Phishing and Countermeasures: Understanding the Increasing Problem of Electronic - gebunden oder broschiert
ISBN: 9780471782452
Introduction to Phishing. 1.1 What is Phishing?. 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.3 Making The Lure Convincing. 1.… Mehr…
Introduction to Phishing. 1.1 What is Phishing?. 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.3 Making The Lure Convincing. 1.4.4 Setting The Hook. The Nile on eBay Phishing and Countermeasures by Markus Jakobsson, Steven Myers Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Educating readers on how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. FORMATHardcover LANGUAGEEnglish CONDITIONBrand New Publisher Description Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Showing you how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. The authors subsequently deliberate on what action the government can take to respond to this situation and compare adequate versus inadequate countermeasures. Back Cover "This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable—each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." —Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Flap "This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable--each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." --Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Author Biography MARKUS JAKOBSSON, PhD, is Associate Professor in the School of Informatics at Indiana University, where he is also Associate Director of the Center for Applied Cybersecurity Research. Dr. Jakobsson is the former editor of RSA CryptoBytes. He is a noted authority on the subject of phishing and is regularly invited to speak on the topic at conferences and workshops. STEVEN MYERS, PhD, is Assistant Professor in the School of Informatics at Indiana University and a member of the University's Center for Applied Cybersecurity Research. Dr. Myers worked on secure email anti-phishing technology at Echoworx Corporation, and has written several papers on cryptography, distributed systems, and probabilistic combinatorics. Table of Contents Preface. Acknowledgements. 1. Introduction to Phishing. 1.1 What is Phishing? 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.1 Phishing Example: America's Credit Unions. 1.4.2 Phishing Example: PayPal. 1.4.3 Making The Lure Convincing. 1.4.4 Setting The Hook. 1.4.5 Making The Hook Convincing. 1.4.6 The Catch. 1.4.7 Take-Down and Related Technologies. 1.5 Evolution of Phishing. 1.6 Case Study: Phishing on Froogle. 1.7 Protecting Users from Phishing. References. 2. Phishing Attacks: Information Flow and Chokepoints. 2.1 Types of Phishing Attacks. 2.1.1 Deceptive Phishing. 2.1.2 Malware-Based Phishing. 2.1.3 DNS-Based Phishing ("Pharming"). 2.1.4 Content-Injection Phishing. 2.1.5 Man-in-the-Middle Phishing. 2.1.6 Search Engine Phishing. 2.2 Technology, Chokepoints and Countermeasures. 2.2.1 Step 0: Preventing a Phishing Attack Before it Begins. 2.2.2 Step 1: Preventing Delivery of Phishing Payload. 2.2.3 Step 2: Preventing or Disrupting a User Action. 2.2.4 Steps 2 and 4: Prevent Navigation and Data Compromise. 2.2.5 Step 3: Preventing Transmission of the Prompt. 2.2.6 Step 4: Preventing Transmission of Confidential Information. 2.2.7 Steps 4 and 6: Preventing Data Entry and Rendering it Useless. 2.2.8 Step 5: Tracing Transmission of Compromised Credentials. 2.2.9 Step 6: Interfering with the Use of Compromised Information. 2.2.10 Step 7: Interfering with the Financial Benefit. References. 3. Spoofing and Countermeasures. 3.1 Email Spoofing. 3.1.1 Filtering. 3.1.2 Whitelisting and Greylisting. 3.1.3 Anti-spam Proposals. 3.1.4 User Education. 3.2 IP Spoofing. 3.2.1 IP Traceback. 3.2.2 IP Spoofing Prevention. 3.2.3 Intradomain Spoofing. 3.3 Homograph Attacks Using Unicode. 3.3.1 Homograph Attacks. 3.3.2 Similar Unicode String Generation. 3.3.3 Methodology of Homograph Attack Detection. 3.4 Simulated Browser Attack. 3.4.1 Using the Illusion. 3.4.2 Web Spoofing. 3.4.3 SSL and Webspoofing. 3.4.4 Ensnaring the User. 3.4.5 SpoofGuard Versus the Simulated Browser Attack. 3.5 Case Study: Warning the User About Active Web Spoofing. References. 4. Pharming and Client Side Attacks. 4.1 Malware. 4.1.1 Viruses and Worms. 4.1.2 Spyware. 4.1.3 Adware. 4.1.4 Browser Hijackers. 4.1.5 Keyloggers. 4.1.6 Trojan Horses. 4.1.7 Rootkits. 4.1.8 Session Hijackers. 4.2 Malware Defense Strategies. 4.2.1 Defense Against Worms and Viruses . 4.2.2 Defense Against Spyware and Keyloggers. 4.2.3 Defending Against Rootkits. 4.3 Pharming. 4.3.1 Overview of DNS. 4.3.2 Role of DNS in Pharming. 4.3.3 Defending Against Pharming. 4.4 Case Study: Pharming with Appliances. 4.4.1 A Different Phishing Strategy. 4.4.2 The Spoof: A Home Pharming Appliance. 4.4.3 Sustainability of Distribution in the Online Marketplace. 4.4.4 Countermeasures. 4.5 Case Study: Race-Pharming. 4.5.1 Technical Description., John Wiley & Sons Inc<
