Advanced Cybersecurity Technologies
Cybersecurity is an extremely important area which is rapidly evolving, necessarily, to meet current and future threats. Anyone who studies within this domain requires a particular skillset and way of thinking, balancing technical knowledge and human insight. It is vital to recognize both sides of this complex area and integrate the two. This book looks at the technical fields progressively, building up in layers before expanding into more advanced topics. Each area is looked at succinctly, describing the main elements and problems in each area and reinforcing these concepts with practical coding examples, questions and ideas for further research. The book builds on an overview of basic architecture of systems and networks, setting a context for how information is vulnerable.

Cryptography is explained in detail with examples, showing the steady progress in this area over time through to the possibilities of quantum encryption. Steganography is also explained, showing how this can be used in a modern-day context through multimedia and even Virtual Reality. A large section of the book is given to the technical side of hacking, how such attacks occur, how they can be avoided and what to do after there has been an intrusion of some description. Cyber countermeasures are explored, along with automated systems of defense, whether created by the programmer or through firewalls and suchlike.

The human aspect of cyber security is detailed along with the psychology and motivations for launching attacks. Social engineering is focused on and with the various techniques looked at – revealing how an informed individual, organization or workplace can protect themselves against incursions and breaches. Finally, there is a look the latest developments in the field, and how systems, such as the IoT are being protected. The book is intended for advanced undergraduate and postgraduate courses on cybersecurity but is also useful for those studying IT or Computer Science more generally.

1139799921
Advanced Cybersecurity Technologies
Cybersecurity is an extremely important area which is rapidly evolving, necessarily, to meet current and future threats. Anyone who studies within this domain requires a particular skillset and way of thinking, balancing technical knowledge and human insight. It is vital to recognize both sides of this complex area and integrate the two. This book looks at the technical fields progressively, building up in layers before expanding into more advanced topics. Each area is looked at succinctly, describing the main elements and problems in each area and reinforcing these concepts with practical coding examples, questions and ideas for further research. The book builds on an overview of basic architecture of systems and networks, setting a context for how information is vulnerable.

Cryptography is explained in detail with examples, showing the steady progress in this area over time through to the possibilities of quantum encryption. Steganography is also explained, showing how this can be used in a modern-day context through multimedia and even Virtual Reality. A large section of the book is given to the technical side of hacking, how such attacks occur, how they can be avoided and what to do after there has been an intrusion of some description. Cyber countermeasures are explored, along with automated systems of defense, whether created by the programmer or through firewalls and suchlike.

The human aspect of cyber security is detailed along with the psychology and motivations for launching attacks. Social engineering is focused on and with the various techniques looked at – revealing how an informed individual, organization or workplace can protect themselves against incursions and breaches. Finally, there is a look the latest developments in the field, and how systems, such as the IoT are being protected. The book is intended for advanced undergraduate and postgraduate courses on cybersecurity but is also useful for those studying IT or Computer Science more generally.

68.99 In Stock
Advanced Cybersecurity Technologies

Advanced Cybersecurity Technologies

by Ralph Moseley
Advanced Cybersecurity Technologies
Add to Wishlist
Advanced Cybersecurity Technologies

Advanced Cybersecurity Technologies

by Ralph Moseley

Overview

Cybersecurity is an extremely important area which is rapidly evolving, necessarily, to meet current and future threats. Anyone who studies within this domain requires a particular skillset and way of thinking, balancing technical knowledge and human insight. It is vital to recognize both sides of this complex area and integrate the two. This book looks at the technical fields progressively, building up in layers before expanding into more advanced topics. Each area is looked at succinctly, describing the main elements and problems in each area and reinforcing these concepts with practical coding examples, questions and ideas for further research. The book builds on an overview of basic architecture of systems and networks, setting a context for how information is vulnerable.

