eBook - ePub
Cyber-Security Threats, Actors, and Dynamic Mitigation
Nicholas Kolokotronis, Stavros Shiaeles, Nicholas Kolokotronis, Stavros Shiaeles
This is a test
- 374 páginas
- English
- ePUB (apto para móviles)
- Disponible en iOS y Android
eBook - ePub
Cyber-Security Threats, Actors, and Dynamic Mitigation
Nicholas Kolokotronis, Stavros Shiaeles, Nicholas Kolokotronis, Stavros Shiaeles
Detalles del libro
Vista previa del libro
Índice
Citas
Información del libro
Cyber-Security Threats, Actors, and Dynamic Mitigation provides both a technical and state-of-the-art perspective as well as a systematic overview of the recent advances in different facets of cyber-security. It covers the methodologies for modeling attack strategies used by threat actors targeting devices, systems, and networks such as smart homes, critical infrastructures, and industrial IoT.
With a comprehensive review of the threat landscape, the book explores both common and sophisticated threats to systems and networks. Tools and methodologies are presented for precise modeling of attack strategies, which can be used both proactively in risk management and reactively in intrusion prevention and response systems. Several contemporary techniques are offered ranging from reconnaissance and penetration testing to malware detection, analysis, and mitigation. Advanced machine learning-based approaches are also included in the area of anomaly-based detection, that are capable of detecting attacks relying on zero-day vulnerabilities and exploits.
Academics, researchers, and professionals in cyber-security who want an in-depth look at the contemporary aspects of the field will find this book of interest. Those wanting a unique reference for various cyber-security threats and how they are detected, analyzed, and mitigated will reach for this book often.
Preguntas frecuentes
¿Cómo cancelo mi suscripción?
¿Cómo descargo los libros?
Por el momento, todos nuestros libros ePub adaptables a dispositivos móviles se pueden descargar a través de la aplicación. La mayor parte de nuestros PDF también se puede descargar y ya estamos trabajando para que el resto también sea descargable. Obtén más información aquí.
¿En qué se diferencian los planes de precios?
Ambos planes te permiten acceder por completo a la biblioteca y a todas las funciones de Perlego. Las únicas diferencias son el precio y el período de suscripción: con el plan anual ahorrarás en torno a un 30 % en comparación con 12 meses de un plan mensual.
¿Qué es Perlego?
Somos un servicio de suscripción de libros de texto en línea que te permite acceder a toda una biblioteca en línea por menos de lo que cuesta un libro al mes. Con más de un millón de libros sobre más de 1000 categorías, ¡tenemos todo lo que necesitas! Obtén más información aquí.
¿Perlego ofrece la función de texto a voz?
Busca el símbolo de lectura en voz alta en tu próximo libro para ver si puedes escucharlo. La herramienta de lectura en voz alta lee el texto en voz alta por ti, resaltando el texto a medida que se lee. Puedes pausarla, acelerarla y ralentizarla. Obtén más información aquí.
¿Es Cyber-Security Threats, Actors, and Dynamic Mitigation un PDF/ePUB en línea?
Sí, puedes acceder a Cyber-Security Threats, Actors, and Dynamic Mitigation de Nicholas Kolokotronis, Stavros Shiaeles, Nicholas Kolokotronis, Stavros Shiaeles en formato PDF o ePUB, así como a otros libros populares de Ciencia de la computación y Ciberseguridad. Tenemos más de un millón de libros disponibles en nuestro catálogo para que explores.