the_nile 98.3, Zahlungsarten: Paypal, APPLE_PAY, Google Pay, Visa, Mastercard, American Express, Priority Listing. Versandkosten:Versand zum Fixpreis, [SHT: None], 3*** Melbourne, [TO: Worldwide] (EUR 40.68) Details... |
Phishing and Countermeasures: Understanding the Increasing Problem of Electronic - gebunden oder broschiert
ISBN: 9780471782452
The Nile on eBay Phishing and Countermeasures by Markus Jakobsson, Steven Myers Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective cou… Mehr…
The Nile on eBay Phishing and Countermeasures by Markus Jakobsson, Steven Myers Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Educating readers on how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. FORMATHardcover LANGUAGEEnglish CONDITIONBrand New Publisher Description Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Showing you how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. The authors subsequently deliberate on what action the government can take to respond to this situation and compare adequate versus inadequate countermeasures. Back Cover "This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable—each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." —Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Flap "This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable--each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." --Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Author Biography MARKUS JAKOBSSON, PhD, is Associate Professor in the School of Informatics at Indiana University, where he is also Associate Director of the Center for Applied Cybersecurity Research. Dr. Jakobsson is the former editor of RSA CryptoBytes. He is a noted authority on the subject of phishing and is regularly invited to speak on the topic at conferences and workshops. STEVEN MYERS, PhD, is Assistant Professor in the School of Informatics at Indiana University and a member of the University's Center for Applied Cybersecurity Research. Dr. Myers worked on secure email anti-phishing technology at Echoworx Corporation, and has written several papers on cryptography, distributed systems, and probabilistic combinatorics. Table of Contents Preface. Acknowledgements. 1. Introduction to Phishing. 1.1 What is Phishing? 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.1 Phishing Example: America's Credit Unions. 1.4.2 Phishing Example: PayPal. 1.4.3 Making The Lure Convincing. 1.4.4 Setting The Hook. 1.4.5 Making The Hook Convincing. 1.4.6 The Catch. 1.4.7 Take-Down and Related Technologies. 1.5 Evolution of Phishing. 1.6 Case Study: Phishing on Froogle. 1.7 Protecting Users from Phishing. References. 2. Phishing Attacks: Information Flow and Chokepoints. 2.1 Types of Phishing Attacks. 2.1.1 Deceptive Phishing. 2.1.2 Malware-Based Phishing. 2.1.3 DNS-Based Phishing ("Pharming"). 2.1.4 Content-Injection Phishing. 2.1.5 Man-in-the-Middle Phishing. 2.1.6 Search Engine Phishing. 2.2 Technology, Chokepoints and Countermeasures. 2.2.1 Step 0: Preventing a Phishing Attack Before it Begins. 2.2.2 Step 1: Preventing Delivery of Phishing Payload. 2.2.3 Step 2: Preventing or Disrupting a User Action. 2.2.4 Steps 2 and 4: Prevent Navigation and Data Compromise. 2.2.5 Step 3: Preventing Transmission of the Prompt. 2.2.6 Step 4: Preventing Transmission of Confidential Information. 2.2.7 Steps 4 and 6: Preventing Data Entry and Rendering it Useless. 2.2.8 Step 5: Tracing Transmission of Compromised Credentials. 2.2.9 Step 6: Interfering with the Use of Compromised Information. 2.2.10 Step 7: Interfering with the Financial Benefit. References. 3. Spoofing and Countermeasures. 3.1 Email Spoofing. 3.1.1 Filtering. 3.1.2 Whitelisting and Greylisting. 3.1.3 Anti-spam Proposals. 3.1.4 User Education. 3.2 IP Spoofing. 3.2.1 IP Traceback. 3.2.2 IP Spoofing Prevention. 3.2.3 Intradomain Spoofing. 3.3 Homograph Attacks Using Unicode. 3.3.1 Homograph Attacks. 