Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Cyber denial, deception and counter deception : a framework for supporting active cyber defense
Heckman K., Stech F., Thomas R., Schmoker B., Tsow A., Springer Publishing Company, Incorporated, New York, NY, 2015. 251 pp. Type: Book (978-3-319251-31-8)
Date Reviewed: Mar 25 2016

This appropriately titled book belongs on the bookshelf of information security (InfoSec) professionals everywhere. Cyber denial, cyber deception, and other related topics are core issues affecting InfoSec at both tactical and strategic levels. The authors of this book are practitioners with both practical and theoretical knowledge coupled with the ability to write succinctly and effectively.

After a brief introductory chapter, there is an interesting chapter on how denial and deception have been used historically and how this motivates its application in computing. The third chapter addresses cyber kill chains and deception chains before looking at intrusion campaigns with a focus on tactics, techniques, and procedures (TTPs). There are two case studies in the fourth chapter: the Stuxnet campaign against the Iranian nuclear program and a hypothetical (yet realistic) espionage scenario based on an advanced persistent threat (APT). That second scenario and the following chapter look at Red (attacker)/Blue (defender) team exercises on practicing cyber-D&D (denial and deception). Chapters 6 and 7 look at key considerations, adaptation, and countering D&D. Chapters 8 and 9 introduce a framework for a cyber-D&D maturity model before presenting a spiral life cycle management approach. Chapter 10 concludes the body of the text with a look to the future and other closing thoughts.

There are five helpful appendices provided after the body of the text. The first appendix provides an important taxonomy for cyber-D&D that covers malicious actor usage and defender usage, followed by more specific classifications with related explanations. It is an excellent reference for a number of key concepts in the book. The second appendix has checklists for creating false virtual persona. The third appendix lists some maxims for offensive deception operations and their adaptation to defensive cyber-D&D. The fourth appendix addresses both historical and recent research on components for a mature D&D capability. The last appendix gives a brief list of acronyms plus a rather complete glossary of terms one typically encounters in the D&D literature. Extensive relevant references follow the appendices, and many helpful figures and tables are provided throughout.

This noteworthy book is very well organized and presented. It can be skimmed or studied in depth, depending on the needs of the reader. In my opinion, this book is important for virtually everyone in the InfoSec world and is a valuable resource for practitioners as well as researchers.

Reviewer:  M. G. Murphy Review #: CR144263 (1606-0399)
Bookmark and Share
  Reviewer Selected
Featured Reviewer
 
 
Security and Protection (K.6.5 )
 
 
Abuse And Crime Involving Computers (K.4.1 ... )
 
 
Frameworks (D.3.3 ... )
 
 
Language Constructs and Features (D.3.3 )
 
 
Public Policy Issues (K.4.1 )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
CIRCAL and the representation of communication, concurrency, and time
Milne G. ACM Transactions on Programming Languages and Systems 7(2): 270-298, 1985. Type: Article
Oct 1 1985
Computer security risk management
Palmer I., Potter G., Van Nostrand Reinhold Co., New York, NY, 1989. Type: Book (9780442302900)
Apr 1 1991
Computers at risk
, National Academy Press, Washington, DC, 1991. Type: Book (9780309043885)
Oct 1 1991
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy