Verfügbarkeit: Introduction to computer and network security

Introduction to computer and network security: navigating shades of gray

Gespeichert in:

Bibliographische Detailangaben
Beteilige Person:	Brooks, Richard R. (VerfasserIn)
Format:	Buch
Sprache:	Englisch
Veröffentlicht:	Boca Raton, FL CRC Press 2014
Schlagwörter:	Computersicherheit Rechnernetz
Links:	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=027019353&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
Beschreibung:	Includes bibliographical references and index
Umfang:	XXIV, 295 S.
ISBN:	9781439860717

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV041573983
003	DE-604
005	20140210
007	t\|
008	140120s2014 xx \|\|\|\| 00\|\|\| eng d
010			\|a 2013026150
020			\|a 9781439860717 \|c hardback \|9 978-1-4398-6071-7
035			\|a (OCoLC)863669746
035			\|a (DE-599)GBV752349880
040			\|a DE-604 \|b ger \|e aacr
041	0		\|a eng
049			\|a DE-703
082	0		\|a 005.8
084			\|a ST 277 \|0 (DE-625)143643: \|2 rvk
100	1		\|a Brooks, Richard R. \|e Verfasser \|4 aut
245	1	0	\|a Introduction to computer and network security \|b navigating shades of gray \|c Richard R. Brooks
246	1	3	\|a Computer and network security
264		1	\|a Boca Raton, FL \|b CRC Press \|c 2014
300			\|a XXIV, 295 S.
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
500			\|a Includes bibliographical references and index
520	1		\|a "This text provides a classroom-tested, practical introduction to software design and implementation, cryptographic tools, and networking issues while addressing social, economic, and political implications. It covers cutting-edge topics, such as wireless security and attacks on websites, privacy and digital rights management, and recent work on security and economics. The text includes hands-on projects to help students better understand how computers and networks function. It also contains a number of case studies and discussion points"--
650	0	7	\|a Computersicherheit \|0 (DE-588)4274324-2 \|2 gnd \|9 rswk-swf
650	0	7	\|a Rechnernetz \|0 (DE-588)4070085-9 \|2 gnd \|9 rswk-swf
689	0	0	\|a Computersicherheit \|0 (DE-588)4274324-2 \|D s
689	0	1	\|a Rechnernetz \|0 (DE-588)4070085-9 \|D s
689	0		\|5 DE-604
856	4	2	\|m Digitalisierung UB Bayreuth - ADAM Catalogue Enrichment \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=027019353&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
943	1		\|a oai:aleph.bib-bvb.de:BVB01-027019353