Cryptography is explained in detail with examples, showing the steady progress in this area over time through to the possibilities of quantum encryption. Steganography is also explained, showing how this can be used in a modern-day context through multimedia and even Virtual Reality. A large section of the book is given to the technical side of hacking, how such attacks occur, how they can be avoided and what to do after there has been an intrusion of some description. Cyber countermeasures are explored, along with automated systems of defense, whether created by the programmer or through firewalls and suchlike.

The human aspect of cyber security is detailed along with the psychology and motivations for launching attacks. Social engineering is focused on and with the various techniques looked at – revealing how an informed individual, organization or workplace can protect themselves against incursions and breaches. Finally, there is a look the latest developments in the field, and how systems, such as the IoT are being protected. The book is intended for advanced undergraduate and postgraduate courses on cybersecurity but is also useful for those studying IT or Computer Science more generally.

Product Details

ISBN-13: 9780367562328
Publisher: CRC Press
Publication date: 12/07/2021
Pages: 224
Product dimensions: 6.12(w) x 9.19(h) x (d)

About the Author

Dr. Ralph Moseley is a senior lecturer in computer science at Middlesex University, London. His teaching and research interests include cyber security and cryptography. His current research in this area has looked at automated cyber defence mechanisms and intelligence capture. In recent years he has acted as cyber security consultant and expert witness to many companies and organisations.

