Amoroso, Edward.

Cyber Attacks : Protecting National Infrastructure - Saint Louis : Elsevier Science, 2014. - 1 online resource (246 p.) - eBooks on Demand .

Front Cover; Cyber Attacks: Protecting National Infrastructure; Copyright Page; Contents; Preface; Acknowledgment; Chapter 1 Introduction; National Cyber Threats, Vulnerabilities, and Attacks; Botnet Threat; National Cyber Security Methodology Components; Deception; Separation; Diversity; Consistency; Depth; Discretion; Collection; Correlation; Awareness; Response; Implementing the Principles Nationally; Chapter 2 Deception; Scanning Stage; Deliberately Open Ports; Discovery Stage; Deceptive Documents; Exploitation Stage; Procurement Tricks; Exposing Stage Interfaces Between Humans and ComputersNational Deception Program; Chapter 3 Separation; What Is Separation?; Functional Separation; National Infrastructure Firewalls; DDOS Filtering; SCADA Separation Architecture; Physical Separation; Insider Separation; Asset Separation; Multilevel Security (MLS); Chapter 4 Diversity; Diversity and Worm Propagation; Desktop Computer System Diversity; Diversity Paradox of Cloud Computing; Network Technology Diversity; Physical Diversity; National Diversity Program; Chapter 5 Commonality; Meaningful Best Practices for Infrastructure Protection Locally Relevant and Appropriate Security PolicyCulture of Security Protection; Infrastructure Simplification; Certification and Education; Career Path and Reward Structure; Responsible Past Security Practice; National Commonality Program; Chapter 6 Depth; Effectiveness of Depth; Layered Authentication; Layered E-Mail Virus and Spam Protection; Layered Access Controls; Layered Encryption; Layered Intrusion Detection; National Program of Depth; Chapter 7 Discretion; Trusted Computing Base; Security Through Obscurity; Information Sharing; Information Reconnaissance; Obscurity Layers Organizational CompartmentsNational Discretion Program; Chapter 8 Collection; Collecting Network Data; Collecting System Data; Security Information and Event Management; Large-Scale Trending; Tracking a Worm; National Collection Program; Chapter 9 Correlation; Conventional Security Correlation Methods; Quality and Reliability Issues in Data Correlation; Correlating Data to Detect a Worm; Correlating Data to Detect a Botnet; Large-Scale Correlation Process; National Correlation Program; Chapter 10 Awareness; Detecting Infrastructure Attacks; Managing Vulnerability Information Cyber Security Intelligence ReportsRisk Management Process; Security Operations Centers; National Awareness Program; Chapter 11 Response; Pre-Versus Post-Attack Response; Indications and Warning; Incident Response Teams; Forensic Analysis; Law Enforcement Issues; Disaster Recovery; National Response Program; Appendix: Sample National Infrastructure Protection Requirements; Sample Deception Requirements (Chapter 2); Sample Separation Requirements (Chapter 3); Sample Diversity Requirements (Chapter 4); Sample Commonality Requirements (Chapter 5); Sample Depth Requirements (Chapter 6) Sample Discretion Requirements (Chapter 7)

No nation - especially the United States - has a coherent technical and architectural strategy for preventing cyber attack from crippling essential critical infrastructure services. This book initiates an intelligent national (and international) dialogue amongst the general technical community around proper methods for reducing national risk. This includes controversial themes such as the deliberate use of deception to trap intruders. It also serves as an attractive framework for a new national strategy for cyber security, something that several Presidential administrations have failed in att

9780123849182 113.31 (UA),75.54 (1U)


Computer security - United States.
Computer security -- United States.
Cyberterrorism - United States - Prevention.
Cyberterrorism -- United States -- Prevention.
National security - United States.
National security -- United States.


Electronic books.

HV6773.2 .A47 2011

363.32590046