Phishing and Countermeasures (eBook, PDF)
Understanding the Increasing Problem of Electronic Identity Theft
Schade – dieser Artikel ist leider ausverkauft. Sobald wir wissen, ob und wann der Artikel wieder verfügbar ist, informieren wir Sie an dieser Stelle.
Phishing and Countermeasures (eBook, PDF)
Understanding the Increasing Problem of Electronic Identity Theft
- Format: PDF
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
Bitte loggen Sie sich zunächst in Ihr Kundenkonto ein oder registrieren Sie sich bei
bücher.de, um das eBook-Abo tolino select nutzen zu können.
Hier können Sie sich einloggen
Hier können Sie sich einloggen
Sie sind bereits eingeloggt. Klicken Sie auf 2. tolino select Abo, um fortzufahren.
Bitte loggen Sie sich zunächst in Ihr Kundenkonto ein oder registrieren Sie sich bei bücher.de, um das eBook-Abo tolino select nutzen zu können.
Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Showing you how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. The authors subsequently deliberate on what action the government can take to respond to this situation and compare adequate versus inadequate countermeasures.
- Geräte: PC
- eBook Hilfe
Phishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Showing you how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers. The authors subsequently deliberate on what action the government can take to respond to this situation and compare adequate versus inadequate countermeasures.
Produktdetails
- Produktdetails
- Verlag: John Wiley & Sons
- Seitenzahl: 740
- Erscheinungstermin: 20. August 2007
- Englisch
- ISBN-13: 9780470086094
- Artikelnr.: 37290515
- Verlag: John Wiley & Sons
- Seitenzahl: 740
- Erscheinungstermin: 20. August 2007
- Englisch
- ISBN-13: 9780470086094
- Artikelnr.: 37290515
MARKUS JAKOBSSON, PhD, is Associate Professor in the School of Informatics at Indiana University, where he is also Associate Director of the Center for Applied Cybersecurity Research. Dr. Jakobsson is the former editor of RSA CryptoBytes. He is a noted authority on the subject of phishing and is regularly invited to speak on the topic at conferences and workshops. STEVEN MYERS, PhD, is Assistant Professor in the School of Informatics at Indiana University and a member of the University's Center for Applied Cybersecurity Research. Dr. Myers worked on secure email anti-phishing technology at Echoworx Corporation, and has written several papers on cryptography, distributed systems, and probabilistic combinatorics.
Preface. Acknowledgements. 1. Introduction to Phishing. 1.1 What is
Phishing? 1.2 A Brief History of Phishing. 1.3 The Costs to Society of
Phishing. 1.4 A Typical Phishing Attack. 1.5 Evolution of Phishing. 1.6
Case Study: Phishing on Froogle. 1.7 Protecting Users from Phishing.
References. 2. Phishing Attacks: Information Flow and Chokepoints. 2.1
Types of Phishing Attacks. 2.2 Technology, Chokepoints and Countermeasures.
References. 3. Spoofing and Countermeasures. 3.1 Email Spoofing. 3.2 IP
Spoofing. 3.3 Homograph Attacks Using Unicode. 3.4 Simulated Browser
Attack. 3.5 Case Study: Warning the User About Active Web Spoofing.
References. 4. Pharming and Client Side Attacks. 4.1 Malware. 4.2 Malware
Defense Strategies. 4.3 Pharming. 4.4 Case Study: Pharming with Appliances.
4.5 Case Study: Race-Pharming. References. 5. Status Quo Security Tools.
5.1 An overview of Anti-Spam Techniques. 5.2 Public Key Cryptography and
its Infrastructure. 5.3 SSL Without a PKI. 5.4 Honeypots. References. 6.
Adding Context to Phishing Attacks: Spear Phishing. 6.1 Overview of Context
Aware Phishing. 6.2 Modeling Phishing Attacks. 6.3 Case Study: Automated
Trawling for Public Private Data. 6.4 Case Study: Using Your Social Network
Against You. 6.5 Case Study: Browser Recon Attacks. 6.6 Case Study: Using
the Autofill feature in Phishing. 6.7 Case Study: Acoustic Keyboard
Emanations. References. 7. Human-Centered Design Considerations. 7.1
Introduction: The Human Context of Phishing and Online Security. 7.2
Understanding and Designing for Users. 7.3 Mis-Education. References. 8.