Información
1
Profiles of Cyber-Attackers and Attacks
CONTENTS
- 1.1 Introduction
- 1.2 Taxonomy of Attackers
- 1.3 Cyber-Threats Overview
- 1.3.1 Threat Characteristics
- 1.3.2 Threat Taxonomies
- 1.3.3 Threat Methodologies
- 1.3.4 Threat Frameworks
- 1.3.5 Threat Models
- 1.3.5.1 Attacker Centric
- 1.3.5.2 System Centric
- 1.3.5.3 Asset Centric
- 1.4 The Cyber-Kill Chain
- 1.4.1 Variants and Extensions
- 1.4.2 Kill Chain for Various Cyber-Threats
- 1.5 Attackers Modeling And Threats/Metrics
- 1.6 Resources And Vulnerability Markets
- 1.6.1 Regulated Markets’ Value
- 1.6.2 Unregulated Markets’ Value
- 1.7 Conclusion
- References
1.1 INTRODUCTION
The manifestation of a cyber-attack is the successful execution of interconnected “steps,” reconnaissance, weaponization, delivery, exploitation, installation, command and control, and finally the action upon the objective; this is called cyber-attack kill chain. Based on the target (e.g. companies, governmental agencies, individuals, etc.) and the objective(s) of the attacker, the difficulty of successfully penetrating (without being identified) varies greatly. Behind the attacks are individuals or groups targeting infrastructures, computer networks and systems along with their Internet of Things (IoT) counterparts (e.g. mobile phones, IP cameras, smart houses, etc.)—cyber-attackers. They often have malicious intent that varies based on the type and motivation of the attacker.
Three categories of attackers can be identified based on their location and knowledge regarding the target organization [1]:
- Internal to the organization: They are also known as insiders, and they have high level of knowledge about the target's network, systems, security, policies, and procedures. According to the 15th annual Computer Security Institute (CSI) Computer Crime and Security Survey Reports [2], there are two threat vectors contributing to insider threats, namely organization's employees having (1) malicious intents (e.g. to disclose and/or sell non-public information); (2) non-malicious intents (e.g. they have made some unintentional mistake). The majority of the losses are due to the latter threat vector.
- External to the organization: Compared to the insider threats, such attackers have to spend a great amount of time before the attack gathering information on the target, due to their limited prior knowledge.
- Mixed groups: They are comprised of both internal and external attackers.
Cyber-attackers are also distinguished based on their skills, motives, and potential targets. Seven different types will be presented in Section 1.2. Based on the targets and skills, cyber-attackers need different “weapons” like zero-day vulnerabilities, exploits and exploit kits, and botnets for distributed denial-of-service (DDoS) attacks while at the same time they need funding. Most of the times the funding is coming from stolen credit cards and bitcoin wallets—often obtained through phishing emails, scams, ransomware, and from renting their skills “crime-as-a-service.”
Successfully profiling cyber-attackers can greatly enhance the preparedness of an organization, technically and educationally, and can assist in the mitigation and minimization of the impact of the attack. The profiling of cyber-attackers can also minimize the time, effort, and resources needed to identify them. Furthermore, it allows the development of more accurate and tailored threat models.
This chapter is structured as follows: in Section 1.2, the taxonomy of attackers is presented followed by an overview of cyber-threats; their characteristics and possible taxonomies are presented in Section 1.3. The cyber-kill chain and the related literature are presented in Section 1.4, while Section 1.5 presents the correlation between the different types of cyber-attackers and the execution of specific attacks, the complexity of the attack, and the attack vector. Section 1.6 provides information regarding the cyber-vulnerability markets, the interconnection between the markets and each type of attacker followed by the respective literature review. Finally, Section 1.7 concludes this chapter.
1.2 TAXONOMY OF ATTACKERS
This section presents a taxonomy of cybercrime actors, providing information on their motives, scope, targets, and level of expertise. In general, the cybercrime actors are broken down into seven categories:
Virus and hacking tools coders: Individuals or teams of expert programmers, elite-hacking tool coders with excellent computer skills. The main focus of these actors is to develop and distribute malicious software (i.e. computer viruses, worms, rootkits, exploits, etc.) and hacking toolkits possibly to have a financial gain. The main buyers are non-expert individuals who want to become hackers (e.g. script kiddies [SK]) [3]. They can launch and orchestrate complex attacks.
Black hat hackers: Hackers (regardless whether they are black, white, or gray hat) are using almost the same tools and techniques, but with different motives and goals. In particular, black hat hackers are hackers with excellent computer skills (elite) that perpetrate illegal activities—other actors of this taxonomy are also characterized as black hats in the literature (e.g. hacktivists). Their primary motive is to earn money (e.g. hacking as a service), fame, and in cert...