Reverse deception : organized cyber threat counter-exploitation

Reverse deception organized cyber threat counter-exploitation

In-depth counterintelligence tactics to fight cyber-espionage "A comprehensive and unparalleled overview of the topic by experts in the field."-- Slashdot Expose, pursue, and prosecute the perpetrators of advanced persistent threats (APTs) using the tested security techniques and real-worl...

Descripción completa

Detalles Bibliográficos
Autor Corporativo: Books24x7, Inc (-)
Otros Autores: Bodmer, Sean, author (author), Bodmer, Sean (-)
Formato: Libro electrónico
Idioma:Inglés
Publicado: New York : McGraw-Hill [2012]
Edición:1st edition
Materias:
Computer networks > Security measures.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009629402406719
Tabla de Contenidos:
  • Intro
  • Reverse Deception
  • About the Authors
  • About the Technical Editor
  • Contents
  • Foreword
  • Cyberspace Is the Wild West
  • Definition of Deception
  • The Real Purpose of Deception
  • Costs and Risks?
  • Who Should Deceive?
  • Active vs. Passive Deception
  • When to Deceive
  • Deception: Strategy and Mind-Set
  • Intelligence and Deception
  • What Constraints Apply
  • When Failure Happens
  • Acknowledgments
  • Introduction
  • Exploits and Vulnerabilities
  • Fighting Threats
  • All About Knowledge
  • What This Book Covers
  • Chapter 1: State of the Advanced Cyber Threat
  • Have You Heard About the APT?
  • APT Defined
  • What Makes a Threat Advanced and Persistent?
  • Examples of Advanced and Persistent Threats
  • Moonlight Maze
  • Stakkato
  • Titan Rain
  • Stormworm
  • GhostNet
  • Byzantine Hades/Foothold/Candor/Raptor
  • Operation Aurora
  • Stuxnet
  • Russian Business Network
  • New Generation of Botnets and Operators
  • Operation Payback
  • Conclusion
  • Chapter 2: What Is Deception?
  • How Does Deception Fit in Countering Cyber Threats?
  • Six Principles of Deception
  • Focus
  • Objective
  • Centralized Planning and Control
  • Security
  • Timeliness
  • Integration
  • Traditional Deception
  • Feints-Cowpens
  • Demonstrations-Dorchester Heights
  • Ruses-Operation Mincemeat (the Unlikely Story of Glyndwr Michael)
  • Displays-A Big Hack Attack
  • Why Use Deception?
  • The First US Army Group Deception
  • Russian Maskirovka
  • Deception Maxims
  • "Magruder's Principle"-Exploitation of a COG's Perception or Bias
  • "Limitations to Human Information Processing"
  • "Multiple Forms of Surprise"
  • "Jones' Dilemma"
  • "Choice of Types of Deception"
  • "Husbanding of Deception Assets"
  • "Sequencing Rule"
  • "Importance of Feedback"
  • "Beware of Possible Unwanted Reactions"
  • "Care in the Design of Planned Placement of Deceptive Material".
  • Understanding the Information Picture
  • Half-Empty Version
  • Half-Full Version
  • A Question of Bias
  • Totally Full Version
  • Step-Beyond Version
  • Two-Steps-Beyond Version
  • Conclusion
  • Chapter 3: Cyber Counterintelligence
  • Fundamental Competencies
  • Applying Counterintelligence to the Cyber Realm
  • Sizing Up Advanced and Persistent Threats
  • Attack Origination Points
  • Numbers Involved in the Attack
  • Risk Tolerance
  • Timeliness
  • Skills and Methods
  • Actions
  • Objectives
  • Resources
  • Knowledge Source
  • Conclusion
  • Chapter 4: Profiling Fundamentals
  • A Brief History of Traditional Criminal Profiling
  • The Emergence of Cyber Profiling
  • Acquiring an Understanding of the Special Population
  • The Objectives of Profiling
  • The Nature of Profiling
  • Basic Types of Profiling
  • Two Logical Approaches to Profiling: Inductive vs. Deductive
  • Information Vectors for Profiling
  • Time
  • Geolocation
  • Skill
  • Motivation
  • Weapons and Tactics
  • Socially Meaningful Communications and Connections
  • Conclusion
  • References
  • Chapter 5: Actionable Legal Knowledge for the Security Professional
