Description

Book Synopsis
Incorporate offense and defense for a more effective network security strategy

Network Attacks and Exploitation provides a clear, comprehensive roadmap for developing a complete offensive and defensive strategy to engage in or thwart hacking and computer espionage. Written by an expert in both government and corporate vulnerability and security operations, this guide helps you understand the principles of the space and look beyond the individual technologies of the moment to develop durable comprehensive solutions. Numerous real-world examples illustrate the offensive and defensive concepts at work, including Conficker, Stuxnet, the Target compromise, and more. You will find clear guidance toward strategy, tools, and implementation, with practical advice on blocking systematic computer espionage and the theft of information from governments, companies, and individuals.

Assaults and manipulation of computer networks are rampant around the world. One of the bigge

Table of Contents

Introduction xvii

Chapter 1 Computer Network Exploitation 1

Operations 4

Operational Objectives 5

Strategic Collection 6

Directed Collection 7

Non-Kinetic Computer Network Attack (CNA) 7

Strategic Access 9

Positional Access 9

CNE Revisited 11

A Framework for Computer Network Exploitation 11

First Principles 12

Principles 12

Themes 14

Summary 15

Chapter 2 The Attacker 17

Principle of Humanity 17

Life Cycle of an Operation 18

Stage 1: Targeting 19

Stage 2: Initial Access 22

Stage 3: Persistence 24

Stage 4: Expansion 25

Stage 5: Exfiltration 26

Stage 6: Detection 26

Principle of Access 27

Inbound Access 27

Outbound Access 29

Bidirectional Access 35

No Outside Access 35

Access Summary 36

Principle of Economy 37

Time 37

Targeting Capabilities 37

Exploitation Expertise 38

Networking Expertise 38

Software Development Expertise 39

Operational Expertise 40

Operational Analysis Expertise 40

Technical Resources 41

Economy Summary 41

Attacker Structure 41

Summary 43

Chapter 3 The Defender 45

Principle of Humanity 45

Humanity and Network Layout 46

Humanity and Security Policy 47

Principle of Access 48

The Defensive Life Cycle 49

Principle of Economy 51

The Helpful Defender 53

Summary 54

Chapter 4 Asymmetries 55

False Asymmetries 56

Advantage Attacker 59

Motivation 60

Initiative 61

Focus 62

Effect of Failure 62

Knowledge of Technology 64

Analysis of Opponent 64

Tailored Software 65

Rate of Change 66

Advantage Defender 67

Network Awareness 68

Network Posture 68

Advantage Indeterminate 69

Time 69

Efficiency 70

Summary 71

Chapter 5 Attacker Frictions 73

Mistakes 74

Complexity 74

Flawed Attack Tools 75

Upgrades and Updates 77

Other Attackers 78

The Security Community 80

Bad Luck 81

Summary 81

Chapter 6 Defender Frictions 83

Mistakes 83

Flawed Software 84

Inertia 86

The Security Community 87

Complexity 89

Users 91

Bad Luck 92

Summary 92

Chapter 7 Offensive Strategy 93

Principle 1: Knowledge 95

Measuring Knowledge 96

Principle 2: Awareness 97

Measuring Awareness 98

Principle 3: Innovation 98

Measuring Innovation 99

Defensive Innovation 100

Principle 4: Precaution 101

Measuring Precaution 103

Principle 5: Operational Security 105

Minimizing Exposure 106

Minimizing Recognition 107

Controlling Reaction 108

Measuring Operational Security 109

Principle 6: Program Security 110

Attacker Liabilities 110

Program Security Costs 112

Measuring Program Security 120

Crafting an Offensive Strategy 121

Modular Frameworks 124

A Note on Tactical Decisions 126

Summary 127

Chapter 8 Defensive Strategy 129

Failed Tactics 130

Antivirus and Signature-Based Detection 130

Password Policies 132

User Training 134

Crafting a Defensive Strategy 135

Cloud-Based Security 143

Summary 145

Chapter 9 Offensive Case Studies 147

Stuxnet 148

Access 148

Economy 149

Humanity 149

Knowledge 149

Awareness 149

Precaution 150

Innovation 151

Operational Security 151

Program Security 153

Stuxnet Summary 154

Flame 154

Gauss 157

Dragonfly 159

Red October 160

APT 1 162

Axiom 164

Summary 165

Epilogue 167

Appendix Attack Tools 169

Antivirus Defeats 169

Audio/Webcam Recording 170

Backdoor 170

Bootkit 171

Collection Tools 171

Exploits 171

Fuzzer 172

Hardware-based Trojan 172

Implant 173

Keystroke Logger 173

Network Capture 173

Network Survey 173

Network Tunnel 174

Password Dumpers and Crackers 174

Packer 175

Persistence Mechanism 175

Polymorphic Code Generator 177

Rootkit 178

Screen Scraper 178

System Survey 178

Vulnerability Scanner 178

References 179

Bibliography 189

Index 193

Network Attacks and Exploitation

    Product form

    £34.20

    Includes FREE delivery

    RRP £36.00 – you save £1.80 (5%)

    Order before 4pm tomorrow for delivery by Sat 4 Jul 2026.

