH 3.9 Threats SSH Can Counter; 3.10 Threats SSH Doesn't Prevent 3.11 Threats Caused by SSH; 3.12 Summary 4. Installation and Compile-Time Configuration; 4.1. Overview 4.2 Installing OpenSSH 4.3 Installing Tectia; 4.4 Software Inventory 4.5 Replacing r-Commands with SSH; 4.6 Summary 5. Serverwide Configuration 5.1 Running the Server 5.2 Server Configuration: An Overview 5.3 Getting Ready: Initial Setup 5.4 Authentication: Verifying Identities; 5.5 Access Control: Letting People In 5.6 User Logins and Accounts 5.7 Forwarding 5.8 Subsystems 5.9 Logging and Debugging 5.10 Compatibility Between SSH-1 and SSH-2 Servers; 5.11 Summary 6. Key Management and Agents 6.1 What Is an Identity? 6.2 Creating an Identity 6.3 SSH Agents; 6.4 Multiple Identities 6.5 PGP Authentication in Tectia; 6.6 Tectia External Keys 6.7 Summary 7. Advanced Client Use; 7.1 How to Configure Clients 7.2 Precedence 7.3 Introduction to Verbose Mode 7.4 Client Configuration in Depth 7.5 Secure Copy with scp 7.6 Secure, Interactive Copy with sftp 7.7 Summary 8. Per-Account Server Configuration 8.1 Limits of This Technique 8.2 Public-Key-Based Configuration 8.3 Hostbased Access Control 8.4 The User rc File 8.5 Summary; 9. Port Forwarding and X Forwarding 9.1 What Is Forwarding?; 9.2 Port Forwarding 9.3 Dynamic Port Forwarding 9.4 X Forwarding 9.5 Forwarding Security: TCP-wrappers and libwrap; 9.6 Summary 10. A Recommended Setup 10.1 The Basics; 10.2 Compile-Time Configuration 10.3 Serverwide Configuration; 10.4 Per-Account Configuration 10.5 Key Management 10.6 Client Configuration 10.7 Remote Home Directories (NFS, AFS); 10.8 Summary 11. Case Studies 11.1 Unattended SSH: Batch or cron Jobs 11.2 FTP and SSH 11.3 Pine, IMAP, and SSH; 11.4 Connecting Through a Gateway Host 11.5 Scalable Authentication for SSH 11.6 Tectia Extensions to Server Configuration Files 11.7 Tectia Plugins 12. Troubleshooting and FAQ 12.1 Debug Messages: Your First Line of Defense; 12.2 Problems and Solutions 12.3 Other SSH Resources; 13. Overview of Other Implementations 13.1 Common Features; 13.2 Covered Products 13.3 Other SSH Products 14. OpenSSH for Windows 14.1 Installation 14.2 Using the SSH Clients 14.3 Setting Up the SSH Server 14.4 Public-Key Authentication; 14.5 Troubleshooting 14.6 Summary 15. OpenSSH for Macintosh; 15.1 Using the SSH Clients 15.2 Using the OpenSSH Server; 16. Tectia for Windows 16.1 Obtaining and Installing 16.2 Basic Client Use 16.3 Key Management 16.4 Accession Lite; 16.5 Advanced Client Use 16.6 Port Forwarding 16.7 Connector; 16.8 File Transfers 16.9 Command-Line Programs 16.10 Troubleshooting 16.11 Server17. SecureCRT and SecureFX for Windows 17.1 Obtaining and Installing 17.2 Basic Client Use 17.3 Key Management 17.4 Advanced Client Use 17.5 Forwarding; 17.6 Command-Line Client Programs 17.7 File Transfer 17.8 Troubleshooting 17.9 VShell 17.10 Summary 18. PuTTY for Windows 18.1 Obtaining and Installing 18.2 Basic Client Use; 18.3 File Transfer 18.4 Key Management 18.5 Advanced Client Use 18.6 Forwarding 18.7 Summary; A. OpenSSH 4.0 New Features; B. Tectia Manpage for sshregex; C. Tectia Module Names for Debugging; D. SSH-1 Features of OpenSSH and Tectia; E. SSH Quick Reference Index

Read more less

Book SynopsisSince 2004, built-in security measures on compilers and operating systems have become commonplace. The black hats have kept up with security enhancements. Have you?Table of ContentsAbout the Authors vii Acknowledgments xi Introduction to the Second Edition xxiii Part I Introduction to Exploitation: Linux on X 86 Chapter 1 Before You Begin 3 Basic Concepts 3 Memory Management 4 Assembly 6 Recognizing C and C++ Code Constructs in Assembly 7 Conclusion 10 Chapter 2 Stack Overflows 11 Buffers 12 The Stack 13 Functions and the Stack 15 Overflowing Buffers on the Stack 18 Controlling EIP 22 An Interesting Diversion 23 Using an Exploit to Get Root Privileges 25 The Address Problem 27 The NOP Method 33 Defeating a Non-Executable Stack 35 Return to libc 35 Conclusion 39 Chapter 3 Shellcode 41 Understanding System Calls 42 Writing Shellcode for the exit() Syscall 44 Injectable Shellcode 48 Spawning a Shell 50 Conclusion 59 Chapter 4 Introduction to Format String Bugs 61 Prerequisites 61 What Is a Format String? 61 What Is a Format String Bug? 63 Format String Exploits 68 Crashing Services 69 Information Leakage 70 Controlling Execution for Exploitation 75 Why Did This Happen? 84 Format String Technique Roundup 85 Conclusion 88 Chapter 5 Introduction to Heap Overflows 89 What Is a Heap? 90 How a Heap Works 91 Finding Heap Overflows 91 Basic Heap Overflows 93 Intermediate Heap Overflows 98 Advanced Heap Overflow Exploitation 105 Conclusion 107 Part II other Platforms—windows, Solaris, OS/X, and Cisco Chapter 6 The Wild World of Windows 111 How Does Windows Differ from Linux? 111 Win32 API and PE-COFF 112 Heaps 114 Threading 115 The Genius and Idiocy of the Distributed Common Object Model and DCE-RPC 116 Recon 118 Exploitation 120 Tokens and Impersonation 120 Exception Handling under Win 32 122 Debugging Windows 124 Bugs in Win 32 124 Writing Windows Shellcode 125 A Hacker’s Guide to the Win32 API 126 A Windows Family Tree from the Hacker’s Perspective 126 Conclusion 127 Chapter 7 Windows Shellcode 129 Syntax and Filters 129 Setting Up 131 Parsing the PEB 132 Heapoverflow.c Analysis 132 Searching with Windows Exception Handling 148 Popping a Shell 153 Why You Should Never Pop a Shell on Windows 153 Conclusion 154 Chapter 8 Windows Overflows 155 Stack-Based Buffer Overflows 156 Frame-Based Exception Handlers 156 Abusing Frame-Based Exception Handling on Windows 2003 Server 161 A Final Note about Frame-Based Handler Overwrites 166 Stack Protection and Windows 2003 Server 166 Heap-Based Buffer Overflows 173 The Process Heap 173 Dynamic Heaps 173 Working with the Heap 173 How the Heap Works 174 Exploiting Heap-Based Overflows 178 Overwrite Pointer to RtlEnterCriticalSection in the PEB 178 Overwrite Pointer to Unhandled Exception Filter 185 Repairing the Heap 191 Other Aspects of Heap-Based Overflows 193 Wrapping Up the Heap 194 Other Overflows 194 .data Section Overflows 194 TEB/PEB Overflows 196 Exploiting Buffer Overflows and Non-Executable Stacks 197 Conclusion 203 Chapter 9 Overcoming Filters 205 Writing Exploits for Use with an Alphanumeric Filter 205 Writing Exploits for Use with a Unicode Filter 209 What Is Unicode? 210 Converting from ASCII to Unicode 210 Exploiting Unicode-Based Vulnerabilities 211 The Available Instruction Set in Unicode Exploits 212 The Venetian Method 213 An ASCII Venetian Implementation 214 Decoder and Decoding 218 The Decoder Code 219 Getting a Fix on the Buffer Address 220 Conclusion 221 Chapter 10 Introduction to Solaris Exploitation 223 Introduction to the SPARC Architecture 224 Registers and Register Windows 224 The Delay Slot 227 Synthetic Instructions 228 Solaris/SPARC Shellcode Basics 228 Self-Location Determination and SPARC Shellcode 228 Simple SPARC exec Shellcode 229 Useful System Calls on Solaris 230 NOP and Padding Instructions 231 Solaris/SPARC Stack Frame Introduction 231 Stack-Based Overflow Methodologies 232 Arbitrary Size Overflow 232 Register Windows and Stack Overflow Complications 233 Other Complicating Factors 233 Possible Solutions 234 Off-By-One Stack Overflow Vulnerabilities 234 Shellcode Locations 235 Stack Overflow Exploitation In Action 236 The Vulnerable Program 236 The Exploit 238 Heap-Based Overflows on Solaris/SPARC 241 Solaris System V Heap Introduction 242 Heap Tree Structure 242 Basic Exploit Methodology (t_delete) 263 Standard Heap Overflow Limitations 266 Targets for Overwrite 267 Other Heap-Related Vulnerabilities 270 Off-by-One Overflows 270 Double Free Vulnerabilities 270 Arbitrary Free Vulnerabilities 271 Heap Overflow Example 271 The Vulnerable Program 272 Other Solaris Exploitation Techniques 276 Static Data Overflows 276 Bypassing the Non-Executable Stack Protection 276 Conclusion 277 Chapter 11 Advanced Solaris Exploitation 279 Single Stepping the Dynamic Linker 281 Various Style Tricks for Solaris SPARC Heap Overflows 296 Advanced Solaris/SPARC Shellcode 299 Conclusion 311 Chapter 12 OS X Shellcode 313 OS X Is Just BSD, Right? 314 Is OS X Open Source? 314 OS X for the Unix-aware 315 Password Cracking 316 OS X PowerPC Shellcode 316 OS X Intel Shellcode 324 Example Shellcode 326 ret2libc 327 ret2str(l)cpy 329 OS X Cross-Platform Shellcode 332 OS X Heap Exploitation 333 Bug Hunting on OS X 335 Some Interesting Bugs 335 Essential Reading for OS X Exploits 337 Conclusion 338 Chapter 13 Cisco IOS Exploitation 339 An Overview of Cisco IOS 339 Hardware Platforms 340 Software Packages 340 IOS System Architecture 343 Vulnerabilities in Cisco IOS 346 Protocol Parsing Code 347 Services on the Router 347 Security Features 348 The Command-Line Interface 348 Reverse Engineering IOS 349 Taking the Images Apart 349 Diffing IOS Images 350 Runtime Analysis 351 Exploiting Cisco IOS 357 Stack Overflows 357 Heap Overflows 359 Shellcodes 364 Conclusion 373 Chapter 14 Protection Mechanisms 375 Protections 375 Non-Executable Stack 376 W^X (Either Writable or Executable) Memory 381 Stack Data Protection 388 AAAS: ASCII Armored Address Space 394 ASLR: Address Space Layout Randomization 396 Heap Protections 399 Windows SEH Protections 407 Other Protections 411 Implementation Differences 413 Windows 413 Linux 417 OpenBSD 421 Mac OS X 422 Solaris 423 Conclusion 425 Part III Vulnerability Discovery Chapter 15 Establishing a Working Environment 429 What You Need for Reference 430 What You Need for Code 430 gcc 430 gdb 430 NASM 431 WinDbg 431 OllyDbg 431 Visual C++ 431 Python 432 What You Need for Investigation 432 Useful Custom Scripts/Tools 432 All Platforms 434 Unix 434 Windows 435 What You Need to Know 436 Paper Archives 438 Optimizing Shellcode Development 439 Plan the Exploit 439 Write the Shellcode in Inline Assembler 439 Maintain a Shellcode Library 441 Make It Continue Nicely 441 Make the Exploit Stable 442 Make It Steal the Connection 443 Conclusion 443 Chapter 16 Fault Injection 445 Design Overview 447 Input Generation 447 Fault Injection 450 Modification Engines 450 Fault Delivery 455 Nagel Algorithm 455 Timing 455 Heuristics 456 Stateless versus State-Based Protocols 456 Fault Monitoring 456 Using a Debugger 457 FaultMon 457 Putting It Together 458 Conclusion 459 Chapter 17 The Art of Fuzzing 461 General Theory of Fuzzing 461 Static Analysis versus Fuzzing 466 Fuzzing Is Scalable 466 Weaknesses in Fuzzers 468 Modeling Arbitrary Network Protocols 469 Other Fuzzer Possibilities 469 Bit Flipping 469 Modifying Open Source Programs 470 Fuzzing with Dynamic Analysis 470 Spike 471 What Is a Spike? 471 Why Use the SPIKE Data Structure to Model Network Protocols? 472 Other Fuzzers 480 Conclusion 480 Chapter 18 Source Code Auditing: Finding Vulnerabilities in C-Based Languages 481 Tools 482 Cscope 482 Ctags 483 Editors 483 Cbrowser 484 Automated Source Code Analysis Tools 484 Methodology 485 Top-Down (Specific) Approach 485 Bottom-Up Approach 485 Selective Approach 485 Vulnerability Classes 486 Generic Logic Errors 486 (Almost) Extinct Bug Classes 487 Format Strings 487 Generic Incorrect Bounds-Checking 489 Loop Constructs 490 Off-by-One Vulnerabilities 490 Non-Null Termination Issues 492 Skipping Null-Termination Issues 493 Signed Comparison Vulnerabilities 494 Integer-Related Vulnerabilities 495 Different-Sized Integer Conversions 497 Double Free Vulnerabilities 498 Out-of-Scope Memory Usage Vulnerabilities 499 Uninitialized Variable Usage 499 Use After Free Vulnerabilities 500 Multithreaded Issues and Re-Entrant Safe Code 500 Beyond Recognition: A Real Vulnerability versus a Bug 501 Conclusion 501 Chapter 19 Instrumented Investigation: A Manual Approach 503 Philosophy 503 Oracle extproc Overflow 504 Common Architectural Failures 508 Problems Happen at Boundaries 508 Problems Happen When Data Is Translated 509 Problems Cluster in Areas of Asymmetry 511 Problems Occur When Authentication and Authorization Are Confused 512 Problems Occur in the Dumbest Places 512 Bypassing Input Validation and Attack Detection 513 Stripping Bad Data 513 Using Alternate Encodings 514 Using File-Handling Features 515 Evading Attack Signatures 517 Defeating Length Limitations 517 Windows 2000 SNMP DOS 520 Finding DOS Attacks 521 SQL-UDP 522 Conclusion 523 Chapter 20 Tracing for Vulnerabilities 525 Overview 526 A Vulnerable Program 527 Component Design 529 Building VulnTrace 538 Using VulnTrace 543 Advanced Techniques 546 Conclusion 548 Chapter 21 Binary Auditing: Hacking Closed Source Software 549 Binary versus Source-Code Auditing: The Obvious Differences 550 IDA Pro—The Tool of the Trade 550 Features: A Quick Crash Course 551 Debugging Symbols 552 Binary Auditing Introduction 552 Stack Frames 552 Calling Conventions 554 Compiler-Generated Code 556 memcpy-Like Code Constructs 560 strlen-Like Code Constructs 560 C++ Code Constructs 561 The this Pointer 561 Reconstructing Class Definitions 562 vtables 562 Quick but Useful Tidbits 563 Manual Binary Analysis 563 Quick Examination of Library Calls 564 Suspicious Loops and Write Instructions 564 Higher-Level Understanding and Logic Bugs 565 Graphical Analysis of Binaries 566 Manual Decompilation 566 Binary Vulnerability Examples 566 Microsoft SQL Server Bugs 566 LSD’s RPC-DCOM Vulnerability 567 IIS WebDAV Vulnerability 568 Conclusion 570 Part IV Advanced Materials Chapter 22 Alternative Payload Strategies 573 Modifying the Program 574 The SQL Server 3-Byte Patch 575 The MySQL 1-Bit Patch 578 OpenSSH RSA Authentication Patch 580 Other Runtime Patching Ideas 581 GPG 1.2.2 Randomness Patch 583 Upload and Run (or Proglet Server) 584 Syscall Proxies 584 Problems with Syscall Proxies 587 Conclusion 596 Chapter 23 Writing Exploits that Work in the Wild 597 Factors in Unreliability 597 Magic Numbers 597 Versioning 598 Shellcode Problems 599 Countermeasures 601 Preparation 602 Brute Forcing 602 Local Exploits 603 OS/Application Fingerprinting 603 Information Leaks 605 Conclusion 606 Chapter 24 Attacking Database Software 607 Network Layer Attacks 608 Application Layer Attacks 618 Running Operating System Commands 619 Microsoft SQL Server 619 Oracle 620 IBM DB 2 621 Exploiting Overruns at the SQL Level 623 SQL Functions 623 Conclusion 625 Chapter 25 Unix Kernel Overflows 627 Kernel Vulnerability Types 627 0day Kernel Vulnerabilities 636 OpenBSD exec_ibcs2_coff_prep_zmagic() Stack Overflow 636 The Vulnerability 638 Solaris vfs_getvfssw() Loadable Kernel Module Traversal Vulnerability 642 The sysfs() System Call 644 The mount() System Call 645 Conclusion 646 Chapter 26 Exploiting Unix Kernel Vulnerabilities 647 The exec_ibcs2_coff_prep_zmagic() Vulnerability 647 Calculating Offsets and Breakpoints 652 Overwriting the Return Address and Redirecting Execution 654 Locating the Process Descriptor (or the Proc Structure) 655 Kernel Mode Payload Creation 658 Returning Back from Kernel Payload 659 Getting root (uid=0) 665 Solaris vfs_getvfssw() Loadable Kernel Module Path Traversal Exploit 672 Crafting the Exploit 673 The Kernel Module to Load 674 Getting root (uid=0) 678 Conclusion 678 Chapter 27 Hacking the Windows Kernel 681 Windows Kernel Mode Flaws—An Increasingly Hunted Species 681 Introduction to the Windows Kernel 682 Common Kernel-Mode Programming Flaws 683 Stack Overflows 684 Heap Overflows 688 Insufficient Validation of User-Mode Addresses 688 Repurposing Attacks 689 Shared Object Attacks 689 Windows System Calls 690 Understanding System Calls 690 Attacking System Calls 692 Communicating with Device Drivers 693 I/O Control Code Components 693 Finding Flaws in IOCTL Handlers 694 Kernel-Mode Payloads 695 Elevating a User-Mode Process 696 Running an Arbitrary User-Mode Payload 699 Subverting Kernel Security 701 Installing a Rootkit 703 Essential Reading for Kernel Shellcoders 703 Conclusion 704 Index 705

Read more less

Book SynopsisTable of ContentsPreface xvii Acknowledgment xxvii 1 A Comprehensive Study of Security Issues and Research Challenges in Different Layers of Service-Oriented IoT Architecture 1 Ankur O. Bang, Udai Pratap Rao and Amit A. Bhusari 1.1 Introduction and Related Work 2 1.2 IoT: Evolution, Applications and Security Requirements 4 1.2.1 IoT and Its Evolution 5 1.2.2 Different Applications of IoT 5 1.2.3 Different Things in IoT 7 1.2.4 Security Requirements in IoT 8 1.3 Service-Oriented IoT Architecture and IoT Protocol Stack 10 1.3.1 Service-Oriented IoT Architecture 10 1.3.2 IoT Protocol Stack 11 1.3.2.1 Application Layer Protocols 12 1.3.2.2 Transport Layer Protocols 13 1.3.2.3 Network Layer Protocols 15 1.3.2.4 Link Layer and Physical Layer Protocols 16 1.4 Anatomy of Attacks on Service-Oriented IoT Architecture 24 1.4.1 Attacks on Software Service 24 1.4.1.1 Operating System–Level Attacks 24 1.4.1.2 Application-Level Attacks 25 1.4.1.3 Firmware-Level Attacks 25 1.4.2 Attacks on Devices 26 1.4.3 Attacks on Communication Protocols 26 1.4.3.1 Attacks on Application Layer Protocols 26 1.4.3.2 Attacks on Transport Layer Protocols 28 1.4.3.3 Attacks on Network Layer Protocols 28 1.4.3.4 Attacks on Link and Physical Layer Protocols 30 1.5 Major Security Issues in Service-Oriented IoT Architecture 31 1.5.1 Application – Interface Layer 32 1.5.2 Service Layer 33 1.5.3 Network Layer 33 1.5.4 Sensing Layer 34 1.6 Conclusion 35 References 36 2 Quantum and Post-Quantum Cryptography 45 Om Pal, Manoj Jain, B.K. Murthy and Vinay Thakur 2.1 Introduction 46 2.2 Security of Modern Cryptographic Systems 46 2.2.1 Classical and Quantum Factoring of A Large Number 47 2.2.2 Classical and Quantum Search of An Item 49 2.3 Quantum Key Distribution 49 2.3.1 BB84 Protocol 50 2.3.1.1 Proposed Key Verification Phase for BB84 51 2.3.2 E91 Protocol 51 2.3.3 Practical Challenges of Quantum Key Distribution 52 2.3.4 Multi-Party Quantum Key Agreement Protocol 53 2.4 Post-Quantum Digital Signature 53 2.4.1 Signatures Based on Lattice Techniques 54 2.4.2 Signatures Based on Multivariate Quadratic Techniques 55 2.4.3 Hash-Based Signature Techniques 55 2.5 Conclusion and Future Directions 55 References 56 3 Artificial Neural Network Applications in Analysis of Forensic Science 59 K.R. Padma and K.R. Don 3.1 Introduction 60 3.2 Digital Forensic Analysis Knowledge 61 3.3 Answer Set Programming in Digital Investigations 61 3.4 Data Science Processing with Artificial Intelligence Models 63 3.5 Pattern Recognition Techniques 63 3.6 ANN Applications 65 3.7 Knowledge on Stages of Digital Forensic Analysis 65 3.8 Deep Learning and Modelling 67 3.9 Conclusion 68 References 69 4 A Comprehensive Survey of Fully Homomorphic Encryption from Its Theory to Applications 73 Rashmi Salavi, Dr. M. M. Math and Dr. U. P. Kulkarni 4.1 Introduction 73 4.2 Homomorphic Encryption Techniques 76 4.2.1 Partial Homomorphic Encryption Schemes 77 4.2.2 Fully Homomorphic Encryption Schemes 78 4.3 Homomorphic Encryption Libraries 79 4.4 Computations on Encrypted Data 83 4.5 Applications of Homomorphic Encryption 85 4.6 Conclusion 86 References 87 5 Understanding Robotics through Synthetic Psychology 91 Garima Saini and Dr. Shabnam 5.1 Introduction 91 5.2 Physical Capabilities of Robots 92 5.2.1 Artificial Intelligence and Neuro Linguistic Programming (NLP) 93 5.2.2 Social Skill Development and Activity Engagement 93 5.2.3 Autism Spectrum Disorders 93 5.2.4 Age-Related Cognitive Decline and Dementia 94 5.2.5 Improving Psychosocial Outcomes through Robotics 94 5.2.6 Clients with Disabilities and Robotics 94 5.2.7 Ethical Concerns and Robotics 95 5.3 Traditional Psychology, Neuroscience and Future Robotics 95 5.4 Synthetic Psychology and Robotics: A Vision of the Future 97 5.5 Synthetic Psychology: The Foresight 98 5.6 Synthetic Psychology and Mathematical Optimization 99 5.7 Synthetic Psychology and Medical Diagnosis 99 5.7.1 Virtual Assistance and Robotics 100 5.7.2 Drug Discovery and Robotics 100 5.8 Conclusion 101 References 101 6 An Insight into Digital Forensics: History, Frameworks, Types and Tools 105 G Maria Jones and S Godfrey Winster 6.1 Overview 105 6.2 Digital Forensics 107 6.2.1 Why Do We Need Forensics Process? 107 6.2.2 Forensics Process Principles 108 6.3 Digital Forensics History 108 6.3.1 1985 to 1995 108 6.3.2 1995 to 2005 109 6.3.3 2005 to 2015 110 6.4 Evolutionary Cycle of Digital Forensics 111 6.4.1 Ad Hoc 111 6.4.2 Structured Phase 111 6.4.3 Enterprise Phase 112 6.5 Stages of Digital Forensics Process 112 6.5.1 Stage 1 - 1995 to 2003 112 6.5.2 Stage II - 2004 to 2007 113 6.5.3 Stage III - 2007 to 2014 114 6.6 Types of Digital Forensics 115 6.6.1 Cloud Forensics 116 6.6.2 Mobile Forensics 116 6.6.3 IoT Forensics 116 6.6.4 Computer Forensics 117 6.6.5 Network Forensics 117 6.6.6 Database Forensics 118 6.7 Evidence Collection and Analysis 118 6.8 Digital Forensics Tools 119 6.8.1 X-Ways Forensics 119 6.8.2 SANS Investigative Forensics Toolkit – SIFT 119 6.8.3 EnCase 119 6.8.4 The Sleuth Kit/Autopsy 122 6.8.5 Oxygen Forensic Suite 122 6.8.6 Xplico 122 6.8.7 Computer Online Forensic Evidence Extractor (COFEE) 122 6.8.8 Cellebrite UFED 122 6.8.9 OSForeniscs 123 6.8.10 Computer-Aided Investigative Environment (CAINE) 123 6.9 Summary 123 References 123 7 Digital Forensics as a Service: Analysis for Forensic Knowledge 127 Soumi Banerjee, Anita Patil, Dipti Jadhav and Gautam Borkar 7.1 Introduction 127 7.2 Objective 128 7.3 Types of Digital Forensics 129 7.3.1 Network Forensics 129 7.3.2 Computer Forensics 142 7.3.3 Data Forensics 147 7.3.4 Mobile Forensics 149 7.3.5 Big Data Forensics 154 7.3.6 IoT Forensics 155 7.3.7 Cloud Forensics 157 7.4 Conclusion 161 References 161 8 4S Framework: A Practical CPS Design Security Assessment & Benchmarking Framework 163 Neel A. Patel, Dhairya A. Parekh, Yash A. Shah and Ramchandra Mangrulkar 8.1 Introduction 164 8.2 Literature Review 166 8.3 Medical Cyber Physical System (MCPS) 170 8.3.1 Difference between CPS and MCPS 171 8.3.2 MCPS Concerns, Potential Threats, Security 171 8.4 CPSSEC vs. Cyber Security 172 8.5 Proposed Framework 173 8.5.1 4S Definitions 174 8.5.2 4S Framework-Based CPSSEC Assessment Process 175 8.5.3 4S Framework-Based CPSSEC Assessment Score Breakdown & Formula 181 8.6 Assessment of Hypothetical MCPS Using 4S Framework 187 8.6.1 System Description 187 8.6.2 Use Case Diagram for the Above CPS 188 8.6.3 Iteration 1 of 4S Assessment 189 8.6.4 Iteration 2 of 4S Assessment 195 8.7 Conclusion 200 8.8 Future Scope 201 References 201 9 Ensuring Secure Data Sharing in IoT Domains Using Blockchain 205 Tawseef Ahmed Teli, Rameez Yousuf and Dawood Ashraf Khan 9.1 IoT and Blockchain 205 9.1.1 Public 208 9.1.1.1 Proof of Work (PoW) 209 9.1.1.2 Proof of Stake (PoS) 209 9.1.1.3 Delegated Proof of Stake (DPoS) 210 9.1.2 Private 210 9.1.3 Consortium or Federated 210 9.2 IoT Application Domains and Challenges in Data Sharing 211 9.3 Why Blockchain? 214 9.4 IoT Data Sharing Security Mechanism On Blockchain 216 9.4.1 Double-Chain Mode Based On Blockchain Technology 216 9.4.2 Blockchain Structure Based On Time Stamp 217 9.5 Conclusion 219 References 219 10 A Review of Face Analysis Techniques for Conventional and Forensic Applications 223 Chethana H.T. and Trisiladevi C. Nagavi 10.1 Introduction 224 10.2 Face Recognition 225 10.2.1 Literature Review on Face Recognition 226 10.2.2 Challenges in Face Recognition 228 10.2.3 Applications of Face Recognition 229 10.3 Forensic Face Recognition 229 10.3.1 Literature Review on Face Recognition for Forensics 231 10.3.2 Challenges of Face Recognition in Forensics 233 10.3.3 Possible Datasets Used for Forensic Face Recognition 235 10.3.4 Fundamental Factors for Improving Forensics Science 235 10.3.5 Future Perspectives 237 10.4 Conclusion 238 References 238 11 Roadmap of Digital Forensics Investigation Process with Discovery of Tools 241 Anita Patil, Soumi Banerjee, Dipti Jadhav and Gautam Borkar 11.1 Introduction 242 11.2 Phases of Digital Forensics Process 244 11.2.1 Phase I - Identification 244 11.2.2 Phase II - Acquisition and Collection 245 11.2.3 Phase III - Analysis and Examination 245 11.2.4 Phase IV - Reporting 245 11.3 Analysis of Challenges and Need of Digital Forensics 246 11.3.1 Digital Forensics Process has following Challenges 246 11.3.2 Needs of Digital Forensics Investigation 247 11.3.3 Other Common Attacks Used to Commit the Crime 248 11.4 Appropriateness of Forensics Tool 248 11.4.1 Level of Skill 248 11.4.2 Outputs 252 11.4.3 Region of Emphasis 252 11.4.4 Support for Additional Hardware 252 11.5 Phase-Wise Digital Forensics Techniques 253 11.5.1 Identification 253 11.5.2 Acquisition 254 11.5.3 Analysis 256 11.5.3.1 Data Carving 257 11.5.3.2 Different Curving Techniques 259 11.5.3.3 Volatile Data Forensic Toolkit Used to Collect and Analyze the Data from Device 260 11.5.4 Report Writing 265 11.6 Pros and Cons of Digital Forensics Investigation Process 266 11.6.1 Advantages of Digital Forensics 266 11.6.2 Disadvantages of Digital Forensics 266 11.7 Conclusion 267 References 267 12 Utilizing Machine Learning and Deep Learning in Cybesecurity: An Innovative Approach 271 Dushyant Kaushik, Muskan Garg, Annu, Ankur Gupta and Sabyasachi Pramanik 12.1 Introduction 271 12.1.1 Protections of Cybersecurity 272 12.1.2 Machine Learning 274 12.1.3 Deep Learning 276 12.1.4 Machine Learning and Deep Learning: Similarities and Differences 278 12.2 Proposed Method 281 12.2.1 The Dataset Overview 282 12.2.2 Data Analysis and Model for Classification 283 12.3 Experimental Studies and Outcomes Analysis 283 12.3.1 Metrics on Performance Assessment 284 12.3.2 Result and Outcomes 285 12.3.2.1 Issue 1: Classify the Various Categories of Feedback Related to the Malevolent Code Provided 285 12.3.2.2 Issue 2: Recognition of the Various Categories of Feedback Related to the Malware Presented 286 12.3.2.3 Issue 3: According to the Malicious Code, Distinguishing Various Forms of Malware 287 12.3.2.4 Issue 4: Detection of Various Malware Styles Based on Different Responses 287 12.3.3 Discussion 288 12.4 Conclusions and Future Scope 289 References 292 13 Applications of Machine Learning Techniques in the Realm of Cybersecurity 295 Koushal Kumar and Bhagwati Prasad Pande 13.1 Introduction 296 13.2 A Brief Literature Review 298 13.3 Machine Learning and Cybersecurity: Various Issues 300 13.3.1 Effectiveness of ML Technology in Cybersecurity Systems 300 13.3.2 Machine Learning Problems and Challenges in Cybersecurity 302 13.3.2.1 Lack of Appropriate Datasets 302 13.3.2.2 Reduction in False Positives and False Negatives 302 13.3.2.3 Adversarial Machine Learning 302 13.3.2.4 Lack of Feature Engineering Techniques 303 13.3.2.5 Context-Awareness in Cybersecurity 303 13.3.3 Is Machine Learning Enough to Stop Cybercrime? 304 13.4 ML Datasets and Algorithms Used in Cybersecurity 304 13.4.1 Study of Available ML-Driven Datasets Available for Cybersecurity 304 13.4.1.1 KDD Cup 1999 Dataset (DARPA1998) 305 13.4.1.2 NSL-KDD Dataset 305 13.4.1.3 ECML-PKDD 2007 Discovery Challenge Dataset 305 13.4.1.4 Malicious URL’s Detection Dataset 306 13.4.1.5 ISOT (Information Security and Object Technology) Botnet Dataset 306 13.4.1.6 CTU-13 Dataset 306 13.4.1.7 MAWILab Anomaly Detection Dataset 307 13.4.1.8 ADFA-LD and ADFA-WD Datasets 307 13.4.2 Applications ML Algorithms in Cybersecurity Affairs 307 13.4.2.1 Clustering 309 13.4.2.2 Support Vector Machine (SVM) 309 13.4.2.3 Nearest Neighbor (NN) 309 13.4.2.4 Decision Tree 309 13.4.2.5 Dimensionality Reduction 310 13.5 Applications of Machine Learning in the Realm of Cybersecurity 310 13.5.1 Facebook Monitors and Identifies Cybersecurity Threats with ML 310 13.5.2 Microsoft Employs ML for Security 311 13.5.3 Applications of ML by Google 312 13.6 Conclusions 313 References 313 14 Security Improvement Technique for Distributed Control System (DCS) and Supervisory Control-Data Acquisition (SCADA) Using Blockchain at Dark Web Platform 317 Anand Singh Rajawat, Romil Rawat and Kanishk Barhanpurkar 14.1 Introduction 318 14.2 Significance of Security Improvement in DCS and SCADA 322 14.3 Related Work 323 14.4 Proposed Methodology 324 14.4.1 Algorithms Used for Implementation 327 14.4.2 Components of a Blockchain 327 14.4.3 MERKLE Tree 328 14.4.4 The Technique of Stack and Work Proof 328 14.4.5 Smart Contracts 329 14.5 Result Analysis 329 14.6 Conclusion 330 References 331 15 Recent Techniques for Exploitation and Protection of Common Malicious Inputs to Online Applications 335 Dr. Tun Myat Aung and Ni Ni Hla 15.1 Introduction 335 15.2 SQL Injection 336 15.2.1 Introduction 336 15.2.2 Exploitation Techniques 337 15.2.2.1 In-Band SQL Injection 337 15.2.2.2 Inferential SQL Injection 338 15.2.2.3 Out-of-Band SQL Injection 340 15.2.3 Causes of Vulnerability 340 15.2.4 Protection Techniques 341 15.2.4.1 Input Validation 341 15.2.4.2 Data Sanitization 341 15.2.4.3 Use of Prepared Statements 342 15.2.4.4 Limitation of Database Permission 343 15.2.4.5 Using Encryption 343 15.3 Cross Site Scripting 344 15.3.1 Introduction 344 15.3.2 Exploitation Techniques 344 15.3.2.1 Reflected Cross Site Scripting 345 15.3.2.2 Stored Cross Site Scripting 345 15.3.2.3 DOM-Based Cross Site Scripting 346 15.3.3 Causes of Vulnerability 346 15.3.4 Protection Techniques 347 15.3.4.1 Data Validation 347 15.3.4.2 Data Sanitization 347 15.3.4.3 Escaping on Output 347 15.3.4.4 Use of Content Security Policy 348 15.4 Cross Site Request Forgery 349 15.4.1 Introduction 349 15.4.2 Exploitation Techniques 349 15.4.2.1 HTTP Request with GET Method 349 15.4.2.2 HTTP Request with POST Method 350 15.4.3 Causes of Vulnerability 350 15.4.3.1 Session Cookie Handling Mechanism 350 15.4.3.2 HTML Tag 351 15.4.3.3 Browser’s View Source Option 351 15.4.3.4 GET and POST Method 351 15.4.4 Protection Techniques 351 15.4.4.1 Checking HTTP Referer 351 15.4.4.2 Using Custom Header 352 15.4.4.3 Using Anti-CSRF Tokens 352 15.4.4.4 Using a Random Value for each Form Field 352 15.4.4.5 Limiting the Lifetime of Authentication Cookies 353 15.5 Command Injection 353 15.5.1 Introduction 353 15.5.2 Exploitation Techniques 354 15.5.3 Causes of Vulnerability 354 15.5.4 Protection Techniques 355 15.6 File Inclusion 355 15.6.1 Introduction 355 15.6.2 Exploitation Techniques 355 15.6.2.1 Remote File Inclusion 355 15.6.2.2 Local File Inclusion 356 15.6.3 Causes of Vulnerability 357 15.6.4 Protection Techniques 357 15.7 Conclusion 358 References 358 16 Ransomware: Threats, Identification and Prevention 361 Sweta Thakur, Sangita Chaudhari and Bharti Joshi 16.1 Introduction 361 16.2 Types of Ransomwares 364 16.2.1 Locker Ransomware 364 16.2.1.1 Reveton Ransomware 365 16.2.1.2 Locky Ransomware 366 16.2.1.3 CTB Locker Ransomware 366 16.2.1.4 TorrentLocker Ransomware 366 16.2.2 Crypto Ransomware 367 16.2.2.1 PC Cyborg Ransomware 367 16.2.2.2 OneHalf Ransomware 367 16.2.2.3 GPCode Ransomware 367 16.2.2.4 CryptoLocker Ransomware 368 16.2.2.5 CryptoDefense Ransomware 368 16.2.2.6 CryptoWall Ransomware 368 16.2.2.7 TeslaCrypt Ransomware 368 16.2.2.8 Cerber Ransomware 368 16.2.2.9 Jigsaw Ransomware 369 16.2.2.10 Bad Rabbit Ransomware 369 16.2.2.11 WannaCry Ransomware 369 16.2.2.12 Petya Ransomware 369 16.2.2.13 Gandcrab Ransomware 369 16.2.2.14 Rapid Ransomware 370 16.2.2.15 Ryuk Ransomware 370 16.2.2.16 Lockergoga Ransomware 370 16.2.2.17 PewCrypt Ransomware 370 16.2.2.18 Dhrama/Crysis Ransomware 370 16.2.2.19 Phobos Ransomware 371 16.2.2.20 Malito Ransomware 371 16.2.2.21 LockBit Ransomware 371 16.2.2.22 GoldenEye Ransomware 371 16.2.2.23 REvil or Sodinokibi Ransomware 371 16.2.2.24 Nemty Ransomware 371 16.2.2.25 Nephilim Ransomware 372 16.2.2.26 Maze Ransomware 372 16.2.2.27 Sekhmet Ransomware 372 16.2.3 MAC Ransomware 372 16.2.3.1 KeRanger Ransomware 373 16.2.3.2 Go Pher Ransomware 373 16.2.3.3 FBI Ransom Ransomware 373 16.2.3.4 File Coder 373 16.2.3.5 Patcher 373 16.2.3.6 ThiefQuest Ransomware 374 16.2.3.7 Keydnap Ransomware 374 16.2.3.8 Bird Miner Ransomware 374 16.3 Ransomware Life Cycle 374 16.4 Detection Strategies 376 16.4.1 Unevil 376 16.4.2 Detecting File Lockers 376 16.4.3 Detecting Screen Lockers 377 16.4.4 Connection-Monitor and Connection-Breaker Approach 377 16.4.5 Ransomware Detection by Mining API Call Usage 377 16.4.6 A New Static-Based Framework for Ransomware Detection 377 16.4.7 White List-Based Ransomware Real-Time Detection Prevention (WRDP) 378 16.5 Analysis of Ransomware 378 16.5.1 Static Analysis 379 16.5.2 Dynamic Analysis 379 16.6 Prevention Strategies 380 16.6.1 Access Control 380 16.6.2 Recovery After Infection 380 16.6.3 Trapping Attacker 380 16.7 Ransomware Traits Analysis 380 16.8 Research Directions 384 16.9 Conclusion 384 References 384 Index 389