3.3.2 Similar Unicode String Generation. 3.3.3 Methodology of Homograph Attack Detection. 3.4 Simulated Browser Attack. 3.4.1 Using the Illusion. 3.4.2 Web Spoofing. 3.4.3 SSL and Webspoofing. 3.4.4 Ensnaring the User. 3.4.5 SpoofGuard Versus the Simulated Browser Attack. 3.5 Case Study: Warning the User About Active Web Spoofing. References. 4. Pharming and Client Side Attacks. 4.1 Malware. 4.1.1 Viruses and Worms. 4.1.2 Spyware. 4.1.3 Adware. 4.1.4 Browser Hijackers. 4.1.5 Keyloggers. 4.1.6 Trojan Horses. 4.1.7 Rootkits. 4.1.8 Session Hijackers. 4.2 Malware Defense Strategies. 4.2.1 Defense Against Worms and Viruses . 4.2.2 Defense Against Spyware and Keyloggers. 4.2.3 Defending Against Rootkits. 4.3 Pharming. 4.3.1 Overview of DNS. 4.3.2 Role of DNS in Pharming. 4.3.3 Defending Against Pharming. 4.4 Case Study: Pharming with Appliances. 4.4.1 A Different Phishing Strategy. 4.4.2 The Spoof: A Home Pharming Appliance. 4.4.3 Sustainability of Distribution in the Online Marketplace. 4.4.4 Countermeasures. 4.5 Case Study: Race-Pharming. 4.5.1 Technical Description. 4.5.2 Detection and Countermeasures. 4.5.3 Contrast with DNS Pharming. References. 5. Status Quo Security Tools. 5.1 An overview of Anti-Spam Techniques. 5.2 Public Key Cryptography and its Infrastructure. 5, John Wiley & Sons Inc<
the_nile 98.3, Zahlungsarten: Paypal, APPLE_PAY, Google Pay, Visa, Mastercard, American Express, Priority Listing. Versandkosten:Versand zum Fixpreis, [SHT: None], 3*** Melbourne, [TO: Worldwide] (EUR 40.65) Details... |
Phishing y contramedidas: comprender el creciente problema de la electrónica - gebunden oder broschiert
ISBN: 9780471782452
Introduction to Phishing. 1.1 What is Phishing?. 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.3 Making The Lure Convincing. 1.… Mehr…
Introduction to Phishing. 1.1 What is Phishing?. 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.3 Making The Lure Convincing. 1.4.4 Setting The Hook. The Nile on eBay Phishing and Countermeasures by Markus Jakobsson, Steven Myers Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Educating readers on how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. FORMATHardcover LANGUAGEEnglish CONDITIONBrand New Publisher Description Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Showing you how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. The authors subsequently deliberate on what action the government can take to respond to this situation and compare adequate versus inadequate countermeasures. Back Cover "This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable—each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." —Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Flap "This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable--each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." --Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Author Biography MARKUS JAKOBSSON, PhD, is Associate Professor in the School of Informatics at Indiana University, where he is also Associate Director of the Center for Applied Cybersecurity Research. Dr. Jakobsson is the former editor of RSA CryptoBytes. He is a noted authority on the subject of phishing and is regularly invited to speak on the topic at conferences and workshops. STEVEN MYERS, PhD, is Assistant Professor in the School of Informatics at Indiana University and a member of the University's Center for Applied Cybersecurity Research. Dr. Myers worked on secure email anti-phishing technology at Echoworx Corporation, and has written several papers on cryptography, distributed systems, and probabilistic combinatorics. Table of Contents Preface. Acknowledgements. 1. Introduction to Phishing. 1.1 What is Phishing? 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.1 Phishing Example: America's Credit Unions. 1.4.2 Phishing Example: PayPal. 1.4.3 Making The Lure Convincing. 1.4.4 Setting The Hook. 1.4.5 Making The Hook Convincing. 1.4.6 The Catch. 1.4.7 Take-Down and Related Technologies. 1.5 Evolution of Phishing. 1.6 Case Study: Phishing on Froogle. 1.7 Protecting Users from Phishing. References. 2. Phishing Attacks: Information Flow and Chokepoints. 2.1 Types of Phishing Attacks. 2.1.1 Deceptive Phishing. 2.1.2 Malware-Based Phishing. 2.1.3 DNS-Based Phishing ("Pharming"). 2.1.4 Content-Injection Phishing. 2.1.5 Man-in-the-Middle Phishing. 2.1.6 Search Engine Phishing. 2.2 Technology, Chokepoints and Countermeasures. 