Cyber warfare : techniques, tactics and tools for security practitioners / Jason Andress, Steve Winterfeld ; Russ Rogers, technical editor ; foreword by Stephen Northcutt.
Material type: TextPublication details: Amsterdam ; Boston : Syngress/Elsevier, c2011.Description: xxvii, 289 p. : ill. ; 24 cmISBN:- 9781597496377 (pbk. : alk. paper)
- 1597496375 (pbk. : alk. paper)
- 355.3/43 23
- U163 .A64 2011
Item type | Current library | Collection | Call number | Copy number | Status | Date due | Barcode | |
---|---|---|---|---|---|---|---|---|
Books | MAIN General | AUE Library Collection | U163 .A64 2011 (Browse shelf(Opens below)) | 1 | Available | 10040401 | ||
Books | MAIN General | AUE Library Collection | U163 .A64 2011 (Browse shelf(Opens below)) | 2 | Available | 10040391 |
Includes bibliographical references and index.
Acknowledgments -- About the authors -- About the technical editor -- Foreword -- Introduction -- Chapter 1: What Is Cyber Warfare? -- What is cyber warfare? -- Definition for cyber warfare -- Tactical and operational reasons for cyber war -- Cyber strategy and power -- Cyber arms control -- What is the United States doing about the threat of a cyber war? -- Have we seen a cyber war? -- Case studies -- Debate (is it real?) -- Why cyber warfare is important -- Summary -- Endnotes -- Chapter 2: Cyberspace Battlefield -- Boundaries in cyber warfare -- Defense in depth -- Physical infrastructure -- Organizational view -- Where cyber fits in the war-fighting domains -- Land -- Sea -- Air -- Space -- Cyber domain -- Threatscape -- Most active threats -- Most dangerous threats -- Motivations -- Fielding systems at the speed of need -- Summary -- Endnotes -- Chapter 3: Cyber Doctrine -- Current U S doctrine -- U S Forces -- U S Air Force -- U S Navy -- U S Army -- DoD INFOCONS -- Sample doctrine/strategy from around the world -- Chinese doctrine -- Other key nations developing doctrine -- Translating traditional military doctrine -- IPOE -- JMEM -- MOE -- BDA -- CAS -- COIN -- Guidance and directives -- CNCI -- DHS -- HSPD -- NIST -- Academia and industry associations -- Operations and exercises -- Federal exercises -- DoD exercises -- Educational exercises -- Sample MESLs -- Summary -- Endnotes -- Chapter 4: Cyber Warriors -- What does a cyber warrior look like? -- Certifications -- Education and training -- Experience and skills -- Differences from traditional forces -- Age -- Attitude -- Physical condition -- Credentials -- Present cyber warfare forces -- U S -- China -- Russia -- France -- Israel -- Brazil -- Singapore -- South Korea -- North Korea -- Australia -- Malaysia -- Japan -- Canada -- United Kingdom -- Other countries with cyber forces -- Corporate -- Criminal -- Staffing for cyber war -- Sources of talent -- Training the next generation -- Summary -- Endnotes --
Chapter 5: Logical Weapons -- Reconnaissance tools -- General information gathering -- Whois -- DNS -- Metadata -- Maltego -- Defense -- Scanning tools -- Nmap -- Nessus -- Defense -- Access and escalation tools -- Password tools -- Metasploit project -- Immunity CANVAS -- Defense -- Exfiltration tools -- Physical exfiltration -- Encryption and stegnaography -- Using common protocols -- Out of band methods -- Defense -- Sustainment tools -- Adding "authorize" access -- Backdoors -- Defense -- Assault tools -- Meddling with software -- Attacking hardware -- Defense -- Obfuscation tools -- Location obsuration -- Log manipulation -- File manipulation -- Defense -- Summary -- Endnotes -- Chapter 6: Physical Weapons -- How the logical and physical realms are connected -- Logical systems run on physical hardware -- Logical attacks can have physical effects -- Infrastructure concerns -- What is SCADA? -- What security issues are present in the world of SCADA? -- What are the consequences of SCADA failures? -- Supply chain concerns -- Compromised hardware -- Deliberately corrupted components -- Non-technical issues -- Tools for physical attack and defense -- Electromagnetic attacks -- Covert activity -- Summary -- Endnotes -- Chapter 7: Psychological Weapons -- Social engineering explained -- Is