Read more less

Book SynopsisFrom the authors of the fascinating The Age of Cryptocurrency, comes the definitive work on the Internet's next big thing: the blockchain.Many of the legacy systems' once designed to make our lives easier and our economy more efficient are no longer up to the task; big banks have grown more entrenched, privacy exists only until the next hack, and credit card fraud has become a fact of life. However, there is a way past all this?a new kind of operating system with the potential to revolutionise our economy: the blockchain.In The Truth Machine, Michael J. Casey and Paul Vigna demystify the blockchain and explain why it can restore personal control over our data, assets, and identities; grant billions of excluded people access to the global economy; and shift the balance of power to revive society's faith in itself. They reveal the empowerment possible when self-interested middlemen give way to the transparency of the blockchain, while highlighting the job losses, assertion of special intTrade Review‘The authors ably explain highly technical information in layperson’s terms, and the text is neither too dense nor too basic. Readers may pick this one up for the Bitcoin connection and find themselves fascinated with the blockchain’s potential to change the world’s financial systems for the better.’ ―Booklist ‘With thoughtful and well researched analysis, The Truth Machine leads you through a history of cryptocurrencies and blockchains that reveals the path forward towards a decentralized economy, one in which opportunity and access are widely spread.’ ―Andreas M Antonopoulos, author of Mastering Bitcoin and The Internet of Money series ‘The Truth Machine is a brilliant, beautifully written guide to the blockchain revolution that is redefining “trust” for our increasingly globalized world.’ ―Hernando de Soto, President of the Institute for Liberty and Democracy, author of The Mystery of Capital ‘Casey and Vigna are among the blockchain and digital-currency sector's most important visionaries. They are shaping a new understanding of how we can gain greater personal control over our data, assets, identities and creations to forge a more inclusive, collaborative and innovative society.’ ―Imogen Heap, Grammy award-winning singer-songwriter and founder of Mycelia ‘Casey and Vigna have done it again! It turns out that digital currencies may only be the spark for the next major revolution in business and society. The implications of trust being the blockchain’s real killer app cannot be ignored by any serious investor.’ ―Josh Brown, CEO of Ritholtz Wealth Management, star of CNBC’s The Halftime Report ‘This unparalleled examination of the blockchain landscape will open people's eyes to how a decentralized information system can level the playing field for humanity.’ ―Mariana Dahan, founder and CEO, World Identity Network, first coordinator of The World Bank's Identification for Development (ID4D) Initiative

Read more less

Book SynopsisTrade Review"The editor, John Vacca, has pulled together contributions from a large number of experts into a massive tome that touches on pretty much every angle of security and privacy. ...it’s hard to think of anyone with any interest in infosecurity who wouldn’t get something out of it. This is the reference work you want on your bookshelf when you need to quickly get a grounding in some new aspect of security." --Network Security NewsletterTable of Contents1. Information Security in the Modern Enterprise 2. Building a Secure Organization 3. A Cryptography Primer 4. Verifying User and Host Identity 5. Detecting System Intrusions 6. Intrusion Detection in Contemporary Environments 7. Preventing System Intrusions 8. Guarding Against Network Intrusions 9. Fault Tolerance and Resilience in Cloud Computing Environments 10. Securing Web Applications, Services and Servers 11. Unix and Linux Security 12. Eliminating the Security Weakness of Linux and Unix Operating Systems 13. Internet Security 14. The Botnet Problem 15. Intranet Security 16. Wireless Network Security 17. Wireless Sensor Network Security 18. Security for the Internet of Things 19. Cellular Network Security 20. RFID Security 21. Information Security Essentials for IT Managers, Protecting Mission-Critical Systems 22. Security Management Systems 23. Policy-Driven System Management 24. Social Engineering Deceptions and Defenses 25. Ethical Hacking 26. What Is Vulnerability Assessment? 27. Security Education, Training, and Awareness 28. Risk Management 29. Insider Threats 30. Disaster Recovery 31. Disaster Recovery Plans for Small and Medium Business (SMB) 32. Security Certification And Standards Implementation 33. Security Policies And Plans Development 34. Cyber Forensics 35. Cyber Forensics and Incident Response 36. Securing eDiscovery 37. Microsoft Office and Metadata Forensics: A Deeper Dive 38. Hard Drive Imaging 39. Satellite Encryption 40. Public Key Infrastructure 41. Context-Aware Multi-Factor Authentication 42. Instant-Messaging Security 43. Online Privacy 44. Privacy-enhancing Technologies 45. Detection Of Conflicts In Security Policies 46. Supporting User Privacy Preferences in Digital Interactions 47. Privacy and Security in Environmental Monitoring Systems: Issues and Solutions 48. Virtual Private Networks 49. VoIP Security 50. Storage Area Networking Devices Security 51. Securing Cloud Computing Systems 52. Cloud Security 53. Private Cloud Security 54. Virtual Private Cloud Security 55. Protecting Virtual Infrastructure 56. SDN and NFV Security 57. Physical Security Essentials 58. Online Identity and User Management Services 59. Intrusion Prevention and Detection Systems 60. Penetration Testing 61. Access Controls 62. Endpoint Security 63. Fundamentals of Cryptography 64. Securing the Infrastructure 65. Cyber Warfare 66. Security Through Diversity 67. Online e-Reputation Management Services 68. Data Loss Protection 69. Satellite Cyber Attack Search and Destroy 70. Advanced Data Encryption Appendices (Online only)

Read more less

Book SynopsisTable of ContentsI. SECURITY FUNDAMENTALS 1.Introduction to Security a.Who are the attackers? i.Categories of threat actors ii.Attributes of actors b.Attack vectors and their causes i.Avenues of attacks ii.Vulnerabilities that create attack vectors iii.Social engineering attacks c.Cybersecurity standards i.Regulations and standards ii.Frameworks iii.Configuration guidelines d.Sources of information i.Threat intelligence sources ii.Research sources 2.Security Evaluations a.Security assessments i.Threat hunting ii.Vulnerability scans iii.Security information and event management (SIEM) iv.Security orchestration, automation, response (SOAR) b.Penetration testing i.What is penetration testing? ii.Types of reconnaissance iii.Exercise types ( II. DEVICE SECURITY 3.Threats and Attacks on Devices a.Attacks using malware i.Circulation ii.Infection iii.Concealment iv.Payload capabilities b.Adversarial AI attacks c.Application attacks i.Web server application attacks ii.Hijacking iii.Overflow attacks iv.Advertising attacks v.Browser vulnerabilities 4.Client and Application Security a.Securing client devices i.Endpoint protection ii.Boot integrity iii.Database protection iv.Hardware and software protection b.Creating and deploying SecDevOps i.Application development ii.Secure coding techniques iii.Code testing 5.Mobile, Embedded and Specialized Device Security a.Securing mobile devices i.Mobile device types and deployment ii.Mobile device risks iii.Securing mobile devices iv.Mobile management tools b.Embedded and IoT device security i.Types of embedded systems ii.IoT devices iii.Specialized devices c.Keeping specialized devices secure i.Vulnerabilities ii.Securing communications III. CRYPTOGRAPHY 6.Basic Cryptography a.Defining cryptography b.Cryptographic algorithms c.Cryptographic attacks d.Using cryptography 7.Advanced Cryptography and PKI a.Implementing cryptography b.Digital certificates c.Public Key Infrastructure (PKI) d.Cryptographic transport protocols IV. NETWORK SECURITY 8.Network Threats, Assessments, and Defenses a.Attacks on networks i.Interception ii.Poisoning iii.Denial of Service b.Assessing network and organizational security i.Network reconnaissance and discovery ii.File manipulation iii.Shell and script environments iv.Packet capture and replay c.Physical security defenses i.External perimeter defenses ii.Internal physical access security iii.Computer hardware security 9.Network Security Design and Technologies a.Security through network devices i.Standard network devices ii.Network security hardware b.Security through architecture and design c.Implementing secure protocols d.Enterprise network security concepts i.Configuration management ii.Data protection 10.Wireless Network Security a.Wireless attacks i.Bluetooth attacks ii.Near field communication attacks iii.Radio frequency identification attacks iv.Wireless local area network attacks b.Vulnerabilities of IEEE wireless security c.Wireless security solutions i.Wi-Fi Protected Access ii.Wi-Fi Protected Access 2 iii.Additional wireless security protections 11.Cloud and Virtualization Security a.Cloud security i.Cloud concepts and models ii.Cloud security solutions 1.Cloud security controls 2.Cloud security solutions b.Virtualization security i.Virtualization concepts ii.Securing virtual environments ENTERPRISE SECURITY 12.Identity and Access Management (IAM) a.Authentication credentials i.What you know: passwords ii.What you have: tokens, cards, and cell phones iii.What you are: biometrics iv.What you do: behavioral biometrics v.Where you are: geolocation b.Identity and account management controls c.Access services 13.Incident Response and Investigation a.Incident response plans and procedures i.What is an incident response plan? ii.Incident response exercises iii.Attack frameworks b.Investigating an incident by using data sources c.Digital forensics i.What is forensics? ii.Forensics procedures 14.Cybersecurity Resilience a.Control types b.Techniques for resiliency i.Redundancy ii.Replication iii.Data backups c.Using organizational policies for security 15.Risk Management and Data Privacy a.Managing risk i.Threat assessment ii.Risk assessment b.Protecting sensitive data i.Data types ii.Consequences of privacy breaches iii.Breach notifications iv.Roles and responsibilities v.Privacy enhancing technologies

Read more less

Book SynopsisWilson/Simpson/Antill's HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE, 4th edition, equips you with the knowledge and skills to protect networks using the tools and techniques of an ethical hacker. The authors explore the concept of ethical hacking and its practitioners -- explaining their importance in protecting corporate and government data -- and then deliver an in-depth guide to performing security testing. Thoroughly updated, the text covers new security resources, emerging vulnerabilities and innovative methods to protect networks, mobile security considerations, computer crime laws and penalties for illegal computer hacking. A final project brings concepts together in a penetration testing exercise and report, while virtual machine labs, auto-graded quizzes and interactive activities in the online learning platform help further prepare you for your role as a network security professional.Table of ContentsModule 1. Ethical Hacking Overview. Module 2. TCP/IP Concepts Review. Module 3. Network and Computer Attacks. Module 4. Footprinting and Social Engineering. Module 5. Port Scanning. Module 7. Programming for Security Professionals. Module 8. Desktop and Server OS Vulnerabilities. Module 9. Embedded Operating Systems: The Hidden Threat. Module 10. Hacking Web Applications. Module 11. Hacking Wireless Networks. Module 12. Cryptography. Module 13. Network Protection Systems. Module 14. The Final Project. Appendix A. Legal Resources. Appendix B. Resources.

Read more less

Book SynopsisTable of Contents1. Introduction to Cybersecurity. 2. Personal Security. 3. Computer Security. 4. Internet Security. 5. Mobile Security. 6. Privacy.

Read more less

Book SynopsisHow to solve security issues and problems arising in distributed systems. Security is one of the leading concerns in developing dependable distributed systems of today, since the integration of different components in a distributed manner creates new security problems and issues. Service oriented architectures, the Web, grid computing and virtualization form the backbone of today's distributed systems. A lens to security issues in distributed systems is best provided via deeper exploration of security concerns and solutions in these technologies. Distributed Systems Security provides a holistic insight into current security issues, processes, and solutions, and maps out future directions in the context of today's distributed systems. This insight is elucidated by modeling of modern day distributed systems using a four-tier logical model host layer, infrastructure layer, application layer, and service layer (bottom to top). The authors provide an in-depth coverTable of ContentsChapter 1: Introduction 1.1 Background 1.2 Distributed Systems. 1.3 Distributed Systems Security. 1.4 About the Book. Chapter 2: Security Engineering. 2.1 Introduction. 2.2 Secure Development Life Cycle Processes – An Overview. 2.3 A Typical Security Engineering Process. 2.4 Important Security Engineering Guidelines and Resources. 2.5 Conclusion. Chapter 3. Common Security Issues and Technologies. 3.1 Security Issues. 3.2 Common Security Techniques. 3.3 Summary. Chapter 4 – Host level Threats and Vulnerabilities. 4.1 Background. 4.2 Malware. 4.3 Eavesdropping. 4.4 Job faults. 4.5 Resource starvation. 4.6 Overflow. 4.7 Privilege escalation. 4.8 Injection attacks. 4.9 Conclusion. Chapter 5 – Infrastructure Level Threats & Vulnerabilities. 5.1 Introduction. 5.2 Network Level Threats and Vulnerabilities. 5.3 Grid Computing Threats and Vulnerabilities. 5.4 Storage Threats and Vulnerabilities. Chapter 6: Application Level Vulnerabilities and Attacks. 6.1 Introduction. 6.2 Application Layer Vulnerabilities. 6.3 Conclusion. Chapter 7 – Service Level Issues, Threats and Vulnerabilities. 7.1 Introduction. 7.2 SOA and Role of Standards. 7.3 Service Level Security Requirements. 7.4 Service Level Threats and Vulnerabilities. 7.5 Service Level Attacks. 7.6 Services Threat Profile. 7.7 Conclusions. Chapter 8: Host level Solutions. 8.1 Background. 8.2 Sandboxing. 8.3 Virtualization. 8.4 Resource Management 8.5 Proof carrying code. 8.6 Memory firewall 8.7 Anti malware. 8.8 Conclusions. Chapter 9 – Infrastructure Level Solutions 9.1 Introduction. 9.2 Network Level Solutions. 9.3 Grid Level Solutions. 9.4 Storage Level Solutions. Chapter 10: Application Level Solutions. 10.1 Introduction. 10.2 Application Level Security Solutions. 10.3 Conclusion. Chapter 11 – Service Level Solutions. 11.1 Introduction. 11.2 Services Security Policy. 11.3 SOA Security standards stack. 11.4 Standards in Depth. 11.5 Deployment Architectures for SOA Security. 11.6 Managing Service Level Threats. 11.7 Service Threat Solution Mapping. 11.8 XML Firewall Configuration-Threat Mapping. 11.9 Conclusions. Chapter 12 - Case Study – Compliance in Financial Services. 12.1 Introduction. 12.2 SOX compliance. 12.3 SOX Security Solutions. 12.4 Multi-level policy driven solution architecture. 12.5 Conclusions. Chapter 13 – Case Study of Grid. 13.1 Background. 13.2 Financial Application. 13.3 Security Requirements Analysis. 13.4 Final Security Architecture. Chapter 14: Future directions and Conclusions. 14.1 Future directions. 14.2 Conclusions.

Read more less

Book SynopsisHands-on, practical guide to implementing SSL and TLS protocols for Internet security If you are a network professional who knows C programming, this practical book is for you. Focused on how to implement Secure Socket Layer (SSL) and Transport Layer Security (TLS), this book guides you through all necessary steps, whether or not you have a working knowledge of cryptography. The book covers SSLv2, TLS 1.0, and TLS 1.2, including implementations of the relevant cryptographic protocols, secure hashing, certificate parsing, certificate generation, and more. Coverage includes: Understanding Internet Security Protecting against Eavesdroppers with Symmetric Cryptography Secure Key Exchange over an Insecure Medium with Public Key Cryptography Authenticating Communications Using Digital Signatures Creating a Network of Trust Using X.509 Certificates A Usable, Secure Communications Protocol: Client-Side TLS Adding SerTable of ContentsIntroduction xxvii Chapter 1 Understanding Internet Security 1 What Are Secure Sockets? 2 “Insecure” Communications: Understanding the HTTP Protocol 4 Implementing an HTTP Client 5 Adding Support for HTTP Proxies 12 Reliable Transmission of Binary Data with Base64 Encoding 17 Implementing an HTTP Server 21 Roadmap for the Rest of This Book 27 Chapter 2 Protecting Against Eavesdroppers with Symmetric Cryptography 29 Understanding Block Cipher Cryptography Algorithms 30 Implementing the Data Encryption Standard (DES) Algorithm 31 DES Initial Permutation 34 DES Key Schedule 38 DES Expansion Function 40 DES Decryption 45 Padding and Chaining in Block Cipher Algorithms 46 Using the Triple-DES Encryption Algorithm to Increase Key Length 55 Faster Encryption with the Advanced Encryption Standard (AES) Algorithm 60 AES Key Schedule Computation 60 AES Encryption 67 Other Block Cipher Algorithms 83 Understanding Stream Cipher Algorithms 83 Understanding and Implementing the RC4 Algorithm 84 Chapter 3 Converting a Block Cipher to a Stream Cipher: The OFB and COUNTER Block-Chaining Modes 90 Secure Key Exchange over an Insecure Medium with Public Key Cryptography 91 Understanding the Theory Behind the RSA Algorithm 92 Performing Arbitrary Precision Binary Math to Implement Public-Key Cryptography 93 Implementing Large-Number Addition 93 Implementing Large-Number Subtraction 98 Implementing Large-Number Multiplication 101 Implementing Large-Number Division 106 Comparing Large Numbers 109 Optimizing for Modulo Arithmetic 112 Using Modulus Operations to Efficiently Compute Discrete Logarithms in a Finite Field 113 Encryption and Decryption with RSA 114 Encrypting with RSA 115 Decrypting with RSA 119 Encrypting a Plaintext Message 120 Decrypting an RSA-Encrypted Message 124 Testing RSA Encryption and Decryption 126 Achieving Perfect Forward Secrecy with Diffie-Hellman Key Exchange 130 Getting More Security per Key Bit: Elliptic Curve Cryptography 132 How Elliptic Curve Cryptography Relies on Modular Inversions 135 Using the Euclidean Algorithm to compute Greatest Common Denominators 135 Computing Modular Inversions with the Extended Euclidean Algorithm 137 Adding Negative Number Support to the Huge Number Library 138 Supporting Negative Remainders 147 Making ECC Work with Whole Integers: Elliptic-Curve Cryptography over Fp 150 Reimplementing Diffie-Hellman to Use ECC Primitives 150 Why Elliptic-Curve Cryptography? 154 Chapter 4 Authenticating Communications Using Digital Signatures 157 Using Message Digests to Create Secure Document Surrogates 158 Implementing the MD5 Digest Algorithm 159 Understanding MD 5 160 A Secure Hashing Example 161 Securely Hashing a Single Block of Data 166 MD5 Vulnerabilities 169 Increasing Collision Resistance with the SHA- 1 Digest Algorithm 171 Understanding SHA-1 Block Computation 171 Understanding the SHA-1 Input Processing Function 174 Understanding SHA-1 Finalization 176 Even More Collision Resistance with the SHA- 256 Digest Algorithm 180 Preventing Replay Attacks with the HMAC Keyed-Hash Algorithm 184 Implementing a Secure HMAC Algorithm 186 Completing the HMAC Operation 190 Creating Updateable Hash Functions 190 Defining a Digest Structure 191 Appending the Length to the Last Block 194 Computing the MD5 Hash of an Entire File 196 Where Does All of This Fit into SSL? 200 Understanding Digital Signature Algorithm (DSA) Signatures 201 Implementing Sender-Side DSA Signature Generation 202 Implementing Receiver-Side DSA Signature Verification 205 How to Make DSA Efficient 209 Getting More Security per Bit: Elliptic Curve DSA 210 Rewriting the Elliptic-Curve Math Functions to Support Large Numbers 211 Implementing ECDSA 215 Generating ECC Keypairs 218 Chapter 5 Creating a Network of Trust Using X.509 Certificates 221 Putting It Together: The Secure Channel Protocol 222 Encoding with ASN.1 225 Understanding Signed Certificate Structure 225 Version 226 serialNumber 227 signature 227 issuer 229 validity 232 subject 233 subjectPublicKeyInfo 235 extensions 237 Signed Certificates 238 Summary of X.509 Certificates 241 Transmitting Certificates with ASN.1 Distinguished Encoding Rules (DER) 241 Encoded Values 241 Strings and Dates 242 Bit Strings 243 Sequences and Sets: Grouping and Nesting ASN.1 Values 243 ASN.1 Explicit Tags 244 A Real-World Certificate Example 244 Using OpenSSL to Generate an RSA KeyPair and Certificate 244 Using OpenSSL to Generate a DSA KeyPair and Certificate 251 Developing an ASN.1 Parser 252 Converting a Byte Stream into an ASN.1 Structure 252 The asn1parse Code in Action 259 Turning a Parsed ASN.1 Structure into X.509 Certificate Components 264 Joining the X.509 Components into a Completed X. 509 Certificate Structure 268 Parsing Object Identifiers (OIDs) 270 Parsing Distinguished Names 271 Parsing Certificate Extensions 275 Signature Verification 279 Validating PKCS #7-Formatted RSA Signatures 280 Verifying a Self-Signed Certificate 281 Adding DSA Support to the Certificate Parser 286 Managing Certificates 292 How Authorities Handle Certificate Signing Requests (CSRs) 292 Correlating Public and Private Keys Using PKCS # 12 Formatting 293 Blacklisting Compromised Certificates Using Certificate Revocation Lists (CRLs) 294 Keeping Certificate Blacklists Up-to-Date with the Online Certificate Status Protocol (OCSP) 295 Other Problems with Certificates 296 Chapter 6 A Usable, Secure Communications Protocol: Client-Side TLS 297 Implementing the TLS 1.0 Handshake (Client Perspective) 299 Adding TLS Support to the HTTP Client 300 Understanding the TLS Handshake Procedure 303 TLS Client Hello 304 Tracking the Handshake State in the TLSParameters Structure 304 Describing Cipher Suites 308 Flattening and Sending the Client Hello Structure 309 TLS Server Hello 316 Adding a Receive Loop 317 Sending Alerts 318 Parsing the Server Hello Structure 319 Reporting Server Alerts 323 TLS Certificate 324 TLS Server Hello Done 328 TLS Client Key Exchange 329 Sharing Secrets Using TLS PRF (Pseudo-Random Function) 329 Creating Reproducible, Unpredictable Symmetric Keys with Master Secret Computation 336 RSA Key Exchange 337 Diffie-Hellman Key Exchange 343 TLS Change Cipher Spec 344 TLS Finished 346 Computing the Verify Message 347 Correctly Receiving the Finished Message 352 Secure Data Transfer with TLS 353 Assigning Sequence Numbers 353 Supporting Outgoing Encryption 355 Adding Support for Stream Ciphers 358 Updating Each Invocation of send_message 359 Decrypting and Authenticating 361 TLS Send 364 TLS Receive 365 Implementing TLS Shutdown 368 Examining HTTPS End-to-end Examples (TLS 1.0) 369 Dissecting the Client Hello Request 370 Dissecting the Server Response Messages 372 Dissecting the Key Exchange Message 373 Decrypting the Encrypted Exchange 374 Exchanging Application Data 377 Differences Between SSL 3.0 and TLS 1.0 378 Differences Between TLS 1.0 and TLS 1.1 379 Chapter 7 Adding Server-Side TLS 1.0 Support 381 Implementing the TLS 1.0 Handshake from the Server’s Perspective 381 TLS Client Hello 387 TLS Server Hello 390 TLS Certificate 391 TLS Server Hello Done 393 TLS Client Key Exchange 394 RSA Key Exchange and Private Key Location 395 Supporting Encrypted Private Key Files 399 Checking That Decryption was Successful 406 Completing the Key Exchange 407 TLS Change Cipher Spec 409 TLS Finished 409 Avoiding Common Pitfalls When Adding HTTPS Support to a Server 411 When a Browser Displays Errors: Browser Trust Issues 412 Chapter 8 Advanced SSL Topics 415 Passing Additional Information with Client Hello Extensions 415 Safely Reusing Key Material with Session Resumption 420 Adding Session Resumption on the Client Side 421 Requesting Session Resumption 422 Adding Session Resumption Logic to the Client 422 Restoring the Previous Session’s Master Secret 424 Testing Session Resumption 425 Viewing a Resumed Session 427 Adding Session Resumption on the Server Side 428 Assigning a Unique Session ID to Each Session 429 Adding Session ID Storage 429 Modifying parse_client_hello to Recognize Session Resumption Requests 433 Drawbacks of This Implementation 435 Avoiding Fixed Parameters with Ephemeral Key Exchange 436 Supporting the TLS Server Key Exchange Message 437 Authenticating the Server Key Exchange Message 439 Examining an Ephemeral Key Exchange Handshake 442 Verifying Identity with Client Authentication 448 Supporting the CertificateRequest Message 449 Adding Certificate Request Parsing Capability for the Client 450 Handling the Certificate Request 452 Supporting the Certificate Verify Message 453 Refactoring rsa_encrypt to Support Signing 453 Testing Client Authentication 458 Viewing a Mutually-Authenticated TLS Handshake 460 Dealing with Legacy Implementations: Exportable Ciphers 463 Export-Grade Key Calculation 463 Step-up Cryptography 465 Discarding Key Material Through Session Renegotiation 465 Supporting the Hello Request 466 Renegotiation Pitfalls and the Client Hello Extension 0xFF01 468 Defending Against the Renegotiation Attack 469 Implementing Secure Renegotiation 471 Chapter 9 Adding TLS 1.2 Support to Your TLS Library 479 Supporting TLS 1.2 When You Use RSA for the Key Exchange 479 TLS 1.2 Modifications to the PRF 481 TLS 1.2 Modifications to the Finished Messages Verify Data 483 Impact to Diffie-Hellman Key Exchange 485 Parsing Signature Types 485 Adding Support for AEAD Mode Ciphers 490 Maximizing Throughput with Counter Mode 490 Reusing Existing Functionality for Secure Hashes with CBC-MAC 494 Combining CTR and CBC-MAC into AES-CCM 496 Maximizing MAC Throughput with Galois-Field Authentication 502 Combining CTR and Galois-Field Authentication with AES-GCM 505 Authentication with Associated Data 510 Incorporating AEAD Ciphers into TLS 1.2 517 Working ECC Extensions into the TLS Library 523 ECDSA Certificate Parsing 527 ECDHE Support in TLS 533 ECC Client Hello Extensions 540 The Current State of TLS 1.2 540 Chapter 10 Other Applications of SSL 543 Adding the NTTPS Extension to the NTTP Algorithm 543 Implementing “Multi-hop” SMTP over TLS and Protecting Email Content with S/MIME 545 Understanding the Email Model 545 The SSL/TLS Design and Email 546 Multipurpose Internet Mail Extensions (MIME) 547 Protecting Email from Eavesdroppers with S/MIME 549 Securing Email When There Are Multiple Recipients 550 S/MIME Certificate Management 552 Securing Datagram Traffic 552 Securing the Domain Name System 553 Using the DNS Protocol to Query the Database 555 Disadvantages of the DNS Query 555 Preventing DNS Cache Poisoning with DNSSEC 556 TLS Without TCP — Datagram TLS 559 Supporting SSL When Proxies Are Involved 560 Possible Solutions to the Proxy Problem 560 Adding Proxy Support Using Tunneling 561 SSL with OpenSSL 564 Final Thoughts 566 Appendix A Binary Representation of Integers: A Primer 567 The Decimal and Binary Numbering Systems 567 Understanding Binary Logical Operations 568 The AND Operation 568 The OR Operation 569 The NOT Operation 569 The XOR Operation 569 Position Shifting of Binary Numbers 570 Two’s-Complement Representation of Negative Numbers 570 Big-Endian versus Little-Endian Number Formats 571 Appendix B Installing TCPDump and OpenSSL 573 Installing TCPDump 573 Installing TCPDump on a Windows System 574 Installing TCPDump on a Linux System 575 Installing OpenSSL 575 Installing OpenSSL on a Windows System 575 Installing OpenSSL on a Linux system 577 Appendix C Understanding the Pitfalls of SSLv 2 579 Implementing the SSL Handshake 582 SSL Client Hello 588 SSL Server Hello 592 SSL Client Master Key 600 SSL Client Finished 607 SSL Server Verify 612 SSL Server Finished 616 SSL send 617 SSL recv 617 Examining an HTTPS End-to-End Example 619 Viewing the TCPDump Output 619 Problems with SSLv 2 626 Man-in-the-Middle Attacks 626 Truncation Attacks 626 Same Key Used for Encryption and Authentication 626 No Extensions 627 Index 629

Read more less

Book SynopsisSecurity is the number one concern for businesses worldwide. The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information.Table of ContentsPreface. 1. Our Design Philosophy. 2. The Context of Cryptography. 3. Introduction to Cryptography. I Message Security. 4. Block Ciphers. 5. Block Cipher Modes. 6. Hash Functions. 7. Message Authentication Codes. 8. The Secure Channel. 9. Implementation. Issues (I). II Key Negotiation. 10. Generating Randomness. 11. Primes. 12. Diffie-Hellman. 13. RSA. 14. Introduction to Cryptographic Protocols. 15. Negotiation Protocol. 16. Implementation Issues. III Key Management. 17. The Clock. 18. Key Servers. 19. The Dream of PKI. 20. PKI Reality. 21. PKI Practicalities. 22. Storing Secrets. IV Miscellaneous. 23. Standards. 24. Patents. 25. Involving Experts. Acknowledgments. Bibliography. Index.

