You are previewing Handbook of Information Security: Threats, Vulnerabilities, Prevention, Detection, and Management, Volume 3.
O'Reilly logo
Handbook of Information Security: Threats, Vulnerabilities, Prevention, Detection, and Management, Volume 3

Book Description

The Handbook of Information Security is a definitive 3-volume handbook that offers coverage of both established and cutting-edge theories and developments on information and computer security. The text contains 180 articles from over 200 leading experts, providing the benchmark resource for information security, network security, information privacy, and information warfare.

Table of Contents

  1. Cover Page
  2. Title Page
  3. Copyright
  4. Dedication
  5. About the Editor-in-Chief
  6. Editorial Board
  7. Contents
  8. Contributors
  9. Preface
    1. TOPIC CATEGORIES
  10. Guide to the Handbook of Information Security
    1. Organization
    2. Table of Contents
    3. Index
    4. Chapters
    5. Outline
    6. Introduction
    7. Body
    8. Conclusion
    9. Glossary
    10. Cross-References
    11. References
  11. PART 1: Threats and Vulnerabilities to Information and Computing Infrastructures
    1. Internal Security Threats
      1. INTRODUCTION
      2. EXTENT OF THE PROBLEM
      3. CHARACTERISTICS AND MOTIVATIONS
      4. INSIDER TYPOLOGY
      5. FACTORS AND CAUSES
      6. MITIGATION
      7. CONCLUSION
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    2. Physical Security Threats
      1. INTRODUCTION
      2. FUNDAMENTAL THREATS TO SUSTAINING INFORMATION
      3. DISASTERS AND THE THREATS THEY BRING
      4. PHYSICAL MEANS OF MISAPPROPRIATING RESOURCES
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    3. Fixed-Line Telephone System Vulnerabilities
      1. INTRODUCTION
      2. IMPLICATIONS OF A SECURE FIXED-LINE TELEPHONE SYSTEM
      3. VULNERABILITIES OF TRADITIONAL FIXED-LINE TELEPHONE SYSTEMS
      4. VULNERABILITIES OF THE EMERGING TELEPHONE TECHNOLOGY
      5. COUNTERMEASURES FOR TELEPHONE SYSTEM VULNERABILITIES
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
      10. FURTHER READING
    4. E-Mail Threats and Vulnerabilities
      1. INTRODUCTION
      2. SOCIAL AND ANTISOCIAL E-MAIL ISSUES
      3. SPAM AND RELATED E-MAIL ABUSE
      4. E-MAIL ABUSE AND POLICY-BASED SOLUTIONS
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    5. E-Commerce Vulnerabilities
      1. INTRODUCTION
      2. E-SHOPLIFTING
      3. CREDIT CARD PAYMENTS
      4. PROTECTING CREDIT CARD PAYMENTS
      5. ONLINE AUCTIONS
      6. NONREPUDIATION
      7. TRUST AND REPUTATION
      8. CONCLUSION
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
      12. FURTHER READING
    6. Hacking Techniques in Wired Networks
      1. INTRODUCTION
      2. PRINCIPLES OF HACKING
      3. ATTACKS AGAINST THE INTERNET INFRASTRUCTURE
      4. ATTACKS AGAINST END SYSTEMS OF THE INTERNET
      5. ATTACKS AGAINST ENTERPRISE NETWORK SYSTEMS
      6. CONCLUSION
      7. ACKNOWLEDGEMENTS
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    7. Hacking Techniques in Wireless Networks
      1. INTRODUCTION
      2. WIRELESS LAN OVERVIEW
      3. WIRELESS NETWORK SNIFFING
      4. WIRELESS SPOOFING
      5. WIRELESS NETWORK PROBING
      6. AP WEAKNESSES
      7. EQUIPMENT FLAWS
      8. DENIAL OF SERVICE
      9. MAN-IN-THE-MIDDLE ATTACKS
      10. Wireless MITM
      11. WAR DRIVING
      12. WIRELESS SECURITY BEST PRACTICES
      13. CONCLUSION
      14. GLOSSARY
      15. CROSS REFERENCES
      16. REFERENCES
      17. FURTHER READING
    8. Computer Viruses and Worms
      1. INTRODUCTION
      2. TROJAN HORSES, VIRUSES, WORMS, RATS, AND OTHER BEASTS
      3. MACRO VIRUSES
      4. E-MAIL VIRUSES
      5. WORMS (FIRST AND THIRD GENERATION)
      6. DETECTION TECHNIQUES
      7. PREVENTION AND PROTECTION TECHNIQUES
      8. NON-PC PLATFORM VIRUSES
      9. CONCLUSION
      10. GLOSSARY
      11. CROSS REFERENCES
      12. FURTHER READING
    9. Trojan Horse Programs
      1. INTRODUCTION
      2. HISTORY OF TROJAN HORSES
      3. COVERT TROJAN HORSE ATTACKS
      4. OVERT TROJAN HORSE ATTACKS