2.2.1 Step 0: Preventing a Phishing Attack Before it Begins. 2.2.2 Step 1: Preventing Delivery of Phishing Payload. 2.2.3 Step 2: Preventing or Disrupting a User Action. 2.2.4 Steps 2 and 4: Prevent Navigation and Data Compromise. 2.2.5 Step 3: Preventing Transmission of the Prompt. 2.2.6 Step 4: Preventing Transmission of Confidential Information. 2.2.7 Steps 4 and 6: Preventing Data Entry and Rendering it Useless. 2.2.8 Step 5: Tracing Transmission of Compromised Credentials. 2.2.9 Step 6: Interfering with the Use of Compromised Information. 2.2.10 Step 7: Interfering with the Financial Benefit. References. 3. Spoofing and Countermeasures. 3.1 Email Spoofing. 3.1.1 Filtering. 3.1.2 Whitelisting and Greylisting. 3.1.3 Anti-spam Proposals. 3.1.4 User Education. 3.2 IP Spoofing. 3.2.1 IP Traceback. 3.2.2 IP Spoofing Prevention. 3.2.3 Intradomain Spoofing. 3.3 Homograph Attacks Using Unicode. 3.3.1 Homograph Attacks. 3.3.2 Similar Unicode String Generation. 3.3.3 Methodology of Homograph Attack Detection. 3.4 Simulated Browser Attack. 3.4.1 Using the Illusion. 3.4.2 Web Spoofing. 3.4.3 SSL and Webspoofing. 3.4.4 Ensnaring the User. 3.4.5 SpoofGuard Versus the Simulated Browser Attack. 3.5 Case Study: Warning the User About Active Web Spoofing. References. 4. Pharming and Client Side Attacks. 4.1 Malware. 4.1.1 Viruses and Worms. 4.1.2 Spyware. 4.1.3 Adware. 4.1.4 Browser Hijackers. 4.1.5 Keyloggers. 4.1.6 Trojan Horses. 4.1.7 Rootkits. 4.1.8 Session Hijackers. 4.2 Malware Defense Strategies. 4.2.1 Defense Against Worms and Viruses . 4.2.2 Defense Against Spyware and Keyloggers. 4.2.3 Defending Against Rootkits. 4.3 Pharming. 4.3.1 Overview of DNS. 4.3.2 Role of DNS in Pharming. 4.3.3 Defending Against Pharming. 4.4 Case Study: Pharming with Appliances. 4.4.1 A Different Phishing Strategy. 4.4.2 The Spoof: A Home Pharming Appliance. 4.4.3 Sustainability of Distribution in the Online Marketplace. 4.4.4 Countermeasures. 4.5 Case Study: Race-Pharming. 4.5.1 Technical Description., John Wiley & Sons Inc<
the_nile 98.3, Zahlungsarten: Paypal, APPLE_PAY, Google Pay, Visa, Mastercard, American Express, Priority Listing. Versandkosten:Versand zum Fixpreis, [SHT: None], 3*** Melbourne, [TO: Todo el mundo] (EUR 43.50) Details... |
ISBN: 9780471782452
"This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable--each chapter is contributed by an e… Mehr…
"This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable--each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." --Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. "Phishing and Countermeasures" begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Media > Book, [PU: Wiley]<
BetterWorldBooks.com used in stock. Versandkosten:zzgl. Versandkosten. Details... |
2006, ISBN: 0471782459
[EAN: 9780471782452], Neubuch, [PU: Wiley-Interscience], New. In shrink wrap. Looks like an interesting title!, Books
AbeBooks.de BennettBooksLtd, LOS ANGELES, CA, U.S.A. [52101753] [Rating: 4 (von 5)] NEW BOOK. Versandkosten: EUR 40.33 Details... |
Phishing and Countermeasures: Understanding the Increasing Problem of Electronic - gebunden oder broschiert
ISBN: 9780471782452
Introduction to Phishing. 1.1 What is Phishing?. 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.3 Making The Lure Convincing. 1.… Mehr…
Introduction to Phishing. 1.1 What is Phishing?. 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.3 Making The Lure Convincing. 1.4.4 Setting The Hook. The Nile on eBay Phishing and Countermeasures by Markus Jakobsson, Steven Myers Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Educating readers on how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. FORMATHardcover LANGUAGEEnglish CONDITIONBrand New Publisher Description Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Showing you how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. The authors subsequently deliberate on what action the government can take to respond to this situation and compare adequate versus inadequate countermeasures. Back Cover "This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable—each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." —Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Flap "This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable--each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." --Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Author Biography MARKUS