相關主題
商品描述
In today's digitally interconnected world, the threat landscape has evolved to include not just sophisticated technical exploits but also the art of human manipulation. Social engineering attacks have emerged as a formidable and often underestimated threat to information security. The primary aim of this textbook is to provide a comprehensive and in-depth exploration of social engineering attacks. The book seeks to equip cybersecurity professionals, IT practitioners, students, and anyone concerned with information security with the knowledge and tools needed to recognize, prevent, and mitigate the risks posed by social engineering. The scope of this textbook is broad and multifaceted. It covers a wide range of social engineering attack vectors, including phishing, vishing, pretexting, baiting, tailgating, impersonation, and more. Each attack vector is dissected, with detailed explanations of how they work, real-world examples, and countermeasures.
Key Features
- Comprehensive Coverage: Thorough exploration of various social engineering attack vectors, including phishing, vishing, pretexting, baiting, quid pro quo, tailgating, impersonation, and more.
- Psychological Insights: In-depth examination of the psychological principles and cognitive biases that underlie social engineering tactics. - Real-World Case Studies: Analysis of real-world examples and high-profile social engineering incidents to illustrate concepts and techniques.
- Prevention and Mitigation: Practical guidance on how to recognize, prevent, and mitigate social engineering attacks, including security best practices.
- Ethical Considerations: Discussion of ethical dilemmas and legal aspects related to social engineering that emphasizes responsible use of knowledge.
This comprehensive textbook on social engineering attacks provides a deep and practical exploration of this increasingly prevalent threat in cybersecurity. It covers a wide array of attack vectors, including phishing, vishing, pretexting, and more, offering readers an in-depth understanding of how these attacks work. The book delves into the psychology behind social engineering and examines the cognitive biases and emotional triggers that make individuals susceptible. Real-world case studies illustrate concepts and techniques while practical guidance equips readers with the knowledge to recognize, prevent, and mitigate social engineering threats.
商品描述(中文翻譯)
在當今數位互聯的世界中,威脅環境已經演變,不僅包括複雜的技術漏洞,還包括人類操控的藝術。社會工程攻擊已成為一種強大且常被低估的信息安全威脅。本教科書的主要目的是提供對社會工程攻擊的全面且深入的探討。這本書旨在為網絡安全專業人士、IT從業者、學生以及任何關心信息安全的人士提供識別、預防和減輕社會工程所帶來的風險所需的知識和工具。本教科書的範圍廣泛且多面向,涵蓋了各種社會工程攻擊向量,包括釣魚攻擊(phishing)、語音釣魚(vishing)、預設(pretexting)、誘餌(baiting)、尾隨(tailgating)、冒充(impersonation)等。每個攻擊向量都被詳細剖析,並提供其運作方式的詳細解釋、實際案例和對策。
主要特點
- 全面覆蓋:徹底探討各種社會工程攻擊向量,包括釣魚攻擊、語音釣魚、預設、誘餌、互惠(quid pro quo)、尾隨、冒充等。
- 心理洞察:深入檢視社會工程策略背後的心理原則和認知偏見。
- 實際案例研究:分析實際案例和高調的社會工程事件,以說明概念和技術。
- 預防與減輕:提供實用指導,幫助識別、預防和減輕社會工程攻擊,包括安全最佳實踐。
- 道德考量:討論與社會工程相關的道德困境和法律方面,強調負責任地使用知識。
這本關於社會工程攻擊的全面教科書,對這一日益普遍的網絡安全威脅提供了深入且實用的探討。它涵蓋了各種攻擊向量,包括釣魚攻擊、語音釣魚、預設等,為讀者提供了對這些攻擊運作方式的深入理解。本書深入探討社會工程背後的心理學,並檢視使個體易受影響的認知偏見和情感觸發因素。實際案例研究說明了概念和技術,而實用指導則使讀者具備識別、預防和減輕社會工程威脅的知識。
作者簡介
DR. GURURAJ H L (Senior Member, IEEE) received the Ph.D. degree in computer science and engineering from Visvesvaraya Technological University India in 2019. He has published more than 200 research articles in peer-reviewed and reputed international journals. He has authored 15 Edited books in Springer, IET, IGI Global and Taylor & Francis. He has presented more than 100 papers at various international conferences. He is a Senior Member of ACM. He received a Young Scientist International Travel Support ITS-SERB, Department of Science and Technology, Government of India, in December 2016. He was a recipient of best paper awards at various national and international conferences. He was appointed as an ACM Distinguish Speaker (2018-2021) by the ACM U.S. Council. He has honoured as Keynote Speaker, Session chair, TPC member, Advisory committee member at International Seminars, Workshops and Conferences across Globe. Prof. Gururaj's research interests are Applications in Machine and federated Learning, data mining, Blockchain and cyber security.
Dr. Janhavi V received the Ph.D. degree in computer science and engineering from Visvesvaraya Technological University India. She is currently working as an Associate Professor in the department of CS&E at Vidyavardhaka College of Engineering, Mysuru. She has published many research articles in peer-reviewed and reputed international journals.
Ambika V has completed her M. Tech in Computer Network Engineering from Visvesvaraya Technological University. She is currently working as an Assistant Professor in the Department of Bachelor of Computer Applications at Mysore Institute of Commerce and Arts, Mysuru, Karnataka. She has published various research papers in various reputed international journals and conferences. Her areas of interest include Computer Networks, Cybersecurity, Information security and Cryptography.
作者簡介(中文翻譯)
古魯拉吉·H·L博士(IEEE資深會員)於2019年獲得印度維斯維斯瓦拉亞科技大學的計算機科學與工程博士學位。他在同行評審的國際期刊上發表了超過200篇研究文章,並在Springer、IET、IGI Global和Taylor & Francis出版了15本編輯書籍。他在各種國際會議上發表了超過100篇論文。他是ACM的資深會員。2016年12月,他獲得了印度科學與技術部的青年科學家國際旅行支持(ITS-SERB)。他在多個國內外會議上獲得最佳論文獎。他被ACM美國委員會任命為ACM傑出演講者(2018-2021)。他在全球的國際研討會、工作坊和會議中擔任主題演講者、會議主席、程序委員會成員和諮詢委員會成員。古魯拉吉教授的研究興趣包括機器學習和聯邦學習的應用、數據挖掘、區塊鏈和網絡安全。
詹哈維·V博士獲得了印度維斯維斯瓦拉亞科技大學的計算機科學與工程博士學位。她目前在邁索爾的維迪亞瓦爾達卡工程學院的計算機科學與工程系擔任副教授。她在同行評審的國際期刊上發表了多篇研究文章。
安比卡·V在維斯維斯瓦拉亞科技大學完成了計算機網絡工程的碩士學位。她目前在邁索爾商業與藝術學院的計算機應用學士系擔任助理教授。她在多個知名國際期刊和會議上發表了各種研究論文。她的研究興趣包括計算機網絡、網絡安全、信息安全和密碼學。