Passwords. 8.1 Traditional Passwords. 8.2 Case Study: Phishing in Germany.
8.3 Security Questions as Password Reset Mechanisms. 8.4 One-Time Password
Tokens. References. 9. Mutual Authentication and Trusted Pathways. 9.1 The
Need for Reliable Mutual Authentication. 9.2 Password Authenticated Key
Exchange. 9.3 Delayed Password Disclosure. 9.4 Trusted Path: How To Find
Trust in an Unscrupulous World. 9.5 Dynamic Security Skins. 9.6 Browser
Enhancements for Preventing Phishing. References. 10. Biometrics and
Authentication. 10.1 Biometrics. 10.2 Hardware Tokens for Authentication
and Authorization. 10.3 Trusted Computing Platforms and Secure Operating
Systems. 10.4 Secure Dongles and PDAs. 10.5 Cookies for Authentication.
10.6 Lightweight Email Signatures. References. 11. Making Takedown
Difficult. 11.1 Detection and Takedown. References. 12. Protecting Browser
State. 12.1 Client-Side Protection of Browser State. 12.2 Server-Side
Protection of Browser State. References. 13. Browser Toolbars. 13.1
Browser-Based Anti-Phishing Tools. 13.2 Do Browser Toolbars Actually
Prevent Phishing? References. 14. Social Networks. 14.1 The Role of Trust
Online. 14.2 Existing Solutions for Securing Trust Online. 14.3 Case Study:
"Net Trust". 14.4 The Risk of Social Networks. References. 15. Microsoft's
Anti-Phishing Technologies and Tactics. 15.1 Cutting The Bait: SmartScreen
Detection of Email Spam and Scams. 15.2 Cutting The Hook: Dynamic
Protection Within the Web Browser. 15.3 Prescriptive Guidance and Education
for Users. 15.4 Ongoing Collaboration, Education and Innovation.
References. 16. Using S/MIME. 16.1 Secure Electronic Mail: A Brief History.
16.2 Amazon.com's Experience with S/MIME. 16.3 Signatures Without Sealing.
16.4 Conclusions and Recommendations. References. 17. Experimental
evaluation of attacks and countermeasures. 17.1 Behavioral Studies. 17.2
Case Study: Attacking eBay Users with Queries. 17.3 Case Study: Signed
Applets. 17.4 Case Study: Ethically Studying Man in the Middle. 17.5 Legal
Considerations in Phishing Research. 17.6 Case Study: Designing and
Conducting Phishing Experiments. References. 18. Liability for Phishing.
18.1 Impersonation. 18.2 Obtaining Personal Information. 18.3 Exploiting
Personal Information. References. 19. The Future. Index. About the Editors.
Phishing? 1.2 A Brief History of Phishing. 1.3 The Costs to Society of
Phishing. 1.4 A Typical Phishing Attack. 1.5 Evolution of Phishing. 1.6
Case Study: Phishing on Froogle. 1.7 Protecting Users from Phishing.
References. 2. Phishing Attacks: Information Flow and Chokepoints. 2.1
Types of Phishing Attacks. 2.2 Technology, Chokepoints and Countermeasures.
References. 3. Spoofing and Countermeasures. 3.1 Email Spoofing. 3.2 IP
Spoofing. 3.3 Homograph Attacks Using Unicode. 3.4 Simulated Browser
Attack. 3.5 Case Study: Warning the User About Active Web Spoofing.
References. 4. Pharming and Client Side Attacks. 4.1 Malware. 4.2 Malware
Defense Strategies. 4.3 Pharming. 4.4 Case Study: Pharming with Appliances.
4.5 Case Study: Race-Pharming. References. 5. Status Quo Security Tools.
5.1 An overview of Anti-Spam Techniques. 5.2 Public Key Cryptography and
its Infrastructure. 5.3 SSL Without a PKI. 5.4 Honeypots. References. 6.
