The complexity and severity of the Distributed Denial of Service (DDoS) attacks are increasing day-by-day. The Internet has a highly inconsistent structure in terms of resource distribution. Numerous technical solutions are available, but those involving economic aspects have not been given much consideration. The book, DDoS Attacks - Classification, Attacks, Challenges, and Countermeasures, provides an overview of both types of defensive solutions proposed so far, exploring different dimensions that would mitigate the DDoS effectively and show the implications associated with them. Features: Covers topics that describe taxonomies of the DDoS attacks in detail, recent trends and classification of defensive mechanisms on the basis of deployment location, the types of defensive action, and the solutions offering economic incentives. Introduces chapters discussing the various types of DDoS attack associated with different layers of security, an attacker's motivations, and the importance of incentives and liabilities in any defensive solution. Illustrates the role of fair resource-allocation schemes, separate payment mechanisms for attackers and legitimate users, negotiation models on cost and types of resources, and risk assessments and transfer mechanisms. DDoS Attacks - Classification, Attacks, Challenges, and Countermeasures is designed for the readers who have an interest in the cybersecurity domain, including students and researchers who are exploring different dimensions associated with the DDoS attack, developers and security professionals who are focusing on developing defensive schemes and applications for detecting or mitigating the DDoS attacks, and faculty members across different universities.

'Cyber war is coming,' announced a landmark RAND report in 1993. In 2005, the U.S. Air Force boasted it would now fly, fight, and win in cyberspace, the 'fifth domain' of warfare. This book takes stock, twenty years on: is cyber war really coming? Has war indeed entered the fifth domain?Cyber War Will Not Take Place cuts through the hype and takes a fresh look at cyber security. Thomas Rid argues that the focus on war and winning distracts from the real challenge of cyberspace: non-violent confrontation that may rival or even replace violence in surprising ways.The threat consists of three different vectors: espionage, sabotage, and subversion. The author traces the most significant hacks and attacks, exploring the full spectrum of case studies from the shadowy world of computer espionage and weaponised code. With a mix of technical detail and rigorous political analysis, the book explores some key questions: What are cyber weapons? How have they changed the meaning of violence? How likely and how dangerous is crowd-sourced subversive activity? Why has there never been a lethal cyber attack against a country's critical infrastructure?How serious is the threat of 'pure' cyber espionage, of exfiltrating data without infiltrating humans first? And who is most vulnerable: which countries, industries, individuals?

Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering (CCE) introduces a new methodology to help critical infrastructure owners, operators and their security practitioners make demonstrable improvements in securing their most important functions and processes. Current best practice approaches to cyber defense struggle to stop targeted attackers from creating potentially catastrophic results. From a national security perspective, it is not just the damage to the military, the economy, or essential critical infrastructure companies that is a concern. It is the cumulative, downstream effects from potential regional blackouts, military mission kills, transportation stoppages, water delivery or treatment issues, and so on. CCE is a validation that engineering first principles can be applied to the most important cybersecurity challenges and in so doing, protect organizations in ways current approaches do not. The most pressing threat is cyber-enabled sabotage, and CCE begins with the assumption that well-resourced, adaptive adversaries are already in and have been for some time, undetected and perhaps undetectable. Chapter 1 recaps the current and near-future states of digital technologies in critical infrastructure and the implications of our near-total dependence on them. Chapters 2 and 3 describe the origins of the methodology and set the stage for the more in-depth examination that follows. Chapter 4 describes how to prepare for an engagement, and chapters 5-8 address each of the four phases. The CCE phase chapters take the reader on a more granular walkthrough of the methodology with examples from the field, phase objectives, and the steps to take in each phase. Concluding chapter 9 covers training options and looks towards a future where these concepts are scaled more broadly.

