Computer and Information Security Handbook. Volume 1 / edited by John R. Vacca.

Format:

Book

Contributor:

Vacca, John R., editor.

Language:

English

Subjects (All):

Computer networks--Security measures.

Computer networks.

Penetration testing (Computer security).

Physical Description:

1 online resource (1968 pages)

Edition:

Fourth edition.

Place of Publication:

Cambridge, MA : Morgan Kaufmann, [2025]

Summary:

Computer and Information Security Handbook, Fourth Edition offers deep coverage of an extremely wide range of issues in computer and cybersecurity theory, along with applications and best practices, offering the latest insights into established and emerging technologies and advancements. With new parts devoted to such current topics as Cyber Security for the Smart City and Smart Homes, Cyber Security of Connected and Automated Vehicles, and Future Cyber Security Trends and Directions, the book now has 104 chapters in 2 Volumes written by leading experts in their fields, as well as 8 updated appendices and an expanded glossary.Chapters new to this edition include such timely topics as Threat Landscape and Good Practices for Internet Infrastructure, Cyber Attacks Against the Grid Infrastructure, Threat Landscape and Good Practices for the Smart Grid Infrastructure, Energy Infrastructure Cyber Security, Smart Cities Cyber Security Concerns, Community Preparedness Action Groups for Smart City Cyber Security, Smart City Disaster Preparedness and Resilience, Cyber Security in Smart Homes, Threat Landscape and Good Practices for Smart Homes and Converged Media, Future Trends for Cyber Security for Smart Cities and Smart Homes, Cyber Attacks and Defenses on Intelligent Connected Vehicles, Cyber Security Issues in VANETs, Use of AI in Cyber Security, New Cyber Security Vulnerabilities and Trends Facing Aerospace and Defense Systems, and much more.- Written by leaders in the field- Comprehensive and up-to-date coverage of the latest security technologies, issues, and best practices- Presents methods for analysis, along with problem-solving techniques for implementing practical solutions

Contents:

9780443132247v1_WEB

Front Cover

Computer and Information Security Handbook

Copyright

Dedication

Contents to Volume I

Contributors to Volume I

About the editor

Foreword

Preface

ORGANIZATION OF THIS BOOK

Part I: Overview of system and network security: A comprehensive introduction

Part II: Managing information security

Part III: Disaster recovery security

Part IV: Security standards and policies

Part V: Cyber, network, and systems forensics security and assurance

Part VI: Encryption technology

Part VII: Privacy and access management

Part VIII: Storage security

Part IX: Cloud security

Part X: Virtual security

Part XI: Cyber physical security

Part XII: Practical security

Part XIII: Critical infrastructure security

Part XIV: Cyber security for the smart city and smart homes

Part XV: Cyber security of connected and automated vehicles

Part XVI: Advanced security

Part XVII: Future Cyber Security Trends And Directions

Part XVIII: Appendices

Acknowledgments

I - Overview of System and Network Security: A Comprehensive Introduction

1 - Information Security in the Modern Enterprise

1. INTRODUCTION

Management Matters as Much as Technology

Trade Secrets and ``Reasonable Efforts''

2. CHALLENGES FACING INFORMATION SECURITY

3. ASSESSMENT AND PLANNING

Know Where to Begin

Risk Management

Public Standards for Information Security

Creating the Security Plan

4. POLICIES AND PROCEDURES

5. TRAINING

6. SUMMARY

CHAPTER REVIEW QUESTIONS/EXERCISES

True/False

Multiple Choice

EXERCISE

Problem

Hands-on Projects

Project

Case Projects

Optional Team Case Project

2 - Building a Secure Organization.