Datensatz im Suchindex

_version_	1819382646665379840
adam_text	Contents List of Figures xi List of Tables xv Foreword xvii About the Author i Acknowledgments Preface xxiii 1 Brief History of Computers, Communications, and Security 1 1.1 Pre- Renaissance ......................... 2 1.2 Renaissance to World War I .................. 4 1.3 World War I ........................... ? 1.4 World Wrar II ........................... 9 1.5 Cold War ............................. 14 1.6 Organized Crime and Botnets ................. 18 1.7 Cyberwar ............................. 21 1.8 Problems ............................. 22 1.9 Glossary ............................. 23 2 Security and Privacy Overview 25 2.1 Introduction ........................... 25 2.2 Security Attributes ....................... 26 2.3 Social Engineering ........................ 2^ 2.3.1 Nigerian 419 scams .................... 31 2.3.2 Spam ........................... 31 2.3.3 Phishing .......................... 32 2.3.4 Pharming ......................... 33 2.3.5 Spear-phishing ...................... 34 2.3.6 Mules ........................... 34 2.4 Authentication and Authorization ............... 34 О о 2.5 Access Permissions ....................... oo О О 2.5.1 Unix file access permissions ............... oo 2.5.2 OASIS standards ..................... 40 vi Contents 2.6 Audit ............................... 42 2.7 User Interface Issues ....................... 43 2.8 On Trusting Trust ........................ 45 2.9 Taxonomy of Attacks ...................... 46 2.9.1 Vulnerabilities ...................... 47 2.9.2 Attacks .......................... 49 2.9.3 Advanced persistent threat ............... 51 2.10 Case Study - Mobile Code ................... 52 2.11 Case Study - Connected Vehicles ............... 56 2.11.1 Anti-theft systems .................... 58 2.11.2 Vehicular Ad Hoc Network (VANet) .......... 60 2.11.3 Electronic control units ................. 62 2.11.4 Integrated business services ............... 63 2.11.5 Connected vehicle summary ............... 67 2.12 Summary ............................. 69 2.13 Problems ............................. 69 2.14 Glossary ............................. 71 3 Cryptography Primer 75 3.1 Introduction ........................... 75 3.2 Substitution Ciphers and Frequency Analysis ......... 78 3.3 Vigenère Cipher and Cryptanalysis .............. 80 3.4 Block Ciphers .......................... 82 3-4.1 Operations ........................ 83 3.4.2 Data Encryption Standard ............... 84 3.4.3 Advanced Encryption Standard ............. 85 3.4.4 ECB and CBC modes .................. 87 3.4.5 Cryptanalysis ....................... 88 3.5 RSA Public Key Cryptography ................. 90 3.6 Hash Functions ......................... 91 3.7 One-time Pads .......................... 92 3.8 Key Management ........................ 93 3.8.1 Notation and Communicating Sequential Processes (CSP) ........................... 93 3.8.2 Symmetric key distribution ............... 93 3.8.3 Asymmetric key distribution and public key infrastruc¬ ture (PKI) ........................ 94 3.9 Message Confidentiality ..................... 95 3.10 Steganography .......................... 96 3.11 Obfuscation and Homomorphic Encryption .......... 96 3.12 Problems ............................. 99 3.13 Glossary ............................. 100 Contents vii 4 SSL/TLS - Case Study Project 103 4.1 Introduction ........................... 104 4.2 Cryptographic Protocol ..................... 105 4.3 Verification ............................ 107 4.4 DNS and Routing ........................ Ill 4.5 X.509 and SSL Certificates ................... 116 4.6 Man-in-the-Middle Attacks ................... 120 4.7 Usability ............................. 121 4.8 Summary ............................. 122 4.9 Assignment ............................ 122 4.10 Problems ............................. 123 4.11 Glossary ............................. 123 5 Securing Networks 125 5.1 Introduction ........................... 125 5.2 Firewalls ............................. 126 5.3 Virtual Private Networks (VPNs) ............... 127 5.4 Wireless Security ........................ 129 5.5 Intrusion Detection Systems (IDS) ............... 131 5.5.1 Statistical IDS ...................... 131 5.5.2 Biologically inspired IDS ................. 132 5.5.3 IDS testing ........................ 132 5.5.4 IDS products ....................... 134 5.6 Denial of Service ......................... 137 5.7 Problems ............................. 140 5.8 Glossary ............................. 140 6 Virtual Private Network - Case Study Project 143 6.1 Laboratory Preparation ..................... 143 6.2 Assignment ............................ 144 6.3 Virtual Machine (VM) Use ................... 145 6.4 Sniffer Use ............................ 150 6.5 VPN Installation ......................... 152 6.6 Problems ............................. 153 6.7 Glossary ............................. 154 7 Insertion Attacks 7.1 SQL Injection .......................... 155 7.2 Buffer Overflow Attack ..................... 157 7.3 Printer Format Vulnerability .................. 158 7.4 SSH Insertion Attacks ...................... 161 7.5 IDS Insertion Attacks ...................... 162 7.6 Viruses .............................. 163 7.7 Worms .............................. 164 7.8 Virus and Worm Propagation ................. 166 viii Contents 7.9 Problems ............................. 171 7.10 Glossary ............................. 171 8 Buffer Overflow - Case Study Project 173 8.1 Stack Smashing ......................... 174 8.1.1 Stack exploration ..................... 179 8.1.2 Shell code ......................... 182 8.2 Heap Smashing ......................... 183 8.2.1 Code injection - heap spray ............... 184 8.2.2 Heap corruption ..................... 184 8.3 Arc Injection ........................... 185 8.4 Pointer Clobbering ....................... 185 8.5 Countermeasures ......................... 186 8.6 Assignment ............................ 187 8.7 Problems ............................. 188 8.8 Glossary ............................. 189 9 Polymorphic Virus — Advanced Case Study Project 197 9.1 Virus Basics ........................... 198 9.2 Anti-virus ............................ 199 9.3 Pseudo-virus with Alternate Data Streams .......... 201 9.4 Simple Virus - Timid ...................... 202 9.5 Infection Spreading ....................... 203 9.6 Self-modifying Code ....................... 205 9.7 Simple Polymorphism ...................... 206 9.8 Packing and Encryption ..................... 207 9.9 Frankenstein Viruses ...................... 208 9.10 Assignment ............................ 208 9.11 Problems ............................. 209 9.12 Glossary ............................. 209 10 Web Security 211 10.1 Cross Site Scripting (XSS) ................... 212 10.2 Cross Site Request Forgery (XSRF, CSRF) .......... 213 10.3 Man-in-the-Browser ....................... 