Bild 1 von 6
Galerie
Bild 1 von 6
Hacken vernetzter Autos: Taktiken, Techniken und Verfahren von Alissa Knight...-
US $19,99
Ca.EUR 17,77
Artikelzustand:
“Cover and all pages are clean and readable. (gr)”
Gut
Buch, das gelesen wurde, sich aber in einem guten Zustand befindet. Der Einband weist nur sehr geringfügige Beschädigungen auf, wie z.B. kleinere Schrammen, er hat aber weder Löcher, noch ist er eingerissen. Bei gebundenen Büchern ist der Schutzumschlag möglicherweise nicht mehr vorhanden. Die Bindung weist geringfügige Gebrauchsspuren auf. Die Mehrzahl der Seiten ist unbeschädigt, das heißt, es gibt kaum Knitter oder Einrisse, es wurden nur in geringem Maße Bleistiftunterstreichungen im Text vorgenommen, es gibt keine Textmarkierungen und die Randbereiche sind nicht beschrieben. Alle Seiten sind vollständig vorhanden. Genauere Einzelheiten sowie eine Beschreibung eventueller Mängel entnehmen Sie bitte dem Angebot des Verkäufers.
- Sofort-KaufenHacken vernetzter Autos: Taktiken, Techniken und Verfahren von Alissa Knight...
Oops! Looks like we're having trouble connecting to our server.
Refresh your browser window to try again.
Versand:
US $5,38 (ca. EUR 4,78) USPS Media MailTM.
Standort: Bossier City, Louisiana, USA
Lieferung:
Lieferung zwischen Do, 15. Mai und Mi, 21. Mai nach 43230 bei heutigem Zahlungseingang
Rücknahme:
Keine Rücknahme.
Zahlungen:
Sicher einkaufen
Der Verkäufer ist für dieses Angebot verantwortlich.
eBay-Artikelnr.:297077224695
Artikelmerkmale
- Artikelzustand
- Gut
- Hinweise des Verkäufers
- “Cover and all pages are clean and readable. (gr)”
- ISBN
- 9781119491804
Über dieses Produkt
Product Identifiers
Publisher
Wiley & Sons, Incorporated, John
ISBN-10
1119491800
ISBN-13
9781119491804
eBay Product ID (ePID)
241012545
Product Key Features
Number of Pages
272 Pages
Language
English
Publication Name
Hacking Connected Cars : Tactics, Techniques, and Procedures
Publication Year
2020
Subject
Security / Cryptography
Type
Textbook
Subject Area
Computers
Format
Trade Paperback
Dimensions
Item Height
0.7 in
Item Weight
16 Oz
Item Length
9.2 in
Item Width
7.3 in
Additional Product Features
Intended Audience
Scholarly & Professional
Dewey Edition
23
Dewey Decimal
629.046
Table Of Content
About the Author v Acknowledgments vii Foreword xv Introduction xix Part I Tactics, Techniques, and Procedures 1 Chapter 1 Pre-Engagement 3 Penetration Testing Execution Standard 4 Scope Definition 6 Architecture 7 Full Disclosure 7 Release Cycles 7 IP Addresses 7 Source Code 8 Wireless Networks 8 Start and End Dates 8 Hardware Unique Serial Numbers 8 Rules of Engagement 9 Timeline 10 Testing Location 10 Work Breakdown Structure 10 Documentation Collection and Review 11 Example Documents 11 Project Management 13 Conception and Initiation 15 Definition and Planning 16 Launch or Execution 22 Performance/Monitoring 23 Project Close 24 Lab Setup 24 Required Hardware and Software 25 Laptop Setup 28 Rogue BTS Option 1: OsmocomBB 28 Rogue BTS Option 2: BladeRF + YateBTS 32 Setting Up Your WiFi Pineapple Tetra 35 Summary 36 Chapter 2 Intelligence Gathering 39 Asset Register 40 Reconnaissance 41 Passive Reconnaissance 42 Active Reconnaissance 56 Summary 59 Chapter 3 Threat Modeling 61 STRIDE Model 63 Threat Modeling Using STRIDE 65 Vast 74 Pasta 76 Stage 1: Define the Business and Security Objectives 77 Stage 2: Define the Technical Scope 78 Stage 3: Decompose the Application 79 Stage 4: Identify Threat Agents 80 Stage 5: Identify the Vulnerabilities 82 Stage 6: Enumerate the Exploits 82 Stage 7: Perform Risk and Impact Analysis 83 Summary 85 Chapter 4 Vulnerability Analysis 87 Passive and Active Analysis 88 WiFi 91 Bluetooth 100 Summary 105 Chapter 5 Exploitation 107 Creating Your Rogue BTS 108 Configuring NetworkinaPC 109 Bringing Your Rogue BTS Online 112 Hunting for the TCU 113 When You Know the MSISDN of the TCU 113 When You Know the IMSI