Explaining cybercrime in a highly networked world, this book provides a comprehensive yet accessible summary of the history, modern developments, and efforts to combat cybercrime in various forms at all levels of government-international, national, state, and local. As the exponential growth of the Internet has made the exchange and storage of information quick and inexpensive, the incidence of cyber-enabled criminal activity-from copyright infringement to phishing to online pornography-has also exploded. These crimes, both old and new, are posing challenges for law enforcement and legislators alike. What efforts-if any-could deter cybercrime in the highly networked and extremely fast-moving modern world? Introduction to Cybercrime: Computer Crimes, Laws, and Policing in the 21st Century seeks to address this tough question and enables readers to better contextualize the place of cybercrime in the current landscape. This textbook documents how a significant side effect of the positive growth of technology has been a proliferation of computer-facilitated crime, explaining how computers have become the preferred tools used to commit crimes, both domestically and internationally, and have the potential to seriously harm people and property alike. The chapters discuss different types of cybercrimes-including new offenses unique to the Internet-and their widespread impacts. Readers will learn about the governmental responses worldwide that attempt to alleviate or prevent cybercrimes and gain a solid understanding of the issues surrounding cybercrime in today's society as well as the long- and short-term impacts of cybercrime. Provides accessible, comprehensive coverage of a complex topic that encompasses identity theft to copyright infringement written for non-technical readers Pays due attention to important elements of cybercrime that have been largely ignored in the field, especially politics Supplies examinations of both the domestic and international efforts to combat cybercrime Serves an ideal text for first-year undergraduate students in criminal justice programs

Web applications occupy a large space within the IT infrastructure of a business or a corporation. They simply just don't touch a front end or a back end; today's web apps impact just about every corner of it. Today's web apps have become complex, which has made them a prime target for sophisticated cyberattacks. As a result, web apps must be literally tested from the inside and out in terms of security before they can be deployed and launched to the public for business transactions to occur. The primary objective of this book is to address those specific areas that require testing before a web app can be considered to be completely secure. The book specifically examines five key areas: Network security: This encompasses the various network components that are involved in order for the end user to access the particular web app from the server where it is stored at to where it is being transmitted to, whether it is a physical computer itself or a wireless device (such as a smartphone). Cryptography: This area includes not only securing the lines of network communications between the server upon which the web app is stored at and from where it is accessed from but also ensuring that all personally identifiable information (PII) that is stored remains in a ciphertext format and that its integrity remains intact while in transmission. Penetration testing: This involves literally breaking apart a Web app from the external environment and going inside of it, in order to discover all weaknesses and vulnerabilities and making sure that they are patched before the actual Web app is launched into a production state of operation. Threat hunting: This uses both skilled analysts and tools on the Web app and supporting infrastructure to continuously monitor the environment to find all security holes and gaps. The Dark Web: This is that part of the Internet that is not openly visible to the public. As its name implies, this is the "sinister" part of the Internet, and in fact, where much of the PII that is hijacked from a web app cyberattack is sold to other cyberattackers in order to launch more covert and damaging threats to a potential victim. Testing and Securing Web Applications breaks down the complexity of web application security testing so this critical part of IT and corporate infrastructure remains safe and in operation.

Web applications occupy a large space within the IT infrastructure of a business or a corporation. They simply just don't touch a front end or a back end; today's web apps impact just about every corner of it. Today's web apps have become complex, which has made them a prime target for sophisticated cyberattacks. As a result, web apps must be literally tested from the inside and out in terms of security before they can be deployed and launched to the public for business transactions to occur. The primary objective of this book is to address those specific areas that require testing before a web app can be considered to be completely secure. The book specifically examines five key areas: Network security: This encompasses the various network components that are involved in order for the end user to access the particular web app from the server where it is stored at to where it is being transmitted to, whether it is a physical computer itself or a wireless device (such as a smartphone). Cryptography: This area includes not only securing the lines of network communications between the server upon which the web app is stored at and from where it is accessed from but also ensuring that all personally identifiable information (PII) that is stored remains in a ciphertext format and that its integrity remains intact while in transmission. Penetration testing: This involves literally breaking apart a Web app from the external environment and going inside of it, in order to discover all weaknesses and vulnerabilities and making sure that they are patched before the actual Web app is launched into a production state of operation. Threat hunting: This uses both skilled analysts and tools on the Web app and supporting infrastructure to continuously monitor the environment to find all security holes and gaps. The Dark Web: This is that part of the Internet that is not openly visible to the public. As its name implies, this is the "sinister" part of the Internet, and in fact, where much of the PII that is hijacked from a web app cyberattack is sold to other cyberattackers in order to launch more covert and damaging threats to a potential victim. Testing and Securing Web Applications breaks down the complexity of web application security testing so this critical part of IT and corporate infrastructure remains safe and in operation.

