If you’re involved in cybersecurity as a software developer, forensic investigator, or network administrator, this practical guide shows you how to apply the scientific method when assessing techniques for protecting your information systems. You’ll learn how to conduct scientific experiments on everyday tools and procedures, whether you’re evaluating corporate security systems, testing your own security product, or looking for bugs in a mobile game. Once author Josiah Dykstra gets you up to speed on the scientific method, he helps you focus on standalone, domain-specific topics, such as cryptography, malware analysis, and system security engineering. The latter chapters include practical case studies that demonstrate how to use available tools to conduct domain-specific scientific experiments. Learn the steps necessary to conduct scientific experiments in cybersecurity Explore fuzzing to test how your software handles various inputs Measure the performance of the Snort intrusion detection system Locate malicious “needles in a haystack” in your network and IT environment Evaluate cryptography design and application in IoT products Conduct an experiment to identify relationships between similar malware binaries Understand system-level security requirements for enterprise networks and web services
If a network is not secure, how valuable is it? Introduction to Computer Networks and Cybersecurity takes an integrated approach to networking and cybersecurity, highlighting the interconnections so that you quickly understand the complex design issues in modern networks. This full-color book uses a wealth of examples and illustrations to effectively connect the principles of networks and networking protocols with the relevant cybersecurity issues. Get the Fundamentals of Internet Architecture and the Protocol Layers Organized into six parts, the book walks you through the fundamentals, starting with the way most people first encounter computer networks—through the Internet architecture. Part 1 covers the most important Internet applications and the methods used to develop them. Part 2 discusses the network edge, consisting of hosts, access networks, LANs, and the physical media used with the physical and link layers. Part 3 explores the network core, including packet/circuit switches, routers, and the Internet backbone, and Part 4 examines reliable transport and the management of network congestion. Learn about Malware and Security Systems Building on the concepts and principles, the book then delves into state-of-the-art cybersecurity mechanisms in Part 5. It reviews the types of malware and the various security systems, made up of firewalls, intrusion detection systems, and other components. Crucially, it provides a seamless view of an information infrastructure in which security capabilities are built in rather than treated as an add-on feature. The book closes with a look at emerging technologies, including virtualization and data center and cloud computing unified communication. Understand Cyber Attacks—and What You Can Do to Defend against Them This comprehensive text supplies a carefully designed introduction to both the fundamentals of networks and the latest advances in Internet security. Addressing cybersecurity from an Internet perspective, it prepares you to better understand the motivation and methods of cyber attacks and what you can do to protect the networks and the applications that run on them. Pedagogical Features The book’s modular design offers exceptional flexibility, whether you want to use it for quick reference, self-study, or a wide variety of one- or two-semester courses in computer networks, cybersecurity, or a hybrid of both. Learning goals in each chapter show you what you can expect to learn, and end-of-chapter problems and questions test your understanding. Throughout, the book uses real-world examples and extensive illustrations and screen captures to explain complicated concepts simply and clearly. Ancillary materials, including PowerPoint® animations, are available to instructors with qualifying course adoption.
Author: John R. Vacca
Publisher: Morgan Kaufmann
Release Date: 2017-05-10
Computer and Information Security Handbook, Third Edition, provides the most current and complete reference on computer security available in one volume. The book offers deep coverage of an extremely wide range of issues in computer and cybersecurity theory, applications, and best practices, offering the latest insights into established and emerging technologies and advancements. With new parts devoted to such current topics as Cloud Security, Cyber-Physical Security, and Critical Infrastructure Security, the book now has 100 chapters written by leading experts in their fields, as well as 12 updated appendices and an expanded glossary. It continues its successful format of offering problem-solving techniques that use real-life case studies, checklists, hands-on exercises, question and answers, and summaries. Chapters new to this edition include such timely topics as Cyber Warfare, Endpoint Security, Ethical Hacking, Internet of Things Security, Nanoscale Networking and Communications Security, Social Engineering, System Forensics, Wireless Sensor Network Security, Verifying User and Host Identity, Detecting System Intrusions, Insider Threats, Security Certification and Standards Implementation, Metadata Forensics, Hard Drive Imaging, Context-Aware Multi-Factor Authentication, Cloud Security, Protecting Virtual Infrastructure, Penetration Testing, and much more. Written by leaders in the field Comprehensive and up-to-date coverage of the latest security technologies, issues, and best practices Presents methods for analysis, along with problem-solving techniques for implementing practical solutions
Author: Evi Nemeth
Publisher: Addison-Wesley Professional
Release Date: 2017-09-14
“As an author, editor, and publisher, I never paid much attention to the competition—except in a few cases. This is one of those cases. The UNIX System Administration Handbook is one of the few books we ever measured ourselves against.” —Tim O’Reilly, founder of O’Reilly Media “This edition is for those whose systems live in the cloud or in virtualized data centers; those whose administrative work largely takes the form of automation and configuration source code; those who collaborate closely with developers, network engineers, compliance officers, and all the other worker bees who inhabit the modern hive.” —Paul Vixie, Internet Hall of Fame-recognized innovator and founder of ISC and Farsight Security “This book is fun and functional as a desktop reference. If you use UNIX and Linux systems, you need this book in your short-reach library. It covers a bit of the systems’ history but doesn’t bloviate. It’s just straight-forward information delivered in a colorful and memorable fashion.” —Jason A. Nunnelley UNIX® and Linux® System Administration Handbook, Fifth Edition, is today’s definitive guide to installing, configuring, and maintaining any UNIX or Linux system, including systems that supply core Internet and cloud infrastructure. Updated for new distributions and cloud environments, this comprehensive guide covers best practices for every facet of system administration, including storage management, network design and administration, security, web hosting, automation, configuration management, performance analysis, virtualization, DNS, security, and the management of IT service organizations. The authors—world-class, hands-on technologists—offer indispensable new coverage of cloud platforms, the DevOps philosophy, continuous deployment, containerization, monitoring, and many other essential topics. Whatever your role in running systems and networks built on UNIX or Linux, this conversational, well-written ¿guide will improve your efficiency and help solve your knottiest problems.