of the TCU 114 When You Don''t Know the IMSI or MSISDN of the TCU 114 Cryptanalysis 117 Encryption Keys 118 Impersonation Attacks 123 Summary 132 Chapter 6 Post Exploitation 133 Persistent Access 133 Creating a Reverse Shell 134 Linux Systems 136 Placing the Backdoor on the System 137 Network Sniffing 137 Infrastructure Analysis 138 Examining the Network Interfaces 139 Examining the ARP Cache 139 Examining DNS 141 Examining the Routing Table 142 Identifying Services 143 Fuzzing 143 Filesystem Analysis 148 Command-Line History 148 Core Dump Files 148 Debug Log Files 149 Credentials and Certificates 149 Over-the-Air Updates 149 Summary 150 Part II Risk Management 153 Chapter 7 Risk Management 155 Frameworks 156 Establishing the Risk Management Program 158 SAE J3061 159 ISO/SAE AWI 21434 163 HEAVENS 164 Threat Modeling 166 STRIDE 168 PASTA 171 TRIKE 175 Summary 176 Chapter 8 Risk-Assessment Frameworks 179 HEAVENS 180 Determining the Threat Level 180 Determining the Impact Level 183 Determining the Security Level 186 EVITA 187 Calculating Attack Potential 189 Summary 192 Chapter 9 PKI in Automotive 193 VANET 194 On-board Units 196 Roadside Unit 196 PKI in a VANET 196 Applications in a VANET 196 VANET Attack Vectors 197 802.11p Rising 197 Frequencies and Channels 197 Cryptography 198 Public Key Infrastructure 199 V2X PKI200 IEEE US Standard 201 Certificate Security 201 Hardware Security Modules 201 Trusted Platform Modules 202 Certificate Pinning 202 PKI Implementation Failures 203 Summary 203 Chapter 10 Reporting 205 Penetration Test Report 206 Summary Page 206 Executive Summary 207 Scope 208 Methodology 209 Limitations 211 Narrative 211 Tools Used 213 Risk Rating 214 Findings 215 Remediation 217 Report Outline 217 Risk Assessment Report 218 Introduction 219 References 220 Functional Description 220 Head Unit 220 System Interface 221 Threat Model 222 Threat Analysis 223 Impact Assessment 224 Risk Assessment 224 Security Control Assessment 226 Example Risk Assessment Table 229 Summary 230 Index 233
Synopsis
A field manual on contextualizing cyber threats, vulnerabilities, and risks to connected cars through penetration testing and risk assessment Hacking Connected Cars deconstructs the tactics, techniques, and procedures (TTPs) used to hack into connected cars and autonomous vehicles to help you identify and mitigate vulnerabilities affecting cyber-physical vehicles. Written by a veteran of risk management and penetration testing of IoT devices and connected cars, this book provides a detailed account of how to perform penetration testing, threat modeling, and risk assessments of telematics control units and infotainment systems. This book demonstrates how vulnerabilities in wireless networking, Bluetooth, and GSM can be exploited to affect confidentiality, integrity, and availability of connected cars. Passenger vehicles have experienced a massive increase in connectivity over the past five years, and the trend will only continue to grow with the expansion of The Internet of Things and increasing consumer demand for always-on connectivity. Manufacturers and OEMs need the ability to push updates without requiring service visits, but this leaves the vehicle's systems open to attack. This book examines the issues in depth, providing cutting-edge preventative tactics that security practitioners, researchers, and vendors can use to keep connected cars safe without sacrificing connectivity. Perform penetration testing of infotainment systems and telematics control units through a step-by-step methodical guide Analyze risk levels surrounding vulnerabilities and threats that impact confidentiality, integrity, and availability Conduct penetration testing using the same tactics, techniques, and procedures used by hackers From relatively small features such as automatic parallel parking, to completely autonomous self-driving cars--all connected