This book investigates the causes and consequences of image-based sexual abuse in a digital era. Image-based sexual abuse refers to the taking or sharing of nude or sexual photographs or videos of another person without their consent. It includes a diversity of behaviours beyond that of "revenge porn", such as the secret trading of nude or sexual images online; "upskirting", "downblousing" and other "creepshots"; blackmail or "sextortion" scams; the use of artificial intelligence to construct "deepfake" pornographic videos; threats to distribute photographs and videos without consent; and the taking or sharing of sexual assault imagery. This book investigates the pervasiveness and experiences of these harms, as well as the raft of legal and non-legal measures that have been introduced to better respond to and prevent image-based sexual abuse. The book draws on groundbreaking empirical research, including surveys in three countries with over 6,000 respondents and over 100 victim-survivor and stakeholder interviews. Guided by theoretical frameworks from gender studies, sociology, criminology, law and psychology, the authors argue that image-based sexual abuse is more commonly perpetrated by men than women, and that perpetration is higher among some groups, including younger and sexuality minority men. Although the motivations of perpetrators vary, a dominant theme to emerge was that of power and control. The gendered nature of the abuse means that it is best understood as a "continuum of sexual violence" because victim-survivors often experience it as part of a broader pattern of gendered harassment, violence and abuse. Written in a clear and direct style, this book will appeal to students and scholars of criminology, sociology, law and psychology. Image-based Sexual Abuse is also an essential resource for activists, legal and policy practitioners, technology companies and victim-survivors seeking to understand the deeply complex nature of intimate-image sharing in a digital era.

In the early 1990s, the First National Bank of Keystone in West Virginia began buying and securitizing subprime mortgages from all over the country, and quickly grew from a tiny bank with just $100 million in assets to over $1.1 billion. For three years, it was listed as the most profitable large community bank in the country. It was all a fraud. All of the securitization deals the bank entered into lost money. To hide that fact, bank insiders started cooking the books, and concealing that they were also embezzling millions of dollars from the bank. This was all hidden from the bank's attorneys and auditors, federal bank examiners, and even the board of directors of the bank. To keep the examiners at bay, the bank insiders did everything possible to avoid giving them access to documents they were entitled to see, documents they knew would sink their scheme. The head of the bank even went so far as to bury four large truckloads of documents in a ditch on her ranch. Robert S. Pasley explores the failure of the First National Bank of Keystone, the intrigue involved, and the lessons that could have been learned-and still can be learned-about how banks operate, how federal banking regulators supervise financial institutions, how agencies interact with one another, and how such failures can be avoided in the future.

