TY  - BOOK
AU  - Knight,Alissa
TI  - Hacking connected cars: tactics, techniques, and procedures 
SN  - 9781119491774
AV  - TL152.8 .K65 2020
U1  - 629.04/6 23
PY  - 2020///]
CY  - Indianapolis, Indiana
PB  - John Wiley & Sons, Inc.
KW  - Automated vehicles
KW  - Security measures
KW  - Penetration testing (Computer security)
KW  - Vï¿½ehicules autonomes
KW  - Sï¿½ecuritï¿½e
KW  - Mesures
KW  - Tests d'intrusion
KW  - COMPUTERS
KW  - Security
KW  - Cryptography & Encryption
KW  - bisacsh
KW  - fast
N1  - VANET; Cover -- Title Page -- Copyright -- About the Author -- Acknowledgments -- Contents at a Glance -- Contents -- Foreword -- Foreword -- Introduction -- For Non-Automotive Experts -- Automotive Networking -- Target Audience -- How This Book Is Structured -- What's on the Website -- Summary -- Part I Tactics, Techniques, and Procedures -- Chapter 1 Pre-Engagement -- Penetration Testing Execution Standard -- Scope Definition -- Architecture -- Full Disclosure -- Release Cycles -- IP Addresses -- Source Code -- Wireless Networks -- Start and End Dates -- Hardware Unique Serial Numbers; Rules of Engagement -- Timeline -- Testing Location -- Work Breakdown Structure -- Documentation Collection and Review -- Example Documents -- Project Management -- Conception and Initiation -- Definition and Planning -- Launch or Execution -- Performance/Monitoring -- Project Close -- Lab Setup -- Required Hardware and Software -- Laptop Setup -- Rogue BTS Option 1: OsmocomBB -- Rogue BTS Option 2: BladeRF + YateBTS -- Setting Up Your WiFi Pineapple Tetra -- Summary -- Chapter 2 Intelligence Gathering -- Asset Register -- Reconnaissance -- Passive Reconnaissance -- Active Reconnaissance; Bringing Your Rogue BTS Online -- Hunting for the TCU -- When You Know the MSISDN of the TCU -- When You Know the IMSI of the TCU -- When You Don't Know the IMSI or MSISDN of the TCU -- Cryptanalysis -- Encryption Keys -- Impersonation Attacks -- Summary -- Chapter 6 Post Exploitation -- Persistent Access -- Creating a Reverse Shell -- Linux Systems -- Placing the Backdoor on the System -- Network Sniffing -- Infrastructure Analysis -- Examining the Network Interfaces -- Examining the ARP Cache -- Examining DNS -- Examining the Routing Table -- Identifying Services -- Fuzzing; Filesystem Analysis -- Command-Line History -- Core Dump Files -- Debug Log Files -- Credentials and Certificates -- Over-the-Air Updates -- Summary -- Part II Risk Management -- Chapter 7 Risk Management -- Frameworks -- Establishing the Risk Management Program -- SAE J3061 -- ISO/SAE AWI 21434 -- HEAVENS -- Threat Modeling -- STRIDE -- PASTA -- TRIKE -- Summary -- Chapter 8 Risk-Assessment Frameworks -- HEAVENS -- Determining the Threat Level -- Determining the Impact Level -- Determining the Security Level -- EVITA -- Calculating Attack Potential -- Summary -- Chapter 9 PKI in Automotive
N2  - Chapter 3 Threat Modeling -- STRIDE Model -- Threat Modeling Using STRIDE -- VAST -- PASTA -- Stage 1: Define the Business and Security Objectives -- Stage 2: Define the Technical Scope -- Stage 3: Decompose the Application -- Stage 4: Identify Threat Agents -- Stage 5: Identify the Vulnerabilities -- Stage 6: Enumerate the Exploits -- Stage 7: Perform Risk and Impact Analysis -- Summary -- Chapter 4 Vulnerability Analysis -- Passive and Active Analysis -- WiFi -- Bluetooth -- Summary -- Chapter 5 Exploitation -- Creating Your Rogue BTS -- Configuring NetworkinaPC
UR  - https://onlinelibrary.wiley.com/doi/book/10.1002/9781119491774
ER  -