Cyber Warfare, Second Edition: Techniques, Tactics and Tools for Security Practitioners

Free download. Book file PDF easily for everyone and every device. You can download and read online Cyber Warfare, Second Edition: Techniques, Tactics and Tools for Security Practitioners file PDF Book only if you are registered here. And also you can download or read online all Book PDF file that related with Cyber Warfare, Second Edition: Techniques, Tactics and Tools for Security Practitioners book. Happy reading Cyber Warfare, Second Edition: Techniques, Tactics and Tools for Security Practitioners Bookeveryone. Download file Free Book PDF Cyber Warfare, Second Edition: Techniques, Tactics and Tools for Security Practitioners at Complete PDF Library. This Book have some digital formats such us :paperbook, ebook, kindle, epub, fb2 and another formats. Here is The CompletePDF Book Library. It's free to register here to get Book file PDF Cyber Warfare, Second Edition: Techniques, Tactics and Tools for Security Practitioners Pocket Guide.

To conduct an attack via the users, a phone number could be all that is needed. Much of what is needed for a social engineering attack can be found on a business card. Once the target is identified, the recon begins to find the weak point or vulnerability. The attack can be against the operating system or one of the applications on it i. A scaimer is run against the system to determine and list many of the vulnerabilities. Attack framework tools are available that both scan and then have the exploits to launch the attack matching vulnerabilities found built into the application.

Some popular framework tools are Metasploit, Canvas, and Core Impact. Finally, there are tools that transform a machine into a Linux system by booting off of a Linux live CD. The most popular live CD attack tool is BackTrack. Another tool that is useful during recon is a sniffer. This is a tool that has the attacker's system mimic every computer on the network so it gets a copy of all the traffic.

It will allow the attacker to read all unencrypted emails and documents as well as see the Web pages being accessed by everyone on the network. Popular sniffers are Wireshark, Ettercap, and Tcpdump. On the wireless side tools include Aircrack-ng and Kismet. While there are a lot of recon tools that are very powerful and easy to use, the one set of tools that shows how the threat environment has evolved is packet crafters.

Someone with no programming skills can now craft unique attacks. Popular tools include NetCat and Hping. There are a host of other tools for recon but these represent the baseline tools used to discover the vulnerabilities that allow movement to the attack phase. When attacking a system there are many types of malcode that can be used.

At the code level there are worms or viruses that can use attack vectors like cross-site scripting or buffer overflows to install rootkits or a Trojan horse which acts as a backdoor into a system, and is used to spread the attack. A worm spreads without any help. It infects a system and then uses that system to find more systems to spread to.

Worms and viruses use techniques like cross-site scripting or buffer overflows which attack mistakes in the code in order to compromise it. An overly simplified example of a buffer overflow is when a program asks for a phone number rather than giving the 10 digits needed, the software sends digits followed by a command to install the malcode.

Because the program does not have good error handling to deal with the large amount of unexpected extra data, it executes the malcode. A rootkit is a program that takes over control of an operating system and tells lies about what is happening on the system. Once a rootkit is installed, it can hide the hacker's folders i. Like a 4-year-old, the rootkits of the first generation did not lie very well. The generation we are on now is more like when she was 21 she was MUCH better at telling a coherent story that was not easy to detect as a lie.

The cmrent generation of rootkits does a much better job of hiding themselves from detechon. The next generation will be hke someone with a masters in social engineering; almost undetectable. A Trojan horse backdoor is a program that masquerades as a legitimate file often a system file: i. The new file both rrms the system and opens a backdoor to the system allowing the hacker remote control of the system. One use for worms and viruses is to build botnet armies. A hot also called a zombie is a computer that is a slave to a controller.

Once someone builds an army of millions of hots they can cause a distributed denial of service DDoS by having all of the hots try to connect to the same site or system simultaneously. This can be done to blackmail a Website pay or be blocked so no customers can get access , disrupt command and control systems, click fraud if Acme. The first is to attack the system and take it down. In cases where you are attacking the communication lines you can skip recon because you are not worried about finding a specific vulnerability, you just need a botnet army large enough to overwhelm a target's communication capabilities.

There are a number of ways to launch attacks targeted at a specific system rather than the broad net a worm or virus would catch. The attack framework tools mentioned earlier are the most common. The key is to correlate the exploit to the vulnerability. Much like there has never been a bank built that cannot be robbed and there is not a computer or network that cannot be broken into given enough resources and persistence.