JAKOBSSON, PhD, is Associate Professor in the School of Informatics at Indiana University, where he is also Associate Director of the Center for Applied Cybersecurity Research. Dr. Jakobsson is the former editor of RSA CryptoBytes. He is a noted authority on the subject of phishing and is regularly invited to speak on the topic at conferences and workshops. STEVEN MYERS, PhD, is Assistant Professor in the School of Informatics at Indiana University and a member of the University's Center for Applied Cybersecurity Research. Dr. Myers worked on secure email anti-phishing technology at Echoworx Corporation, and has written several papers on cryptography, distributed systems, and probabilistic combinatorics. Table of Contents Preface. Acknowledgements. 1. Introduction to Phishing. 1.1 What is Phishing? 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.1 Phishing Example: America's Credit Unions. 1.4.2 Phishing Example: PayPal. 1.4.3 Making The Lure Convincing. 1.4.4 Setting The Hook. 1.4.5 Making The Hook Convincing. 1.4.6 The Catch. 1.4.7 Take-Down and Related Technologies. 1.5 Evolution of Phishing. 1.6 Case Study: Phishing on Froogle. 1.7 Protecting Users from Phishing. References. 2. Phishing Attacks: Information Flow and Chokepoints. 2.1 Types of Phishing Attacks. 2.1.1 Deceptive Phishing. 2.1.2 Malware-Based Phishing. 2.1.3 DNS-Based Phishing ("Pharming"). 2.1.4 Content-Injection Phishing. 2.1.5 Man-in-the-Middle Phishing. 2.1.6 Search Engine Phishing. 2.2 Technology, Chokepoints and Countermeasures. 2.2.1 Step 0: Preventing a Phishing Attack Before it Begins. 2.2.2 Step 1: Preventing Delivery of Phishing Payload. 2.2.3 Step 2: Preventing or Disrupting a User Action. 2.2.4 Steps 2 and 4: Prevent Navigation and Data Compromise. 2.2.5 Step 3: Preventing Transmission of the Prompt. 2.2.6 Step 4: Preventing Transmission of Confidential Information. 2.2.7 Steps 4 and 6: Preventing Data Entry and Rendering it Useless. 2.2.8 Step 5: Tracing Transmission of Compromised Credentials. 2.2.9 Step 6: Interfering with the Use of Compromised Information. 2.2.10 Step 7: Interfering with the Financial Benefit. References. 3. Spoofing and Countermeasures. 3.1 Email Spoofing. 3.1.1 Filtering. 3.1.2 Whitelisting and Greylisting. 3.1.3 Anti-spam Proposals. 3.1.4 User Education. 3.2 IP Spoofing. 3.2.1 IP Traceback. 3.2.2 IP Spoofing Prevention. 3.2.3 Intradomain Spoofing. 3.3 Homograph Attacks Using Unicode. 3.3.1 Homograph Attacks. 3.3.2 Similar Unicode String Generation. 3.3.3 Methodology of Homograph Attack Detection. 3.4 Simulated Browser Attack. 3.4.1 Using the Illusion. 3.4.2 Web Spoofing. 3.4.3 SSL and Webspoofing. 3.4.4 Ensnaring the User. 3.4.5 SpoofGuard Versus the Simulated Browser Attack. 3.5 Case Study: Warning the User About Active Web Spoofing. References. 4. Pharming and Client Side Attacks. 4.1 Malware. 4.1.1 Viruses and Worms. 4.1.2 Spyware. 4.1.3 Adware. 4.1.4 Browser Hijackers. 4.1.5 Keyloggers. 4.1.6 Trojan Horses. 4.1.7 Rootkits. 4.1.8 Session Hijackers. 4.2 Malware Defense Strategies. 4.2.1 Defense Against Worms and Viruses . 4.2.2 Defense Against Spyware and Keyloggers. 4.2.3 Defending Against Rootkits. 4.3 Pharming. 4.3.1 Overview of DNS. 4.3.2 Role of DNS in Pharming. 4.3.3 Defending Against Pharming. 4.4 Case Study: Pharming with Appliances. 4.4.1 A Different Phishing Strategy. 4.4.2 The Spoof: A Home Pharming Appliance. 4.4.3 Sustainability of Distribution in the Online Marketplace. 4.4.4 Countermeasures. 4.5 Case Study: Race-Pharming. 4.5.1 Technical Description., John Wiley & Sons Inc<
Steven Myers, Markus Jakobsson:
Phishing and Countermeasures: Understanding the Increasing Problem of Electronic - gebunden oder broschiertISBN: 9780471782452
The Nile on eBay Phishing and Countermeasures by Markus Jakobsson, Steven Myers Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective cou… Mehr…