    A Paperback / softback by Matthew Monte

      Trusted by thousands of customers. See 2,385+ Customer Reviews

      View other formats and editions of Network Attacks and Exploitation by Matthew Monte

      Publisher: John Wiley & Sons Inc
      Publication Date: 11/08/2015
      ISBN13: 9781118987124, 978-1118987124
      ISBN10: 1118987128
      Also in:
      Computer networking and communications Computer security

      Description

      Book Synopsis
      Incorporate offense and defense for a more effective network security strategy

      Network Attacks and Exploitation provides a clear, comprehensive roadmap for developing a complete offensive and defensive strategy to engage in or thwart hacking and computer espionage. Written by an expert in both government and corporate vulnerability and security operations, this guide helps you understand the principles of the space and look beyond the individual technologies of the moment to develop durable comprehensive solutions. Numerous real-world examples illustrate the offensive and defensive concepts at work, including Conficker, Stuxnet, the Target compromise, and more. You will find clear guidance toward strategy, tools, and implementation, with practical advice on blocking systematic computer espionage and the theft of information from governments, companies, and individuals.

      Assaults and manipulation of computer networks are rampant around the world. One of the bigge

      Table of Contents

      Introduction xvii

      Chapter 1 Computer Network Exploitation 1

      Operations 4

      Operational Objectives 5

      Strategic Collection 6

      Directed Collection 7

      Non-Kinetic Computer Network Attack (CNA) 7

      Strategic Access 9

      Positional Access 9

      CNE Revisited 11

      A Framework for Computer Network Exploitation 11

      First Principles 12

      Principles 12

      Themes 14

      Summary 15

      Chapter 2 The Attacker 17

      Principle of Humanity 17

      Life Cycle of an Operation 18

      Stage 1: Targeting 19

      Stage 2: Initial Access 22

      Stage 3: Persistence 24

      Stage 4: Expansion 25

      Stage 5: Exfiltration 26

      Stage 6: Detection 26

      Principle of Access 27

      Inbound Access 27

      Outbound Access 29

      Bidirectional Access 35

      No Outside Access 35

      Access Summary 36

      Principle of Economy 37

      Time 37

      Targeting Capabilities 37

      Exploitation Expertise 38

      Networking Expertise 38

      Software Development Expertise 39

      Operational Expertise 40

      Operational Analysis Expertise 40

      Technical Resources 41

      Economy Summary 41

      Attacker Structure 41

      Summary 43

      Chapter 3 The Defender 45

      Principle of Humanity 45

      Humanity and Network Layout 46

      Humanity and Security Policy 47

      Principle of Access 48

      The Defensive Life Cycle 49

      Principle of Economy 51

      The Helpful Defender 53

      Summary 54

      Chapter 4 Asymmetries 55

      False Asymmetries 56

      Advantage Attacker 59

      Motivation 60

      Initiative 61

      Focus 62

      Effect of Failure 62

      Knowledge of Technology 64

      Analysis of Opponent 64

      Tailored Software 65

      Rate of Change 66

      Advantage Defender 67

      Network Awareness 68

      Network Posture 68

      Advantage Indeterminate 69

      Time 69

      Efficiency 70

      Summary 71

      Chapter 5 Attacker Frictions 73

      Mistakes 74

      Complexity 74

      Flawed Attack Tools 75

      Upgrades and Updates 77

      Other Attackers 78

      The Security Community 80

      Bad Luck 81

      Summary 81

      Chapter 6 Defender Frictions 83

      Mistakes 83

      Flawed Software 84

      Inertia 86

      The Security Community 87

      Complexity 89

      Users 91

      Bad Luck 92

      Summary 92

      Chapter 7 Offensive Strategy 93

      Principle 1: Knowledge 95

      Measuring Knowledge 96

      Principle 2: Awareness 97

      Measuring Awareness 98

      Principle 3: Innovation 98

      Measuring Innovation 99

      Defensive Innovation 100

      Principle 4: Precaution 101

      Measuring Precaution 103

      Principle 5: Operational Security 105

      Minimizing Exposure 106

      Minimizing Recognition 107

      Controlling Reaction 108

      Measuring Operational Security 109

      Principle 6: Program Security 110

      Attacker Liabilities 110

      Program Security Costs 112

      Measuring Program Security 120

      Crafting an Offensive Strategy 121

      Modular Frameworks 124

      A Note on Tactical Decisions 126

      Summary 127

      Chapter 8 Defensive Strategy 129

      Failed Tactics 130

      Antivirus and Signature-Based Detection 130

      Password Policies 132

      User Training 134

      Crafting a Defensive Strategy 135

      Cloud-Based Security 143

      Summary 145

      Chapter 9 Offensive Case Studies 147

      Stuxnet 148

      Access 148

      Economy 149

      Humanity 149

      Knowledge 149

      Awareness 149

      Precaution 150

      Innovation 151

      Operational Security 151

      Program Security 153

      Stuxnet Summary 154

      Flame 154

      Gauss 157

      Dragonfly 159

      Red October 160

      APT 1 162

      Axiom 164

      Summary 165

      Epilogue 167

      Appendix Attack Tools 169

      Antivirus Defeats 169

      Audio/Webcam Recording 170

      Backdoor 170

      Bootkit 171

      Collection Tools 171

      Exploits 171

      Fuzzer 172

      Hardware-based Trojan 172

      Implant 173

      Keystroke Logger 173

      Network Capture 173

      Network Survey 173

      Network Tunnel 174

      Password Dumpers and Crackers 174

      Packer 175

      Persistence Mechanism 175

      Polymorphic Code Generator 177

      Rootkit 178

      Screen Scraper 178

      System Survey 178

      Vulnerability Scanner 178

      References 179

      Bibliography 189

      Index 193

      Recently viewed products

      © 2026 Book Curl

        • American Express
        • Apple Pay
        • Diners Club
        • Discover
        • Google Pay
        • Maestro
        • Mastercard
        • PayPal
        • Shop Pay
        • Union Pay
        • Visa

        Login

        Forgot your password?

        Don't have an account yet?
        Create account