      5. DEFENSES AGAINST TROJAN HORSE PROGRAMS
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
      10. FURTHER READING
    10. Hoax Viruses and Virus Alerts
      1. INTRODUCTION
      2. RELATED ITEMS
      3. VIRUS WARNING HOAXES
      4. CHARACTERISTICS AND IDENTIFICATION
      5. PROTECTION AND POLICY
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
      10. FURTHER READING
    11. Hostile Java Applets
      1. INTRODUCTION
      2. JAVA SECURITY OVERVIEW
      3. LOW-LEVEL CODE SAFETY MECHANISMS
      4. HIGH-LEVEL CODE SAFETY MECHANISMS
      5. MALICIOUS BEHAVIOR
      6. CIRCUMVENTING POLICIES
      7. CONCLUSION
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    12. Spyware
      1. INTRODUCTION
      2. TECHNICAL ASPECTS OF SPYWARE
      3. SPYWARE FROM A SOCIAL PERSPECTIVE
      4. THE EFFECTS OF SPYWARE
      5. LEGAL RAMIFICATIONS
      6. COUNTERMEASURES FOR SPYWARE
      7. CONCLUSION
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    13. Mobile Code and Security
      1. INTRODUCTION
      2. A SURVEY OF MOBILE CODE SYSTEMS
      3. DESIGN ISSUES IN MOBILE CODE
      4. RESEARCH CHALLENGES OF MOBILE AGENT SECURITY
      5. AGENT HOST PROTECTION
      6. MOBILE AGENT PROTECTION
      7. CONCLUSIONS
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    14. Wireless Threats and Attacks
      1. INTRODUCTION
      2. TAXONOMY OF ATTACKS
      3. ATTACKS AGAINST WIRELESS NETWORKS
      4. SUMMARY
      5. GLOSSARY
      6. CROSS REFERENCES
      7. REFERENCES
      8. FURTHER READING
    15. WEP Security
      1. INTRODUCTION
      2. BACKGROUND
      3. WIRED EQUIVALENT PRIVACY
      4. VULNERABILITIES
      5. DEPLOYMENT
      6. NEW PROTOCOLS
      7. CONCLUSION
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
      11. FURTHER READING
    16. Bluetooth Security
      1. INTRODUCTION
      2. DETAILS OF THE BLUETOOTH SPECIFICATION
      3. SECURITY WEAKNESSES IN THE BLUETOOTH SPECIFICATION
      4. COUNTERMEASURES TO THE VULNERABILITIES IN BLUETOOTH SECURITY
      5. COMPARISON OF SECURITY MECHANISMS IN BLUETOOTH AND IEEE 802.11B
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    17. Cracking WEP
      1. INTRODUCTION
      2. WIRELESS THREATS
      3. DESIGN WEAKNESSES
      4. IMPLEMENTATION WEAKNESSES
      5. AUTOMATED WEP CRACKERS AND SNIFFERS
      6. ALTERNATIVES TO WEP
      7. CONCLUSION
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
      11. FURTHER READING
    18. Denial of Service Attacks
      1. WHAT ARE DoS ATTACKS?
      2. TYPES OF DoS ATTACKS
      3. PREVENTION OF DoS ATTACKS
      4. CONCLUSION
      5. GLOSSARY
      6. CROSS REFERENCES
      7. REFERENCES
    19. Network Attacks
      1. INTRODUCTION
      2. NETWORK INFRASTRUCTURE ATTACKS
      3. NETWORK PROTOCOL ATTACKS
      4. APPLICATION-BASED NETWORK WORMS AND VIRUSES
      5. CONCLUSION AND FURTHER READING
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    20. Fault Attacks
      1. INTRODUCTION
      2. FAULT INJECTION
      3. FAULT ANALYSIS
      4. COUNTERMEASURES
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    21. Side-Channel Attacks
      1. INTRODUCTION
      2. TIMING ATTACKS
      3. POWER ANALYSIS ATTACKS
      4. EM ANALYSIS
      5. ADVANCED SIDE-CHANNEL ANALYSIS TECHNIQUES
      6. COUNTERMEASURES
      7. FURTHER READING
      8. Reverse Engineering Using Side Channels: First Steps
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
  12. PART 2: Prevention: Keeping the Hackers and Crackers at Bay
    1. Physical Security Measures
      1. INTRODUCTION
      2. OVERVIEW OF THE PHYSICAL SECURITY DOMAIN
      3. CONTROLLING PHYSICAL ACCESS AND FIRE
      4. SUSTAINING INFORMATION ASSETS
      5. RECOVERING FROM BREACHES OF PHYSICAL SECURITY
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
      10. FURTHER READING
    2. RFID and Security
      1. INTRODUCTION
      2. HISTORY OF RADIO FREQUENCY IDENTIFICATION
      3. RADIO FREQUENCY IDENTIFICATION SYSTEM PRIMER
      4. ADVERSARIAL MODEL AND ATTACKS
      5. SECURITY COUNTERMEASURES
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    3. Cryptographic Privacy Protection Techniques
