Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Cover
Half Title
Title Page
Copyright Page
Table of Contents
Preface
Authors
1 Introduction to Security Threats
2 The 2014–2015 Anthem Blue Cross and Blue Shield Break-In Case Study
Step 1: Reconnaissance
Step 2: Picking the Right Target and Spear Phishing Them
Spear Phishing
Waterholes
Step 3: Initial System Entry
Next Steps to Establish an Undetectable Anonymous Persistent Presence
Password Decryption Process and Equipment
Testbed
Final Steps
Tools Used by Hackers to Acquire Valid Entry Credentials and Tools Used by Security Personnel to Detect Activity and Malware and Protect the Stored Data
Tool 1: Initial Spear-Phishing Entry Leading to the ScanBox Keystroke Logger
Tool 2: Setting Up an Anonymous Path Using Tor
Tool 3: CrowdStrike Identified Hacker Clusters, China Chopper Web-Shell Controller
CrowdStrike’s Identified Hacking Clusters
China Chopper Web Shell Controller
Types of Common Monitoring Software Employed
Looking for Derusbi Parsing Software
RSA’s ECAT Scanning Software
Yara’s Operation
3 Anonymous Persistent Threats
Rivest–Shamir–Adleman (RSA) Identified Shell Crew
Kaspersky Lab Has Identified a Recent Attack Group That Identifies Its Tools as Careto: The Mask
Dark Web
4 Creating Secure Code
First Principle of Code Protection: Code Isolation and Confinement
Code Isolation Techniques
Implementation of the Four Code-Confinement Methods
Reference Monitors
OS Chroots
OS Jail Routines
FreeBSD Jail
Linux’s Ptrace Monitor and Systrace Routines
Employing Applications Such as Ostia or NACI
Isolation of Virtual Machines
Computer Virtualization
Threats to Computer Virtualization
Subverting VM Isolation
VM-Based Malware
Software Fault Isolation
5 Providing a Secure Architecture
Providing a Secure Architecture
Isolation and Least Privilege
Access Control Concepts
Operating Systems
Browser Isolation and Least Privilege
Hacking Attacks
Spear Phishing and Behavioral Attacks
Spoofing, Digital Misrepresentation, and Mobile Security
6 The Hacker Strategy: Expanded
Lab Analysis and Learning Vulnerabilities
Hacker Strategies
Reconnaissance
Attracting the Victim
Gain Control
Exfiltrate Data and Conscript
Overall: Cloak the Source
Antivirus Protection
Crack Passwords
The Key
Zero-Days
Basic Control of Hijacking Attacks
Platform Defenses
Run-Time Defenses
Advanced Hijacking Attacks: Heap Spraying
The Final Solution to Hacking Attacks
7 Malware, Viruses, Worms, Bugs, and Botnets
Introduction
Botnets: Process and Components and History
Viruses and Worms
A More Detailed Examination of Malware, Viruses, Trojans, and Bots/Botnets
Worms
Some Examples of Historical Worm Attacks
Morris Worm
Code Red I and Code Red II Worms
Nimda Worm
SQL Slammer
Conficker Worm
E-Mail Worms
Love Bug Worm
MyDoom Worm
Storm Worm and Storm Botnet
Viruses
Virus Propagation
Payload
Detecting a Virus
Polymorphic Code
Metamorphic Code
When Malware Is Detected
Botnets
Star-Structured Botnets
Hierarchical Botnets
Defending from Botnets
Anonymity and Sneakiness
Sneakiness and Side-Channel Attacks
Covert Channels
Security
Side Channels
Side Channels in Web Surfing
Exploiting Side Channels for Stealth Scanning
UI Side-Channel Snooping
Bugs
Detecting Attacks and Removal Systems
Intrusion Detection Systems
Host-Based and Network-Based Intrusion Detection Systems
Network-Based Intrusion Detection Systems
Host-Based Intrusion Detection Systems
Honeypot Traps out in the Network
Passive and Reactive Systems
Statistical Anomaly and Signature-Based IDSs
Comparison with Firewalls
Detection Evasion Techniques
Forensics
Detecting Attacks and Attackers with Examples
Symmetric Cryptography
The Problem of Detecting Attacks
Directory Traversal
What Is Another Method to Detect This Attack?
