CART

(0) items

The Death of the Internet,9781118062418
This item qualifies for
FREE SHIPPING!

FREE SHIPPING OVER $59!

Your order must be $59 or more, you must select US Postal Service Shipping as your shipping preference, and the "Group my items into as few shipments as possible" option when you place your order.

Bulk sales, PO's, Marketplace Items, eBooks, Apparel, and DVDs not included.

The Death of the Internet

by
Edition:
1st
ISBN13:

9781118062418

ISBN10:
1118062418
Format:
Paperback
Pub. Date:
7/17/2012
Publisher(s):
Wiley-IEEE Computer Society Pr

Questions About This Book?

What version or edition is this?
This is the 1st edition with a publication date of 7/17/2012.
What is included with this book?
  • The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any CDs, lab manuals, study guides, etc.

Summary

Fraud poses a significant threat to the Internet. 1.5% of all online advertisements attempt to spread malware. This lowers the willingness to view or handle advertisements, which will severely affect the structure of the web and its viability. It may also destabilize online commerce. In addition, the Internet is increasingly becoming a weapon for political targets by malicious organizations and governments. This book will examine these and related topics, such as smart phone based web security. This book describes the basic threats to the Internet (loss of trust, loss of advertising revenue, loss of security) and how they are related. It also discusses the primary countermeasures and how to implement them.

Author Biography

Markus Jakobsson, PhD, is Principal Scientist for Consumer Security at PayPal. He is the founder of the security startups RavenWhite and FatSkunk and has held positions at Palo Alto Research Center, RSA Laboratories, and Bell Labs. The editor of RSA's technical newsletter CryptoBytes, Dr. Jakobsson holds numerous U.S. patents, has published more than 100 articles, and authored and edited several books, including Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft (Wiley). He has been interviewed on the subjects of phishing and crimeware on NPR, BBC, and other high-profile media outlets.