Adding Context to Phishing Attacks: Spear Phishing. 6.1 Overview of Context
Aware Phishing. 6.2 Modeling Phishing Attacks. 6.3 Case Study: Automated
Trawling for Public Private Data. 6.4 Case Study: Using Your Social Network
Against You. 6.5 Case Study: Browser Recon Attacks. 6.6 Case Study: Using
the Autofill feature in Phishing. 6.7 Case Study: Acoustic Keyboard
Emanations. References. 7. Human-Centered Design Considerations. 7.1
Introduction: The Human Context of Phishing and Online Security. 7.2
Understanding and Designing for Users. 7.3 Mis-Education. References. 8.
Passwords. 8.1 Traditional Passwords. 8.2 Case Study: Phishing in Germany.
8.3 Security Questions as Password Reset Mechanisms. 8.4 One-Time Password
Tokens. References. 9. Mutual Authentication and Trusted Pathways. 9.1 The
Need for Reliable Mutual Authentication. 9.2 Password Authenticated Key
Exchange. 9.3 Delayed Password Disclosure. 9.4 Trusted Path: How To Find
Trust in an Unscrupulous World. 9.5 Dynamic Security Skins. 9.6 Browser
Enhancements for Preventing Phishing. References. 10. Biometrics and
Authentication. 10.1 Biometrics. 10.2 Hardware Tokens for Authentication
and Authorization. 10.3 Trusted Computing Platforms and Secure Operating
Systems. 10.4 Secure Dongles and PDAs. 10.5 Cookies for Authentication.
10.6 Lightweight Email Signatures. References. 11. Making Takedown
Difficult. 11.1 Detection and Takedown. References. 12. Protecting Browser
State. 12.1 Client-Side Protection of Browser State. 12.2 Server-Side
Protection of Browser State. References. 13. Browser Toolbars. 13.1
Browser-Based Anti-Phishing Tools. 13.2 Do Browser Toolbars Actually
Prevent Phishing? References. 14. Social Networks. 14.1 The Role of Trust
Online. 14.2 Existing Solutions for Securing Trust Online. 14.3 Case Study:
"Net Trust". 14.4 The Risk of Social Networks. References. 15. Microsoft's
Anti-Phishing Technologies and Tactics. 15.1 Cutting The Bait: SmartScreen
Detection of Email Spam and Scams. 15.2 Cutting The Hook: Dynamic
Protection Within the Web Browser. 15.3 Prescriptive Guidance and Education
for Users. 15.4 Ongoing Collaboration, Education and Innovation.
References. 16. Using S/MIME. 16.1 Secure Electronic Mail: A Brief History.
16.2 Amazon.com's Experience with S/MIME. 16.3 Signatures Without Sealing.
16.4 Conclusions and Recommendations. References. 17. Experimental
evaluation of attacks and countermeasures. 17.1 Behavioral Studies. 17.2
Case Study: Attacking eBay Users with Queries. 17.3 Case Study: Signed
Applets. 17.4 Case Study: Ethically Studying Man in the Middle. 17.5 Legal
Considerations in Phishing Research. 17.6 Case Study: Designing and
Conducting Phishing Experiments. References. 18. Liability for Phishing.
18.1 Impersonation. 18.2 Obtaining Personal Information. 18.3 Exploiting
Personal Information. References. 19. The Future. Index. About the Editors.
Preface. Acknowledgements. 1. Introduction to Phishing. 1.1 What is
Phishing? 1.2 A Brief History of Phishing. 1.3 The Costs to Society of
Phishing. 1.4 A Typical Phishing Attack. 1.5 Evolution of Phishing. 1.6
Case Study: Phishing on Froogle. 1.7 Protecting Users from Phishing.
References. 2. Phishing Attacks: Information Flow and Chokepoints. 2.1
Types of Phishing Attacks. 2.2 Technology, Chokepoints and Countermeasures.
References. 3. Spoofing and Countermeasures. 3.1 Email Spoofing. 3.2 IP
Spoofing. 3.3 Homograph Attacks Using Unicode. 3.4 Simulated Browser
Attack. 3.5 Case Study: Warning the User About Active Web Spoofing.