Cyber Strategy: Risk-Driven Security and Resiliency provides a process and roadmap for any company to develop its unified Cybersecurity and Cyber Resiliency strategies. It demonstrates a methodology for companies to combine their disassociated efforts into one corporate plan with buy-in from senior management that will efficiently utilize resources, target high risk threats, and evaluate risk assessment methodologies and the efficacy of resultant risk mitigations. The book discusses all the steps required from conception of the plan from preplanning (mission/vision, principles, strategic objectives, new initiatives derivation), project management directives, cyber threat and vulnerability analysis, cyber risk and controls assessment to reporting and measurement techniques for plan success and overall strategic plan performance. In addition, a methodology is presented to aid in new initiative selection for the following year by identifying all relevant inputs. Tools utilized include: Key Risk Indicators (KRI) and Key Performance Indicators (KPI) National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) Target State Maturity interval mapping per initiative Comparisons of current and target state business goals and critical success factors A quantitative NIST-based risk assessment of initiative technology components Responsible, Accountable, Consulted, Informed (RACI) diagrams for Cyber Steering Committee tasks and Governance Boards' approval processes Swimlanes, timelines, data flow diagrams (inputs, resources, outputs), progress report templates, and Gantt charts for project management The last chapter provides downloadable checklists, tables, data flow diagrams, figures, and assessment tools to help develop your company's cybersecurity and cyber resiliency strategic plan.

There are many books that detail tools and techniques of penetration testing, but none of these effectively communicate how the information gathered from tests should be analyzed and implemented. Until recently, there was very little strategic information available to explain the value of ethical hacking and how tests should be performed in order to provide a company with insight beyond a mere listing of security vulnerabilities. Now there is a resource that illustrates how an organization can gain as much value from an ethical hack as possible. The Ethical Hack: A Framework for Business Value Penetration Testing explains the methodologies, framework, and "unwritten conventions" that ethical hacks should employ to provide the maximum value to organizations that want to harden their security. This book is unique in that it goes beyond the technical aspects of penetration testing to address the processes and rules of engagement required for successful tests. It examines testing from a strategic perspective, shedding light on how testing ramifications affect an entire organization. Security practitioners can use this resource to reduce their exposure and deliver a focused, valuable service to customers. Organizations will learn how to align the information about tools, techniques, and vulnerabilities that they gathered from testing with their overall business objectives.

Philosophical and ethical discussions of warfare are often tied to emerging technologies and techniques. Today we are presented with what many believe is a radical shift in the nature of war-the realization of conflict in the cyber-realm, the so-called "fifth domain " of warfare. Does an aggressive act in the cyber-realm constitute an act of war? If so, what rules should govern such warfare? Are the standard theories of just war capable of analyzing and assessing this mode of conflict? These changing circumstances present us with a series of questions demanding serious attention. Is there such a thing as cyberwarfare? How do the existing rules of engagement and theories from the just war tradition apply to cyberwarfare? How should we assess a cyber-attack conducted by a state agency against private enterprise and vice versa? Furthermore, how should actors behave in the cyber-realm? Are there ethical norms that can be applied to the cyber-realm? Are the classic just war constraints of non-combatant immunity and proportionality possible in this realm? Especially given the idea that events that are constrained within the cyber-realm do not directly physically harm anyone, what do traditional ethics of war conventions say about this new space? These questions strike at the very center of contemporary intellectual discussion over the ethics of war. In twelve original essays, plus a foreword from John Arquilla and an introduction, Binary Bullets: The Ethics of Cyberwarfare, engages these questions head on with contributions from the top scholars working in this field today.

The growth of technology allows us to imagine entirely new ways of committing, combating and thinking about criminality, criminals, police, courts, victims and citizens. Technology offers not only new tools for committing and fighting crime, but new ways to look for, unveil, label crimes and new ways to know, watch, prosecute and punish criminals. This book attempts to disentangle the realities, the myths, the politics, the theories and the practices of our new, technology-assisted, era of crime and policing. Technocrime, policing and surveillance explores new areas of technocrime and technopolicing, such as credit card fraud, the use of DNA and fingerprint databases, the work of media in creating new crimes and new criminals, as well as the "proper" way of doing policing, and the everyday work of police investigators and intelligence officers, as seen through their own eyes. These chapters offer new avenues for studying technology, crime and control, through innovative social science methodologies. This book builds on the work of Leman-Langlois' last book Technocrime, and brings together fresh perspectives from eminent scholars to consider how our relationship with technology and institutions of social control are being reframed, with particular emphasis on policing and surveillance. Technocrime, policing and surveillance will be of interest to those studying criminal justice, policing and the sociology of surveillance as well as practitioners involved with the legal aspects of law enforcement technologies, , domestic security government departments and consumer advocacy groups.

