Communications represent a strategic sector for privacy protection and for personal, company, national and international security. The interception, damage or lost of information during communication can generate material and non material economic damages from both a personal and collective point of view. Giving the reader information relating to all aspects of communications security, this book begins at the base ideas and builds to reach the most advanced and updated concepts. The comprehensive coverage makes the book a one-stop reference for integrated system designers, telecommunication designers, system engineers, system analysts, security managers, technicians, intelligence personnel, security personnel, police, army, private investigators, scientists, graduate and postgraduate students and anyone that needs to communicate in a secure way.
CONTENTS
Chapter 1 Fundamentals of Telecommunications Introduction;
Mode of network operation;
Network hardware;
Network software;
Reference models;
Examples of network;
International entities of the telecommunications world;
The physical layer;
Signals theory;
Transmission over guided media;
Wireless transmission;
Satellite transmission;
Fixed telephone network;
The cellular telephone network;
Data link physical layer;
Medium Access Control sub-layer;
Wireless networks;
Switching in the data link layer;
The network layer;
Routing algorithms;
Congestion control algorithms;
Quality of service;
Connection between networks;
The layer network on the Internet;
The transport layer;
The UDP transport protocol on the Internet;
The TCP transport protocol on the Internet;
Performance on networks;
The session layer;
The presentation layer;
The application layer;
The domain name system;
Email;
The World Wide Web;
Multimedia
Chapter 2 Cryptography Introduction;
General elements of cryptography;
Replacement ciphers and transposition ciphers;
XOR operation;
One-time pad;
Computer algorithms;
Introduction to protocols;
Communication by symmetric cryptography;
One-way functions;
One-way hash functions;
Communication by public-key cryptography;
Hybrid cryptosystems;
Digital signature;
Digital signatures with encryption;
Generation of random or pseudo-random sequences;
Exchange of keys;
Authentication;
Authentication and key exchange;
Multiple public-key cryptography;
Division of a secret;
Secret sharing;
Cryptographic protection of archives;
Stamping services;
Delegated signature;
Group signature;
Key escrow;
Digitally certified email;
Length of the symmetric key;
Public-key length;
Comparison between the length of the symmetric key and the length of the public key;
Birthday attacks in relation to one-way functions;
Optimal key length;
Key management;
Key generation;
Key transfer;
Key verification;
Using keys;
Key update;
Key storage;
Compromising of keys;
Lifespan of keys;
Destruction of keys;
Key management in public-key systems;
Algorithm types and modes;
Use of algorithms;
Elements of basic maths for cryptography;
Information theory;
Complexity theory;
Numbers theory;
Factorisation;
The generation of prime numbers;
Discrete logarithms in finite fields;
Data Encryption Standard;
The DES algorithm;
Security of DES;
Differential and linear analysis;
DES variants;
Other block ciphers;
Cipher combination;
Double encryption;
Triple encryption;
Whitening;
Cascading;
Pseudo-random sequence generators and flow ciphers;
Congruent linear generators;
Linear shift records with feedback;
Design and analysis of stream ciphers;
Stream ciphers based on LFSR;
A5 stream cipher;
Additive generators;
PKZIP, Design of stream ciphers;
Generation of multiple streams from a single pseudo-random generator;
Real random sequence generator;
Random noise;
Computer clock;
Keyboard latency typing;
Polarisation and correlation;
Distillation of randomness;
One-way hash functions;
Use of the symmetric block algorithms for generation of one-way hash functions;
Use of public-key algorithms for the generation of one-way hash functions;
Message authentication code;
Advanced Encryption Standard;
Introduction to AES;
Preliminary concepts;
Description of the algorithm;
Rational schema;
Encryption;
Key expansion function;
Decryption;
Security;
Public-key algorithms;