The Nile on eBay Phishing and Countermeasures by Markus Jakobsson, Steven Myers Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Educating readers on how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. FORMATHardcover LANGUAGEEnglish CONDITIONBrand New Publisher Description Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Showing you how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. The authors subsequently deliberate on what action the government can take to respond to this situation and compare adequate versus inadequate countermeasures. Back Cover "This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable—each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." —Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Flap "This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable--each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." --Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Author Biography MARKUS JAKOBSSON, PhD, is Associate Professor in the School of Informatics at Indiana University, where he is also Associate Director of the Center for Applied Cybersecurity Research. Dr. Jakobsson is the former editor of RSA CryptoBytes. He is a noted authority on the subject of phishing and is regularly invited to speak on the topic at conferences and workshops. STEVEN MYERS, PhD, is Assistant Professor in the School of Informatics at Indiana University and a member of the University's Center for Applied Cybersecurity Research. Dr. Myers worked on secure email anti-phishing technology at Echoworx Corporation, and has written several papers on cryptography, distributed systems, and probabilistic combinatorics. Table of Contents Preface. Acknowledgements. 1. Introduction to Phishing. 1.1 What is Phishing? 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.1 Phishing Example: America's Credit Unions. 1.4.2 Phishing Example: PayPal. 1.4.3 Making The Lure Convincing. 1.4.4 Setting The Hook. 1.4.5 Making The Hook Convincing. 1.4.6 The Catch. 1.4.7 Take-Down and Related Technologies. 1.5 Evolution of Phishing. 1.6 Case Study: Phishing on Froogle. 1.7 Protecting Users from Phishing. References. 2. Phishing Attacks: Information Flow and Chokepoints. 2.1 Types of Phishing Attacks. 2.1.1 Deceptive Phishing. 2.1.2 Malware-Based Phishing. 2.1.3 DNS-Based Phishing ("Pharming"). 2.1.4 Content-Injection Phishing. 2.1.5 Man-in-the-Middle Phishing. 2.1.6 Search Engine Phishing. 2.2 Technology, Chokepoints and Countermeasures. 2.2.1 Step 0: Preventing a Phishing Attack Before it Begins. 2.2.2 Step 1: Preventing Delivery of Phishing Payload. 2.2.3 Step 2: Preventing or Disrupting a User Action. 2.2.4 Steps 2 and 4: Prevent Navigation and Data Compromise. 2.2.5 Step 3: Preventing Transmission of the Prompt. 2.2.6 Step 4: Preventing Transmission of Confidential Information. 2.2.7 Steps 4 and 6: Preventing Data Entry and Rendering it Useless. 2.2.8 Step 5: Tracing Transmission of Compromised Credentials. 2.2.9 Step 6: Interfering with the Use of Compromised Information. 2.2.10 Step 7: Interfering with the Financial Benefit. References. 3. Spoofing and Countermeasures. 3.1 Email Spoofing. 3.1.1 Filtering. 3.1.2 Whitelisting and Greylisting. 3.1.3 Anti-spam Proposals. 3.1.4 User Education. 3.2 IP Spoofing. 3.2.1 IP Traceback. 3.2.2 IP Spoofing Prevention. 3.2.3 Intradomain Spoofing. 3.3 Homograph Attacks Using Unicode. 3.3.1 Homograph Attacks. 3.3.2 Similar Unicode String Generation. 3.3.3 Methodology of Homograph Attack Detection. 3.4 Simulated Browser Attack. 3.4.1 Using the Illusion. 3.4.2 Web Spoofing. 3.4.3 SSL and Webspoofing. 3.4.4 Ensnaring the User. 3.4.5 SpoofGuard Versus the Simulated Browser Attack. 3.5 Case Study: Warning the User About Active Web Spoofing. References. 4. Pharming and Client Side Attacks. 4.1 Malware. 4.1.1 Viruses and Worms. 4.1.2 Spyware. 4.1.3 Adware. 4.1.4 Browser Hijackers. 4.1.5 Keyloggers. 4.1.6 Trojan Horses. 4.1.7 Rootkits. 4.1.8 Session Hijackers. 4.2 Malware Defense Strategies. 4.2.1 Defense Against Worms and Viruses . 4.2.2 Defense Against Spyware and Keyloggers. 4.2.3 Defending Against Rootkits. 4.3 Pharming. 4.3.1 Overview of DNS. 4.3.2 Role of DNS in Pharming. 4.3.3 Defending Against Pharming. 4.4 Case Study: Pharming with Appliances. 4.4.1 A Different Phishing Strategy. 4.4.2 The Spoof: A Home Pharming Appliance. 4.4.3 Sustainability of Distribution in the Online Marketplace. 4.4.4 Countermeasures. 4.5 Case Study: Race-Pharming. 4.5.1 Technical Description. 4.5.2 Detection and Countermeasures. 4.5.3 Contrast with DNS Pharming. References. 5. Status Quo Security Tools. 5.1 An overview of Anti-Spam Techniques. 5.2 Public Key Cryptography and its Infrastructure. 5, John Wiley & Sons Inc<
Phishing y contramedidas: comprender el creciente problema de la electrónica - gebunden oder broschiert
ISBN: 9780471782452
Introduction to Phishing. 1.1 What is Phishing?. 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.3 Making The Lure Convincing. 1.… Mehr…