      1. INTRODUCTION
      2. WHERE IS PRIVACY IMPORTANT?
      3. CONTROLLED PRIVACY
      4. CONCLUSION: FURTHER READING
      5. GLOSSARY
      6. CROSS REFERENCES
      7. REFERENCES
    4. Cryptographic Hardware Security Modules
      1. INTRODUCTION
      2. LIMITATIONS OF SOFTWARE SECURITY
      3. PHYSICAL SECURITY CONSIDERATIONS
      4. VALIDATION AND STANDARDS
      5. MANAGEMENT
      6. ACCESS CONTROL ENFORCEMENT
      7. APPLICATION PROGRAMMING INTERFACES
      8. CDSA
      9. EXAMPLES OF HSMS
      10. CONCLUSION
      11. GLOSSARY
      12. CROSS REFERENCES
      13. REFERENCES
    5. Smart Card Security
      1. INTRODUCTION
      2. HARDWARE SECURITY
      3. SIDE CHANNEL ANALYSIS
      4. FAULT ANALYSIS
      5. APPLICATION AND PROTOCOL SECURITY
      6. OTHER USES
      7. SECURITY EVALUATION
      8. CONCLUSION
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
    6. Client-Side Security
      1. INTRODUCTION
      2. WHY WORRY ABOUT THE SECURITY OF CLIENTS?
      3. RFC 2196 Site Security Handbook
      4. TYPES OF ATTACKS
      5. HOW CAN CRACKERS ACCOMPLISH THEIR GOALS?
      6. CLASSES OF CLIENTS
      7. ACTIVE CONTENT AND CLIENT-SIDE SECURITY
      8. SECURING CLIENTS
      9. CONCLUSION
      10. GLOSSARY
      11. CROSS REFERENCES
      12. REFERENCES
      13. FURTHER READING
    7. Server-Side Security
      1. SERVER VULNERABILITIES
      2. SERVER SECURITY ISSUES
      3. PROTECTING SERVERS FROM OVERLOAD
      4. SERVER SCRIPTING ISSUES
      5. ACCESS CONTROL
      6. GUIDELINES FOR IMPROVING SERVER SECURITY
      7. ADVANCED ISSUES
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    8. Protecting Web Sites
      1. INTRODUCTION
      2. BACKGROUND
      3. VULNERABILITIES, THREATS/ATTACKS, AND COUNTERMEASURES
      4. WEB SITE SECURITY ASSESSMENT
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    9. Database Security
      1. INTRODUCTION
      2. DATABASE SECURITY MODELS AND MECHANISMS
      3. DATABASE SECURITY DESIGN
      4. DATABASE SECURITY EVALUATION AND RECONFIGURATION
      5. CONCLUSIONS AND FUTURE DIRECTIONS
      6. ACKNOWLEDGMENTS
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    10. Medical Records Security
      1. INTRODUCTION
      2. HEALTH RECORDS
      3. ELECTRONIC HEALTH RECORD STANDARDS BODIES
      4. SECURITY CONCERNS
      5. THE SECURITY SOLUTION
      6. REGULATIONS, POLICIES, AND ORGANIZATIONS
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
      10. FURTHER RESOURCES
    11. Access Control: Principles and Solutions
      1. INTRODUCTION
      2. ACCESS CONTROL POLICIES
      3. ACCESS CONTROL IN OPERATING SYSTEMS
      4. ACCESS CONTROL IN DATABASE MANAGEMENT SYSTEMS
      5. ACCESS CONTROL FOR INTERNET-BASED SOLUTIONS
      6. CONCLUSIONS
      7. ACKNOWLEDGMENTS
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    12. Password Authentication
      1. INTRODUCTION
      2. TYPES OF IDENTIFICATION/AUTHENTICATION
      3. HISTORY OF PASSWORDS IN MODERN COMPUTING
      4. PASSWORD SECURITY—BACKGROUND
      5. PASSWORD CRACKING TOOLS
      6. PASSWORD SECURITY ISSUES AND EFFECTIVE MANAGEMENT
      7. PASSWORD LENGTH AND HUMAN MEMORY
      8. AN ARGUMENT FOR SIMPLIFIED PASSWORDS
      9. CONCLUSION
      10. GLOSSARY
      11. CROSS REFERENCES
      12. REFERENCES
      13. SOFTWARE TOOL REFERENCE
      14. FURTHER READING
    13. Computer and Network Authentication
      1. AUTHENTICATION
      2. CREDENTIALS
      3. WEB AUTHENTICATION
      4. HOST AUTHENTICATION
