Implementing Enterprise Cyber Security with Open-Source Software and Standard Architecture: Volume II
Handa, Anand, Negi, Rohit, Venkatesan, S.
- 出版商: Charles River Media
- 出版日期: 2023-07-27
- 售價: $5,530
- 貴賓價: 9.5 折 $5,254
- 語言: 英文
- 頁數: 246
- 裝訂: Hardcover - also called cloth, retail trade, or trade
- ISBN: 8770227950
- ISBN-13: 9788770227957
-
相關分類:
資訊安全
下單後立即進貨 (約1週~2週)
相關主題
商品描述
Cyber security is one of the most critical problems faced by enterprises, government organizations, education institutes, small and medium scale businesses, and medical institutions today. Creating a cyber security posture through proper cyber security architecture, deployment of cyber defense tools, and building a security operation center are critical for all such organizations given the preponderance of cyber threats. However, cyber defense tools are expensive, and many small and medium-scale business houses cannot procure these tools within their budgets. Even those business houses that manage to procure them cannot use them effectively because of the lack of human resources and the knowledge of the standard enterprise security architecture. In 2020, the C3i Center at the Indian Institute of Technology Kanpur developed a professional certification course where IT professionals from various organizations go through rigorous six-month long training in cyber defense. During their training, groups within the cohort collaborate on team projects to develop cybersecurity solutions for problems such as malware analysis, threat intelligence collection, endpoint detection and protection, network intrusion detection, developing security incidents, event management systems, etc. All these projects leverage open-source tools, and code from various sources, and hence can be also constructed by others if the recipe to construct such tools is known. It is therefore beneficial if we put these recipes out in the form of book chapters such that small and medium scale businesses can create these tools based on open-source components, easily following the content of the chapters. In 2021, we published the first volume of this series based on the projects done by cohort 1 of the course. This volume, second in the series has new recipes and tool development expertise based on the projects done by cohort 3 of this training program. This volume consists of nine chapters that describe experience and know-how of projects in malware analysis, web application security, intrusion detection system, and honeypot in sufficient detail so they can be recreated by anyone looking to develop home grown solutions to defend themselves from cyber-attacks.
商品描述(中文翻譯)
網絡安全是企業、政府機構、教育機構、中小型企業和醫療機構今天面臨的最嚴重問題之一。對於所有這些組織來說,通過適當的網絡安全架構、部署網絡防禦工具和建立安全操作中心來建立網絡安全姿態至關重要,鑑於網絡威脅的普遍存在。然而,網絡防禦工具昂貴,許多中小型企業無法在預算內購買這些工具。即使那些成功購買這些工具的企業也因缺乏人力資源和對標準企業安全架構的了解而無法有效使用它們。在2020年,印度坎普爾印度理工學院的C3i中心開發了一個專業認證課程,各組織的IT專業人員需要接受為期六個月的嚴格培訓,學習網絡防禦知識。在培訓期間,同一組的成員合作進行團隊項目,開發針對惡意軟件分析、威脅情報收集、端點檢測和保護、網絡入侵檢測、開發安全事件和事件管理系統等問題的網絡安全解決方案。所有這些項目都利用了開源工具和來自不同來源的代碼,因此如果知道構建這些工具的方法,其他人也可以構建它們。因此,如果我們將這些方法以書籍章節的形式公開,那麼中小型企業可以根據章節的內容輕鬆地基於開源組件創建這些工具。在2021年,我們根據該課程第一組的項目發布了這個系列的第一卷。這個第二卷基於該培訓計劃第三組的項目,提供了新的方法和工具開發專業知識。這本書包含九個章節,詳細描述了惡意軟件分析、網絡應用安全、入侵檢測系統和蜜罐等項目的經驗和專業知識,以便任何希望開發自家解決方案來防禦網絡攻擊的人可以根據這些章節的內容重新創建這些項目。
作者簡介
Anand Handa is a senior research engineer with the C3i Center at the Indian Institute of Technology Kanpur. His research interests are in the intersection of machine learning and cybersecurity. His role at C3i involves working on projects having malware analysis, memory forensics and intrusion detection systems as a significant component.
Rohit Negi is the lead engineer and chief security architect of the C3i Center - a center for cybersecurity and cyber defense of critical infrastructures at the Indian Institute of Technology Kanpur. His research is in the field of cybersecurity of cyber-physical systems.
S. Venkatesan is an Associate Professor at the Department of Information Technology at the Indian Institute of Information Technology Allahabad (IIITA). He heads IIITA's C3iHub IoT Security Lab and is a member of the Network Security and Cryptography (NSC) Group. He has authored several research papers published in reputed journals and presented at conferences. His research interests include network security, cloud computing, social network privacy, mobile agent security, applied cryptography, and blockchain.
Sandeep K. Shukla is a professor of Computer Science and Engineering with the Indian Institute of Technology. He is an IEEE Fellow, ACM distinguished scientist, and subject matter expert in Cybersecurity of cyber-physical systems and blockchain technology. He is a recipient of various prestigious honours, and he serves as a joint coordinator for the C3I Centre and the National Blockchain Project at IIT Kanpur, India.
作者簡介(中文翻譯)
Anand Handa是印度坎普爾印度理工學院C3i中心的高級研究工程師。他的研究興趣涉及機器學習和網絡安全的交叉領域。他在C3i的角色包括參與具有惡意軟件分析、內存取證和入侵檢測系統等重要組成部分的項目。
Rohit Negi是印度坎普爾印度理工學院C3i中心的首席工程師和首席安全架構師,該中心是一個專注於關鍵基礎設施的網絡安全和網絡防禦的中心。他的研究領域是關於網絡物理系統的網絡安全。
S. Venkatesan是印度信息技術研究所阿拉哈巴德分校(IIITA)信息技術系的副教授。他負責IIITA的C3iHub物聯網安全實驗室,並且是網絡安全和密碼學(NSC)小組的成員。他在知名期刊上發表了多篇研究論文並在會議上發表。他的研究興趣包括網絡安全、雲計算、社交網絡隱私、移動代理安全、應用密碼學和區塊鏈。
Sandeep K. Shukla是印度理工學院的計算機科學和工程學教授。他是IEEE Fellow、ACM杰出科學家,也是網絡物理系統和區塊鏈技術的專家。他獲得了多個重要榮譽,並且擔任印度坎普爾印度理工學院C3I中心和國家區塊鏈項目的聯合協調人。