Reverse Deception: Organized Cyber Threat Counter-Exploitation (129 page)

Read Reverse Deception: Organized Cyber Threat Counter-Exploitation Online

Authors: Sean Bodmer

Tags: #General, #security, #Computers

BOOK: Reverse Deception: Organized Cyber Threat Counter-Exploitation
10.13Mb size Format: txt, pdf, ePub
D5 (Disrupt, Deny, Degrade, Deceive, and Destroy)
Damballa CSP (Carrier Service Provider) tools
Damballa Failsafe tool
Dasient website
data
        analysis
        capture
        control
        interpreting
        public security sources
        repositories
The Day Before Zero blog
D-Day invasion
DDoS (Distributed Denial of Service)
debriefing techniques
deceit.
See
deception
deception
        ambiguity-decreasing deceptions
        bias and
        centralized planning/control
        “Choice of Types” deception
        conclusion
        considerations
        cowpens
        demonstrations
        described
        displays
        feedback and
        feints
        First US Army Group deception
        focus
        government use of
        “half-empty” perspective
        “half-full” perspective
        human information processing limits
        “Husbanding of Deception Assets,”
        integration
        “Jones Dilemma,”
        key points
        “Magruder’s principle”
        Maskirovka deception
        “Multiple Forms of Surprise”
        necessity of
        objectives
        operational.
See
operational deception
        operations security
        perceptual consistency
        placement of deceptive material
        psychology of
        reasons for
        resources used for
        ruses
        sensory components
        “Sequencing Rule”
        simplicity vs. elaborate stories
        six principles of
        “step-beyond” version
        timeliness
        “totally full” perspective
        traditional
        “two-steps-beyond” version
        unwanted reactions
        vetting
        virtual
deception maxims
deception technologies
deception theme
deductive profiling
defense-in-depth approach
defense-in-depth honeynets
demilitarized zone (DMZ)
demonstrations
Denial of Service (DoS)
Department of Defense (DoD)
Department of Homeland Security (DHS)
derogatory dimension
derogatory terms
Desert Storm
detection
        crimeware/analysis detection systems
        host-based tools
        network-based tools
detection technologies
DHCP (Dynamic Host Control Protocol)
DHS (Department of Homeland Security)
dialectical approach
differentiation
digital devices
digital forensics tools
“digital individual”
disinformation
disorganized offenders
displays
Disrupt, Deny, Degrade, Deceive, and Destroy (D5)
dissemination rules
Distributed Denial of Service (DDoS)
distribution provider (infector)
DLL (Dynamic Link Library)
Dmoz.org
website
DMZ (demilitarized zone)
DNS (Domain Name Service)
DNS Blacklist
DNS-BH Malware Domain Blocklist
DoD (Department of Defense)
Domain Name Service.
See
DNS
domain names
“Domino’s theory”
Dorchester Heights
DoS (Denial of Service)
double agent operations
Douglas, John
Dow Chemical
downloads, drive-by
drive-by downloads
dumpster-diving
Dynamic Host Control Protocol (DHCP)
Dynamic Link Library (DLL)

E

education, level of
ego
Eisenhower, Dwight (General)
EKs (exploit kits)
e-mail
        as malware backdoor
        socially engineered
e-mail-based attacks
employees
        dissatisfied
        importance of
        vetting
EnCase tool
Endpoint Protection tool
EndPointSecurity tool
engagements.
See also
attacks
        tactics
        vetting
engrossed
enrolled
enterprise networks
entertainment
espionage
The Ethical Hacker Network
ethics in cyberspace
events
evidence
evidential objects
Executive Order (EO) 12333
Exploit Database
exploit kits (EKs)

F

Facebook
Failsafe tool
fake antivirus (FAV)
Fastcase.com
FAV (fake antivirus)
FBI Academy
FBI Uniform Crime Report
Fear, Uncertainty, and Doubt/Doom (FUD)
Federal Emergency Management Agency (FEMA)
feedback, imporance of
feints
FEMA (Federal Emergency Management Agency)
File Transfer Protocol (FTP)
files
        attachments
        censored
        honeynet setup for
        log.
See
logs
        monitoring
financial gain
financial institutions
financial stream
FindLaw.com
firewalls
First US Army Group (FUSAG)
FISA (Foreign Intelligence Surveillance Act)
FOCA
focus
Foothold APT
foreign intelligence service
Foreign Intelligence Surveillance Act (FISA)
forensic adversary characterization
Forensic Toolkit (FTK)
forensics
forensics tools
FORSCOM (US Army Forces Command)
forums
FTK (Forensic Toolkit)
FTP (File Transfer Protocol)
FUD (Fear, Uncertainty, and Doubt/Doom)
FUSAG (First US Army Group)

G

Other books

My Extraordinary Ordinary Life by Sissy Spacek, Maryanne Vollers
Icing on the Cake by Sheryl Berk
The Book of Murdock by Loren D. Estleman
Intimidator by Cari Silverwood
In the Heart of the City by Cath Staincliffe
The Sweet Edge by Risa Peris
Double Lucky by Jackie Collins