References. 4. Pharming and Client Side Attacks. 4.1 Malware. 4.2 Malware
Defense Strategies. 4.3 Pharming. 4.4 Case Study: Pharming with Appliances.
4.5 Case Study: Race-Pharming. References. 5. Status Quo Security Tools.
5.1 An overview of Anti-Spam Techniques. 5.2 Public Key Cryptography and
its Infrastructure. 5.3 SSL Without a PKI. 5.4 Honeypots. References. 6.
Adding Context to Phishing Attacks: Spear Phishing. 6.1 Overview of Context
Aware Phishing. 6.2 Modeling Phishing Attacks. 6.3 Case Study: Automated
Trawling for Public Private Data. 6.4 Case Study: Using Your Social Network
Against You. 6.5 Case Study: Browser Recon Attacks. 6.6 Case Study: Using
the Autofill feature in Phishing. 6.7 Case Study: Acoustic Keyboard
Emanations. References. 7. Human-Centered Design Considerations. 7.1
Introduction: The Human Context of Phishing and Online Security. 7.2
Understanding and Designing for Users. 7.3 Mis-Education. References. 8.
Passwords. 8.1 Traditional Passwords. 8.2 Case Study: Phishing in Germany.
8.3 Security Questions as Password Reset Mechanisms. 8.4 One-Time Password
Tokens. References. 9. Mutual Authentication and Trusted Pathways. 9.1 The
Need for Reliable Mutual Authentication. 9.2 Password Authenticated Key
Exchange. 9.3 Delayed Password Disclosure. 9.4 Trusted Path: How To Find
Trust in an Unscrupulous World. 9.5 Dynamic Security Skins. 9.6 Browser
Enhancements for Preventing Phishing. References. 10. Biometrics and
Authentication. 10.1 Biometrics. 10.2 Hardware Tokens for Authentication
and Authorization. 10.3 Trusted Computing Platforms and Secure Operating
Systems. 10.4 Secure Dongles and PDAs. 10.5 Cookies for Authentication.
10.6 Lightweight Email Signatures. References. 11. Making Takedown
Difficult. 11.1 Detection and Takedown. References. 12. Protecting Browser
State. 12.1 Client-Side Protection of Browser State. 12.2 Server-Side
Protection of Browser State. References. 13. Browser Toolbars. 13.1
Browser-Based Anti-Phishing Tools. 13.2 Do Browser Toolbars Actually
Prevent Phishing? References. 14. Social Networks. 14.1 The Role of Trust
Online. 14.2 Existing Solutions for Securing Trust Online. 14.3 Case Study:
"Net Trust". 14.4 The Risk of Social Networks. References. 15. Microsoft's
Anti-Phishing Technologies and Tactics. 15.1 Cutting The Bait: SmartScreen
Detection of Email Spam and Scams. 15.2 Cutting The Hook: Dynamic
Protection Within the Web Browser. 15.3 Prescriptive Guidance and Education
for Users. 15.4 Ongoing Collaboration, Education and Innovation.
References. 16. Using S/MIME. 16.1 Secure Electronic Mail: A Brief History.
16.2 Amazon.com's Experience with S/MIME. 16.3 Signatures Without Sealing.
16.4 Conclusions and Recommendations. References. 17. Experimental
evaluation of attacks and countermeasures. 17.1 Behavioral Studies. 17.2
Case Study: Attacking eBay Users with Queries. 17.3 Case Study: Signed
Applets. 17.4 Case Study: Ethically Studying Man in the Middle. 17.5 Legal
Considerations in Phishing Research. 17.6 Case Study: Designing and
Conducting Phishing Experiments. References. 18. Liability for Phishing.
18.1 Impersonation. 18.2 Obtaining Personal Information. 18.3 Exploiting
Personal Information. References. 19. The Future. Index. About the Editors.
Phishing? 1.2 A Brief History of Phishing. 1.3 The Costs to Society of
Phishing. 1.4 A Typical Phishing Attack. 1.5 Evolution of Phishing. 1.6
Case Study: Phishing on Froogle. 1.7 Protecting Users from Phishing.
References. 2. Phishing Attacks: Information Flow and Chokepoints. 2.1
Types of Phishing Attacks. 2.2 Technology, Chokepoints and Countermeasures.