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    14. Antivirus Technology
      1. INTRODUCTION
      2. ANTIVIRUS TECHNOLOGIES AND TECHNIQUES
      3. ANTIVIRUS POLICIES AND PRACTICES
      4. SUMMARY
      5. GLOSSARY
      6. CROSS REFERENCES
      7. REFERENCES
    15. Biometric Basics and Biometric Authentication
      1. INTRODUCTION
      2. FUNDAMENTAL CONCEPTS
      3. A SHORT HISTORY
      4. SYSTEM DESCRIPTION
      5. PERFORMANCE TESTING
      6. BIOMETRICS AND INFORMATION SECURITY
      7. EXAMPLE APPLICATIONS
      8. BIOMETRICS AND PRIVACY
      9. SUGGESTED RULES FOR SECURE USE OF BIOMETRICS
      10. CONCLUSIONS
      11. GLOSSARY
      12. CROSS REFERENCES
      13. REFERENCES
    16. Issues and Concerns in Biometric IT Security
      1. SPOOFING, MIMICRY, AND LIVENESS DETECTION
      2. PROTECTING DATA WITHIN THE BIOMETRIC SYSTEM
      3. MISCELLANEOUS TOPICS
      4. BIOMETRIC SECURITY CONCERNS
      5. SECURITY EVALUATION AND CERTIFICATION OF BIOMETRIC SYSTEMS
      6. AUDITING OF BIOMETRIC SYSTEMS
      7. BIOMETRIC STANDARDS
      8. ACKNOWLEDGMENTS
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
    17. Firewall Basics
      1. INTRODUCTION
      2. FIREWALL FUNCTIONALITY
      3. FIREWALL TYPES
      4. FIREWALL FUNCTIONALITY AND TECHNOLOGY ANALYSIS
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. FURTHER READING
    18. Firewall Architectures
      1. INTRODUCTION
      2. REQUIREMENTS ANALYSIS FOR FIREWALL ARCHITECTURES
      3. ENTERPRISE FIREWALL ARCHITECTURES
      4. PACKET-FILTERING ROUTERS
      5. PERIMETER FIREWALL ARCHITECTURE
      6. SERVER/HOST FIREWALL ARCHITECTURE
      7. SCREENED SUBNET FIREWALL ARCHITECTURE
      8. MULTITIERED/DISTRIBUTED DMZ ARCHITECTURE
      9. AIR GAP ARCHITECTURE
      10. CONCLUSION
      11. GLOSSARY
      12. CROSS REFERENCES
      13. FURTHER READING
    19. Packet Filtering and Stateful Firewalls
      1. INTRODUCTION
      2. BASIC PACKET FILTERING
      3. STATEFUL PACKET FILTERING
      4. MATCHING ALGORITHMS
      5. COMMON CONFIGURATION ERRORS
      6. DIRECTION-BASED FILTERING
      7. ADVANCED FIREWALL MANAGEMENT
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    20. Proxy Firewalls
      1. INTRODUCTION
      2. PROXY TERMINOLOGY
      3. WHY AND WHEN TO USE A PROXY
      4. PROXY CHARACTERISTICS AND CAPABILITIES
      5. TYPES OF PROXIES
      6. PROXY CONFIGURATIONS
      7. CASE STUDY: TRAFFIC ANALYSIS OF A PROXY OPERATION
      8. CONCLUSION
      9. GLOSSARY
      10. CROSS REFERENCES
      11. FURTHER READING
    21. E-Commerce Safeguards
      1. INTRODUCTION
      2. CONSUMER CONCERNS ABOUT E-COMMERCE TRANSACTIONS
      3. E-COMMERCE RISK ASSESSMENT PRINCIPLES AND RECOMMENDATIONS
      4. RECOMMENDATIONS FOR HOME OFFICE E-COMMERCE MERCHANTS
      5. E-COMMERCE SAFEGUARDS BEGIN WITH BUILDING TRUST
      6. A SECURE PAYMENT PROCESSING TECHNICAL ENVIRONMENT
      7. ADDITIONAL SERVER CONTROLS
      8. RECAPPING NETWORK SECURITY RESPONSIBILITIES
      9. SOFTWARE SUPPORT
      10. CONFIGURATION MANAGEMENT
      11. BACKUPS
      12. CONTROLS
      13. DOCUMENTATION
      14. MAINTENANCE
      15. INTERDEPENDENCES
      16. COST CONSIDERATIONS
      17. PAYMENT CARD BEST PRACTICES
      18. CONCLUSION
      19. GLOSSARY
      20. CROSS REFERENCES
      21. FURTHER READING
    22. Digital Signatures and Electronic Signatures
      1. INTRODUCTION
      2. BACKGROUND
      3. DIGITAL SIGNATURES
      4. MESSAGE AUTHENTICATION CODES (MACs)
