Introduction to computer and network security : navigating shades of gray

Guides Students in Understanding the Interactions between Computing/Networking Technologies and Security Issues Taking an interactive, "learn-by-doing" approach to teaching, Introduction to Computer and Network Security: Navigating Shades of Gray gives you a clear course to teach the technical issues related to security. Unlike most computer security books, which concentrate on software design and implementation, cryptographic tools, or networking issues, this text also explores how the interactions between hardware, software, and users affect system security. The book presents basic principles and concepts, along with examples of current threats to illustrate how the principles can either enable or neutralize exploits. Students see the importance of these concepts in existing and future technologies. In a challenging yet enjoyable way, they learn about a variety of technical topics, including current security exploits, technical factors that enable attacks, and economic and social factors that determine the security of future systems. Extensively classroom-tested, the material is structured around a set of challenging projects. Through staging exploits and choosing countermeasures to neutralize the attacks in the projects, students learn: How computer systems and networks operate How to reverse-engineer processes How to use systems in ways that were never foreseen (or supported) by the original developers Combining hands-on work with technical overviews, this text helps you integrate security analysis into your technical computing curriculum. It will educate your students on security issues, such as side-channel attacks, and deepen their understanding of how computers and networks work.

Brief History of Computers, Communications, and Security. Security and Privacy Overview. Cryptography Primer. SSL/TLS-Case Study Project. Securing Networks. Virtual Private Network-Case Study Project. Insertion Attacks. Buffer Overflow-Case Study Project. Polymorphic Virus-Advanced Case Study Project. Web Security. Privacy and Anonymity. Side-Channel Attacks. Digital Rights Management and Copyright. Security Economics. Conclusions. Bibliography. Index.