E-Book, Englisch, 512 Seiten, Web PDF
Sachs / Parker / Shaw Cyber Adversary Characterization
1. Auflage 2004
ISBN: 978-0-08-047699-5
Verlag: Elsevier Science & Techn.
Format: PDF
Kopierschutz: 1 - PDF Watermark
Auditing the Hacker Mind
E-Book, Englisch, 512 Seiten, Web PDF
ISBN: 978-0-08-047699-5
Verlag: Elsevier Science & Techn.
Format: PDF
Kopierschutz: 1 - PDF Watermark
The wonders and advantages of modern age electronics and the World Wide Web have also, unfortunately, ushered in a new age of terrorism. The growing connectivity among secure and insecure networks has created new opportunities for unauthorized intrusions into sensitive or proprietary computer systems. Some of these vulnerabilities are waiting to be exploited, while numerous others already have. Everyday that a vulnerability or threat goes unchecked greatly increases an attack and the damage it can cause. Who knows what the prospects for a cascade of failures across US infrastructures could lead to. What type of group or individual would exploit this vulnerability, and why would they do it? Inside the Mind of a Criminal Hacker sets the stage and cast of characters for examples and scenarios such as this, providing the security specialist a window into the enemy's mind - necessary in order to develop a well configured defense. Written by leading security and counter-terrorism experts, whose experience include first-hand exposure in working with government branches & agencies (such as the FBI, US Army, Department of Homeland Security), this book sets a standard for the fight against the cyber-terrorist. Proving, that at the heart of the very best defense is knowing and understanding your enemy.
* This book will demonstrate the motives and motivations of criminal hackers through profiling attackers at post attack and forensic levels.
* This book is essential to those who need to truly know thy enemy in order to prepare the best defense.
* . The breadth of material in Inside the Criminal Mind will surprise every security specialist and cyber-terrorist buff of how much they do and (more importantly) don't know about the types of adversaries they stand to face.
Autoren/Hrsg.
Weitere Infos & Material
1;Cover;1
2;Acknowledgments;6
3;Author;6
4;Contributors;8
5;Special Contribution;12
6;Preface;13
7;Contents;17
8;Chapter 1 Introduction;31
8.1;Cyber Adversary Characterization;32
8.2;Cyber Terrorist: A Media Buzzword?;38
8.3;Failures of Existing Models;42
8.4;Introduction to Characterization Theory;47
9;Chapter 2 Theoretical Characterization Metrics;49
9.1;Introduction;50
9.2;The Adversary Object Matrix;51
9.3;Adversary Property Relationships;53
9.4;The Adversary Model—“Adversary Environment Properties”;55
9.5;The Adversary Model—“Attacker Properties”;67
9.6;Summary;78
10;Chapter 3 Disclosure and the Cyber Food Chain;79
10.1;Introduction;80
10.2;Vulnerability Disclosure and the Cyber Adversary;80
10.3;Disclosure Attack Capability and Considerations;83
10.4;The Vulnerability Disclosure Pyramid Metric;96
10.5;The Disclosure Food Chain;102
10.6;Summary;106
11;Chapter 4 Rating the Attack: Post-Incident Characterization Metrics;107
11.1;Introduction:Theoretical Crossover and the Attack Point Scoring Systems;108
11.2;The Source of the Problem;108
11.3;Variables of Attack Tools to Consider;110
11.4;Common Types of Attack Tools;114
11.5;Caveats of Attack Tool Metrics;121
11.6;Attack Technique Variables;122
11.7;Common Types of Attack Techniques;125
11.8;Caveats: Attack Behavior Masquerading;134
11.9;Summary;135
12;Chapter 5 Asset Threat Characterization;137
12.1;Introduction;138
12.2;Target Properties: Attack Driver and Inhibitor Influence;141
12.3;The Asset Threat Characterization;146
12.4;Fictional Asset Threat Characterization Case Study;152
12.5;Summary;166
13;Chapter 6 Bringing It All Together: Completing the Cyber Adversary Model;167
13.1;Introduction;168
13.2;Intermetric Component Relationships;168
13.3;Summary;173
14;Chapter 7 WarmTouch: Assessing the Insider Threat and Relationship Management;175
14.1;Introduction;176
14.2;The Challenges of Detecting the Insider Threat;176
14.3;Case Illustrations;179
14.4;Summary;198
14.5;References;199
14.6;Footnote;200
15;Chapter 8 Managing the Insider Threat;201
15.1;Introduction: Setting the Stage;202
15.2;Prevention;206
15.3;Detection;214
15.4;Insider Case Management;229
15.5;Summary;233
15.6;References;233
16;Chapter 9 The Cyber Adversary in Groups: Targeting Nations’ Critical Infrastructures;235
16.1;Introduction;236
16.2;Historical Context;238
16.3;Increasing Threats and Vulnerabilities;240
16.4;Identifying and Characterizing the Cyber Threat;250
16.5;Summary ;258
17;Chapter 10 Characterizing the Extremes„Terrorists and Nation States;261
17.1;Introduction;262
17.2;The Nation State Cyber Adversary;262
17.3;International Terrorists and Rogue Nations;271
17.4;Physical Insider Placement;283
17.5;Summary;289
17.6;Footnotes and References;290
18;Chapter 11 Conclusions;293
18.1;A Look Back ;294
18.2;Kevin D. Mitnick: Attack, Weighed and Measured!;294
18.3;Summary;300
18.4;And Now for Something a Little Different!;300
19;Chapter 12 Return on Investment;301
19.1;Playing the Market;303
19.2;Information Leakage at the Packet Level;304
19.3;Corrupted by Greed;307
19.4;Revenge of the Nerd;308
19.5;A Lead from Las Vegas;310
19.6;The Call of Opportunity;311
19.7;Initial Reconnaissance;312
19.8;Shrax:The Ultimate Rootkit;314
19.9;Throwaway Account;318
19.10;Seeking the Prize;323
19.11;Hacking .MIL;328
19.12;Triumph and New Toys;332
19.13;Endnotes;333
19.14;Aftermath…The Investigation Continues;334
20;Final Words;339
20.1;Acknowledgements;340
21;Glossary;341
22;Index ;343
