网络给人们的生活带来极大方便，但黑客的出现却使这种便利的背后有可能潜伏着致命的陷阱。采取何种有效的方式保障个人、公司、乃至国家的信息安全已成为众人瞩目的话题。本书从网络安全的概念入手，介绍了常用的黑客攻击方法、手段及其防范措施，帮助读者提高网络安全意识，并教您如何采取积极有效的措施维护自身利益。

This book constitutes the refereed proceedings of the Cryptographers' Track at RSA Conference 2001， CT-RSA 2001， in San Francisco， CA， USA in April 2001.The 33 revised full papers presented were carefully reviewed and selected from 65 submissions. The papers are organized in topical sections on new cryptosystems; RSA; symmetric cryptography; gambling and lotteries; reductions， constructions， and security proofs; flaws and attacks; implementation; multivariate cryptography; number theoretic problems; passwords and credentials; and protocols.

This book constitutes the refereed proceedings of the 6th International Conference on Information and Communications Security， ICICS 2001， held in Malaga， Spain in October 2004.The 42 revised full papers presented were carefully reviewed and selected from 245 submissions. The papers address a broad range of topics in information and communication security including digital signatures， group signature schemes， e-commerce， digital payment systems， cryptographic attacks， mobile networking， authentication， channel analysis， power-analysis attacks， mobile agent security， broadcast encryption， AES， security analysis， XTR， access control， and intrusion detection.

This book constitutes the thoroughly refereed post-proceedings of the 7th International Workshop on Fast Software Encryption， FSE 2000， held in New York City， USA in April 2000.The 21 revised full papers presented were carefully reviewed and selected from a total of 53 submissions. The volume presents topical sections on stream-cipher cryptanalysis， new ciphers， AES cryptanalysis， block-cipher cryptanalysis， and theoretical work.

Invasion of privacy and misuse of personal data are among the most obvious negative effects of today's information and communication technologies. Besides technical issues from a variety of fields， privacy legislation， depending on national activities and often lacking behind technical progress， plays an important role in designing， implementing， and using privacy-enhancing systems.Taking into account technical aspects from IT security， this book presents in detail a formal task-based privacy model which can be used to technically enforce legal privacy requirements. Furthermore， the author specifies how the privacy model policy has been implemented together with other security policies in accordance with the Generalized Framework for Access Control （GFAC）.This book will appeal equally to R&D professionals and practitioners active in IT security and privacy， advanced students， and IT managers.

This book constitutes the thoroughly refereed post-proceedings of the 8th International Workshop on Security Protocols held in Cambridge， UK in April 2000.The 21 papers presented with tran*ions of the discussion following the presentation have gone through two rounds of revision and selection; also included are a keynote address and a discussion summary and an afterword by the volume editors. Among the topics addressed are authentication， trust in cyberspace， identification protocols， administration and government issues， specification， access privileges， PKI certificates， trust-based billing systems， public-key cryptosystems， denial of service， anonymous auction protocols， and certification

This book constitutes the thoroughly refereed post-proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography， SAC 2000， held in Waterloo， Ontario， Canada， in August 2000.The 24 revised full papers presented were selected from 41 submissions and have gone through two rounds of reviewing and revision. The papers are organized in topical sections on cryptanalysis， block ciphers： new designs， elliptic curves and efficient implementations， security protocols and applications， block ciphers and hash functions， Boolean functions and stream ciphers， and public key systems.

本书共分单机、网络、软件应用、附录四大部分。单机、网络两部分从计算机安全的攻击和防范两个方面详细讲解了个人计算机、网络计算机的黑客入侵手法及防范措施，内容涵盖Windows系统、办公软件、BIOS、IP地址、端口、恶意代码、共享入侵、系统漏洞等多个方面；软件应用部分对黑客常用的工具软件作出了深入剖析，并提供与之对应的安全工具的详细解说。本书内容丰富、资料全面、实用性强，适合各层次读者阅读。特别推荐广大电脑爱好者和个人电脑用户阅读和收藏。

本书介绍了网络监听与信息安全的基本理论和关键技术，主要包含4部分内容：第1部分介绍网络体系结构、TCP/IP协议族、局域网技术与网络编程的一些基础知识。第2部分介绍网络监听技术，包括包捕获、过滤、协议分析的程序设计基础和一些监听工具的介绍。第3部分介绍防范监听技术、保证信息安全的一些方法，包括消除网络结构隐患、检测与清除监听器和使用加密技术等。第4部分为实例学习，其中第10章介绍一些较简单实例，主要是对前面3部分内容的一些应用，第11章介绍如何设计并编程实现一个大型网络监听系统。本书主要面向对网络监听与信息安全有兴趣的读者，全书内容丰富，讲解由浅入深，有很强的实用性和指导性。

书取材于卡内基？梅隆大学软件工程研究所（SEI）和美国 CERT/CC 合作编写的安全实践与实现文档，是一本专门讲述计算机系统和网络安全的权威指南。它主要围绕着安全缺陷和安全漏洞展开描述，弥补了传统安全问题解决方案的不足。书中以渐进、步步进阶的方式，详细阐述了保护系统和网络安全、检测和响应入侵各阶段所涉及到的每个步骤。通过本书的阅读，管理员可有效保护系统和网络，减少损失。本书适合各种规模的系统和网络管理员阅读，同时适合他们的直属经理阅读。