      5. OTHER ELECTRONIC SIGNATURE TECHNOLOGIES
      6. SELECTING AN ELECTRONIC SIGNATURE METHOD
      7. LEGAL AND REGULATORY ENVIRONMENT
      8. CONCLUSION
      9. GLOSSARY
      10. CROSS REFERENCES
      11. FURTHER READING
    23. E-Mail Security
      1. INTRODUCTION
      2. SECURITY REQUIREMENTS
      3. ENCRYPTION AND SIGNING OPTIONS
      4. S/MIME Overview
      5. AUTHENTICITY SYSTEMS
      6. IMPLEMENTIONS
      7. SUMMARY
      8. GLOSSARY
      9. CROSS REFERENCES
      10. FURTHER READING
    24. Security for ATM Networks
      1. INTRODUCTION
      2. ATM OVERVIEW
      3. NONCRYPTOGRAPHIC ATM VPNS
      4. CRYPTOGRAPHIC ATM SECURITY MECHANISMS
      5. CONTROL PLANE SECURITY MECHANISMS
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
      10. FURTHER READING
    25. VPN Basics
      1. INTRODUCTION
      2. TYPES OF VPN SERVICES
      3. TUNNELING
      4. SECURITY CONCERNS
      5. VPN IMPLEMENTATIONS
      6. PROTOCOLS EMPLOYED BY VPNs
      7. QUALITY OF SERVICE SUPPORT
      8. CONCLUSIONS
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
      12. FURTHER READING
    26. VPN Architecture
      1. INTRODUCTION
      2. VPN Solutions
      3. VPN ARCHITECTURE
      4. VPN GATEWAYS
      5. VPN CLIENTS
      6. SUMMARY
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    27. IP-Based VPN
      1. INTRODUCTION TO IP-BASED VPNs
      2. CUSTOMER EDGE (CE)-BASED VPNs
      3. PROVIDER EDGE (PE)-BASED L3 VPNs
      4. DESIGN CONSIDERATIONS AND EXAMPLE VPN DEPLOYMENT
      5. GLOSSARY
      6. CROSS REFERENCES
      7. REFERENCES
    28. Identity Management
      1. INTRODUCTION
      2. IDENTITY MANAGEMENT: MOTIVATION, GOALS, AND ISSUES
      3. IDENTITY MANAGEMENT ELEMENTS
      4. NETWORKING AND APPLICATION INTEGRATION ISSUES
      5. SECURITY AND PRIVACY ISSUES
      6. ARCHITECTURE EXAMPLES
      7. CONCLUSIONS
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    29. The Use of Deception Techniques: Honeypots and Decoys
      1. BACKGROUND AND HISTORY
      2. THEORETICAL RESULTS ON DECEPTIONS
      3. EXPERIMENTS AND THE NEED FOR AN EXPERIMENTAL BASIS
      4. SUMMARY, CONCLUSIONS, AND FURTHER WORK
      5. GLOSSARY
      6. CROSS REFERENCES
      7. REFERENCES
      8. FURTHER READING
    30. Active Response to Computer Intrusions
      1. INTRODUCTION: THE CONCEPT OF ACTIVE RESPONSE
      2. LEVELS OF INTRUSION RESPONSE
      3. POTENTIAL TECHNICAL BARRIERS FOR INTRUSION RESPONSE
      4. INVOLVING LAW ENFORCEMENT AGENCIES
      5. LEVELS OF FORCE: BENIGN THROUGH AGGRESSIVE RESPONSES
      6. THE ETHICS OF ACTIVE RESPONSE
      7. THE LEGALITY OF ACTIVE RESPONSE
      8. CONCLUSION
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
      12. FURTHER READING
  13. PART 3: Detection, Recovery, Management, and Policy Considerations
    1. Intrusion Detection Systems Basics
      1. INTRODUCTION
      2. ANOMALY DETECTION
      3. MISUSE DETECTION
      4. INTRUSION DETECTION IN DISTRIBUTED SYSTEMS
      5. INTRUSION ALERT CORRELATION
      6. CONCLUSION
      7. GLOSSARY
      8. CROSS REFERENCES
      9. REFERENCES
    2. Host-Based Intrusion Detection Systems
      1. INTRODUCTION
      2. OPERATING SYSTEM–LEVEL INTRUSION DETECTION
      3. APPLICATION-LEVEL INTRUSION DETECTION
      4. RELATED TECHNIQUES
      5. HOST-BASED IDSs VERSUS NETWORK-BASED IDSs
      6. FUTURE TRENDS
      7. CONCLUSIONS
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    3. Network-Based Intrusion Detection Systems
