Advanced Cybersecurity Technologies
- Length: 224 pages
- Edition: 1
- Language: English
- Publisher: CRC Press
- Publication Date: 2021-12-07
- ISBN-10: 0367562324
- ISBN-13: 9780367562328
- Sales Rank: #8150661 (See Top 100 Books)
Cybersecurity is an extremely important area which is rapidly evolving, necessarily, to meet current and future threats. Anyone who studies within this domain requires a particular skillset and way of thinking, balancing technical knowledge and human insight. It is vital to recognize both sides of this complex area and integrate the two. This book looks at the technical fields progressively, building up in layers before expanding into more advanced topics. Each area is looked at succinctly, describing the main elements and problems in each area and reinforcing these concepts with practical coding examples, questions and ideas for further research. The book builds on an overview of basic architecture of systems and networks, setting a context for how information is vulnerable.
Cryptography is explained in detail with examples, showing the steady progress in this area over time through to the possibilities of quantum encryption. Steganography is also explained, showing how this can be used in a modern-day context through multimedia and even Virtual Reality. A large section of the book is given to the technical side of hacking, how such attacks occur, how they can be avoided and what to do after there has been an intrusion of some description. Cyber countermeasures are explored, along with automated systems of defense, whether created by the programmer or through firewalls and suchlike.
The human aspect of cyber security is detailed along with the psychology and motivations for launching attacks. Social engineering is focused on and with the various techniques looked at – revealing how an informed individual, organization or workplace can protect themselves against incursions and breaches. Finally, there is a look the latest developments in the field, and how systems, such as the IoT are being protected. The book is intended for advanced undergraduate and postgraduate courses on cybersecurity but is also useful for those studying IT or Computer Science more generally.
Cover Half Title Title Page Copyright Page Dedication Table of Contents Biography Abbreviations and Acronyms Chapter 1 Introduction Chapter 2 Web and network basics Networks Application layer Presentation layer Session layer Transport layer Network layer Data link layer Physical layer How the OSI model works TCP/IP model Application layer Transport layer Internet layer Link layer Protocols and ports UDP and TCP Web specifics HTTP HTTP resources HTTP connections Conversations with a server UPnP Remote access protocols SSH Suggested projects and experiments Deploy Apache Deploy a Droplet or virtual server References Chapter 3 Cryptography Why we need cryptography Classical cryptography Substitution ciphers Frequency analysis Caesar cipher Vigenere cipher The one-time pad Modern algorithms Practical encryption engineering Encryption in Node.js Hashes Python cryptography Steganography Terminology and basics Images Audio encryption Least significant bit (LSB) coding Phase encoding Spread spectrum Parity encoding Echo hiding DeepSound Using stenography practically Digital watermarking Suggested projects Chapter 4 Hacking overview Case histories – a context and background of hacks and hacker’s motivations Worms Viruses Deception File replication Trojan Botnets DDoS Motivations behind malware History Case history: Stuxnet Case history: Michael Calce (Aka MafiaBoy) Case history: Jonathan James Case history: Gary McKinnon Case history: Lauri Love Huawei Techniques Spoofing email – the basis of phishing attack Bots and automated mechanisms References Chapter 5 Packet analysis and penetration testing Packet sniffing Wireshark Modifying Wireshark Analysis with Wireshark Analyzing malware – Trickbot Conclusion Suggested projects Chapter 6 Social engineering Phishing Spear phishing Vishing Smishing Pretexting Water holing Baiting Quid Pro Quo Tailgating Scareware Other varieties Social engineering process Research Engagement The attack The conclusion Social engineering countermeasures Training Frameworks and protocols Categorizing information Protocols Tests Resistance to social engineering Waste handling General advice Software protection Intelligence and research used for social engineering Sources Search engines Google Alerts Google/Bing images Using web archives Social media Specialized search engines Media – documents, photographs, video Telephone numbers and addresses Online tracing with IP addresses and presence Conclusions References Chapter 7 Cyber countermeasures Introduction Training Firewalls Linux Cloud Shields Malware detection Websites Antivirus Ransomware Keep backups! Conclusions Reference Chapter 8 Incident response and mitigation Example: Malware outbreak Remediation – clear and hold Misunderstanding threats Mistiming of response Gauging the severity of an incident – triage Analysis Containment Terminate Failing to verify Recovery The notification process European Union – GDPR Ransomware Individual reporting Timing of breach notifications The notification Data privacy and protection in the United States Comparison of EU versus US privacy laws California Consumer Privacy Act Basic CIS controls Foundational CIS controls Organizational CIS controls Post-incident analysis and applying gained insights Ongoing preparedness Conclusions References Chapter 9 Digital forensics Introduction Low level System level Application level Network level Storage level Tape Flash SSD USB memory devices Information retrieval Disk analysis Memory forensics Windows registry analysis Mobile forensics Network analysis Linux distributions Kali Linux Binwalk tool Bulk extractor tool HashDeep tool Magic rescue tool Scalpel tool Scrounge-NTFS tool Guymager tool Pdfid tool Pdf-parser tool Peepdf tool img_cat tool ICAT tool Srch_strings tool Parrot BlackArch Linux BackBox Linux ForLEx Technique Preservation Collection Examination Analysis Analysis techniques Targeted searches Constructing timelines and events Utilizing log files Computer storage analysis Moving files Deleted file reconstruction Directory restoration Temporal analysis Time bounding Dynamic temporal analysis Conclusions References Chapter 10 Special topics: Countersurveillance in a cyber-intrusive world Where is detection of an individual in the electronic domain possible? Strategies for avoidance Deletion Obfuscation Network Tor Identity Defeating profiling and identity capture False tells One name, many people Identifying device shuffling Obfuscation agents and automated stealth Suggested projects Resource scanner Hardware-based memory shredder References Chapter 11 Special topics: Securing the Internet of Things (IoT) Introduction The use of crypto-integrated circuits Comparison of crypto ICs Wi-Fi connection Cloud connectivity and dashboard Security by design in IoT devices Network devices with possible network weaknesses Modems Routers Home appliances Cameras Environment sensors Automation Automotive Streaming devices Body sensors Arduino IoT Suggested projects IoT robot with encrypted communication channels Encrypted chat system (hardware based) References Index
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.