Learn how to detect and prevent the hacking of medical equipment at hospitals and healthcare facilities. A cyber-physical attack on building equipment pales in comparison to the damage a determined hacker can do if he/she gains access to a medical-grade network as a medical-grade network controls the diagnostic, treatment, and life support equipment on which lives depend. News reports inform us how hackers strike hospitals with ransomware that prevents staff from accessing patient records or scheduling appointments. Unfortunately, medical equipment also can be hacked and shut down remotely as a form of extortion. Criminal hackers will not ask for a $500 payment to unlock an MRI, PET or CT scan, or X-ray machine—they will ask for much more. Litigation is bound to follow and the resulting punitive awards will drive up hospital insurance costs and healthcare costs in general. This will undoubtedly result in increased regulations for hospitals and higher costs for compliance. Unless hospitals and other healthcare facilities take the steps necessary to secure their medical-grade networks, they will be targeted for cyber-physical attack, possibly with life-threatening consequences. Cybersecurity for Hospitals and Healthcare Facilities is a wake-up call explaining what hackers can do, why hackers would target a hospital, the way hackers research a target, ways hackers can gain access to a medical-grade network (cyber-attack vectors), and ways hackers hope to monetize their cyber-attack. By understanding and detecting the threats, you can take action now—before your hospital becomes the next victim. What You Will Learn: Determine how vulnerable hospital and healthcare building equipment is to cyber-physical attack Identify possible ways hackers can hack hospital and healthcare facility equipment Recognize the cyber-attack vectors—or paths by which a hacker or cracker can gain access to a computer, a medical-grade network server, or expensive medical equipment in order to deliver a payload or malicious outcome Detect and prevent man-in-the-middle or denial-of-service cyber-attacks Find and prevent hacking of the hospital database and hospital web application Who This Book Is For: Hospital administrators, healthcare professionals, hospital & healthcare facility engineers and building managers, hospital & healthcare facility IT professionals, and HIPAA professionals
Author: Michael Gregg
Publisher: John Wiley & Sons
Release Date: 2015-08-10
The ultimate hands-on guide to IT security and proactive defense The Network Security Test Lab is a hands-on, step-by-step guide to ultimate IT security implementation. Covering the full complement of malware, viruses, and other attack technologies, this essential guide walks you through the security assessment and penetration testing process, and provides the set-up guidance you need to build your own security-testing lab. You'll look inside the actual attacks to decode their methods, and learn how to run attacks in an isolated sandbox to better understand how attackers target systems, and how to build the defenses that stop them. You'll be introduced to tools like Wireshark, Networkminer, Nmap, Metasploit, and more as you discover techniques for defending against network attacks, social networking bugs, malware, and the most prevalent malicious traffic. You also get access to open source tools, demo software, and a bootable version of Linux to facilitate hands-on learning and help you implement your new skills. Security technology continues to evolve, and yet not a week goes by without news of a new security breach or a new exploit being released. The Network Security Test Lab is the ultimate guide when you are on the front lines of defense, providing the most up-to-date methods of thwarting would-be attackers. Get acquainted with your hardware, gear, and test platform Learn how attackers penetrate existing security systems Detect malicious activity and build effective defenses Investigate and analyze attacks to inform defense strategy The Network Security Test Lab is your complete, essential guide.