systems are vulnerable to attack. As connectivity becomes a way of life, the need for security expertise for in-vehicle systems is becoming increasingly urgent. Hacking Connected Cars provides practical, comprehensive guidance for keeping these vehicles secure., A field manual decomposing the tactics, techniques, and procedures used for risk analysis and exploitation of vulnerabilities in connected cars, As technology makes its way into passenger vehicles driven largely by consumer demands for always-on connectivity and a push to leverage technology to decrease traffic congestion by connecting automobiles to the smart cities around them, automobiles which were once isolated in-vehicle networks are now suddenly reachable from anywhere. This connectivity poses a significant risk to passengers of connected cars and autonomous vehicles as OEMs and automakers adapt to understand the new domain of cybersecurity when historically, safety was their only concern. Alissa Knight, a 20-year veteran of risk management and penetration testing of IoT devices and connected cars, provides a comprehensive guide for performing penetration testing, risk assessments, and risk treatments of connected passenger vehicles. Written for cybersecurity professionals who may not be experts in vehicle mechatronics, Hacking Connected Cars provides a complete reference on the tactics, techniques, and procedures required to identify and mitigate vulnerabilities in cyber-physical vehicles. With thorough summaries of the points covered in each chapter, detailed step-by-step procedures for performing a penetration tests and risk assessments of connected cars with near surgical precision, and explanatory diagrams, Hacking Connected Cars examines the issues involved and provides cutting-edge preventive tactics to secure these systems. You will learn to find the vulnerabilities in these systems before adversaries targeting your systems do using their own methods to perform penetration testing of infotainment systems and telematics control units, as well as how to analyze risk levels surrounding vulnerabilities and threats affecting confidentiality, integrity, and availability. Hacking Connected Cars offers vital tools to help security practitioners, researchers, and vendors keep connected cars safe without sacrificing connectivity. It examines: Electronic and telematics control units (ECUs and TCUs), Man-in-the-middle attacks, Attacks affecting confidentiality, integrity, and availability, Risk assessment, threat modeling, and risk treatment frameworks, TCU and head unit kill chains in a penetration test, Reverse engineering binaries and static code analysis, Key exchange and other cryptanalysis attacks, On-board diagnostics assessments, Vulnerabilities affecting common ECU/TCU/HU operating system platforms Book jacket.
Artikelbeschreibung des Verkäufers
Info zu diesem Verkäufer
Book Nerds
99,6% positive Bewertungen•24 Tsd. Artikel verkauft
Angemeldet als privater VerkäuferDaher finden verbraucherschützende Vorschriften, die sich aus dem EU-Verbraucherrecht ergeben, keine Anwendung. Der eBay-Käuferschutz gilt dennoch für die meisten Käufe.
Verkäuferbewertungen (6.344)
- a***m (10)- Bewertung vom Käufer.Letzter MonatBestätigter KaufShipped quickly and arrived on time I’m good condition.
- 0***0 (19)- Bewertung vom Käufer.Letzter MonatBestätigter KaufThe product was exactly as described!
- 8***p (64)- Bewertung vom Käufer.Letzter MonatBestätigter KaufThank you
Noch mehr entdecken:
- Knight Rider Hörspiele,
- Hörbücher und Hörspiele Knight Rider,
- Hörbücher und Hörspiele Knight Rider Kassette,
- Deutsche Knight Rider Hörbücher und Hörspiele,
- Zeitschriften über Oldtimer Classic Cars,
- Zeitschriften Classic Cars Automobile,
- Hörbücher und Hörspiele Knight-Rider-Europa-Editions,
- Monatliche Zeitschriften Classic Cars Automobile,
- Englische Zeitschriften Classic Cars Automobile