Introduction to Phishing. 1.1 What is Phishing?. 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.3 Making The Lure Convincing. 1.4.4 Setting The Hook. The Nile on eBay Phishing and Countermeasures by Markus Jakobsson, Steven Myers Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Educating readers on how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. FORMATHardcover LANGUAGEEnglish CONDITIONBrand New Publisher Description Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Showing you how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. The authors subsequently deliberate on what action the government can take to respond to this situation and compare adequate versus inadequate countermeasures. Back Cover "This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable—each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." —Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Flap "This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable--each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." --Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. Phishing and Countermeasures begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Author Biography MARKUS JAKOBSSON, PhD, is Associate Professor in the School of Informatics at Indiana University, where he is also Associate Director of the Center for Applied Cybersecurity Research. Dr. Jakobsson is the former editor of RSA CryptoBytes. He is a noted authority on the subject of phishing and is regularly invited to speak on the topic at conferences and workshops. STEVEN MYERS, PhD, is Assistant Professor in the School of Informatics at Indiana University and a member of the University's Center for Applied Cybersecurity Research. Dr. Myers worked on secure email anti-phishing technology at Echoworx Corporation, and has written several papers on cryptography, distributed systems, and probabilistic combinatorics. Table of Contents Preface. Acknowledgements. 1. Introduction to Phishing. 1.1 What is Phishing? 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.1 Phishing Example: America's Credit Unions. 1.4.2 Phishing Example: PayPal. 1.4.3 Making The Lure Convincing. 1.4.4 Setting The Hook. 1.4.5 Making The Hook Convincing. 1.4.6 The Catch. 1.4.7 Take-Down and Related Technologies. 1.5 Evolution of Phishing. 1.6 Case Study: Phishing on Froogle. 1.7 Protecting Users from Phishing. References. 2. Phishing Attacks: Information Flow and Chokepoints. 2.1 Types of Phishing Attacks. 2.1.1 Deceptive Phishing. 2.1.2 Malware-Based Phishing. 2.1.3 DNS-Based Phishing ("Pharming"). 2.1.4 Content-Injection Phishing. 2.1.5 Man-in-the-Middle Phishing. 2.1.6 Search Engine Phishing. 2.2 Technology, Chokepoints and Countermeasures. 2.2.1 Step 0: Preventing a Phishing Attack Before it Begins. 2.2.2 Step 1: Preventing Delivery of Phishing Payload. 2.2.3 Step 2: Preventing or Disrupting a User Action. 2.2.4 Steps 2 and 4: Prevent Navigation and Data Compromise. 2.2.5 Step 3: Preventing Transmission of the Prompt. 2.2.6 Step 4: Preventing Transmission of Confidential Information. 2.2.7 Steps 4 and 6: Preventing Data Entry and Rendering it Useless. 2.2.8 Step 5: Tracing Transmission of Compromised Credentials. 2.2.9 Step 6: Interfering with the Use of Compromised Information. 2.2.10 Step 7: Interfering with the Financial Benefit. References. 3. Spoofing and Countermeasures. 3.1 Email Spoofing. 3.1.1 Filtering. 3.1.2 Whitelisting and Greylisting. 3.1.3 Anti-spam Proposals. 3.1.4 User Education. 3.2 IP Spoofing. 3.2.1 IP Traceback. 3.2.2 IP Spoofing Prevention. 3.2.3 Intradomain Spoofing. 3.3 Homograph Attacks Using Unicode. 3.3.1 Homograph Attacks. 3.3.2 Similar Unicode String Generation. 3.3.3 Methodology of Homograph Attack Detection. 3.4 Simulated Browser Attack. 3.4.1 Using the Illusion. 3.4.2 Web Spoofing. 3.4.3 SSL and Webspoofing. 3.4.4 Ensnaring the User. 3.4.5 SpoofGuard Versus the Simulated Browser Attack. 3.5 Case Study: Warning the User About Active Web Spoofing. References. 4. Pharming and Client Side Attacks. 4.1 Malware. 4.1.1 Viruses and Worms. 4.1.2 Spyware. 4.1.3 Adware. 4.1.4 Browser Hijackers. 4.1.5 Keyloggers. 4.1.6 Trojan Horses. 4.1.7 Rootkits. 4.1.8 Session Hijackers. 4.2 Malware Defense Strategies. 4.2.1 Defense Against Worms and Viruses . 4.2.2 Defense Against Spyware and Keyloggers. 4.2.3 Defending Against Rootkits. 4.3 Pharming. 4.3.1 Overview of DNS. 4.3.2 Role of DNS in Pharming. 4.3.3 Defending Against Pharming. 4.4 Case Study: Pharming with Appliances. 4.4.1 A Different Phishing Strategy. 4.4.2 The Spoof: A Home Pharming Appliance. 4.4.3 Sustainability of Distribution in the Online Marketplace. 4.4.4 Countermeasures. 4.5 Case Study: Race-Pharming. 4.5.1 Technical Description., John Wiley & Sons Inc<
