E-Book, Englisch, 248 Seiten
Amoroso Cyber Attacks
1. Auflage 2010
ISBN: 978-0-12-384918-2
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: 6 - ePub Watermark
Protecting National Infrastructure
E-Book, Englisch, 248 Seiten
ISBN: 978-0-12-384918-2
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: 6 - ePub Watermark
Cyber Attacks takes the national debate on protecting critical infrastructure in an entirely new and fruitful direction. It initiates an intelligent national (and international) dialogue amongst the general technical community around proper methods for reducing national risk. This includes controversial themes such as the deliberate use of deception to trap intruders. It also serves as an attractive framework for a new national strategy for cyber security, something that several Presidential administrations have failed in attempting to create. In addition, nations other than the US might choose to adopt the framework as well.This book covers cyber security policy development for massively complex infrastructure using ten principles derived from experiences in U.S. Federal Government settings and a range of global commercial environments. It provides a unique and provocative philosophy of cyber security that directly contradicts conventional wisdom about info sec for small or enterprise-level systems. It illustrates the use of practical, trial-and-error findings derived from 25 years of hands-on experience protecting critical infrastructure on a daily basis at AT&T. Each principle is presented as a separate security strategy, along with pages of compelling examples that demonstrate use of the principle. Cyber Attacks will be of interest to security professionals tasked with protection of critical infrastructure and with cyber security; CSOs and other top managers; government and military security specialists and policymakers; security managers; and students in cybersecurity and international security programs. - Covers cyber security policy development for massively complex infrastructure using ten principles derived from experiences in U.S. Federal Government settings and a range of global commercial environments - Provides a unique and provocative philosophy of cyber security that directly contradicts conventional wisdom about info sec for small or enterprise-level systems - Illustrates the use of practical, trial-and-error findings derived from 25 years of hands-on experience protecting critical infrastructure on a daily basis at AT&T
Edward Amoroso is currently Senior Vice President and Chief Security Officer of AT&T, where he has worked in cyber security for the past twenty-five years. He has also held the adjunct professor position in the computer science department at the Stevens Institute of Technology for the past twenty years. Edward has written four previous books on computer security, and his writings and commentary have appeared in major national newspapers, television shows, and books. He holds a BS degree in physics from Dickinson College, and the MS/PhD degrees in computer science from Stevens Institute of Technology. He is also a graduate of the Columbia Business School.
Autoren/Hrsg.
Weitere Infos & Material
1;Front Cover;1
2;Cyber Attacks: Protecting National Infrastructure;4
3;Copyright Page;5
4;Contents;6
5;Preface;10
6;Acknowledgment;12
7;Chapter 1 Introduction;14
7.1;National Cyber Threats, Vulnerabilities, and Attacks;17
7.2;Botnet Threat;19
7.3;National Cyber Security Methodology Components;22
7.4;Deception;24
7.5;Separation;26
7.6;Diversity;29
7.7;Consistency;30
7.8;Depth;32
7.9;Discretion;33
7.10;Collection;34
7.11;Correlation;36
7.12;Awareness;38
7.13;Response;39
7.14;Implementing the Principles Nationally;41
8;Chapter 2 Deception;44
8.1;Scanning Stage;48
8.2;Deliberately Open Ports;50
8.3;Discovery Stage;52
8.4;Deceptive Documents;54
8.5;Exploitation Stage;55
8.6;Procurement Tricks;58
8.7;Exposing Stage;59
8.8;Interfaces Between Humans and Computers;60
8.9;National Deception Program;62
9;Chapter 3 Separation;64
9.1;What Is Separation?;66
9.2;Functional Separation;68
9.3;National Infrastructure Firewalls;70
9.4;DDOS Filtering;73
9.5;SCADA Separation Architecture;75
9.6;Physical Separation;76
9.7;Insider Separation;78
9.8;Asset Separation;81
9.9;Multilevel Security (MLS);83
10;Chapter 4 Diversity;86
10.1;Diversity and Worm Propagation;88
10.2;Desktop Computer System Diversity;90
10.3;Diversity Paradox of Cloud Computing;93
10.4;Network Technology Diversity;95
10.5;Physical Diversity;98
10.6;National Diversity Program;100
11;Chapter 5 Commonality;102
11.1;Meaningful Best Practices for Infrastructure Protection;105
11.2;Locally Relevant and Appropriate Security Policy;108
11.3;Culture of Security Protection;110
11.4;Infrastructure Simplification;112
11.5;Certification and Education;115
11.6;Career Path and Reward Structure;118
11.7;Responsible Past Security Practice;119
11.8;National Commonality Program;120
12;Chapter 6 Depth;122
12.1;Effectiveness of Depth;124
12.2;Layered Authentication;128
12.3;Layered E-Mail Virus and Spam Protection;132
12.4;Layered Access Controls;133
12.5;Layered Encryption;135
12.6;Layered Intrusion Detection;137
12.7;National Program of Depth;139
13;Chapter 7 Discretion;142
13.1;Trusted Computing Base;143
13.2;Security Through Obscurity;146
13.3;Information Sharing;148
13.4;Information Reconnaissance;150
13.5;Obscurity Layers;152
13.6;Organizational Compartments;154
13.7;National Discretion Program;156
14;Chapter 8 Collection;158
14.1;Collecting Network Data;161
14.2;Collecting System Data;163
14.3;Security Information and Event Management;167
14.4;Large-Scale Trending;169
14.5;Tracking a Worm;172
14.6;National Collection Program;174
15;Chapter 9 Correlation;176
15.1;Conventional Security Correlation Methods;180
15.2;Quality and Reliability Issues in Data Correlation;182
15.3;Correlating Data to Detect a Worm;183
15.4;Correlating Data to Detect a Botnet;185
15.5;Large-Scale Correlation Process;187
15.6;National Correlation Program;189
16;Chapter 10 Awareness;192
16.1;Detecting Infrastructure Attacks;196
16.2;Managing Vulnerability Information;197
16.3;Cyber Security Intelligence Reports;199
16.4;Risk Management Process;201
16.5;Security Operations Centers;203
16.6;National Awareness Program;205
17;Chapter 11 Response;206
17.1;Pre-Versus Post-Attack Response;208
17.2;Indications and Warning;210
17.3;Incident Response Teams;211
17.4;Forensic Analysis;214
17.5;Law Enforcement Issues;216
17.6;Disaster Recovery;217
17.7;National Response Program;219
18;Appendix: Sample National Infrastructure Protection Requirements;220
18.1;Sample Deception Requirements (Chapter 2);221
18.2;Sample Separation Requirements (Chapter 3);222
18.3;Sample Diversity Requirements (Chapter 4);224
18.4;Sample Commonality Requirements (Chapter 5);225
18.5;Sample Depth Requirements (Chapter 6);226
18.6;Sample Discretion Requirements (Chapter 7);227
18.7;Sample Collection Requirements (Chapter 8);227
18.8;Sample Correlation Requirements (Chapter 9);228
18.9;Sample Awareness Requirements (Chapter 10);229
18.10;Sample Response Requirements (Chapter 11);229
19;Index;232
19.1;A;232
19.2;B;233
19.3;C;233
19.4;D;235
19.5;E;237
19.6;F;237
19.7;G;238
19.8;H;238
19.9;I;238
19.10;L;239
19.11;M;240
19.12;N;240
19.13;O;241
19.14;P;241
19.15;Q;242
19.16;R;242
19.17;S;243
19.18;T;245
19.19;U;245
19.20;V;245
19.21;W;245
