Cyber Attacks,
Edition 1 Protecting National Infrastructure, STUDENT EDITION
By Edward Amoroso

Publication Date: 17 Feb 2012
0 reviews
Description

Cyber Attacks, Student Edition, offers a technical, architectural, and management approach to solving the problems of protecting national infrastructure. This approach includes controversial themes such as the deliberate use of deception to trap intruders. This volume thus serves as an attractive framework for a new national strategy for cyber security. A specific set of criteria requirements allows any organization, such as a government agency, to integrate the principles into their local environment.

In this edition, each principle is presented as a separate security strategy and illustrated with compelling examples. The book adds 50-75 pages of new material aimed specifically at enhancing the student experience and making it more attractive for instructors teaching courses such as cyber security, information security, digital security, national security, intelligence studies, technology and infrastructure protection. It now also features case studies illustrating actual implementation scenarios of the principles and requirements discussed in the text, along with a host of new pedagogical elements, including chapter outlines, chapter summaries, learning checklists, and a 2-color interior. Furthermore, a new and complete ancillary package includes test bank, lesson plans, PowerPoint slides, case study questions, and more.

This text is intended for security practitioners and military personnel as well as for students wishing to become security engineers, network operators, software designers, technology managers, application developers, etc.

Key Features

  • Provides case studies focusing on cyber security challenges and solutions to display how theory, research, and methods, apply to real-life challenges
  • Utilizes, end-of-chapter case problems that take chapter content and relate it to real security situations and issues
  • Includes instructor slides for each chapter as well as an instructor’s manual with sample syllabi and test bank
About the author
By Edward Amoroso, Senior Vice President and Chief Security Officer of AT&T
Table of Contents

Preface

Acknowledgments

1. Introduction

National Cyber Threats, Vulnerabilities, and Attacks

Botnet Threat

National Cyber Security Methodology Components

Deception

Separation

Diversity

Consistency

Depth

Discretion

Collection

Correlation

Awareness

Response

Implementing the Principles Nationally

Protecting the Critical National Infrastructure Against Cyber Attacks

Summary

Chapter Review Questions/Exercises

2. Deception

Scanning Stage

Deliberately Open Ports

Discovery Stage

Deceptive Documents

Exploitation Stage

Procurement Tricks

Exposing Stage

Interfaces Between Humans and Computers

National Deception Program

The Deception Planning Process Against Cyber Attacks

Summary

Chapter Review Questions/Exercises

3. Separation

What Is Separation?

Functional Separation

National Infrastructure Firewalls

DDOS Filtering

SCADA Separation Architecture

Physical Separation

Insider Separation

Asset Separation

Multilevel Security (MLS)

Protecting the Critical National Infrastructure Through Use of Separation

Summary

Chapter Review Questions/Exercises

4. Diversity

Diversity and Worm Propagation

Desktop Computer System Diversity

Diversity Paradox of Cloud Computing

Network Technology Diversity

Physical Diversity

National Diversity Program

Critical Infrastructure Resilience and Diversity Initiative

Summary

Chapter Review Questions/Exercises

5. Commonality

Meaningful Best Practices for Infrastructure Protection

Locally Relevant and Appropriate Security Policy

Culture of Security Protection

Infrastructure Simplification

Certification and Education

Career Path and Reward Structure

Responsible Past Security Practice

National Commonality Program

How Critical National Infrastructure Systems Demonstrate Commonality

Summary

Chapter Review Questions/Exercises

6. Depth

Effectiveness of Depth

Layered Authentication

Layered E-Mail Virus and Spam Protection

Layered Access Controls

Layered Encryption

Layered Intrusion Detection

National Program of Depth

Practical Ways for Achieving Information Assurance in Infrastructure Networked Environments

Summary

Chapter Review Questions/Exercises

7. Discretion

Trusted Computing Base

Security Through Obscurity

Information Sharing

Information Reconnaissance

Obscurity Layers

Organizational Compartments

National Discretion Program

Top-Down and Bottom-Up Sharing of Sensitive Information

Summary

Chapter Review Questions/Exercises

8. Collection

Collecting Network Data

Collecting System Data

Security Information and Event Management

Large-Scale Trending

Tracking a Worm

National Collection Program

Data Collection Efforts: Systems and Assets

Summary

Chapter Review Questions/Exercises

9. Correlation

Conventional Security Correlation Methods

Quality and Reliability Issues in Data Correlation

Correlating Data to Detect a Worm

Correlating Data to Detect a Botnet

Large-Scale Correlation Process

National Correlation Program

Correlation Rules for Critical National Infrastructure Cyber Security

Summary

Chapter Review Questions/Exercises

10. Awareness

Detecting Infrastructure Attacks

Managing Vulnerability Information

Cyber Security Intelligence Reports

Risk Management Process

Security Operations Centers

National Awareness Program

Connecting Current Cyber Security Operation Centers to Enhance Situational Awareness

