My Account Log in

1 option

Reverse deception : organized cyber threat counter-exploitation / Sean Bodmer [and three others].

O'Reilly Online Learning: Academic/Public Library Edition Available online

View online
Format:
Book
Author/Creator:
Bodmer, Sean, author.
Contributor:
Bodmer, Sean.
Books24x7, Inc.
Language:
English
Subjects (All):
Computer networks--Security measures.
Computer networks.
Physical Description:
1 online resource (1 v.) : ill.
Edition:
1st edition
Place of Publication:
New York : McGraw-Hill, [2012]
Language Note:
English
System Details:
text file
Summary:
In-depth counterintelligence tactics to fight cyber-espionage "A comprehensive and unparalleled overview of the topic by experts in the field."-- Slashdot Expose, pursue, and prosecute the perpetrators of advanced persistent threats (APTs) using the tested security techniques and real-world case studies featured in this one-of-a-kind guide. Reverse Deception: Organized Cyber Threat Counter-Exploitation shows how to assess your network’s vulnerabilities, zero in on targets, and effectively block intruders. Discover how to set up digital traps, misdirect and divert attackers, configure honeypots, mitigate encrypted crimeware, and identify malicious software groups. The expert authors provide full coverage of legal and ethical issues, operational vetting, and security team management. Establish the goals and scope of your reverse deception campaign Identify, analyze, and block APTs Engage and catch nefarious individuals and their organizations Assemble cyber-profiles, incident analyses, and intelligence reports Uncover, eliminate, and autopsy crimeware, trojans, and botnets Work with intrusion detection, anti-virus, and digital forensics tools Employ stealth honeynet, honeypot, and sandbox technologies Communicate and collaborate with legal teams and law enforcement
Contents:
Intro
Reverse Deception
About the Authors
About the Technical Editor
Contents
Foreword
Cyberspace Is the Wild West
Definition of Deception
The Real Purpose of Deception
Costs and Risks?
Who Should Deceive?
Active vs. Passive Deception
When to Deceive
Deception: Strategy and Mind-Set
Intelligence and Deception
What Constraints Apply
When Failure Happens
Acknowledgments
Introduction
Exploits and Vulnerabilities
Fighting Threats
All About Knowledge
What This Book Covers
Chapter 1: State of the Advanced Cyber Threat
Have You Heard About the APT?
APT Defined
What Makes a Threat Advanced and Persistent?
Examples of Advanced and Persistent Threats
Moonlight Maze
Stakkato
Titan Rain
Stormworm
GhostNet
Byzantine Hades/Foothold/Candor/Raptor
Operation Aurora
Stuxnet
Russian Business Network
New Generation of Botnets and Operators
Operation Payback
Conclusion
Chapter 2: What Is Deception?
How Does Deception Fit in Countering Cyber Threats?
Six Principles of Deception
Focus
Objective
Centralized Planning and Control
Security
Timeliness
Integration
Traditional Deception
Feints-Cowpens
Demonstrations-Dorchester Heights
Ruses-Operation Mincemeat (the Unlikely Story of Glyndwr Michael)
Displays-A Big Hack Attack
Why Use Deception?
The First US Army Group Deception
Russian Maskirovka
Deception Maxims
"Magruder's Principle"-Exploitation of a COG's Perception or Bias
"Limitations to Human Information Processing"
"Multiple Forms of Surprise"
"Jones' Dilemma"
"Choice of Types of Deception"
"Husbanding of Deception Assets"
"Sequencing Rule"
"Importance of Feedback"
"Beware of Possible Unwanted Reactions"
"Care in the Design of Planned Placement of Deceptive Material".
Understanding the Information Picture
Half-Empty Version
Half-Full Version
A Question of Bias
Totally Full Version
Step-Beyond Version
Two-Steps-Beyond Version
Chapter 3: Cyber Counterintelligence
Fundamental Competencies
Applying Counterintelligence to the Cyber Realm
Sizing Up Advanced and Persistent Threats
Attack Origination Points
Numbers Involved in the Attack
Risk Tolerance
Skills and Methods
Actions
Objectives
Resources
Knowledge Source
Chapter 4: Profiling Fundamentals
A Brief History of Traditional Criminal Profiling