Network Security Evaluation provides a methodology for conducting technical security evaluations of all the critical components of a target network. The book describes how the methodology evolved and how to define the proper scope of an evaluation, including the consideration of legal issues that may arise during the evaluation. More detailed information is given in later chapters about the core technical processes that need to occur to ensure a comprehensive understanding of the network’s security posture. Ten baseline areas for evaluation are covered in detail. The tools and examples detailed within this book include both Freeware and Commercial tools that provide a detailed analysis of security vulnerabilities on the target network. The book ends with guidance on the creation of customer roadmaps to better security and recommendations on the format and delivery of the final report. * There is no other book currently on the market that covers the National Security Agency's recommended methodology for conducting technical security evaluations * The authors are well known in the industry for their work in developing and deploying network security evaluations using the NSA IEM * The authors also developed the NSA's training class on this methodology
Any good attacker will tell you that expensive security monitoring and prevention tools aren’t enough to keep you secure. This practical book demonstrates a data-centric approach to distilling complex security monitoring, incident response, and threat analysis ideas into their most basic elements. You’ll learn how to develop your own threat intelligence and incident detection strategy, rather than depend on security tools alone. Written by members of Cisco’s Computer Security Incident Response Team, this book shows IT and information security professionals how to create an InfoSec playbook by developing strategy, technique, and architecture. Learn incident response fundamentals—and the importance of getting back to basics Understand threats you face and what you should be protecting Collect, mine, organize, and analyze as many relevant data sources as possible Build your own playbook of repeatable methods for security monitoring and response Learn how to put your plan into action and keep it running smoothly Select the right monitoring and detection tools for your environment Develop queries to help you sort through data and create valuable reports Know what actions to take during the incident response phase
Most organizations have a firewall, antivirus software, and intrusion detection systems, all of which are intended to keep attackers out. So why is computer security a bigger problem today than ever before? The answer is simple--bad software lies at the heart of all computer security problems. Traditional solutions simply treat the symptoms, not the problem, and usually do so in a reactive way. This book teaches you how to take a proactive approach to computer security. Building Secure Software cuts to the heart of computer security to help you get security right the first time. If you are serious about computer security, you need to read this book, which includes essential lessons for both security professionals who have come to realize that software is the problem, and software developers who intend to make their code behave. Written for anyone involved in software development and use—from managers to coders—this book is your first step toward building more secure software. Building Secure Software provides expert perspectives and techniques to help you ensure the security of essential software. If you consider threats and vulnerabilities early in the devel-opment cycle you can build security into your system. With this book you will learn how to determine an acceptable level of risk, develop security tests, and plug security holes before software is even shipped. Inside you'll find the ten guiding principles for software security, as well as detailed coverage of: Software risk management for security Selecting technologies to make your code more secure Security implications of open source and proprietary software How to audit software The dreaded buffer overflow Access control and password authentication Random number generation Applying cryptography Trust management and input Client-side security Dealing with firewalls Only by building secure software can you defend yourself against security breaches and gain the confidence that comes with knowing you won't have to play the "penetrate and patch" game anymore. Get it right the first time. Let these expert authors show you how to properly design your system; save time, money, and credibility; and preserve your customers' trust.
Author: John Chirillo
Publisher: John Wiley & Sons
Release Date: 2003-02-05
Learn how to conduct thorough security examinations via illustrations and virtual simulations A network security breach (a hack, crack, or other invasion) occurs when unauthorized access to the network is achieved and havoc results. The best possible defense is an offensive strategy that allows you to regularly test your network to reveal the vulnerabilities and close the holes before someone gets in. Written by veteran author and security expert John Chirillo, Hack Attacks Testing explains how to perform your own security audits. Step by step, the book covers how-to drilldowns for installing and configuring your Tiger Box operating systems, installations, and configurations for some of the most popular auditing software suites. In addition, it includes both common and custom usages, scanning methods, and reporting routines of each. Finally, Chirillo inspects the individual vulnerability scanner results and compares them in an evaluation matrix against a select group of intentional security holes on a target network. Chirillo tackles such topics as: Building a multisystem Tiger Box Basic Windows 2000 Server installation and configuration for auditing Basic Linux and Solaris installation and configuration Basic Mac OS X installation and configuration for auditing ISS, CyberCop, Nessus, SAINT, and STAT scanners Using security analysis tools for Mac OS X Vulnerability assessment Bonus CD! The CD contains virtual simulations of scanners, ISS Internet Scanner evaluation version, and more.