The RSA algorithm;
Elliptic curve cryptosystems;
Other public-key cryptosystems;
Public-key algorithms for digital signature;
Digital signature algorithm;
Digital signature via discrete logarithms;
Other algorithms for digital signature;
Algorithms for the exchange of keys;
Diffie - Hellman;
Station - station protocol;
Exchange of encrypted keys;
Quantum cryptography;
Practical applications;
Management protocol of secret IBM keys;
STU-III;
Kerberos;
Kryptonight;
SESAME;
IBM common cryptographic architecture;
ISO Authentication;
Privacy Enhanced Mail;
TIS/PEM;
Message Security Protocol;
Pretty Good Privacy;
Smart card;
Public-key cryptographic standards;
CLIPPER;
CAPSTONE;
Other systems
Chapter 3 Steganography Introduction;
History of steganography;
The Egyptians;
The Greeks;
The Chinese;
Gaspar Schott;
Johannes Trithemius;
Giovanni Porta;
GirolamoCardano;
Blaise de Vigenere;
Auguste Kerckhoffs;
Bishop John Wilkins;
Mary Queen of Scots;
George Washington;
Air mail by pigeons in Paris in 1870;
The First World War;
The Second World War;
The Vietnam War;
Margaret Thatcher;
Principles of steganography;
The background to secret communication;
Steganographic security systems;
The concealment of information in data noise;
Adaptive and non-adaptive algorithms;
Active and malicious hackers;
Concealment of information within written text;
Examples of invisible communication;
The principal steganographic techniques;
Preliminary definitions;
Substitution methods;
Methods for domain transformation;
Spread spectrum methods;
Statistical methods;
Distortion methods;
Steganalysis;
Practical examples;
Cryptapix;
Data stash;
Hermeticstego;
Hide in picture - Blowfish;
Hide in picture - Rijndael;
OpenPuff;
S tools - Data Encryption Standard (DES);
International Data Encryption Algorithm (IDEA);
S tools - MDC;
S tools - Triple DES;
SilentEye
Chapter 4 Digital Watermarking Introduction;
History and terminology;
Basic principles;
Applications;
Algorithm requirements;
Evaluation of systems;
Watermark removal algorithms;
Future evolution and standardization;
Watermarking technologies;
Selection of pixels or blocks;
Work selection space;
Formatting of the watermarking signal;
Fusion of the message in the document to be watermarked;
Optimisation of the watermark detector;
Watermarking of video images;
Strength requirements;
Signal decrease;
Malfunction of the watermarking detector;
Watermark counterfeiting;
Watermark detection;
System architectures;
Digital fingerprint
Chapter 5 Security in Wired Networks Introduction;
Introduction to security policies and risk analysis;
Firewall;
Design of a firewall;
Limits of firewalls;
Risk regions;
Introduction to firewalls;
Types of firewalls;
Firewall architectures;
Further types of firewalls;
Firewall selection;
Further firewall considerations;
Location of firewalls;
Network security assessments;
The S-HTTP protocol;
Introduction to S-HTTP;
Digital signatures in S-HTTP;
Secure Socket Layer;
Features of browsers and SSL servers;
Tunnels in firewalls and SSL;
S/MIME: secure extensions;
Intrusion detection;
Installation of an IDS on a host;
IDS fusion;
Configuration of an IDS;
Network attacks;
Denial-of-service attack;
Number sequence anticipation attack;
TCP protocol hijack;
Sniffer attack;
Active desynchronisation attack;
Spoofing attack;
Hyperlink spoofing;
Web spoofing;
Authentication;
Virtual Private Networks;
The choice of a VPN;
Various VPN solutions;
Setting up a VPN;
The exchange of Kerberos keys on distributed systems;
Ticket flags;
Kerberos archive;
Vulnerability of Kerberos;
Security of commercial transactions on the Internet;
Use of credit cards on the Internet;
The Secure Electronic Transmission protocol;
Audit trails;
Java language and related security aspects;
Web browser security;
Simple attacks on Web browsers;
ActiveX components and associated security issues;
Web cookies;
Scripts and security issues;
CGI scripts;
The languages used for creating scripts;
Perl language;
CGI scripts and security issues;
Computer viruses and security policies;
Replication;
Concealment;
Bomb;
Worm virus;
Trojan horses;
Virus prevention;
Virus protection;
Analysis of attacks;
Execution of the attack;
Prevention of attacks;