Cracking passwords can be done with brute force by having a program try every possible password iteration. This can be time consuming and is easy to detect but, depending on the strength of the password, is very effective. Another technique that is available is called rainbow tables.

Many of these tables have done every combination for characters and the length grows as hackers continue to use botnet to build the tables. NOTE Exploit has three meanings within the cyber community. When talking about code it refers to malcode that allows a system to be compromised.

Cyber Warfare: Techniques, Tactics And Tools For Security Practitioners

When talking about attack methodology it refers to what the payload of the attack is intended to accomplish. The exploit phase is where the attacker takes advantage of gaining control. When attacking confidentiality they are simply stealing secrets. Integrity attacks are when they change the data on the system or masquerade as a legitimate authorized or authenticated user. In a commercial setting this could be changing prices or customer data. On a military network it might be to change the equations used to calculate command and control guidance.

The type of exploit is based on the motivations of fhe attacker. They can use the system to attack more systems on the network, misrepresent the user send fake emails , or load a rootkit with a backdoor to maintain long-term access. They will often try to avoid detechon and might even use anti-forensic techniques like log wiping and time stomping. Some will patch the systems they have taken over so future hackers will not be able to break in and take them away.

Finally, they may load digital tripwire alarms to tell them if they have been detected by security engineers using forensic tools. If these technical attacks do not work another vector of attack is social engineering. In fact some threat organizations use social engineering as their primary means of attack.

The difference between social engineering and other attacks is the vectors are through the person, or as hackers say the "wetware. This can be done in person but is often done over the phone or remote communications like email. It starts with pre-texting, with includes researching an organization using sources like websites, social media, or even meeting people at places like a conference to exchange business cards.

The most common attack today is via email. There are also technical tools like the "Social Engineer Toolkit" that are designed to assist attacking the workforce. As we look af the threatscape map Eigure 2. The ferm APT is offen used in different ways by the media, but, for purposes of this book, APT means state guided attacks. It is truly digital spying or espionage in the virtual world.

As we examine if the APT actions qualify as war we look to how war is defined. Organized Crime Organized crime on the Internet is widely covered in the news today. One of the most often joked about scams on the Internet is the "Nigerian royalty that just needs access to your bank account to get money out of fhe country" scam that sends phishing emails designed to steal identities and access the victims' bank accounts. The text of fhe emails from the Nigerian scams will talk about how they have money that they need to get out of the country and all they need is to transfer the money to a U.

Another popular scam is selling fake medicine. While some of the sites are selling legitimate drugs most will send fake medicine if fhey send anything at all. Similar scams can be used to get members of the military or national security infrastructure to get involved in activities they would not do in the real world. One of the more well-known criminal organizations is called the Russian Business Network RBN also known as the Russian Mob note this is not one single organization. If someone grad- uafes from a university in one of the old Soviet Union bloc countries with a degree in computer science one of fhe betfer paying jobs is with the RBN.

There they wiU work full time on tasks like building custom exploits targeting specific financial insfifufions, building botnet armies, rim- ning idenhty theft networks, or any one of a dozen of "business ventures" for organizafions like fhe RBN based on differenf revenue models.

(DOC) Cyber War as a threat to International Security. | Russell Dunne - ytohazoh.gq

These organizahons can be staffed in one country, use systems hosted in a different country for a while RBN was using systems hosted in China and commit crimes against citizens in a third country. This makes it very complex to prosecute when the crimes are discovered. While we have talked about China and Russia they are not the only coimtries that have cyber-based criminal organizahons; in fact the U. The reason is the insiders understand what is valuable on the network and often have legihmate access to it. The three basic categories of insiders are: disgruntled employees, financially motivated thieves , and users unintentionally causing damage.

Financially motivated insiders will misuse the company assets or manipulate the system to steal. There are both intentional and unintentional insider threats. Spills could require destruction of the system and a lengthy investigation.

Shop by category

Finally, users can open files or go to websites with malcode infecting the network. The most notable example has been from a group called Anonymous. This cyber vigilante group attacked the Church of Scientology under project name Chanology in and started using their trademark saying "We are Anonymous. We are Legion. We do not forgive. We do not forget.

Expect us" [1]. Their supporters can often be seen wearing Guy Fawkes masks from the movie "V for Vendetta. These are pejorative terms for the less skilled hackers. These are the people who just use the tools that can be found on the Internet with little thought out methodology or technique. They have many different motivations to start hacking. The problem these script kiddies pose to the cyber warfare landscape is the amount of activity they produce. If there are millions of attacks launched by noobs every week, how can the APT or specific criminal activity be located?