1. INTRODUCTION: NAVIGATING THE LABRYNTHE WORLD OF CYBERSECURITY AND ITS MULTIFACETED IMPERATIVES

ISO/IEC 27002:2022 AND THE BROADER LANDSCAPE OF STANDARDS

3. INTEGRATING STANDARDS WITHIN A RISK-BASED DATA PROTECTION FRAMEWORK

4. CULTIVATING A CYBERSECURITY CULTURE: THE BEDROCK OF A ROBUST RISK-BASED APPROACH

5. CONCLUSION: A CONVERGENCE OF STANDARDS, CULTURE, AND TRUST-THE WAY FORWARD IN CYBERSECURITY AND DATA PROTECTION

REFERENCES

3 - A Cryptography Primer

1. WHAT IS CRYPTOGRAPHY? WHAT IS ENCRYPTION?

How Is Cryptography Done?

2. FAMOUS CRYPTOGRAPHIC DEVICES

The Lorenz Cipher

Enigma

3. CIPHERS

The Substitution Cipher

The Shift Cipher

The Polyalphabetic Cipher

The Kasiski-Kerckhoff Method

4. MODERN CRYPTOGRAPHY

The Vernam Cipher (Stream Cipher)

The One-Time Pad

Cracking Ciphers

The XOR Cipher and Logical Operands

Block Ciphers

5. THE COMPUTER AGE

Data Encryption Standard

Theory of Operation

Implementation

Rivest, Shamir, and Adleman

Advanced Encryption Standard (or Rijndael)

Overview

The Basics of Advanced Encryption Standard

6. HOW ADVANCED ENCRYPTION STANDARD WORKS

Bytes

Math

In the Beginning

Rounds

7. SELECTING CRYPTOGRAPHY: THE PROCESS

8. SUMMARY

Hands-On Projects

4 - Verifying User and Host Identity

1. INTRODUCTION: VERIFYING THE USER

2. IDENTITY ACCESS MANAGEMENT: AUTHENTICATION AND AUTHORIZATION

Authentication.

Password Rule Hardening: Practices

The Importance of Secure Socket Layer/Transport Layer Security

Authorization

The Importance of Directory Services

3. SYNTHETIC OR REAL USER LOGGING

Completely Automated Public Turing Test to Tell Computers and Humans Apart

4. VERIFYING A USER IN CLOUD ENVIRONMENTS

5. VERIFYING HOSTS

6. VERIFYING HOST DOMAIN NAME SYSTEM AND INTERNET PROTOCOL INFORMATION

7. SUMMARY

5 - Detecting System Intrusions

Why Taps?

Why the Secrecy?

2. DEVELOPING THREAT MODELS

3. SECURING COMMUNICATIONS

The Favored Operating System: Linux

Step 1: Let Us Get Secure: Encrypting Files and Using Secure Shell

Gnu Privacy Guard

Encrypting and Decrypting Using GNU Privacy Guard

Secure Shell Access to Servers

Moving Files Securely

Exercise for the Reader

4. NETWORK SECURITY MONITORING AND INTRUSION DETECTION SYSTEMS

Installing Security Onion in a Distributed Environment

Setting up a Security Onion Server

The Tool Set

Sguil

Squert

Netsniff-ng

Snort

Bro

ELS A

PF_RING

Planning Your Sensor Array

Planning the Sensor Array

Make a Disk

Sizing Your Hardware

Switched Port Analyzer or Tap

Horizontal Movement

Virtual Machine Planner Virtual Disks

Installing the Fiber Cards

Installing the Operating System

Configuring Ethernet Adapters

Security Onion Sensor Setup

Setting PF_RING min_num_slots

Setting Intrusion Detection System Engine Processes

Management of Storage

Sudo -i

5. INSTALLING SECURITY ONION TO A BARE-METAL SERVER

Networks Are Complex

The Access Layer

Distribution Layer

Exercise.