  • How to Work with a Lawyer
  • What You Should Know About Legal Research
  • Online Legal Resources
  • Common Legal Terms
  • The Role of Statutes in Our Legal System
  • How to Find a Law
  • Do Your Background Homework
  • Reading the Law
  • Communicating with Lawyers
  • Ethics in Cyberspace
  • Conclusion
  • Chapter 6: Threat (Attacker) Tradecraft
  • Threat Categories
  • Targeted Attacks
  • Opportunistic Attacks
  • Opportunistic Turning Targeted
  • Evolution of Vectors
  • Meet the Team
  • Criminal Tools and Techniques
  • Tailored Valid Services
  • Academic Research Abuse
  • Circles of Trust
  • Injection Vectors
  • Conclusion
  • Chapter 7: Operational Deception
  • Deception Is Essential
  • Tall Tale 1
  • Postmortem
  • Tall Tale 2.
  • Postmortem
  • Tall Tale 3
  • Postmortem
  • Tall Tale 4
  • Honeypot 1
  • Postmortem
  • Conclusion
  • Chapter 8: Tools and Tactics
  • Detection Technologies
  • Host-Based Tools
  • Antivirus Tools
  • Digital Forensics
  • Security Management Tools
  • Network-Based Tools
  • Firewalls
  • Intrusion Detection/Prevention Systems
  • Deception Technologies
  • Honeywalls
  • Honeynets as Part of Defense-in-Depth
  • Research vs. Production Honeynets
  • Honeynet Architectures
  • Honeywall Accreditation
  • Content Staging
  • Content Filling
  • Honeynet Training
  • Honeynet Objectives
  • Honeynet Risks and Issues
  • Check Yourself Before You're Wrecked
  • What's the Status of Your Physical Security?
  • How Does Your Wireless Network Look?
  • What's Traveling on Your Network?
  • What About Your Host/Server Security?
  • How Are Your Passwords?
  • How's Your Operational Security?
  • Crimeware/Analysis Detection Systems
  • What Happened on Your Box?
  • What Did That Malicious Software Do?
  • Conclusion
  • Chapter 9: Attack Characterization Techniques
  • Postincident Characterization
  • Another Tall Tale
  • Discovery
  • Malware
  • Aftermath
  • Real-World Tactics
  • Engaging an Active Threat
  • Traffic, Targets, and Taxonomy
  • Aftermath
  • Conclusion
  • Chapter 10: Attack Attribution
  • A Brief Note About Levels of Information Present in Objects
  • Profiling Vectors
  • Time
  • Motivations
  • Social Networks
  • Skill Level
  • Vector Summary
  • Strategic Application of Profiling Techniques
  • Example Study: The Changing Social Structure of the Hacking Community
  • Micro- and Macro-Level Analyses
  • The Rise of the Civilian Cyber Warrior
  • The Balance of Power
  • Potential Civilian Cyber Warrior Threats
  • Conclusion
  • References
  • Chapter 11: The Value of APTs
  • Espionage
  • Costs of Cyber Espionage
  • Value Network Analysis
  • APTs and Value Networks
  • The RSA Case.
  • The Operation Aurora Case
  • APT Investments
  • APTs and the Internet Value Chain
  • It's All Good(s)
  • Bitcoin in the Future?
  • Conclusion
  • Chapter 12: When and When Not to Act
  • Determining Threat Severity
  • Application Vulnerability Scenario
  • Targeted Attack Scenario
  • What to Do When It Hits the Fan
  • Block or Monitor?
  • Isolating the Problem
  • Distinguishing Threat Objectives
  • Responding to Actionable Intelligence
  • Cyber Threat Acquisition
  • Distinguishing Between Threats
  • Processing Collected Intelligence
  • Determining Available Engagement Tactics
  • Engaging the Threat
  • Within Your Enterprise
  • External to Your Enterprise
  • Working with Law Enforcement
  • To Hack or Not to Hack (Back)
  • To What End?
  • Understanding Lines (Not to Cross)
  • Conclusion
  • Chapter 13: Implementation and Validation
  • Vetting Your Operations
  • Vetting Deceptions
  • Vetting Perceptual Consistency in a Deception
  • Vetting Engagements
  • Putting This Book to Use with Aid from Professionals
  • How to Evaluate Success
  • Getting to the End Game
  • Conclusion
  • Glossary
  • Index.

Ejemplares similares