Cyber Denial Deception and Counter Deception A Framework for Supporting Active Cyber Defense 1st edition by Kristin Heckman, Frank Stech 9783319251332 3319251333

Cyber Denial Deception and Counter Deception A Framework for Supporting Active Cyber Defense 1st edition by Kristin Heckman, Frank Stech – Ebook PDF Instant Download/Delivery.9783319251332, 3319251333
Full download Cyber Denial Deception and Counter Deception A Framework for Supporting Active Cyber Defense 1st edition  after payment

Product details:

ISBN 10: 3319251333
ISBN 13: 9783319251332 
Author: Kristin E. Heckman; Frank J. Stech; Roshan K. Thomas; Ben Schmoker; Alexander W. Tsow

This book presents the first reference exposition of the Cyber-Deception Chain: a flexible planning and execution framework for creating tactical, operational, or strategic deceptions. This methodology bridges the gap between the current uncoordinated patchwork of tactical denial and deception (D&D) techniques and their orchestration in service of an organization’s mission. Concepts for cyber- D&D planning operations and management are detailed within the larger organizational, business, and cyber defense context. It examines the necessity of a comprehensive, active cyber denial scheme. The authors explain the organizational implications of integrating D&D with a legacy cyber strategy, and discuss trade-offs, maturity models, and lifecycle management. Chapters present the primary challenges in using deception as part of a security strategy, and guides users through the steps to overcome common obstacles. Both revealing and concealing fact and fiction have a critical role in securing private information. Detailed case studies are included. Cyber Denial, Deception and Counter Deception is designed as a reference for professionals, researchers and government employees working in cybersecurity. Advanced-level students in computer science focused on security will also find this book useful as a reference or secondary text book. 

Cyber Denial Deception and Counter Deception A Framework for Supporting Active Cyber Defense 1st Table of contents:

Chapter 1: Introduction
1.1 Summary

Chapter 2: Bridging the Classical D&D and Cyber Security Domains
2.1 Classical D&D
2.1.1 Reveal Facts
2.1.2 Reveal Fictions—Simulation
2.1.3 Conceal Facts—Dissimulation
2.1.4 Conceal Fictions
2.1.5 Deception Dynamics
2.2 Translating D&D to Cyber Security
2.3 Using D&D in Cyber Security
2.3.1 Reveal Facts
2.3.2 Conceal Facts
2.3.3 Reveal Fictions
2.3.4 Conceal Fictions
2.4 D&D Operations

Chapter 3: Intrusions, Deception, and Campaigns
3.1 Intrusion Attempts
3.2 Cyber Kill Chain
3.2.1 Reconnaissance
3.2.1.1 Attack
3.2.1.2 Response
3.2.2 Weaponization
3.2.2.1 Attack
3.2.2.2 Response
3.2.3 Delivery
3.2.3.1 Attack
3.2.3.2 Response
3.2.4 Exploit
3.2.4.1 Attack
3.2.4.2 Response
3.2.5 Control
3.2.5.1 Attack
3.2.5.2 Response
3.2.6 Execute
3.2.6.1 Attack
3.2.6.2 Response
3.2.7 Maintain
3.2.7.1 Attack
3.2.7.2 Response
3.2.8 Recursive Cyber Kill Chain
3.3 Deception Chain
3.3.1 Purpose
3.3.2 Collect Intelligence
3.3.3 Design Cover Story
3.3.4 Plan
3.3.5 Prepare
3.3.6 Execute
3.3.7 Monitor
3.3.8 Reinforce
3.3.9 Recursive Deception Chain
3.4 Intrusion Campaigns

