Information Warfare and Security
This title is ordered on demand which may result in extended delivery times.
- This book provides a comprehensive and detailed look at information warfare: computer crime, cybercrime, and information terrorism. It describes attacks on information systems through theft, deception, or sabotage, and demonstrates the countermeasures being mounted to defeat these threats. Focusing on the criminals and information terrorists whose depredations include information-based threats to nations, corporations, and individuals, Denning places cybercrime within a broader context, integrating the various kinds of information crime, and the countermeasures against it, into a methodology-based framework.
- Among the topics included are government use of information warfare for law enforcement investigations and for military and intelligence operations; also, the conflicts arising in the areas of free speech and encryption. The author discusses offensive information warfare, including acquisition of information, deceptive exploitation of information, and denial of access to information; and also addresses defensive information warfare, specifically, information security principles and practices. The book features coverage that is both broad and deep, illustrating cyberspace threats with real-world examples.
What individuals, corporations, and governments need to know about information-related attacks and defenses!
Every day, we hear reports of hackers who have penetrated computer networks, vandalized Web pages, and accessed sensitive information. We hear how they have tampered with medical records, disrupted emergency 911 systems, and siphoned money from bank accounts. Could information terrorists, using nothing more than a personal computer, cause planes to crash, widespread power blackouts, or financial chaos? Such real and imaginary scenarios, and our defense against them, are the stuff of information warfare-operations that target or exploit information media to win some objective over an adversary.
Dorothy E. Denning, a pioneer in computer security, provides in this book a framework for understanding and dealing with information-based threats: computer break-ins, fraud, sabotage, espionage, piracy, identity theft, invasions of privacy, and electronic warfare. She describes these attacks with astonishing, real examples, as in her analysis of information warfare operations during the Gulf War. Then, offering sound advice for security practices and policies, she explains countermeasures that are both possible and necessary.
You will find in this book:
- A comprehensive and coherent treatment of offensive and defensive information warfare, identifying the key actors, targets, methods, technologies, outcomes, policies, and laws;
- A theory of information warfare that explains and integrates within a single framework operations involving diverse actors and media;
- An accurate picture of the threats, illuminated by actual incidents;
- A description of information warfare technologies and their limitations, particularly the limitations of defensive technologies.
Whatever your interest or role in the emerging field of information warfare, this book will give you the background you need to make informed judgments about potential threats and our defenses against them.
I. INTRODUCTION.1. Gulf War—Infowar.
The Gulf War.Information Warfare.From Chicks to Chips.2. A Theory of Information Warfare.
Information Resources.The Value of Resources.Players.The Offense.The Defense.A Dual Role.Offensive Information Warfare.Increased Availability to Offensive Player.Decreased Availability to Defensive Player.Decreased Integrity.Other Classification Schemes.Defensive Information Warfare.Types of Defense.Information Security and Information Assurance.The CIA Model and Authorization.3. Playgrounds to Battlegrounds.
Play.Motivation.Culture.More than Child’s Play.Crime.Intellectual Property Crimes.Fraud.Computer Fraud and Abuse.Fighting Crime.Individual Rights.National Security.Foreign Intelligence.War and Military Conflict.Terrorism.Netwars.Protecting National Infrastructures.
II. OFFENSIVE INFORMATION WARFARE.4. Open Sources.
Open Source and Competitive Intelligence.Privacy.Snooping on People Through Open Sources.Web Browsing.Privacy Regulations.Piracy.Copyright Infringement.Trademark Infringement.Dark Sides.5. Psyops and Perception Management.
Lies and Distortions.Distortion.Fabrication.Hoaxes.Social Engineering.Denouncement.Conspiracy Theories.Defamation.Harassment.Advertising.Scams.Spam Wars.Censorship.United States Restrictions.6. Inside the Fence.
Traitors and Moles.State and Military Espionage.Economic Espionage.Corporate Espionage.Privacy Compromises.Business Relationships.Visits and Requests.Fraud and Embezzlement.Bogus Transactions.Data Diddling.Inside Sabotage.Physical Attacks.Software Attacks.Penetrating the Perimeter.Physical Break-ins and Burglaries.Search and Seizure.Dumpster Diving.Bombs.7. Seizing the Signals.