The Smart Grid security ecosystem is complex and multi-disciplinary, and relatively under-researched compared to the traditional information and network security disciplines. While the Smart Grid has provided increased efficiencies in monitoring power usage, directing power supplies to serve peak power needs and improving efficiency of power delivery, the Smart Grid has also opened the way for information security breaches and other types of security breaches. Potential threats range from meter manipulation to directed, high-impact attacks on critical infrastructure that could bring down regional or national power grids. It is essential that security measures are put in place to ensure that the Smart Grid does not succumb to these threats and to safeguard this critical infrastructure at all times. Dr. Florian Skopik is one of the leading researchers in Smart Grid security, having organized and led research consortia and panel discussions in this field. Smart Grid Security will provide the first truly holistic view of leading edge Smart Grid security research. This book does not focus on vendor-specific solutions, instead providing a complete presentation of forward-looking research in all areas of Smart Grid security. The book will enable practitioners to learn about upcoming trends, scientists to share new directions in research, and government and industry decision-makers to prepare for major strategic decisions regarding implementation of Smart Grid technology. Presents the most current and leading edge research on Smart Grid security from a holistic standpoint, featuring a panel of top experts in the field. Includes coverage of risk management, operational security, and secure development of the Smart Grid. Covers key technical topics, including threat types and attack vectors, threat case studies, smart metering, smart home, e- mobility, smart buildings, DERs, demand response management, distribution grid operators, transmission grid operators, virtual power plants, resilient architectures, communications protocols and encryption, as well as physical security.
Author: John R. Vacca
Release Date: 2013-08-22
This book serves as a security practitioner’s guide to today’s most crucial issues in cyber security and IT infrastructure. It offers in-depth coverage of theory, technology, and practice as they relate to established technologies as well as recent advancements. It explores practical solutions to a wide range of cyber-physical and IT infrastructure protection issues. Composed of 11 chapters contributed by leading experts in their fields, this highly useful book covers disaster recovery, biometrics, homeland security, cyber warfare, cyber security, national infrastructure security, access controls, vulnerability assessments and audits, cryptography, and operational and organizational security, as well as an extensive glossary of security terms and acronyms. Written with instructors and students in mind, this book includes methods of analysis and problem-solving techniques through hands-on exercises and worked examples as well as questions and answers and the ability to implement practical solutions through real-life case studies. For example, the new format includes the following pedagogical elements: • Checklists throughout each chapter to gauge understanding • Chapter Review Questions/Exercises and Case Studies • Ancillaries: Solutions Manual; slide package; figure files This format will be attractive to universities and career schools as well as federal and state agencies, corporate security training programs, ASIS certification, etc. Chapters by leaders in the field on theory and practice of cyber security and IT infrastructure protection, allowing the reader to develop a new level of technical expertise Comprehensive and up-to-date coverage of cyber security issues allows the reader to remain current and fully informed from multiple viewpoints Presents methods of analysis and problem-solving techniques, enhancing the reader's grasp of the material and ability to implement practical solutions
Author: O. Sami Saydjari
Publisher: McGraw Hill Professional
Release Date: 2018-08-03
Cutting-edge cybersecurity solutions to defend against the most sophisticated attacks This professional guide shows, step by step, how to design and deploy highly secure systems on time and within budget. The book offers comprehensive examples, objectives, and best practices and shows how to build and maintain powerful, cost-effective cybersecurity systems. Readers will learn to think strategically, identify the highest priority risks, and apply advanced countermeasures that address the entire attack space. Engineering Trustworthy Systems: Get Cybersecurity Design Right the First Time showcases 35 years of practical engineering experience from an expert whose persuasive vision has advanced national cybersecurity policy and practices. Readers of this book will be prepared to navigate the tumultuous and uncertain future of cyberspace and move the cybersecurity discipline forward by adopting timeless engineering principles, including: •Defining the fundamental nature and full breadth of the cybersecurity problem•Adopting an essential perspective that considers attacks, failures, and attacker mindsets •Developing and implementing risk-mitigating, systems-based solutions•Transforming sound cybersecurity principles into effective architecture and evaluation strategies that holistically address the entire complex attack space
Software is essential and pervasive in the modern world, but software acquisition, development, operation, and maintenance can involve substantial risk, allowing attackers to compromise millions of computers every year. This groundbreaking book provides a uniquely comprehensive guide to software security, ranging far beyond secure coding to outline rigorous processes and practices for managing system and software lifecycle operations. The book opens with a comprehensive guide to the software lifecycle, covering all elements, activities, and practices encompassed by the universally accepted ISO/IEEE 12207-2008 standard. The authors then proceed document proven management architecture and process framework models for software assurance, such as ISO 21827 (SSE-CMM), CERT-RMM, the Software Assurance Maturity Model, and NIST 800-53. Within these models, the authors present standards and practices related to key activities such as threat and risk evaluation, assurance cases, and adversarial testing. Ideal for new and experienced cybersecurity professionals alike in both the public and private sectors, this one-of-a-kind book prepares readers to create and manage coherent, practical, cost-effective operations to ensure defect-free systems and software. Important Notice: Media content referenced within the product description or the product text may not be available in the ebook version.