因特尔死亡 英文PDF|Epub|txt|kindle电子书版本网盘下载

因特尔死亡 英文PDF格式电子书版下载

注意：本站所有压缩包均有解压码： 点击下载压缩包解压工具

Chapter 1 What Could Kill the Internet? And so What?3

Chapter 2 It is About People7

2.1 Human and Social Issues&Markus Jakobsson7

2.1.1 Nigerian Scams8

2.1.2 Password Reuse9

2.1.3 Phishing11

2.2 Who are the Criminals?&Igor Bulavko13

2.2.1 Who are they?14

2.2.2 Where are they?14

2.2.3 Deep-Dive: Taking a Look at Ex-Soviet Hackers14

2.2.4 Let's try to Find Parallels in the World we Live in16

2.2.5 Crime and Punishment?17

Chapter 3 How Criminals Profit19

3.1 Online Advertising Fraud&Nevena Vratonjic, Mohammad Hossein Manshaei, and Jean-Pierre Hubaux20

3.1.1 Advertising on the Internet20

3.1.2 Exploits of Online Advertising Systems24

3.1.3 Click Fraud25

3.1.4 Malvertising: Spreading Malware via Ads31

3.1.5 Inflight Modification of Ad Traffic33

3.1.6 Adware: Unsolicited Software Ads35

3.1.7 Conclusion36

3.2 Toeing the Line: Legal but Deceptive Service Offers&Markus Jakobsson and Ruilin Zhu36

3.2.1 How Does it Work?37

3.2.2 What do they Earn?37

3.3 Phishing and Some Related Attacks&Markus Jakobsson and William Leddy39

3.3.1 The Problem is the User39

3.3.2 Phishing39

3.3.3 Man-in-the-Middle40

3.3.4 Man-in-the-Browser41

3.3.5 New Attack: Man-in-the-Screen42

3.4 Malware: Current Outlook&Members of the BITS Security Working Group and staff leads Greg Rattrayand Andrew Kennedy43

3.4.1 Malware Evolution43

3.4.2 Malware Supply and Demand49

3.5 Monetization&Markus Jakobsson54

Chapter 4 How Things Work and Fail59

4.1 Online Advertising: With Secret Security&Markus Jakobsson60

4.1.1 What is a Click?60

4.1.2 How Secret Filters are Evaluated63

4.1.3 What do Fraudsters Know?64

4.2 Web Security Remediation Efforts&Jeff Hodges and Andy Steingruebl65

4.2.1 Introduction65

4.2.2 The Multitude of Web Browser Security Mechanisms66

4.2.3 Where do we go from Here?78

4.3 Content-Sniffing XSS Attacks: XSS with Non-HTML Content&Juan Caballero, Adam Barth, and Dawn Song78

4.3.1 Introduction78

4.3.2 Content-Sniffing XSS Attacks80

4.3.3 Defenses88

4.3.4 Conclusion93

4.4 Our Internet Infrastructure at Risk&Garth Bruen93

4.4.1 Introduction93

4.4.2 The Political Structure94

4.4.3 The Domain96

4.4.4 WHOIS: Ownership and Technical Records98

4.4.5 Registrars: Sponsors of Domain Names100

4.4.6 Registries: Sponsors of Domain Extensions101

4.4.7 CCTLDs: The Sovereign Domain Extensions103

4.4.8 ICANN: The Main Internet Policy Body104

4.4.9 Conclusion106

4.5 Social Spam&Dimitar Nikolov and Filippo Menczer108

4.5.1 Introduction108

4.5.2 Motivations for Spammers110

4.5.3 Case Study: Spam in the GiveALink Bookmarking System113

4.5.4 Web Pollution120

4.5.5 The Changing Nature of Social Spam: Content Farms121

4.5.6 Conclusion122

4.6 Understanding CAPTCHAs and Their Weaknesses&Elie Bursztein122

4.6.1 What is a Captcha?123

4.6.2 Types of Captchas123

4.6.3 Evaluating Captcha Attack Effectiveness124

4.6.4 Design of Captchas124

4.6.5 Automated Attacks129

4.6.6 Crowd-Sourcing: Using Humans to Break Captchas134

4.7 Security Questions&Ariel Rabkin136

4.7.1 Overview137

4.7.2 Vulnerabilities139

4.7.3 Variants and Possible Defenses143

4.7.4 Conclusion145

4.8 Folk Models of Home Computer Security&Rick Wash and Emilee Rader146

4.8.1 The Relationship Between Folk Models and Security146

4.8.2 Folk Models of Viruses and Other Malware148

4.8.3 Folk Models of Hackers and Break-Ins152

4.8.4 Following Security Advice156

4.8.5 Lessons Learned159

4.9 Detecting and Defeating Interception Attacks Against SSL&Christopher Soghoian and Sid Stamm160

4.9.1 Introduction160

4.9.2 Certificate Authorities and the Browser Vendors161

4.9.3 Big Brother in the Browser164

4.9.4 Compelled Assistance165

4.9.5 Surveillance Appliances166

4.9.6 Protecting Users166

4.9.7 Threat Model Analysis170

4.9.8 Related Work173

4.9.9 Conclusion175

Chapter 5 The Mobile Problem177

5.1 Phishing on Mobile Devices&Adrienne Porter Felt and David Wagner177

5.1.1 The Mobile Phishing Threat178

5.1.2 Common Control Transfers181

5.1.3 Phishing Attacks186

5.1.4 Web Sender → Mobile Target190

5.1.5 Web Sender → Web Target192

5.1.6 Attack Prevention193

5.2 Why Mobile Malware will Explode&Markus Jakobsson and Mark Grandcolas193

5.2.1 Nineteen Eighty-Six: When it all Started194

5.2.2 A Glimpse of Users194