Read more less

Book SynopsisA dictionary and handbook that defines the field and provides unique insight Turn to Minoli-Cordovana''s Authoritative Computer and Network Security Dictionary for clear, concise, and up-to-date definitions of terms, concepts, methods, solutions, and tools in the field of computer and network security. About 5,555 security- and IT-related words and phrases are defined. Drawing their definitions from their work experience and from a variety of established and respected sources, the authors have created a single, up-to-the-minute, and standardized resource that users can trust for accuracy and authority. The dictionary is written for industry executives, managers, and planners who are charged with the responsibility of protecting their organizations from random, negligent, or planned attacks on their information technology resources. It not only defines terms, but also provides these professionals with critical insight into the terms'' use and applicabiliTrade Review"Although this book is written for industry executives, managers, and planners, students in computer science or information science programs will find it a valuable resource. At the current price, it is an excellent buy." (CHOICE, March 2007) "…well researched and unique. It is recommended for technical and business reference collections." (American Reference Books Annual, March 2007) "…this book is mostly for managers and professionals who need a clue about a particular term or acronym…" (Computing Reviews.com, January 19, 2007)

Read more less

Book SynopsisKevin Mitnick, the world's most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In The Art of Intrusion, Mitnick offers hair-raising stories of real-life computer break-ins, and shows how the victims could have prevented them.Table of ContentsChapter 1 Hacking the Casinos for a Million Bucks 1 Chapter 2 When Terrorists Come Calling 23 Chapter 3 The Texas Prison Hack 49 Chapter 4 Cops and Robbers 69 Chapter 5 The Robin Hood Hacker 91 Chapter 6 The Wisdom and Folly of Penetration Testing 115 Chapter 7 Of Course Your Bank Is Secure — Right? 139 Chapter 8 Your Intellectual Property Isn’t Safe 153 Chapter 9 On the Continent 195 Chapter 10 Social Engineers — How They Work and How to Stop Them 221 Chapter 11 Short Takes 247 Index 261

Read more less

Book SynopsisPraise for Sarbanes-Oxley Guide for Finance and Information Technology Professionals Effective SOX programs enlist the entire organization to build and monitor a compliant control environment. However, even the best SOX programs are inefficient at best, ineffective at worst, if there is a lack of informed, competent finance and IT personnel to support the effort. This book provides these important professionals a needed resource for and road map toward successfully implementing their SOX initiative. Scott Green Chief Administrative Officer, Weil, Gotshal & Manges LLP and author, Sarbanes-Oxley and the Board of Directors As a former CFO and CIO, I found this book to be an excellent synopsis of SOX, with impressive implementation summaries and checklists. Michael P. Cangemi CISA, Editor in Chief, Information Systems Control Journal and author, Managing the Audit Function An excellent introduction to the Sarbanes-Oxley Act fTable of ContentsPREFACE. ACKNOWLEDGEMENTS. INTRODUCTION. PART I: Sarbanes-Oxley For The Finance Professional. CHAPTER 1: Scope and Assessment of the Act. Integrity. Independence. Proper Oversight. Accountability. Strong Internal Controls. Transparency. Deterrence. Corporate Process Management. CHAPTER 2: Internal Controls. Components of Internal Control. Purpose of Internal Control. Developing an Internal Control System. CHAPTER 3: Control Environment. Risk Assessment. Information and Communication. Monitoring. CHAPTER 4: Material Weaknesses. Specific Internal Controls to Evaluate. Disclosure Committee. CHAPTER 5: Implementing Sarbanes-Oxley: What Does Compliance Look Like? Time Line. Checklists. Reporting, Documentation, and Archiving. Disclosure. CHAPTER 6: Technology Implications. Storage Systems. IT Solutions. Changes in IT Management. CHAPTER 7: Sarbanes-Oxley–Related Bodies. Public Company Accounting Oversight Board. Committee of Sponsoring Organizations. Securities and Exchange Commission. Financial Accounting Standards Board. CHAPTER 8: Opportunities and Challenges Created by Sarbanes-Oxley. Opportunities. Challenges. CHAPTER 9: Summary for the CFO. Changes to Corporate Governance. Catalyst for Improvement. PART II: Sarbanes-Oxley For The IT Professional. CHAPTER 10: Impact of Sarbanes-Oxley. Impact on the Enterprise, the CEO, and the CFO. Impact of Sarbanes-Oxley on Corporate Management Systems. Impact of Sarbanes-Oxley on the Technology Infrastructure. CHAPTER 11: Technologies Affected by Sarbanes-Oxley: From Sarbanes-Oxley to SOCKET. Separate Vendor Hype from Reality. Sarbanes-Oxley Compliance as an IT Project. Perspective on Sarbanes-Oxley Goals. Steps for Sarbanes-Oxley Compliance. Sarbanes-Oxley and The SEC. CHAPTER 12: Enterprise Technology Ecosystem. Organic IT Architecture. Ecosystem and Sarbanes-Oxley. CHAPTER 13: Implementing the SOCKET Methodology. Species or Components of the Enterprise Technology Ecosystem. COSO Framework. SOCKET Technologies. Transactional Systems: ERP, SCM, CRM. Analytical and Reporting Systems. Data Warehousing. CHAPTER 14: SOCKET and Enterprise Information Management. Document Management and Sarbanes-Oxley. Document Security. Communication and Networking. CHAPTER 15: The Process. Introduction to the Process. Strategic (Top-Down) Approach. Tactical (Bottom-Up) Approach. Monitoring the Audit Team. Implementation Process: Reengineering for Sarbanes-Oxley Compliance. Beyond Sarbanes-Oxley: From SOCKET to Success Ecosystem. Conclusions. APPENDIX A Sarbanes-Oxley Implementation Plan: Developing an Internal Control System for Compliance (Focusing on Sections 302 and 404). APPENDIX B Project to Process: Making the House a Home. APPENDIX C Enterprise Project Management and the Sarbanes-Oxley Compliance Project. APPENDIX D Enterprise Risk Management—Integrated Framework. APPENDIX E COBIT 3—Executive Summary. APPENDIX F COBIT 4—Executive Summary. INDEX.

Read more less

Book SynopsisSteganography, the art of hiding of information in apparently innocuous objects or images, is a field with a rich heritage, and an area of rapid current development. This clear, self-contained guide shows you how to understand the building blocks of covert communication in digital media files and how to apply the techniques in practice, including those of steganalysis, the detection of steganography. Assuming only a basic knowledge in calculus and statistics, the book blends the various strands of steganography, including information theory, coding, signal estimation and detection, and statistical signal processing. Experiments on real media files demonstrate the performance of the techniques in real life, and most techniques are supplied with pseudo-code, making it easy to implement the algorithms. The book is ideal for students taking courses on steganography and information hiding, and is also a useful reference for engineers and practitioners working in media security and informatiTrade Review'… a very useful book for beginners in steganography and anyone who wants to learn more about the field.' Todor Todorov, Reviews.com'The distinguishing feature of the book is that it presents not only methods of hiding information in digital media files, but also an in-depth analysis of detecting the use of such methods (steganalysis) … excellent for teaching the subject of information hiding or security related courses. it enhances the landscape of textbooks on the subject. I am convinced that it will grip the reader as it touches on the most important aspects of steganography and steganalysis.' IEEE Communications MagazineTable of ContentsPreface; Acknowledgments; 1. Introduction; 2. Digital image formats; 3. Digital image acquisition; 4. Steganographic channel; 5. Naive steganography; 6. Steganographic security; 7. Practical steganographic methods; 8. Matrix embedding; 9. Non-shared selection channel; 10. Steganalysis; 11. Selected targeted attacks; 12. Blind steganalysis; 13. Steganography; A. Statistics; B. Information theory; C. Linear codes; D. Signal detection and estimation; E. Support vector machines; Notation; Glossary; References; Index.

Read more less

Book SynopsisA study of the pseudo-random generator, a basic primitive in crytography which is useful for constructing a private key cryptosystem that is secure against chosen plaintext attack. The author stresses rigorous definitions and proofs related to private key cryptography.Table of ContentsOverview and Usage Guide ix Mini-Courses xiii Acknowledgments xv Preliminaries 3 Introduction of some basic notation that is used in all subsequent lectures. Review of some computational complexity classes. Description of some useful probability facts. Lecture 1 Introduction to private key cryptosystems, pseudorandom generators, one-way functions. Introduction of some specific conjectured one-way functions. 13 Lecture 2 Discussions of security issues associated with the computing environment of a party, including the security parameter of a protocol. Definition of an adversary, the achievement ratio of an adversary for a protocol, and the security of a protocol. Definitions of one-way functions and one-way permutations, and cryptographic reduction. 21 Lecture 3 Definition of a weak one-way function. Reduction from a weak oneway function to a one-way function. More efficient security preserving reductions from a weak one-way permutation to a one-way permutation. 35 Lecture 4 Proof that the discrete log problem is either a one-way permutation or not even weak one-way permutation via random self-reducibility. Definition of a pseudorandom generator, the next bit test, and the proof that the two definitions are equivalent. Construction of a pseudorandom generator that stretches by a polynomial amount from a pseudorandom generator that stretches by one bit. 49 Lecture 5 Introduction of a two part paradigm for derandornizing probabilistic algorithms. Two problems are used to exemplify this approach: witness sampling and vertex partitioning. 56 Lecture 6 Definition of inner product bit for a function and what it means to be a hidden bit. Description and proof of the Hidden Bit Theorem that shows the inner product bit is hidden for a one-way function. Lecture 7 Definitions of statistical measures of distance between probability distributions and the analogous computational measures. Restatement of the, Hidden Bit Theorem in these terms and application of this theorem to construct a pseudorandom generator from a one-way permutation. Description and proof of the Many Hidden Bits Theorem that shows many inner product bit are hidden for a one-way function. Lecture 8 Definitions of various notions of statistical entropy, computational entropy and pseudoentropy generators. Definition of universal hash Functions. Description and proof of the Smoothing Entropy Theorem. 79 Lecture 9 Reduction from a one-way one-to-one function to a pseudorandom generator using the Smoothing Entropy Theorem and the Hidden Bit Theorem. Reduction from a one-way regular function to a pseudorandom generator using the Smoothing Entropy Theorem and Many Hidden Bits Theorem. 88 Lecture 10 Definition of a false entropy generator. Construction and proof of a pseudorandom generator from a false entropy generator. Construction and proof of a false entropy generator from any one-way function in the non- uniform sense. 95 Lecture 11 Definition of a stream private key cryptosystem, definitions of several notions of security, including passive attack and chosen plaintext. attack, and design of a stream private key cryptosystern that is secure against these attacks based on a pseudorandom generator. 105 Lecture 12 Definitions and motivation for a block cryptosystern and security against chosen plaintext attack. Definition and construction of a pseudorandom function generator from a pseudorandom generator. Construction of a block private key cryptosystern secure against chosen plaintext attack based on a pseudorandom function generator. 117 Lecture 13 Discussion of the Data Encryption Standard. Definition of a pseudorandom invertible permutation generator and discussion of applications to the construction of a block private key cryptosystern secure against chosen plaintext attack. Construction of a perfect random permutation based on a perfect random function. 128 Lecture 14 Construction of a pseudorandom invertible permutation generator from a pseudorandom function generator. Definition and construction of a super pseudorandom invertible permutation generator. Applications to block private key cryptosystems. 138 Lecture 15 Definition of trapdoor one-way functions, specific examples, and construction of cryptosystems without initial communication using a private line. 146 Lecture 16 Definition and construction of a universal one-way hash function. 154 Lecture 17 Definition and construction of secure one bit and many bit signature schemes. 162 Lecture 18 Definition of interactive proofs IP and the zero knowledge restriction of this class ZKIP. Definition and construction of a hidden bit commitment scheme based on a one-way function. Construction of a ZKIP for all NP based on a hidden bit commitment scheme. 174 List of Exercises and Research Problems 185 List of Primary Results 195 Credits and History 199 References 211 Notation 221 Index 225

Read more less

Book SynopsisDatabases are the nerve center of our economy. Every piece of your personal information is stored there-medical records, bank accounts, employment history, pensions, car registrations, even your children''s grades and what groceries you buy. Database attacks are potentially crippling-and relentless. In this essential follow-up to The Shellcoder''s Handbook, four of the world''s top security experts teach you to break into and defend the seven most popular database servers. You''ll learn how to identify vulnerabilities, how attacks are carried out, and how to stop the carnage. The bad guys already know all this. You need to know it too. * Identify and plug the new holes in Oracle and Microsoft(r) SQL Server * Learn the best defenses for IBM''s DB2(r), PostgreSQL, Sybase ASE, and MySQL(r) servers * Discover how buffer overflow exploitation, privilege escalation through SQL, stored procedure or trigger abuse, and SQL injection enable hacker access * ReTable of ContentsAbout the Authors. Preface. Acknowledgments. Introduction. Part I: Introduction. Chapter 1: Why Care About Database Security? Part II: Oracle. Chapter 2: The Oracle Architecture. Chapter 3: Attacking Oracle. Chapter 4: Oracle: Moving Further into the Network. Chapter 5: Securing Oracle. Part III: DB2. Chapter 6: IBM DB2 Universal Database. Chapter 7: DB2: Discovery, Attack, and Defense. Chapter 8: Attacking DB2. Chapter 9: Securing DB2. Part IV: Informix. Chapter 10: The Informix Architecture. Chapter 11: Informix: Discovery, Attack, and Defense. Chapter 12: Securing Informix. Part V: Sybase ASE. Chapter 13: Sybase Architecture. Chapter 14: Sybase: Discovery, Attack, and Defense. Chapter 15: Sybase: Moving Further into the Network. Chapter 16: Securing Sybase. Part VI: MySQL. Chapter 17: MySQL Architecture. Chapter 18: MySQL: Discovery, Attack, and Defense. Chapter 19: MySQL: Moving Further into the Network. Chapter 20: Securing MySQL. Part VII: SQL Server. Chapter 21: Microsoft SQL Server Architecture. Chapter 22: SQL Server: Exploitation, Attack, and Defense. Chapter 23: Securing SQL Server. Part VIII: PostgreSQL. Chapter 24: The PostgreSQL Architecture. Chapter 25: PostgreSQL: Discovery and Attack. Chapter 26: Securing PostgreSQL. Appendix A: Example C Code for a Time-Delay SQL Injection Harness. Appendix B: Dangerous Extended Stored Procedures. Appendix C: Oracle Default Usernames and Passwords. Index.

Read more less

Book SynopsisToday's uber viruses, worms, and trojans may seem more damaging than ever, but the attacking malware and malicious hackers are using the same tricks they always have. With this book, Microsoft MVP Roger Grimes exposes the real threat to Windows computers and offers practical guidance to secure those systems.Table of ContentsAcknowledgments. Introduction. Part I: The Basics in Depth. Chapter 1: Windows Attacks. Chapter 2: Conventional and Unconventional Defenses. Chapter 3: NTFS Permissions 101. Part II: OS Hardening. Chapter 4: Preventing Password Crackers. Chapter 5: Protecting High-Risk Files. Chapter 6: Protecting High-Risk Registry Entries. Chapter 7: Tightening Services. Chapter 8: Using IPSec. Part III: Application Security. Chapter 9: Stopping Unauthorized Execution. Chapter 10: Securing Internet Explorer. Chapter 11: Protecting E-mail. Chapter 12: IIS Security. Chapter 13: Using Encrypting File System. Part IV: Automating Security. Chapter 14: Group Policy Explained. Chapter 15: Designing a Secure Active Directory Infrastructure. Book Summary. Index.

Read more less

Book SynopsisDelivering up-to-the-minute coverage, COMPUTER SECURITY AND PENETRATION TESTING, Second Edition offers readers of all backgrounds and experience levels a well-researched and engaging introduction to the fascinating realm of network security. Spotlighting the latest threats and vulnerabilities, this cutting-edge text is packed with real-world examples that showcase today's most important and relevant security topics. It addresses how and why people attack computers and networks--equipping readers with the knowledge and techniques to successfully combat hackers. This edition also includes new emphasis on ethics and legal issues. The world of information security is changing every day readers are provided with a clear differentiation between hacking myths and hacking facts. Straightforward in its approach, this comprehensive resource teaches the skills needed to go from hoping a system is secure to knowing that it is.Trade Review1. Ethics of Hacking and Cracking. 2. Reconnaissance. 3. Scanning Tools. 4. Sniffers. 5. TCP/IP Vulnerabilities. 6. Techniques of Password Cracking. 7. Spoofing. 8. Session Hijacking. 9. Hacking Network Devices. 10. Trojan Horses. 11. Denial of Service Attacks. 12. Buffer Overflows. 13. Programming Exploits. 14. Mail Vulnerabilities. 15. Web Application Vulnerabilities. 16. Windows Vulnerabilities. 17. Linux Vulnerabilities. 18. Incident Handling. Glossary. References.Table of Contents1. Ethics of Hacking and Cracking. 2. Reconnaissance. 3. Scanning Tools. 4. Sniffers. 5. TCP/IP Vulnerabilities. 6. Techniques of Password Cracking. 7. Spoofing. 8. Session Hijacking. 9. Hacking Network Devices. 10. Trojan Horses. 11. Denial of Service Attacks. 12. Buffer Overflows. 13. Programming Exploits. 14. Mail Vulnerabilities. 15. Web Application Vulnerabilities. 16. Windows Vulnerabilities. 17. Linux Vulnerabilities. 18. Incident Handling. Glossary. References.

Read more less

Book SynopsisFrom the world's most renowned security technologist, Bruce Schneier, this 20th Anniversary Edition is the most definitive reference on cryptography ever published and is the seminal work on cryptography. Cryptographic techniques have applications far beyond the obvious uses of encoding and decoding information.Table of ContentsCONTENTS INTRODUCTION XIII FOREWORD BY WHITFIELD DIFFIE XVII PREFACE XXI HOW TO READ THIS BOOK XXII ACKNOWLEDGMENTS XXIV ABOUT THE AUTHOR XXV 1 FOUNDATIONS 7 1.1 TERMINOLOGY 1 1 .2 STEGANOGRAPHY 9 1.3 SUBSTITUTION CIPHERS AND TRANSPOSITION CIPHERS 10 1.4 SIMPLE XOR 13 1.5 ONE-TIME PADS 15 1.6 COMPUTER ALGORITHMS 17 1.7 LARGE NUMBERS 17 PART I CRYPTOGRAPHIC PROTOCOLS 2 PROTOCOL BUILDING BLOCKS 27 2.1 INTRODUCTION TO PROTOCOLS 21 2.2 COMMUNICATIONS USING SYMMETRIC CRYPTOGRAPHY 28 2.3 ONE-WAY FUNCTIONS 29 2.4 ONE-WAY HASH FUNCTIONS 30 2.5 COMMUNICATIONS USING PUBLIC-KEY CRYPTOGRAPHY 31 2.6 DIGITAL SIGNATURES 34 2.7 DIGITAL SIGNATURES WITH ENCRYPTION 47 2.8 RANDOM AND PSEUDO-RANDOM SEQUENCE GENERATION 44 3 BASIC PROTOCOLS 47 3.1 KEY EXCHANGE 47 3.2 AUTHENTICATION 52 3.3 AUTHENTICATION AND KEY EXCHANGE 56 3.4 FORMAL ANALYSIS OF AUTHENTICATION AND KEY-EXCHANGE PROTOCOLS 65 3.5 MULTIPLE-KEY PUBLIC-KEY CRYPTOGRAPHY 68 3.6 SECRET SPLITTING 70 3.7 SECRET SHARING 71 3.8 CRYPTOGRAPHIC PROTECTION OF DATABASES 73 4 INTERMEDIATE PROTOCOLS 75 4.1 TIMESTAMPING SERVICES 75 4.2 SUBLIMINAL CHANNEL 79 4.3 UNDENIABLE DIGITAL SIGNATURES 81 4.4 DESIGNATED CONFIRMER SIGNATURES 82 4.5 PROXY SIGNATURES 83 4.6 GROUP SIGNATURES 84 4.7 FAIL-STOP DIGITAL SIGNATURES 85 4.8 COMPUTING WITH ENCRYPTED DATA 85 4.9 BIT COMMITMENT 86 4.10 FAIR COIN FLIPS 89 4.11 MENTAL POKER 92 4.12 ONE-WAY ACCUMULATORS 95 4.13 ALL-OR-NOTHING DISCLOSURE OF SECRETS 96 4.14 KEY ESCROW 97 5 ADVANCED PROTOCOLS 101 5.1 ZERO-KNOWLEDGE PROOFS 101 5.2 ZERO-KNOWLEDGE PROOFS OF IDENTITY 109 5.3 BLIND SIGNATURES 112 5.4 IDENTITY-BASED PUBLIC-KEY CRYPTOGRAPHY 115 5.5 OBLIVIOUS TRANSFER 226 5.6 OBLIVIOUS SIGNATURES 227 5.7 SIMULTANEOUS CONTRACT SIGNING 228 5.8 DIGITAL CERTIFIED MAIL 122 5.9 SIMULTANEOUS EXCHANGE OF SECRETS 123 6 ESOTERIC PROTOCOLS 125 6.1 SECURE ELECTIONS 125 6.2 SECURE MULTIPARTY COMPUTATION 234 6.3 ANONYMOUS MESSAGE BROADCAST 237 6.4 DIGITAL CASH 239 PART II CRYPTOGRAPHIC TECHNIQUES 7 KEY LENGTH 151 7.1 SYMMETRIC KEY LENGTH 151 7.2 PUBLIC-KEY KEY LENGTH 158 7.3 COMPARING SYMMETRIC AND PUBLIC-KEY KEY LENGTH 165 7.4 BIRTHDAY ATTACKS AGAINST ONE-WAY HASH FUNCTIONS 165 7.5 HOW LONG SHOULD A KEY BE? 166 7.6 CAVEAT EMETOR 168 8 KEY MANAGEMENT 169 8.1 GENERATING KEYS 170 8.2 NONLINEAR KEYSPACES 175 8.3 TRANSFERRING KEYS 176 8.4 VERIFYING KEYS 178 8.5 USING KEYS 179 8.6 UPDATING KEYS 180 8.7 STORING KEYS 180 8.8 BACKUP KEYS 181 8.9 COMPROMISED KEYS 182 8.10 LIFETIME OF KEYS 183 8.11 DESTROYING KEYS 181 8.12 PUBLIC-KEY KEY MANAGEMENT 185 9 ALGORITHM TYPES AND MODES 189 9.1 ELECTRONIC CODEBOOK MODE 189 9.2 BLOCK REPLAY 191 9.3 CIPHER BLOCK CHAINING MODE 193 9.4 STREAM CIPHERS 197 9.5 SELF-SYNCHRONIZING STREAM CIPHERS 198 9.6 CIPHER-FEEDBACK MODE 200 9.7 SYNCHRONOUS STREAM CIPHERS 202 9.8 OUTPUT-FEEDBACK MODE 203 9.9 COUNTER MODE 205 9.10 OTHER BLOCK-CIPHER MODES 206 9.11 CHOOSING A CIPHER MODE 208 9.12 INTERLEAVING 210 9.13 BLOCK CIPHERS VERSUS STREAM CIPHERS 210 10 USING ALGORITHMS 213 10.1 CHOOSING AN ALGORITHM 214 10.2 PUBLIC-KEY CRYPTOGRAPHY VERSUS SYMMETRIC CRYPTOGRAPHY 216 10.3 ENCRYPTING COMMUNICATIONS CHANNELS 216 10.4 ENCRYPTING DATA FOR STORAGE 220 10.5 HARDWARE ENCRYPTION VERSUS SOFTWARE ENCRYPTION 223 10.6 COMPRESSION, ENCODING, AND ENCRYPTION 226 10.7 DETECTING ENCRYPTION 226 10.8 HIDING CIPHERTEXT IN CIPHERTEXT 227 10.9 DESTROYING INFORMATION 228 PART III CRYPTOGRAPHIC ALGORITHMS 11 MATHEMATICAL BACKGROUND 233 11.1 INFORMATION THEORY 233 11.2 COMPLEXITY THEORY 237 11.3 NUMBER THEORY 242 11.4 FACTORING 255 11.5 PRIME NUMBER GENERATION 258 11.6 DISCRETE LOGARITHMS IN A FINITE FIELD 262 12 DATA ENCRYPTION STANDARD (DES) 265 12.1 BACKGROUND 265 12.2 DESCRIPTION OF DES 270 12.3 SECURITY OF DES 278 12.4 DIFFERENTIAL AND LINEAR CRYPTANALYSIS 285 12.5 THE REAL DESIGN CRITERIA 293 12.6 DES VARIANTS 204 12.7 HOW SECURE IS DES TODAY? 300 13 OTHER BLOCK CIPHERS 303 13.1 LUCIFER 303 13.2 MADRYGA 304 13.3 NEWDES 306 13.4 FEAL 308 13.5 REDOC 311 13.6 LOKI 314 13.7 KHUFU AND KHAFRE 316 13.8 RC2 328 13.9 IDEA 319 13.10 MMB 325 13.11 CA-1.1 327 13.12 SKIPJACK 328 14 STILL OTHER BLOCK CIPHERS 332 14.1 GOST 332 14.2 CAST 334 14.3 BLOWFISH 336 14.4 SAFER 339 14.5 3-WAY 341 14.6 CRAB 342 14.7 SXAL8/MBAL 344 14.8 RC5 344 14.9 OTHER BLOCK ALGORITHMS 346 14.10 THEORY OF BLOCK CIPHER DESIGN 346 14.11 USING ONE-WAY HASH FUNCTIONS 351 14.12 CHOOSING A BLOCK ALGORITHM 354 15 COMBINING BLOCK CIPHERS 357 15.1 DOUBLE ENCRYPTION 357 15.2 TRIPLE ENCRYPTION 358 15.3 DOUBLING THE BLOCK LENGTH 363 15.4 OTHER MULTIPLE ENCRYPTION SCHEMES 363 15.5 CDME KEY SHORTENING 366 15.6 WHITENING 366 15.7 CASCADING MULTIPLE BLOCK ALGORITHMS 367 15.8 COMBINING MULTIPLE BLOCK ALGORITHMS 368 16 PSEUDO-KANDOM-SEQUENCE GENERATORS AND STREAM CIPHERS 369 16.1 LINEAR CONGRUENTIAL GENERATORS 369 16.2 LINEAR FEEDBACK SHIFT REGISTERS 372 16.3 DESIGN AND ANALYSIS OF STREAM CIPHERS 379 16.4 STREAM CIPHERS USING LFSRS 381 16.5 A5 389 16.6 HUGHES XPD/KPD 389 16.7 NANOTEO 390 16.8 RAMBUTAN 390 16.9 ADDITIVE GENERATORS 390 16.10 GIFFORD 392 16.11 ALGORITHM M 393 16.12 PKZ1P 394 17 OTHER STREAM CIPHERS AND REAL RANDOM-SEQUENCE GENERATORS 397 17.1 RC4 397 17.2 SEAL 398 17.3 WAKE 400 17.4 FEEDBACK WITH CARRY SHIFT REGISTERS 402 17.5 STREAM CIPHERS USING FCSRS 405 17.6 NONLINEAR-FEEDBACK SHIFT REGISTERS 412 17.7 OTHER STREAM CIPHERS 413 17.8 SYSTEM-THEORETIC APPROACH TO STREAM-CIPHER DESIGN 415 17.9 COMPLEXITY-THEMATIC APPROACH TO STREAM-CIPHER DESIGN 416 17.10 OTHER APPROACHES TO STREAM-CIPHER DESIGN 418 17.11 CASCADING MULTIPLE STREAM CIPHERS 419 17.12 CHOOSING A STREAM CIPHER 420 17.13 GENERATING MULTIPLE STREAMS FROM A SINGLE PSEUDO-RANDOM-SEQUENCE GENERATOR 420 17.14 REAL RANDOM-SEQUENCE GENERATORS 421 18 ONE-WAY HASH FUNCTIONS 429 18.1 BACKGROUND 429 18.2 SNEFRU 431 18.3 N-HASH 432 18.4 MD4 435 18.5 MD5 436 18.6 MD2 441 18.7 SECURE HASH ALGORITHM (SHA) 441 18.8 RIPE-MD 445 18.9 HAVAL 445 18.10 OTHER ONE-WAY HASH FUNCTIONS 446 18.11 ONE-WAY HASH FUNCTIONS USING SYMMETRIC BLOCK ALGORITHMS 446 18.12 USING PUBLIC-KEY ALGORITHMS 455 18.13 CHOOSING A ONE-WAY HASH FUNCTION 455 18.14 MESSAGE AUTHENTICATION CODES 455 19 PUBLIC-KEY ALGORITHMS 461 19.1 BACKGROUND 461 19.2 KNAPSACK ALGORITHMS 462 19.3 RSA 466 19.4 POHLIG-HELLMAN 474 19.5 RABIN 475 19.6 ELGAMAL 476 19.7 MCELIECE 479 19.8 ELLIPTIC CURVE CRYPTOSYSTEMS 480 19.9 LUC 481 19.10 FINITE AUTOMATON PUBLIC-KEY CRYPTOSYSTEMS 482 20 PUBLIC-KEY DIGITAL SIGNATURE ALGORITHMS 483 20.1 DIGITAL SIGNATURE ALGORITHM [DSA] 483 20.2 DSA VARIANTS 494 20.3 GOST DIGITAL SIGNATURE ALGORITHM 495 20.4 DISCRETE LOGARITHM SIGNATURE SCHEMES 496 20.5 ONG-SCHNORR-SHAMIR 498 20.6 ESIGN 499 20.7 CELLULAR AUTOMATA 500 20.8 OTHER PUBLIC-KEY ALGORITHMS 500 21 IDENTIFICATION SCHEMES 503 21.1 FEIGE-FIAT-SHAMIR 503 21.2 GUTLLOU-QUISQUATER 508 21.3 SCHNORR 510 21.4 CONVERTING IDENTIFICATION SCHEMES TO SIGNATURE SCHEMES 512 22 KEY-EXCHANGE ALGORITHMS 513 22.1 DIFFIE-HELLMAN 513 22.2 STATION-TO-STATION PROTOCOL 516 22.3 SHAMIR'S THREE-PASS PROTOCOL 516 22.4 COMSET 577 22.5 ENCRYPTED KEY EXCHANGE 518 22.6 FORTIFIED KEY NEGOTIATION 522 22.7 CONFERENCE KEY DISTRIBUTION AND SECRET BROADCASTING 523 23 SPECIAL ALGORITHMS FOR PROTOCOLS 527 23.1 MULTIPLE-KEY PUBLIC-KEY CRYPTOGRAPHY 527 23.2 SECRET-SHARING ALGORITHMS 528 23.3 SUBLIMINAL CHANNEL 531 23.4 UNDENIABLE DIGITAL SIGNATURES 536 23.5 DESIGNATED CONFIRMER SIGNATURES 539 23.6 COMPUTING WITH ENCRYPTED DATA 540 23.7 FAIR COIN FLIPS 541 23.8 ONE-WAY ACCUMULATORS 543 23.9 ALL-OR-NOTHING DISCLOSURE OR SECRETS 543 23.10 FAIR AND FAILSAFE CRYPTOSYSTEMS 546 23.11 ZERO-KNOWLEDGE PROOFS OF KNOWLEDGE 548 23.12 BLIND SIGNATURES 549 23.13 OBLIVIOUS TRANSFER 550 23.14 SECURE MULTIPARTY COMPUTATION 552 23.15 PROBABILISTIC ENCRYPTION 552 23.16 QUANTUM CRYPTOGRAPHY 554 PART IV THE REAL WORLD 24 EXAMPLE IMPLEMENTATIONS 561 24.1 IBM SECRET-KEY MANAGEMENT PROTOCOL 561 24.2 MITRENET 562 24.3 ISDN 563 24.4 STU-III 565 24.5 KERBEROS 566 24.6 KRYPTOKNIGHT 572 24.7 SESAME 572 24.8 IBM COMMON CRYPTOGRAPHIC ARCHITECTURE 573 24.9 ISO AUTHENTICATION FRAMEWORK 574 24.10 PRIVACY-ENHANCED MAIL (PEM) 577 24.11 MESSAGE SECURITY PROTOCOL (MSP) 584 24.12 PRETTY GOOD PRIVACY (PGP) 584 24.13 SMART CARDS 587 24.14 PUBLIC-KEY CRYPTOGRAPHY STANDARDS (PKCS) 588 24.15 UNIVERSAL ELECTRONIC PAYMENT SYSTEM (UEPS) 589 24.16 CLIPPER 591 24.17 CAPSTONE 593 24.18 AT&T MODEL 3600 TELEPHONE SECURITY DEVICE (TSD) 594 25 POLITICS 597 25.1 NATIONAL SECURITY AGENCY (NSA) 597 25.2 NATIONAL COMPUTER SECURITY CENTER (NCSC) 599 25.3 NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY (NIST) 600 25.4 RSA DATA SECURITY, INC. 603 25.5 PUBLIC KEY PARTNERS 604 25.6 INTERNATIONAL ASSOCIATION FOR CRYPTOGRAPHIC RESEARCH (IACR) 605 25.7 RACE INTEGRITY PRIMITIVES EVALUATION (RIPE) 605 25.8 CONDITIONAL ACCESS FOR EUROPE (CAFE) 606 25.9 ISO/IEC 9979 607 25.10 PROFESSIONAL, CIVIL LIBERTIES, AND INDUSTRY GROUPS 608 25.11 SCICRYPT 608 25.12 CYPHERPUNKS 609 25.13 PATENTS 609 25.14 U.S. EXPORT RULES 610 25.15 FOREIGN IMPORT AND EXPORT OF CRYPTOGRAPHY 617 25.16 LEGAL ISSUES 618 Afterword by Matt Blaze 619 PART V SOURCE CODE Source Code 623 References 675