Eavesdropping on Conversations.Cellular Intercepts.Pager Intercepts.Law Enforcement Wiretaps.Foreign Intelligence Intercepts.Deciphering the Messages.Traffic Analysis.Pen Registers and Trap and Trace.Location Tracking.Telecommunications Fraud.Blue Boxes.PBX and Related Fraud.Voice Mail Fraud.Calling Card Fraud.Cloned Phones and Cellular Fraud.Computer Network Monitoring.Packet Sniffers.Keystroke Monitoring.Environment Surveillance.Cameras and Video.Satellites and Imagery.Van Eck Receptors.Miscellaneous Sensors.Shoulder Surfing.Privacy and Accountability.Sabotage.Tampering with Phone Service.Jamming.Radio Frequency Weapons.Physical Attacks.8. Computer Break-Ins and Hacking.
Accounts.Getting Access.Tools and Techniques.A Demonstration.Network Scanners.Packet Sniffers.Password Crackers.Buffer Overþows and Other Exploits.Social Engineering.Covering up Tracks.Information Theft.Gathering Trophies.More than Trophies.Tampering.Web Hacks.Domain Name Service Hacks.Takedown.Remote Shutdown.Extent.9. Masquerade.
Identity Theft.Forged Documents and Messages.E-Mail Forgeries.Forgeries in Spam.E-Mail Floods.IP Spoofing.Counterfeiting.Trojan Horses.Software Trojans.Riding the Web.E-Mail Relays.Chipping.Undercover Operations and Stings.10. Cyberplagues.
Viruses.Program Viruses.Boot Viruses.Macro Viruses.Concealment Techniques.Who Writes Viruses.Prevalence.Virus Hoaxes.Worms.
III. DEFENSIVE INFORMATION WARFARE.11. Secret Codes and Hideaways.
Locks and Keys.Cryptography.Digital Ciphers.Code Breaking.Generation and Distribution of Keys.Public-Key Distribution and Diffie-Hellman.Public-Key Cryptography and RSA.Key Storage and Recovery.Applications of Encryption.The Limits of Encryption.Steganography.Anonymity.Sanitization.Trash Disposal.Shielding.12. How to Tell a Fake.
Biometrics.Passwords and Other Secrets.Integrity Checksums.Digital Signatures.Public-Key Management and Certificates.Watermarks.Call Back and Call Home.Location-based Authentication.Badges and Cards.13. Monitors and Gatekeepers.
Access Controls.Authorization Policies.Access Control Monitors.Limitations.Filters.Firewalls.Junk E-Mail Filters.Web Filters.Intrusion and Misuse Detection.Workplace Monitoring.Automated Detection.Computer Intrusion and Misuse Detection.Analogy with the Human Immune System.Detecting and Eradicating Viruses and Malicious Mobile Code.14. In a Risky World.
Vulnerability Monitoring.Finding Computer and Network Security Flaws.Monitoring Security Publications.Building It Secure.The Orange Book.The ITSEC and Common Criteria.Evaluation.Commercial Criteria.ICSA Certification.Accreditation.The Capability Maturity Model.Security Awareness and Training.Avoiding Single Points of Failure.Backups.Risk Management.Risk Assessment and Asset Valuation.Insurance.Benchmarking.Due Care and Liability.Incident Handling.Investigation and Assessment.Containment and Recovery.Improving Security.Notification.In-Kind Response.Legal and Civil Remedies.Economic and Military Response.Emergency Preparedness.Obstacles.15. Defending the Nation.
Generally Accepted System Security Principles.Protecting Critical Infrastructures.President’s Commission on Critical Infrastructure Protection.Presidential Decision Directive.Encryption Policy.Code Making.Code Breaking.International Policies.U.S. Policy.Legal Challenges.Legislation.Encryption Policy in Perspective.Bibliography of Books.
Dorothy E. Denning is Professor of Computer Science at Georgetown University. She is the author of a classic book in the field, Cryptography and Data Security, a coeditor (with Peter J. Denning) of a more recent work, Internet Besieged: Countering Cyberspace Scofflaws, and the author of 100 papers on computer security. Dr. Denning has shared her special expertise on encryption in testimony before the U.S. Congress.