did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780387773216

Insider Attack and Cyber Security

by ; ; ; ;
  • ISBN13:

    9780387773216

  • ISBN10:

    0387773215

  • Format: Hardcover
  • Copyright: 2008-04-07
  • Publisher: Springer-Verlag New York Inc

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $169.99 Save up to $136.58
  • Buy Used
    $127.49
    Add to Cart Free Shipping Icon Free Shipping

    USUALLY SHIPS IN 2-4 BUSINESS DAYS

Supplemental Materials

What is included with this book?

Summary

Insider Attack and Cyber Security: Beyond the Hacker defines the nature and scope of insider problems as viewed by the financial industry. This edited volume is based on the first workshop on Insider Attack and Cyber Security, IACS 2007. The workshop was a joint effort from the Information Security Departments of Columbia University and Dartmouth College.This book sets an agenda for an ongoing research initiative to solve one of the most vexing problems encountered in security, and includes the following topics: critical IT infrastructure, insider threats, awareness and dealing with nefarious human activities in a manner that respects individual liberties and privacy policies of organizations while providing the best protection of critical resources and services. In some sense, the insider problem is the ultimate security problem. This volume concludes with technical and legal challenges facing researchers who study and propose solutions to mitigate insider attacks.

Table of Contents

The Insider Attack Problem Nature and Scopep. 1
Introductionp. 1
Types of Attackp. 1
Misuse of Accessp. 1
Defense Bypassp. 2
Access Control Failurep. 2
Defend or Detectp. 3
The Role of Processp. 4
Conclusionp. 4
Reflections on the Insider Threatp. 5
Introductionp. 5
Who Is an Insider?p. 6
Motivep. 6
Effectp. 7
Defining the Insider Threatp. 8
Contextp. 8
Insider Threat Issuesp. 9
Datap. 9
Psychologyp. 10
Monitoring and Privacyp. 12
Detecting Insider Attacksp. 13
Technologyp. 13
Conclusionsp. 14
Acknowledgmentsp. 15
The "Big Picture" of Insider IT Sabotage Across U.S. Critical Infrastructuresp. 17
Introductionp. 19
General Observations About Insider IT Sabotagep. 20
Model of the Insider IT Sabotage Problemp. 24
Insider Expectation Escalationp. 25
Escalation of Disgruntlementp. 26
Attack Setup and Concealmentp. 27
The Trust Trapp. 28
Possible Leverage Points for Addressing the Problemp. 29
Early Mitigation Through Expectation Settingp. 29
Handling Disgruntlement Through Positive Interventionp. 30
Targeted Monitoringp. 31
Eliminating Unknown Access Pathsp. 32
Measures Upon Demotion or Terminationp. 34
A Workshop on Insider IT Sabotagep. 35
The Instructional Casep. 36
Conclusionp. 39
Value of Modeling for Insightp. 40
Related CERT Researchp. 41
Acknowledgmentsp. 43
System Dynamics Backgroundp. 45
The Insider IT Sabotage Training Casep. 48
Introductionp. 48
Backgroundp. 48
The Final Weeksp. 50
Model of the Insider IT Sabotage Problemp. 52
Insider Sabotage Mitigating Measuresp. 52
Data Theft: A Prototypical Insider Threatp. 53
Introductionp. 53
Data Theftp. 53
Data Leakagep. 54
Riskp. 54
Recommendationsp. 55
Status Quop. 55
Historyp. 55
Risks & Controlsp. 55
Recommendationsp. 61
Technical Controlsp. 61
Administrative Controlsp. 64
Areas for Further Researchp. 66
Conclusionsp. 67
Acknowledgmentsp. 67
A Survey of Insider Attack Detection Researchp. 69
Introductionp. 69
Insider Attacksp. 72
Detecting Insider Attacksp. 73
Host-based User Profilingp. 73
Network-Based Sensorsp. 81
Integrated Approachesp. 82
Summaryp. 83
Future Research Directionsp. 85
Conclusionp. 87
Naive Bayes as a Masquerade Detector: Addressing a Chronic Failurep. 91
Introductionp. 91
Related Workp. 92
Background on Naive Bayesp. 94
Objective and Approachp. 94
Experiment With Synthetic Datap. 95
Variable Selectionp. 95
Synthetic Datap. 97
Experiment Controlp. 99
Procedurep. 99