Now in its second edition, Cybercrime: Key Issues and Debates provides a valuable overview of this fast-paced and growing area of law. As technology develops and internet-enabled devices become ever more prevalent, new opportunities exist for that technology to be exploited by criminals. One result of this is that cybercrime is increasingly recognised as a distinct branch of criminal law. The book offers readers a thematic and critical overview of cybercrime, introducing the key principles and clearly showing the connections between topics as well as highlighting areas subject to debate. Written with an emphasis on the law in the UK but considering in detail the Council of Europe's important Convention on Cybercrime, this text also covers the jurisdictional aspects of cybercrime in international law. Themes discussed include crimes against computers, property, offensive content, and offences against the person, and, new to this edition, cybercrime investigation. Clear, concise and critical, this book is designed for students studying cybercrime for the first time, enabling them to get to grips with an area of rapid change.

Unique selling point: * Industry standard book for merchants, banks, and consulting firms looking to learn more about PCI DSS compliance. Core audience: * Retailers (both physical and electronic), firms who handle credit or debit cards (such as merchant banks and processors), and firms who deliver PCI DSS products and services. Place in the market: * Currently there are no PCI DSS 4.0 books

Full text online version at www.nyupress.org/netwars.

Who will rule cyberspace? And why should people care? Recently stories have appeared in a variety of news media, from the sensational to the staid, that portray the Internet as full of pornography, pedophilia, recipes for making bombs, lewd and lawless behavior, and copyright violators. And, for politicians eager for votes, or to people who have never strolled the electronic byways, regulating the Net seems as logical and sensible as making your kids wear seat belts. Forget freedom of speech: children can read this stuff.

From the point of view of those on the Net, mass-media's representation of pornography on the Internet grossly overestimates the amount that is actually available, and these stories are based on studies that are at best flawed and at worst fraudulent. To netizens, the panic over the electronic availability of bomb-making recipes and other potentially dangerous material is groundless: the same material is readily available in public libraries. Out on the Net, it seems outrageous that people who have never really experienced it are in a position to regulate it.

How then, should the lines be drawn in the grey area between cyberspace and the physical world? In net.wars, Wendy Grossman, a journalist who has covered the Net since 1992 for major publications such as "Wired, The Guardian," and "The Telegraph," assesses the battles that will define the future of this new venue. From the Church of Scientology's raids on Net users to netizens attempts to overthrow both the Communications Decency Act and the restrictions on the export of strong encryption, net.wars explains the issues and the background behind the headlines. Among the issues covered are net scams, class divisions on the net, privacy issues, the Communications Decency Act, women online, pornography, hackers and the computer underground, net criminals and sociopaths, and more.

Non-Commercial digital piracy has seen an unprecedented rise in the wake of the digital revolution; with wide-scale downloading and sharing of copyrighted media online, often committed by otherwise law-abiding citizens. Bringing together perspectives from criminology, psychology, business, and adopting a morally neutral stance, this book offers a holistic overview of this growing phenomenon. It considers its cultural, commercial, and legal aspects, and brings together international research on a range of topics, such as copyright infringement, intellectual property, music publishing, movie piracy, and changes in consumer behaviour. This book offers a new perspective to the growing literature on cybercrime and digital security. This multi-disciplinary book is the first to bring together international research on digital piracy and will be key reading for researchers in the fields of criminology, psychology, law and business.

Cyber risk has become increasingly reported as a major problem for financial sector businesses. It takes many forms including fraud for purely monetary gain, hacking by people hostile to a company causing business interruption or damage to reputation, theft by criminals or malicious individuals of the very large amounts of customer information ("big data") held by many companies, misuse including accidental misuse or lack of use of such data, loss of key intellectual property, and the theft of health and medical data which can have a profound effect on the insurance sector. This book assesses the major cyber risks to businesses and discusses how they can be managed and the risks reduced. It includes case studies of the situation in different financial sectors and countries in relation to East Asia, Europe and the United States. It takes an interdisciplinary approach assessing cyber risks and management solutions from an economic, management risk, legal, security intelligence, insurance, banking and cultural perspective.

