Hacking Connected Cars: Tactics, Techniques, and Procedures

Alissa Knight

  • 出版商: Wiley
  • 出版日期: 2020-03-17
  • 定價: $1,730
  • 售價: 9.0$1,557
  • 語言: 英文
  • 頁數: 250
  • 裝訂: Paperback
  • ISBN: 1119491800
  • ISBN-13: 9781119491804
  • 相關分類: 駭客 Hack
  • 相關翻譯: 車聯網滲透測試 (簡中版)
  • 立即出貨

買這商品的人也買了...

商品描述

A field manual on contextualizing cyber threats, vulnerabilities, and risks to connected cars through penetration testing and risk assessment

Hacking Connected Cars deconstructs the tactics, techniques, and procedures (TTPs) used to hack into connected cars and autonomous vehicles to help you identify and mitigate vulnerabilities affecting cyber-physical vehicles. Written by a veteran of risk management and penetration testing of IoT devices and connected cars, this book provides a detailed account of how to perform penetration testing, threat modeling, and risk assessments of telematics control units and infotainment systems. This book demonstrates how vulnerabilities in wireless networking, Bluetooth, and GSM can be exploited to affect confidentiality, integrity, and availability of connected cars.

Passenger vehicles have experienced a massive increase in connectivity over the past five years, and the trend will only continue to grow with the expansion of The Internet of Things and increasing consumer demand for always-on connectivity. Manufacturers and OEMs need the ability to push updates without requiring service visits, but this leaves the vehicle’s systems open to attack. This book examines the issues in depth, providing cutting-edge preventative tactics that security practitioners, researchers, and vendors can use to keep connected cars safe without sacrificing connectivity.

  • Perform penetration testing of infotainment systems and telematics control units through a step-by-step methodical guide
  • Analyze risk levels surrounding vulnerabilities and threats that impact confidentiality, integrity, and availability
  • Conduct penetration testing using the same tactics, techniques, and procedures used by hackers

From relatively small features such as automatic parallel parking, to completely autonomous self-driving cars—all connected systems are vulnerable to attack. As connectivity becomes a way of life, the need for security expertise for in-vehicle systems is becoming increasingly urgent. Hacking Connected Cars provides practical, comprehensive guidance for keeping these vehicles secure.

商品描述(中文翻譯)

一本關於透過滲透測試和風險評估對連接車輛的網絡威脅、漏洞和風險進行情境化處理的實用手冊。

《Hacking Connected Cars》解構了入侵連接車輛和自動駕駛車輛所使用的戰術、技術和程序(TTPs),以幫助您識別和減輕影響網絡物理車輛的漏洞。本書由一位網絡物聯網設備和連接車輛風險管理和滲透測試的老手撰寫,詳細介紹了如何進行滲透測試、威脅建模和風險評估的遙控控制單元和信息娛樂系統。本書演示了如何利用無線網絡、藍牙和GSM中的漏洞來影響連接車輛的保密性、完整性和可用性。

在過去五年中,乘用車的連接性大幅增加,隨著物聯網的擴展和消費者對始終連接的需求增加,這一趨勢只會繼續增長。製造商和原始設備製造商需要能夠在不需要服務訪問的情況下進行更新,但這也使車輛系統容易受到攻擊。本書深入探討了這些問題,提供了最先進的預防策略,安全從業人員、研究人員和供應商可以使用這些策略來保護連接車輛的安全性,同時不會犧牲連接性。

通過逐步的方法指南,對信息娛樂系統和遙控控制單元進行滲透測試。
分析影響保密性、完整性和可用性的漏洞和威脅的風險水平。

使用黑客使用的相同戰術、技術和程序進行滲透測試。

從自動平行停車等相對較小的功能到完全自主駕駛車輛,所有連接系統都容易受到攻擊。隨著連接性成為生活方式,對車輛系統的安全專業知識的需求變得越來越迫切。《Hacking Connected Cars》提供了實用、全面的指南,以確保這些車輛的安全性。

作者簡介

Alissa Knight has worked in cybersecurity for more than 20 years. For the past ten years, she has focused her vulnerability research into hacking connected cars, embedded systems, and IoT devices for clients in the United States, Middle East, Europe, and Asia. She continues to work with some of the world's largest automobile manufacturers and OEMs on building more secure connected cars.

Alissa is the Group CEO of Brier & Thorn and is also the managing partner at Knight Ink, where she blends hacking with content creation of written and visual content for challenger brands and market leaders in cybersecurity. As a serial entrepreneur, Alissa was the CEO of Applied Watch and Netstream, companies she sold in M&A transactions to publicly traded companies in international markets.

Her passion professionally is meeting and learning from extraordinary leaders around the world and sharing her views on the disruptive forces reshaping global markets. Alissa's long-term goal is to help as many organizations as possible develop and execute on their strategic plans and focus on their areas of increased risk, bridging silos to effectively manage risk across organizational boundaries, and enable them to pursue intelligent risk taking as a means to long-term value creation. You can learn more about Alissa on her homepage at http: //www.alissaknight.com, connect with her on LinkedIn, or follow her on Twitter @alissaknight.

作者簡介(中文翻譯)

Alissa Knight 在資訊安全領域工作超過 20 年。在過去的十年中,她專注於對連接車輛、嵌入式系統和物聯網設備進行漏洞研究,為美國、中東、歐洲和亞洲的客戶提供服務。她繼續與世界上一些最大的汽車製造商和原始設備製造商合作,致力於打造更安全的連接車輛。

Alissa 是 Brier & Thorn 的集團首席執行官,也是 Knight Ink 的管理合夥人。在 Knight Ink,她將黑客技術與創作內容相結合,為資訊安全領域的挑戰者品牌和市場領導者創作文字和視覺內容。作為一位連續創業家,Alissa 曾擔任 Applied Watch 和 Netstream 的首席執行官,這些公司在國際市場上以併購交易的方式被上市公司收購。

她在專業上的熱情是與世界各地的卓越領導者會面並向他們學習,並分享她對重塑全球市場的破壞性力量的看法。Alissa 的長期目標是幫助盡可能多的組織制定和執行戰略計劃,並專注於他們增加風險的領域,打破孤立,跨組織邊界有效管理風險,並使他們能夠追求智能風險承擔作為長期價值創造的手段。您可以在她的主頁 http://www.alissaknight.com 了解更多關於 Alissa 的資訊,也可以在 LinkedIn 上與她聯繫,或在 Twitter 上關注她的帳號 @alissaknight。