Information Warfare and Security
暫譯: 資訊戰與安全

Name: Information Warfare and Security
Price: 686 TWD
Availability: Discontinued
Author: Dorothy E. Denning
ISBN: 0201433036

Dorothy E. Denning

出版商: Addison Wesley
出版日期: 1998-12-20
售價: $686
語言: 英文
頁數: 544
裝訂: Paperback
ISBN: 0201433036
ISBN-13: 9780201433036
相關分類: 資訊安全

已絕版

買這商品的人也買了...

~~$580~~ $458

Visual C++ 6 教學手冊 (Beginning Visual C++ 6)
~~$680~~ $537

計算機組織與設計--軟硬體界面第二版 (Computer Organization & Design, 2/e)
$948

Real World Linux Security: Intrusion Prevention, Detection and Recovery
$199

Information Warfare: How to Survive Cyber Attacks
~~$980~~ $774

C++ Primer, 3/e 中文版
$700

Incident Response: A Strategic Guide to Handling System and Network Security Bre
~~$520~~ $406

C++ 物件導向程式設計入門與應用
~~$920~~ $727

Thinking in Java 中文版 (Thinking in Java, 2/e)
~~$1,120~~ $1,098

Linux Kernel Programming, 3/e
$1,520

Linux System Security, 2/e
~~$650~~ $429

Visual C#.NET 程式設計經典
~~$690~~ $587

C++ Builder 6 完全攻略
~~$750~~ $638

鳥哥的 Linux 私房菜－伺服器架設篇
~~$560~~ $476

鳥哥的 Linux 私房菜─基礎學習篇增訂版
$1,068

Fundamentals of Database Systems, 4/e (IE)
~~$480~~ $379

人月神話：軟體專案管理之道 (20 週年紀念版)(The Mythical Man-Month: Essays on Software Engineering, Anniversary Edition, 2/e)
~~$490~~ $382

JSP 動態網頁新技術, 2/e
$999

Physically Based Rendering: From Theory to Implementation (Hardcover)
$1,176

Computer Organization and Design: The Hardware/Software Interface, 3/e(IE) (美國版ISBN:1558606041)
~~$580~~ $452

C++ 物件導向程式設計進階與應用
~~$750~~ $638

企業級 Linux 系統管理寶典
~~$680~~ $646

計算機組織與設計 (Computer Organization and Design: The Hardware/Software Interface, 3/e)
~~$650~~ $507

ASP.NET 2.0 深度剖析範例集
~~$450~~ $356

Ajax 技術手冊 (Foundations of Ajax)
~~$2,230~~ $2,119

Photoshop CS3 for Forensics Professionals: A Complete Digital Imaging Course for Investigators (Paperback)

商品描述

Description

This book provides a comprehensive and detailed look at information warfare: computer crime, cybercrime, and information terrorism. It describes attacks on information systems through theft, deception, or sabotage, and demonstrates the countermeasures being mounted to defeat these threats. Focusing on the criminals and information terrorists whose depredations include information-based threats to nations, corporations, and individuals, Denning places cybercrime within a broader context, integrating the various kinds of information crime, and the countermeasures against it, into a methodology-based framework.
Among the topics included are government use of information warfare for law enforcement investigations and for military and intelligence operations; also, the conflicts arising in the areas of free speech and encryption. The author discusses offensive information warfare, including acquisition of information, deceptive exploitation of information, and denial of access to information; and also addresses defensive information warfare, specifically, information security principles and practices. The book features coverage that is both broad and deep, illustrating cyberspace threats with real-world examples.

I. INTRODUCTION.

1. Gulf War—Infowar.

The Gulf War.
Information Warfare.

From Chicks to Chips.

2. A Theory of Information Warfare.

Information Resources.

The Value of Resources.

Players.

The Offense.
The Defense.
A Dual Role.

Offensive Information Warfare.

Increased Availability to Offensive Player.
Decreased Availability to Defensive Player.
Decreased Integrity.
Other Classification Schemes.

Defensive Information Warfare.

Types of Defense.
Information Security and Information Assurance.
The CIA Model and Authorization.

3. Playgrounds to Battlegrounds.

Play.

Motivation.
Culture.
More than Child's Play.

Crime.

Intellectual Property Crimes.
Fraud.
Computer Fraud and Abuse.
Fighting Crime.

Individual Rights.
National Security.

Foreign Intelligence.
War and Military Conflict.
Terrorism.
Netwars.
Protecting National Infrastructures.

II. OFFENSIVE INFORMATION WARFARE.

4. Open Sources.

Open Source and Competitive Intelligence.
Privacy.

Snooping on People Through Open Sources.
Web Browsing.
Privacy Regulations.

Piracy.

Dark Sides.

5. Psyops and Perception Management.

Lies and Distortions.

Distortion.
Fabrication.
Hoaxes.
Social Engineering.

Denouncement.

Conspiracy Theories.
Defamation.

Harassment.
Advertising.

Scams.

Spam Wars.
Censorship.

United States Restrictions.