      1. INTRODUCTION
      2. NETWORK INTRUSION DETECTION MODELS
      3. SIGNATURE-BASED NIDSS
      4. PROTOCOL-BASED INTRUSION DETECTION
      5. EVASION TECHNIQUES
      6. TESTING NIDS
      7. NIDS DEPLOYMENT AND MANAGEMENT
      8. ECONOMICS OF NIDSs
      9. LIMITATIONS OF NIDSs AND INNOVATIVE RESEARCH EFFORTS
      10. CONCLUSION
      11. GLOSSARY
      12. CROSS REFERENCES
      13. REFERENCES
      14. FURTHER READING
    4. The Use of Agent Technology for Intrusion Detection
      1. INTRODUCTION
      2. NETWORK INTRUSION DETECTION
      3. INTRUSION DETECTION USING AGENTS
      4. ANALYSIS TECHNIQUES, TESTING AND VALIDATION, AND PERFORMANCE OF IDS AGENTS
      5. A DISTRIBUTED SECURITY AGENT SYSTEM
      6. CONCLUSIONS
      7. ACKNOWLEDGEMENTS
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
      11. FURTHER READING
    5. Contingency Planning Management
      1. INTRODUCTION
      2. GROWING DEPENDENCE ON THE IT INFRASTRUCTURE
      3. CAUSES OF DOWNTIMES: THE PREVALENCE OF SMALL DISASTERS
      4. THE COST OF DOWNTIME
      5. BCM PLANNING
      6. RISK MANAGEMENT
      7. RECOVERY STRATEGIES: BACKUP AND RECOVERY OF DATA
      8. ENSURING CONTINUITY OF OPERATIONS: ALTERNATE SITES STRATEGY
      9. BACKUP AND RECOVERY FOR WEB-BASED HOSTING SERVICES
      10. TRAINING, EXERCISING, AND REVIEWING THE PLAN
      11. BCM/DR PLANNING TEMPLATE
      12. BUSINESS CONTINUITY AND INVESTMENT SHORTAGE
      13. CONCLUSIONS
      14. GLOSSARY
      15. CROSS REFERENCES
      16. REFERENCES
      17. FURTHER READING
    6. Computer Security Incident Response Teams (CSIRTs)
      1. INTRODUCTION
      2. BEFORE THE INCIDENT
      3. DURING THE ATTACK
      4. AFTER THE ATTACK
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
      9. FURTHER READING
    7. Implementing a Security Awareness Program
      1. AWARENESS AS A SURVIVAL TECHNIQUE
      2. CRITICAL SUCCESS FACTORS
      3. OBSTACLES AND OPPORTUNITIES
      4. APPROACH
      5. CONTENT
      6. TECHNIQUES AND PRINCIPLES
      7. TOOLS
      8. MEASUREMENT AND EVALUATION
      9. CONCLUSION
      10. GLOSSARY
      11. CROSS REFERENCES
      12. REFERENCES
    8. Risk Management for IT Security
      1. INTRODUCTION
      2. RISK ASSESSMENT METHODOLOGIES
      3. MANAGEMENT OF INFORMATION SECURITY STANDARDS
      4. RISK MODELS
      5. PRACTICAL STRATEGIC RISK MODELS
      6. PRACTICAL RISK EXPOSURE ESTIMATION
      7. SUMMARY
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
      11. FURTHER READING
    9. Security Insurance and Best Practices
      1. INTRODUCTION
      2. INSURANCE AND RISK TRANSFER BASICS
      3. CYBERSECURITY AND CYBERINSURANCE
      4. LEGAL PRINCIPLES AND REGULATIONS
      5. COVERAGE TYPES
      6. A TYPICAL POLICY
      7. HYPOTHETICAL CASE
      8. BEST PRACTICES
      9. ISO 17799/BS 7799
      10. GLOSSARY
      11. CROSS REFERENCES
      12. REFERENCES
    10. Auditing Information Systems Security
      1. WHY AUDIT INFORMATION SYSTEMS AND SECURITY?
      2. WHAT IS THE SCOPE OF THE INFORMATION SECURITY AUDIT?
      3. WHO PERFORMS THE INFORMATION SYSTEMS SECURITY AUDITS?
      4. WHAT IS THE AUDIT PROCESS?
      5. WHAT IS THE MANAGEMENT'S RESPONSE TO THE AUDIT RESULTS?
      6. AUDIT OBJECTIVES, AUDIT WORK PROGRAMS, AND AUDIT TOOLS AND TECHNIQUES
      7. CONCLUSIONS
      8. GLOSSARY
      9. APPENDIX: GOVERNMENT LAWS, DIRECTIVES, AND REGULATIONS