Chapter 4: Cyber-D&D Case Studies
4.1 The Stuxnet Campaign
4.1.1 Tactical Cyber-D&D
4.1.2 Operational Cyber-D&D
4.1.3 Strategic Cyber-D&D
4.1.4 Benefits of Stuxnet Cyber-D&D
4.1.5 Challenges of Stuxnet Cyber-D&D
4.2 APT Espionage
4.2.1 Assumptions
4.2.2 Reconnaissance Phase
4.2.2.1 Red Actions
4.2.2.2 Blue Actions
4.2.2.3 Benefits
4.2.2.4 Challenges
4.2.3 Weaponization Phase
4.2.3.1 Red Actions
4.2.3.2 Blue Actions
4.2.3.3 Benefits
4.2.3.4 Challenges
4.2.4 Delivery Phase
4.2.4.1 Red Actions
4.2.4.2 Blue Actions
4.2.4.3 Benefits
4.2.4.4 Challenges
4.2.5 Exploit Phase
4.2.5.1 Red Actions
4.2.5.2 Blue Actions
4.2.5.3 Benefits
4.2.5.4 Challenges
4.2.6 Control/Execute Phase
4.2.6.1 Red Actions
4.2.6.2 Blue Actions
4.2.6.3 Benefits
4.2.6.4 Challenges
4.2.7 Maintain Phase
4.2.7.1 Red Actions
4.2.7.2 Blue Actions
4.2.7.3 Benefits
4.2.7.4 Challenges

Chapter 5: Exercising Cyber-D&D
5.1 Incorporating D&D in Red/Blue Team Exercises
5.2 Example: SLX II Exercise Parameters
5.3 Example: SLX II Exercise Design
5.4 Example: SLX II Exercise Red/Blue Interplay
5.5 Example: SLX II Exercise Results

Chapter 6: Considerations, Adaptation, and Sharing
6.1 Risk, Unintended Consequences, Compromise, and Failure
6.2 Benefits, Challenges, and Drawbacks of Cyber-D&D
6.3 Post Exploit Manhunting
6.3.1 Elements Underlying Hunter Strategies
6.3.2 Hunter Strategies
6.3.3 PONI Strategies
6.4 Standardization and Sharing

Chapter 7: Countering Denial and Deception
7.1 Defining Counterdeception
7.2 Defining Counter-Deception
7.3 Applying Cyber-CD to Computer Intrusions
7.3.1 Building a Tripwire
7.3.2 Sharing Intrusion Data
7.4 Counterdeception Components
7.5 Applying Cyber-CD to Network Defense
7.6 A Cyber-CD Process Model
7.6.1 Case Study
7.6.1.1 Finding the Dots
7.6.1.2 Characterizing the Dots
7.6.1.3 Connecting the Dots
7.6.1.4 Seeing the Picture
7.6.1.5 Hypothesis Validation

Chapter 8: Capability Maturity Model
8.1 Cyber-D&D Maturity Model Framework
8.2 People-CMM
8.3 Services-CMM
8.3.1 Service Processes
8.3.2 Maturity Levels of Delivery of Cyber-D&D Services
8.4 Processes-CMM
8.5 Technologies and Techniques-CMM
8.5.1 General Characteristics of Technology Maturity Levels
8.5.2 Specific Technology Maturity Attributes in the Context of Cyber-D&D
8.5.2.1 Expertise and Technical Sophistication
8.5.2.2 Architectural and Engineering Maturity
8.5.2.3 Precision: When and Where to Aim the Cyber-D&D Technique
8.5.2.4 Efficacy: How Well Did the Bait Attract a Specific Target?
8.5.2.5 Efficiency
8.5.2.6 Technical Readiness Level (TRL) Transition Success
8.5.2.7 Influence of Technology on Adversary Doctrine and Strategy
8.6 Implications

Chapter 9: Cyber-D&D Lifecycle Management
9.1 Overview of Spiral D&D Lifecycle Management
9.2 Plan
9.3 Implement
9.4 Deploy and Execute
9.5 Post-deployment Analysis

Chapter 10: Looking to the Future
10.1 Live Defensive Operations
10.2 Vulnerability Assessment
10.3 Game Theory Models
10.4 Cyber-Deception Education and Training
10.5 Chinese Cyber-Deception Research
10.6 Immune System and Biological Models
10.7 Cyber-Counterdeception Capability Maturity Model
10.8 Cyber-Counterdeception in Active Defense
10.9 Moving Forward

ERRATUM

Appendix A: Cyber-D&D Taxonomy

• Usage by Malicious Actors
• Reveal Facts
• Denial of Service
• References
• Command Injection
• References
• Conceal Facts
• Binary Obfuscation
• References
• Bot Computer
• References
• Command and Control
• References

People also search for Cyber Denial Deception and Counter Deception A Framework for Supporting Active Cyber Defense 1st:

cyber deception definition
 
cyber deception tools
 
cyber deception
 
deception cyber security