Read more less

Book SynopsisA definitive guide to cybersecurity law Expanding on the author s experience as a cybersecurity lawyer and law professor, Cybersecurity Law is the definitive guide to cybersecurity law, with an in-depth analysis of U.S.Table of ContentsAbout the Author xv Acknowledgement xvii Introduction xix 1 Data Security Laws and Enforcement Actions 1 1.1 FTC Data Security 2 1.1.1 Overview of Section 5 of the FTC Act 2 1.1.2 Wyndham: Does the FTC Have Authority to Regulate Data Security under Section 5 of the FTC Act? 5 1.1.3 LabMD: What Constitutes Unfair or Deceptive Data Security? 9 1.1.4 FTC June 2015 Guidance on Data Security 11 1.1.5 FTC Protecting Personal Information Guide 14 1.1.6 Lessons from FTC Cybersecurity Complaints 15 1.1.6.1 Failure to Secure Highly Sensitive Information 16 1.1.6.1.1 Use Industry-Standard Encryption for Sensitive Data 16 1.1.6.1.2 Routine Audits and Penetration Testing Are Expected 17 1.1.6.1.3 Health-Related Data Requires Especially Strong Safeguards 18 1.1.6.1.4 Data Security Protection Extends to Paper Documents 19 1.1.6.1.5 Business-to-Business Providers Also Are Accountable to the FTC For Security of Sensitive Data 20 1.1.6.1.6 Companies Are Responsible for the Data Security Practices of Their Contractors 22 1.1.6.1.7 Make Sure That Every Employee Receives Regular Data Security Training for Processing Sensitive Data 23 1.1.6.1.8 Privacy Matters, Even in Data Security 23 1.1.6.1.9 Limit the Sensitive Information Provided to Third Parties 24 1.1.6.2 Failure to Secure Payment Card Information 24 1.1.6.2.1 Adhere to Security Claims about Payment Card Data 24 1.1.6.2.2 Always Encrypt Payment Card Data 25 1.1.6.2.3 Payment Card Data Should Be Encrypted Both in Storage and at Rest 26 1.1.6.2.4 In-Store Purchases Pose Significant Cybersecurity Risks 26 1.1.6.2.5 Minimize Duration of Storage of Payment Card Data 28 1.1.6.2.6 Monitor Systems and Networks for Unauthorized Software 29 1.1.6.2.7 Apps Should Never Override Default App Store Security Settings 29 1.1.6.3 Failure to Adhere to Security Claims 30 1.1.6.3.1 Companies Must Address Commonly Known Security Vulnerabilities 30 1.1.6.3.2 Ensure That Security Controls Are Sufficient to Abide by Promises about Security and Privacy 31 1.1.6.3.3 Omissions about Key Security Flaws Also Can Be Misleading 33 1.1.6.3.4 Companies Must Abide by Promises for Security-Related Consent Choices 33 1.1.6.3.5 Companies That Promise Security Must Ensure Adequate Authentication Procedures 34 1.1.6.3.6 Adhere to Promises about Encryption 35 1.2 State Data Breach Notification Laws 36 1.2.1 When Consumer Notifications Are Required 37 1.2.1.1 Definition of Personal Information 37 1.2.1.2 Encrypted Data 38 1.2.1.3 Risk of Harm 39 1.2.1.4 Safe Harbors and Exceptions to Notice Requirement 39 1.2.2 Notice to Individuals 40 1.2.2.1 Timing of Notice 40 1.2.2.2 Form of Notice 40 1.2.2.3 Content of Notice 41 1.2.3 Notice to Regulators and Consumer Reporting Agencies 41 1.2.4 Penalties for Violating State Breach Notification Laws 42 1.3 State Data Security Laws 42 1.3.1 Oregon 43 1.3.2 Rhode Island 45 1.3.3 Nevada 45 1.3.4 Massachusetts 46 1.4 State Data Disposal Laws 49 2 Cybersecurity Litigation 51 2.1 Article III Standing 52 2.1.1 Applicable Supreme Court Rulings on Standing 53 2.1.2 Lower Court Rulings on Standing in Data Breach Cases 57 2.1.2.1 Injury-in-Fact 57 2.1.2.1.1 Broad View of Injury-in-Fact 57 2.1.2.1.2 Narrow View of Injury-in-Fact 60 2.1.2.2 Fairly Traceable 62 2.1.2.3 Redressability 63 2.2 Common Causes of Action Arising from Data Breaches 64 2.2.1 Negligence 64 2.2.1.1 Legal Duty and Breach of Duty 65 2.2.1.2 Cognizable Injury 66 2.2.1.3 Causation 69 2.2.2 Negligent Misrepresentation or Omission 70 2.2.3 Breach of Contract 72 2.2.4 Breach of Implied Warranty 76 2.2.5 Invasion of Privacy by Publication of Private Facts 80 2.2.6 Unjust Enrichment 81 2.2.7 State Consumer Protection Laws 82 2.3 Class Action Certification in Data Breach Litigation 84 2.4 Insurance Coverage for Cybersecurity Incidents 90 2.5 Protecting Cybersecurity Work Product and Communications from Discovery 94 2.5.1 Attorney-Client Privilege 96 2.5.2 Work Product Doctrine 98 2.5.3 Non-Testifying Expert Privilege 101 2.5.4 Applying the Three Privileges to Cybersecurity: Genesco v. Visa 102 3 Cybersecurity Requirements for Specific Industries 105 3.1 Financial Institutions: Gramm Leach Bliley Act Safeguards Rule 106 3.1.1 Interagency Guidelines 106 3.1.2 Securities and Exchange Commission Regulation S P 109 3.1.3 FTC Safeguards Rule 110 3.2 Financial Institutions and Creditors: Red Flag Rule 112 3.2.1 Financial Institutions or Creditors 113 3.2.2 Covered Accounts 113 3.2.3 Requirements for a Red Flag Identity Theft Prevention Program 114 3.3 Companies That Use Payment and Debit Cards: Payment Card Industry Data Security Standard (PCI DSS) 115 3.4 Health Providers: Health Insurance Portability and Accountability Act (HIPAA) Security Rule 118 3.5 Electric Utilities: Federal Energy Regulatory Commission Critical Infrastructure Protection Reliability Standards 124 3.5.1 CIP 003 6: Cybersecurity Security Management Controls 124 3.5.2 CIP 004 6: Personnel and Training 125 3.5.3 CIP 006 6: Physical Security of Cyber Systems 125 3.5.4 CIP 007 6: Systems Security Management 125 3.5.5 CIP 009 6: Recovery Plans for Cyber Systems 126 3.5.6 CIP 010 2: Configuration Change Management and Vulnerability Assessments 126 3.5.7 CIP 011 2: Information Protection 126 3.6 Nuclear Regulatory Commission Cybersecurity Regulations 127 4 Cybersecurity and Corporate Governance 133 4.1 Securities and Exchange Commission Cybersecurity Expectations for Publicly Traded Companies 134 4.1.1 10-K Disclosures: Risk Factors 135 4.1.2 10-K Disclosures: Management s Discussion and Analysis of Financial Condition and Results of Operations (MD&A) 137 4.1.3 10-K Disclosures: Description of Business 137 4.1.4 10-K Disclosures: Legal Proceedings 138 4.1.5 10-K Disclosures: Examples 138 4.1.5.1 Wal-Mart 138 4.1.5.2 Berkshire Hathaway 142 4.1.5.3 Target Corp 143 4.1.6 Disclosing Data Breaches to Investors 146 4.2 Fiduciary Duty to Shareholders and Derivative Lawsuits Arising from Data Breaches 149 4.3 Committee on Foreign Investment in the United States and Cybersecurity 151 4.4 Export Controls and the Wassenaar Arrangement 153 5 Anti-Hacking Laws 157 5.1 Computer Fraud and Abuse Act 158 5.1.1 Origins of the CFAA 158 5.1.2 Access without Authorization and Exceeding Authorized Access 159 5.1.2.1 Narrow View of Exceeds Authorized Access and without Authorization 161 5.1.2.2 Broader View of Exceeds Authorized Access and without Authorization 165 5.1.2.3 Attempts to Find a Middle Ground 167 5.1.3 The Seven Sections of the CFAA 168 5.1.3.1 CFAA Section (a)(1): Hacking to Commit Espionage 170 5.1.3.2 CFAA Section (a)(2): Hacking to Obtain Information 170 5.1.3.3 CFAA Section (a)(3): Hacking a Federal Government Computer 174 5.1.3.4 CFAA Section (a)(4): Hacking to Commit Fraud 176 5.1.3.5 CFAA Section (a)(5): Hacking to Damage a Computer 179 5.1.3.5.1 CFAA Section (a)(5)(A): Knowing Transmission That Intentionally Damages a Computer without Authorization 179 5.1.3.5.2 CFAA Section (a)(5)(B): Intentional Access without Authorization That Recklessly Causes Damage 182 5.1.3.5.3 CFAA Section (a)(5)(C): Intentional Access without Authorization That Causes Damage and Loss 183 5.1.3.5.4 CFAA Section (a)(5): Requirements for Felony and Misdemeanor Cases 184 5.1.3.6 CFAA Section (a)(6): Trafficking in Passwords 186 5.1.3.7 CFAA Section (a)(7): Threatening to Damage or Obtain Information from a Computer 188 5.1.4 Civil Actions under the CFAA 191 5.1.5 Criticisms of the CFAA 193 5.2 State Computer Hacking Laws 196 5.3 Section 1201 of the Digital Millennium Copyright Act 199 5.3.1 Origins of Section 1201 of the DMCA 200 5.3.2 Three Key Provisions of Section 1201 of the DMCA 201 5.3.2.1 DMCA Section 1201(a)(1) 201 5.3.2.2 DMCA Section 1201(a)(2) 206 5.3.2.2.1 Narrow Interpretation of Section (a)(2): Chamberlain Group v. Skylink Technologies 207 5.3.2.2.2 Broad Interpretation of Section (a)(2): MDY Industries, LLC v. Blizzard Entertainment, Inc. 209 5.3.2.3 DMCA Section 1201(b)(1) 213 5.3.3 Section 1201 Penalties 215 5.3.4 Section 1201 Exemptions 216 5.3.5 The First Amendment and DMCA Section 1201 222 5.4 Economic Espionage Act 225 5.4.1 Origins of the Economic Espionage Act 226 5.4.2 Criminal Prohibitions on Economic Espionage and Theft of Trade Secrets 227 5.4.2.1 Definition of Trade Secret 228 5.4.2.2 Knowing Violations of the Economic Espionage Act 232 5.4.2.3 Purpose and Intent Required under Section 1831: Economic Espionage 232 5.4.2.4 Purpose and Intent Required under Section 1832: Theft of Trade Secrets 234 5.4.3 Civil Actions for Trade Secret Misappropriation: The Defend Trade Secrets Act of 2016 236 5.4.3.1 Definition of Misappropriation 237 5.4.3.2 Civil Seizures 238 5.4.3.3 Injunctions 239 5.4.3.4 Damages 239 5.4.3.5 Statute of Limitations 240 6 Public-Private Cybersecurity Partnerships 241 6.1 U.S. Government s Civilian Cybersecurity Organization 242 6.2 Department of Homeland Security Information Sharing under the Cybersecurity Act of 2015 243 6.3 Energy Department s Cyber-Threat Information Sharing 247 6.4 Critical Infrastructure Executive Order and the National Institute of Standards and Technology s Cybersecurity Framework 248 6.5 U.S. Military Involvement in Cybersecurity and the Posse Comitatus Act 254 7 Surveillance and Cyber 257 7.1 Fourth Amendment 258 7.1.1 Was the Search or Seizure Conducted by a Government Entity or Government Agent? 259 7.1.2 Did the Search or Seizure Invade an Individual s Protected Interests? 263 7.1.3 Did the Government Have a Warrant? 267 7.1.4 If the Government Did Not Have a Warrant, Did an Exception to the Warrant Requirement Apply? 269 7.1.5 Was the Search or Seizure Reasonable under the Totality of the Circumstances? 271 7.2 Electronic Communications Privacy Act 273 7.2.1 Stored Communications Act 274 7.2.1.1 Section 2701: Third Party Hacking of Stored Communications 276 7.2.1.2 Section 2702: Restrictions on Service Providers Ability to Disclose Stored Communications and Records to the Government and Private Parties 277 7.2.1.2.1 The Cybersecurity Act of 2015: Allowing Service Providers to Disclose Cybersecurity Threats to the Government 280 7.2.1.3 Section 2703: Government s Ability to Force Service Providers to Turn over Stored Communications and Customer Records 282 7.2.2 Wiretap Act 284 7.2.3 Pen Register Act 288 7.2.4 National Security Letters 289 7.3 Communications Assistance for Law Enforcement Act (CALEA) 291 7.4 Encryption and the All Writs Act 292 8 Cybersecurity and Federal Government Contractors 297 8.1 Federal Information Security Management Act 298 8.2 NIST Information Security Controls for Government Agencies and Contractors 299 8.3 Classified Information Cybersecurity 304 8.4 Covered Defense Information and Controlled Unclassified Information 307 9 Privacy Laws 315 9.1 Section 5 of the FTC Act and Privacy 316 9.2 Health Insurance Portability and Accountability Act 322 9.3 Gramm-Leach-Bliley Act and California Financial Information Privacy Act 324 9.4 CAN-SPAM Act 325 9.5 Video Privacy Protection Act 326 9.6 Children s Online Privacy Protection Act 328 9.7 California Online Privacy Laws 330 9.7.1 California Online Privacy Protection Act (CalOPPA) 330 9.7.2 California Shine the Light Law 331 9.7.3 California Minor Eraser Law 333 9.8 Illinois Biometric Information Privacy Act 335 10 International Cybersecurity Law 337 10.1 European Union 338 10.2 Canada 344 10.3 China 348 10.4 Mexico 351 10.5 Japan 354 Appendix A: Text of Section 5 of the FTC Act 359 Appendix B: Summary of State Data Breach Notification Laws 367 Appendix C: Text of Section 1201 of the Digital Millennium Copyright Act 411 Appendix D: Text of the Computer Fraud and Abuse Act 423 Appendix E: Text of the Electronic Communications Privacy Act 431 Index 483

Read more less

Book SynopsisHelp for grown-ups new to coding Getting a jump on learning how coding makes technology work is essential to prepare kids for the future. Unfortunately, many parents, teachers, and mentors didn't learn the unique logic and language of coding in school. Helping Kids with Coding For Dummies comes to the rescue. It breaks beginning coding into easy-to-understand language so you can help a child with coding homework, supplement an existing coding curriculum, or have fun learning with your favorite kid. The demand to have younger students learn coding has increased in recent years as the demand for trained coders has far exceeded the supply of coders. Luckily, this fun and accessible book makes it a snap to learn the skills necessary to help youngsters develop into proud, capable coders! Help with coding homework or enhance a coding curriculumGet familiar with coding logic and how to de-bug programsComplete small projects as you learn coding languageApply math skills to coding If you're Table of ContentsIntroduction 1 About This Book 1 Foolish Assumptions 2 Icons Used in This Book 3 Where to Go from Here 3 Part 1: Getting Started with Coding 5 Chapter 1: Welcome To (Or Back To) Coding 7 Why Kids Are Coding 8 What are they learning? 8 How are they learning? 9 What does it mean down the road? 10 Why You Need to Know Coding 11 Fear and loathing (of coding) 11 You may already know more than you think 12 Where Do You Come In? 13 In the classroom 13 Camp or after-school coach 15 Mentor 16 Working with Young Coders 18 Chapter 2: Understanding the Big Ideas 19 Seeing the Big Picture in Coding 19 Acting Out the Big Picture, Unplugged 20 Dramatizing a noncoding process 21 Walking through some daily tasks 22 Creating an Algorithm 23 Turning a picture into words 23 One possible vacuuming algorithm in code 24 Representing Algorithms 26 Acting it out 27 Drawing a picture 27 Creating a storyboard 28 Building a flowchart 28 Writing pseudocode 30 Commenting the bones 31 Organizing with Sequence, Selection, and Repetition 33 Sequence 34 Selection 35 Repetition 36 Including Randomness in Your Coding 38 Chapter 3: Figuring Out Programming Languages 41 What You Want in a Language 42 Free Languages for Tots and Kids 42 The Foos 42 Think & Learn Code-a-Pillar 43 Daisy the Dinosaur 43 Scratch Jr 44 Free Languages for Youth and Tweens 45 Scratch 45 Hopscotch 47 Kodu 47 Languages for Teens and Older 48 Alice 48 MIT App Inventor 2 49 Python 50 JavaScript 53 Java 55 Other Awesome (Not-So-Free) Languages 58 MicroWorlds EX 58 Tynker 58 GameSalad 58 Part 2: Getting Your Hands on Code 61 Chapter 4: Working with Words 63 Communicating with Text 63 Showing Text Onscreen 64 Using pseudocode 64 Using Scratch 64 Using Python 65 Using HTML 66 Using JavaScript in an app 66 Using Java 68 Words In, Words Out 69 Using Scratch 70 Using Python 71 Using HTML and JavaScript 71 Using JavaScript in an app 72 Combining Text Onscreen 74 Using pseudocode 75 Using Scratch 75 Using Python and other languages 75 Formatting Text Onscreen 77 A Mad Libs Example 78 Chapter 5: Knowing Where You Are and Where You’re Going 81 Acting Out Position, Unplugged 82 Setting and Finding Position 85 Using pseudocode 85 Using Scratch to set position 86 Using Scratch to find position 87 Using JavaScript 87 Positioning Objects Randomly 93 Using Scratch 93 Using JavaScript 94 Setting and Finding Direction 95 Using pseudocode 95 Using Scratch 96 Setting Object Direction Randomly 97 Using Scratch 97 Turning 98 Using pseudocode 98 Using Scratch 98 Acting Out Motion, Unplugged 99 Making an Object Move 100 Using pseudocode 100 Using Scratch 101 Using JavaScript 103 Asteroid Blaster 104 Chapter 6: Getting Fancy with Graphics and Sound 107 Sizes of Images and Sounds, Unplugged 108 Activities surrounding images and sounds 108 Knowing your sizes 109 Using Graphics in Your Programs 109 Image file types 109 Creating images 110 Finding images on the web 111 Importing a JPEG or PNG in Scratch 114 Importing a GIF in Scratch 116 Importing a JPEG, PNG, or GIF in JavaScript 117 Adding Sound to Your Programs 117 Sound file types 118 Creating original sounds 118 Finding sounds on the web 119 Importing sounds into Scratch 120 Importing audio into JavaScript 121 Creating a Sound Board 122 Part 3: There is Math on This Test! 125 Chapter 7: Tackling These Ever-Changing Variables 127 Acting Out Variables, Unplugged 127 Variable parts 128 Dramatizing variables 130 I Do Declare (And Initialize) 132 Using pseudocode 132 Using Scratch 133 Using Python 134 Using JavaScript 135 Using Java 136 Checking on Variable Values 137 Using Scratch 138 Using Python 138 Using JavaScript 138 Using Java 140 Incrementing and Decrementing Variables 140 Using pseudocode 140 Using Scratch 141 Using Python 141 Using JavaScript 142 Using Java 142 Creating a Stock Ticker 142 Chapter 8: Computing Using Math 145 Acting Out Math, Unplugged 145 Number types 146 Dramatizing math 146 Doing Simple Math 149 Using pseudocode 149 Using Scratch 149 Using Python 150 Doing Advanced Math Operations 150 Using pseudocode 151 Using Scratch 152 Using Python 153 Oh So Mod — Using the Mod Operation 156 Using pseudocode 157 Using Scratch 157 Using Python 157 Ordering Those Operations (PEMDAS) 157 Using Scratch 158 Using Python 158 Rounding 159 Rounding via casting in Java 160 Rounding decimals to integers via methods 160 Generating and Using Random Numbers 162 Using pseudocode 162 Using Scratch 162 Using Python 163 Coding a Crypto Code Maker 163 Chapter 9: Helping with Logic Operations 167 Simple Logic, Unplugged 167 Programming Simple Conditionals 169 In pseudocode 169 In Scratch 169 In Python 170 In JavaScript 170 In Java 172 Advanced Logic, Unplugged 174 Coding Compound Conditionals (aka, AND, NOT, and OR Will Get You Pretty Far!) 176 In pseudocode 177 Compound conditionals in Scratch 177 In Python 179 In JavaScript 181 In Java 181 Rock, Paper, Scissors 182 Chapter 10: Getting Loopy 185 Loops, Unplugged 185 Repeat fun, unplugged 186 Random loop conditions, unplugged 186 Loop Types and Structures 187 Infinite loops 188 Actions repeated in loops 188 Conditions of loops 188 Using pseudocode 189 Using Scratch 191 Using Python 193 Nesting Loops 196 Using pseudocode 196 Using Scratch 197 Using Python 198 Coding the Classic Fibonacci Sequence 199 Chapter 11: Adding Lists 201 Lists, Unplugged 201 Introducing Lists 203 Using pseudocode 203 Using Scratch 205 Using Java 208 Sorting Lists 215 Selection sort: An easy sorting algorithm 215 Common application: Arranging numbers in order 216 Searching Lists 217 Linear versus binary searching algorithms 217 Common application: Finding a phone number 218 Chapter 12: Coding Subprograms 221 Subprograms, Unplugged 221 Starting with Pseudocode 223 Creating a Spirograph with Subprograms 224 Pseudocode 225 Scratch 225 JavaScript 227 Java 228 Coding Subprograms with Parameters 230 Scratch code block with parameters 230 JavaScript, with parameters 233 Java, with parameters 234 Part 4: Applying What You Know 237 Chapter 13: Fixing Problems by Debugging 239 Debugging, Unplugged 240 Finding Common Syntax Errors 242 Scoping errors 242 Typing errors 243 Incorrect data types 244 Finding Common Semantic Errors 245 Infinite loops 245 Off by one 246 Strategies for Debugging 248 Turning sections on and off 248 Testing sample data 251 Adding output messages 251 Walking Away 253 Chapter 14: Creating a Webpage 255 Getting Set Up 255 Creating a Basic Webpage Layout 261 The skeleton: HTML basics 262 The aesthetics: CSS 265 Getting Fancy with Color and Graphics 272 Adding color to your page 272 Introducing graphics 276 Adding Hyperlinks 278 Going Interactive with JavaScript 280 Adding buttons 280 Changing your page with buttons 282 Combining HTML, CSS, and JavaScript 283 Chapter 15: Building a Mobile Game 289 Getting Started with MIT App Inventor 289 Community and support within MIT App Inventor 291 The layout of MIT App Inventor 292 Using an Emulator versus a Real Device 294 Using the Android Emulator 294 Using a real Android device 295 Testing on the emulator and Android device 295 Designing Mobile Apps 302 Adding the Components in Design View 303 Coding Your Mobile App 306 Getting your puppy moving 306 Setting up your start screen and variables 308 Coding random placement of items 309 Coding collision with items 311 Levels, timers, and final score 312 Distributing Your Apps 315 Chapter 16: Programming Simple Electronics 317 Gathering Your Hardware 317 The micro:bit board 318 Buying the board and components 318 Accessing the Software 320 Navigating the interface 320 Writing and using a program 321 Don’t Wake Baby Gadget 324 Flowcharting the program 324 Writing the code 326 Downloading code to the micro:bit 333 Connecting hardware components 333 Testing the device 334 Trying Wacky and Fun Variations 335 Part 5: The Part of Tens 337 Chapter 17: Ten Do’s and Don’ts for Selecting a Kids Coding Curriculum 339 DO Find the Right Entry Level 340 Getting started in elementary grades 340 Getting started in the middle grades 341 Getting started in high school grades 341 DON’T Assume Cost Equals Quality 343 DO Balance Lessons with Free Exploration 344 DON’T Instantly Dismiss Teaching Languages 344 DO Consult CSTA for Guidance 346 DON’T Buy “Coding” Toys for Babies 346 DO Emphasize the Soft Skills 346 DON’T Let Kids Get Stuck in a Loop 347 DO Present the Bigger Picture 347 DON’T Stereotype Coders 347 Chapter 18: Ten Ways to Keep the Coding Learning Going 349 Unplugged 349 Research Pioneers of Computing 350 Go Lateral from Code 351 Language Tracking 351 Smart Home Projects 352 Include Outside Passions 352 Open-Source Projects 353 Group Projects 354 Community Support 354 Portfolios 355 Index 357