It is also important to understand that the tools script-kiddies use are very powerful and they will end up PWNing slang for own systems. The Defense Information Systems Agency has consistently said the majority of systems compromised were from known exploits that could have been prevented if the systems were fully patched and configured to standard [2].

As script-kiddies gain more experience they will become hackers and usually end up being part of some group. These groups are not represented in the threat list as they do not fit into an attacker category. When they join together they may prank each other, build tools one classic example is the Cult of the Dead Cow's tool called "Back Orifice" in , they may live near each other i. Much like real-world defenses, they need to be constantly validated, monitored, and updated.

The critical process needed is good security metrics. There has been a lot of work done, but there is no clear set of industry standard cyber metrics today. These goals must be set before they change and methods to track performance are established. The PT is designed to test the team's ability to respond to an intrusion. The PT team will not only find the vulnerability but exploit it and once they break in will either grab a predetermined file called fhe flag or load a file on the system called the golden nugget.

This will validate the team's processes and tools. One key capability that is needed after an intrusion is the forensics expert. This is someone that understands the rules of evidence and can testify in court. The forensics expert should be called if there is any possibility of a lawsuit, human resource action firing , or prosecution of the hacker.

There must be clear policies on when they are called because, much like a real crime scene, the more people that have accessed the data the more the crime scene is compromised. The military is slowly moving toward gathering evidence in a way that it can be presented in court as opposed to just getting the systems back on line quickly.

Configuration Management is a critical part of the defense. Think of walking up to a cruise liner to start your vacation only to find it is so covered in rust you cannot tell what color it used to be painted. Common sense would prevent you from getting on. Yet because we cannot see that our network devices are past their maintenance lifecycle we put our most valuable information on the equivalent servers.

The basics require timely patching. Patches must be tested before they get installed on critical operational systems so the challenge is how much time is allowed for analysis some suggest 72 h, but that can be expensive so there is a broad range. Well imderstood and enforced policies for both the users and network administrators are a must.

They both can impact the security baseline with decisions on operations or processes but often do not examine the impact to security risks. Finally, access control must be managed so that only the people with a need are allowed to access the mission critical data. This is called the principle of least privilege and has been used for decades in the intelligence community. Identity Management is one area that will help as users become more mobile. Next they should be categorized 32 2.

SearchWorks Catalog

Finally, as was mentioned earlier, as every network will have a weakness over time it is prudent to assume that someone has penetrated the network and conduct audits to find them. Compliance is based on the legal or regulatory requirements of the industry. Risk Management is what all these regulations have been driving to. The goal is to achieve Situational Awareness SA. SA is the correlation and fusion of data from multiple sources that enable decision making. Ideally it will be presented visually through a Common Operational Picture that will facilitate true risk posture understanding and provide information in a format that enables decisions.

DR focuses on getting the network hack up while the COOP is the plan to continue operations without any automation. These principles are known as due care and due diligence. One of the most effective protection techniques is education designed to alter the users' behaviors. Some useful tools are honeypots, virtual machines, virtual worlds, and live CDs. Honeypots are systems that are deployed with no operational function so any interaction with them causes an investigation. This allows them to test hacking from one VM to another. Virtual worlds can be used to conduct training with no travel costs.

A popular business-oriented virtual world is Second Life. Finally fo boot your current computer as a Linux machine to use some of fhe fools we have discussed, use a live CD like BackTrack. Corporate information will normally have personal and IT Infrastructure embedded. If any of fhese were not available for even short periods of time, there would be major impacts. The loss of belief in the integrity of our financial sysfems could cause a run on fhe banks.

The issue is that most of this critical infrastructure is managed by commercial companies that have to balance risk against profit and are generally driven by cost-effectiveness, functionality, and financial gain, rafher than security. If someone wants to target a senior member of fhe U.

The same could be true of Law Enforcemenf Agencies thaf focus on fhe drug frade. Digital natives are putting more and more personal information on the Web.

This information all ties back to two major issues: identity theft and social engineering. IT infrastructure is a target for two reasons. Hackers may want to use the infrastructure for fhemselves i. Understanding the architecture or mapping the Web pages could provide insight into how to gain unauthorized access. These will all be covered in more detail in subsequent chapters but this foundation is intended to help tie it all together. Chapter 15 on Cyberspace Challenges is designed to give an overview of the cyber environment, focused on the challenges. The question most often asked after discussing this cyber threatscape is how someone should protect themselves at home.

