Computer Security Principles and Practice, 5th edition

Published by Pearson (May 31, 2023) © 2024

  • William Stallings
  • Lawrie Brown


per month

  • Anytime, anywhere learning with the Pearson+ app
  • Easy-to-use search, navigation and notebook
  • Simpler studying with flashcards

  • Hardcover, paperback or looseleaf edition
  • Affordable rental option for select titles
  • Free shipping on looseleafs and traditional textbooks

For courses in computer/network security.

Balance principles and standards with current practice

Computer Security incorporates broad and comprehensive coverage of computer and network security with current developments and topics in the field. Principles, design approaches, standards, and real-world examples give students an understanding of the unifying theory and application of important concepts. Hands-on hacking, programming, firewall and lab exercises, real-world case studies and security assessments reinforce understanding of the material.

The 5th Edition is an updated survey of the fast-moving world of computer and network security, with new coverage of important topics.

Hallmark features of this title

  • Hacking exercises help students gain an understanding of issues in intrusion detection and prevention.
  • Laboratory exercises involve programming and experimenting with concepts from the book. Programming projects cover a broad range of topics that can be implemented in any language on any platform.
  • Security education projects cover a range of security topics. Practical security assessment exercises examine current infrastructure and practices of an existing organization.
  • Firewall projects include a portable network firewall visualization simulator with exercises for teaching the fundamentals of firewalls.
  • Real-world case studies include learning objectives, case descriptions and discussion questions.
  • Visit the companion website at to view all resources for this title.

New and updated features of this title

  • NEW: Multi-factor authentication (MFA) and mobile authentication discussions in Chapter 3.
  • UPDATED: Lists provide current information on the most dangerous software errors, essential controls, and security controls. New information discusses the recent exploited code injection attack on the Apache Log4j package (Ch. 11); the Australian Signals Directorate's “Essential Eight” (Ch. 12); and NIST security controls (Ch. 15).
  • UPDATED: Mandatory access control (MAC) discussions cover ways in which MACs are now included as part of the underlying security enhancements in recent releases of some Linux, MacOSX and Windows systems (Ch. 4).
  • UPDATED: Social engineering and ransomware attack discussions reflect the growing incidence of such attacks, and the need to defend against them (Chs. 6 and 8). These defenses include improved security awareness training, as discussed in Ch. 17.
  • NEW: Supply-chain and business email compromise (BEC) attacks discussions include the recent SolarWinds attack, which has been used to compromise many commercial and government organizations in recent years.
  • NEW: Section on the ChaCha20 stream cipher replaces the now depreciated RC4 cipher (Ch. 20).
  1. Overview
  2. Cryptographic Tools
  3. User Authentication
  4. Access Control
  5. Database and Data Center Security
  6. Malicious Software
  7. Denial-of-Service Attacs
  8. Intrusion Detection
  9. Firewalls and Intrusion Prevention Systems
  10. Buffer Overflow
  11. Software Security
  12. Operating Systems Security
  13. Cloud and IoT Security
  14. IT Security Management and Risk Assessment
  15. IT Security Controls, plans, and Procedures
  16. Physical and Infrastructure Security
  17. Human Resources Security
  18. Security Auiditing
  19. Legal and Ethical Aspects
  20. Symmetric Encryption and Message Confidentiality
  21. Public-Key Cryptography and Message Authentication
  22. Internet Security Protocols and Standards
  23. Internet Authentication Applications
  24. Wireless Network Security


  1. Projects and Other Student Exercises for Teaching Computer Security
  2. Some Aspects of Number Theory
  3. Standards and Standard-Setting Organizations
  4. Random and Pseudorandom Number Generation
  5. Message Authentication Codes Based on Block Ciphers
  6. The TCP/IP Protocol Architecture
  7. Radix-64 Conversion
  8. The Domain Name System
  9. The Base Rate Fallacy
  10. SHA-3 814
  11. Glossary

Need help? Get in touch


All in one place. Pearson+ offers instant access to eTextbooks, videos and study tools in one intuitive interface. Students choose how they learn best with enhanced search, audio and flashcards. The Pearson+ app lets them read where life takes them, no wi-fi needed. Students can access Pearson+ through a subscription or their MyLab or Mastering course.

Privacy and cookies
By watching, you agree Pearson can share your viewership data for marketing and analytics for one year, revocable by deleting your cookies.

Pearson eTextbook: What’s on the inside just might surprise you

They say you can’t judge a book by its cover. It’s the same with your students. Meet each one right where they are with an engaging, interactive, personalized learning experience that goes beyond the textbook to fit any schedule, any budget, and any lifestyle.