Read more less

Book SynopsisMeet the world's top ethical hackers and explore the tools of the trade Hacking the Hacker takes you inside the world of cybersecurity to show you what goes on behind the scenes, and introduces you to the men and women on the front lines of this technological arms race.Table of ContentsForeword xxxi Introduction xxxiii 1 What Type of Hacker Are You? 1 Most Hackers Aren’t Geniuses 2 Defenders Are Hackers Plus 3 Hackers Are Special 3 Hackers Are Persistent 4 Hacker Hats 4 2 How Hackers Hack 9 The Secret to Hacking 10 The Hacking Methodology 11 Hacking Is Boringly Successful 20 Automated Malware as a Hacking Tool 20 Hacking Ethically 21 3 Profile: Bruce Schneier 23 For More Information on Bruce Schneier 26 4 Social Engineering 27 Social Engineering Methods 27 Phishing 27 Trojan Horse Execution 28 Over the Phone 28 Purchase Scams 28 In-Person 29 Carrot or Stick 29 Social Engineering Defenses 30 Education 30 Be Careful of Installing Software from Third-Party Websites 30 EV Digital Certificates 31 Get Rid of Passwords 31 Anti–Social Engineering Technologies 31 5 Profile: Kevin Mitnick 33 For More Information on Kevin Mitnick 37 6 Software Vulnerabilities 39 Number of Software Vulnerabilities 39 Why Are Software Vulnerabilities Still a Big Problem? 40 Defenses Against Software Vulnerabilities 41 Security Development Lifecycle 41 More Secure Programming Languages 42 Code and Program Analysis 42 More Secure Operating Systems 42 Third-Party Protections and Vendor Add-Ons 42 Perfect Software Won’t Cure All Ills 43 7 Profile: Michael Howard 45 For More Information on Michael Howard 49 8 Profile: Gary McGraw 51 For More Information on Gary McGraw 54 9 Malware 55 Malware Types 55 Number of Malware Programs 56 Mostly Criminal in Origin 57 Defenses Against Malware 58 Fully Patched Software 58 Training 58 Anti-Malware Software 58 Application Control Programs 59 Security Boundaries 59 Intrusion Detection 59 10 Profile: Susan Bradley 61 For More Information on Susan Bradley 63 11 Profile: Mark Russinovich 65 For More on Mark Russinovich 68 12 Cryptography 69 What Is Cryptography? 69 Why Can’t Attackers Just Guess All the Possible Keys? 70 Symmetric Versus Asymmetric Keys 70 Popular Cryptography 70 Hashes 71 Cryptographic Uses 72 Cryptographic Attacks 72 Math Attacks 72 Known Ciphertext/Plaintext 73 Side Channel Attacks 73 Insecure Implementations 73 13 Profile: Martin Hellman 75 For More Information on Martin Hellman 79 14 Intrusion Detection/APTs 81 Traits of a Good Security Event Message 82 Advanced Persistent Threats (APTs) 82 Types of Intrusion Detection 83 Behavior-Based 83 Signature-Based 84 Intrusion Detection Tools and Services 84 Intrusion Detection/Prevention Systems 84 Event Log Management Systems 85 Detecting Advanced Persistent Threats (APTs) 85 15 Profile: Dr. Dorothy E. Denning 87 For More Information on Dr Dorothy E Denning 90 16 Profile: Michael Dubinsky 91 For More Information on Michael Dubinsky 93 17 Firewalls 95 What Is a Firewall? 95 The Early History of Firewalls 95 Firewall Rules 97 Where Are Firewalls? 97 Advanced Firewalls 98 What Firewalls Protect Against 98 18 Profile: William Cheswick 101 For More Information on William Cheswick 105 19 Honeypots 107 What Is a Honeypot? 107 Interaction 108 Why Use a Honeypot? 108 Catching My Own Russian Spy 109 Honeypot Resources to Explore 110 20 Profile: Lance Spitzner 111 For More Information on Lance Spitzner 114 21 Password Hacking 115 Authentication Components 115 Passwords 116 Authentication Databases 116 Password Hashes 116 Authentication Challenges 116 Authentication Factors 117 Hacking Passwords 117 Password Guessing 117 Phishing 118 Keylogging 118 Hash Cracking 118 Credential Reuse 119 Hacking Password Reset Portals 119 Password Defenses 119 Complexity and Length 120 Frequent Changes with No Repeating 120 Not Sharing Passwords Between Systems 120 Account Lockout 121 Strong Password Hashes 121 Don’t Use Passwords 121 Credential Theft Defenses 121 Reset Portal Defenses 122 22 Profile: Dr. Cormac Herley 123 For More Information on Dr. Cormac Herley 126 23 Wireless Hacking 127 The Wireless World 127 Types of Wireless Hacking 127 Attacking the Access Point 128 Denial of Service 128 Guessing a Wireless Channel Password 128 Session Hijacking 128 Stealing Information 129 Physically Locating a User 129 Some Wireless Hacking Tools 129 Aircrack-Ng 130 Kismet 130 Fern Wi-Fi Hacker 130 Firesheep 130 Wireless Hacking Defenses 130 Frequency Hopping 130 Predefined Client Identification 131 Strong Protocols 131 Long Passwords 131 Patching Access Points 131 Electromagnetic Shielding 131 24 Profile: Thomas d’Otreppe de Bouvette 133 For More Information on Thomas d’Otreppe de Bouvette 135 25 Penetration Testing 137 My Penetration Testing Highlights 137 Hacked Every Cable Box in the Country 137 Simultaneously Hacked a Major Television Network and Pornography 138 Hacked a Major Credit Card Company 138 Created a Camera Virus 139 How to Be a Pen Tester 139 Hacker Methodology 139 Get Documented Permission First 140 Get a Signed Contract 140 Reporting 140 Certifications 141 Be Ethical 145 Minimize Potential Operational Interruption 145 26 Profile: Aaron Higbee 147 For More Information on Aaron Higbee 149 27 Profile: Benild Joseph 151 For More Information on Benild Joseph 153 28 DDoS Attacks 155 Types of DDoS Attacks 155 Denial of Service 155 Direct Attacks 156 Reflection Attacks 156 Amplification 156 Every Layer in the OSI Model 157 Escalating Attacks 157 Upstream and Downsteam Attacks 157 DDoS Tools and Providers 158 Tools 158 DDoS as a Service 158 DDoS Defenses 159 Training 159 Stress Testing 159 Appropriate Network Configuration 159 Engineer Out Potential Weak Points 159 Anti-DDoS Services 160 29 Profile: Brian Krebs 161 For More Information on Brian Krebs 164 30 Secure OS 165 How to Secure an Operating System 166 Secure-Built OS 166 Secure Guidelines 168 Secure Configuration Tools 169 Security Consortiums 169 Trusted Computing Group 169 FIDO Alliance 169 31 Profile: Joanna Rutkowska 171 For More Information on Joanna Rutkowska 173 32 Profile: Aaron Margosis 175 For More Information on Aaron Margosis 179 33 Network Attacks 181 Types of Network Attacks 181 Eavesdropping 182 Man-in-the-Middle Attacks 182 Distributed Denial-of-Service Attacks 183 Network Attack Defenses 183 Domain Isolation 183 Virtual Private Networks 183 Use Secure Protocols and Applications 183 Network Intrusion Detection 184 Anti-DDoS Defenses 184 Visit Secure Web Sites and Use Secure Services 184 34 Profile: Laura Chappell 185 For More Information on Laura Chappell 188 35 IoT Hacking 189 How Do Hackers Hack IoT? 189 IoT Defenses 190 36 Profile: Dr. Charlie Miller 193 For More Information on Dr. Charlie Miller 198 37 Policy and Strategy 201 Standards 201 Policies 202 Procedures 203 Frameworks 203 Regulatory Laws 203 Global Concerns 203 Systems Support 204 38 Profile: Jing de Jong-Chen 205 For More Information on Jing de Jong-Chen 209 39 Threat Modeling 211 Why Threat Model? 211 Threat Modeling Models 212 Threat Actors 213 Nation-States 213 Industrial Hackers 213 Financial Crime 213 Hacktivists 214 Gamers 214 Insider Threats 214 Ordinary, Solitary Hackers or Hacker Groups 214 40 Profile: Adam Shostack 217 For More Information on Adam Shostack 220 41 Computer Security Education 221 Computer Security Training Topics 222 End-User/Security Awareness Training 222 General IT Security Training 222 Incident Response 222 OS and Application-Specific Training 223 Technical Skills 223 Certifications 223 Training Methods 224 Online Training 224 Break into My Website 224 Schools and Training Centers 224 Boot Camps 225 Corporate Training 225 Books 225 42 Profile: Stephen Northcutt 227 For More Information on Stephen Northcutt 230 43 Privacy 231 Privacy Organizations 232 Privacy-Protecting Applications 233 44 Profile: Eva Galperin 235 For More Information on Eva Galperin 237 45 Patching 239 Patching Facts 240 Most Exploits Are Caused by Old Vulnerabilities That Patches Exist For 240 Most Exploits Are Caused by a Few Unpatched Programs 240 The Most Unpatched Program Isn’t Always the Most Exploited Program 241 You Need to Patch Hardware Too 241 Common Patching Problems 241 Detecting Missing Patching Isn’t Accurate 241 You Can’t Always Patch 242 Some Percentage of Patching Always Fails 242 Patching Will Cause Operational Issues 242 A Patch Is a Globally Broadcasted Exploit Announcement 243 46 Profile: Window Snyder 245 For More Information on Window Snyder 248 47 Writing as a Career 249 Computer Security Writing Outlets 250 Blogs 250 Social Media Sites 250 Articles 250 Books 251 Newsletters 253 Whitepapers 254 Technical Reviews 254 Conferences 254 Professional Writing Tips 255 The Hardest Part Is Starting 255 Read Differently 255 Start Out Free 255 Be Professional 256 Be Your Own Publicist 256 A Picture Is Worth a Thousand Words 256 48 Profile: Fahmida Y . Rashid 259 For More Information on Fahmida Y. Rashid 262 49 Guide for Parents with Young Hackers 263 Signs Your Kid Is Hacking 264 They Tell You They Hack 264 Overly Secretive About Their Online Activities 264 They Have Multiple Email/Social Media Accounts You Can’t Access 265 You Find Hacking Tools on the System 265 People Complain You Are Hacking 265 You Catch Them Switching Screens Every Time You Walk into the Room 265 These Signs Could Be Normal 265 Not All Hacking Is Bad 266 How to Turn Around Your Malicious Hacker 266 Move Their Computers into the Main Living Area and Monitor 267 Give Guidance 267 Give Legal Places to Hack 267 Connect Them with a Good Mentor 269 50 Hacker Code of Ethics 271 Hacker Code of Ethics 272 Be Ethical, Transparent, and Honest 273 Don’t Break the Law 273 Get Permission 273 Be Confidential with Sensitive Information 273 Do No Greater Harm 273 Conduct Yourself Professionally 274 Be a Light for Others 274 Index 275

Read more less

Book SynopsisTable of ContentsForeword xxi Introduction xxiii Part I Understanding the Technology 1 Chapter 1 What Is a Cryptocurrency? 3 A New Concept? 3 Leading Currencies in the Field 8 Is Blockchain Technology Just for Cryptocurrencies? 9 Setting Yourself Up as a Bitcoin User 10 Summary 14 Chapter 2 The Hard Bit 15 Hashing 16 Public/Private Key Encryption 21 RSA Cryptography 23 Elliptic Curve Cryptography 28 Building a Simple Cryptocurrency in the Lab 32 Summary 36 Chapter 3 Understanding the Blockchain 39 The Structure of a Block 40 The Block Header 42 Deconstructing Raw Blocks from Hex 47 Applying This to the Downloaded Hex 51 Number of Transactions 55 Block Height 57 Forks 58 The Ethereum Block 61 Summary 65 Chapter 4 Transactions 67 The Concept behind a Transaction 67 The Mechanics of a Transaction 69 Understanding the Mempool 76 Understanding the ScriptSig and ScriptPubKey 77 Interpreting Raw Transactions 79 Extracting JSON Data 81 Analyzing Address History 82 Creating Vanity Addresses 83 Interpreting Ethereum Transactions 85 Summary 86 Chapter 5 Mining 87 The Proof-of-Work Concept 89 The Proof-of-Stake Concept 90 Mining Pools 90 Mining Fraud 92 Summary 93 Chapter 6 Wallets 95 Wallet Types 96 Software Wallets 96 Hardware Wallets 97 Cold Wallets or Cold Storage 98 Why Is Recognizing Wallets Important? 99 Software Wallets 100 Hardware Wallets 100 Paper Wallets 100 The Wallet Import Format (WIF) 101 How Wallets Store Keys 102 Setting Up a Covert Wallet 105 Summary 107 Chapter 7 Contracts and Tokens 109 Contracts 109 Bitcoin 110 Ethereum 110 Tokens and Initial Coin Offerings 112 Summary 116 Part II Carrying Out Investigations 117 Chapter 8 Detecting the Use of Cryptocurrencies 119 The Premises Search 120 A New Category of Search Targets 121 Questioning 124 Searching Online 125 Extracting Private and Public Keys from Seized Computers 130 Commercial Tools 130 Extracting the Wallet File 131 Automating the Search for Bitcoin Addresses 135 Finding Data in a Memory Dump 136 Working on a Live Computer 137 Acquiring the Wallet File 138 Exporting Data from the Bitcoin Daemon 140 Extracting Wallet Data from Live Linux and OSX Systems 144 Summary 145 Chapter 9 Analysis of Recovered Addresses and Wallets 147 Finding Information on a Recovered Address 147 Extracting Raw Data from Ethereum 154 Searching for Information on a Specifi c Address 155 Analyzing a Recovered Wallet 161 Setting Up Your Investigation Environment 161 Importing a Private Key 166 Dealing with an Encrypted Wallet 167 Inferring Other Data 172 Summary 173 Chapter 10 Following the Money 175 Initial Hints and Tips 175 Transactions on Blockchain.info 176 Identifying Change Addresses 177 Another Simple Method to Identify Clusters 181 Moving from Transaction to Transaction 182 Putting the Techniques Together 184 Other Explorer Sites 186 Following Ethereum Transactions 189 Monitoring Addresses 193 Blockonomics.co 193 Bitnotify.com 194 Writing Your Own Monitoring Script 194 Monitoring Ethereum Addresses 196 Summary 197 Chapter 11 Visualization Systems 199 Online Blockchain Viewers 199 Blockchain.info 200 Etherscan.io 201 Commercial Visualization Systems 214 Summary 215 Chapter 12 Finding Your Suspect 217 Tracing an IP Address 217 Bitnodes 219 Other Areas Where IPs Are Stored 226 Is the Suspect Using Tor? 228 Is the Suspect Using a Proxy or a VPN? 229 Tracking to a Service Provider 231 Considering Open-Source Methods 235 Accessing and Searching the Dark Web 237 Detecting and Reading Micromessages 241 Summary 244 Chapter 13 Sniffi ng Cryptocurrency Traffi c 245 What Is Intercept? 246 Watching a Bitcoin Node 247 Sniffi ng Data on the Wire 248 Summary 254 Chapter 14 Seizing Coins 255 Asset Seizure 256 Cashing Out 256 Setting Up a Storage Wallet 259 Importing a Suspect’s Private Key 261 Storage and Security 263 Seizure from an Online Wallet 265 Practice, Practice, Practice 265 Summary 266 Chapter 15 Putting It All Together 267 Examples of Cryptocurrency Crimes 268 Buying Illegal Goods 268 Selling Illegal Goods 268 Stealing Cryptocurrency 269 Money Laundering 269 Kidnap and Extortion 270 What Have You Learned? 270 Where Do You Go from Here? 273 Index 275

Read more less

Book SynopsisIncident response is critical for the active defense of any network, and incident responders need up-to-date, immediately applicable techniques with which to engage the adversary.Applied Incident Responsedetails effective ways to respond to advanced attacks against local and remote network resources,providing proven response techniques and a framework through which to apply them. As a starting point for new incident handlers, or as a technical reference for hardened IR veterans, this book details the latest techniques for responding to threats against your network, including: Preparing your environment for effective incident responseLeveraging MITRE ATT&CK and threat intelligence for active network defenseLocal and remote triage of systems using PowerShell, WMIC, and open-source toolsAcquiring RAM and disk images locally and remotelyAnalyzing RAM with Volatility and RekallDeep-dive forensic analysis of system drives using open-source or commercial toolsLeveraging Security Onion and ElaTable of ContentsPart I Prepare 1 Chapter 1 The Threat Landscape 3 Attacker Motivations 3 Intellectual Property Theft 4 Supply Chain Attack 4 Financial Fraud 4 Extortion 5 Espionage 5 Power 5 Hacktivism 6 Revenge 6 Attack Methods 6 DoS and DDoS 7 Worms 8 Ransomware 8 Phishing 9 Spear Phishing 9 Watering Hole Attacks 10 Web Attacks 10 Wireless Attacks 11 Sniffing and MitM 11 Crypto Mining 12 Password Attacks 12 Anatomy of an Attack 13 Reconnaissance 13 Exploitation 14 Expansion/Entrenchment 15 Exfiltration/Damage 16 Clean Up 16 The Modern Adversary 16 Credentials, the Keys to the Kingdom 17 Conclusion 20 Chapter 2 Incident Readiness 21 Preparing Your Process 21 Preparing Your People 27 Preparing Your Technology 30 Ensuring Adequate Visibility 33 Arming Your Responders 37 Business Continuity and Disaster Recovery 38 Deception Techniques 40 Conclusion 43 Part II Respond 45 Chapter 3 Remote Triage 47 Finding Evil 48 Rogue Connections 49 Unusual Processes 52 Unusual Ports 55 Unusual Services 56 Rogue Accounts 56 Unusual Files 58 Autostart Locations 59 Guarding Your Credentials 61 Understanding Interactive Logons 61 Incident Handling Precautions 63 RDP Restricted Admin Mode and Remote Credential Guard 64 Conclusion 65 Chapter 4 Remote Triage Tools 67 Windows Management Instrumentation Command-Line Utility 67 Understanding WMI and the WMIC Syntax 68 Forensically Sound Approaches 71 WMIC and WQL Elements 72 Example WMIC Commands 79 PowerShell 84 Basic PowerShell Cmdlets 87 PowerShell Remoting 91 Accessing WMI/MI/CIM with PowerShell 95 Incident Response Frameworks 98 Conclusion 100 Chapter 5 Acquiring Memory 103 Order of Volatility 103 Local Memory Collection 105 Preparing Storage Media 107 The Collection Process 109 Remote Memory Collection 117 WMIC for Remote Collection 119 PowerShell Remoting for Remote Collection 122 Agents for Remote Collection 125 Live Memory Analysis 128 Local Live Memory Analysis 129 Remote Live Memory Analysis 129 Conclusion 131 Chapter 6 Disk Imaging 133 Protecting the Integrity of Evidence 133 Dead-Box Imaging 137 Using a Hardware Write Blocker 139 Using a Bootable Linux Distribution 143 Live Imaging 149 Live Imaging Locally 149 Collecting a Live Image Remotely 154 Imaging Virtual Machines 155 Conclusion 160 Chapter 7 Network Security Monitoring 161 Security Onion 161 Architecture 162 Tools 165 Snort, Sguil, and Squert 166 Zeek (Formerly Bro) 172 Elastic Stack 182 Text-Based Log Analysis 194 Conclusion 197 Chapter 8 Event Log Analysis 199 Understanding Event Logs 199 Account-Related Events 207 Object Access 218 Auditing System Configuration Changes 221 Process Auditing 224 Auditing PowerShell Use 229 Using PowerShell to Query Event Logs 231 Conclusion 233 Chapter 9 Memory Analysis 235 The Importance of Baselines 236 Sources of Memory Data 242 Using Volatility and Rekall 244 Examining Processes 249 The pslist Plug-in 249 The pstree Plug-in 252 The dlllist Plug-in 255 The psxview Plug-in 256 The handles Plug-in 256 The malfi nd Plug-in 257 Examining Windows Services 259 Examining Network Activity 261 Detecting Anomalies 264 Practice Makes Perfect 273 Conclusion 274 Chapter 10 Malware Analysis 277 Online Analysis Services 277 Static Analysis 280 Dynamic Analysis 286 Manual Dynamic Analysis 287 Automated Malware Analysis 299 Evading Sandbox Detection 305 Reverse Engineering 306 Conclusion 309 Chapter 11 Disk Forensics 311 Forensics Tools 312 Time Stamp Analysis 314 Link Files and Jump Lists 319 Prefetch 321 System Resource Usage Monitor 322 Registry Analysis 324 Browser Activity 333 USN Journal 337 Volume Shadow Copies 338 Automated Triage 340 Linux/UNIX System Artifacts 342 Conclusion 344 Chapter 12 Lateral Movement Analysis 345 Server Message Block 345 Pass-the-Hash Attacks 351 Kerberos Attacks 353 Pass-the-Ticket and Overpass-the-Hash Attacks 354 Golden and Silver Tickets 361 Kerberoasting 363 PsExec 365 Scheduled Tasks 368 Service Controller 369 Remote Desktop Protocol 370 Windows Management Instrumentation 372 Windows Remote Management 373 PowerShell Remoting 374 SSH Tunnels and Other Pivots 376 Conclusion 378 Part III Refine 379 Chapter 13 Continuous Improvement 381 Document, Document, Document 381 Validating Mitigation Efforts 383 Building On Your Successes, and Learning from Your Mistakes 384 Improving Your Defenses 388 Privileged Accounts 389 Execution Controls 392 PowerShell 394 Segmentation and Isolation 396 Conclusion 397 Chapter 14 Proactive Activities 399 Threat Hunting 399 Adversary Emulation 409 Atomic Red Team 410 Caldera 415 Conclusion 416 Index 419

Read more less

Book SynopsisLearn to deploy proven cryptographic tools in your applications and services Cryptography is, quite simply, what makes security and privacy in the digital world possible. Tech professionals, including programmers, IT admins, and security analysts, need to understand how cryptography works to protect users, data, and assets. Implementing Cryptography Using Python will teach you the essentials, so you can apply proven cryptographic tools to secure your applications and systems. Because this book uses Python, an easily accessible language that has become one of the standards for cryptography implementation, you'll be able to quickly learn how to secure applications and data of all kinds. In this easy-to-read guide, well-known cybersecurity expert Shannon Bray walks you through creating secure communications in public channels using public-key cryptography. You'll also explore methods of authenticating messages to ensure that they haven't been tampered with in transit. Finally, you'll lTable of ContentsIntroduction xvii Chapter 1 Introduction to Cryptography and Python 1 Exploring Algorithms 2 Why Use Python? 2 Downloading and Installing Python 3 Installing on Ubuntu 4 Installing on macOS 4 Installing on Windows 4 Installing on a Chromebook 4 Installing Additional Packages 5 Installing Pip, NumPy, and Matplotlib 6 Installing the Cryptography Package 7 Installing Additional Packages 8 Testing Your Install 9 Diving into Python Basics 9 Using Variables 10 Using Strings 11 Introducing Operators 11 Understanding Arithmetic Operators 11 Understanding Comparison Operators 13 Understanding Logical Operators 13 Understanding Assignment Operators 14 Understanding Bitwise Operators 15 Understanding Membership Operators 15 Understanding Identity Operators 16 Using Conditionals 16 Using Loops 17 for 17 while 18 continue 18 break 18 else 18 Using Files 19 Understanding Python Semantics 20 Sequence Types 20 Introducing Custom Functions 26 Downloading Files Using Python 27 Introducing Python Modules 28 Creating a Reverse Cipher 29 Summary 30 Chapter 2 Cryptographic Protocols and Perfect Secrecy 31 The Study of Cryptology 32 Understanding Cryptography 32 Cryptography’s Famous Family: Alice and Bob 33 Diffie-Hellman 34 Data Origin Authentication 34 Entity Authentication 35 Symmetric Algorithms 36 Asymmetric Algorithms 36 The Needham-Schroeder Protocols 36 The Otway-Rees Protocol 38 Kerberos 39 Multiple-Domain Kerberos 40 X.509 41 Formal Validation of Cryptographic Protocols 46 Configuring Your First Cryptographic Library 47 Understanding Cryptanalysis 47 Brute-Force Attacks 47 Side-Channel Attacks 48 Social Engineering 48 Analytical Attacks 48 Frequency Analysis 48 Attack Models 49 Shannon’s Theorem 50 One-Time Pad 51 XOR, AND, and OR 51 One-Time Pad Function 56 One-Way Hashes 58 Cryptographic One-Way Hashes 59 Message Authentication Codes 60 Perfect Forward Secrecy 60 Published and Proprietary Encryption Algorithms 61 Summary 62 References 62 Chapter 3 Classical Cryptography 65 Password Best Practices 66 Password Storage 66 Hashing Passwords 67 Salting Passwords 67 Stretching Passwords 68 Password Tools 68 Obfuscating Data 69 ASCII Encoding 70 Base64 Encoding Text 70 Binary Data 72 Decoding 72 Historical Ciphers 72 Scytale of Sparta 73 Substitution Ciphers 73 Caesar Cipher 74 ROT-13 76 Atbash Cipher 77 Vigenère Cipher 77 Playfair 79 Hill 2x2 83 Column Transposition 87 Affine Cipher 90 Summary 93 Chapter 4 Cryptographic Math and Frequency Analysis 95 Modular Arithmetic and the Greatest Common Devisor 96 Prime Numbers 97 Prime Number Theorem 98 School Primality Test 98 Fermat’s Little Theorem 100 Miller-Rabin Primality Test 100 Generate Large Prime Numbers 104 Basic Group Theory 106 Orders of Elements 107 Modular Inverses 109 Fermat’s Little Theorem to Find the Inverse 110 Extending the GCD 111 Euler’s Theorem 111 Pseudorandomness 115 Breaking C’s rand() Function 116 Solving Systems of Linear Equations 117 Frequency Analysis 120 Cryptanalysis with Python 123 Using an Online Word List 125 Determining the Frequency 126 Breaking the Vigenère Cipher 129 Summary 138 Chapter 5 Stream Ciphers and Block Ciphers 139 Convert between Hexdigest and Plaintext 140 Use Stream Ciphers 141 ARC4 147 Vernam Cipher 148 Salsa20 Cipher 149 ChaCha Cipher 151 Use Block Ciphers 156 Block Modes of Operations 158 ECB Mode 158 CBC Mode 159 CFB Mode 160 OFB Mode 162 CTR Mode 163 Tricks with Stream Modes 164 DIY Block Cipher Using Feistel Networks 165 Advanced Encryption Standard (AES) 167 Using AES with Python 167 File Encryption Using AES 169 File Decryption Using AES 169 Summary 169 Chapter 6 Using Cryptography with Images 171 Simple Image Cryptography 171 Images and Cryptography Libraries 174 Understanding the Cryptography Library 174 Understanding the Cryptosteganography Library 175 Image Cryptography 175 File Cryptography Using Fernet 176 Image Cryptography Using Fernet 179 AES and Block Modes of Operations 180 Exploring a Simple ECB Mode Example 181 Exploring a Simple CBC Mode Example 185 Applying the Examples 186 Steganography 187 Storing a Message Inside an Image 188 Storing a Binary File Inside an Image 192 Working with large images 195 Summary 197 Chapter 7 Message Integrity 199 Message Authentication Codes 200 Hash-based Message Authentication Code 201 Using HMAC to Sign Message 202 Message Digest with SHA 203 Binary Digests 204 NIST Compliance 205 CBC-MAC 206 Birthday Attacks 207 Crafting Forgeries 209 The Length Extension Attack 209 Setting Up a Secure Channel 210 Communication Channels 211 Sending Secure Messages over IP Networks 212 Create a Server Socket 212 Create a Client Socket 213 Create a Threaded Server with TCP 214 Adding Symmetric Encryption 215 Concatenate Message and MAC 218 Summary 221 References 222 Chapter 8 Cryptographic Applications and PKI 223 The Public-Key Transformation 224 Exploring the Basics of RSA 226 Generating RSA Certificates 229 Constructing Simple Text Encryption and Decryption with RSA Certificates 231 Constructing BLOB Encryption and Decryption with RSA Certificates 232 The El-Gamal Cryptosystem 235 Elliptic Curve Cryptography 238 Generating ECC Keys 240 Key Lengths and Curves 241 Diffie-Hellman Key Exchange 242 Summary 245 Chapter 9 Mastering Cryptography Using Python 247 Constructing a Plaintext Communications Application 248 Creating a Server 248 Creating the Client 250 Creating the Helper File 251 Execution 252 Installing and Testing Wireshark 253 Implementing PKI in the Application Using RSA Certificates 255 Modifying the Server 256 Modifying the Client 257 Modifying the Helper File 258 Execution 259 Implementing Diffie-Hellman Key Exchange 261 Modifying the Server File 262 Modifying the Client File 264 Modifying the Helper File 266 Creating the Diffie-Hellman Class File 270 Execution 275 Wrapping Up 276 Index 277

Read more less

Book SynopsisCybersecurity experts from across industries and sectors share insights on how to think like scientists to master cybersecurity challenges Humankind's efforts to explain the origin of the cosmos birthed disciplines such as physics and chemistry. Scientists conceived of the cosmic Big Bang' as an explosion of particleseverything in the universe centered around core elements and governed by laws of matter and gravity. In the modern era of digital technology, we are experiencing a similar explosion of ones and zeros, an exponentially expanding universe of bits of data centered around the core elements of speed and connectivity. One of the disciplines to emerge from our efforts to make sense of this new universe is the science of cybersecurity. Cybersecurity is as central to the Digital Age as physics and chemistry were to the Scientific Age. The Digital Big Bang explores current and emerging knowledge in the field of cybersecurity, helping readers think likeTable of ContentsIntroduction xvii Section 1: Binding Strategies 1 1 Speed 5 Speed: The Nucleus of the Cyberfrontier 7Roland Cloutier, ADP Is Speed an Advantage? It Depends on the Context 18Scott Charney, Microsoft 2 Connectivity 23 Managing the Intensifying Connectivity of the IoT Era 25Brian Talbert, Alaska Airlines Cyberspace: Making Some Sense of It All 30Chris Inglis, Former NSA Deputy Director Section 2: Elementary Shortfalls 43 3 Authentication 47 Authentication, Data Integrity, Nonrepudiation, Availability, and Confidentiality: The Five Pillars of Security 50Mike McConnell, Former Director of National Intelligence Authentication and Models of Trust 58Shannon Lietz, Intuit 4 Patching 65 Patching: A Growing Challenge and a Needed Discipline 68Chris Richter, Former VP of Global Security Services, CenturyLink Conquer or Be Conquered 74Renee Tarun, Fortinet 5 Training 79 Fill the Skills Gap with an Environment of Continual Training 82Chris McDaniels, CT Cubed, Inc. Employee Training is Key for Cybersecurity 89Mo Katibeh, AT&T Training is a Mindset 97Dave Rankin, Verisign Section 3: Fundamental Strategies 103 6 Cryptography 105 Cryptography: The Backbone of Cybersecurity 108Taher Elgamal, Salesforce Cryptography: The Good, the Bad, and the Future 117Dan Boneh, Stanford 7 Access Control 127 Managing Access in Challenging Environments 130Erik Devine, Riverside Health A Systematic Approach to Access Control 136George Do, Equinix 8 Segmentation 143 Successful Segmentation Isn’t Separation: It’s Collaboration 147Colin Anderson, Levi Strauss & Co. Why We Need to Segment Networks 153Hussein Syed, RWJBarnabas Health Section 4: Advanced Strategies 161 9 Visibility 164 Visibility: Identifying Pathogens, Risk Factors, and Symptoms of Cyberattacks 167Michael Chertoff, Former Secretary, Department of Homeland Security 20/20 Insight: Redefining Visibility to Stop Modern Cybercrime Syndicates 173Tim Crothers, Target The Challenge of Visibility 180Daniel Hooper, PIMCO 10 Inspection 188 In and Out of the Shadows: The Visibility That Inspection Enables is Not Confined to Technology Alone 192Ed Amoroso, TAG Cyber The Fundamental Importance of Inspection 199Michael Johnson, Capital One 11 Failure Recovery 206 Preparation, Response, and Recovery 209Thad Allen, Booz Allen Hamilton Cyber Event Recovery 219Simon Lambe, Royal Mail Section 5: Higher-Order Dimensions 223 12 Complexity Management 226 Shift Your Mindset to Manage Complexity 229Michael Daniel, Cyber Threat Alliance Seven Steps to Reducing Complexity 238Jay Gonzales, Samsung 13 Privacy 246 Don’t Panic! Security Pros Must Learn to Embrace the New Era of Privacy 249Kevin Miller, MGM Resorts International Stricter Privacy Regulations Are Driving the Conversations—and Innovations—We Need 259Peter Keenan, Global Financial Services Firm 14 Human Frailty 265 Overcoming Human Frailty: People and the Power of Obligation 268Kevin Kealy, Ingram Micro Overcoming Human Frailty by Design 274Theresa Payton, Fortalice The Future 282 Why Cybersecurity Needs AI 290Michael Xie, Fortinet The Future of Cybersecurity 293Ken Xie, Fortinet Index 301

Read more less

Book SynopsisTribal Knowledge from the Best in Cybersecurity Leadership The Tribe of Hackers series continues, sharing what CISSPs, CISOs, and other security leaders need to know to build solid cybersecurity teams and keep organizations secure. Dozens of experts and influential security specialists reveal their best strategies for building, leading, and managing information security within organizations. Tribe of Hackers Security Leaders follows the same bestselling format as the original Tribe of Hackers, but with a detailed focus on how information security leaders impact organizational security. Information security is becoming more important and more valuable all the time. Security breaches can be costly, even shutting businessesand governments down, so security leadership is a high-stakes game. Leading teams of hackers is not always easy, but the future of your organization may depend on it. In this book, the world's top security experts answer the Table of ContentsAcknowledgments vii Introduction viii 01 Marcus J. Carey 1 02 Ian Anderson 6 03 James Arlen 14 04 Mark Arnold 25 05 Andrew Bagrin 31 06 Zate Berg 36 07 Tash Bettridge 46 08 Philip Beyer 50 09 Kyle Bubp 58 10 Joanna Burkey 64 11 Bill Burns 70 12 Lesley Carhart 78 13 Christopher Caruso 83 14 Mike Chapple 91 15 Steve Christey Coley 98 16 Jim Christy 102 17 Chris Cochran 110 18 Edward Contreras 114 19 Dan Cornell 117 20 Mary Ann Davidson 124 21 Kimber Dowsett 132 22 David Evenden 136 23 Martin Fisher 141 24 Chris Hadnagy 147 25 Andrew Hay 153 26 Mark Hillick 157 27 Terence Jackson 165 28 Tanya Janca 168 29 David Kennedy 174 30 Joe Krull 180 31 Robert M. Lee 188 32 Rafal Los 194 33 Tracy Z. Maleeff 199 34 Jeffrey Man 202 35 Angela Marafino 209 36 James Medlock 212 37 Kent Nabors 221 38 Charles Nwatu 228 39 Greg Ose 232 40 Edward Prevost 239 41 Ray [REDACTED] 244 42 Stephen A. Ridley 249 43 David Rook 255 44 Marina Segal 259 45 Khalil Sehnaoui 262 46 Jackie Singh 267 47 Dan Tentler 271 48 Eugene Teo 274 49 Dominique West 279 50 Jake Williams 283 51 Wirefall 288 Appendix: Recommended Reading 293