The Emergence of Cyber Profiling
Acquiring an Understanding of the Special Population
The Objectives of Profiling
The Nature of Profiling
Basic Types of Profiling
Two Logical Approaches to Profiling: Inductive vs. Deductive
Information Vectors for Profiling
Time
Geolocation
Skill
Motivation
Weapons and Tactics
Socially Meaningful Communications and Connections
References
Chapter 5: Actionable Legal Knowledge for the Security Professional
How to Work with a Lawyer
What You Should Know About Legal Research
Online Legal Resources
Common Legal Terms
The Role of Statutes in Our Legal System
How to Find a Law
Do Your Background Homework
Reading the Law
Communicating with Lawyers
Ethics in Cyberspace
Chapter 6: Threat (Attacker) Tradecraft
Threat Categories
Targeted Attacks
Opportunistic Attacks
Opportunistic Turning Targeted
Evolution of Vectors
Meet the Team
Criminal Tools and Techniques
Tailored Valid Services
Academic Research Abuse
Circles of Trust
Injection Vectors
Chapter 7: Operational Deception
Deception Is Essential
Tall Tale 1
Postmortem
Tall Tale 2.
Postmortem
Tall Tale 3
Tall Tale 4
Honeypot 1
Chapter 8: Tools and Tactics
Detection Technologies
Host-Based Tools
Antivirus Tools
Digital Forensics
Security Management Tools
Network-Based Tools
Firewalls
Intrusion Detection/Prevention Systems
Deception Technologies
Honeywalls
Honeynets as Part of Defense-in-Depth
Research vs. Production Honeynets
Honeynet Architectures
Honeywall Accreditation
Content Staging
Content Filling
Honeynet Training
Honeynet Objectives
Honeynet Risks and Issues
Check Yourself Before You're Wrecked
What's the Status of Your Physical Security?
How Does Your Wireless Network Look?
What's Traveling on Your Network?
What About Your Host/Server Security?
How Are Your Passwords?
How's Your Operational Security?
Crimeware/Analysis Detection Systems
What Happened on Your Box?
What Did That Malicious Software Do?
Chapter 9: Attack Characterization Techniques
Postincident Characterization
Another Tall Tale
Discovery
Malware
Aftermath
Real-World Tactics
Engaging an Active Threat
Traffic, Targets, and Taxonomy
Chapter 10: Attack Attribution
A Brief Note About Levels of Information Present in Objects
Profiling Vectors
Motivations
Social Networks
Skill Level
Vector Summary
Strategic Application of Profiling Techniques
Example Study: The Changing Social Structure of the Hacking Community
Micro- and Macro-Level Analyses
The Rise of the Civilian Cyber Warrior
The Balance of Power
Potential Civilian Cyber Warrior Threats
Chapter 11: The Value of APTs
Espionage
Costs of Cyber Espionage
Value Network Analysis
APTs and Value Networks
The RSA Case.
The Operation Aurora Case
APT Investments
APTs and the Internet Value Chain
It's All Good(s)
Bitcoin in the Future?
Chapter 12: When and When Not to Act
Determining Threat Severity
Application Vulnerability Scenario
Targeted Attack Scenario
What to Do When It Hits the Fan
Block or Monitor?
Isolating the Problem
Distinguishing Threat Objectives
Responding to Actionable Intelligence
Cyber Threat Acquisition
Distinguishing Between Threats
Processing Collected Intelligence
Determining Available Engagement Tactics
Engaging the Threat
Within Your Enterprise
External to Your Enterprise
Working with Law Enforcement
To Hack or Not to Hack (Back)
To What End?
Understanding Lines (Not to Cross)
Chapter 13: Implementation and Validation
Vetting Your Operations
Vetting Deceptions
Vetting Perceptual Consistency in a Deception
Vetting Engagements
Putting This Book to Use with Aid from Professionals
How to Evaluate Success
Getting to the End Game
Glossary
Index.
Notes:
Includes index.
Includes bibliographical references and index.
Digitized and made available by: Books24x7.com.
Description based on print version record.
ISBN:
9786613716262
9781280874956
1280874953
9780071772501
0071772502
OCLC:
1024267517

The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.

Find

Home Release notes

My Account

Shelf Request an item Bookmarks Fines and fees Settings

Guides

Using the Find catalog Using Articles+ Using your account