信息安全专业科技英语PDF电子书下载

Chapter 1　Hacker Attack Technology 1

1.1 Definition and Classification of Attack 1

1.1.1 Definition of Hacker 1

1.1.2 Definition of Attack 2

1.1.3 Classification of Attack 2

1.2 The Process or Methodology Hackers Use to Attack 3

1.2.1 Performing Reconnaissance 3

1.2.2 Scanning and Enumeration 4

1.2.3 Gaining Access 5

1.2.4 Escalation of Privilege 5

1.2.5 Maintaining Access 6

1.2.6 Covering Tracks and Placing Backdoors 6

1.3 The Methods and Ways of Attack 7

1.3.1 Network Scanning 7

1.3.2 Password Cracking Attack 12

1.3.3 IP Spoofing Attack 18

1.3.4 The Buffer Overflow Attack 20

1.3.5 DoS Attack 24

1.3.6 SQL Injection Attack 30

1.3.7 Trojan Horse Attack 32

1.3.8 Social Engineering 34

Chapter 2 Cryptography 41

2.1 Cryptography Introduction 41

2.1.1 Terminology 41

2.1.2 History of Cryptography and Cryptanalysis 43

2.1.3 Modern Cryptography 47

2.1.4 Legal Issues Involving Cryptography 54

2.2 Substitution Cryptography 56

2.2.1 Simple Substitution 57

2.2.2 Homophonic Substitution 59

2.2.3 Polyalphabetic Substitution 60

2.2.4 Polygraphic Substitution 61

2.2.5 Mechanical Substitution Ciphers 63

2.2.6 The One-time Pad 63

2.2.7 Substitution in Modern Cryptography 64

2.3 Symmetric-key Cryptography 64

2.3.1 Types of Symmetric-key Algorithms 65

2.3.2 Speed 65

2.3.3 Limitations 65

2.3.4 Reversibility 66

2.3.5 Attacks on Symmetric Ciphers 66

2.3.6 Examples 67

2.4 Public-key Cryptography 67

2.4.1 History 68

2.4.2 Security 69

2.4.3 Applications 70

2.4.4 Practical Considerations 70

2.4.5 Examples 76

2.5 Cryptographic Hash Function 79

2.5.1 Overview 79

2.5.2 Related Algorithms 80

2.5.3 Cryptographic Properties 80

2.5.4 Applications of Hash Functions 81

2.5.5 Merkle-Damg？rd Hash Functions 82

2.5.6 Hash Functions Based on Block Ciphers 83

2.5.7 Hash Functions to Build other Cryptographic Primitives 83

2.5.8 List of Cryptographic Hash Functions 83

Chapter 3 Firewall 88

3.1 Introduction 88

3.2 Firewall Technologies 94

3.2.1 Packet Filtering Firewall 94

3.2.2 Circuit Level Gateway Firewall 95

3.2.3 Application Level Gateway Firewall 95

3.2.4 Stateful Multilayer Inspection Firewall 96

3.3 Firewall Architectures 97

3.3.1 Single-Box Architectures 97

3.3.2 Screened Host Architectures 101

3.3.3 Screened Subnet Architectures 103

3.4 Windows Firewall 108

3.4.1 Introduction 108

3.4.2 Using the Exceptions Tab 110

3.5 Problems and Benefits of Firewall 112

3.5.1 Firewall Related Problems 112

3.5.2 Benefits of a Firewall 113

Chapter 4 Intrusion Detection System 116

4.1 Introduction 116

4.1.1 Types of Intrusion Detection Systems 116

4.1.2 Passive System vs.Reactive System 117

4.2 State of the Art 118

4.2.1 From Intrusion Detection to Anomaly Prevention 118

4.2.2 Focus on Anomaly Prevention Systems 119

4.2.3 Generic Functional Architecture 120

4.3 Data Collection 123

4.3.1 Short Definition 123

4.3.2 NIDS 124

4.3.3 HIDS 125

4.3.4 NNIDS 125

4.3.5 Honeypot as a Sensor 125

4.3.6 IPS 126

4.3.7 DIDS 126

4.3.8 Multi-layered Integration 127

4.3.9 Correlation 127

4.4 Data Processing for Detection 128

4.4.1 Short Definition 128

4.4.2 Misuse Detection(or Scenario Based Analysis) 128

4.4.3 Anomaly Detection(or Behavior Analysis) 129

4.4.4 Emerging Algorithms 131

4.5 Alarms,Logs and Actions 133

4.5.1 Passive Actions 133

4.5.2 Active Actions 133

4.6 Example:Data Mining Approaches for IDS 134

4.6.1 Introduction 135

4.6.2 The Architecture 137

4.6.3 Mining Audit Data 141

4.6.4 Feature Construction 146

4.6.5 Experiments 149

4.7 Known Problems with IDS 149

4.7.1 Lack of Adaptivity 149

4.7.2 False Positive ＆ False Negative 151