6. PUTTING IT ALL TOGETHER

7. SECURING YOUR INSTALLATION

Running Sguil as an Analyst

Using Sguil via Secure Shell on a Remote PC

8. MANAGING AN INTRUSION DETECTION SYSTEM IN A NETWORK SECURITY MONITORING FRAMEWORK

Configuring the Intrusion Detection System

Rules and Filters

Managing Sensors

Sensor Check

External Detection

Internal Detection

Manual Changes to Rules

/usr/bin/rule-update

/etc/nsm/rules/downloaded.rules

/etc/nsm/rules/local.rules

/etc/nsm/pulledpork/disablesid.conf

/etc/nsm/pulledpork/pulledpork.conf

/var/log/nsm/sid_changes.log

/etc/nsm/templates/snort/snort.conf

/etc/nsm/HOSTNAME-INTERFACE/snort.conf

/etc/nsm/rules/bpf.conf

/etc/nsm/securityonion.conf

/etc/nsm/pulledpork/enablesid.conf

/etc/nsm/pulledpork/dropsid.conf

/etc/nsm/pulledpork/modifysid.conf

/etc/nsm/rules/threshold.conf

Log Files

After the Changes

Useful File Manipulation Commands

How to Add Rules

How to Disable a Single Rule or Range Rules

Edit the /etc/nsm/pulledpork/disablesid.conf File

9. SETTING THE STAGE

10. ALERTS AND EVENTS

Reconnaissance

Default Password Breach

The Basics

11. SGUIL: TUNING GRAPHICS PROCESSING UNIT RULES, ALERTS, AND RESPONSES

Identifying Nuisance Rules

Understanding the Enterprise Log Search and Archive Database Structure

Too Many Alerts!

Modifying Signatures

Anatomy of a Snort Rule

Theory

12. DEVELOPING PROCESS

13. UNDERSTANDING, EXPLORING, AND MANAGING ALERTS

Uniform Datagram Protocol Traffic Alerts

False Alert Analysis

Case Study

Kaaza Alert

Final Incident Report: Kaaza Alert

Incident Reporting: Sample Incident Report

Special Consideration

Final Note About Report Writing

What a Real Situation Looks Like

14. SUMMARY

True/False.

Multiple Choice

6 - Intrusion Detection in Contemporary Environments

2. MOBILE OPERATING SYSTEMS

Android Operating System

Apple iOS

Symbian Operating System

Windows Phone Operating System

3. MOBILE DEVICE MALWARE RISKS

4. CLOUD COMPUTING MODELS

5. CLOUD COMPUTING ATTACK RISKS

6. SOURCE OF ATTACKS ON MOBILE DEVICES

7. SOURCE OR ORIGIN OF INTRUSIONS IN CLOUD COMPUTING

8. CLASSES OF MOBILE MALWARE

9. TYPES OF CLOUD COMPUTING ATTACKS

10. MALWARE TECHNIQUES IN ANDROID

Repackaging Common Apps

Drive-by Download

Dynamic Payload

Stealth Malware Techniques

Colluding Apps

Privilege Escalation

11. CLOUD COMPUTING INTRUSIONS TECHNIQUES

Reconnaissance Techniques

Denial of Service

Account Cracking

Structured Query Language Injection

Cross-Site Scripting

Malware Injection

12. EXAMPLES OF SMARTPHONE MALWARE

13. EXAMPLES OF CLOUD ATTACKS

14. TYPES OF INTRUSION DETECTION SYSTEMS FOR MOBILE DEVICES

Signature-Based Intrusion Detection System

Anomaly-Based Intrusion Detection System

Cloud-Based Intrusion Detection System

Manual Analysis

15. TYPES OF INTRUSION DETECTION SYSTEMS FOR CLOUD COMPUTING

Network-Based Intrusion Detection System

Host-Based Intrusion Detection System

Hypervisor-Based Intrusion Detection System

Distributed Intrusion Detection System

16. INTRUSION DETECTION SYSTEM PERFORMANCE METRICS

Intrusion Detection System Performance Metrics in Mobile Devices

Intrusion Detection System Performance Metrics for Cloud Computing

17. SUMMARY

Problem.

Optional Team Case Project.

Notes:

Includes bibliographical references and index.

Description based on publisher supplied metadata and other sources.

Description based on print version record.

ISBN:

0-443-13224-0

OCLC:

1455132403