Information Warfare and Security

What individuals, corporations, and governments need to know about information-related attacks and defenses!

Every day, we hear reports of hackers who have penetrated computer networks, vandalized Web pages, and accessed sensitive information. We hear how they have tampered with medical records, disrupted emergency 911 systems, and siphoned money from bank accounts. Could information terrorists, using nothing more than a personal computer, cause planes to crash, widespread power blackouts, or financial chaos? Such real and imaginary scenarios, and our defense against them, are the stuff of information warfare-operations that target or exploit information media to win some objective over an adversary.

Dorothy E. Denning, a pioneer in computer security, provides in this book a framework for understanding and dealing with information-based threats: computer break-ins, fraud, sabotage, espionage, piracy, identity theft, invasions of privacy, and electronic warfare. She describes these attacks with astonishing, real examples, as in her analysis of information warfare operations during the Gulf War. Then, offering sound advice for security practices and policies, she explains countermeasures that are both possible and necessary.

You will find in this book:

A comprehensive and coherent treatment of offensive and defensive information warfare, identifying the key actors, targets, methods, technologies, outcomes, policies, and laws;

A theory of information warfare that explains and integrates within a single framework operations involving diverse actors and media;

An accurate picture of the threats, illuminated by actual incidents;

A description of information warfare technologies and their limitations, particularly the limitations of defensive technologies.

Whatever your interest or role in the emerging field of information warfare, this book will give you the background you need to make informed judgments about potential threats and our defenses against them.

Average Customer Review:
Write an online review and share your thoughts with other customers.

She knows what the real risks are and writes about them.

This book is 100% fact and 0% hype.

Read it!

7 of 8 found the following review helpful:

Good overview, lacking depthApr 03, 2002
The book provides a good overview of information warfare. It is divided into three sections, the introduction, offensive information warfare and finally defensive information warfare. Numerous topics are covered. The author is clearly an expert in security and manages to touch upon all the major information security topics.

The main strength of the book is the breadth of topic selection. By the time you have reached the end of the book, you will have at least a passing acquaintance with all important information security topics. The book is very well referenced and is written in an easy to read style.

The enormous topic selection means that no topic is treated in any particular depth. This means that you'll get to know something about everything, but unfortunately you won't develop an intimate understanding of any of the topics covered.

At times I received the impression that the book was simply a collection of anecdotes. Some parts of the book resembled sensationalistic journalism and, four years after it was written, many parts of the book are out of date. I would recommend this book to anyone looking for a broad overview of information security. Its scatter gun approach means that you'll hit all of the topics but won't develop a true understanding of the underlying mechanisms involved.

5 of 5 found the following review helpful:

An informative read that wont put you to sleep!Feb 03, 2002
Dorothy Denning has produced one of the best 'easy read' reference books I have seen in years. The writing is one of the most striking aspects of this book; right from the introduction the reader is taken on a logical and structured route through the key aspects of Information Security, with numerous references to real life cases. You don't need a note pad, as the language is clear and concepts explained in simple English. This a excellent book to read on the train/plane: it is interesting, job related, informative but not dull or too intellectually challenging.

That said the strength of argument and excellent references are worth the cost of the book alone! I have personally used excerpts form this book to very good effect when making a point to higher management. Of the 50+ IT, Security and InfoSec books have in my collection this is the one I never, lend out.

11 of 11 found the following review helpful:

Heighten awareness, but not educateOct 03, 2000
Gulf war, fraud, national security, Spam, traitors, and computer viruses. These are just a few of the topics covered by Dorothy Denning's book Information_Warfare_and_Security. This book gives a broad and informative view of information security, however it lacks specifics to make it more than an introductory work to this field.

The book has a broad overview of subjects. The Introduction section encompasses around 75 pages and gives substantial theory to the how and why of information security. Part II discusses "Offensive Information Warfare" which brings the reader through techniques on obtaining information. "Defensive Information Warfare" in Part III naturally discusses how to repel the offenses discussed in Part II.

Information_Warfare_and_Security is very informative on the problem areas which it discusses. Computers and phones are obvious places for intrusion and the book covers the facets of these areas in depth. The less obvious methodologies are also mentioned such as eavesdropping, traffic analysis, and sabotage. Denning does not leave out the human factor in her sections on social engineering, traitors, and even dumpster diving.

Denning's book, however, lacks specific in-depth information. Any chapter subject could have a large book written on it. The book does not give the "how-to's" to create or block an attack; rather it merely discusses the possibilities. To Denning's credit, however, she does include a substantial bibliography and endnotes so the reader can find further information in the source material.

Information_Warfare_and_Security would serve the purpose of an excellent introductory overview to the information security field. It is broad and informative, but lacks the specific information to execute any of the offenses or defenses. Denning's book is useful to heighten awareness of information security issues, but it is not sufficient to provide an education in this field.