Results and Analysisp. 100
Naive Bayes Mathematical Formulationp. 101
Calculating the Anomaly Scorep. 101
Manipulating the Anomaly Scorep. 103
Effect of NBSCsp. 105
Exploiting NBSCs to Cloak Attacksp. 106
Naive Bayes Fortificationp. 107
The Fortified Detectorp. 107
Evaluation Methodologyp. 108
Evaluation Results and Analysisp. 109
Discussionp. 110
Conclusionp. 111
Towards a Virtualization-enabled Framework for Information Traceability (VFIT)p. 113
Introductionp. 114
Threat Model and Requirementsp. 114
Backgroundp. 116
Models of Policy Enforcementp. 116
Hardware Virtualizationp. 117
System Architecturep. 117
Platform Architecturep. 118
Network Architecturep. 119
Implementationp. 120
Virtualization-enabled Information Tracingp. 121
Analysisp. 124
Performance Discussionp. 125
Threat Mitigationp. 126
Related Workp. 126
Conclusionp. 129
Acknowledgmentsp. 129
Reconfigurable Tamper-resistant Hardware Support Against Insider Threats: The Trusted ILLIAC Approachp. 133
Introductionp. 133
Software-based Transparent Runtime Randomizationp. 135
Tamper-resistant Key-store Support for Threshold Cryptographyp. 137
Crypto-engine Architecturep. 138
Security Analysisp. 139
Information Flow Signature Checking for Data Integrityp. 140
Threat Modelp. 141
Approachp. 141
Implementationp. 143
System Architecture Including the Trusted Computing Enginep. 144
Protecting Against Insider Attack With User-level Privileges: Runtime Guaranteesp. 146
Protecting Against Insider Attack with Administrative Privileges: Initialization and Runtime Guaranteesp. 147
Conclusions and Future Directionsp. 149
Surviving Insider Attacks: A Call for System Experimentsp. 153
Introductionp. 153
Principles for Survivabilityp. 155
Avoidance of a Single Point of Failurep. 156
Independence of Failure Modes and Attack Vulnerabilitiesp. 157
Fast Recovery from Failure and Attackp. 158
Attack Deterrencep. 159
Least Privilege Authorizationp. 160
Cost Factorsp. 161
Conclusion: A Call for Research and Development Experimentsp. 161
Preventative Directions For Insider Threat Mitigation Via Access Controlp. 165
Introductionp. 165
Definitions and Threat Modelp. 168
The Insiderp. 168
Types of Insidersp. 169
Damage of Insider Attacksp. 169
Threat Modelp. 170
Background and Primitivesp. 171
Authentication and Authorizationp. 171
Access Control Principlesp. 172
MAC, DAC, and Intermediate Schemesp. 172
Users and Groupsp. 173
Roles and Role Engineeringp. 174
Public Key Cryptographyp. 174
Requirementsp. 175
Functionalityp. 175
Usability and Costp. 176
Scale and Complexityp. 178
Domain Considerationsp. 179
Toolsp. 181
Passwords: Knowledge-Based Authenticationp. 181
Biometrics: Physiology-Based Authenticationp. 182
Tokens: Possession-Based Authenticationp. 183
PKI: Authentication via Digital Certificatesp. 184
Distributed Authentication and Identity Managementp. 185
Distributed Authorizationp. 186
Ongoing Challengesp. 188
A Snapshot of a Motion Picturep. 189
Privilege Issuance and Reviewp. 189
Auditing and Visualizationp. 190
Role Drift and Escalationp. 190
Expressiveness and Need to Knowp. 191
Incentivesp. 191
Conclusionsp. 191
Acknowledgmentsp. 192
Taking Stock and Looking Forward - An Outsider's Perspective on the Insider Threatp. 195
Introductionp. 196
What Is An "Insider Threat"?p. 198
How Does The Research Community Get Better Data?p. 201
Changing the Incentives that Organizations Facep. 205
Integrating Technical Solutions with Social Science Perspectivesp. 209
Creating a Response and Recovery System for Insider Threatsp. 211
Conclusionp. 213
Research Challenges for Fighting Insider Threat in the Financial Services Industryp. 215
Introductionp. 215
Employee Screening And Selectionp. 216
Access Controlsp. 217
Monitoring And Detectionp. 218
Hard Problems and Research Challenges Concluding Remarksp. 219
Indexp. 223
Table of Contents provided by Ingram. All Rights Reserved.

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program