Disaster prevention and recovery;
Division of disasters;
Network disasters;
Server disasters;
Disaster simulation;
Network security policy
Chapter 6 Security of Wireless Networks Introduction;
Introduction to wireless networks;
The propagation of electromagnetic waves;
The signal-to-noise ratio;
The main players that operate on wireless;
Risks and threats in the wireless industry;
Objectives of the information theory;
Analysis;
Spoofing;
Denial-of-service;
Malicious codes;
Social engineering;
Rogue access points;
Security of cellular telephony;
Hacking and hackers in the wireless industry;
Radio frequency identification;
Wireless technologies in the physical layer;
The industrial, scientific and medical band;
Modulation techniques used;
Frame management in the wireless industry;
Beacon;
Probe request;
Probe response;
Authentication;
Association request;
Association response;
Disassociation and de-authentication;
Carrier sense multiple access/collision avoidance;
Fragmentation;
Distributed coordination function;
Point coordination function;
Interframe spacing;
Service set identifier;
Local wireless networks and personal wireless networks;
Ad hoc mode;
Infrastructure mode;
Bridging;
Repeater;
Mesh networks;
Wireless LAN standards;
Personal area networks;
Wireless WAN technology;
Cellular phone technology;
GPS technology;
TETRA technology;
Wireless Application Protocol;
Wireless antennae;
Introduction to antennae for wireless devices;
Fresnel zone;
Types of antennae;
The implementation of wireless networks;
Requirement acquisition;
Cost estimate;
Evaluation of investment;
Site analysis;
Network design;
Device verification;
Development and installation;
Certification;
Audit;
Wireless devices;
Access points;
Mobile user devices;
The security of wireless LANS;
History of wireless security;
Authentication;
SSID;
Foundations of wireless security;
WEP;
802.1x;
RADIUS;
EAP;
WPA;
WPA2;
WAPI;
Detection of false access points;
Violation of wireless security;
The process of attack;
Breach technologies;
Access point breach techniques;
Wireless security policies;
Introduction to security policies;
Drafting of security policies;
Risk assessment;
Impact analysis;
The areas of wireless security policies;
Wireless security architectures;
Static WEP;
VPN;
Wireless gateway;
802.1x;
Comparison between the different wireless architectures;
Wireless tools;
Scanning tools;
Sniffing tools;
Hybrid tools;
DoS tools;
Cracking tools;
Access points attack tools;
Security tools
Chapter 7 Voice Security Introduction;
Characteristics of the spoken language;
The structure of language;
Phonemes and phones;
Voice configuration;
The classic source - filter model;
The general source - filter model;
Linear prediction modeling;
The transmission of voice signals;
Voice signal encryption;
Voice signal analogue encryption;
Digital encryption of voice signals;
Voice source encoding;
The formant vocoder;
The channel vocoder;
The vocoder based on linear prediction;
The sinusoidal model;
Standards;
Voice cryptanalysis;
Tools and parameters for voice cryptanalysis;
Using the spectrograph for cryptanalysis;
Analogue methods;
Cryptanalysis of digital ciphers;
Linear prediction vocoder cryptanalysis;
VoIP systems security
Chapter 8 Protection from Bugging Introduction;
Devices for environmental bugging;
Bugging devices and miniature cameras;
Directional microphones;
Environmental bugging using laser devices;
Trackers using GPS technology;
Mobile phone bugging devices;
Other devices;
Stethoscopic microphones;
Miniature audio and video recorders;
Keystroke recorders on a computer keyboard (key catcher);
Bugging software for computers;
Portable document scanners;
Devices and techniques for protection against environmental bugging;
Scanners;
Broadband bugging device detectors;
Bugging device detectors based on cellular technology;
Spectrum analysers;
Multifunction spectrum analysers;
Multifunction devices;
Non-linear junction detectors;
Hidden miniature camera detectors;
Wireless remote camera detectors;
Electromagnetic jammers;
Jammers for audio devices;
Jammers for laser beam bugging devices;
Encrypted phones;
Software utilities;
Procedures and guidelines for suspected environmental bugging
新书报道