The answer is "safe behaviors! All are mandatory for basic security, but they can all be defeated by poor security practices such as weak passwords, surfing sites known to be hot spots for malcode, and opening emails or accepting invites on social networking sites from someone unknown. While there is no such thing as "security through obscurity" we should strive to not be the "low hanging fruit" that is easily PWNed. References [1] Anonymous. Patterson, LaWarren. In: Cyberspace symposium, Colorado Springs; The chief challenge in dealing with this new virtual cyberspace paradigm is the separation of activities from geography.

Reconnaissance can now be done by folks distributed across the world. Planning can be done by cells of combatants who never meet. The Internet provides a means of communications via secure channels. The Internet can be both a resource and an attack vector. This new battlespace is an intricate problem. To understand it we will look at the boundaries of this new battlespace, how it fits into the historical war-fighting domains, the enemy forces we are facing, and the weapons needed to win on this virtual front.

If we think of fhe World Wide Web as a connection of smaller networks with different configuration rules it is easy to see where to divide it. For the U. These are the foundations for the defensive forces used in this battle. What do we mean by battlespace? This includes enemy and friendly armed forces; infrasfructure; weather; terrain; and the electromagnetic spectrum within the operational areas and areas of interesf" [1].

Defense in Depth In cybersecurity. It must be enhanced to protect against insider threats and mobile devices that migrate in and out of the perimeter. It is the standard practice for logical construction of a network. At the lowest level we have an individual home network behind a local Internet Service Provider ISP router, and at the other end of fhe spectrum we have a national state network like China behind their Great Firewall. Organizations maintain their own networks but use a variety of techniques to administer and secure them. Some build and maintain everything, others outsource the infrastructure but keep security in house, some outsource everything but have the equipment in their building, and finally some prefer cloud solutions.

Many of these organizations are geographically dispersed with users in multiple locations across the world. The amount of protection they deploy is based on their perception of risk and willingness to invest their profit back into security for the network. When we look at their defenses it is based on economic power rather than military power. Both of fhese technologies often use Virtual Machines VM to host their systems on. These technologies provide benefits but come with new security issues to include data control, auditing, and configuration management.

Like any system, they can be fraught with risk or very secure, based on how they are designed and maintained. These concepts show a fundamental lack of understanding of the Internet today. A good example of this can be seen in Iran's effort to suppress the protests following the presidential elections. We can quickly see that parts of the Internet can be turned dark, but only for a limited period of time and are actually a self- inflected denial of service. Physical Infrastructure Physical infrastructure includes power, backup generators. Heating Ventilating and Air Conditioning, surge control systems, connectivity cabling , hardware, software, and people.

The physical systems are vulnerable to surveillance, vandalism, sabotage, and attack. This list does not address the potential environmental disaster factors. If the threat carmot conduct a kinetic attack or hack the system then there is always the wet- ware human vector. It is often easier to attack users than it is to attack the equipment.

So when attacking the physical there are a number of options to create the desired impact. NOTE As with any subculture hackers have their own jargon. There is also a unique way to write where letters and numbers are changed to make writing distinctive. Examples of this writing are elite becomes leet or or t and hacker becomes Haxor. SCADA owners believed that they would be protected by obscurity with nobody wanting to break into their systems.

Most of fhese systems use the same protocols and are developed with the same programming languages as the rest of the applications on the market today so it has been relatively easy to find vulnerabilities in them. If we fake a look at one critical infrastructure area like water, we have heard reports [3] about how terrorists could hack in and open dam gates to cause flooding or cause an infusion of the purification chemicals to the point where the water is toxic.


  1. An Atlas and Manual of Coronary Intravascular Ultrasound Imaging!
  2. So Much for That.
  3. Cyber Operations – PDF Books | Programming Book.
  4. Refine your editions:.
  5. Cyber Warfare.
  6. Cyber Warfare.

The reality is cyber problems are competing with other issues with these systems. Our infrastructure has many issues to be dealt with and cybersecurity is only a potential issue relative to the number of tangible issues they are facing foday. NOTE U. Note that most of these are in the private sector and government control varies widely depending on the sector.

Commercial companies are market-driven and must spend just enough on security to manage risk appropriately. For example, if they were to lose customer privacy data, they might be sued. This evaluation is based on what a reasonable person would expect them to do to protect their information. There is a balance between budget and level of risk. The simple fact is that today if a security team was given an unlimited budget they could not guarantee that there would not be any intrusions because there are constantly new vulnerabilities.

