Amazon cover image
Image from Amazon.com

Security engineering : a guide to building dependable distributed systems / Ross Anderson.

By: Contributor(s): Material type: TextTextPublisher: Indianapolis, Indiana : John Wiley & Sons, Inc., [2020]Edition: Third editionDescription: 1 online resourceContent type:
  • text
Media type:
  • computer
Carrier type:
  • online resource
ISBN:
  • 9781119642817
  • 1119642817
  • 9781119642831
  • 1119642833
  • 9781119644682
  • 1119644682
Subject(s): Additional physical formats: Print version:: Security engineering.DDC classification:
  • 005.8 23
Online resources:
Contents:
Cover -- Title Page -- Copyright -- About the Author -- Acknowledgements -- Contents at a Glance -- Contents -- Preface to the Third Edition -- Preface to the Second Edition -- Preface to the First Edition -- For my daughter, and other lawyers ... -- Foreword -- Part I -- Chapter 1 What Is Security Engineering? -- 1.1 Introduction -- 1.2 A framework -- 1.3 Example 1 -- a bank -- 1.4 Example 2 -- a military base -- 1.5 Example 3 -- a hospital -- 1.6 Example 4 -- the home -- 1.7 Definitions -- 1.8 Summary -- Chapter 2 Who Is the Opponent? -- 2.1 Introduction -- 2.2 Spies -- 2.2.1 The Five Eyes
2.2.1.1 Prism -- 2.2.1.2 Tempora -- 2.2.1.3 Muscular -- 2.2.1.4 Special collection -- 2.2.1.5 Bullrun and Edgehill -- 2.2.1.6 Xkeyscore -- 2.2.1.7 Longhaul -- 2.2.1.8 Quantum -- 2.2.1.9 CNE -- 2.2.1.10 The analyst's viewpoint -- 2.2.1.11 Offensive operations -- 2.2.1.12 Attack scaling -- 2.2.2 China -- 2.2.3 Russia -- 2.2.4 The rest -- 2.2.5 Attribution -- 2.3 Crooks -- 2.3.1 Criminal infrastructure -- 2.3.1.1 Botnet herders -- 2.3.1.2 Malware devs -- 2.3.1.3 Spam senders -- 2.3.1.4 Bulk account compromise -- 2.3.1.5 Targeted attackers -- 2.3.1.6 Cashout gangs -- 2.3.1.7 Ransomware
2.3.2 Attacks on banking and payment systems -- 2.3.3 Sectoral cybercrime ecosystems -- 2.3.4 Internal attacks -- 2.3.5 CEO crimes -- 2.3.6 Whistleblowers -- 2.4 Geeks -- 2.5 The swamp -- 2.5.1 Hacktivism and hate campaigns -- 2.5.2 Child sex abuse material -- 2.5.3 School and workplace bullying -- 2.5.4 Intimate relationship abuse -- 2.6 Summary -- Research problems -- 2.6 Further reading -- Chapter 3 Psychology and Usability -- 3.1 Introduction -- 3.2 Insights from psychology research -- 3.2.1 Cognitive psychology -- 3.2.2 Gender, diversity and interpersonal variation -- 3.2.3 Social psychology
3.2.3.1 Authority and its abuse -- 3.2.3.2 The bystander effect -- 3.2.4 The social-brain theory of deception -- 3.2.5 Heuristics, biases and behavioural economics -- 3.2.5.1 Prospect theory and risk misperception -- 3.2.5.2 Present bias and hyperbolic discounting -- 3.2.5.3 Defaults and nudges -- 3.2.5.4 The default to intentionality -- 3.2.5.5 The affect heuristic -- 3.2.5.6 Cognitive dissonance -- 3.2.5.7 The risk thermostat -- 3.3 Deception in practice -- 3.3.1 The salesman and the scamster -- 3.3.2 Social engineering -- 3.3.3 Phishing -- 3.3.4 Opsec -- 3.3.5 Deception research
3.4 Passwords -- 3.4.1 Password recovery -- 3.4.2 Password choice -- 3.4.3 Difficulties with reliable password entry -- 3.4.4 Difficulties with remembering the password -- 3.4.4.1 Naïve choice -- 3.4.4.2 User abilities and training -- 3.4.4.3 Design errors -- 3.4.4.4 Operational failures -- 3.4.4.5 Social-engineering attacks -- 3.4.4.6 Customer education -- 3.4.4.7 Phishing warnings -- 3.4.5 Systemissues -- 3.4.6 Can you deny service? -- 3.4.7 Protecting oneself or others? -- 3.4.8 Attacks on password entry -- 3.4.8.1 Interface design -- 3.4.8.2 Trusted path, and bogus terminals
No physical items for this record

Includes bibliographical references and index.