Table of Contents

Forewordp. xv
Prefacep. xvii
Is the Title of this Book a Joke?p. xix
Acknowledgmentsp. xxi
Contributorsp. xxiii
The Problem
What Could Kill the Internet? And so What?p. 3
It is About Peoplep. 7
Human and Social Issuesp. 7
Nigerian Scamsp. 8
Password Reusep. 9
Phishingp. 11
Who are the Criminals?p. 13
Who are they?p. 13
Where are they?p. 14
Deep-Dive: Taking a Look at Ex-Soviet Hackersp. 14
Let's try to Find Parallels in the World we Live inp. 16
Crime and Punishment?p. 16
How Criminals Profitp. 19
Online Advertising Fraudp. 20
Advertising on the Internetp. 20
Exploits of Online Advertising Systemsp. 23
Click Fraudp. 25
Malvertising: Spreading Malware via Adsp. 31
Inflight Modification of Ad Trafficp. 32
Adware: Unsolicited Software Adsp. 34
Conclusionp. 35
Toeing the Line: Legal but Deceptive Service Offersp. 35
How Does it Work?p. 36
What do they Earn?p. 36
Phishing and Some Related Attacksp. 38
The Problem is the Userp. 38
Phishingp. 38
Man-in-the-Middlep. 39
Man-in-the-Browserp. 40
New Attack: Man-in-the-Screenp. 41
Malware: Current Outlook Members of the BITS Security Working Group and staff leads Greg Rattray and Andrew Kennedyp. 42
Malware Evolutionp. 42
Malware Supply and Demandp. 48
Monetizationp. 53
There is Money Every wherep. 53
How Things Work and Failp. 57
Online Advertising: With Secret Securityp. 58
What is a Click?p. 58
How Secret Filters are Evaluatedp. 60
What do Fraudsters Know?p. 62
Web Security Remediation Effortsp. 63
Introductionp. 63
The Multitude of Web Browser Security Mechanismsp. 64
Where do we go from Here?p. 75
Content-Sniffing XSS Attacks: XSS with Non-HTML Contentp. 75
Introductionp. 75
Content-Sniffing XSS Attacksp. 77
Defensesp. 84
Conclusionp. 89
Our Internet Infrastructure at Riskp. 89
Introductionp. 89
The Political Structurep. 90
The Domainp. 92
WHOIS: Ownership and Technical Recordsp. 94
Registrars: Sponsors of Domain Namesp. 96
Registries: Sponsors of Domain Extensionsp. 97
CCTLDs: The Sovereign Domain Extensionsp. 99
ICANN: The Main Internet Policy Bodyp. 100
Conclusionp. 102
Social Spamp. 103
Introductionp. 103
Motivations for Spammersp. 105
Case Study: Spam in the GiveALink Bookmarking Systemp. 108
Web Pollutionp. 114
The Changing Nature of Social Spam: Content Farmsp. 116
Conclusionp. 117
Understanding CAPTCHAs and Their Weaknessesp. 117
What is a Captcha?p. 117
Types of Captchasp. 188
Evaluating Captcha Attack Effectivenessp. 118
Design of Captchasp. 119
Automated Attacksp. 124
Crowd-Sourcing: Using Humans to Break Captchasp. 127
Security Questionsp. 131
Overviewp. 131
Vulnerabilitiesp. 134
Variants and Possible Defensesp. 138
Conclusionp. 139
Folk Models of Home Computer Securityp. 140
The Relationship Between Folk Models and Securityp. 140
Folk Models of Viruses and Other Malwarep. 142
Folk Models of Hackers and Break-Insp. 146
Following Security Advicep. 149
Lessons Learnedp. 153
Detecting and Defeating Interception Attacks Against SSLp. 154
Introductionp. 154
Certificate Authorities and the Browser Vendorsp. 155
Big Brother in the Browserp. 157
Compelled Assistancep. 158
Surveillance Appliancesp. 159
Protecting Usersp. 160
Threat Model Analysisp. 163
Related Workp. 166
Conclusionp. 168
The Mobile Problemp. 169
Phishing on Mobile Devicesp. 169
The Mobile Phishing Threatp. 170
Common Control Transfersp. 172
Phishing Attacksp. 178
Web Sender → Mobile Targetp. 182
Web Sender → Web Targetp. 184
Attack Preventionp. 185
Why Mobile Malware will Explodep. 185
Nineteen Eighty-Six: When it all Startedp. 186
A Glimpse of Usersp. 186
Why Market Size Mattersp. 186
Financial Trendsp. 187
Mobile Malware Outlookp. 187
Tapjacking: Stealing Clicks on Mobile Devicesp. 189
Framing Attacksp. 189
Phone Tapjackingp. 191
Framing Facebookp. 194
Summary and Recommendationsp. 195
The Internet and the Physical Worldp. 197
Malware-Enabled Wireless Tracking Networksp. 197
Introductionp. 198
The Anatomy of a Modern Smartphonep. 199
Mobile Tracking Networks: A Threat to Smartphonesp. 200
Conclusionp. 219
Social Networking Leaksp. 219
Introductionp. 220
Motivations for Using Social Networking Sitesp. 220
Trust and Privacyp. 221
Known Issuesp. 222
Case Study: Social Networking Leaks in the Physical Worldp. 225
Abuse of Social Media and Political Manipulationp. 231
The Rise of Online Grassroots Political Movementsp. 231
Spam and Astroturfingp. 232
Deceptive Tacticsp. 233
The Truthy System for Astroturf Detectionp. 236
Discussionp. 240
Thinking About Solutions
Solutions to the Problemp. 245
When and How to Authenticatep. 245
Problem Descriptionp. 246
Use Casesp. 247
System Architecturep. 248
User Privacyp. 250
Machine Learning/Algorithmsp. 250
User Studyp. 252
Fastwords: Adapting Passwords to Constrained Keyboardsp. 255
The Principles Behind Fastwordsp. 256
Basic Feature Setp. 258
Extended Feature Setp. 260
Sample Stories and Frequenciesp. 261
Recall Ratesp. 262
Security Analysisp. 264
The Security of Passwordsp. 264
Entry Speedp. 268
Implementation of Fastword Entryp. 270
Conclusionp. 271
Deriving PINs from Passwordsp. 271
Introductionp. 272
A Brief Discussion of Passwordsp. 273
How to Derive PINs from Passwordsp. 274
Analysis of Passwords and Derived PINsp. 275
Security Analysisp. 278
Usability Experimentsp. 280
Visual Preference Authenticationp. 282
Password Resetsp. 282
Security Questions Aren't so Securep. 283
What is Visual Preference-Based Authenticationp. 283
Evaluating Visual Preference-Based Authenticationp. 285
Case Study: Visual Blue Moon Authenticationp. 286
Conclusionp. 290
The Deadly Sins of Security User Interfacesp. 290
Security Applications with Frustrating User Interfacesp. 291
The Four Sins of Security Application User Interfacesp. 293
Consumer Choice: A Security Bugbearp. 293
Security by Verbosityp. 299
Walls of Checkboxesp. 300
All or Nothing Switchp. 302
Conclusionp. 304
SpoofKiller-Let's Kiss Spoofing Goodbye!p. 304
A Key to the Solution: Interruptsp. 305
Why can the User Log in to Good Sites, but not Bad Ones?p. 305
What About Sites that are Good … but not Certified Good?p. 308
SpoofKiller: Under the Hoodp. 309
Say we implement SpoofKiller-then What?p. 311
Device Identification and Intelligencep. 312
1995-2001: The Early Years of Device Identificationp. 313
2001-2008 Tagless Device Identification Beginsp. 314
2008-Present: Private Browsing and Beyondp. 319
How can we Determine if a Device is Infected or not?p. 323
Why Detection is Difficultp. 323
Setting up an Isolated Environmentp. 324
What Could go Wrong?p. 326
Brief Comparison with TrustZonep. 328
Summaryp. 328
The Futurep. 331
Security Needs the Best User Experiencep. 332
How the User Won Over Featuresp. 332
So How Come the iPhone Became so Successful?p. 332
A World of Information Anywherep. 333
Midas' Touch Screensp. 334
New Input, New Opportunitiesp. 335
Zero-Click and Real-Life User Interfacesp. 335
Privacy and User Interfacesp. 336
It all Comes Togetherp. 336
Fraud and the Futurep. 336
Referencesp. 339
Indexp. 359
Table of Contents provided by Ingram. All Rights Reserved.


Please wait while the item is added to your cart...