- Paperback: 608 pages
- Publisher: Addison Wesley; 1 edition (6 April 2008)
- Language: English
- ISBN-10: 0321501950
- ISBN-13: 978-0321501950
- Product Dimensions: 17.8 x 3.8 x 22.9 cm
- Average Customer Review: 5.0 out of 5 stars See all reviews (2 customer reviews)
- Amazon Bestsellers Rank: 2,361,412 in Books (See Top 100 in Books)
- See Complete Table of Contents
Crimeware: Understanding New Attacks and Defenses Paperback – 6 Apr 2008
|New from||Used from|
- Choose from over 13,000 locations across the UK
- Prime members get unlimited deliveries at no additional cost
- Find your preferred location and add it to your address book
- Dispatch to this address when you check out
Customers Who Bought This Item Also Bought
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your e-mail address or mobile phone number.
More About the Author
From the Back Cover
“This book is the most current and comprehensive analysis of the state of Internet security threats right now. The review of current issues and predictions about problems years away are critical for truly understanding crimeware. Every concerned person should have a copy and use it for reference.”
―Garth Bruen, Project KnujOn Designer
There’s a new breed of online predators―serious criminals intent on stealing big bucks and top-secret information―and their weapons of choice are a dangerous array of tools called “crimeware.” With an ever-growing number of companies, organizations, and individuals turning to the Internet to get things done, there’s an urgent need to understand and prevent these online threats.
Crimeware: Understanding New Attacks and Defenses will help security professionals, technical managers, students, and researchers understand and prevent specific crimeware threats. This book guides you through the essential security principles, techniques, and countermeasures to keep you one step ahead of the criminals, regardless of evolving technology and tactics. Security experts Markus Jakobsson and Zulfikar Ramzan have brought together chapter contributors who are among the best and the brightest in the security industry. Together, they will help you understand how crimeware works, how to identify it, and how to prevent future attacks before your company’s valuable information falls into the wrong hands. In self-contained chapters that go into varying degrees of depth, the book provides a thorough overview of crimeware, including not only concepts prevalent in the wild, but also ideas that so far have only been seen inside the laboratory.
With this book, you will
- Understand current and emerging security threats including rootkits, bot networks, spyware, adware, and click fraud
- Recognize the interaction between various crimeware threats
- Gain awareness of the social, political, and legal implications of these threats
- Learn valuable countermeasures to stop crimeware in its tracks, now and in the future
- Acquire insight into future security trends and threats, and create an effective defense plan
With contributions by Gary McGraw, Andrew Tanenbaum, Dave Cole, Oliver Friedrichs, Peter Ferrie, and others.
About the Author
Markus Jakobsson, Ph.D., is currently principal scientist at Palo Alto Research Center and an adjunct associate professor at Indiana University. The coauthor of more than one hundred peer-reviewed articles and co-inventor of more than fifty patents, Markus studies the human factor of security and cryptographic protocols with an emphasis on privacy.
Zulfikar Ramzan, Ph.D., is currently a senior principal researcher with Symantec Security Response. Coauthor of more than fifty technical articles and one other book, Zulfikar is a frequent speaker on his areas of expertise: theoretical and practical aspects of information security and cryptography.
Top Customer Reviews
I found that the problems and difficulties posted in this book are still the same and it's still up to date.
Most Helpful Customer Reviews on Amazon.com (beta)
As this is an election year, and a crazy one at that, chapter 10 is a must read, it details a number of ways the election could be impacted, I think a bit about evoting machines might make a scary chapter even scarier. As soon as I finish this review, I need to send a note to a friend of mine concerned about click fraud, the authors do a great job on that in chapter 11.
And the best thing, the authors do not just tell you how bad things are, they spend a lot of time talking about defense. And if I can offer a thank you to the fifty or so researchers that helped with the book, thank you very much, the defensive information community is far better off for your efforts. A must own, must read, must read soon if there ever was such a thing. Order it now!
Chapter 8: Rootkits, by Prashant Pathak, was my favorite. I've read books on rootkits before, by Pathak's chapter presented the subject in a very understandable manner. His methodical and disciplined approach seemed very effective. He explained various approaches and terms, instead of assuming the reader knew what he was discussing already. I recommend reading chapter 8 before tackling other books on rootkits.
Chapter 1: Overview of Crimeware, by Aaron Emigh and Zulfikar Ramzan; Chapter 6: Crimeware in the Browser, by Dan Boneh, et al; and Chapter 7: Bot Networks, by James Hoagland, Zulfikar Ramzan, and Sourabh Satish addressed the core malware topics I would expect to appeal to the sorts of readers who frequent my blog. While several other chapters offered novel research, these three plus the rootkits chapter are probably most helpful to those defending networks.
I really enjoyed chapter 7 on Bot Networks. Like most of the other chapters it covers the basics of the topic, then digs deeper into the workings of the subject. And if you really want deep detail the ending sections go into extremely deep details (the book says these sections may only be of interest to security researchers). Some of the ending sections were over my head. But, the ones I did understand opened my eyes to those topics in a different light.
This book will be on my reference shelf for quite sometime due to the detail and range of topics covered.
That time is gone. It has been gone for a while now. Professional criminals and crime syndicates eventually figured out that these same attacks and exploits, if properly crafted, could represent a windfall of ill-gotten cash. Rather than trying to have the greatest impact and notoriety, today's attacks seek to find a balance between compromising as many machines as possible while also staying under the radar and remaining undetected by users or security software.
The authors of Crimeware: Understanding New Attacks and Defenses have put together a comprehensive and thorough guide to current malware- which they call crimeware- and how to defend against it. Rather than go on about the scope of the book, I will just list the chapters and let you judge for yourself.
1.Overview of Crimeware
2.A taxonomy of Coding Errors
3.Crimeware and Peer-to-Peer Networks
4.Crimeware in Small Devices
5.Crimeware in Firmware
6.Crimeware in the Browser
9.Virtual Worlds and Fraud
10.Cyberware and Politics
11.Online Advertising Fraud
12.Crimeware Business Models
13.The Educational Aspect of Security
14.Surreptitious Code and the Law
15.Crimeware and Trusted Computing
16.Technical Defense Techniques
17.The Future of Crimeware
This book is not just another compendium of malware and defensive countermeasures. This book provides that, but goes beyond that to educate the reader and provide tremendous insight about how and why crimeware works.
This is the first book to describe the mounting problem of crimeware in a manner that is both accessible to a general readership and helpful to the expert reader. Written by expert contributors in the field of security, it details how cyber crooks are launching attacks on businesses and society, and predicts the trends in Internet security. In contrast to most security books, this book covers not only technical aspects, but also social and legal aspects of security. The book has descriptions of the current and predicted threat pictures, and discussions of meaningful countermeasures, including possible educational campaigns to support other countermeasures. It is a book that is difficult to put down once you have started reading, at the same time as it is likely to remain a useful reference for quite a while.
As has been commented previously, each chapter is more or less self-contained, and so readers can skip to chapters of interest. Further, rather than just considering the technical problems and solutions of online crime, it considers the broader holistic problem of security and crime. I strongly recommend this book to those that want to understand the current and future online threats.