      10. CROSS REFERENCES
      11. REFERENCES
      12. FURTHER READING
    11. Evidence Collection and Analysis Tools
      1. INTRODUCTION
      2. TYPES OF INVESTIGATIONS AND TOOL SELECTION
      3. TOOL TESTING, ADMISSIBILITY, AND STANDARDS
      4. CLASSES OF TOOLS
      5. INTEGRATED COLLECTION (IMAGING) AND ANALYSIS TOOLS
      6. DATA RECOVERY UTILITIES
      7. SPECIALIZED TOOLS FOR E-MAIL AND INTERNET HISTORY ANALYSIS
      8. PDAs AND OTHER DEVICES
      9. EVIDENCE COLLECTION HARDWARE
      10. COLLECTION AND ANALYSIS WORKSTATION
      11. EVIDENCE COLLECTION FIELD KIT
      12. CONCLUSION
      13. GLOSSARY
      14. CROSS REFERENCES
      15. REFERENCES
      16. FURTHER READING
    12. Information Leakage: Detection and Countermeasures
      1. INTRODUCTION
      2. SCOPE OF ILLEGITIMATE USE OF LEGITIMATE AUTHORITY IN THE CONTEXT OF LEAKAGE
      3. LEAKAGE CHANNELS OVERVIEW
      4. PHYSICAL CHANNELS
      5. ELECTRONIC CHANNELS
      6. HUMAN CHANNELS
      7. COUNTERMEASURES
      8. CONCLUSIONS
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
      12. FURTHER READING
    13. Digital Rights Management
      1. INTRODUCTION
      2. OVERVIEW
      3. DRM-ARCHITECTURES
      4. INFORMATION MODEL
      5. STANDARDS
      6. CASE STUDY: MOBILE DRM
      7. SUMMARY
      8. ACKNOWLEDGMENTS
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
    14. Web Hosting
      1. INTRODUCTION
      2. CATEGORIES
      3. COMPONENTS OF WEB HOSTING
      4. SHARED AND DEDICATED SERVERS
      5. COLOCATION
      6. MANAGED SERVICES
      7. MANAGED SECURITY PROVIDERS
      8. SECURITY AUDITS
      9. ROOT ACCESS
      10. SECURITY AND WEB-HOSTING ARCHITECTURES
      11. DATA RECOVERY: AN IMPORTANT DEFENSE
      12. FIREWALLS
      13. ADMINISTRATIVE NETWORKS
      14. CONCLUSION
      15. GLOSSARY
      16. CROSS REFERENCES
      17. FURTHER READING
    15. Managing a Network Environment
      1. INTRODUCTION
      2. ISO NETWORK MANAGEMENT FUNCTIONS
      3. NETWORK MANAGEMENT PROTOCOLS
      4. POLICY-BASED NETWORK MANAGEMENT; SOLUTIONS FOR THE NEXT GENERATION
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    16. E-Mail and Internet Use Policies
      1. INTRODUCTION
      2. PURPOSE AND FUNCTION OF E-MAIL AND INTERNET USE POLICIES
      3. SCOPE OF E-MAIL AND INTERNET USE POLICIES
      4. COMPLYING WITH LAWS PROTECTING EMPLOYEE RIGHTS
      5. PROTECTING THE EMPLOYER'S TRADE SECRETS AND OTHER PROPRIETARY INFORMATION
      6. PREVENTING EMPLOYEES FROM ENGAGING IN CRIMINAL ACTIVITY
      7. RESERVING THE EMPLOYER'S RIGHT TO CONDUCT ELECTRONIC MONITORING
      8. RESPONDING TO GOVERNMENT REQUESTS FOR ELECTRONIC INFORMATION
      9. RESERVING THE EMPLOYER'S RIGHT TO DISCIPLINE EMPLOYEES UNDER THE POLICY
      10. SPECIAL ISSUES RELATED TO EMPLOYMENT STATUS
      11. SPECIAL ISSUES FOR MULTINATIONAL EMPLOYERS
      12. COORDINATING E-MAIL AND INTERNET USE POLICIES WITH OTHER POLICIES
      13. COMMUNICATING E-MAIL AND INTERNET USE POLICIES TO EMPLOYEES
      14. ENFORCING THE POLICY
      15. CONCLUSION
      16. GLOSSARY
      17. CROSS REFERENCES
      18. REFERENCES
    17. Forward Security Adaptive Cryptography: Time Evolution
      1. SECURITY AND SECRET KEYS
      2. INTRODUCTION BY EXAMPLE: FORWARD SECURE SIGNATURES
      3. KEY SECURITY
      4. THRESHOLD AND FORWARD SECURITY: OVERVIEW
      5. KEY EVOLUTION: FUNCTIONAL DEFINITIONS FOR FORWARD SECURITY