6. Inside the Fence.

Traitors and Moles.

State and Military Espionage.
Economic Espionage.
Corporate Espionage.
Privacy Compromises.

Business Relationships.
Visits and Requests.
Fraud and Embezzlement.

Bogus Transactions.
Data Diddling.

Inside Sabotage.

Physical Attacks.
Software Attacks.

Penetrating the Perimeter.

Physical Break-ins and Burglaries.
Search and Seizure.
Dumpster Diving.
Bombs.

7. Seizing the Signals.

Eavesdropping on Conversations.

Cellular Intercepts.
Pager Intercepts.
Law Enforcement Wiretaps.
Foreign Intelligence Intercepts.
Deciphering the Messages.

Traffic Analysis.

Pen Registers and Trap and Trace.
Location Tracking.

Telecommunications Fraud.

Blue Boxes.
PBX and Related Fraud.
Voice Mail Fraud.
Calling Card Fraud.
Cloned Phones and Cellular Fraud.

Computer Network Monitoring.

Packet Sniffers.
Keystroke Monitoring.

Environment Surveillance.

Cameras and Video.
Satellites and Imagery.
Van Eck Receptors.
Miscellaneous Sensors.
Shoulder Surfing.
Privacy and Accountability.

Sabotage.

Tampering with Phone Service.
Jamming.
Radio Frequency Weapons.
Physical Attacks.

8. Computer Break-Ins and Hacking.

Accounts.

Getting Access.

Tools and Techniques.

A Demonstration.
Network Scanners.
Packet Sniffers.
Password Crackers.
Buffer Overows and Other Exploits.
Social Engineering.
Covering up Tracks.

Information Theft.

Gathering Trophies.
More than Trophies.

Tampering.

Web Hacks.
Domain Name Service Hacks.

Takedown.

Remote Shutdown.

Extent.

9. Masquerade.

Identity Theft.
Forged Documents and Messages.

E-Mail Forgeries.
Forgeries in Spam.
E-Mail Floods.
IP Spoofing.
Counterfeiting.

Trojan Horses.

Software Trojans.
Riding the Web.
E-Mail Relays.
Chipping.

Undercover Operations and Stings.

10. Cyberplagues.

Viruses.

Program Viruses.
Boot Viruses.
Macro Viruses.
Concealment Techniques.
Who Writes Viruses.
Prevalence.
Virus Hoaxes.

Worms.

III. DEFENSIVE INFORMATION WARFARE.

11. Secret Codes and Hideaways.

Locks and Keys.
Cryptography.

Digital Ciphers.
Code Breaking.
Generation and Distribution of Keys.
Public-Key Distribution and Diffie-Hellman.
Public-Key Cryptography and RSA.
Key Storage and Recovery.
Applications of Encryption.
The Limits of Encryption.

Steganography.
Anonymity.
Sanitization.
Trash Disposal.
Shielding.

12. How to Tell a Fake.

Biometrics.
Passwords and Other Secrets.
Integrity Checksums.
Digital Signatures.
Public-Key Management and Certificates.
Watermarks.
Call Back and Call Home.
Location-based Authentication.
Badges and Cards.

13. Monitors and Gatekeepers.

Access Controls.

Authorization Policies.
Access Control Monitors.
Limitations.

Filters.

Firewalls.
Junk E-Mail Filters.
Web Filters.

Intrusion and Misuse Detection.

Workplace Monitoring.
Automated Detection.
Computer Intrusion and Misuse Detection.
Analogy with the Human Immune System.
Detecting and Eradicating Viruses and Malicious Mobile Code.

14. In a Risky World.

Vulnerability Monitoring.

Finding Computer and Network Security Flaws.
Monitoring Security Publications.

Building It Secure.

The Orange Book.
The ITSEC and Common Criteria.
Evaluation.
Commercial Criteria.
ICSA Certification.
Accreditation.
The Capability Maturity Model.

Security Awareness and Training.
Avoiding Single Points of Failure.

Backups.

Risk Management.

Risk Assessment and Asset Valuation.
Insurance.
Benchmarking.
Due Care and Liability.

Incident Handling.

Investigation and Assessment.
Containment and Recovery.
Improving Security.
Notification.
In-Kind Response.
Legal and Civil Remedies.
Economic and Military Response.
Emergency Preparedness.

Obstacles.

15. Defending the Nation.

Generally Accepted System Security Principles.
Protecting Critical Infrastructures.

President's Commission on Critical Infrastructure Protection.
Presidential Decision Directive.

Encryption Policy.

Code Making.
Code Breaking.
International Policies.
U.S. Policy.
Legal Challenges.
Legislation.
Encryption Policy in Perspective.