An Alternate Paradigm
Detection Accuracy
Detecting Successful Attacks
Detection versus Blocking
Styles of Detection
Signature Based
Vulnerability Signatures
Anomaly Based
Specification-Based Detection
Behavioral Detection
The Problem of Evasion
8 Cryptography and the RSA Algorithm
Data Encryption Standard and Advanced Encryption Standard
Public Keys
Modern Approaches for Breaking Encryption
Current Cryptography Concepts
More Cryptography, Private-Key, Public-Key Encryption, RSA Algorithm Details
9 Browser Security and Cross-Site Scripting
Three Web Threat Models
Web-Page Content
Code Isolation
Browser Security Model
Hypertext Transfer Protocol
Rendering Content
Isolation
Security User Interface
Cookies
Frame Busting
Browser Code Isolation
Web Worker
Sandbox
Cross-Origin Resource Sharing
Content Security Policy
10 Banking Security, Zeus, and SpyEye
Fraud Process
Risk Management Process for Banks
Zeus and SpyEye Attacks
Online Fraud and the Impacts of Zeus and SpyEye Attacks
11 Web Application Security
Basics of SQL Injections
More Examples of Injection-Based Attacks
A Review of the ScanBox Software
12 Session Management, User Authentication, and Web Application Security
Session Management and User Authentication
Session Management
HTTP Cookies
Session ID
Storing Session IDs
Web Application Security
Structured Query Language Injection
An SQL Injection Example: The CardSystems Solutions Attack
Cross-Site Request Forgery
Cross-Site Scripting
Example of an XSS Attack on PayPal
Session Management and User Authentication Conclusion
13 Web Security, DNS Security, and the Internet
14 Network Security and Defenses
Network Security: Recap
Protocols
Address Resolution Protocol
Internet Protocol
Packet Sniffing
User Datagram Protocol (UDP)
Blind TCP Session Hijacking
Stopping Services
Exhausting Resources
SYN Flooding
Smurf DoS Attacks
Internet Control Message Protocol
Distributed Denial-of-Service Attacks
Cryptographic Network Protection
Internet Protocol Security
Network Attacks
Physical/Link-Layer Threats: Eavesdropping
Physical/Link-Layer Threats: Spoofing
Layer 3 Threats
Layer 4 TCP and UDP Threats
DHCP Threats
Domain Name System Threats
Concluding Highlights
15 Network Security Protocols and Defensive Mechanisms
Network Security Protocols
IP Security (IPSec) Protocol
Phase 1
Phase 2
Layer 2: Link-Layer Connectivity of Wireless
TCP/IP Basic Layer 2–3 Security Problems
Defense Mechanisms That Can Be Employed
Virtual Private Network
Several Different Protocols Then Apply to These Modes
Basic Packet Formats
Filtering Network Traffic at the IP Level
Basic Packet Filtering
Firewall Stateful Packet Filtering
Other Protocols of Concern
IP Fragmentation
Transport Layer Security
Proxy Firewall
Web Traffic Scanning
Intrusion Detection Systems
Two Critical Infrastructure Protocols: BGP and DNS
Infrastructure Protocols for DNS and DNSSEC
Network Control Firewalls
Security Principle Reference Monitors
16 Denial-of-Service Attacks
17 Mobile Platform Security
Comparison of Mobile Platforms
Apple iOS Operating System
Core OS Layer
Core Services Layer
Media Layer
Cocoa Touch Layer
Development of iOS Applications
Apple iOS Security
Android Mobile Smartphone
Android Security Model
Security Features
App Development Concepts
Exploit Prevention
Layers of Security
Java Sandbox
Apple iOS versus Android Operating System Comparisons
Windows Mobile Models 7 and 8 Devices
Windows Phone OS 7.0 Security Model
.NET Code Access Security That Can Be Exploited on Windows Phones
Mobile Platform Security
Mobile Platform Security
Attack Vectors for Mobile Devices
18 Cellular Access Security: 4G LTE, Mobile WiMAX, 5G, and MIMOs
First-Generation Cellular Network
Security Issues and Drawbacks
Second-Generation Cellular Network
Security Issues and Drawbacks
Third-Generation Cellular Network
Security Issues and Drawbacks
Information Security
Security Analysis
Goals and Objectives in Security
Boundaries and Limitations in Security
Types of Security Issues
Types of Security Attacks
Architecture of Security
4G Security (LTE and WiMAX)
WiMAX Introduction
History of WiMAX
Evolution of Mobile WiMAX
Mobile WiMAX Architecture
WiMAX Security, Threats, and Solutions
4G LTE Introduction
History of 4G LTE
4G LTE Architecture
4G LTE Security, Threats, and Solutions
A 5G Future
5G Security
HetNets
Massive MIMO
Millimeter Wave
Conclusion
19 Wireless LAN Security
Regulatory WLAN Security Standards
802.11a
802.11b
802.11g
802.11n
802.11ac
802.11af
802.11i
Wire Lined to Wireless Transition
WNIC
Corporate Background of Wireless Networks
Wireless Network Security Methods
CIA Triangle of Confidentiality, Integrity, and Availability
Smart Cards
Security Tokens and Software Tokens
Wireless Security History, Standards, and Developments
Wired Equivalent Privacy
Wi-Fi Protected Access
Temporal Key Integrity Protocol (TKIP)
Extensible Authentication Protocol (EAP)
Lightweight Extensible Authentication Protocol (LEAP)
Protected Extensible Authentication Protocol (PEAP)
Wireless Transport Layer Security (WTLS)
Wi-Fi Protected Setup (WPS)
WPA2
Other Security Considerations
Threats of Wireless Networks
Confidentiality Attacks
Access Control Attacks
Conclusion
20 The Stuxnet Worm and the Vulnerability of the U.S. Electric Power Grid
More Details of the Stuxnet Worm Used for Cyber Warfare
Attack Process
Path 1: Via WinCC
Path 2: Via Network Shares
Path 3: Via the MS10-061 Print Spooler 0-Day Vulnerability
Path 4: Via the MS08-067 SMB Vulnerability
Path 5: Via Step7 Projects
Stuxnet Damage
Cyber Terrorism after Stuxnet
Stuxnet Attack Summary
Response and Industrial Control Security
The Vulnerable U.S. Electronic Power Grid
Components and Operating Elements of the U.S. Electric Power Grid
Irreplaceable Large Power Transformers and Our Smart Grid Risk
Smart Meters
Programmable Logic Controllers
Advantages of PLCs
Distribution Transformers and Controllers
Local PLC Inner-Loop Controller
A SCADA System
Conclusion
21 Cyber Warfare
Weapons of Cyber War
Cyber Crime as a Service
Hacktivists
22 Conclusion
Bibliography
Appendix
Index
← Prev
Back
Next →
← Prev
Back
Next →