5.2.3 Why Market Size Matters194

5.2.4 Financial Trends195

5.2.5 Mobile Malware Outlook195

5.3 Tapjacking: Stealing Clicks on Mobile Devices&Gustav Rydstedt, Baptiste Gourdin, Elie Bursztein, and Dan Boneh197

5.3.1 Framing Attacks197

5.3.2 Phone Tapjacking199

5.3.3 Framing Facebook202

5.3.4 Summary and Recommendations203

Chapter 6 The Internet and the Physical World205

6.1 Malware-Enabled Wireless Tracking Networks&Nathaniel Husted and Steven Myers205

6.1.1 Introduction206

6.1.2 The Anatomy of a Modern Smartphone208

6.1.3 Mobile Tracking Networks: A Threat to Smartphones209

6.1.4 Conclusion228

6.2 Social Networking Leaks&Mayank Dhiman and Markus Jakobsson228

6.2.1 Introduction229

6.2.2 Motivations for Using Social Networking Sites229

6.2.3 Trust and Privacy230

6.2.4 Known Issues231

6.2.5 Case Study: Social Networking Leaks in the Physical World234

6.3 Abuse of Social Media and Political Manipulation&Bruno Goncalves, Michael Conover, and Filippo Menczer241

6.3.1 The Rise of Online Grassroots Political Movements241

6.3.2 Spam and Astroturfing242

6.3.3 Deceptive Tactics243

6.3.4 The Truthy System for Astroturf Detection246

6.3.5 Discussion250

Part Ⅱ Thinking About Solutions255

Chapter 7 Solutions to the Problem255

7.1 When and How to Authenticate&Richard Chow, Elaine Shi, Markus Jakobsson, Philippe Golle, Ryusuke Ma-suoka, Jesus Molina, Yuan Niu, and Jeff Song256

7.1.1 Problem Description256

7.1.2 Use Cases257

7.1.3 System Architecture258

7.1.4 User Privacy260

7.1.5 Machine Learning/Algorithms260

7.1.6 User Study262

7.2 Fastwords: Adapting Passwords to Constrained Keyboards&Markus Jakobsson and Ruj Akavipat265

7.2.1 The Principles Behind Fastwords266

7.2.2 Basic Feature Set268

7.2.3 Extended Feature Set270

7.2.4 Sample Stories and Frequencies272

7.2.5 Recall Rates273

7.2.6 Security Analysis274

7.2.7 The Security of Passwords275

7.2.8 Entry Speed279

7.2.9 Implementation of Fastword Entry281

7.2.10 Conclusion282

7.3 Deriving PINs from Passwords&Markus Jakobsson and Debin Liu283

7.3.1 Introduction283

7.3.2 A Brief Discussion of Passwords285

7.3.3 How to Derive PINs from Passwords285

7.3.4 Analysis of Passwords and Derived PINs287

7.3.5 Security Analysis290

7.3.6 Usability Experiments292

7.4 Visual Preference Authentication&Yuan Niu, Markus Jakobsson, Gustav Rydstedt, and Dahn Tamir293

7.4.1 Password Resets294

7.4.2 Security Questions Aren't so Secure294

7.4.3 What is Visual Preference-Based Authentication295

7.4.4 Evaluating Visual Preference-Based Authentication297

7.4.5 Case Study: Visual Blue Moon Authentication298

7.4.6 Conclusion301

7.5 The Deadly Sins of Security User Interfaces&Nathan Good302

7.5.1 Security Applications with Frustrating User Interfaces302

7.5.2 The Four Sins of Security Application User Interfaces304

7.5.3 Consumer Choice: A Security Bugbear305

7.5.4 Security by Verbosity311

7.5.5 Walls of Checkboxes312

7.5.6 All or Nothing Switch314

7.5.7 Conclusion316

7.6 SpoofKiller—Let's Kiss Spoofing Goodbye!&Markus Jakobsson and William Leddy316

7.6.1 A Key to the Solution: Interrupts317

7.6.2 Why can the User Log in to Good Sites, but not Bad Ones?317

7.6.3 What About Sites that are Good ...but not Certified Good?320

7.6.4 SpoofKiller: Under the Hood321

7.6.5 Say we Implement SpoofKiller then What?324

7.7 Device Identification and Intelligence&Ori Eisen324

7.7.1 1995—2001: The Early Years of Device Identification325

7.7.2 2001—2008: Tagless Device Identification Begins327

7.7.3 2008—Present: Private Browsing and Beyond332

7.8 How can we Determine if a Device is Infected or not?&Aurelien Francillon, Markus Jakobsson, and Adrian Perrig335

7.8.1 Why Detection is Difficult335

7.8.2 Setting up an Isolated Environment337

7.8.3 What Could go Wrong?339

7.8.4 Brief Comparison with TrustZone340

7.8.5 Summary341

Chapter 8 The Future343

8.1 Security Needs the Best User Experience&Hampus Jakobsson344

8.1.1 How the User Won Over Features344

8.1.2 So How Come the iPhone Became so Successful?345

8.1.3 A World of Information Anywhere346

8.1.4 Midas' Touch Screens346

8.1.5 New Input, New Opportunities347

8.1.6 Zero-Click and Real-Life User Interfaces348

8.1.7 Privacy and User Interfaces348

8.1.8 It all Comes Together349

8.2 Fraud and the Future&Markus Jakobsson349

References353

Index373