Read more less

Book SynopsisYou will be breachedthe only question is whether you'll be ready A cyber breach could cost your organization millions of dollarsin 2019, the average cost of a cyber breach for companies was $3.9M, a figure that is increasing 20-30% annually. But effective planning can lessen the impact and duration of an inevitable cyberattack. Cyber Breach Response That Actually Works provides a business-focused methodology that will allow you to address the aftermath of a cyber breach and reduce its impact to your enterprise. This book goes beyond step-by-step instructions for technical staff, focusing on big-picture planning and strategy that makes the most business impact. Inside, you'll learn what drives cyber incident response and how to build effective incident response capabilities. Expert author Andrew Gorecki delivers a vendor-agnostic approach based on his experience with Fortune 500 organizations. Understand the evolving threat landscape and learn how to address tactical and strategic challenges to build a comprehensive and cohesive cyber breach response programDiscover how incident response fits within your overall information security program, including a look at risk managementBuild a capable incident response team and create an actionable incident response plan to prepare for cyberattacks and minimize their impact to your organizationEffectively investigate small and large-scale incidents and recover faster by leveraging proven industry practicesNavigate legal issues impacting incident response, including laws and regulations, criminal cases and civil litigation, and types of evidence and their admissibility in court In addition to its valuable breadth of discussion on incident response from a business strategy perspective, Cyber Breach Response That Actually Works offers information on key technology considerations to aid you in building an effective capability and accelerating investigations to ensure your organization can continue business operations during significant cyber events.Table of ContentsForeword xxiii Introduction xxv Chapter 1 Understanding the Bigger Picture 1 Evolving Threat Landscape 2 Identifying Threat Actors 2 Cyberattack Lifecycle 4 Cyberattack Preparation Framework 5 Cyberattack Execution Framework 6 Defining Cyber Breach Response 8 Events, Alerts, Observations, Incidents, and Breaches 9 Events 9 Alerts 9 Observations 10 Incidents 10 Breaches 11 What is Cyber Breach Response? 12 Identifying Drivers for Cyber Breach Response 13 Risk Management 13 Conducting Risk Management 13 Risk Assessment Process 14 Managing Residual Risk 17 Cyber Threat Intelligence 18 What is Cyber Threat Intelligence? 18 Importance of Cyber Threat Intelligence 19 Laws and Regulations 20 Compliance Considerations 20 Compliance Requirements for Cyber Breach Response 21 Changing Business Objectives 22 Incorporating Cyber Breach Response into a Cybersecurity Program 23 Strategic Planning 23 Designing a Program 24 Implementing Program Components 25 Program Operations 26 Continual Improvement 27 Strategy Development 27 Strategic Assessment 28 Gap Analysis 28 Maturity Assessment 30 Strategy Definition 32 Vision and Mission Statement 32 Goals and Objectives 33 Establishing Requirements 33 Defining a Target Operating Model 35 Developing a Business Case and Executive Alignment 35 Strategy Execution 37 Enacting an Incident Response Policy 37 Assigning an Incident Response Team 38 Creating an Incident Response Plan 38 Documenting Legal Requirements 38 Roadmap Development 39 Governance 40 Establishing Policies 40 Enterprise Security Policy 41 Issue-Specific Policies 41 Identifying Key Stakeholders 42 Executive Leadership 42 Project Steering Committee 42 Chief Information Security Officer 43 Stakeholders with Interest in Cyber Breach Response 43 Business Alignment 44 Continual Improvement 44 Necessity to Determine if the Program is Effective 45 Changing Threat Landscape 45 Changing Business Objectives 45 Summary 46 Notes 47 Chapter 2 Building a Cybersecurity Incident Response Team 51 Defining a CSIRT 51 CSIRT History 52 The Role of a CSIRT in the Enterprise 52 Defining Incident Response Competencies and Functions 55 Proactive Functions 55 Developing and Maintaining Procedures 56 Conducting Incident Response Exercises 56 Assisting with Vulnerability Identification 57 Deploying, Developing, and Tuning Tools 58 Implementing Lessons Learned 59 Reactive Functions 59 Digital Forensics and Incident Response 59 Cyber Threat Intelligence 60 Malware Analysis 60 Incident Management 61 Creating an Incident Response Team 61 Creating an Incident Response Mission Statement 62 Choosing a Team Model 62 Centralized Team Model 63 Distributed Team Model 64 Hybrid Team Model 65 An Integrated Team 66 Organizing an Incident Response Team 66 Tiered Model 66 Competency Model 68 Hiring and Training Personnel 69 Technical Skills 69 Soft Skills 71 Pros and Cons of Security Certifications 72 Conducting Effective Interviews 73 Retaining Incident Response Talent 74 Establishing Authority 75 Full Authority 75 Shared Authority 76 Indirect Authority 76 No Authority 76 Introducing an Incident Response Team to the Enterprise 77 Enacting a CSIRT 78 Defining a Coordination Model 78 Communication Flow 80 Incident Officer 80 Incident Manager 81 Assigning Roles and Responsibilities 82 Business Functions 82 Human Resources 82 Corporate Communications 83 Corporate Security 83 Finance 84 Other Business Functions 85 Legal and Compliance 85 Legal Counsel 85 Compliance Functions 86 Information Technology Functions 87 Technical Groups 87 Disaster Recovery 88 Outsourcing Partners and Vendors 89 Senior Management 89 Working with Outsourcing Partners 90 Outsourcing Considerations 91 Proven Track Record of Success 91 Offered Services and Capabilities 91 Global Support 92 Skills and Experience 92 Outsourcing Costs and Pricing Models 92 Establishing Successful Relationships with Vendors 93 Summary 94 Notes 95 Chapter 3 Technology Considerations in Cyber Breach Investigations 97 Sourcing Technology 98 Comparing Commercial vs. Open Source Tools 98 Commercial Tools 98 Open Source Software 98 Other Considerations 99 Developing In-House Software Tools 100 Procuring Hardware 101 Acquiring Forensic Data 102 Forensic Acquisition 102 Order of Volatility 103 Disk Imaging 103 System Memory Acquisition 105 Tool Considerations 106 Forensic Acquisition Use Cases 107 Live Response 108 Live Response Considerations 109 Live Response Tools 109 Live Response Use Cases 112 Incident Response Investigations in Virtualized Environments 113 Traditional Virtualization 115 Cloud Computing 115 Forensic Acquisition 115 Log Management in Cloud Computing Environments 117 Leveraging Network Data in Investigations 118 Firewall Logs and Network Flows 118 Proxy Servers and Web Gateways 120 Full-Packet Capture 120 Identifying Forensic Evidence in Enterprise Technology Services 123 Domain Name System 123 Dynamic Host Confi guration Protocol 125 Web Servers 125 Databases 126 Security Tools 127 Intrusion Detection and Prevention Systems 127 Web Application Firewalls 127 Data Loss Prevention Systems 128 Antivirus Software 128 Endpoint Detection and Response 129 Honeypots and Honeynets 129 Log Management 130 What is Logging? 130 What is Log Management? 132 Log Management Lifecycle 133 Collection and Storage 134 Agent-Based vs. Agentless Collection 134 Log Management Architectures 135 Managing Logs with a SIEM 137 What is SIEM? 138 SIEM Considerations 139 Summary 140 Notes 141 Chapter 4 Crafting an Incident Response Plan 143 Incident Response Lifecycle 143 Preparing for an Incident 144 Detecting and Analyzing Incidents 145 Detection and Triage 146 Analyzing Incidents 146 Containment, Eradication, and Recovery 147 Containing a Breach 147 Eradicating a Threat Actor 148 Recovering Business Operations 149 Post-Incident Activities 149 Understanding Incident Management 150 Identifying Process Components 151 Defining a Process 151 Process Controls 153 Process Enablers 155 Process Interfaces 155 Roles and Responsibilities 158 Service Levels 159 Incident Management Workfl ow 160 Sources of Incident Notifi cations 160 Incident Classifi cation and Documentation 162 Incident Categorization 163 Severity Assignment 163 Capturing Incident Information 167 Incident Escalations 169 Hierarchical Escalations 169 Functional Escalation 169 Creating and Managing Tasks 169 Major Incidents 170 Incident Closure 171 Crafting an Incident Response Playbook 171 Playbook Overview 171 Identifying Workfl ow Components 173 Detection 173 Analysis 174 Containment and Eradication 176 Recovery 176 Other Workflow Components 177 Post-Incident Evaluation 177 Vulnerability Management 177 Purpose and Objectives 178 Vulnerability Management Lifecycle 178 Integrating Vulnerability Management and Risk Management 180 Lessons Learned 180 Lessons-Learned Process Components 181 Conducting a Lessons-Learned Meeting 183 Continual Improvement 184 Continual Improvement Principles 184 The Deming Cycle 184 DIKW Hierarchy 185 The Seven-Step Improvement Process 187 Step 1: Define a Vision for Improvement 188 Step 2: Define Metrics 188 Step 3: Collect Data 189 Step 4: Process Data 190 Step 5: Analyze Information 191 Step 6: Assess Findings and Create Plan 191 Step 7: Implement the plan 192 Summary 192 Notes 193 Chapter 5 Investigating and Remediating Cyber Breaches 195 Investigating Incidents 196 Determine Objectives 197 Acquire and Preserve Data 198 Perform Analysis 200 Contain and Eradicate 202 Conducting Analysis 202 Digital Forensics 203 Digital Forensics Disciplines 203 Timeline Analysis 205 Other Considerations in Digital Forensics 206 Cyber Threat Intelligence 207 Cyber Threat Intelligence Lifecycle 208 Identifying Attacker Activity with Cyber Threat Intelligence 209 Categorizing Indicators 212 Malware Analysis 214 Classifying Malware 214 Static Analysis 216 Dynamic Analysis 217 Malware Analysis and Cyber Threat Intelligence 217 Threat Hunting 218 Prerequisites to Threat Hunting 218 Threat Hunting Lifecycle 219 Reporting 221 Evidence Types 223 System Artifacts 223 Persistent Artifacts 223 Volatile Artifacts 225 Network Artifacts 226 Security Alerts 227 Remediating Incidents 228 Remediation Process 229 Establishing a Remediation Team 230 Remediation Lead 231 Remediation Owner 232 Remediation Planning 233 Business Considerations 233 Technology Considerations 234 Logistics 235 Assessing Readiness 235 Consequences of Alerting the Attacker 236 Developing an Execution Plan 237 Containment and Eradication 238 Containment 238 Eradication 239 Monitoring for Attacker Activity 240 Summary 241 Notes 242 Chapter 6 Legal and Regulatory Considerations in Cyber Breach Response 243 Understanding Breaches from a Legal Perspective 244 Laws, Regulations, and Standards 244 United States 245 European Union 246 Standards 246 Materiality in Financial Disclosure 247 Cyber Attribution 248 Motive, Opportunity, Means 248 Attributing a Cyber Attack 249 Engaging Law Enforcement 251 Cyber Insurance 252 Collecting Digital Evidence 252 What is Digital Evidence? 253 Digital Evidence Lifecycle 253 Information Governance 254 Identification 254 Preservation 255 Collection 255 Processing 255 Reviewing 256 Analysis 256 Production 257 Presentation 258 Admissibility of Digital Evidence 258 Federal Rules of Evidence 258 Types of Evidence 260 Direct Evidence 260 Circumstantial Evidence 260 Admission of Digital Evidence in Court 261 Evidence Rules 261 Hearsay Rule 261 Business Records Exemption Rule 262 Best Evidence 262 Working with Legal Counsel 263 Attorney-Client Privilege 263 Attorney Work-Product 264 Non-testifying Expert Privilege 264 Litigation Hold 265 Establishing a Chain of Custody 265 What is a Chain of Custody? 266 Establishing a Defensible Protocol 266 Traditional Forensic Acquisition 267 Live Response and Logical Acquisition 268 Documenting a Defensible Protocol 269 Documentation 269 Accuracy 270 Auditability and Reproducibility 270 Collection Methods 270 Data Privacy and Cyber Breach Investigations 271 What is Data Privacy? 271 Handling Personal Data During Investigations 272 Enacting a Policy to Support Investigations 272 Cyber Breach Investigations and GDPR 273 Data Processing and Cyber Breach Investigations 274 Establishing a Lawful Basis for the Processing of Personal Data 275 Territorial Transfer of Personal Data 276 Summary 277 Notes 278 Index 281

Read more less

Book SynopsisLearn to analyze and measure risk by exploring the nature of trust and its application to cybersecurityTrust in Computer Systemsand the Clouddelivers an insightful and practical new take on what it means to trust in the context of computer and network security and the impact on the emerging field of Confidential Computing. Author MikeBursell'sexperience, ranging from Chief Security Architect at Red Hat to CEO at a Confidential Computing start-up grounds the reader in fundamental concepts of trust and related ideas before discussing the more sophisticated applications of these concepts to various areas in computing. The bookdemonstratesin the importance of understanding and quantifying risk and draws on the social and computer sciences to explain hardware and software security, complex systems, and open source communities. It takes a detailed look at the impact of Confidential Computing on security, trust and risk and also describes the emerging concept of trust domains, which provide an alternative to standard layered security. Foundational definitions of trust from sociology and other social sciences, how they evolved, and what modern concepts of trust mean to computer professionalsA comprehensive examination of the importance of systems, from open-source communities to HSMs, TPMs, and Confidential Computing with TEEs.A thorough exploration of trust domains, includingexplorationsof communities of practice, the centralization of control and policies, and monitoring Perfect for security architects at the CISSP level or higher,Trust in Computer Systemsand the Cloudis also an indispensable addition to the libraries of system architects, security system engineers, and master's students in software architecture and security.Table of ContentsIntroduction xv Chapter 1 Why Trust? 1 Analysing Our Trust Statements 4 What Is Trust? 5 What Is Agency? 8 Trust and Security 10 Trust as a Way for Humans to Manage Risk 13 Risk, Trust, and Computing 15 Defining Trust in Systems 15 Defining Correctness in System Behaviour 17 Chapter 2 Humans and Trust 19 The Role of Monitoring and Reporting in Creating Trust 21 Game Theory 24 The Prisoner’s Dilemma 24 Reputation and Generalised Trust 27 Institutional Trust 28 Theories of Institutional Trust 29 Who Is Actually Being Trusted? 31 Trust Based on Authority 33 Trusting Individuals 37 Trusting Ourselves 37 Trusting Others 41 Trust, But Verify 43 Attacks from Within 43 The Dangers of Anthropomorphism 45 Identifying the Real Trustee 47 Chapter 3 Trust Operations and Alternatives 53 Trust Actors, Operations, and Components 53 Reputation, Transitive Trust, and Distributed Trust 59 Agency and Intentionality 62 Alternatives to Trust 65 Legal Contracts 65 Enforcement 66 Verification 67 Assurance and Accountability 67 Trust of Non-Human or Non-Adult Actors 68 Expressions of Trust 69 Relating Trust and Security 75 Misplaced Trust 75 Chapter 4 Defining Trust in Computing 79 A Survey of Trust Definitions in Computer Systems 79 Other Definitions of Trust within Computing 84 Applying Socio-Philosophical Definitions of Trust to Systems 86 Mathematics and Trust 87 Mathematics and Cryptography 87 Mathematics and Formal Verification 89 Chapter 5 The Importance of Systems 93 System Design 93 The Network Stack 94 Linux Layers 96 Virtualisation and Containers: Cloud Stacks 97 Other Axes of System Design 99 “Trusted” Systems 99 Trust Within the Network Stack 101 Trust in Linux Layers 102 Trust in Cloud Stacks 103 Hardware Root of Trust 106 Cryptographic Hash Functions 110 Measured Boot and Trusted Boot 112 Certificate Authorities 114 Internet Certificate Authorities 115 Local Certificate Authorities 116 Root Certificates as Trust Pivots 119 The Temptations of “Zero Trust” 122 The Importance of Systems 125 Isolation 125 Contexts 127 Worked Example: Purchasing Whisky 128 Actors, Organisations, and Systems 129 Stepping Through the Transaction 130 Attacks and Vulnerabilities 134 Trust Relationships and Agency 136 Agency 136 Trust Relationships 137 The Importance of Being Explicit 145 Explicit Actions 145 Explicit Actors 149 Chapter 6 Blockchain and Trust 151 Bitcoin and Other Blockchains 151 Permissioned Blockchains 152 Trust without Blockchains 153 Blockchain Promoting Trust 154 Permissionless Blockchains and Cryptocurrencies 156 Chapter 7 The Importance of Time 161 Decay of Trust 161 Decay of Trust and Lifecycle 163 Software Lifecycle 168 Trust Anchors, Trust Pivots, and the Supply Chain 169 Types of Trust Anchors 170 Monitoring and Time 171 Attestation 173 The Problem of Measurement 174 The Problem of Run Time 176 Trusted Computing Base 177 Component Choice and Trust 178 Reputation Systems and Trust 181 Chapter 8 Systems and Trust 185 System Components 185 Explicit Behaviour 188 Defining Explicit Trust 189 Dangers of Automated Trust Relationships 192 Time and Systems 194 Defining System Boundaries 198 Trust and a Complex System 199 Isolation and Virtualisation 202 The Stack and Time 205 Beyond Virtual Machines 205 Hardware-Based Type 3 Isolation 207 Chapter 9 Open Source and Trust 211 Distributed Trust 211 How Open Source Relates to Trust 214 Community and Projects 215 Projects and the Personal 217 Open Source Process 219 Trusting the Project 220 Trusting the Software 222 Contents xiii xiv Contents Supply Chain and Products 226 Open Source and Security 229 Chapter 10 Trust, the Cloud, and the Edge 233 Deployment Model Differences 235 What Host Systems Offer 237 What Tenants Need 237 Mutually Adversarial Computing 240 Mitigations and Their Efficacy 243 Commercial Mitigations 243 Architectural Mitigations 244 Technical Mitigations 246 Chapter 11 Hardware, Trust, and Confidential Computing 247 Properties of Hardware and Trust 248 Isolation 248 Roots of Trust 249 Physical Compromise 253 Confidential Computing 256 TEE TCBs in detail 261 Trust Relationships and TEEs 266 How Execution Can Go Wrong—and Mitigations 269 Minimum Numbers of Trustees 276 Explicit Trust Models for TEE Deployments 278 Chapter 12 Trust Domains 281 The Composition of Trust Domains 284 Trust Domains in a Bank 284 Trust Domains in a Distributed Architecture 288 Trust Domain Primitives and Boundaries 292 Trust Domain Primitives 292 Trust Domains and Policy 293 Other Trust Domain Primitives 296 Boundaries 297 Centralisation of Control and Policies 298 Chapter 13 A World of Explicit Trust 301 Tools for Trust 301 The Role of the Architect 303 Architecting the System 304 The Architect and the Trustee 305 Coda 307 References 309 Index 321

Read more less

Book SynopsisGAME THEORY AND MACHINE LEARNING FOR CYBER SECURITY Move beyond the foundations of machine learning and game theory in cyber security to the latest research in this cutting-edge field In Game Theory and Machine Learning for Cyber Security, a team of expert security researchers delivers a collection of central research contributions from both machine learning and game theory applicable to cybersecurity. The distinguished editors have included resources that address open research questions in game theory and machine learning applied to cyber security systems and examine the strengths and limitations of current game theoretic models for cyber security. Readers will explore the vulnerabilities of traditional machine learning algorithms and how they can be mitigated in an adversarial machine learning approach. The book offers a comprehensive suite of solutions to a broad range of technical issues in applying game theory and machine learning to solve cyber security challenges. Beginning with an introduction to foundational concepts in game theory, machine learning, cyber security, and cyber deception, the editors provide readers with resources that discuss the latest in hypergames, behavioral game theory, adversarial machine learning, generative adversarial networks, and multi-agent reinforcement learning. Readers will also enjoy: A thorough introduction to game theory for cyber deception, including scalable algorithms for identifying stealthy attackers in a game theoretic framework, honeypot allocation over attack graphs, and behavioral games for cyber deceptionAn exploration of game theory for cyber security, including actionable game-theoretic adversarial intervention detection against advanced persistent threatsPractical discussions of adversarial machine learning for cyber security, including adversarial machine learning in 5G security and machine learning-driven fault injection in cyber-physical systemsIn-depth examinations of generative models for cyber security Perfect for researchers, students, and experts in the fields of computer science and engineering, Game Theory and Machine Learning for Cyber Security is also an indispensable resource for industry professionals, military personnel, researchers, faculty, and students with an interest in cyber security.Table of ContentsEditor biographies Contributors Foreword Preface Chapter 1: Introduction Christopher D. Kiekintveld, Charles A. Kamhoua, Fei Fang, Quanyan Zhu Part 1: Game Theory for Cyber Deception Chapter 2: Introduction to Game Theory Fei Fang, Shutian Liu, Anjon Basak, Quanyan Zhu, Christopher Kiekintveld, Charles A. Kamhoua Chapter 3: Scalable Algorithms for Identifying Stealthy Attackers in a Game Theoretic Framework Using Deception Anjon Basak, Charles Kamhoua, Sridhar Venkatesan, Marcus Gutierrez, Ahmed H. Anwar, Christopher Kiekintveld Chapter 4: Honeypot Allocation Game over Attack Graphs for Cyber Deception Ahmed H. Anwar, Charles Kamhoua, Nandi Leslie, Christopher Kiekintveld Chapter 5: Evaluating Adaptive Deception Strategies for Cyber Defense with Human Experimentation Palvi Aggarwal, Marcus Gutierrez, Christopher Kiekintveld, Branislav Bosansky, Cleotilde Gonzalez Chapter 6: A Theory of Hypergames on Graphs for Synthesizing Dynamic Cyber Defense with Deception Jie Fu, Abhishek N. Kulkarni Part 2: Game Theory for Cyber Security Chapter 7: Minimax Detection (MAD) for Computer Security: A Dynamic Program Characterization Muhammed O. Sayin, Dinuka Sahabandu, Muhammad Aneeq uz Zaman, Radha Poovendran, Tamer Başar Chapter 8: Sensor Manipulation Games in Cyber Security João P. Hespanha Chapter 9: Adversarial Gaussian Process Regression in Sensor Networks Yi Li, Xenofon Koutsoukos, Yevgeniy Vorobeychik Chapter 10: Moving Target Defense Games for Cyber Security: Theory and Applications Abdelrahman Eldosouky, Shamik Sengupta Chapter 11: Continuous Authentication Security Games Serkan Saritas, Ezzeldin Shereen, Henrik Sandberg, Gyorgy Dan Chapter 12: Cyber Autonomy in Software Security: Techniques and Tactics Tiffany Bao, Yan Shoshitaishvili Part 3: Adversarial Machine Learning for Cyber Security Chapter 13: A Game Theoretic Perspective on Adversarial Machine Learning and Related Cybersecurity Applications Yan Zhou, Murat Kantarcioglu, Bowei Xi Chapter 14: Adversarial Machine Learning in 5G Communications Security Yalin Sagduyu, Tugba Erpek, Yi Shi Chapter 15: Machine Learning in the Hands of a Malicious Adversary: A Near Future If Not Reality Keywhan Chung, Xiao Li, Peicheng Tang, Zeran Zhu, Zbigniew T. Kalbarczyk, Thenkurussi Kesavadas, Ravishankar K. Iyer Chapter 16: Trinity: Trust, Resilience and Interpretability of Machine Learning Models Susmit Jha, Anirban Roy, Brian Jalaian, Gunjan Verma Part 4: Generative Models for Cyber Security Chapter 17: Evading Machine Learning based Network Intrusion Detection Systems with GANs Bolor-Erdene Zolbayar, Ryan Sheatsley, Patrick McDaniel, Mike Weisman Chapter 18: Concealment Charm (ConcealGAN): Automatic Generation of Steganographic Text using Generative Models to Bypass Censorship Nurpeiis Baimukan, Quanyan Zhu Part 5: Reinforcement Learning for Cyber Security Chapter 19: Manipulating Reinforcement Learning: Stealthy Attacks on Cost Signals Yunhan Huang, Quanyan Zhu Chapter 20: Resource-Aware Intrusion Response based on Deep Reinforcement Learning for Software-Defined Internet-of-Battle-Things Seunghyun Yoon, Jin-Hee Cho, Gaurav Dixit, Ing-Ray Chen Part 6: Other Machine Learning approach to Cyber Security Chapter 21: Smart Internet Probing: Scanning Using Adaptive Machine Learning Armin Sarabi, Kun Jin, Mingyan Liu Chapter 22: Semi-automated Parameterization of a Probabilistic Model using Logistic Regression - A Tutorial Stefan Rass, Sandra König, Stefan Schauer Chapter 23: Resilient Distributed Adaptive Cyber-Defense using Blockchain George Cybenko, Roger A. Hallman Chapter 24: Summary and Future Work Quanyan Zhu, Fei Fang

Read more less

Book SynopsisSECURITY ISSUES AND PRIVACY CONCERNS IN INDUSTRY 4.0 APPLICATIONS Written and edited by a team of international experts, this is the most comprehensive and up-to-date coverage of the security and privacy issues surrounding Industry 4.0 applications, a must-have for any library. The scope of Security Issues and Privacy Concerns in Industry 4.0 Applications is to envision the need for security in Industry 4.0 applications and the research opportunities for the future. This book discusses the security issues in Industry 4.0 applications for research development. It will also enable the reader to develop solutions for the security threats and attacks that prevail in the industry. The chapters will be framed on par with advancements in the industry in the area of Industry 4.0 with its applications in additive manufacturing, cloud computing, IoT (Internet of Things), and many others. This book helps a researcher and an industrial specialist to reflect on the latest trends and the need for teTable of ContentsPreface xiii 1 Industry 4.0: Smart Water Management System Using IoT 1S. Saravanan, N. Renugadevi, C.M. Naga Sudha and Parul Tripathi 1.1 Introduction 2 1.1.1 Industry 4.0 2 1.1.2 IoT 2 1.1.3 Smart City 3 1.1.4 Smart Water Management 3 1.2 Preliminaries 4 1.2.1 Internet World to Intelligent World 4 1.2.2 Architecture of IoT System 4 1.2.3 Architecture of Smart City 6 1.3 Literature Review on SWMS 7 1.3.1 Water Quality Parameters Related to SWMS 8 1.3.2 SWMS in Agriculture 8 1.3.3 SWMS Using Smart Grids 9 1.3.4 Machine Learning Models in SWMS 10 1.3.5 IoT-Based SWMS 11 1.4 Conclusion 11 References 12 2 Fourth Industrial Revolution Application: Network Forensics Cloud Security Issues 15Abdullah Ayub Khan, Asif Ali Laghari, Shafique Awan and Awais Khan Jumani 2.1 Introduction 16 2.1.1 Network Forensics 16 2.1.2 The Fourth Industrial Revolution 17 2.1.2.1 Machine-to-Machine (M2M) Communication 18 2.1.3 Cloud Computing 18 2.1.3.1 Infrastructure-as-a-Service (IaaS) 19 2.1.3.2 Challenges of Cloud Security in Fourth Industrial Revolution 19 2.2 Generic Model Architecture 20 2.3 Model Implementation 24 2.3.1 OpenNebula (Hypervisor) Implementation Platform 24 2.3.2 NetworkMiner Analysis Tool 25 2.3.3 Performance Matrix Evaluation & Result Discussion 27 2.4 Cloud Security Impact on M2M Communication 28 2.4.1 Cloud Computing Security Application in the Fourth Industrial Revolution (4.0) 29 2.5 Conclusion 30 References 31 3 Regional Language Recognition System for Industry 4.0 35Bharathi V, N. Renugadevi, J. Padmapriya and M. Vijayprakash 3.1 Introduction 36 3.2 Automatic Speech Recognition System 39 3.2.1 Preprocessing 41 3.2.2 Feature Extraction 42 3.2.2.1 Linear Predictive Coding (LPC) 42 3.2.2.2 Linear Predictive Cepstral Coefficient (LPCC) 44 3.2.2.3 Perceptual Linear Predictive (PLP) 44 3.2.2.4 Power Spectral Analysis 44 3.2.2.5 Mel Frequency Cepstral Coefficients 45 3.2.2.6 Wavelet Transform 46 3.2.3 Implementation of Deep Learning Technique 46 3.2.3.1 Recurrent Neural Network 47 3.2.3.2 Long Short-Term Memory Network 47 3.2.3.3 Hidden Markov Models (HMM) 47 3.2.3.4 Hidden Markov Models - Long Short-Term Memory Network (HMM-LSTM) 48 3.2.3.5 Evaluation Metrics 49 3.3 Literature Survey on Existing TSRS 49 3.4 Conclusion 52 References 52 4 Approximation Algorithm and Linear Congruence: An Approach for Optimizing the Security of IoT-Based Healthcare Management System 55Anirban Bhowmik and Sunil Karforma 4.1 Introduction 56 4.1.1 IoT in Medical Devices 56 4.1.2 Importance of Security and Privacy Protection in IoT-Based Healthcare System 57 4.1.3 Cryptography and Secret Keys 58 4.1.4 RSA 58 4.1.5 Approximation Algorithm and Subset Sum Problem 58 4.1.6 Significance of Use of Subset Sum Problem in Our Scheme 59 4.1.7 Linear Congruence 60 4.1.8 Linear and Non-Linear Functions 61 4.1.9 Pell’s Equation 61 4.2 Literature Survey 62 4.3 Problem Domain 63 4.4 Solution Domain and Objectives 64 4.5 Proposed Work 65 4.5.1 Methodology 65 4.5.2 Session Key Generation 65 4.5.3 Intermediate Key Generation 67 4.5.4 Encryption Process 69 4.5.5 Generation of Authentication Code and Transmission File 70 4.5.6 Decryption Phase 71 4.6 Results and Discussion 71 4.6.1 Statistical Analysis 72 4.6.2 Randomness Analysis of Key 73 4.6.3 Key Sensitivity Analysis 75 4.6.4 Security Analysis 76 4.6.4.1 Key Space Analysis 76 4.6.4.2 Brute-Force Attack 77 4.6.4.3 Dictionary Attack 77 4.6.4.4 Impersonation Attack 78 4.6.4.5 Replay Attack 78 4.6.4.6 Tampering Attack 78 4.6.5 Comparative Analysis 79 4.6.5.1 Comparative Analysis Related to IoT Attacks 79 4.6.6 Significance of Authentication in Our Proposed Scheme 85 4.7 Conclusion 85 References 86 5 A Hybrid Method for Fake Profile Detection in Social Network Using Artificial Intelligence 89Ajesh F, Aswathy S U, Felix M Philip and Jeyakrishnan V 5.1 Introduction 90 5.2 Literature Survey 91 5.3 Methodology 94 5.3.1 Datasets 94 5.3.2 Detection of Fake Account 94 5.3.3 Suggested Framework 95 5.3.3.1 Pre-Processing 97 5.3.3.2 Principal Component Analysis (PCA) 98 5.3.3.3 Learning Algorithms 99 5.3.3.4 Feature or Attribute Selection 102 5.4 Result Analysis 103 5.4.1 Cross-Validation 103 5.4.2 Analysis of Metrics 104 5.4.3 Performance Evaluation of Proposed Model 105 5.4.4 Performance Analysis of Classifiers 105 5.5 Conclusion 109 References 109 6 Packet Drop Detection in Agricultural-Based Internet of Things Platform 113Sebastian Terence and Geethanjali Purushothaman 6.1 Introduction 113 6.2 Problem Statement and Related Work 114 6.3 Implementation of Packet Dropping Detection in IoT Platform 115 6.4 Performance Analysis 120 6.5 Conclusion 129 References 129 7 Smart Drone with Open CV to Clean the Railway Track 131Sujaritha M and Sujatha R 7.1 Introduction 132 7.2 Related Work 132 7.3 Problem Definition 134 7.4 The Proposed System 134 7.4.1 Drones with Human Intervention 134 7.4.2 Drones without Human Intervention 135 7.4.3 Working Model 137 7.5 Experimental Results 137 7.6 Conclusion 139 References 139 8 Blockchain and Big Data: Supportive Aid for Daily Life 141Awais Khan Jumani, Asif Ali Laghari and Abdullah Ayub Khan 8.1 Introduction 142 8.1.1 Steps of Blockchain Technology Works 144 8.1.2 Blockchain Private 144 8.1.3 Blockchain Security 145 8.2 Blockchain vs. Bitcoin 145 8.2.1 Blockchain Applications 146 8.2.2 Next Level of Blockchain 146 8.2.3 Blockchain Architecture’s Basic Components 149 8.2.4 Blockchain Architecture 150 8.2.5 Blockchain Characteristics 150 8.3 Blockchain Components 151 8.3.1 Cryptography 152 8.3.2 Distributed Ledger 153 8.3.3 Smart Contracts 153 8.3.4 Consensus Mechanism 154 8.3.4.1 Proof of Work (PoW) 155 8.3.4.2 Proof of Stake (PoS) 155 8.4 Categories of Blockchain 155 8.4.1 Public Blockchain 156 8.4.2 Private Blockchain 156 8.4.3 Consortium Blockchain 156 8.4.4 Hybrid Blockchain 156 8.5 Blockchain Applications 158 8.5.1 Financial Application 158 8.5.1.1 Bitcoin 158 8.5.1.2 Ripple 158 8.5.2 Non-Financial Applications 159 8.5.2.1 Ethereum 159 8.5.2.2 Hyperledger 159 8.6 Blockchain in Different Sectors 160 8.7 Blockchain Implementation Challenges 160 8.8 Revolutionized Challenges in Industries 163 8.9 Conclusion 170 References 172 9 A Novel Framework to Detect Effective Prediction Using Machine Learning 179Shenbaga Priya, Revadi, Sebastian Terence and Jude Immaculate 9.1 Introduction 180 9.2 ML-Based Prediction 180 9.3 Prediction in Agriculture 182 9.4 Prediction in Healthcare 183 9.5 Prediction in Economics 184 9.6 Prediction in Mammals 185 9.7 Prediction in Weather 186 9.8 Discussion 186 9.9 Proposed Framework 187 9.9.1 Problem Analysis 187 9.9.2 Preprocessing 188 9.9.3 Algorithm Selection 188 9.9.4 Training the Machine 188 9.9.5 Model Evaluation and Prediction 188 9.9.6 Expert Suggestion 188 9.9.7 Parameter Tuning 189 9.10 Implementation 189 9.10.1 Farmers and Sellers 189 9.10.2 Products 189 9.10.3 Price Prediction 190 9.11 Conclusion 192 References 192 10 Dog Breed Classification Using CNN 195Sandra Varghese and Remya S 10.1 Introduction 195 10.2 Related Work 196 10.3 Methodology 198 10.4 Results and Discussions 201 10.4.1 Training 201 10.4.2 Testing 201 10.5 Conclusions 203 References 203 11 Methodology for Load Balancing in Multi-Agent System Using SPE Approach 207S. Ajitha 11.1 Introduction 207 11.2 Methodology for Load Balancing 208 11.3 Results and Discussion 213 11.3.1 Proposed Algorithm in JADE Tool 213 11.3.1.1 Sensitivity Analysis 218 11.3.2 Proposed Algorithm in NetLogo 218 11.4 Algorithms Used 219 11.5 Results and Discussion 219 11.6 Summary 226 References 226 12 The Impact of Cyber Culture on New Media Consumers 229Durmuş KoÇak 12.1 Introduction 229 12.2 The Rise of the Term of Cyber Culture 231 12.2.1 Cyber Culture in the 21st Century 231 12.2.1.1 Socio-Economic Results of Cyber Culture 232 12.2.1.2 Psychological Outcomes of Cyber Culture 233 12.2.1.3 Political Outcomes of Cyber Culture 234 12.3 The Birth and Outcome of New Media Applications 234 12.3.1 New Media Environments 236 12.3.1.1 Social Sharing Networks 237 12.3.1.2 Network Logs (Blog, Weblog) 240 12.3.1.3 Computer Games 240 12.3.1.4 Digital News Sites and Mobile Media 240 12.3.1.5 Multimedia Media 241 12.3.1.6 What Affects the New Media Consumers’ Tendencies? 242 12.4 Result 244 References 245 Index 251

