05569cam a2200661Ii 4500 ocn876746646 OCoLC 20190328114807.0 m o d cr cnu---unuuu 140415s2014 ne ob 000 0 eng d 2015303187 N$T eng rda pn N$T IDEBK OPELS UKMGB E7B YDXCP OCLCO CDX B24X7 COO TPH OCLCA OCLCQ OCLCO DEBSZ VGM LIV OCLCQ SAV OCLCA REB OCLCO OCLCF U3W D6H LND CHVBK INT OTZ AU@ OCLCQ WYU OCLCO OCLCA 016724752 Uk 016724862 Uk 1026443332 1065941456 9780128006191 (electronic bk.) 0128006196 (electronic bk.) 9780128006047 0128006048 9781306583534 1306583535 (OCoLC)876746646 (OCoLC)1026443332 (OCoLC)1065941456 TK5105.59 Online Book COM 060040 bisacsh COM 043050 bisacsh COM 053000 bisacsh 005.8 23 Sood, Aditya K., author. Targeted cyber attacks : multi-staged attacks driven by exploits and malware / [electronic resource] Aditya K Sood, Richard Enbody. Amsterdam ; Boston : Syngress, 2014. 1 online resource. text txt rdacontent computer c rdamedia online resource cr rdacarrier Print version record. Cyber-crime increasingly impacts both the online and offline world, and targeted attacks play a significant role in disrupting services in both. Targeted attacks are those that are aimed at a particular individual, group, or type of site or service. Unlike worms and viruses that usually attack indiscriminately, targeted attacks involve intelligence-gathering and planning to a degree that drastically changes its profile. Individuals, corporations, and even governments are facing new threats from targeted attacks. Targeted Cyber Attacks examines real-world examples of directed attacks and provides insight into what techniques and resources are used to stage these attacks so that you can counter them more effectively. A well-structured introduction into the world of targeted cyber-attacksIncludes analysis of real-world attacksWritten by cyber-security researchers and experts. Includes bibliographical references. Front Cover; Targeted Cyber Attacks; Copyright Page; A Few Words About Targeted Cyber Attacks; Contents; Acknowledgments; About the Authors; Overview; 1 Introduction; References; 2 Intelligence Gathering; 2.1 Intelligence Gathering Process; 2.2 OSINT, CYBINT, and HUMINT; 2.3 OSNs: A Case Study; References; 3 Infecting the Target; 3.1 Elements Used in Incursion; 3.2 Model A: Spear Phishing Attack: Malicious Attachments; 3.3 Model B: Spear Phishing Attack: Embedded Malicious Links; 3.4 Model C: Waterholing Attack; 3.5 Model D: BYOD as Infection Carriers: USB. 3.6 Model E: Direct Incursion: Network ExploitationReferences; 4 System Exploitation; 4.1 Modeling Exploits in Targeted Attacks; 4.2 Elements Supporting System Exploitation; 4.2.1 Browser Exploit Packs (BEPs); 4.2.2 Zero-Day Vulnerabilities and Exploits; 4.3 Defense Mechanisms and Existing Mitigations; 4.4 Anatomy of Exploitation Techniques; 4.4.1 Return-to-Libc Attacks; 4.4.2 Return-oriented Programming; 4.4.3 Attacking DEP and ASLR; 4.4.4 Digging Inside Info Leak Vulnerabilities; 4.5 Browser Exploitation Paradigm; 4.6 Drive-By Download Attack Model; 4.6.1 Compromising a Web Site/Domain. 4.6.2 Infecting a Web Site4.6.3 Hosting BEPs and Distributing Links; 4.6.4 Fingerprinting the User Environment; 4.6.5 Attacking Heap-Model of Exploitation; 4.6.6 Heap Spraying; 4.6.7 Heap Feng Shui/Heap Massage; 4.7 Stealth Malware Design and Tactics; 4.7.1 Hooking; 4.7.2 Bypassing Static and Dynamic Detection Mechanisms; References; 5 Data Exfiltration Mechanisms; 5.1 Phase 1: Data Gathering Mechanisms; 5.2 Phase 2: Data Transmission; References; 6 Maintaining Control and Lateral Movement; 6.1 Maintaining Control; 6.1.1 Deploying BackConnect Servers; 6.1.2 Local Privilege Escalation. 8 Challenges and Countermeasures8.1 Real-Time Challenges; 8.1.1 Persisting False Sense of Security; 8.1.2 Myths About Malware Infections and Protection; 8.2 Countermeasures and Future Developments; 8.2.1 Building a Strong Response Plan; 8.2.2 End System Security; 8.2.3 User Centric Security; 8.2.4 Network Level Security; 8.2.5 Security Assessment and Patch Management; 8.2.6 Next-generation Defenses; References; 9 Conclusion; References; Abbreviations. Computer networks Security measures. Cyberspace Security measures. Computer crimes Prevention. COMPUTERS Security Online Safety & Privacy. bisacsh COMPUTERS Security Networking. bisacsh COMPUTERS Security General. bisacsh Computer crimes Prevention. fast (OCoLC)fst00872068 Computer networks Security measures. fast (OCoLC)fst00872341 Computer Security. (DNLM)D016494 Electronic books. Electronic books. Enbody, Richard J., author. Print version: Targeted Cyber Attacks 9780128006047 (OCoLC)869777042 ScienceDirect http://www.sciencedirect.com/science/book/9780128006047 246901 246901