214 10.4 Penetration Testing ....................... 214 10.5 Problems ............................. 215 10.6 Glossary ............................. 216 11 Privacy and Anonymity 217 11.1 Anonymity Metrics ....................... 219 11.2 Anonymity Tools ........................ 220 11.3 Computer Forensic Tools .................... 224 11.4 Privacy Laws ........................... 226 11.5 Privacy Discussion Assignments - Antonin Scalia ...... 228 11.5.1 Dog poop girl ....................... 228 Contents ix 11.5.2 Antonin Scalia ...................... 228 11.6 Problems............................. 230 11.7 Glossary ............................. 230 12 Side-Channel Attacks 231 12.1 Power Analysis .......................... 232 12.2 Traffic Analysis ......................... 233 12.3 Time Analysis .......................... 234 12.4 Red-black Separation ...................... 236 12.5 Side-channel Countermeasures ................. 236 12.6 Problems ............................. 238 12.7 Glossary ............................. 238 13 Digital Rights Management and Copyright 239 13.1 Copyright History ........................ 239 13.2 Fair Use ... !......................... 241 13.3 Creative Commons ....................... 241 13.4 Digital Rights Management ................... 242 13.5 Digital Millennium Copyright Act ............... 243 13.6 The Darknet ........................... 243 13.7 Patent Trolls ........................... 244 13.8 Discussion Assignment - Business Case for DR M....... 245 13.9 Discussion Assignment - Technical Case for DKM ...... 245 13. lOGlossary ............................. 245 14 Security Economics 247 14.1 Liability and EULAs ...................... 248 14.2 Network Externalities ...................... 248 14.3 Code Bloat ............................ 249 14.4 Lemon Markets ......................... 249 14.5 Software Engineering ...................... 249 14.6 Macroeconomics and Game Theory Introduction ....... 250 14.7 Problems ............................. 250 14.8 Glossary ............................. 250 15 Conclusions 253 Bibliography 255 Index 289
any_adam_object	1
author	Brooks, Richard R.
author_facet	Brooks, Richard R.
author_role	aut
author_sort	Brooks, Richard R.
author_variant	r r b rr rrb
building	Verbundindex
bvnumber	BV041573983
classification_rvk	ST 277
ctrlnum	(OCoLC)863669746 (DE-599)GBV752349880
dewey-full	005.8
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.8
dewey-search	005.8
dewey-sort	15.8
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>02060nam a2200397 c 4500</leader><controlfield tag="001">BV041573983</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20140210 </controlfield><controlfield tag="007">t\|</controlfield><controlfield tag="008">140120s2014 xx \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="010" ind1=" " ind2=" "><subfield code="a">2013026150</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781439860717</subfield><subfield code="c">hardback</subfield><subfield code="9">978-1-4398-6071-7</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)863669746</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)GBV752349880</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">aacr</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-703</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Brooks, Richard R.</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Introduction to computer and network security</subfield><subfield code="b">navigating shades of gray</subfield><subfield code="c">Richard R. Brooks</subfield></datafield><datafield tag="246" ind1="1" ind2="3"><subfield code="a">Computer and network security</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Boca Raton, FL</subfield><subfield code="b">CRC Press</subfield><subfield code="c">2014</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XXIV, 295 S.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Includes bibliographical references and index</subfield></datafield><datafield tag="520" ind1="1" ind2=" "><subfield code="a">"This text provides a classroom-tested, practical introduction to software design and implementation, cryptographic tools, and networking issues while addressing social, economic, and political implications. It covers cutting-edge topics, such as wireless security and attacks on websites, privacy and digital rights management, and recent work on security and economics. The text includes hands-on projects to help students better understand how computers and networks function. It also contains a number of case studies and discussion points"--</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Rechnernetz</subfield><subfield code="0">(DE-588)4070085-9</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Rechnernetz</subfield><subfield code="0">(DE-588)4070085-9</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Bayreuth - ADAM Catalogue Enrichment</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=027019353&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="943" ind1="1" ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-027019353</subfield></datafield></record></collection>
id	DE-604.BV041573983
illustrated	Not Illustrated
indexdate	2024-12-20T16:49:37Z
institution	BVB
isbn	9781439860717
language	English
lccn	2013026150
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-027019353
oclc_num	863669746
open_access_boolean
owner	DE-703
owner_facet	DE-703
physical	XXIV, 295 S.
publishDate	2014
publishDateSearch	2014
publishDateSort	2014
publisher	CRC Press
record_format	marc
spellingShingle	Brooks, Richard R. Introduction to computer and network security navigating shades of gray Computersicherheit (DE-588)4274324-2 gnd Rechnernetz (DE-588)4070085-9 gnd
subject_GND	(DE-588)4274324-2 (DE-588)4070085-9
title	Introduction to computer and network security navigating shades of gray
title_alt	Computer and network security
title_auth	Introduction to computer and network security navigating shades of gray
title_exact_search	Introduction to computer and network security navigating shades of gray
title_full	Introduction to computer and network security navigating shades of gray Richard R. Brooks
title_fullStr	Introduction to computer and network security navigating shades of gray Richard R. Brooks
title_full_unstemmed	Introduction to computer and network security navigating shades of gray Richard R. Brooks
title_short	Introduction to computer and network security
title_sort	introduction to computer and network security navigating shades of gray
title_sub	navigating shades of gray
topic	Computersicherheit (DE-588)4274324-2 gnd Rechnernetz (DE-588)4070085-9 gnd
topic_facet	Computersicherheit Rechnernetz
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=027019353&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT brooksrichardr introductiontocomputerandnetworksecuritynavigatingshadesofgray AT brooksrichardr computerandnetworksecurity

Verfügbarkeit

‌

Inhaltsverzeichnis