social engineering science? -- SE tactics techniques and procedures (TTPs) -- Types of SE approaches -- Types of SE methodologies -- How the military approaches social engineering -- Army doctrine -- How the military defends against social engineering -- How the army does CI -- Air Force approach -- Summary -- Endnotes -- Chapter 8: Computer Network Exploitation -- Intelligence and counter-intelligence -- Sources of cyber attacks -- Attackers and sponsors of attacks -- Reconnaissance -- Open source intelligence -- Passive reconnaissance -- Surveillance -- Justifications for surveillance -- Advanced persistent threat -- Voice surveillance -- Data surveillance -- Large-scale surveillance programs -- Uses of surveillance data -- Summary -- Endnotes -- Chapter 9: Computer Network Attack -- Waging war in the cyber era -- Physically -- Electronically -- Logically -- Reactively vs proactively -- Time as a factor -- Attack process -- Recon -- Scan -- Access -- Escalate -- Exfiltrate -- Assault -- Sustain -- Obfuscate -- Summary -- Endnotes -- Chapter 10: Computer Network Defense -- What we protect -- Confidentiality, integrity, availability -- Authenticate, authorize, and audit -- Security awareness and training -- Awareness -- Training -- Defending against cyber attacks -- Policy and compliance -- Surveillance, data mining, and pattern matching -- Intrusion detection and prevention -- Vulnerability assessment and penetration testing -- Disaster recovery planning -- Defense in depth -- Summary -- Endnotes -- Chapter 11: Non-State Actors In Computer Network Operations -- Individual actors -- Script kiddies -- Malware authors -- Scammers -- Blackhats -- Hacktivists -- Patriot hackers -- Corporations -- Motivation for corporations to act in cyber warfare -- Cyber terrorism -- Reasons for cyber terrorist attacks -- What will happen when we see a cyber terrorist attack? -- Organized cyber crime -- Motivations for criminal organizations -- Autonomous actors -- Exploratory systems -- Attack systems -- Defensive systems -- Summary -- Endnotes -- Chapter 12: Legal System Impacts -- Legal systems -- International -- United States laws -- Criminal law -- Key U S laws -- International trafficking in arms regulations -- U S cyber related laws -- Privacy impacts -- Electronic Communications Privacy Act -- Digital forensics -- Certification -- Summary -- Endnotes -- Chapter 13: Ethics -- Ethics in cyber warfare -- Use of force -- Intent -- Secrecy -- Attribution -- Military ethics -- Bellum Iustum (Just war theory) -- Jus as Bellum (The right to wage war) -- Jus in Bello (Proper conduct in war) -- Jus Post Bellum (Justice after war) -- Summary -- Endnotes -- Chapter 14: Cyberspace Challenges -- Cybersecurity issues defined -- Policy -- Processes -- Technical -- Skills -- People -- Organization -- Core (impacting all areas) -- Interrelationship of cybersecurity issues -- Way ahead -- Summary -- Endnotes -- Chapter 15: Future Of Cyber War -- Near term trends -- Most likely and most dangerous courses of action -- New technologies and new problems -- International interactions -- Summary -- Endnotes -- Appendix: Cyber Timeline -- Index.
Overview: Cyber Warfare explores the battlefields, participants and the tools and techniques used during today's digital conflicts. The concepts discussed in this book will give those involved in information security at all levels a better idea of how cyber conflicts are carried out now, how they will change in the future and how to detect and defend against espionage, hacktivism, insider threats and non-state actors like organized criminals and terrorists. Every one of our systems is under attack from multiple vectors-our defenses must be ready all the time and our alert systems must detect the threats every time. Provides concrete examples and real-world guidance on how to identify and defend your network against malicious attacks; Dives deeply into relevant technical and factual information from an insider's point of view; Details the ethics, laws and consequences of cyber war and how computer criminal law may change as a result.
There are no comments on this title.