Book Title: Analyzing Computer Security
Subtitle: A Threat / Vulnerability / Countermeasure Approach: International Version
Author(s): Charles P. Pfleeger, Shari Lawrence Pfleeger
Publisher: Prentice Hall/Pearson
Date of Publishing: 15 July 2011
Price (UK&US price – full price, not discounted price): £46.97, $110.00
URL of Amazon UK web page: Analyzing Computer Security: A Threat / Vulnerability / Countermeasure Approach
URL of Amazon UK (Kindle) web page: N/A
URL of Amazon US web page: Analyzing Computer Security: A Threat / Vulnerability / Countermeasure Approach
URL of Amazon US web (Kindle) page: N/A
I must declare up from that I know one of the authors very well. Chuck and I were colleagues many years ago at Trusted Information Systems. Having said that it will not in any way temper my views!I was provided with the internal version of the book to review, which has been updated since the original version was published in the USA The book consists of 793 pages, spread across 18 chapters. As the title says, the book is about threats, vulnerabilities and countermeasures; however, it does not have the typical structure you would expect from a book on this subject. For instance, you will not find chapters dedicated to cryptography or network security; instead, these topics are spread across chapters. Each chapter coves a particular threat, considers a number of vulnerabilities associated with that threat and then discusses appropriate countermeasures. Some of the chapters also describe ineffective countermeasures – and of course, explain why.Let’s look at what threats and topics each chapter covers:Chapter 1 introduces the reader to the threat-vulnerability-countermeasure paradigm. Whilst it is quite a short chapter, it does provide an excellent introduction to the types of threats information systems are liable to and the type of controls that could be used to mitigate the risks.Chapter 2 concerns itself with identification and authentication, examining such attacks as impersonation. It covers issues such as the prevalence of weak passwords, as well as strong authentications, such as, multi-factor authentication (including biometrics).Chapter 3 is primarily concerned with the “Program Flaw Leads to Security Failing” threat and hence covers systems development and design. This analyses the threats, vulnerabilities and countermeasures due to typical programming flaws, poor testing, configuration management, patching, etc.Chapter 4 examines the threat from malware, such as, viruses, Trojans and Worms. As you would expect, this chapter contains topics, such as, detection and prevention, and includes discussion on implementing separation and least privilege principles in architectures.Chapter 5 looks at key logging. Much of this chapter considers physical security and the insider threat. The failed countermeasure in this chapter is that old favorite known in the profession as, “Security through Obscurity”.Chapter 6 looks at buffer overflow attacks and provides an excellent introduction to the subject. It describes the various programming flaws that allow buffer overflow attacks to occur and some of the countermeasures that can be deployed. This chapter also describes how Conficker, Slammer and Code Red used buffer overflow vulnerabilities extremely successfully.Chapter 7 considers loss of data, either due to stolen laptops or lack of backups. This also examines the use of encryption to protect data resident on removable media. Hence it does spend some time describing the basics of cryptography.Chapter 8 now turns to the subject of rootkit attacks – in particular, how difficult they are too detect.Chapter 9 looks at investigation, intrusion and compromise attacks, namely the threat of port scanning. For this threat, one of the main vulnerabilities is “revealing too much”. This is the only chapter in the book that I feel could be better. As any penetration tester will tell you, one of the most useful outputs of a port scan is knowing what services might be running on what ports, and on what hosts – and in particular, if the services leak additional information, such as, version numbers. Hence, I would have like to have this chapter cover countermeasures addressing hardening of web servers, for example, preventing the version of the Apache servr being leaked.Chapter 10 is concerned with the attack on Wi-Fi networks and the threats due to interception.Chapter 11 continues with the theme of interception but now looks at wiretaps. As you would expect, the countermeasures discussed are all cryptography based. Aside from Kerberos, it does not describe any other security protocols. Many of these are described in Chapter 14.Chapter 12 looks at the “Man in the Middle” attack and describes a number of vectors, including exploits in DNS and the web browser. At the end of this chapter, time is spent describing covert channels and steganography.Chapter 13 examines integrity failures and forgery attacks. Fake emails are also considered in this chapter. The reader is also briefly introduced to cross-site scripting and SQL injection attacks. Various countermeasures are explained, but in particular, digital signatures and PKI.Chapter 14 covers replay attacks of various forms, including cloned RFIDs, session cookie or password replays, and session hijacking. The chapter briefly introduces the reader to SSH, SSL/TLS and IPSEC.Chapter 15 looks at denial of service attacks, whether these are due to network flooding or resource starvations of DNS attacks. Countermeasures examined include IDP/IPS systems. At the end of this chapter, DDoS attacks and Botnets are discussed.Chapter 16 discuses data corruption, namely correctness and accuracy of information. Again cryptography is used to provide countermeasures.Chapter 17 looks at peer-to-peer file sharing (P2P) and all the associated threats and vulnerabilities associated with P2P. As you would expect, the legal aspects of sharing are also discussed (in particular, copyright law). This section is focused on US law.Finally, Chapter 18 considers the loss of confidentiality and privacy. This is particularly relevant with the increased use of social networking. It also looks at inference and aggregation attacksSo what did I think of it? I believe it is the best and most comprehensive book I’ve read, providing a complete overview of threats, vulnerabilities and countermeasures. I’d recommend this for any IT architect or specialist wishing to enter the field of security architectures, as well as to anyone who already has that title and wants a good quality reference book. Whilst not focused aimed at the most experienced of security architects or designers, I believe it would be a valuable edition to the professional’s bookshelf. I can guarantee that I will be referring to it again in the near future.
Finally, I should also say this is extremely well written and structured – congratulations Chuck and Shari for a job well done!
This is must read book for any budding Security Architect and also makes a great professional reference. I’d recommend this book to any IT architect or specialist wishing to enter the field of security architectures, as well as to anyone who already has that title and wants a good quality reference book.
Marks: 5 out of 5