Bibliography of Books.
Endnotes.
Index. 0201433036T04062001

商品描述(中文翻譯)

描述
本書提供了對資訊戰的全面且詳細的探討：電腦犯罪、網路犯罪和資訊恐怖主義。它描述了通過盜竊、欺騙或破壞對資訊系統的攻擊，並展示了為了擊敗這些威脅而採取的反制措施。書中聚焦於那些對國家、企業和個人造成基於資訊威脅的罪犯和資訊恐怖分子，Denning將網路犯罪置於更廣泛的背景中，將各種資訊犯罪及其反制措施整合進一個基於方法論的框架。
書中包括的主題有政府在執法調查及軍事和情報行動中使用資訊戰的情況；以及在言論自由和加密領域中出現的衝突。作者討論了進攻性資訊戰，包括資訊的獲取、對資訊的欺騙性利用和對資訊的拒絕訪問；同時也探討了防禦性資訊戰，特別是資訊安全的原則和實踐。本書的內容既廣泛又深入，通過真實世界的例子來說明網路空間的威脅。

目錄
I. 介紹
1. 海灣戰爭—資訊戰
海灣戰爭
資訊戰
從小雞到晶片

2. 資訊戰理論
資訊資源
資源的價值
參與者
進攻
防禦
雙重角色
進攻性資訊戰
進攻方的可用性增加
防守方的可用性減少
完整性減少
其他分類方案
防禦性資訊戰
防禦類型
資訊安全與資訊保證
CIA模型與授權

3. 遊樂場到戰場
玩耍
動機
文化
不僅僅是兒童遊戲
犯罪
知識產權犯罪
詐騙
電腦詐騙與濫用
打擊犯罪
個人權利
國家安全
外國情報
戰爭與軍事衝突
恐怖主義
網路戰爭
保護國家基礎設施

II. 進攻性資訊戰
4. 開放資源
開放源碼與競爭情報
隱私
通過開放資源窺探他人
網頁瀏覽
隱私法規
盜版
版權侵權
商標侵權
黑暗面

5. 心理戰與感知管理
謊言與扭曲
扭曲
偽造
騙局
社會工程
譴責
陰謀論
誹謗
騷擾
廣告
騙局
垃圾郵件戰爭
審查
美國的限制

6. 圍牆內部
叛徒與內奸
國家與軍事間諜活動
經濟間諜活動
企業間諜活動
隱私妥協
商業關係
訪問與請求
詐騙與挪用
虛假交易
數據篡改
內部破壞
實體攻擊
軟體攻擊
穿透周界
實體入侵與盜竊
搜查與扣押
垃圾箱潛水
炸彈

7. 捕捉信號
竊聽對話
行動電話攔截
傳呼機攔截
執法機構的竊聽
外國情報攔截
解碼訊息
流量分析
註冊與追蹤
位置追蹤
電信詐騙
藍盒子
PBX及相關詐騙
語音郵件詐騙
充值卡詐騙
克隆手機與行動電話詐騙
電腦網路監控
封包嗅探器
鍵盤監控
環境監控
攝影機與視頻
衛星與影像
Van Eck接收器
各種感測器
肩膀監視
隱私與問責
破壞

8. 電腦入侵與駭客
帳戶
獲取訪問
工具與技術
示範
網路掃描器
封包嗅探器
密碼破解器
緩衝區溢出與其他利用
社會工程
隱藏痕跡
資訊盜竊
收集戰利品
不僅僅是戰利品
篡改
網頁駭客
網域名稱服務駭客
拆除
遠端關閉
範圍

9. 偽裝
身份盜竊
偽造文件與訊息
電子郵件偽造
垃圾郵件中的偽造
電子郵件洪水
IP欺騙
假冒
特洛伊木馬
軟體特洛伊木馬
網路騎乘
電子郵件中繼
晶片

10. 網路瘟疫
病毒
程式病毒
開機病毒
巨集病毒
隱藏技術
誰在寫病毒
流行程度
病毒騙局
蠕蟲

III. 防禦性資訊戰
11. 秘密代碼與藏身之處
鎖與鑰匙
密碼學
數位密碼
破解代碼
鑰匙的生成與分發
公開金鑰分發與Diffie-Hellman
公開金鑰密碼學與RSA
鑰匙儲存與恢復
加密的應用
加密的限制
隱寫術
匿名性
清理
垃圾處理
屏蔽

12. 如何辨別假貨
生物識別
密碼與其他秘密
完整性檢查碼
數位簽名
公開金鑰管理與證書
水印
回撥與回家
基於位置的身份驗證
徽章與卡片

13. 監控者與守門人
存取控制
授權政策
存取控制監控
限制
過濾器
防火牆
垃圾郵件過濾器
網頁過濾器
入侵與濫用檢測
工作場所監控
自動檢測
電腦入侵與濫用檢測
與人體免疫系統的類比
檢測與消除病毒及惡意行動代碼

14. 在風險世界中
脆弱性監控
尋找電腦與網路安全缺陷
監控安全出版物
建立安全系統
橙皮書
ITSEC與通用標準
評估
商業標準
ICSA認證
認證
能力成熟度模型
安全意識與訓練
避免單點故障
備份
風險管理
風險評估與資產評價
保險
基準測試
謹慎與責任
事件處理
調查與評估
隔離與恢復
改進安全性
通知
實物回應
法律與民事救濟
經濟與軍事回應
緊急準備
障礙