Read more less

Book SynopsisTable of Contents Foreword ix Preface xi Acknowledgments xv Introduction 1 Part I Foundational Business Knowledge 7 Chapter 1 Financial Principles 9 Chapter 2 Business Strategy Tools 29 Chapter 3 Business Decisions 55 Chapter 4 Value Creation 91 Chapter 5 Articulating the Business Case 129 Part II Communication and Education 167 Chapter 6 Cybersecurity: A Concern of the Business, Not Just IT 169 Chapter 7 Translating Cyber Risk into Business Risk 197 Chapter 8 Communication – You Do It Every Day (or Do You?) 239 Part III Cybersecurity Leadership 273 Chapter 9 Relationship Management 275 Chapter 10 Recruiting and Leading High Performing Teams 307 Chapter 11 Managing Human Capital 339 Chapter 12 Negotiation 367 Conclusion 383 Index 385

Read more less

Book SynopsisCORPORATE CYBERSECURITY An insider's guide showing companies how to spot and remedy vulnerabilities in their security programs A bug bounty program is offered by organizations for people to receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities. Corporate Cybersecurity gives cyber and application security engineers (who may have little or no experience with a bounty program) a hands-on guide for creating or managing an effective bug bounty program. Written by a cyber security expert, the book is filled with the information, guidelines, and tools that engineers can adopt to sharpen their skills and become knowledgeable in researching, configuring, and managing bug bounty programs. This book addresses the technical aspect of tooling and managing a bug bounty program and discusses common issues that engineers may run into on a daily basis. The author includes information on the often-overlTable of ContentsForeword xiii Acknowledgments xv Part 1 Bug Bounty Overview 1 1 The Evolution of Bug Bounty Programs 3 1.1 Making History 3 1.2 Conservative Blockers 4 1.3 Increased Threat Actor Activity 4 1.4 Security Researcher Scams 5 1.5 Applications Are a Small Consideration 5 1.6 Enormous Budgetary Requirements 5 1.7 Other Security Tooling as a Priority 6 1.8 Vulnerability Disclosure Programs vs Bug Bounty Programs 6 1.8.1 Vulnerability Disclosure Programs 6 1.8.2 Bug Bounty Programs 7 1.9 Program Managers 7 1.10 The Law 7 1.11 Redefining Security Research 8 1.12 Taking Action 8 1.12.1 Get to Know Security Researchers 9 1.12.2 Fair and Just Resolution 9 1.12.3 Managing Disclosure 9 1.12.4 Corrections 9 1.12.5 Specific Community Involvement 9 Part 2 Evaluating Programs 11 2 Assessing Current Vulnerability Management Processes 13 2.1 Who Runs a Bug Bounty Program? 13 2.2 Determining Security Posture 13 2.3 Management 14 2.3.1 Software Engineering Teams 14 2.3.2 Security Departments (Security Operations, Fraud Prevention, Governance/Risk/Compliance, Edge Controls, Vulnerability Management, Endpoint Detection, and Response) 14 2.3.3 Infrastructure Teams 14 2.3.4 Legal Department 14 2.3.5 Communications Team 14 2.4 Important Questions 15 2.5 Software Engineering 15 2.5.1 Which Processes Are in Place for Secure Coding? Do the Software Engineers Understand the Importance of Mitigating the Risks Associated with Vulnerable Code? 15 2.5.2 How Effective Are Current Communication Processes? Will Vulnerabilities Be Quickly Resolved If Brought to Their Attention? 15 2.5.3 Is the Breadth of Our Enterprise’s Web and Mobile Applications Immense? Which Processes Are Engineers Using for Development in the Software Development Lifecycle? 16 2.6 Security Departments 16 2.6.1 How Does Security Operations Manage Incidents? Will Employee Assistance Be Provided from the Security Operations Team If a Threat Actor Manages to Exploit an Application Vulnerability? Which Tools Do They Have in Place? 16 2.6.2 What Does the Fraud Prevention Team Do to Prevent Malicious Activities? How Many Occurrences Do They See of Issues such as Account Takeover, and Could They Potentially Create Application Vulnerabilities? 16 2.6.3 Are There Any Compliance Practices in Place and, If So, How Do They Affect the Vulnerability Management Process? What Does the Application Security Team Have to Do to Assist in Enterprise Compliance? 17 2.6.4 What Edge Tooling is in Place to Prevent Attacks? Are Any of the Enterprise Applications at Risk of Being Exploited due to an IoT (Internet of Things) Device? 17 2.6.5 How Often Does Our Vulnerability Management Team Push for Updates? How Does the Vulnerability Management Team Ensure Servers in which Enterprise Applications Reside Are Secure? 17 2.7 Infrastructure Teams 17 2.7.1 What Are Infrastructure Teams Doing to Ensure Best Security Practices Are Enabled? How Long Will It Take the Infrastructure Team to Resolve a Serious Issue When a Server-side Web Application is Exploited, or During a Subdomain Takeover Vulnerability? 17 2.7.2 Is There Effective Communication between Infrastructure, Vulnerability Management, Security Operations, and Endpoint Detection and Response? 18 2.8 Legal Department 18 2.8.1 How Well Refined is the Relationship between the Application Security Team and the Legal Department? 18 2.8.2 What Criteria Are/Will Be Set Out for the Escalation of Issues? 18 2.8.3 Does the Legal Department Understand the Necessity of Bug Bounty Program Management? 18 2.9 Communications Team 18 2.9.1 Has the Communications Team Dealt with Security Researchers Before? is the Importance Understood? 18 2.9.2 Was the Communications Team Informed of Bug Bounty Program Expectations? 19 2.10 Engineers 19 2.11 Program Readiness 19 3 Evaluating Program Operations 21 3.1 One Size Does Not Fit All 21 3.2 Realistic Program Scenarios 21 3.3 Ad Hoc Program 22 3.4 Note 24 3.5 Applied Knowledge 24 3.5.1 Applied Knowledge #1 24 3.5.1.1 Private Programs 25 3.5.2 Applied Knowledge #2 25 3.5.2.1 Public Programs 25 3.5.3 Applied Knowledge #3 26 3.5.3.1 Hybrid Models 26 3.6 Crowdsourced Platforms 27 3.7 Platform Pricing and Services 28 3.8 Managed Services 28 3.9 Opting Out of Managed Services 29 3.10 On-demand Penetration Tests 29 Part 3 Program Setup 31 4 Defining Program Scope and Bounties 33 4.1 What is a Bounty? 33 4.2 Understanding Scope 33 4.3 How to Create Scope 34 4.3.1 Models 34 4.4 Understanding Wildcards 34 4.4.1 Subdomain 35 4.4.2 Domain 35 4.4.3 Specific Domain Path or Specific Subdomain Path 35 4.5 Determining Asset Allocation 36 4.6 Asset Risk 37 4.7 Understanding Out of Scope 37 4.8 Vulnerability Types 38 4.8.1 Denial of Service (DOS) or Distributed Denial of Service (DDoS) Attacks 38 4.8.2 Social Engineering Attacks 38 4.8.3 Brute Force or Rate Limiting 38 4.8.4 Account and Email Enumeration 38 4.8.5 Self-XSS 39 4.8.6 Clickjacking 39 4.8.7 Miscellaneous 39 4.9 When is an Asset Really Out of Scope? 39 4.10 The House Wins – Or Does It? 40 4.11 Fair Judgment on Bounties 42 4.12 Post-mortem 43 4.13 Awareness and Reputational Damage 43 4.14 Putting It All Together 44 4.15 Bug Bounty Payments 44 4.15.1 Determining Payments 45 4.15.2 Bonus Payments 46 4.15.3 Nonmonetary Rewards 46 5 Understanding Safe Harbor and Service Level Agreements 49 5.1 What is “Safe Harbor”? 49 5.1.1 The Reality of Safe Harbor 49 5.1.2 Fear and Reluctance 49 5.1.3 Writing Safe Harbor Agreements 50 5.1.4 Example Safe Harbor Agreement 50 5.2 Retaliation against a Rogue Researcher (Cybercriminal or Threat/Bad Actor) 51 5.3 Service Level Agreements (SLAs) 52 5.3.1 Resolution Times 53 5.3.2 Triage Times 53 6 Program Configuration 55 6.1 Understanding Options 55 6.2 Bugcrowd 55 6.2.1 Creating the Program 55 6.2.2 Program Overview 61 6.2.2.1 The Program Dashboard 61 6.2.2.2 The Crowd Control Navbar 63 Summary 63 Submissions 63 Researchers 64 Rewards 65 Insights Dashboard 65 Reports 66 6.2.3 Advanced Program Configuration and Modification 66 6.2.3.1 Program Brief 66 6.2.3.2 Scope and Rewards 67 6.2.3.3 Integrations 72 6.2.3.4 Announcements 73 6.2.3.5 Manage Team 74 6.2.3.6 Submissions 75 6.2.4 Profile Settings 76 6.2.4.1 The Profile and Account 78 6.2.4.2 Security 78 6.2.4.3 Notification Settings 79 6.2.4.4 API Credentials 80 6.2.5 Enterprise “Profile” Settings 81 6.2.5.1 Management and Configuration 81 6.2.5.2 Organization Details 81 6.2.5.3 Team Members 81 6.2.5.4 Targets 81 6.2.5.5 Authentication 81 6.2.5.6 Domains 82 6.2.5.7 Accounting 83 6.3 HackerOne 84 6.3.1 Program Settings 85 6.3.1.1 General 85 6.3.1.2 Information 86 6.3.1.3 Product Edition 86 6.3.1.4 Authentication 87 6.3.1.5 Verified Domains 88 6.3.1.6 Credential Management 89 6.3.1.7 Group Management 89 6.3.1.8 User Management 90 6.3.1.9 Audit Log 91 6.3.2 Billing 92 6.3.2.1 Overview 92 6.3.2.2 Credit Card 92 6.3.2.3 Prepayment 92 6.3.3 Program 93 6.3.3.1 Policy 93 6.3.3.2 Scope 93 6.3.3.3 Submit Report Form 95 6.3.3.4 Response Targets 96 6.3.3.5 Metrics Display 97 6.3.3.6 Email Notifications 97 6.3.3.7 Inbox Views 98 6.3.3.8 Disclosure 98 6.3.3.9 Custom Fields 98 6.3.3.10 Invitations 99 6.3.3.11 Submission 100 6.3.3.12 Message Hackers 101 6.3.3.13 Email Forwarding 102 6.3.3.14 Embedded Submission Form 102 6.3.3.15 Bounties 103 6.3.3.16 Swag 103 6.3.3.17 Common Responses 104 6.3.3.18 Triggers 106 6.3.3.19 Integrations 107 6.3.3.20 API 107 6.3.3.21 Hackbot 107 6.3.3.22 Export Reports 108 6.3.3.23 Profile Settings 108 6.3.4 Inbox 108 6.3.4.1 Report Details 109 6.3.4.2 Timeline 109 6.4 Summary 110 Part 4 Vulnerability Reports and Disclosure 111 7 Triage and Bug Management 113 7.1 Understanding Triage 113 7.1.1 Validation 113 7.1.2 Lessons Learned 115 7.1.3 Vulnerability Mishaps 115 7.1.4 Managed Services 115 7.1.5 Self-service 116 7.2 Bug Management 116 7.2.1 Vulnerability Priority 116 7.2.2 Vulnerability Examples 117 7.2.2.1 Reflected XSS on a login portal 117 Report and Triage 117 Validation 117 7.2.2.2 Open redirect vulnerability 117 Report and Triage 117 Validation 118 7.2.2.3 Leaked internal Structured Query Language (SQL) server credentials 118 Report and Triage 118 Validation 118 7.3 Answers 118 7.3.1 Vulnerability Rating-test Summary 119 7.3.1.1 Reflected XSS in a login portal 118 7.3.1.2 Open redirect vulnerability 118 7.3.1.3 Leaked internal SQL server credentials 118 7.3.2 Complexity vs Rating 119 7.3.3 Projected Ratings 120 7.3.4 Ticketing and Internal SLA 120 7.3.4.1 Creating Tickets 120 8 Vulnerability Disclosure Information 123 8.1 Understanding Public Disclosure 123 8.1.1 Making the Decision 123 8.1.1.1 Private Programs 123 The Bottom Line 124 8.1.1.2 Public Programs 125 The Bottom Line 126 8.2 CVE Responsibility 126 8.2.1 What are CVEs? 126 8.2.2 Program Manager Responsibilities 126 8.2.3 Hardware CVEs 126 8.2.4 Software and Product CVEs 128 8.2.5 Third-party CVEs 128 8.3 Submission Options 130 8.3.1 In-house Submissions 130 8.3.2 Program Managed Submissions and Hands-off Submissions 130 8.3.2.1 Program Managed Submissions 130 8.3.2.2 Hands-off Submissions 131 Part 5 Internal and External Communication 133 9 Development and Application Security Collaboration 135 9.1 Key Role Differences 135 9.1.1 Application Security Engineer 135 9.1.2 Development 135 9.2 Facing a Ticking Clock 136 9.3 Meaningful Vulnerability Reporting 136 9.4 Communicating Expectations 137 9.5 Pushback, Escalations, and Exceptions 138 9.5.1 Internal steps 138 9.5.2 External steps 139 9.5.2 Escalations 139 9.5.3 Summary 140 9.6 Continuous Accountability 141 9.6.1 Tracking 141 9.6.2 Missed Deadlines 141 10 Hacker and Program Interaction Essentials 143 10.1 Understanding the Hacker 143 10.1.1 Money, Ethics, or Both? 143 10.1.2 Case Study Analysis 145 10.2 Invalidating False Positives 145 10.2.1 Intake Process and Breaking the News 145 10.2.2 Dealing with a Toxic Hacker 147 10.3 Managed Program Considerations 147 10.4 In-house Programs 148 10.5 Blackmail or Possible Threat Actor 151 10.6 Public Threats or Disclosure 151 10.7 Program Warning Messages 153 10.8 Threat Actor or Security Researcher? 153 10.9 Messaging Researchers 155 10.9.1 Security Researcher Interviews 155 10.9.2 Bug Bounty Program Manager Interviews 159 10.10 Summary 164 Part 6 Assessments and Expansions 165 11 Internal Assessments 167 11.1 Introduction to Internal Assessments 167 11.2 Proactive Vs Reactive Testing 167 11.3 Passive Assessments 168 11.3.1 Shodan 168 11.3.1.1 Using Shodan 168 11.3.2 Amass/crt.sh 171 11.3.2.1 Amass 172 11.3.2.2 crt.sh 173 11.4 Active Assessments 173 11.4.1 nmapAutomator.sh 173 11.4.2 Sn1per 175 11.4.3 Owasp Zap 175 11.4.4 Dalfox 177 11.4.5 Dirsearch 179 11.5 Passive/Active Summary 180 11.6 Additional Considerations: Professional Testing and Third-Party Risk 180 12 Expanding Scope 181 12.1 Communicating with the Team 181 12.2 Costs of Expansion 182 12.3 When to Expand Scope 182 12.4 Alternatives to Scope Expansion 183 12.5 Managing Expansion 183 13 Public Release 185 13.1 Understanding the Public Program 185 13.2 The “Right” Time 185 13.3 Recommended Release 186 13.3.1 Requirements 186 13.4 Rolling Backwards 186 13.5 Summary 187 Index 189

Read more less

Book SynopsisHarden your business against internal and external cybersecurity threats with a single accessible resource. In 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business, cybersecurity researcher and writer Kim Crawley delivers a grounded and practical roadmap to cyber resilience in any organization. Offering you the lessons she learned while working for major tech companies like Sophos, AT&T, BlackBerry Cylance, Tripwire, and Venafi, Crawley condenses the essence of business cybersecurity into eight steps. Written to be accessible to non-technical businesspeople as well as security professionals, and with insights from other security industry leaders, this important book will walk you through how to: Foster a strong security culture that extends from the custodial team to the C-suiteBuild an effective security team, regardless of the size or nature of your businessComply with regulatory requirements, including general data privacy rules and industry-specific legislationTest your cybersecurity, including third-party penetration testing and internal red team specialists Perfect for CISOs, security leaders, non-technical businesspeople, and managers at any level, 8 Steps to Better Security is also a must-have resource for companies of all sizes, and in all industries.Table of ContentsForeword xi Introduction xiii Chapter 1: Step 1: Foster a Strong Security Culture 1 Kevin Mitnick, Human Hacker Extraordinaire 3 The Importance of a Strong Security Culture 5 Hackers Are the Bad Guys, Right? 6 What is Security Culture? 7 How to Foster a Strong Security Culture 9 Security Leaders on Security Culture 12 What Makes a Good CISO? 13 The Biggest Mistakes Businesses Make When It Comes to Cybersecurity 14 The Psychological Phases of a Cybersecurity Professional 15 Chapter 2: Step 2: Build a Security Team 19 Why Step 2 is Controversial 20 How to Hire the Right Security Team. . .the Right Way 28 Security Team Tips from Security Leaders 29 The “Culture Fit”—Yuck! 30 Cybersecurity Budgets 34 Design Your Perfect Security Team 35 Chapter 3: Step 3: Regulatory Compliance 39 What Are Data Breaches, and Why Are They Bad? 40 The Scary Truth Found in Data Breach Research 45 An Introduction to Common Data Privacy Regulations 49 The General Data Protection Regulation 49 The California Consumer Privacy Act 50 The Health Insurance Portability and Accountability Act 52 The Gramm-Leach-Bliley Act 52 Payment Card Industry Data Security Standard 53 Governance, Risk Management, and Compliance 53 More About Risk Management 54 Threat Modeling 55 Chapter 4: Step 4: Frequent Security Testing 57 What is Security Testing? 58 Security Testing Types 58 Security Audits 58 Vulnerability Assessments Versus Penetration Testing 59 Red Team Testing 61 Bug Bounty Programs 61 What’s Security Maturity? 63 The Basics of Security Audits and Vulnerability Assessments 64 Log Early, Log Often 66 Prepare for Vulnerability Assessments and Security Audits 67 A Concise Guide to Penetration Testing 69 Penetration Testing Based on Network Knowledge 70 Penetration Testing Based on Network Aspects 73 Security Leaders on Security Maturity 76 Security Testing is Crucial 78 Chapter 5: Step 5: Security Framework Application 79 What is Incident Response? 80 Preparation 80 Identification or Analysis 82 Containment, Mitigation, or Eradication 83 Recovery 84 Post-incident 86 Your Computer Security Incident Response Team 86 Cybersecurity Frameworks 89 NIST Cybersecurity Framework 89 Identify 90 Protect 92 Detect 95 Respond 97 Recover 99 ISO 27000 Cybersecurity Frameworks 101 CIS Controls 102 COBIT Cybersecurity Framework 105 Security Frameworks and Cloud Security 106 Chapter 6: Step 6: Control Your Data Assets 109 The CIA Triad 110 Access Control 112 Patch Management 113 Physical Security and Your Data 115 Malware 116 Cryptography Basics 119 Bring Your Own Device and Working from Home 123 Data Loss Prevention 124 Managed Service Providers 126 The Dark Web and Your Data 128 Security Leaders on Cyber Defense 130 Control Your Data 132 Chapter 7: Step 7: Understand the Human Factor 133 Social Engineering 134 Phishing 139 What Can NFTs and ABA Teach Us About Social Engineering? 141 How to Prevent Social Engineering Attacks on Your Business 146 UI and UX Design 147 Internal Threats 148 Hacktivism 152 Chapter 8: Step 8: Build Redundancy and Resilience 155 Understanding Data and Networks 156 Building Capacity and Scalability with the Power of the Cloud 158 Back It Up, Back It Up, Back It Up 161 RAID 162 What Ransomware Taught Business About Backups 164 Business Continuity 167 Disaster Recovery 168 Chapter 9: Afterword 173 Step 1 173 The Most Notorious Cyberattacker Was Actually a Con Man 174 A Strong Security Culture Requires All Hands on Deck 174 Hackers Are the Good Guys, Actually 174 What Is Security Culture? 175 What Makes a Good CISO? 175 The Psychological Phases of a Cybersecurity Professional 176 Recommended Readings 177 Step 2 178 Tackling the Cybersecurity Skills Gap Myth 178 Take “Culture Fit” Out of Your Vocabulary 179 Your Cybersecurity Budget 180 Recommended Readings 180 Step 3 181 Data Breaches 181 Data Privacy Regulations 182 Risk Management 183 Recommended Readings 183 Step 4 184 Security Audits 184 Vulnerability Assessments 185 Penetration Testing 185 Bug Bounty Programs 185 Recommended Reading 186 Step 5 187 Incident Response 187 Cybersecurity Frameworks 187 Recommended Reading 188 Step 6 188 The CIA Triad 188 Access Control 189 Patch Management 189 Physical Security 189 Malware 189 Cryptography 190 BYOD and Working from Home 190 Data Loss Prevention 191 Managed Service Providers 191 Recommended Reading 191 Step 7 192 Social Engineering 192 UI and UX Design 193 Internal Threats 193 Recommended Readings 194 Step 8 194 Cloud Networks 195 Data Backups 195 Business Continuity and Disaster Recovery 196 Recommended Readings 196 Keeping Your Business Cyber Secure 197 Index 199

Read more less

Book SynopsisPrepare for success on the challenging CASP+ CAS-004 exam Inthe newly updated Second Edition ofCASP+ CompTIA Advanced Security Practitioner Practice Tests Exam CAS-004,accomplished cybersecurityexpertNadean Tannerdeliversan extensive collection of CASP+preparation materials, including hundreds of domain-by-domain test questions and two additional practice exams. Prepare for the new CAS-004 exam, as well asa new career in advanced cybersecurity, with Sybex's proven approach tocertification success.You'll get ready for the exam, to impressyour next interviewer, and excel at your first cybersecurity job. This book includes: Comprehensive coverage of allexam CAS-004 objectivedomains, including security architecture, operations, engineering, cryptography, and governance, risk, and complianceIn-depthpreparation for test success with 1000 practice exam questionsAccess to the Sybex interactive learning environment and online test bank Perfect for anyone studying for the CASP+ Exam CAS-004,CASP+ CompTIA Advanced Security Practitioner Practice Tests Exam CAS-004is also an ideal resource for anyone with IT security experience who seeks to brush up on their skillset or seek a valuable new CASP+ certification.Table of ContentsIntroduction xix Chapter 1 Security Architecture 1 Chapter 2 Security Operations 61 Chapter 3 Security Engineering and Cryptography 123 Chapter 4 Governance, Risk, and Compliance 175 Chapter 5 Practice Test 1 207 Chapter 6 Practice Test 2 227 Appendix Answers to Review Questions 247 Chapter 1: Security Architecture 248 Chapter 2: Security Operations 278 Chapter 3: Security Engineering and Cryptography 308 Chapter 4: Governance, Risk, and Compliance 333 Chapter 5: Practice Test 1 346 Chapter 6: Practice Test 2 353 Index 363

Read more less

Book SynopsisTable of ContentsAbout the Author xvii Acknowledgment and Disclaimers xix Foreword to the Third Edition (2022) xxi Foreword to the Second Edition (2019) xxiii Introduction to First Edition xxvii About the Companion Website xxxv 1 Data Security Laws and Enforcement Actions 1 1.1 FTC Data Security 2 1.1.1 Overview of Section 5 of the FTC Act 2 1.1.2 Wyndham: Does the FTC Have Authority to Regulate Data Security Under Section 5 of the FTC Act? 6 1.1.3 LabMD: What Constitutes “Unfair” Data Security? 10 1.1.4 FTC June 2015 Guidance on Data Security, and 2017 Updates 13 1.1.5 FTC Data Security Expectations and the NIST Cybersecurity Framework 18 1.1.6 Lessons from FTC Cybersecurity Complaints 18 1.1.6.1 Failure to Secure Highly Sensitive Information 19 1.1.6.1.1 Use Industry-standard Encryption for Sensitive Data 20 1.1.6.1.2 Routine Audits and Penetration Testing Are Expected 20 1.1.6.1.3 Health-related Data Requires Especially Strong Safeguards 21 1.1.6.1.4 Data Security Protection Extends to Paper Documents 23 1.1.6.1.5 Business-to-business Providers Also Are Accountable to the FTC for Security of Sensitive Data 25 1.1.6.1.6 Companies Are Responsible for the Data Security Practices of Their Contractors 27 1.1.6.1.7 Make Sure that Every Employee Receives Regular Data Security Training for Processing sensitive Data 28 1.1.6.1.8 Privacy Matters, Even in Data Security 28 1.1.6.1.9 Limit the Sensitive Information Provided to Third Parties 29 1.1.6.1.10 Children’s Data Requires Special Protection 29 1.1.6.2 Failure to Secure Payment Card Information 30 1.1.6.2.1 Adhere to Security Claims about Payment Card Data 30 1.1.6.2.2 Always Encrypt Payment Card Data 31 1.1.6.2.3 Payment Card Data Should Be Encrypted Both in Storage and at Rest 31 1.1.6.2.4 In-store Purchases Pose Significant Cybersecurity Risks 32 1.1.6.2.5 Minimize Duration of Storage of Payment Card Data 34 1.1.6.2.6 Monitor Systems and Networks for Unauthorized Software 35 1.1.6.2.7 Apps Should Never Override Default App Store Security Settings 35 1.1.6.3 Failure to Adhere to Security Claims 36 1.1.6.3.1 Companies Must Address Commonly Known Security Vulnerabilities 36 1.1.6.3.2 Ensure That Security Controls Are Sufficient to Abide by Promises About Security and Privacy 37 1.1.6.3.3 Omissions about Key Security Flaws Also Can Be Misleading 40 1.1.6.3.4 Companies Must Abide by Promises for Security-related Consent Choices 40 1.1.6.3.5 Companies That Promise Security Must Ensure Adequate Authentication Procedures 41 1.1.6.3.6 Adhere to Promises About Encryption 42 1.1.6.3.7 Promises About Security Extend to Vendors’ Practices 43 1.1.6.3.8 Companies Cannot Hide Vulnerable Software in Products 43 1.1.7 FTC Internet of Things Security Guidance 43 1.2 State Data Breach Notification Laws 46 1.2.1 When Consumer Notifications Are Required 47 1.2.1.1 Definition of Personal Information 48 1.2.1.2 Encrypted Data 49 1.2.1.3 Risk of Harm 49 1.2.1.4 Safe Harbors and Exceptions to Notice Requirement 49 1.2.2 Notice to Individuals 50 1.2.2.1 Timing of Notice 50 1.2.2.2 Form of Notice 50 1.2.2.3 Content of Notice 51 1.2.3 Notice to Regulators and Consumer Reporting Agencies 51 1.2.4 Penalties for Violating State Breach Notification Laws 52 1.3 State Data Security Laws 52 1.3.1 Oregon 54 1.3.2 Rhode Island 55 1.3.3 Nevada 56 1.3.4 Massachusetts 57 1.3.5 Ohio 59 1.3.6 Alabama 60 1.3.7 New York 61 1.4 State Data Disposal Laws 61 2 Cybersecurity Litigation 63 2.1 Article III Standing 64 2.1.1 Applicable Supreme Court Rulings on Standing 66 2.1.2 Lower Court Rulings on Standing in Data Breach Cases 71 2.1.2.1 Injury-in-fact 71 2.1.2.1.1 Broad View of Injury-in-fact 71 2.1.2.1.2 Narrow View of Injury-in-fact 76 2.1.2.1.3 Attempts at Finding a Middle Ground for Injury-in-fact 81 2.1.2.2 Fairly Traceable 82 2.1.2.3 Redressability 83 2.2 Common Causes of Action Arising from Data Breaches 84 2.2.1 Negligence 84 2.2.1.1 Legal Duty and Breach of Duty 85 2.2.1.2 Cognizable Injury 87 2.2.1.3 Causation 90 2.2.2 Negligent Misrepresentation or Omission 92 2.2.3 Breach of Contract 95 2.2.4 Breach of Implied Warranty 101 2.2.5 Invasion of Privacy 105 2.2.6 Unjust Enrichment 107 2.2.7 State Consumer Protection Laws 109 2.3 Class Action Certification in Data Breach Litigation 112 2.4 Insurance Coverage for Data Breaches 120 2.5 Protecting Cybersecurity Work Product and Communications from Discovery 124 2.5.1 Attorney–client Privilege 126 2.5.2 Work Product Doctrine 129 2.5.3 Nontestifying Expert Privilege 131 2.5.4 Genesco v. Visa 132 2.5.5 In re Experian Data Breach Litigation 135 2.5.6 In re Premera 136 2.5.7 In re United Shore Financial Services 138 2.5.8 In re Dominion Dental Services USA, Inc. Data Breach Litigation 138 2.5.9 In re Capital One Consumer Data Security Breach Litigation 140 3 Cybersecurity Requirements for Specific Industries 141 3.1 Financial Institutions: GLBA Safeguards Rule 142 3.1.1 Interagency Guidelines 142 3.1.2 SEC’s Regulation S-P 144 3.1.3 FTC Safeguards Rule 146 3.2 New York Department of Financial Services Cybersecurity Regulations 149 3.3 Financial Institutions and Creditors: Red Flags Rule 151 3.3.1 Financial Institutions or Creditors 155 3.3.2 Covered Accounts 156 3.3.3 Requirements for a Red Flags Identity Theft Prevention Program 157 3.4 Companies that Use Payment and Debit Cards: PCI DSS 157 3.5 IoT Cybersecurity Laws 160 3.6 Health Providers: HIPAA Security Rule 161 3.7 Electric Transmission: FERC Critical Infrastructure Protection Reliability Standards 167 3.7.1 CIP-003-6: Cybersecurity—Security Management Controls 167 3.7.2 CIP-004-6: Personnel and Training 168 3.7.3 CIP-006-6: Physical Security of Cyber Systems 168 3.7.4 CIP-007-6: Systems Security Management 168 3.7.5 CIP-009-6: Recovery Plans for Cyber Systems 169 3.7.6 CIP-010-2: Configuration Change Management and Vulnerability Assessments 169 3.7.7 CIP-011-2: Information Protection 170 3.8 NRC Cybersecurity Regulations 170 3.9 State Insurance Cybersecurity Laws 171 4 Cybersecurity and Corporate Governance 175 4.1 SEC Cybersecurity Expectations for Publicly Traded Companies 176 4.1.1 10-K Disclosures: Risk Factors 178 4.1.2 10-K Disclosures: Management’s Discussion and Analysis of Financial Condition and Results of Operations (MD&A) 179 4.1.3 10-K Disclosures: Description of Business 180 4.1.4 10-K Disclosures: Legal Proceedings 180 4.1.5 10-K Disclosures: Financial Statements 181 4.1.6 10K Disclosures: Board Oversight of Cybersecurity 181 4.1.7 Disclosing Data Breaches to Investors 182 4.1.8 Yahoo! Data Breach 185 4.1.9 Cybersecurity and Insider Trading 185 4.2 Fiduciary Duty to Shareholders and Derivative Lawsuits Arising from Data Breaches 186 4.3 CFIUS and Cybersecurity 189 4.4 Law Firms and Cybersecurity 191 5 Antihacking Laws 193 5.1 Computer Fraud and Abuse Act 194 5.1.1 Origins of the CFAA 194 5.1.2 Access Without Authorization and Exceeding Authorized Access 195 5.1.2.1 Narrow View of “Exceeds Authorized Access” and “Without Authorization” 198 5.1.2.2 Broader View of “Exceeds Authorized Access” and “Without Authorization” 203 5.1.2.3 Finding Some Clarity: Van Buren v. United States 205 5.1.3 The Seven Sections of the CFAA 208 5.1.3.1 CFAA Section (a) (1): Hacking to Commit Espionage 209 5.1.3.2 CFAA Section (a) (2): Hacking to Obtain Information 210 5.1.3.3 CFAA Section (a) (3): Hacking a Federal Government Computer 214 5.1.3.4 CFAA Section (a) (4): Hacking to Commit Fraud 216 5.1.3.5 CFAA Section (a) (5): Hacking to Damage a Computer 218 5.1.3.5.1 CFAA Section (a) (5) (A): Knowing Transmission that Intentionally Damages a Computer Without Authorization 219 5.1.3.5.2 CFAA Section (a) (5) (B): Intentional Access Without Authorization that Recklessly Causes Damage 222 5.1.3.5.3 CFAA Section (a) (5) (C): Intentional Access Without Authorization that Causes Damage and Loss 223 5.1.3.5.4 CFAA Section (a) (5): Requirements for Felony and Misdemeanor Cases 224 5.1.3.6 CFAA Section (a) (6): Trafficking in Passwords 226 5.1.3.7 CFAA Section (a) (7): Threatening to Damage or Obtain Information from a Computer 228 5.1.4 Civil Actions Under the CFAA 231 5.1.5 Criticisms of the CFAA 235 5.1.6 CFAA and Coordinated Vulnerability Disclosure Programs 237 5.2 State Computer Hacking Laws 240 5.3 Section 1201 of the Digital Millennium Copyright Act 243 5.3.1 Origins of Section 1201 of the DMCA 244 5.3.2 Three Key Provisions of Section 1201 of the DMCA 245 5.3.2.1 DMCA Section 1201(a) (1) 245 5.3.2.2 DMCA Section 1201(a) (2) 250 5.3.2.2.1 Narrow Interpretation of Section (a) (2): Chamberlain Group v. Skylink Technologies 251 5.3.2.2.2 Broad Interpretation of Section (a) (2): MDY Industries, LLC v. Blizzard Entertainment 254 5.3.2.3 DMCA Section 1201(b) (1) 258 5.3.3 Section 1201 Penalties 261 5.3.4 Section 1201 Exemptions 262 5.3.5 The First Amendment and DMCA Section 1201 269 5.4 Economic Espionage Act 274 5.4.1 Origins of the EEA 274 5.4.2 Criminal Prohibitions on Economic Espionage and Theft of Trade Secrets 275 5.4.2.1 Definition of “Trade Secret” 276 5.4.2.2 “Knowing” Violations of the EEA 279 5.4.2.3 Purpose and Intent Required under Section 1831: Economic Espionage 279 5.4.2.4 Purpose and Intent Required under Section 1832: Theft of Trade Secrets 281 5.4.3 Civil Actions for Trade Secret Misappropriation: The Defend Trade Secrets Act of 2016 284 5.4.3.1 Definition of “Misappropriation” 285 5.4.3.2 Civil Seizures 288 5.4.3.3 Injunctions 289 5.4.3.4 Damages 289 5.4.3.5 Statute of Limitations 290 5.5 Budapest Convention on Cybercrime 291 6 U.S. Government Cyber Structure and Public–Private Cybersecurity Partnerships 293 6.1 U.S. Government’s Civilian Cybersecurity Organization 293 6.2 Department of Homeland Security Information Sharing under the Cybersecurity Act of 2015 297 6.3 Critical Infrastructure Executive Order and the NIST Cybersecurity Framework 301 6.4 U.S. Military Involvement in Cybersecurity and the Posse Comitatus Act 309 6.5 Vulnerabilities Equities Process 311 6.6 Executive Order 14028 314 7 Surveillance and Cyber 317 7.1 Fourth Amendment 318 7.1.1 Was the Search or Seizure Conducted by a Government Entity or Government Agent? 319 7.1.2 Did the Search or Seizure Involve an Individual’s Reasonable Expectation of Privacy? 324 7.1.3 Did the Government Have a Warrant? 332 7.1.4 If the Government Did Not Have a Warrant, Did an Exception to the Warrant Requirement Apply? 335 7.1.5 Was the Search or Seizure Reasonable Under the Totality of the Circumstances? 337 7.2 Electronic Communications Privacy Act 338 7.2.1 Stored Communications Act 340 7.2.1.1 Section 2701: Third-party Hacking of Stored Communications 344 7.2.1.2 Section 2702: Restrictions on Service Providers’ Ability to Disclose Stored Communications and Records to the Government and Private Parties 345 7.2.1.3 Section 2703: Government’s Ability to Require Service Providers to Turn Over Stored Communications and Customer Records 349 7.2.2 Wiretap Act 354 7.2.3 Pen Register Act 358 7.2.4 National Security Letters 359 7.3 Communications Assistance for Law Enforcement Act (CALEA) 361 7.4 Encryption and the All Writs Act 362 7.5 Encrypted Devices and the Fifth Amendment 364 8 Cybersecurity and Federal Government Contractors 369 8.1 Federal Information Security Management Act 370 8.2 NIST Information Security Controls for Government Agencies and Contractors 372 8.3 Classified Information Cybersecurity 376 8.4 Covered Defense Information, CUI, and the Cybersecurity Maturity Model Certification 377 9 Privacy Laws 385 9.1 Section 5 of the FTC Act and Privacy 386 9.2 Health Insurance Portability and Accountability Act 388 9.3 Gramm–Leach–Bliley Act and California Financial Information Privacy Act 390 9.4 CAN-SPAM Act 391 9.5 Video Privacy Protection Act 392 9.6 Children’s Online Privacy Protection Act 394 9.7 California Online Privacy Laws 396 9.7.1 California Online Privacy Protection Act (CalOPPA) 396 9.7.2 California Shine the Light Law 398 9.7.3 California Minor “Online Eraser” Law 400 9.8 California Consumer Privacy Act 401 9.9 Illinois Biometric Information Privacy Act 404 9.10 NIST Privacy Framework 406 10 International Cybersecurity Law 409 10.1 European Union 410 10.2 Canada 420 10.3 China 425 10.4 Mexico 430 10.5 Japan 434 11 Cyber and the Law of War 439 11.1 Was the Cyberattack a “Use of Force” that Violates International Law? 441 11.2 If the Attack Was a Use of Force, Was that Force Attributable to a State? 444 11.3 Did the Use of Force Constitute an “Armed Attack” that Entitles the Target to Self-defense? 445 11.4 If the Use of Force Was an Armed Attack, What Types of Selfdefense Are Justified? 448 11.5 If the Nation Experiences Hostile Cyber Actions that Fall Short of Use of Force or Armed Attacks, What Options Are Available? 449 12 Ransomware 453 12.1 Defining Ransomware 454 12.2 Ransomware-related Litigation 455 12.3 Insurance Coverage for Ransomware 462 12.4 Ransomware Payments and Sanctions 466 12.5 Ransomware Prevention and Response Guidelines from Government Agencies 467 12.5.1 Department of Homeland Security 467 12.5.2 Federal Trade Commission 469 12.5.3 Federal Interagency Guidance for Information Security Executives 470 12.5.4 New York Department of Financial Services Guidance 472 Appendix A: Text of Section 5 of the FTC Act 473 Appendix B: Summary of State Data Breach Notification Laws 483 Appendix C: Text of Section 1201 of the Digital Millennium Copyright Act 545 Appendix D: Text of the Computer Fraud and Abuse Act 557 Appendix E: Text of the Electronic Communications Privacy Act 565 Appendix F: Key Cybersecurity Court Opinions 629 Appendix G: Hacking Cybersecurity Law 781 Index 825

