Knight, Alissa,
Hacking connected cars : tactics, techniques, and procedures / Alissa Knight. - 1 online resource (xxxiii, 238 pages)
VANET
Cover -- Title Page -- Copyright -- About the Author -- Acknowledgments -- Contents at a Glance -- Contents -- Foreword -- Foreword -- Introduction -- For Non-Automotive Experts -- Automotive Networking -- Target Audience -- How This Book Is Structured -- What's on the Website -- Summary -- Part I Tactics, Techniques, and Procedures -- Chapter 1 Pre-Engagement -- Penetration Testing Execution Standard -- Scope Definition -- Architecture -- Full Disclosure -- Release Cycles -- IP Addresses -- Source Code -- Wireless Networks -- Start and End Dates -- Hardware Unique Serial Numbers Rules of Engagement -- Timeline -- Testing Location -- Work Breakdown Structure -- Documentation Collection and Review -- Example Documents -- Project Management -- Conception and Initiation -- Definition and Planning -- Launch or Execution -- Performance/Monitoring -- Project Close -- Lab Setup -- Required Hardware and Software -- Laptop Setup -- Rogue BTS Option 1: OsmocomBB -- Rogue BTS Option 2: BladeRF + YateBTS -- Setting Up Your WiFi Pineapple Tetra -- Summary -- Chapter 2 Intelligence Gathering -- Asset Register -- Reconnaissance -- Passive Reconnaissance -- Active Reconnaissance Bringing Your Rogue BTS Online -- Hunting for the TCU -- When You Know the MSISDN of the TCU -- When You Know the IMSI of the TCU -- When You Don't Know the IMSI or MSISDN of the TCU -- Cryptanalysis -- Encryption Keys -- Impersonation Attacks -- Summary -- Chapter 6 Post Exploitation -- Persistent Access -- Creating a Reverse Shell -- Linux Systems -- Placing the Backdoor on the System -- Network Sniffing -- Infrastructure Analysis -- Examining the Network Interfaces -- Examining the ARP Cache -- Examining DNS -- Examining the Routing Table -- Identifying Services -- Fuzzing Filesystem Analysis -- Command-Line History -- Core Dump Files -- Debug Log Files -- Credentials and Certificates -- Over-the-Air Updates -- Summary -- Part II Risk Management -- Chapter 7 Risk Management -- Frameworks -- Establishing the Risk Management Program -- SAE J3061 -- ISO/SAE AWI 21434 -- HEAVENS -- Threat Modeling -- STRIDE -- PASTA -- TRIKE -- Summary -- Chapter 8 Risk-Assessment Frameworks -- HEAVENS -- Determining the Threat Level -- Determining the Impact Level -- Determining the Security Level -- EVITA -- Calculating Attack Potential -- Summary -- Chapter 9 PKI in Automotive
Chapter 3 Threat Modeling -- STRIDE Model -- Threat Modeling Using STRIDE -- VAST -- PASTA -- Stage 1: Define the Business and Security Objectives -- Stage 2: Define the Technical Scope -- Stage 3: Decompose the Application -- Stage 4: Identify Threat Agents -- Stage 5: Identify the Vulnerabilities -- Stage 6: Enumerate the Exploits -- Stage 7: Perform Risk and Impact Analysis -- Summary -- Chapter 4 Vulnerability Analysis -- Passive and Active Analysis -- WiFi -- Bluetooth -- Summary -- Chapter 5 Exploitation -- Creating Your Rogue BTS -- Configuring NetworkinaPC
9781119491774 1119491770 9781119491736 1119491738 9781119491781 1119491789
9781119491736 Wiley
GBC013531 bnb
019690857 Uk
Automated vehicles.
Automated vehicles--Security measures.
Penetration testing (Computer security)
COMPUTERS--Security--Cryptography & Encryption.
Automated vehicles.
Penetration testing (Computer security)
Electronic books.
