Honeypots and Routers: Collecting Internet Attacks
暫譯: 蜜罐與路由器:收集網路攻擊
Mohammed, Mohssen, Rehman, Habib-Ur
- 出版商: Auerbach Publication
- 出版日期: 2020-09-30
- 售價: $2,130
- 貴賓價: 9.5 折 $2,024
- 語言: 英文
- 頁數: 190
- 裝訂: Quality Paper - also called trade paper
- ISBN: 0367658674
- ISBN-13: 9780367658670
海外代購書籍(需單獨結帳)
商品描述
As the number of Internet-based consumer transactions continues to rise, the need to protect these transactions against hacking becomes more and more critical. An effective approach to securing information on the Internet is to analyze the signature of attacks in order to build a defensive strategy. This book explains how to accomplish this using honeypots and routers. It discusses honeypot concepts and architecture as well as the skills needed to deploy the best honeypot and router solutions for any network environment.
Honeypots and Routers: Collecting Internet Attacks begins by providing a strong grounding in the three main areas involved in Internet security:
- Computer networks: technologies, routing protocols, and Internet architecture
- Information and network security: concepts, challenges, and mechanisms
- System vulnerability levels: network, operating system, and applications
The book then details how to use honeypots to capture network attacks. A honeypot is a system designed to trap an adversary into attacking the information systems in an organization. The book describes a technique for collecting the characteristics of the Internet attacks in honeypots and analyzing them so that their signatures can be produced to prevent future attacks. It also discusses the role of routers in analyzing network traffic and deciding whether to filter or forward it.
The final section of the book presents implementation details for a real network designed to collect attacks of zero-day polymorphic worms. It discusses the design of a double-honeynet system architecture, the required software tools, and the configuration process using VMware. With the concepts and skills you learn in this book, you will have the expertise to deploy a honeypot solution in your network that can track attackers and provide valuable information about their source, tools, and tactics.
商品描述(中文翻譯)
隨著基於互聯網的消費交易數量不斷上升,保護這些交易免受駭客攻擊的需求變得越來越重要。有效的互聯網資訊安全方法是分析攻擊的特徵,以建立防禦策略。本書解釋了如何使用蜜罐(honeypots)和路由器(routers)來實現這一目標。它討論了蜜罐的概念和架構,以及在任何網路環境中部署最佳蜜罐和路由器解決方案所需的技能。
《蜜罐與路由器:收集互聯網攻擊》首先提供了有關互聯網安全的三個主要領域的堅實基礎:
- 計算機網路:技術、路由協議和互聯網架構
- 資訊與網路安全:概念、挑戰和機制
- 系統脆弱性層級:網路、作業系統和應用程式
本書接著詳細說明如何使用蜜罐來捕捉網路攻擊。蜜罐是一種設計用來誘使對手攻擊組織資訊系統的系統。本書描述了一種收集蜜罐中互聯網攻擊特徵的技術,並分析這些特徵,以便生成其簽名以防止未來的攻擊。它還討論了路由器在分析網路流量和決定是否過濾或轉發流量中的角色。
本書的最後一部分介紹了設計用於收集零日多形蟲攻擊的實際網路的實施細節。它討論了雙蜜網系統架構的設計、所需的軟體工具以及使用 VMware 的配置過程。通過本書中學到的概念和技能,您將具備在您的網路中部署蜜罐解決方案的專業知識,能夠追蹤攻擊者並提供有關其來源、工具和戰術的寶貴資訊。
作者簡介
Mohssen Mohammed received his B.Sc. (Honors) degree in Computer Science from Computer Man College for Computer Studies (Future University), Khartoum, Sudan, in 2003. In 2006, he received his M.Sc. degree in Computer Science from the Faculty of Mathematical Sciences, University of Khartoum, Sudan. In 2012, he received his PhD in Electrical Engineering from Cape Town University, South Africa. He has published several papers at top international conferences such as GLOBECOM and MILCOM. He has served as a Technical Program Committee member in numerous international conferences, such as ICSEA 2010 and ICNS 2011. He received the University of Cape Town prize for International Scholarship for Academic Merit (2007, 2008, and 2009). From 2005 to 2012, he worked as a permanent academic staff member at the University of Juba, South of Sudan. He is now working as Assistant Professor in the College of Computer Science & Information Technology, Bahri University, Khartoum, Sudan. His research interest includes network security, especially intrusion detection and prevention systems, honeypots, firewalls, and malware detection methods.
Habib-ur Rehman completed his doctoral studies in 2009 at the Technische Universitaet Carolo Wilhelmina zu Braunschweig, Germany. Earlier, he obtained his MS degree in 2004 from the Lahore University of Management Sciences, Lahore, Pakistan. He worked as an Assistant Professor at the National Textile University, Faisalabad, Pakistan, and National University of Computer and Emerging Sciences, Islamabad, Pakistan. Since early 2012, he has been teaching at the Al-Imam Muhammad Ibn Saud Islamic University, Riyadh, KSA. His primary research interests are the design and development of network protocols, schemes, and models for mobile and ad hoc networks. He has focused on the issues of routing, MAC, streaming, security, and information sharing in his research. He has also supervised undergrad students in the development of useful Android applications.
作者簡介(中文翻譯)
Mohssen Mohammed 於2003年在蘇丹喀土穆的Computer Man College for Computer Studies (Future University) 獲得計算機科學榮譽學士學位。2006年,他在蘇丹喀土穆大學數學科學學院獲得計算機科學碩士學位。2012年,他在南非開普敦大學獲得電氣工程博士學位。他在GLOBECOM和MILCOM等頂級國際會議上發表了多篇論文。他曾擔任多個國際會議的技術程序委員會成員,如ICSEA 2010和ICNS 2011。他曾獲得開普敦大學國際學術獎學金(2007、2008和2009年)。從2005年到2012年,他在蘇丹朱巴大學擔任永久教學人員。目前,他在蘇丹喀土穆的巴赫里大學計算機科學與資訊技術學院擔任助理教授。他的研究興趣包括網絡安全,特別是入侵檢測和防禦系統、蜜罐、防火牆和惡意軟體檢測方法。
Habib-ur Rehman 於2009年在德國布倫瑞克的Technische Universitaet Carolo Wilhelmina zu Braunschweig完成博士學位。早前,他於2004年在巴基斯坦拉合爾管理科學大學獲得碩士學位。他曾在巴基斯坦法薩拉巴德的國立紡織大學和巴基斯坦伊斯蘭堡的國立計算機與新興科學大學擔任助理教授。自2012年初以來,他一直在沙烏地阿拉伯利雅德的阿爾伊瑪目穆罕默德·伊本·沙烏德伊斯蘭大學任教。他的主要研究興趣是設計和開發移動和臨時網絡的網絡協議、方案和模型。他的研究集中在路由、媒介存取控制(MAC)、串流、安全性和資訊共享等問題上。他還指導本科生開發有用的Android應用程式。