Summary

Chapter Review Questions/Exercises

11. Response

Pre- Versus Post-Attack Response

Indications and Warning

Incident Response Teams

Forensic Analysis

Law Enforcement Issues

Disaster Recovery

National Response Program

The Critical National Infrastructure Incident Response Framework

Transitioning from NIPP Steady State to Incident Response Management

Summary

Chapter Review Questions/Exercises

APPENDIX A. National Infrastructure Protection Criteria

Deception Requirements

Separation Requirements

Commonality Requirements

Diversity Requirements

Depth Requirements

Response Requirements

Awareness Requirements

Discretion Requirements

Collection Requirements

Correlation Requirements

APPENDIX B. Case Studies

John R. Vacca

Case Study 1: Cyber Storm

Case Study 2: Cyber Attacks on Critical Infrastructures—A Risk to the Nation

Case Study 3: Department of Homeland Security Battle Insider Threats and Maintain National Cyber Security

Case Study 4: Cyber Security Development Life Cycle

Case Study 5

REVIEW. Answers to Review Questions/Exercises, Hands-On Projects, Case Projects, and Optional Team Case Projects by Chapter

Chapter 1: Introduction

Chapter 2: Deception

Chapter 3: Separation

Chapter 4: Diversity

Chapter 5: Commonality

Chapter 6: Depth

Chapter 7: Discretion

Chapter 8: Collection

Chapter 9: Correlation

Chapter 10: Awareness

Chapter 11: Response

Index

Book details
ISBN: 9780123918550
Page Count: 336
Retail Price : £50.99
  • Amoroso, Cyber Attacks: Protection National Infrastructure, 9780123849175, 248pp, Nov 2010, BH, $59.95
  • Clarke, Cyber Warfare, 9780061962233, 304pp., Apr 2010, Harper-Collins, $26.00
Instructor Resources
Access to teacher/student resources is available to registered users with approved inspection copies or confirmed adoptions. To review this material, please request an inspection copy.
Audience

Security practitioners, military personnel

Related Titles
New
Introduction to Emergency Management
Introduction to Emergency Management

Haddow, Bullock & Coppola

Security Operations Management
Security Operations Management

McCrie & Lee

New Edition
Introduction to Emergency Management
Introduction to Emergency Management

Bullock, Haddow & Coppola

Effective Security Management
Effective Security Management

Sennewald & Baillie

The Professional Protection Officer
The Professional Protection Officer

Davies & Fennelly

Security and Loss Prevention
Security and Loss Prevention

Purpura

The Law of Emergencies
The Law of Emergencies

Hunter

Cybercrime and Business
Cybercrime and Business

Moskowitz

Homeland Security
Homeland Security

Haddow, Bullock & Coppola

Effective Physical Security
Effective Physical Security

Fennelly

Biosecurity and Bioterrorism
Biosecurity and Bioterrorism

Ryan

Practical Airport Operations, Safety, and Emergency Management
Practical Airport Operations, Safety, and Emergency Management

Price & Forrest

Enterprise Risk Management
Enterprise Risk Management

Green

Effective Security Management
Effective Security Management

Sennewald & Baillie

Cyber-Physical Attacks
Cyber-Physical Attacks

Loukas

Security Supervision and Management
Security Supervision and Management

IFPO

Keeping Religious Institutions Secure
Keeping Religious Institutions Secure

McLamb

Hospital and Healthcare Security
Hospital and Healthcare Security

York & MacAlister

Protecting Transportation
Protecting Transportation

Johnstone

Disaster Theory
Disaster Theory

Etkin & Burton

Introduction to Information Security
Introduction to Information Security

Shimeall & Spring

Security and Loss Prevention
Security and Loss Prevention

Purpura

Introduction to Security
Introduction to Security

Fischer, Halibozek & Walters

Contemporary Security Management
Contemporary Security Management

Fay

Network and System Security
Network and System Security

Vacca

Mac OS X, iPod, and iPhone Forensic Analysis DVD Toolkit
Mac OS X, iPod, and iPhone Forensic Analysis DVD Toolkit

Varsalone

The IT / Digital Legal Companion
The IT / Digital Legal Companion

Landy & Mastrobattista

The Real MCTS/MCITP Exam 70-620 Prep Kit
The Real MCTS/MCITP Exam 70-620 Prep Kit

Piltzecker

Controlling The World with Your PC
Controlling The World with Your PC

Bergsman