Cyber Attacks : Protecting National Infrastructure

By: Amoroso, EdwardMaterial type: TextTextSeries: eBooks on DemandPublisher: Saint Louis : Elsevier Science, 2014Description: 1 online resource (246 p.)ISBN: 9780123849182Subject(s): Computer security - United States | Computer security -- United States | Cyberterrorism - United States - Prevention | Cyberterrorism -- United States -- Prevention | National security - United States | National security -- United StatesGenre/Form: Electronic books.Additional physical formats: Print version:: Cyber Attacks : Protecting National InfrastructureDDC classification: 363.32590046 LOC classification: HV6773.2 .A47 2011Online resources: Click here to view this ebook.
Contents:
Front Cover; Cyber Attacks: Protecting National Infrastructure; Copyright Page; Contents; Preface; Acknowledgment; Chapter 1 Introduction; National Cyber Threats, Vulnerabilities, and Attacks; Botnet Threat; National Cyber Security Methodology Components; Deception; Separation; Diversity; Consistency; Depth; Discretion; Collection; Correlation; Awareness; Response; Implementing the Principles Nationally; Chapter 2 Deception; Scanning Stage; Deliberately Open Ports; Discovery Stage; Deceptive Documents; Exploitation Stage; Procurement Tricks; Exposing Stage
Interfaces Between Humans and ComputersNational Deception Program; Chapter 3 Separation; What Is Separation?; Functional Separation; National Infrastructure Firewalls; DDOS Filtering; SCADA Separation Architecture; Physical Separation; Insider Separation; Asset Separation; Multilevel Security (MLS); Chapter 4 Diversity; Diversity and Worm Propagation; Desktop Computer System Diversity; Diversity Paradox of Cloud Computing; Network Technology Diversity; Physical Diversity; National Diversity Program; Chapter 5 Commonality; Meaningful Best Practices for Infrastructure Protection
Locally Relevant and Appropriate Security PolicyCulture of Security Protection; Infrastructure Simplification; Certification and Education; Career Path and Reward Structure; Responsible Past Security Practice; National Commonality Program; Chapter 6 Depth; Effectiveness of Depth; Layered Authentication; Layered E-Mail Virus and Spam Protection; Layered Access Controls; Layered Encryption; Layered Intrusion Detection; National Program of Depth; Chapter 7 Discretion; Trusted Computing Base; Security Through Obscurity; Information Sharing; Information Reconnaissance; Obscurity Layers
Organizational CompartmentsNational Discretion Program; Chapter 8 Collection; Collecting Network Data; Collecting System Data; Security Information and Event Management; Large-Scale Trending; Tracking a Worm; National Collection Program; Chapter 9 Correlation; Conventional Security Correlation Methods; Quality and Reliability Issues in Data Correlation; Correlating Data to Detect a Worm; Correlating Data to Detect a Botnet; Large-Scale Correlation Process; National Correlation Program; Chapter 10 Awareness; Detecting Infrastructure Attacks; Managing Vulnerability Information
Cyber Security Intelligence ReportsRisk Management Process; Security Operations Centers; National Awareness Program; Chapter 11 Response; Pre-Versus Post-Attack Response; Indications and Warning; Incident Response Teams; Forensic Analysis; Law Enforcement Issues; Disaster Recovery; National Response Program; Appendix: Sample National Infrastructure Protection Requirements; Sample Deception Requirements (Chapter 2); Sample Separation Requirements (Chapter 3); Sample Diversity Requirements (Chapter 4); Sample Commonality Requirements (Chapter 5); Sample Depth Requirements (Chapter 6)
Sample Discretion Requirements (Chapter 7)
Summary: No nation - especially the United States - has a coherent technical and architectural strategy for preventing cyber attack from crippling essential critical infrastructure services. This book initiates an intelligent national (and international) dialogue amongst the general technical community around proper methods for reducing national risk. This includes controversial themes such as the deliberate use of deception to trap intruders. It also serves as an attractive framework for a new national strategy for cyber security, something that several Presidential administrations have failed in att
Tags from this library: No tags from this library for this title. Log in to add tags.
Item type Current location Call number URL Status Date due Barcode
Electronic Book UT Tyler Online
Online
HV6773.2 .A47 2011 (Browse shelf) http://uttyler.eblib.com/patron/FullRecord.aspx?p=610561 Available EBL610561

Front Cover; Cyber Attacks: Protecting National Infrastructure; Copyright Page; Contents; Preface; Acknowledgment; Chapter 1 Introduction; National Cyber Threats, Vulnerabilities, and Attacks; Botnet Threat; National Cyber Security Methodology Components; Deception; Separation; Diversity; Consistency; Depth; Discretion; Collection; Correlation; Awareness; Response; Implementing the Principles Nationally; Chapter 2 Deception; Scanning Stage; Deliberately Open Ports; Discovery Stage; Deceptive Documents; Exploitation Stage; Procurement Tricks; Exposing Stage

Interfaces Between Humans and ComputersNational Deception Program; Chapter 3 Separation; What Is Separation?; Functional Separation; National Infrastructure Firewalls; DDOS Filtering; SCADA Separation Architecture; Physical Separation; Insider Separation; Asset Separation; Multilevel Security (MLS); Chapter 4 Diversity; Diversity and Worm Propagation; Desktop Computer System Diversity; Diversity Paradox of Cloud Computing; Network Technology Diversity; Physical Diversity; National Diversity Program; Chapter 5 Commonality; Meaningful Best Practices for Infrastructure Protection

Locally Relevant and Appropriate Security PolicyCulture of Security Protection; Infrastructure Simplification; Certification and Education; Career Path and Reward Structure; Responsible Past Security Practice; National Commonality Program; Chapter 6 Depth; Effectiveness of Depth; Layered Authentication; Layered E-Mail Virus and Spam Protection; Layered Access Controls; Layered Encryption; Layered Intrusion Detection; National Program of Depth; Chapter 7 Discretion; Trusted Computing Base; Security Through Obscurity; Information Sharing; Information Reconnaissance; Obscurity Layers

Organizational CompartmentsNational Discretion Program; Chapter 8 Collection; Collecting Network Data; Collecting System Data; Security Information and Event Management; Large-Scale Trending; Tracking a Worm; National Collection Program; Chapter 9 Correlation; Conventional Security Correlation Methods; Quality and Reliability Issues in Data Correlation; Correlating Data to Detect a Worm; Correlating Data to Detect a Botnet; Large-Scale Correlation Process; National Correlation Program; Chapter 10 Awareness; Detecting Infrastructure Attacks; Managing Vulnerability Information

Cyber Security Intelligence ReportsRisk Management Process; Security Operations Centers; National Awareness Program; Chapter 11 Response; Pre-Versus Post-Attack Response; Indications and Warning; Incident Response Teams; Forensic Analysis; Law Enforcement Issues; Disaster Recovery; National Response Program; Appendix: Sample National Infrastructure Protection Requirements; Sample Deception Requirements (Chapter 2); Sample Separation Requirements (Chapter 3); Sample Diversity Requirements (Chapter 4); Sample Commonality Requirements (Chapter 5); Sample Depth Requirements (Chapter 6)

Sample Discretion Requirements (Chapter 7)

No nation - especially the United States - has a coherent technical and architectural strategy for preventing cyber attack from crippling essential critical infrastructure services. This book initiates an intelligent national (and international) dialogue amongst the general technical community around proper methods for reducing national risk. This includes controversial themes such as the deliberate use of deception to trap intruders. It also serves as an attractive framework for a new national strategy for cyber security, something that several Presidential administrations have failed in att

Description based upon print version of record.

There are no comments on this title.

to post a comment.