Some CFOs feel it is a waste of money to do more than the minimum security protection measures. They point to examples such as when T. Maxx and Heartland were in the news for being hacked but they shll made a profit the next quarter. There is a reasonable level of security that should be implemented based on which industry the company is in i.

The key is making sure the leadership understands the risk that they are accepting in this contested virtual economic battlefield. Next we have the federal governmenf, which has dispersed responsibility throughout the different agencies who all use different tools and processes. The DHS controls the U. Their focus is domestic crime and counterterrorism not cyber war, but they have some useful tools and processes to help fight the cyber war. One major success the FBI had was the Darkmarket sting, when they took down a major identify theft ring [4]. They continue to get better at conducting computer investigations internationally [5] with 61 legal attache offices around the world conducting joint investigations with countries like Romania, Estonia, Ukraine, and the Netherlands.

As with any system, as it moves to the network it increases accessibility which also opens a new set of attack vectors. DoE is working to build security into the smart grid but it is very complex. Einally, the Department of Justice DoJ must decide which cases to take to court and sets the tone for what is acceptable behavior by deciding where to put their prosecution resources. Today, the DoJ is focused on terrorism and drugs rather than hacking or cyber war incidents.

On the military side, the DoD has a very complex hierarchical authority structure. Each branch of the service has a name for their portion of the network. These are not formal programs of record buf rather efforts to respond to new budget constraints and capability demands. There are also different levels of classification on information and networks.

Finally, deployed forces build their own networks in theater that connect to many of fhese "reach back" nefworks as well as to fellow coalition nations via multinational forces networks. An example is if a unif from Fort Carson deployed to Afghanistan has to build a network in country or theater, they would want to cormect back to resources at Fort Carson and to other international forces they are teamed with.

It is easy to see that there is not a clear chain of command for the network of nefworks supporting DoD. As important as these networks are, they do not include the full scope of fhe modern virtual battlefield. For example in during a military simulation for an Air Operation Center AOC , a young airman was asked what would happen if fhe network went down. He said they would have to stop flying missions. Closely aligned to these forces is the Intelligence Community, specifically the National Security Agency.

This results in different priorities and authorities based on the different mission each organization has. It is important to note that there are U. There are a number of titles that provide specific guidance. Title 10 is Armed Forces and is the law that regulates how war is fought [1]. Title 50 is War and National Defense and generally covers intelligence and counter intelligence [1]. Title 18 is Crimes and Criminal Procedure, which covers taking the attacking party to court [1].

Many people are now talking about the need to merge these three into one integrated process sometimes called title Today we see Joint Operation Centers with forces from multiple "title source" or "forces" to allow them to operate effectively based on the different rules they must comply with. So we see the commercial sector is driven by the market, the federal agencies are all driven by their function and compliance requirements, and the military is driven by mission and the regulations they have to operate under, and everyone must deal with a limited budget!

All of them are facing the similar threats and vulnerabilities. There are efforts to coordinate between them but there is no central authority to drive integration; again each organization is doing their best based on their mission and resources. So let us take a look at the domain we are talking about. Initially there were only two war-fighting domains: land and sea.

Land is the area where combatants fought. Over time there were developments in weapons that would give one side or the other an advantage but they would face each other on the field of battle. The Maritime domain [7] 42 3. Sea forces supporting a land force, usually with artillery fire, is known as littoral battle.

Littoral support has two operational environments: Seaward, the area from fhe open ocean fo the shore, which must be controlled to support operations ashore, and Landward, the area inland from fhe shore fhat can be supported and defended directly from the sea. Ships would fight battles to both control the sea and support land battles. As technology continued to influence fhe baftlefield, airplanes were introduced. The air domain is the defined as "within the earth's atmosphere"; beginning at the Earth's surface and extending to the altitude where its effects upon operations become negligible [7].

The first airplanes were used for reconnaissance but were soon armed and fought both air-to-air and air-to-ground engagements. Then warfare reached space.


  1. Emildeluxe 1t videos - dailymotion;
  2. 2nd Edition.
  3. dblp: Jason Andress.

Space is the environment corresponding to the space domain, where electromagnetic radiation, charged particles, and electric and magnetic fields are fhe dominanf physical influences, and that encompasses the earth's ionosphere and magnetosphere, interplanetary space, and the solar atmosphere [8]. This was a rmique domain as it was used by the other domains rather than a domain where combat was fought though at some point it will become another battlefront.

Finally Cyberspace became so vital to the war-fighters it was declared a domain. It is a global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers [8]. Modern commanders depend on it and are actively studying how to fight and win the next war on it. Next we will take a look at each of the first four domains land, sea, air, space , and see how they relate to cyber.