The last twenty years have seen an explosion in the development of information technology, to the point that people spend a major portion of waking life in online spaces. While there are enormous benefits associated with this technology, there are also risks that can affect the most vulnerable in our society but also the most confident. Cybercrime and its victims explores the social construction of violence and victimisation in online spaces and brings together scholars from many areas of inquiry, including criminology, sociology, and cultural, media, and gender studies. The book is organised thematically into five parts. Part one addresses some broad conceptual and theoretical issues. Part two is concerned with issues relating to sexual violence, abuse, and exploitation, as well as to sexual expression online. Part three addresses issues related to race and culture. Part four addresses concerns around cyberbullying and online suicide, grouped together as 'social violence'. The final part argues that victims of cybercrime are, in general, neglected and not receiving the recognition and support they need and deserve. It concludes that in the volatile and complex world of cyberspace continued awareness-raising is essential for bringing attention to the plight of victims. It also argues that there needs to be more support of all kinds for victims, as well as an increase in the exposure and punishment of perpetrators. Drawing on a range of pressing contemporary issues such as online grooming, sexting, cyber-hate, cyber-bulling and online radicalization, this book examines how cyberspace makes us more vulnerable to crime and violence, how it gives rise to new forms of surveillance and social control and how cybercrime can be prevented.

Crime is undergoing a metamorphosis. The online technological revolution has created new opportunities for a wide variety of crimes which can be perpetrated on an industrial scale, and crimes traditionally committed in an offline environment are increasingly being transitioned to an online environment. This book takes a case study-based approach to exploring the types, perpetrators and victims of cyber frauds. Topics covered include: An in-depth breakdown of the most common types of cyber fraud and scams. The victim selection techniques and perpetration strategies of fraudsters. An exploration of the impact of fraud upon victims and best practice examples of support systems for victims. Current approaches for policing, punishing and preventing cyber frauds and scams. This book argues for a greater need to understand and respond to cyber fraud and scams in a more effective and victim-centred manner. It explores the victim-blaming discourse, before moving on to examine the structures of support in place to assist victims, noting some of the interesting initiatives from around the world and the emerging strategies to counter this problem. This book is essential reading for students and researchers engaged in cyber crime, victimology and international fraud.

In the early 1990s, the First National Bank of Keystone in West Virginia began buying and securitizing subprime mortgages from all over the country, and quickly grew from a tiny bank with just $100 million in assets to over $1.1 billion. For three years, it was listed as the most profitable large community bank in the country. It was all a fraud. All of the securitization deals the bank entered into lost money. To hide that fact, bank insiders started cooking the books, and concealing that they were also embezzling millions of dollars from the bank. This was all hidden from the bank's attorneys and auditors, federal bank examiners, and even the board of directors of the bank. To keep the examiners at bay, the bank insiders did everything possible to avoid giving them access to documents they were entitled to see, documents they knew would sink their scheme. The head of the bank even went so far as to bury four large truckloads of documents in a ditch on her ranch. Robert S. Pasley explores the failure of the First National Bank of Keystone, the intrigue involved, and the lessons that could have been learned-and still can be learned-about how banks operate, how federal banking regulators supervise financial institutions, how agencies interact with one another, and how such failures can be avoided in the future.

First Published in 2002. Routledge is an imprint of Taylor & Francis, an informa company.

