Cyber Adversary Characterization :Auditing the Hacker Mind

Publication subTitle :Auditing the Hacker Mind

Author: Parker   Tom;Sachs   Marcus;Shaw   Eric  

Publisher: Elsevier Science‎

Publication year: 2004

E-ISBN: 9780080476995

P-ISBN(Paperback): 9781931836111

P-ISBN(Hardback):  9781931836111

Subject: TP309 安全保密

Language: ENG

Access to resources Favorite

Disclaimer: Any content in publications that violate the sovereignty, the constitution or regulations of the PRC is not accepted or approved by CNPIEC.

Description

The wonders and advantages of modern age electronics and the World Wide Web have also, unfortunately, ushered in a new age of terrorism. The growing connectivity among secure and insecure networks has created new opportunities for unauthorized intrusions into sensitive or proprietary computer systems. Some of these vulnerabilities are waiting to be exploited, while numerous others already have. Everyday that a vulnerability or threat goes unchecked greatly increases an attack and the damage it can cause. Who knows what the prospects for a cascade of failures across US infrastructures could lead to. What type of group or individual would exploit this vulnerability, and why would they do it? "Inside the Mind of a Criminal Hacker" sets the stage and cast of characters for examples and scenarios such as this, providing the security specialist a window into the enemy’s mind - necessary in order to develop a well configured defense. Written by leading security and counter-terrorism experts, whose experience include first-hand exposure in working with government branches & agencies (such as the FBI, US Army, Department of Homeland Security), this book sets a standard for the fight against the cyber-terrorist. Proving, that at the heart of the very best defense is knowing and understanding your enemy.

* This book will demonstrate the motives and motivations of criminal hackers through profiling attackers at post attack and forensic levels.

* This book is essential to

Chapter

Chapter 1 Introduction

Cyber Adversary Characterization

Cyber Terrorist: A Media Buzzword?

Failures of Existing Models

Introduction to Characterization Theory

Chapter 2 Theoretical Characterization Metrics

Introduction

The Adversary Object Matrix

Adversary Property Relationships

The Adversary Model—“Adversary Environment Properties”

The Adversary Model—“Attacker Properties”

Summary

Chapter 3 Disclosure and the Cyber Food Chain

Introduction

Vulnerability Disclosure and the Cyber Adversary

Disclosure Attack Capability and Considerations

The Vulnerability Disclosure Pyramid Metric

The Disclosure Food Chain

Summary

Chapter 4 Rating the Attack: Post-Incident Characterization Metrics

Introduction:Theoretical Crossover and the Attack Point Scoring Systems

The Source of the Problem

Variables of Attack Tools to Consider

Common Types of Attack Tools

Caveats of Attack Tool Metrics

Attack Technique Variables

Common Types of Attack Techniques

Caveats: Attack Behavior Masquerading

Summary

Chapter 5 Asset Threat Characterization

Introduction

Target Properties: Attack Driver and Inhibitor Influence

The Asset Threat Characterization

Fictional Asset Threat Characterization Case Study

Summary

Chapter 6 Bringing It All Together: Completing the Cyber Adversary Model

Introduction

Intermetric Component Relationships

Summary

Chapter 7 WarmTouch: Assessing the Insider Threat and Relationship Management

Introduction

The Challenges of Detecting the Insider Threat

Case Illustrations

Summary

References

Footnote

Chapter 8 Managing the Insider Threat

Introduction: Setting the Stage

Prevention

Detection

Insider Case Management

Summary

References

Chapter 9 The Cyber Adversary in Groups: Targeting Nations’ Critical Infrastructures

Introduction

Historical Context

Increasing Threats and Vulnerabilities

Identifying and Characterizing the Cyber Threat

Summary

Chapter 10 Characterizing the Extremes„Terrorists and Nation States

Introduction

The Nation State Cyber Adversary

International Terrorists and Rogue Nations

Physical Insider Placement

Summary

Footnotes and References

Chapter 11 Conclusions

A Look Back

Kevin D. Mitnick: Attack, Weighed and Measured!

Summary

And Now for Something a Little Different!

Chapter 12 Return on Investment

Playing the Market

Information Leakage at the Packet Level

Corrupted by Greed

Revenge of the Nerd

A Lead from Las Vegas

The Call of Opportunity

Initial Reconnaissance

Shrax:The Ultimate Rootkit

Throwaway Account

Seeking the Prize

Hacking .MIL

Triumph and New Toys

Endnotes

Aftermath…The Investigation Continues

Final Words

Acknowledgements

Glossary

Index

The users who browse this book also browse