For some time now, Symantec has stressed that the online threat landscape shifted a few years back, away from hobbyist-driven threats towards financially driven threats. This trend has given rise to a class of malicious software known as "crimeware."
I recently had the pleasure of collaborating with Markus Jakobsson on a book, "Crimeware: Understanding New Attacks and Defenses," which studies the problem and where it seems to be heading. The book is an edited volume in which we were fortunate to include contributions that were received from top experts across industry and academia all over the world.
We worked on the book to bring to light the fact that the game has changed considerably. The book covers the following topics:
- A general overview of Crimeware, including taxonomy of well known threats, such as keyloggers, screenscrapers, rootkits, botnets, and the like.
- A more detailed study of well known existing threats. such as rootkits and botnets.
- The business models associated with crimeware activity and how the money flows.
- How crimeware can propagate across both social networks and peer-to-peer networks.
- The legal ramifications of surreptitious software.
- User education and how well it works (and, how it doesn’t work).
- Recent threat topics like click fraud and crimeware in the browser.
- Future threats, such as crimeware in RFID devices, mobile devices, and other general embedded devices like routers.
- Emerging areas, such as election-related threats and threats related to massively multiplayer online games.
- Defenses, such as the reduction of coding errors and the use of virtual machines—along with details on recent academic research in automated protection as well as mitigation by alternate authentication mechanisms.
Recognizing that today’s professionals are busy, each contributed chapter is relatively self-contained so that the interested reader can skip back and forth between topics of interest. Unlike many texts, this book need not be read cover-to-cover. Also, each chapter (and many sections within each chapter) begins with a high-level introduction that is suitable for a wider and less technical audience.
The purpose of doing so was to appeal to the broad audience to whom this subject matter is of interest. That includes not only security researchers, but also engineers, managers, high-level executives with vested security interests (like CIOs and CSOs, as well as CEOs of security companies), and also policy makers. Naturally, not every topic will appeal to every person. However, weighing in at roughly 600 pages, there is definitely more than enough fascinating material, no matter what your interests.
Ultimately, we wanted to touch upon the fundamental technical, social, political, and legal principles that surround the issue of crimeware. We believe these principles are, in some sense, timeless and offer consistent insights in a field characterized by change. We hope that you will agree.
I’m happy to announce that the book, which was published by Addison-Wesley in cooperation with Symantec Press, is now available.
See the above sites (or just go to http://www.crimeware-book.com) for information on where to find the book.
Message Edited by SR Blog Moderator on 04-18-2008 01:20 PM