The growth of technology allows us to imagine entirely new ways of committing, combating and thinking about criminality, criminals, police, courts, victims and citizens. Technology offers not only new tools for committing and fighting crime, but new ways to look for, unveil, label crimes and new ways to know, watch, prosecute and punish criminals. This book attempts to disentangle the realities, the myths, the politics, the theories and the practices of our new, technology-assisted, era of crime and policing. Technocrime, policing and surveillance explores new areas of technocrime and technopolicing, such as credit card fraud, the use of DNA and fingerprint databases, the work of media in creating new crimes and new criminals, as well as the "proper" way of doing policing, and the everyday work of police investigators and intelligence officers, as seen through their own eyes. These chapters offer new avenues for studying technology, crime and control, through innovative social science methodologies. This book builds on the work of Leman-Langlois' last book Technocrime, and brings together fresh perspectives from eminent scholars to consider how our relationship with technology and institutions of social control are being reframed, with particular emphasis on policing and surveillance. Technocrime, policing and surveillance will be of interest to those studying criminal justice, policing and the sociology of surveillance as well as practitioners involved with the legal aspects of law enforcement technologies, , domestic security government departments and consumer advocacy groups.

Security for Software Engineers is designed to introduce security concepts to undergraduate software engineering students. The book is divided into four units, each targeting activities that a software engineer will likely be involved in within industry. The book explores the key areas of attack vectors, code hardening, privacy, and social engineering. Each topic is explored from a theoretical and a practical-application standpoint. Features: Targets software engineering students - one of the only security texts to target this audience. Focuses on the white-hat side of the security equation rather than the black-hat side. Includes many practical and real-world examples that easily translate into the workplace. Covers a one-semester undergraduate course. Describes all aspects of computer security as it pertains to the job of a software engineer and presents problems similar to that which an engineer will encounter in the industry. This text will equip students to make knowledgeable security decisions, be productive members of a security review team, and write code that protects a user's information assets.

This book offers a comprehensive and integrative introduction to cybercrime. It provides an authoritative synthesis of the disparate literature on the various types of cybercrime, the global investigation and detection of cybercrime and the role of digital information, and the wider role of technology as a facilitator for social relationships between deviants and criminals. It includes coverage of: * key theoretical and methodological perspectives; * computer hacking and malicious software; * digital piracy and intellectual theft; * economic crime and online fraud; * pornography and online sex crime; * cyber-bullying and cyber-stalking; * cyber-terrorism and extremism; * the rise of the Dark Web; * digital forensic investigation and its legal context around the world; * the law enforcement response to cybercrime transnationally; * cybercrime policy and legislation across the globe. The new edition has been revised and updated, featuring two new chapters; the first offering an expanded discussion of cyberwarfare and information operations online, and the second discussing illicit market operations for all sorts of products on both the Open and Dark Web. This book includes lively and engaging features, such as discussion questions, boxed examples of unique events and key figures in offending, quotes from interviews with active offenders, and a full glossary of terms. It is supplemented by a companion website that includes further exercises for students and instructor resources. This text is essential reading for courses on cybercrime, cyber-deviancy, digital forensics, cybercrime investigation, and the sociology of technology.

Cyber-Security Threats, Actors, and Dynamic Mitigation provides both a technical and state-of-the-art perspective as well as a systematic overview of the recent advances in different facets of cyber-security. It covers the methodologies for modeling attack strategies used by threat actors targeting devices, systems, and networks such as smart homes, critical infrastructures, and industrial IoT. With a comprehensive review of the threat landscape, the book explores both common and sophisticated threats to systems and networks. Tools and methodologies are presented for precise modeling of attack strategies, which can be used both proactively in risk management and reactively in intrusion prevention and response systems. Several contemporary techniques are offered ranging from reconnaissance and penetration testing to malware detection, analysis, and mitigation. Advanced machine learning-based approaches are also included in the area of anomaly-based detection, that are capable of detecting attacks relying on zero-day vulnerabilities and exploits. Academics, researchers, and professionals in cyber-security who want an in-depth look at the contemporary aspects of the field will find this book of interest. Those wanting a unique reference for various cyber-security threats and how they are detected, analyzed, and mitigated will reach for this book often.