ISBN: 9780471782452
"This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable--each chapter is contributed by an e… Mehr…
"This book is the encyclopedia of phishing. It provides views from the payment, human, and technical perspectives. The material is remarkably readable--each chapter is contributed by an expert on that topic, but none require specialized background on the part of the reader. The text will be useful for any professional who seeks to understand phishing." --Directors of the International Financial Cryptography Association (IFCA) Phishing attacks, or the practice of deceiving people into revealing sensitive data on a computer system, continue to mount. Here is the information you need to understand how phishing works, how to detect it, and how to prevent it. "Phishing and Countermeasures" begins with a technical introduction to the problem, setting forth the tools and techniques that phishers use, along with current security technology and countermeasures that are used to thwart them. Readers are not only introduced to current techniques of phishing, but also to emerging and future threats and the countermeasures that will be needed to stop them. The potential and limitations of all countermeasures presented in the text are explored in detail. In spite of the fact that phishing attacks constantly evolve, much of the material in this book will remain valid, given that the book covers the general principles as much as actual instances of phishing. While delving into a myriad of countermeasures and defense strategies, the authors also focus on the role of the user in preventing phishing attacks. The authors assert that countermeasures often fail not for technical reasons, but rather because users are unable or unwilling to use them. In response, the authors present a number of countermeasures that are simple for users to implement, or that can be activated without a user's direct participation. Moreover, the authors propose strategies for educating users. The text concludes with a discussion of how researchers and security professionals can ethically and legally perform phishing experiments to test the effectiveness of their defense strategies against the strength of current and future attacks. Each chapter of the book features an extensive bibliography to help readers explore individual topics in greater depth. With phishing becoming an ever-growing threat, the strategies presented in this text are vital for technical managers, engineers, and security professionals tasked with protecting users from unwittingly giving out sensitive data. It is also recommended as a textbook for students in computer science and informatics. Media > Book, [PU: Wiley]<
2006, ISBN: 0471782459
[EAN: 9780471782452], Neubuch, [PU: Wiley-Interscience], New. In shrink wrap. Looks like an interesting title!, Books
Es werden 140 Ergebnisse angezeigt. Vielleicht möchten Sie Ihre Suchkriterien verfeinern, Filter aktivieren oder die Sortierreihenfolge ändern.
Bibliographische Daten des bestpassenden Buches
Autor: | |
Titel: | |
ISBN-Nummer: |
Detailangaben zum Buch - Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft
EAN (ISBN-13): 9780471782452
ISBN (ISBN-10): 0471782459
Gebundene Ausgabe
Taschenbuch
Erscheinungsjahr: 2006
Herausgeber: Wiley-Interscience
700 Seiten
Gewicht: 1,157 kg
Sprache: eng/Englisch
Buch in der Datenbank seit 2007-06-05T15:25:33+02:00 (Vienna)
Detailseite zuletzt geändert am 2024-03-13T16:42:25+01:00 (Vienna)
ISBN/EAN: 0471782459
ISBN - alternative Schreibweisen:
0-471-78245-9, 978-0-471-78245-2
Alternative Schreibweisen und verwandte Suchbegriffe:
Autor des Buches: markus lüpertz, jakobs, john myers, markus jakob
Titel des Buches: phishing and countermeasures, markus lüpertz, understanding identity, theft, problem sin, phish, measure understanding, the problem identity
Weitere, andere Bücher, die diesem Buch sehr ähnlich sein könnten:
Neuestes ähnliches Buch:
9780470086100 Phishing and Countermeasures Understanding the Increasing Problem of Electronic Identity Theft (Jakobsson, Markus; Myers, Steven)
< zum Archiv...