Electronic reproduction. Hoboken, N.J. Available via World Wide Web.

Online resource; title from digital title page (viewed on December 10, 2020).

Cover -- Title Page -- Copyright -- About the Author -- Acknowledgements -- Contents at a Glance -- Contents -- Preface to the Third Edition -- Preface to the Second Edition -- Preface to the First Edition -- For my daughter, and other lawyers ... -- Foreword -- Part I -- Chapter 1 What Is Security Engineering? -- 1.1 Introduction -- 1.2 A framework -- 1.3 Example 1 -- a bank -- 1.4 Example 2 -- a military base -- 1.5 Example 3 -- a hospital -- 1.6 Example 4 -- the home -- 1.7 Definitions -- 1.8 Summary -- Chapter 2 Who Is the Opponent? -- 2.1 Introduction -- 2.2 Spies -- 2.2.1 The Five Eyes

2.2.1.1 Prism -- 2.2.1.2 Tempora -- 2.2.1.3 Muscular -- 2.2.1.4 Special collection -- 2.2.1.5 Bullrun and Edgehill -- 2.2.1.6 Xkeyscore -- 2.2.1.7 Longhaul -- 2.2.1.8 Quantum -- 2.2.1.9 CNE -- 2.2.1.10 The analyst's viewpoint -- 2.2.1.11 Offensive operations -- 2.2.1.12 Attack scaling -- 2.2.2 China -- 2.2.3 Russia -- 2.2.4 The rest -- 2.2.5 Attribution -- 2.3 Crooks -- 2.3.1 Criminal infrastructure -- 2.3.1.1 Botnet herders -- 2.3.1.2 Malware devs -- 2.3.1.3 Spam senders -- 2.3.1.4 Bulk account compromise -- 2.3.1.5 Targeted attackers -- 2.3.1.6 Cashout gangs -- 2.3.1.7 Ransomware

2.3.2 Attacks on banking and payment systems -- 2.3.3 Sectoral cybercrime ecosystems -- 2.3.4 Internal attacks -- 2.3.5 CEO crimes -- 2.3.6 Whistleblowers -- 2.4 Geeks -- 2.5 The swamp -- 2.5.1 Hacktivism and hate campaigns -- 2.5.2 Child sex abuse material -- 2.5.3 School and workplace bullying -- 2.5.4 Intimate relationship abuse -- 2.6 Summary -- Research problems -- 2.6 Further reading -- Chapter 3 Psychology and Usability -- 3.1 Introduction -- 3.2 Insights from psychology research -- 3.2.1 Cognitive psychology -- 3.2.2 Gender, diversity and interpersonal variation -- 3.2.3 Social psychology

3.2.3.1 Authority and its abuse -- 3.2.3.2 The bystander effect -- 3.2.4 The social-brain theory of deception -- 3.2.5 Heuristics, biases and behavioural economics -- 3.2.5.1 Prospect theory and risk misperception -- 3.2.5.2 Present bias and hyperbolic discounting -- 3.2.5.3 Defaults and nudges -- 3.2.5.4 The default to intentionality -- 3.2.5.5 The affect heuristic -- 3.2.5.6 Cognitive dissonance -- 3.2.5.7 The risk thermostat -- 3.3 Deception in practice -- 3.3.1 The salesman and the scamster -- 3.3.2 Social engineering -- 3.3.3 Phishing -- 3.3.4 Opsec -- 3.3.5 Deception research

3.4 Passwords -- 3.4.1 Password recovery -- 3.4.2 Password choice -- 3.4.3 Difficulties with reliable password entry -- 3.4.4 Difficulties with remembering the password -- 3.4.4.1 Naïve choice -- 3.4.4.2 User abilities and training -- 3.4.4.3 Design errors -- 3.4.4.4 Operational failures -- 3.4.4.5 Social-engineering attacks -- 3.4.4.6 Customer education -- 3.4.4.7 Phishing warnings -- 3.4.5 Systemissues -- 3.4.6 Can you deny service? -- 3.4.7 Protecting oneself or others? -- 3.4.8 Attacks on password entry -- 3.4.8.1 Interface design -- 3.4.8.2 Trusted path, and bogus terminals

Powered by Koha