References. 3. Spoofing and Countermeasures. 3.1 Email Spoofing. 3.2 IP
Spoofing. 3.3 Homograph Attacks Using Unicode. 3.4 Simulated Browser
Attack. 3.5 Case Study: Warning the User About Active Web Spoofing.
References. 4. Pharming and Client Side Attacks. 4.1 Malware. 4.2 Malware
Defense Strategies. 4.3 Pharming. 4.4 Case Study: Pharming with Appliances.
4.5 Case Study: Race-Pharming. References. 5. Status Quo Security Tools.
5.1 An overview of Anti-Spam Techniques. 5.2 Public Key Cryptography and
its Infrastructure. 5.3 SSL Without a PKI. 5.4 Honeypots. References. 6.
Adding Context to Phishing Attacks: Spear Phishing. 6.1 Overview of Context
Aware Phishing. 6.2 Modeling Phishing Attacks. 6.3 Case Study: Automated
Trawling for Public Private Data. 6.4 Case Study: Using Your Social Network
Against You. 6.5 Case Study: Browser Recon Attacks. 6.6 Case Study: Using
the Autofill feature in Phishing. 6.7 Case Study: Acoustic Keyboard
Emanations. References. 7. Human-Centered Design Considerations. 7.1
Introduction: The Human Context of Phishing and Online Security. 7.2
Understanding and Designing for Users. 7.3 Mis-Education. References. 8.
Passwords. 8.1 Traditional Passwords. 8.2 Case Study: Phishing in Germany.
8.3 Security Questions as Password Reset Mechanisms. 8.4 One-Time Password
Tokens. References. 9. Mutual Authentication and Trusted Pathways. 9.1 The
Need for Reliable Mutual Authentication. 9.2 Password Authenticated Key
Exchange. 9.3 Delayed Password Disclosure. 9.4 Trusted Path: How To Find
Trust in an Unscrupulous World. 9.5 Dynamic Security Skins. 9.6 Browser
Enhancements for Preventing Phishing. References. 10. Biometrics and
Authentication. 10.1 Biometrics. 10.2 Hardware Tokens for Authentication
and Authorization. 10.3 Trusted Computing Platforms and Secure Operating
Systems. 10.4 Secure Dongles and PDAs. 10.5 Cookies for Authentication.
10.6 Lightweight Email Signatures. References. 11. Making Takedown
Difficult. 11.1 Detection and Takedown. References. 12. Protecting Browser
State. 12.1 Client-Side Protection of Browser State. 12.2 Server-Side
Protection of Browser State. References. 13. Browser Toolbars. 13.1
Browser-Based Anti-Phishing Tools. 13.2 Do Browser Toolbars Actually
Prevent Phishing? References. 14. Social Networks. 14.1 The Role of Trust
Online. 14.2 Existing Solutions for Securing Trust Online. 14.3 Case Study:
"Net Trust". 14.4 The Risk of Social Networks. References. 15. Microsoft's
Anti-Phishing Technologies and Tactics. 15.1 Cutting The Bait: SmartScreen
Detection of Email Spam and Scams. 15.2 Cutting The Hook: Dynamic
Protection Within the Web Browser. 15.3 Prescriptive Guidance and Education
for Users. 15.4 Ongoing Collaboration, Education and Innovation.
References. 16. Using S/MIME. 16.1 Secure Electronic Mail: A Brief History.
16.2 Amazon.com's Experience with S/MIME. 16.3 Signatures Without Sealing.
16.4 Conclusions and Recommendations. References. 17. Experimental
evaluation of attacks and countermeasures. 17.1 Behavioral Studies. 17.2
Case Study: Attacking eBay Users with Queries. 17.3 Case Study: Signed
Applets. 17.4 Case Study: Ethically Studying Man in the Middle. 17.5 Legal
Considerations in Phishing Research. 17.6 Case Study: Designing and
Conducting Phishing Experiments. References. 18. Liability for Phishing.
18.1 Impersonation. 18.2 Obtaining Personal Information. 18.3 Exploiting
Personal Information. References. 19. The Future. Index. About the Editors.