Table of Contents

Biography xv

Abbreviations and Acronyms xvii

1 Introduction 1

2 Web and network basics 5

Networks 5

Application layer 7

Presentation layer 7

Session layer 7

Transport layer 7

Network layer 7

Data link layer 7

Physical layer 7

How the OSI model works 7

TCP/IP model 8

Application layer 8

Transport layer 8

Internet layer 8

Link layer 9

Protocols and ports 10

UDP and TCP 11

Web specifics 12

HTTP 13

HTTP resources 14

HTTP connections 14

Conversations with a server 16

UPnP 18

Remote access protocols 19

SSH 21

Suggested projects and experiments 22

Deploy Apache 22

Deploy a Droplet or virtual server 23

References 23

3 Cryptography 25

Why we need cryptography 25

Classical cryptography 25

Substitution ciphers 26

Frequency analysis 27

Caesar cipher 29

Vigenere cipher 30

The one-time pad 31

Modern algorithms 33

Practical encryption engineering 34

Encryption in Node.js 35

Hashes 35

Python cryptography 38

Steganography 39

Terminology and basics 40

Images 41

Audio encryption 42

Least significant bit (LSB) coding 43

Phase encoding 43

Spread spectrum 43

Parity encoding 43

Echo hiding 44

DeepSound 44

Using stenography practically 45

Digital watermarking 46

Suggested projects 48

4 Hacking overview 49

Case histories - a context and background of hacks and hacker's motivations 49

Worms 49

Viruses 50

Deception 52

File replication 52

Trojan 53

Botnets 54

DDoS 55

Motivations behind malware 56

History 56

Case history: Stuxnet 58

Case history: Michael Calce (Aka MafiaBoy) 59

Case history: Jonathan James 60

Case history: Gary McKinnon 61

Case history: Lauri Love 62

Huawei 62

Techniques 63

Spoofing email - the basis of phishing attack 63

Bots and automated mechanisms 65

References 71

5 Packet analysis and penetration testing 73

Packet sniffing 73

Wireshark 74

Modifying Wireshark 78

Analysis with Wireshark 81

Analyzing malware - Trickbot 83

Conclusion 93

Suggested projects 93

6 Social engineering 95

Phishing 96

Spear phishing 97

Vishing 97

Smishing 98

Pretexting 98

Water holing 98

Baiting 98

Quid Pro Quo 99

Tailgating 99

Scareware 100

Other varieties 100

Social engineering process 100

Research 100

Engagement 100

The attack 101

The conclusion 101

Social engineering counter-measures 101

Training 101

Frameworks and protocols 101

Categorizing information 101

Protocols 101

Tests 101

Resistance to social engineering 102

Waste handling 102

General advice 102

Software protection 103

Intelligence and research used for social engineering 103

Sources 103

Search engines 103

Google Alerts 105

Google/Bing images 105

Using web archives 105

Social media 106

Specialized search engines 106

Media - documents, photographs, video 106

Telephone numbers and addresses 107

Online tracing with IP addresses and presence 107

Conclusions 107

References 107

7 Cyber countermeasures 109

Introduction 109

Training 109

Firewalls 109

Linux 109

Cloud 113

Shields 115

Malware detection 115

Websites 115

Antivirus 115

Ransomware 119

Keep backups! 120

Conclusions 120

Reference 121

8 Incident response and mitigation 123

Example: Malware outbreak 124

Remediation - clear and hold 128

Misunderstanding threats 129

Mistiming of response 130

Gauging the severity of an incident - triage 131

Analysis 132

Containment 134

Terminate 134

Failing to verify 135

Recovery 135

The notification process 136

European Union - GDPR 136

Ransomware 137

Individual reporting 137

Timing of breach notifications 138

The notification 140

Data privacy and protection in the United States 141

Comparison of EU versus US privacy laws 141

California Consumer Privacy Act 142

Basic CIS controls 144

Foundational CIS controls 146

Organizational CIS controls 148

Post-incident analysis and applying gained insights 150

Ongoing preparedness 150

Conclusions 151

References 151

9 Digital forensics 153

Introduction 153

Low level 154

System level 154

Application level 154

Network level 155

Storage level 155

Tape 155

Flash 156

SSD 157

USB memory devices 158

Information retrieval 158

Disk analysis 158

Memory forensics 158

Windows registry analysis 158

Mobile forensics 159

Network analysis 159

Linux distributions 159

Kali Linux 160

Binwalk tool 160

Bulk extractor tool 160

HashDeep tool 161

Magic rescue tool 161

Scalpel tool 161

Scrounge-NTFS tool 161

Guymager tool 161

Pdfid tool 162

Pdf-parser tool 162

Peepdf tool 162

Img_cat tool 162

ICAT tool 162

Srch_strings tool 162

Parrot 163

Black Arch Linux 163

BackBox Linux 163

ForL Ex 163

Technique 163

Preservation 163

Collection 164

Examination 164

Analysis 164

Analysis techniques 164

Targeted searches 167

Constructing timelines and events 167

Utilizing log files 167

Computer storage analysis 169

Moving files 170

Deleted file reconstruction 170

Directory restoration 171

Temporal analysis 171

Time bounding 172

Dynamic temporal analysis 172

Conclusions 172

References 172

10 Special topics: Countersurveillance in a cyber-intrusive world 173

Where is detection of an individual in the electronic domain possible? 173

Strategies for avoidance 174

Deletion 174

Obfuscation 175

Network 176

Tor 176

Identity 177

Defeating profiling and identity capture 177

False tells 177

One name, many people 178

Identifying device shuffling 178

Obfuscation agents and automated stealth 178

Suggested projects 179

Resource scanner 179

Hardware-based memory shredder 180

References 180

11 Special topics: Securing the Internet of Things (IoT) 181

Introduction 181

The use of crypto-integrated circuits 182

Comparison of crypto ICs 183

Wi-Fi connection 188

Cloud connectivity and dashboard 189

Security by design in IoT devices 191

Network devices with possible network weaknesses 193

Modems 193

Routers 193

Home appliances 193

Cameras 193

Environment sensors 194

Automation 194

Automotive 194

Streaming devices 194

Body sensors 194

Arduino IoT 194

Suggested projects 197

IoT robot with encrypted, communication channels 197

Encrypted chat system (hardware based) 197

References 198

Index 199

From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Computers - General & Miscellaneous
Computer Security
Computers
Computers - General & Miscellaneous
Computer Security

Customer Reviews