4.7.3 Field of Vision 151

4.7.4 Performance 152

4.7.5 Increasing Cost 153

4.7.6 Complex Management Issues 154

4.7.7 Evasion Techniques 155

Chapter 5 Network Security Protocol 159

5.1 Introduction 159

5.2 Kerberos Protocol 160

5.2.1 History and Development 160

5.2.2 Description 161

5.2.3 Use 162

5.2.4 The Protocol 162

5.2.5 Kerberos Operation 163

5.2.6 Kerberos Drawbacks 165

5.3 SSL Protocol 165

5.3.1 Description 165

5.3.2 Ciphers Used with SSL 167

5.3.3 The SSL Handshake 169

5.3.4 Server Authentication 171

5.3.5 Client Authentication 172

5.3.6 Applications 175

5.4 SET Protocol 176

5.4.1 Introduction 176

5.4.2 Overview of SET Protocol 177

5.4.3 SET Cryptography 179

5.4.4 SET Process 180

5.4.5 Certificates Insurance 181

5.4.6 Security of SET 181

5.4.7 Future of SET 182

5.5 IPSec Protocol 182

5.5.1 Current Status as a Standard 183

5.5.2 Design Intent 184

5.5.3 Technical Details 184

5.5.4 IPSec Protocol Types 186

5.5.5 Implementations 191

Chapter 6 Virtual Private Network 195

6.1 Authentication Mechanism 195

6.2 Types of VPN 196

6.3 Characteristics in Application 197

6.4 Tunneling 198

6.4.1 Two Types of VPN Tunneling 199

6.4.2 Point-to-Point Tunneling Protocol 199

6.4.3 Layer 2 Tunneling Protocol 201

6.4.4 SSL VPN 207

6.4.5 MPLS VPN 208

6.5 Various Topology Scenarios 211

6.5.1 Topology 1 212

6.5.2 Topology 2 212

6.5.3 Topology 3 213

6.5.4 Topology 4 213

6.5.5 Topology 5 214

6.5.6 Topology 6 214

6.6 VPN Security Dialogs 215

Chapter 7 Computer Virus 218

7.1 Introduction 218

7.1.1 Comparison with Biological Viruses 218

7.1.2 Distinction between Malware and Computer Viruses 219

7.1.3 Effects of Computer Viruses 219

7.1.4 Use of the Word"Virus" 219

7.1.5 History 219

7.2 Virus Classification 221

7.2.1 Boot Sector Virus 221

7.2.2 Companion Virus 224

7.2.3 E-mail Virus 224

7.2.4 Logic Bomb 227

7.2.5 Macro Virus 228

7.2.6 Cross-site Scripting Virus 235

7.2.7 Trojan Horse 241

7.2.8 Computer Worm 241

7.3 Why People Create Computer Viruses 245

7.4 Replication Strategies 245

7.4.1 Nonresident Viruses 246

7.4.2 Resident Viruses 246

7.4.3 Host Types 247

7.5 Methods to Avoid Detection 247

7.5.1 Avoiding Bait Files and Other Undesirable Hosts 248

7.5.2 Stealth 249

7.5.3 Self-modification 249

7.5.4 Simple Self-modifications 249

7.5.5 Encryption with a Variable Key 250

7.5.6 Polymorphic Code 250

7.5.7 Metamorphic Code 251

7.6 Vulnerability and Countermeasures 251

7.6.1 The Vulnerability of Operating Systems to Viruses 251

7.6.2 The Role of Software Development 252

7.6.3 Anti-virus Software and Other Countermeasures 253

Chapter 8 Public-Key Infrastructure 256

8.1 PKI Introduction 256

8.1.1 Purpose 256

8.1.2 Functions 257

8.1.3 How Public and Private-key Cryptography Works 258

8.1.4 Who Provides the Infrastructure 259

8.1.5 PKI Typical Use 260

8.1.6 Alternatives 261

8.1.7 PKI History 262

8.1.8 Usage Examples 263

8.2 Certificate Authority 263

8.2.1 Issuing a Certificate 264

8.2.2 Security 264

8.2.3 Public-Key Certificate 265

8.3 X.509 267

8.3.1 History and Usage 267

8.3.2 Certificates 268

8.3.3 Sample X.509 Certificates 269

8.3.4 Security 272

8.3.5 Public-Key Infrastructure Working Group 272

8.3.6 Protocols and Standards Supporting X.509 Certificates 273

8.4 Trusted Third Party 273

8.4.1 An Example 274

8.4.2 Actual Practice 274

8.4.3 Parallels Outside Cryptography 274

8.5 Certificate Revocation List 275

8.5.1 CRL Introduction 275

8.5.2 Problems with All CRLs 276

8.6 An Example of a PKI in Action 277

Chapter 9 Information Security Management 282

9.1 ISO/IEC 17799 282

9.2 ISO/IEC 27001 284

9.3 ISM3 284

参考文献 287