Crimeware: Understanding New Attacks and Defenses

Front Cover
Addison-Wesley Professional, Apr 6, 2008 - Computers - 608 pages
3 Reviews

“This book is the most current and comprehensive analysis of the state of Internet security threats right now. The review of current issues and predictions about problems years away are critical for truly understanding crimeware. Every concerned person should have a copy and use it for reference.”

—Garth Bruen, Project KnujOn Designer


There’s a new breed of online predators—serious criminals intent on stealing big bucks and top-secret information—and their weapons of choice are a dangerous array of tools called “crimeware.” With an ever-growing number of companies, organizations, and individuals turning to the Internet to get things done, there’s an urgent need to understand and prevent these online threats.


Crimeware: Understanding New Attacks and Defenses will help security professionals, technical managers, students, and researchers understand and prevent specific crimeware threats. This book guides you through the essential security principles, techniques, and countermeasures to keep you one step ahead of the criminals, regardless of evolving technology and tactics. Security experts Markus Jakobsson and Zulfikar Ramzan have brought together chapter contributors who are among the best and the brightest in the security industry. Together, they will help you understand how crimeware works, how to identify it, and how to prevent future attacks before your company’s valuable information falls into the wrong hands. In self-contained chapters that go into varying degrees of depth, the book provides a thorough overview of crimeware, including not only concepts prevalent in the wild, but also ideas that so far have only been seen inside the laboratory.


With this book, you will 

  • Understand current and emerging security threats including rootkits, bot networks, spyware, adware, and click fraud
  • Recognize the interaction between various crimeware threats
  • Gain awareness of the social, political, and legal implications of these threats
  • Learn valuable countermeasures to stop crimeware in its tracks, now and in the future
  • Acquire insight into future security trends and threats, and create an effective defense plan

With contributions by Gary McGraw, Andrew Tanenbaum, Dave Cole, Oliver Friedrichs, Peter Ferrie, and others.


What people are saying - Write a review

User Review - Flag as inappropriate

Tom Evankovich, CFA FinTech Cyber Security: This is very solid work. The chapter on botnets is great. I suggest this book coupled with Brian Kreb’s “Spam Nation” for scholarly defense and newer stats on botnets e.g. the RuStock botnet virus of infected computers totals 125,000 that blast 16 billion emails per day; aggregated with others this is 200 billion per day
This book is prescient now after the crazy 2016 Presidential elections; the authors did a nice job on this vulnerability. I would love to see the authors dig deeper and write an updated (2017) version covering just election vulnerability.

User Review - Flag as inappropriate

Pretty good book explaining some recent attack methods in detail.


1 Overview of Crimeware
2 A Taxonomy of Coding Errors
3 Crimeware and PeertoPeer Networks
4 Crimeware in Small Devices
5 Crimeware in Firmware
6 Crimeware in the Browser
7 Bot Networks
8 Rootkits
11 Online Advertising Fraud
12 Crimeware Business Models
13 The Educational Aspect of Security
14 Surreptitious Code and the Law
15 Crimeware and Trusted Computing
16 Technical Defense Techniques
17 The Future of Crimeware

9 Virtual Worlds and Fraud
10 Cybercrime and Politics

Other editions - View all

Common terms and phrases

About the author (2008)

Markus Jakobsson, Ph.D., is currently principal scientist at Palo Alto Research Center and an adjunct associate professor at Indiana University. The coauthor of more than one hundred peer-reviewed articles and co-inventor of more than fifty patents, Markus studies the human factor of security and cryptographic protocols with an emphasis on privacy.


Zulfikar Ramzan, Ph.D., is currently a senior principal researcher with Symantec Security Response. Coauthor of more than fifty technical articles and one other book, Zulfikar is a frequent speaker on his areas of expertise: theoretical and practical aspects of information security and cryptography.

Bibliographic information