TL152.8 / .K65 2020
629.04/6
Hacking connected cars : tactics, techniques, and procedures / Alissa Knight. - 1 online resource (xxxiii, 238 pages)
VANET
Cover -- Title Page -- Copyright -- About the Author -- Acknowledgments -- Contents at a Glance -- Contents -- Foreword -- Foreword -- Introduction -- For Non-Automotive Experts -- Automotive Networking -- Target Audience -- How This Book Is Structured -- What's on the Website -- Summary -- Part I Tactics, Techniques, and Procedures -- Chapter 1 Pre-Engagement -- Penetration Testing Execution Standard -- Scope Definition -- Architecture -- Full Disclosure -- Release Cycles -- IP Addresses -- Source Code -- Wireless Networks -- Start and End Dates -- Hardware Unique Serial Numbers Rules of Engagement -- Timeline -- Testing Location -- Work Breakdown Structure -- Documentation Collection and Review -- Example Documents -- Project Management -- Conception and Initiation -- Definition and Planning -- Launch or Execution -- Performance/Monitoring -- Project Close -- Lab Setup -- Required Hardware and Software -- Laptop Setup -- Rogue BTS Option 1: OsmocomBB -- Rogue BTS Option 2: BladeRF + YateBTS -- Setting Up Your WiFi Pineapple Tetra -- Summary -- Chapter 2 Intelligence Gathering -- Asset Register -- Reconnaissance -- Passive Reconnaissance -- Active Reconnaissance Bringing Your Rogue BTS Online -- Hunting for the TCU -- When You Know the MSISDN of the TCU -- When You Know the IMSI of the TCU -- When You Don't Know the IMSI or MSISDN of the TCU -- Cryptanalysis -- Encryption Keys -- Impersonation Attacks -- Summary -- Chapter 6 Post Exploitation -- Persistent Access -- Creating a Reverse Shell -- Linux Systems -- Placing the Backdoor on the System -- Network Sniffing -- Infrastructure Analysis -- Examining the Network Interfaces -- Examining the ARP Cache -- Examining DNS -- Examining the Routing Table -- Identifying Services -- Fuzzing Filesystem Analysis -- Command-Line History -- Core Dump Files -- Debug Log Files -- Credentials and Certificates -- Over-the-Air Updates -- Summary -- Part II Risk Management -- Chapter 7 Risk Management -- Frameworks -- Establishing the Risk Management Program -- SAE J3061 -- ISO/SAE AWI 21434 -- HEAVENS -- Threat Modeling -- STRIDE -- PASTA -- TRIKE -- Summary -- Chapter 8 Risk-Assessment Frameworks -- HEAVENS -- Determining the Threat Level -- Determining the Impact Level -- Determining the Security Level -- EVITA -- Calculating Attack Potential -- Summary -- Chapter 9 PKI in Automotive
Chapter 3 Threat Modeling -- STRIDE Model -- Threat Modeling Using STRIDE -- VAST -- PASTA -- Stage 1: Define the Business and Security Objectives -- Stage 2: Define the Technical Scope -- Stage 3: Decompose the Application -- Stage 4: Identify Threat Agents -- Stage 5: Identify the Vulnerabilities -- Stage 6: Enumerate the Exploits -- Stage 7: Perform Risk and Impact Analysis -- Summary -- Chapter 4 Vulnerability Analysis -- Passive and Active Analysis -- WiFi -- Bluetooth -- Summary -- Chapter 5 Exploitation -- Creating Your Rogue BTS -- Configuring NetworkinaPC
9781119491774 1119491770 9781119491736 1119491738 9781119491781 1119491789
9781119491736 Wiley
GBC013531 bnb
019690857 Uk
Automated vehicles.
Automated vehicles--Security measures.
Penetration testing (Computer security)
COMPUTERS--Security--Cryptography & Encryption.
Automated vehicles.
Penetration testing (Computer security)
Electronic books.
TL152.8 / .K65 2020
629.04/6