The death of the internet
A holistic look at the vast landscape of Internet security-past, present, and future. A major attack on the Internet could wreak havoc onsociety-bringing down telephony, banking, business, government, media, and the energy grid. This book addresses the growing threats to the Internet from different sources, offering in-depth guidance on how to combat them on both desktop and mobile platforms. Edited by a specialist in holistic security with contributions from experts in industry and academia, The Death of the Internet presents a unique, cross-disciplinary approach to Internet security. It goes beyond computer science to explore its social and psychological components, discussing politically motivated attacks, human error, and criminal tendencies. Geared to non-technical readers and experts alike, the book clearly explains the general concepts of Internet security for managers and decision-makers and provides engineers and industry professionals with detailed instructions on how to develop effective designs with security in mind
1 online resource (387 pages)
9781118312551, 9781118312537, 9781118312544, 9781280998416, 9786613770028, 1118312554, 1118312538, 1118312546, 1280998415, 6613770027
799768467
Print version:
THE DEATH OF THE INTERNET; Contents; Foreword; Preface; Is the Title of this Book a Joke?; Acknowledgments; Contributors; Part I The Problem; 1 What Could Kill the Internet? And so What?; 2 It is About People; 2.1 Human and Social Issues; 2.1.1 Nigerian Scams; 2.1.2 Password Reuse; 2.1.3 Phishing; 2.2 Who are the Criminals?; 2.2.1 Who are they?; 2.2.2 Where are they?; 2.2.3 Deep-Dive: Taking a Look at Ex-Soviet Hackers; 2.2.4 Let's try to Find Parallels in the World we Live in; 2.2.5 Crime and Punishment?; 3 How Criminals Profit; 3.1 Online Advertising Fraud; 3.1.1 Advertising on the Internet. 3.1.1.1 Ad serving architecture3.1.1.2 Targeted advertising; 3.1.1.3 Revenue models; 3.1.2 Exploits of Online Advertising Systems; 3.1.2.1 Adversary; 3.1.2.2 Ad Fraud; 3.1.3 Click Fraud; 3.1.3.1 Case study: advertisers scammed by porn sites; 3.1.3.2 Countermeasures to fight click fraud; 3.1.4 Malvertising: Spreading Malware via Ads; 3.1.4.1 Countermeasures to fight malvertising; 3.1.5 Inflight Modification of Ad Traffic; 3.1.5.1 Countermeasures to fight inflight modification of ad traffic; 3.1.6 Adware: Unsolicited Software Ads; 3.1.6.1 Countermeasures to fight adware; 3.1.7 Conclusion. 3.2 Toeing the Line: Legal but Deceptive Service Offers3.2.1 How Does it Work?; 3.2.2 What do they Earn?; 3.3 Phishing and Some Related Attacks; 3.3.1 The Problem is the User; 3.3.2 Phishing; 3.3.3 Man-in-the-Middle; 3.3.4 Man-in-the-Browser; 3.3.5 New Attack: Man-in-the-Screen; 3.4 Malware: Current Outlook; 3.4.1 Malware Evolution; 3.4.1.1 Malware categories; 3.4.1.2 Malware example; 3.4.1.3 Polymorphic malware; 3.4.2 Malware Supply and Demand; 3.4.2.1 The malware industry; 3.4.2.2 Malware supply chain; 3.5 Monetization; 3.5.1 There is Money Everywhere; 4 How Things Work and Fail. 4.1 Online Advertising: With Secret Security4.1.1 What is a Click?; 4.1.2 How Secret Filters are Evaluated; 4.1.2.1 Third-party click scoring; 4.1.2.2 Ad network check: new filter, old clicks; 4.1.2.3 Ad network check: old filter, new clicks; 4.1.3 What do Fraudsters Know?; 4.2 Web Security Remediation Efforts; 4.2.1 Introduction; 4.2.2 The Multitude of Web Browser Security Mechanisms; 4.2.2.1 Web browser-based built-in security mechanisms; 4.2.2.2 Selectively invocable browser-based security mechanisms; 4.2.2.3 Advanced browser-based web security mechanisms; 4.2.3 Where do we go from Here? 4.3 Content-Sniffing XSS Attacks: XSS with Non-HTML Content4.3.1 Introduction; 4.3.2 Content-Sniffing XSS Attacks; 4.3.2.1 Content-sniffing; 4.3.2.2 A detailed view of content-sniffing XSS attacks; 4.3.2.3 Why do mismatches happen?; 4.3.2.4 Finding content-sniffing XSS attacks; 4.3.2.5 Example 1: Under the hood of the HotCRP attack; 4.3.2.6 Example 2: An attack on wikipedia; 4.3.3 Defenses; 4.3.3.1 Server-side defenses; 4.3.3.2 Secure content-sniffing; 4.3.3.3 Adoption; 4.3.4 Conclusion; 4.4 Our Internet Infrastructure at Risk; 4.4.1 Introduction; 4.4.2 The Political Structure
4.4.3 The Domain
English