The rock gave way to the club, which was beat out by the spear and then the bow. Horse-mounted soldiers had an advantage over ground troops and then the stirrup gave them a tremendous advantage. Guns and artillery increased the rate at which armies could kill each other as well as the effective range at which they could kill. Next came the tank and machine guns. Each of these RMAs changed how armies organized and fought. New doctrine, tactics, and organizational structures had to be developed. The decision was fank units should consist of tanks by themselves but the machine gun should be integrated into every unit.

The decision to make tank units of pure tanks has been reversed. Today, the tank is normally integrated with infantry to form "combined arms task forces" so fhe commander can leverage each unit's strengths. These historical lessons in transformation must be studied to find how to most efficiently develop methods of fighting in this latest RMA—cyberspace.

Sea Domain In many ways the sea is an analogous battlefield to cyberspace. No one side can control it. The criminal elements operating on the Internet are comparable to the pirates of old who would interdict and influence the lines of commerce. There were eventually international agreements developed to deal with these threats. Another example we can draw from the Navy is the development of the Flattop or Aircraft Carrier.

Most senior officers had built their careers around the battleship and the defense industrial base was heavily investing in the battleship so they strongly resisted the transformation. They refused to see the need to change based on a new capability. This cultural blindness is impacting the transformation to computer network operations in many of foday's organizations.

At the tactical level many security professionals sfill base their strategies on outdated technologies, even though the industry and the battlespace have transformed and evolved. They are still focused on perimeter defenses and ignore the mobile devices being used by their workforce. Nowadays we have commanders who have grown up with the idea that weapon systems must be based on their ability to put "steel on target," and that the idea of a weapon system that does not destroy something via kinetic attack is ridiculous.

They also do not feel thaf their "real" weapon systems e. Some still believe that non-kinetic attacks are something that would only be an annoyance like their email going down or play a support role—not be part of a batflefield engagemenf sfrategy. These are fhe same professionals fhat study history and understand transformation but struggle to imderstand the technology rurming the systems they depend on. It is a constant struggle to understand the changes that technology is bringing to the battlefield. Early on there were major leaders developing strategies, doctrine, and tactics. General Giulio Douhet was an Italian officer who was one of fhe firsf real theorists supporting the use of Air Power [9].

He felf thaf there was no defense againsf bombers: it would terrorize populations into surrender. He advocated the use of explosive, incendiary and poison gas bombs against population centers as he felt the entire workforce contributes to the total war effort making everyone a legitimate target.

General Douhet was court-martialed for his outspoken beliefs. Billy Mifchell is considered fhe father of American Air Power. He is a con- froversial figure because of the disagreements he had with the Army leadership over using air power against battleships and was court-martialed for insubordination. Cyberterrorism and Cyberoperations against Critical Infrastructures 3. Critical Infrastructures: Interconnections and Vulnerabilities 3. Industrial Control Systems 3. Other Critical Infrastructures 3. Analysis of Practical Cases 4.

Cyberwar 4. Cyberweapons: Logic, Physical, and Psychological Instruments 4. Cyberdoctrine 4. Analysis of Practical Cases. Learning activities and methodology. This will be instrumental to consolidate and complement concepts introduced in the course, and also as material to be discussed during some lectures. Assessment System. The assessment system includes: 1. Continuous assessment of the student through one or more of the following methods: 1.

Oral or written tests. Essays and reports assigned by the lecturer. Presentations about a course topic. Participation in the debates organized throughout the semester. Final exam assessing the knowledge and skills acquired during the course. This exam may have questions related to all activities done during the course.

Basic Bibliography. Bill Blunden, Violet Cheung. Trine Day. Provides concrete examples and real-world guidance on how to identify and defend your network against malicious attacks Dives deeply into relevant technical and factual information from an insider's point of view Details the ethics, laws and consequences of cyber war and how computer criminal law may change as a result Industry Reviews "A fifth domain of war has been added to land, air, sea and space: cyber.

Foreword Introduction Chapter 1. What is Cyber Warfare? Chapter 2. The Cyberspace Battlefield Chapter 3. Cyber Doctrine Chapter 4. Cyber Warriors Chapter 5. Logical Weapons Chapter 6. Physical Weapons Chapter 7. Psychological Weapons Chapter 8. Computer Network Exploitation Chapter 9. Computer Network Attack Chapter Computer Network Defense Chapter Legal System Impacts Chapter Ethics Chapter