      6. FORWARD SECURE PSEUDORANDOM GENERATORS
      7. FORWARD SECURE SIGNATURES
      8. FORWARD-SECURE PUBLIC KEY ENCRYPTION
      9. CONCLUSION
      10. GLOSSARY
      11. CROSS REFERENCES
      12. ACKNOWLEDGMENT
      13. REFERENCES
    18. Security Policy Guidelines
      1. INTRODUCTION
      2. SECURITY POLICY LIFE CYCLE
      3. COST-EFFECTIVENESS: THE RISK ANALYSIS PROCESS
      4. WRITING EFFICIENCY: THE DEVELOPMENT PROCESS
      5. SECURITY AWARENESS PROGRAM: THE PUBLICATION PROCESS
      6. SECURITY POLICY REASSESSMENT: THE AUDITING PROCESS
      7. LEGAL ASPECTS
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
      11. FURTHER READING
    19. Asset–Security Goals Continuum: A Process for Security
      1. INTRODUCTION
      2. BUILDING YOUR SECURITY TEAM
      3. ASSET–SECURITY CONTINUUM
      4. IDENTIFYING AND CLASSIFYING ASSETS
      5. IDENTIFYING RISKS, THREATS, AND PROBABLE LOSSES
      6. CALCULATING THE MAXIMUM COST OF CONTROLS
      7. TYPES OF SECURITY CONTROLS
      8. SECURITY GOALS
      9. CONCLUSION
      10. GLOSSARY
      11. CROSS REFERENCES
      12. REFERENCES
      13. FURTHER READING
    20. Multilevel Security
      1. INTRODUCTION
      2. ASSURANCE PROBLEM
      3. MULTILEVEL NETWORKING
      4. NONDEFENSE APPLICATIONS SIMILAR TO MLS
      5. CONCLUSION
      6. GLOSSARY
      7. CROSS REFERENCES
      8. REFERENCES
    21. Multilevel Security Models
      1. INTRODUCTION
      2. MULTILEVEL SECURITY IN THE DoD
      3. CONFIDENTIALITY AND INTEGRITY POLICY MODELS
      4. MULTILATERAL SECURITY
      5. COVERT CHANNELS
      6. APPLICATION-SPECIFIC MLS CONCEPTS
      7. OTHER MODELS RELATED TO MLS
      8. CONCLUSION
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
    22. Security Architectures
      1. INTRODUCTION
      2. THREATS TO IT SECURITY
      3. ALL-EMBRACING ROLE OF SECURITY
      4. SOFTWARE
      5. HARDWARE
      6. ACCESS CONTROL
      7. EMERGENCY PRECAUTIONS
      8. SUMMARY
      9. GLOSSARY
      10. CROSS REFERENCES
      11. REFERENCES
      12. FURTHER READING
    23. Quality of Security Service: Adaptive Security
      1. INTRODUCTION
      2. QUALITY OF SECURITY SERVICE
      3. QoSS MODEL
      4. QoSS APPLIED
      5. QoSS AND APPLICATION-CENTRIC SECURITY
      6. RELATED WORK
      7. CONCLUSION
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    24. Security Policy Enforcement
      1. INTRODUCTION
      2. KEY DEFINITIONS FOR DESCRIBING TECHNICAL POLICIES
      3. TYPES OF POLICIES
      4. POLICY ENFORCEMENT MECHANISMS
      5. CRITICALITY OF CORRECT POLICY ENFORCEMENT
      6. CONSIDERATIONS FOR THE CONSTRUCTION OF SECURE SYSTEMS
      7. CONCLUSION
      8. GLOSSARY
      9. CROSS REFERENCES
      10. REFERENCES
    25. Guidelines for a Comprehensive Security System
      1. INTRODUCTION
      2. FORMATION OF THE SECURITY TASK FORCE
      3. IDENTIFICATION OF BASIC SECURITY SAFEGUARDS
      4. IDENTIFICATION OF GENERAL SECURITY THREATS
      5. IDENTIFICATION OF INTENTIONAL THREATS
      6. IDENTIFICATION OF SECURITY MEASURES AND ENFORCEMENTS
      7. IDENTIFICATION OF COMPUTER EMERGENCY RESPONSE TEAM SERVICES
      8. THE FORMATION OF A COMPREHENSIVE SECURITY PLAN
      9. PREPARING FOR A DISASTER
      10. CONCLUSION
      11. GLOSSARY
      12. CROSS REFERENCES
      13. REFERENCES
      14. FURTHER READING
  14. Reviewers List
  15. Index