1st Edition

Cyber Security Essentials

Edited By James Graham, Ryan Olson, Rick Howard Copyright 2010
    342 Pages 131 B/W Illustrations
    by Auerbach Publications

    344 Pages
    by Auerbach Publications

    The sophisticated methods used in recent high-profile cyber incidents have driven many to need to understand how such security issues work. Demystifying the complexity often associated with information assurance, Cyber Security Essentials provides a clear understanding of the concepts behind prevalent threats, tactics, and procedures.

    To accomplish this, the team of security professionals from VeriSign’s iDefense® Security Intelligence Services supply an extensive review of the computer security landscape. Although the text is accessible to those new to cyber security, its comprehensive nature makes it ideal for experts who need to explain how computer security works to non-technical staff. Providing a fundamental understanding of the theory behind the key issues impacting cyber security, the book:

    • Covers attacker methods and motivations, exploitation trends, malicious code techniques, and the latest threat vectors
    • Addresses more than 75 key security concepts in a series of concise, well-illustrated summaries designed for most levels of technical understanding
    • Supplies actionable advice for the mitigation of threats
    • Breaks down the code used to write exploits into understandable diagrams

    This book is not about the latest attack trends or botnets. It’s about the reasons why these problems continue to plague us. By better understanding the logic presented in these pages, readers will be prepared to transition to a career in the growing field of cyber security and enable proactive responses to the threats and attacks on the horizon.

    Cyber Security Fundamentals
    Network and Security Concepts 
         Information Assurance Fundamentals
         Basic Cryptography
         Symmetric Encryption
         Public Key Encryption
         The Domain Name System (DNS) 
         Firewalls
         Virtualization
         Radio-Frequency Identification
    Microsoft Windows Security Principles
         Windows Tokens
         Window Messaging
         Windows Program Execution
         The Windows Firewall

    Attacker Techniques and Motivations
    How Hackers Cover Their Tracks (Anti-forensics) 
         How and Why Attackers Use Proxies 
         Tunneling Techniques
    Fraud Techniques
         Phishing, Smishing, Vishing and Mobile Malicious Code
         Rogue Anti-Virus
         Click Fraud
    Threat Infrastructure 
         Botnets 
         Fast-Flux 
         Advanced Fast-Flux

    Exploitation
    Techniques to Gain a Foothold
         Shellcode 
          Integer Overflow Vulnerabilities 
         Stack-Based Buffer Overflows 
         Format-String Vulnerabilities
         SQL Injection 
         Malicious PDF Files 
         Race Conditions 
         Web Exploit Tools 
         DoS Conditions 
         Brute-Force and Dictionary Attacks
    Misdirection, Reconnaissance and Disruption Methods 
         Cross-Site Scripting (XSS) 
         Social Engineering 
         WarXing 
         DNS Amplification Attacks

    Malicious Code
    Self-Replicating Malicious Code 
         Worms 
         Viruses
    Evading Detection and Elevating Privileges 
         Obfuscation 
         Virtual Machine Obfuscation 
         Persistent Software Techniques 
         Rootkits 
         Spyware 
         Attacks against Privileged User Accounts and Escalation of Privileges 
         Token Kidnapping 
         Virtual Machine Detection
    Stealing Information and Exploitation 
         Form Grabbing 
         Man-in-the-Middle Attacks 
         DLL Injection 
         Browser Helper Objects

    Defense and Analysis Techniques
    Memory Forensics 
         Why Memory Forensics Is Important 
         Capabilities of Memory Forensics 
         Memory Analysis Frameworks 
         Dumping Physical Memory 
         Installing and Using Volatility 
         Finding Hidden Processes 
         Volatility Analyst Pack
    Honeypots
    Malicious Code Naming
    Automated Malicious Code Analysis Systems
         Passive Analysis
         Active Analysis
         Physical or Virtual Machines
    Intrusion Detection Systems 

     iDefense Special File Investigation Tools

     

    Biography

    This book is the direct result of the outstanding efforts of a talented pool of security analysts, editors, business leaders and security professionals, all of whom work for iDefense Security Intelligence Services; a business unit of VeriSign, Inc. iDefense is an open-source, cyber security intelligence operation that maintains expertise in vulnerability research and alerting, exploit development, malicious code analysis, underground monitoring and international actor attribution. iDefense provides intelligence products to Fortune 1,000 companies and three-letter agencies in various world governments. iDefense also maintains the Security Operations Center for the Financial Sector Information Sharing and Analysis Center (FS-ISAC); one of 17 ISACs mandated by the US government to facilitate information sharing throughout the country's business sectors. iDefense has the industry-unique capability of determining not only the technical details of cyber security threats and events (the what, the when and the where), but because of their international presence, iDefense personnel can ascertain the most likely actors and motivations behind these attacks (the who and the why). For more information, please contact [email protected].