Essential Cybersecurity Science: Build, Test, and Evaluate Secure Systems (Paperback)

Josiah Dykstra

  • 出版商: O'Reilly
  • 出版日期: 2016-01-26
  • 定價: $1,650
  • 售價: 8.0$1,320
  • 語言: 英文
  • 頁數: 190
  • 裝訂: Paperback
  • ISBN: 1491920947
  • ISBN-13: 9781491920947
  • 相關分類: 資訊安全
  • 相關翻譯: 網絡安全科學本質論 (簡中版)
  • 立即出貨 (庫存 < 3)

買這商品的人也買了...

商品描述

If you’re involved in cybersecurity as a software developer, forensic investigator, or network administrator, this practical guide shows you how to apply the scientific method when assessing techniques for protecting your information systems. You’ll learn how to conduct scientific experiments on everyday tools and procedures, whether you’re evaluating corporate security systems, testing your own security product, or looking for bugs in a mobile game.

Once author Josiah Dykstra gets you up to speed on the scientific method, he helps you focus on standalone, domain-specific topics, such as cryptography, malware analysis, and system security engineering. The latter chapters include practical case studies that demonstrate how to use available tools to conduct domain-specific scientific experiments.

  • Learn the steps necessary to conduct scientific experiments in cybersecurity
  • Explore fuzzing to test how your software handles various inputs
  • Measure the performance of the Snort intrusion detection system
  • Locate malicious “needles in a haystack” in your network and IT environment
  • Evaluate cryptography design and application in IoT products
  • Conduct an experiment to identify relationships between similar malware binaries
  • Understand system-level security requirements for enterprise networks and web services

商品描述(中文翻譯)

如果您是一位軟體開發人員、法醫調查員或網路管理員,並且涉及到資訊安全,這本實用指南將向您展示如何在評估保護資訊系統的技術時應用科學方法。無論您是評估企業安全系統、測試自己的安全產品還是尋找手機遊戲中的漏洞,您都將學習如何對日常工具和程序進行科學實驗。

一旦作者Josiah Dykstra讓您熟悉科學方法,他將幫助您專注於獨立的、特定領域的主題,例如密碼學、惡意軟體分析和系統安全工程。後面的章節包括實際案例研究,展示如何使用現有工具進行特定領域的科學實驗。

- 學習在資訊安全領域進行科學實驗的步驟
- 探索模糊測試以測試軟體處理各種輸入的能力
- 測量Snort入侵檢測系統的性能
- 在您的網路和IT環境中尋找惡意的“大海針”
- 評估物聯網產品中的密碼學設計和應用
- 進行實驗以識別相似惡意軟體二進制檔之間的關係
- 了解企業網路和網路服務的系統級安全需求