Read more less

Book SynopsisMaster CEH v11 and identify your weak spots CEH: Certified Ethical Hacker Version11Practice Testsare the ideal preparation for this high-stakes exam. Five complete, unique practice tests are designed to help you identify weak spots in your understanding, so you can direct your preparation efforts efficiently and gain the confidenceand skillsyou need to pass. These tests cover allsectionsections of the examblueprint, allowing you to test your knowledge ofBackground,Analysis/Assessment, Security, Tools/Systems/Programs, Procedures/Methodology, Regulation/Policy, and Ethics. Coverage aligns with CEH version11, including materialto test your knowledge ofreconnaissance and scanning,cloud, tablet, and mobileand wirelesssecurity and attacks, the latest vulnerabilities, and the new emphasis on Internet of Things (IoT). The exams are designed to familiarize CEH candidates with the test format, allowing them to become more comfortableapply their knowledge and skills in a high-pressure test setting. The ideal companion for the SybexCEH v11 Study Guide, this book is an invaluable tool for anyone aspiring to thishighly-regardedcertification. Offered by the International Council of Electronic Commerce Consultants, the Certified Ethical Hacker certification is unique in the penetration testingsphere, andrequires preparation specific to the CEH exam more than general IT security knowledge. This book of practice tests help you steer your study where it needs to go by giving you a glimpse of exam day while there's still time to prepare. Practice allsevensections of the CEH v11 examTest your knowledge of security, tools, procedures, and regulationsGauge your understanding ofvulnerabilities and threatsMaster the material well in advance of exam day By getting inside the mind ofan attacker, you gain a one-of-a-kind perspective that dramatically boosts your marketability and advancement potential. If you're ready to attempt this unique certification, the CEH: Certified Ethical Hacker Version 11 Practice Tests are the major preparation tool you should not be without.Table of ContentsIntroduction vi Chapter 1 Practice Test 1 1 Chapter 2 Practice Test 2 27 Chapter 3 Practice Test 3 55 Chapter 4 Practice Test 4 81 Chapter 5 Practice Test 5 107 Appendix Answers to Practice Tests 133 Chapter 1: Practice Test 1 134 Chapter 2: Practice Test 2 145 Chapter 3: Practice Test 3 157 Chapter 4: Practice Test 4 169 Chapter 5: Practice Test 5 180 Index 191

Read more less

Book SynopsisTable of ContentsForeword: Navigating the Cybersecurity Career Path xv Introduction xvii Part I Arriving in Security 1 Chapter 1 How Do You Become a Security Professional? 3 Create Your Story 8 So, You Want to Work in Security 13 What’s Next? 16 Chapter 2 Why Security? 19 What Kind of People Do Security? 21 What Is Your Why? 24 What’s Next? 28 Chapter 3 Where Can I Begin? 29 What Does It Mean to Be a Security Professional? 32 How Can You Make Sense of It All? 35 What’s Next? 39 Chapter 4 What Training Should I Take? 41 For the Traditional Student 43 For the Nontraditional Student 44 For the Full-Time Nonsecurity Worker 45 Other Things to Consider 46 What’s Next? 51 Chapter 5 What Skills Should I Have? 53 The Entry Point —Technology 55 Professional Skills 59 What’s Next? 66 Chapter 6 Is My Résumé Okay? 67 Linking the Résumé to the Job Posting 70 Elements of a Résumé 71 Digital Presence 77 References 78 Cover Letters 79 What’s Next? 80 Chapter 7 Trying with Little Success? 81 Physical Location 85 Your Company 85 Get Specific 86 Know Your Market 88 Assess Your Efforts So Far 89 But I’m Doing All Those Things! 91 What’s Next? 92 Part II Thriving in Security 93 Chapter 8 How Do I Keep Up? 97 Fitting It Into Your Schedule 99 Ad Hoc and Planned Learning 102 Take a Mini-Sabbatical 103 Where Do I Find the Information? 103 What’s Next? 105 Chapter 9 How Can I Manage Security Stress? 107 The Stress of Working in Security 109 Managing Security Stress 113 What’s Next? 118 Chapter 10 How Can I Succeed as a Minority? 119 Making Security Work for You 124 What’s Next? 128 Chapter 11 How Can I Progress? 129 The Security Journey 131 The Opportunist 132 The Intentional Career Seeker 136 How to Get Promoted 139 What’s Next? 141 Chapter 12 Should I Manage People? 143 Leadership and Management 145 Preparing for Your Next Role 150 What’s Next? 152 Chapter 13 How Can I Deal with Impostor Syndrome? 153 Fact-Check Your Inner Monologue 157 Know Competence and Incompetence 158 Know When to Ask for Help 159 Keep Learning and Know When Enough Is Enough 160 Keep Track of Your Successes 161 What’s Next? 162 Chapter 14 How Can I Know If It’s Time to Move On? 163 Are You Happy Where You Are? 165 Have You Done All You Wanted to Do? 166 Have You Learned All You Wanted? 167 What Are Your Long-Term Goals? 168 Are You Being Pigeonholed? 169 Do You Fit Into the Culture? 170 Job Hopping 171 Are the Other Options Better than Your Current Job? 172 What’s Next? 173 Part III Leading Security 175 Chapter 15 Where Do I Start? 179 What’s on Fire? 180 What Is Your Timeline to Act? 181 Who Are Your Partners? 182 Find the Strengths and Note the Weaknesses 183 Draw the Business Risk Picture 184 Do You Have a Mandate? 185 What’s Next? 186 Chapter 16 How Do I Manage Security Strategically? 187 Consider Your Industry 190 Know Your Business Priorities 191 Be Pragmatic 193 Address Stakeholder Pain Points 194 Threats and Vulnerabilities 195 Rinse and Repeat 197 Putting It Together 198 What’s Next? 200 Chapter 17 How Do I Build a Team? 201 It Is About the How 203 Things to Consider 207 Identify Important Things 209 Identify Areas of Weakness 211 Discontinuing a Function 212 Building New Functions 213 What’s Next? 215 Chapter 18 How Do I Write a Job Posting? 217 The Challenge of Job Postings 220 What’s Next? 225 Chapter 19 How Do I Encourage Diversity? 227 Start with Numbers 229 Understand Your Cultural Issues 230 Attracting Diverse Talent 232 Writing the Job Description and Posting 234 The Interviewing Process 235 Retaining Diverse Talent 236 Promotions and Career Development 237 Leaving the Team 239 What’s Next? 239 Chapter 20 How Do I Manage Up? 241 Who Are Senior Stakeholders? 242 Help Them Understand Security 246 When Things Go Wrong 250 What’s Next? 251 Chapter 21 How Do I Fund My Program? 253 Funding a Team 255 Funding a Program 256 The Big Ask 260 What’s Next? 261 Chapter 22 How Do I Talk About My Security Program? 263 What Story Should I Tell? 264 Telling Stories 271 What’s Next? 273 Chapter 23 What Is My Legacy? 275 Making an Impact on the Industry 277 Making an Impact on Your Company 281 What’s Next? 283 Epilogue 285 Appendix: Resources 287 About the Author 291 Acknowledgments 293 Index 295

Read more less

Book SynopsisSECURITY TECHNOLOGIES AND SOCIAL IMPLICATIONS Explains how the latest technologies can advance policing and security, identify threats, and defend citizens from crime and terrorism Security Technologies and Social Implications focuses on the development and application of new technologies that police and homeland security officers can leverage as a tool for both predictive and intelligence-led investigations. The book recommends the best practices for incorporation of these technologies into day-to-day activities by law enforcement agencies and counter-terrorism units. Practically, it addresses legal, technological, and organizational challenges (e.g. resource limitation and privacy concerns) combined with challenges related to the adoption of innovative technologies. In contrast to classic tools, modern policing and security requires the development and implementation of new technologies using AI, machine learning, social media tracking, drones, robots, GIS, computer vision, and moTable of ContentsThe circle of change: technology impact on LEAs Data Protection Impact Assessments in Law Enforcement: Identifying and Mitigating Risks in Algorithmic Policing Methods of Stakeholder Engagement for the Co-Design of Security Technologies Performance Assessment of Soft biometrics technologies for border crossing Counter-Unmanned Aerial Vehicle Systems: Technical, Training and Regulatory Challenges Critical Infrastructure security using Computer Vision Technologies Evaluation of Content Fusion Algorithms for Large and Heterogeneous Datasets Stakeholder Engagement Model to facilitate the uptake by end-users of Crisis Communication Systems CRIME MAPPING IN CRIME ANALYSIS – THE DEVELOPMENTS IN THE PAST TWO DECADES The Threat of Behavioural Radicalization Online: Conceptual Challenges and Technical Solutions Provided by the PROPHETS (Preventing Radicalization Online through the Proliferation of Harmonized ToolkitS) Project Blockchain technologies for chain of custody authentication Chances and challenges of predictive policing for law enforcement agencies Conclusions

Read more less

Book SynopsisCYBER THREAT INTELLIGENCE Martin takes a thorough and focused approach to the processes that rule threat intelligence, but he doesn't just cover gathering, processing and distributing intelligence. He explains why you should care who is trying to hack you, and what you can do about it when you know.Simon Edwards, Security Testing Expert, CEO SE Labs Ltd., Chair AMTSO Effective introduction to cyber threat intelligence, supplemented with detailed case studies and after action reports of intelligence on real attacks Cyber Threat Intelligence introduces the history, terminology, and techniques to be applied within cyber security, offering an overview of the current state of cyberattacks and stimulating readers to consider their own issues from a threat intelligence point of view. The author takes a systematic, system-agnostic, and holistic view to generating, collecting, and applying threat intelligence. The text covers the threat environment, malicious attacks, collecting, generating, and applying intelligence and attribution, as well as legal and ethical considerations. It ensures readers know what to look out for when considering a potential cyber attack and imparts how to prevent attacks early on, explaining how threat actors can exploit a system's vulnerabilities. It also includes analysis of large scale attacks such as WannaCry, NotPetya, Solar Winds, VPNFilter, and the Target breach, looking at the real intelligence that was available before and after the attack. Topics covered in Cyber Threat Intelligence include: The constant change of the threat environment as capabilities, intent, opportunities, and defenses change and evolveDifferent business models of threat actors, and how these dictate the choice of victims and the nature of their attacksPlanning and executing a threat intelligence programme to improve an organistation's cyber security postureTechniques for attributing attacks and holding perpetrators to account for their actions Cyber Threat Intelligence describes the intelligence techniques and models used in cyber threat intelligence. It provides a survey of ideas, views and concepts, rather than offering a hands-on practical guide. It is intended for anyone who wishes to learn more about the domain, particularly if they wish to develop a career in intelligence, and as a reference for those already working in the area.Trade Review"Martin takes a thorough and focussed approach to the processes that rule threat intelligence, but he doesn't just cover gathering, processing and distributing intelligence. He explains why you should care who is trying to hack you, and what you can do about it when you know."—Simon Edwards, Security Testing Expert, CEO SE Labs Ltd., Chair AMTSO "I really enjoyed this engaging book, which beautifully answered one of the first questions I had coming into the profession of cyber security: 'What is Cyber Threat Intelligence?' It progressively walked me through the world of cyber threat intelligence, peppered with rich content collected through years' of experience and knowledge. It is satisfyingly detailed to make it an interesting read for those already in cyber security wanting to learn more, but also caters to those who are just curious about the prevalent cyber threat and where it may be headed. One of the takeaways from this book for me is how finding threats is not the most important thing but how the effective communication of it is equally important so that it triggers appropriate actions at appropriate timing. Moreover, as a penetration tester, we are used to looking at the little details so it was refreshing and eye-opening to learn about the macro view on cyber threat landscape."—Ryoko Amano, Penetration Tester "Cyber threats are a constant danger for companies in the private sector, which makes cyber threat intelligence an increasingly crucial tool for identifying security risks, developing proactive strategies, and responding swiftly to attacks. Martin Lee's new book is a comprehensive guide that takes the mystery out of using threat intelligence to strengthen a company's cyber defence. With a clear and concise explanation of the basics of threat intelligence, Martin provides a full picture of what's available and how to use it. Moreover, his book is packed with useful references and resources that will be invaluable for threat intelligence teams. Whether you're just starting in cybersecurity or a seasoned professional, this book is a must-have reference guide that will enhance your detection and mitigation of cyber threats."—Gavin Reid, CISO VP Threat Intelligence at Human Security "Martin Lee blends cyber threats, intel collection, attribution, and respective case studies in a compelling narrative. Lee does an excellent job of explaining complex concepts in a manner that is accessible to anyone wanting to develop a career in intelligence. What sets this book apart is the author's ability to collect related fundamentals and applications described in a pragmatic manner. Understandably, the book's challenge is non-disclosure of sensitive operational information. This is an excellent reference that I would highly recommend to cyber security professionals and academics wanting to deepen their domain expertise and broaden current knowledge. Threats indeed evolve and we must too."—Dr Roland Padilla, FACS CP (Cyber Security), Senior Cyber Security Advisor - Defence Program (CISCO Systems), Army Officer (AUS DoD) "Cyber Threat Intelligence by Martin Lee is an interesting and valuable contribution to the literature supporting the development of cyber security professional practice. This well researched and thoroughly referenced book provides both practitioners and those studying cyber threats with a sound basis for understanding the threat environment and the intelligence cycle required to understand and interpret existing and emerging threats. It is supported by relevant case studies of cyber security incidents enabling readers to contextualise the relationship between threat intelligence and incident response."—Hugh Boyes, University of Warwick "Cyber Threat Intelligence is a valuable resource for anyone within the cyber security industry. It breaks down the concepts behind building an effective cyber threat intelligence practice by not only explaining the practical elements to gathering and sharing intelligence data, but the fundamentals behind why it’s important and how to assess the usefulness of it. By also providing a detailed history of intelligence sharing across the ages with a rich set of examples, Martin is able to show the value of developing this side of cyber security that is often neglected. This book is equally accessible to those beginning their careers in cyber security as well as to those who have been in the industry for some time and wish to have a comprehensive reference."—Stephan Freeman, Director, Axcelot Ltd "This book is a wonderful read; what most impressed me was Martin's ability to provide a succinct history of threat intelligence in a coherent, easy to read manner. Citing numerous examples throughout the book, Martin allows the reader to understand what threat intelligence encompasses and provides guidance on industry best practices and insight into emerging threats which every organisation should be aware of. An incumbent read for any cybersecurity professional!"—Yusuf Khan, Technical Solutions Specialist - Cybersecurity, CiscoTable of ContentsPreface xi About the Author xiii Abbreviations xv Endorsements for Martin Lee’s Book xix 1 Introduction 1 1.1 Definitions 1 1.1.1 Intelligence 2 1.1.2 Cyber Threat 3 1.1.3 Cyber Threat Intelligence 4 1.2 History of Threat Intelligence 5 1.2.1 Antiquity 5 1.2.2 Ancient Rome 7 1.2.3 Medieval and Renaissance Age 8 1.2.4 Industrial Age 10 1.2.5 World War I 11 1.2.6 World War II 13 1.2.7 Post War Intelligence 14 1.2.8 Cyber Threat Intelligence 15 1.2.9 Emergence of Private Sector Intelligence Sharing 19 1.3 Utility of Threat Intelligence 21 1.3.1 Developing Cyber Threat Intelligence 23 Summary 24 References 24 2 Threat Environment 31 2.1 Threat 31 2.1.1 Threat Classification 33 2.2 Risk and Vulnerability 35 2.2.1 Human Vulnerabilities 38 2.2.1.1 Example – Business Email Compromise 39 2.2.2 Configuration Vulnerabilities 39 2.2.2.1 Example – Misconfiguration of Cloud Storage 40 2.2.3 Software Vulnerabilities 41 2.2.3.1 Example – Log4j Vulnerabilities 43 2.3 Threat Actors 43 2.3.1 Example – Operation Payback 46 2.3.2 Example – Stuxnet 47 2.3.3 Tracking Threat Actors 47 2.4 TTPs – Tactics, Techniques, and Procedures 49 2.5 Victimology 53 2.5.1 Diamond Model 55 2.6 Threat Landscape 56 2.6.1 Example – Ransomware 57 2.7 Attack Vectors, Vulnerabilities, and Exploits 58 2.7.1 Email Attack Vectors 59 2.7.2 Web-Based Attacks 60 2.7.3 Network Service Attacks 61 2.7.4 Supply Chain Attacks 61 2.8 The Kill Chain 62 2.9 Untargeted versus Targeted Attacks 64 2.10 Persistence 65 2.11 Thinking Like a Threat Actor 66 Summary 66 References 67 3 Applying Intelligence 75 3.1 Planning Intelligence Gathering 75 3.1.1 The Intelligence Programme 77 3.1.2 Principles of Intelligence 78 3.1.3 Intelligence Metrics 81 3.2 The Intelligence Cycle 82 3.2.1 Planning, Requirements, and Direction 83 3.2.2 Collection 84 3.2.3 Analysis and Processing 84 3.2.4 Production 85 3.2.5 Dissemination 85 3.2.6 Review 85 3.3 Situational Awareness 86 3.3.1 Example – 2013 Target Breach 88 3.4 Goal Oriented Security and Threat Modelling 89 3.5 Strategic, Operational, and Tactical Intelligence 91 3.5.1 Strategic Intelligence 91 3.5.1.1 Example – Lazarus Group 92 3.5.2 Operational Intelligence 93 3.5.2.1 Example – SamSam 93 3.5.3 Tactical Intelligence 94 3.5.3.1 Example – WannaCry 94 3.5.4 Sources of Intelligence Reports 94 3.5.4.1 Example – Shamoon 95 3.6 Incident Preparedness and Response 96 3.6.1 Preparation and Practice 99 Summary 100 References 100 4 Collecting Intelligence 105 4.1 Hierarchy of Evidence 105 4.1.1 Example – Smoking Tobacco Risk 107 4.2 Understanding Intelligence 108 4.2.1 Expressing Credibility 109 4.2.2 Expressing Confidence 110 4.2.3 Understanding Errors 114 4.2.3.1 Example – the WannaCry Email 114 4.2.3.2 Example – the Olympic Destroyer False Flags 114 4.3 Third Party Intelligence Reports 115 4.3.1 Tactical and Operational Reports 116 4.3.1.1 Example – Heartbleed 117 4.3.2 Strategic Threat Reports 118 4.4 Internal Incident Reports 118 4.5 Root Cause Analysis 119 4.6 Active Intelligence Gathering 120 4.6.1 Example – the Nightingale Floor 122 4.6.2 Example – the Macron Leaks 122 Summary 123 References 123 5 Generating Intelligence 127 5.1 The Intelligence Cycle in Practice 128 5.1.1 See it, Sense it, Share it, Use it 128 5.1.2 F3EAD Cycle 129 5.1.3 D3A Process 131 5.1.4 Applying the Intelligence Cycle 132 5.1.4.1 Planning and Requirements 132 5.1.4.2 Collection, Analysis, and Processing 133 5.1.4.3 Production and Dissemination 134 5.1.4.4 Feedback and Improvement 135 5.1.4.5 The Intelligence Cycle in Reverse 135 5.2 Sources of Data 136 5.3 Searching Data 137 5.4 Threat Hunting 138 5.4.1 Models of Threat Hunting 139 5.4.2 Analysing Data 140 5.4.3 Entity Behaviour Analytics 143 5.5 Transforming Data into Intelligence 144 5.5.1 Structured Geospatial Analytical Method 144 5.5.2 Analysis of Competing Hypotheses 146 5.5.3 Poor Practices 146 5.6 Sharing Intelligence 147 5.6.1 Machine Readable Intelligence 150 5.7 Measuring the Effectiveness of Generated Intelligence 151 Summary 152 References 152 6 Attribution 155 6.1 Holding Perpetrators to Account 155 6.1.1 Punishment 156 6.1.2 Legal Frameworks 156 6.1.3 Cyber Crime Legislation 157 6.1.4 International Law 158 6.1.5 Crime and Punishment 158 6.2 Standards of Proof 158 6.2.1 Forensic Evidence 159 6.3 Mechanisms of Attribution 160 6.3.1 Attack Attributes 161 6.3.1.1 Attacker TTPs 161 6.3.1.2 Example – HAFNIUM 162 6.3.1.3 Attacker Infrastructure 162 6.3.1.4 Victimology 163 6.3.1.5 Malicious Code 163 6.3.2 Asserting Attribution 165 6.4 Anti- Attribution Techniques 166 6.4.1 Infrastructure 166 6.4.2 Malicious Tools 166 6.4.3 False Attribution 167 6.4.4 Chains of Attribution 167 6.5 Third Party Attribution 167 6.6 Using Attribution 168 Summary 170 References 171 7 Professionalism 175 7.1 Notions of Professionalism 176 7.1.1 Professional Ethics 177 7.2 Developing a New Profession 178 7.2.1 Professional Education 178 7.2.2 Professional Behaviour and Ethics 179 7.2.2.1 Professionalism in Medicine 179 7.2.2.2 Professionalism in Accountancy 181 7.2.2.3 Professionalism in Engineering 183 7.2.3 Certifications and Codes of Ethics 186 7.3 Behaving Ethically 188 7.3.1 The Five Philosophical Approaches 188 7.3.2 The Josephson Model 189 7.3.3 PMI Ethical Decision Making Framework 190 7.4 Legal and Ethical Environment 191 7.4.1 Planning 192 7.4.1.1 Responsible Vulnerability Disclosure 193 7.4.1.2 Vulnerability Hoarding 194 7.4.2 Collection, Analysis, and Processing 194 7.4.2.1 PRISM Programme 195 7.4.2.2 Open and Closed Doors 196 7.4.3 Dissemination 196 7.4.3.1 Doxxing 197 7.5 Managing the Unexpected 198 7.6 Continuous Improvement 199 Summary 199 References 200 8 Future Threats and Conclusion 207 8.1 Emerging Technologies 207 8.1.1 Smart Buildings 208 8.1.1.1 Software Errors 209 8.1.1.2 Example – Maroochy Shire Incident 210 8.1.2 Health Care 211 8.1.2.1 Example – Conti Attack Against Irish Health Sector 212 8.1.3 Transport Systems 213 8.2 Emerging Attacks 214 8.2.1 Threat Actor Evolutions 214 8.2.1.1 Criminal Threat Actors 214 8.2.1.2 Nation State Threat Actors 216 8.2.1.3 Other Threat Actors 220 8.3 Emerging Workforce 221 8.3.1 Job Roles and Skills 221 8.3.2 Diversity in Hiring 225 8.3.3 Growing the Profession 227 8.4 Conclusion 228 References 229 9 Case Studies 237 9.1 Target Compromise 2013 238 9.1.1 Background 238 9.1.2 The Attack 241 9.2 WannaCry 2017 243 9.2.1 Background 244 9.2.1.1 Guardians of Peace 244 9.2.1.2 The Shadow Brokers 245 9.2.1.3 Threat Landscape – Worms and Ransomware 247 9.2.2 The Attack 247 9.2.2.1 Prelude 247 9.2.2.2 Malware 249 9.3 NotPetya 2017 251 9.3.1 Background 251 9.3.2 The Attack 252 9.3.2.1 Distribution 253 9.3.2.2 Payload 253 9.3.2.3 Spread and Consequences 254 9.4 VPNFilter 2018 255 9.4.1 Background 255 9.4.2 The Attack 256 9.5 SUNBURST and SUNSPOT 2020 257 9.5.1 Background 258 9.5.2 The Attack 259 9.6 Macron Leaks 2017 260 9.6.1 Background 260 9.6.2 The Attack 261 References 262 Index 277

Read more less

Book SynopsisA solid, non-technical foundation to help executives and board members understand cyber risk In the Executive''s Guide to Cyber Risk: Securing the Future Today, distinguished information security and data privacy expert Siegfried Moyo delivers an incisive and foundational guidance for executives tasked with making sound decisions regarding cyber risk management. The book offers non-technical, business-side executives with the key information they need to understand the nature of cyber risk and its impact on organizations and their growth. In the book, readers will find: Strategies for leading with foresight (as opposed to hindsight) while maintaining the company's vision and objectives Focused, jargon-free explanations of cyber risk that liken it to any other business risk Comprehensive discussions of the fundamentals of cyber risk that enable executive leadership to make well-informed choices Perfect for chiefTable of ContentsForeword ix Preface xi Acknowledgments xv About the Author xvii Chapter 1: Cyber Strategy: The Strategy- Centric Approach 1 Chapter 2: Cyber Value: The Value- Centric Approach 17 Chapter 3: Cyber Compliance: The Compliance- Centric Approach 31 Chapter 4: Cyber Culture: The Human- Centric Approach 41 Chapter 5: Cyber Resilience: The Technology- Centric Approach 57 Appendix A 73 Appendix B 95 Appendix C 99 Appendix D 107 Appendix E 109 Index 177

Read more less