Cover
Copyright
Preface
Contents
About the Editors
Part I Computer Security
1 Computer Security
1.1 Introduction
1.1.1 Confidentiality
1.1.2 Integrity
1.1.3 Availability
1.1.4 Vulnerabilities and Attacks
1.2 Historical Background
1.3 Computer Security Vulnerabilities and Threats
1.3.1 The Attacker (Intruder)
1.3.2 Physical Access
1.3.3 Social Engineering and Phishing
1.3.4 Attacker Software Tools
1.3.5 Botnets
1.3.6 Denial-of-Service Attack
1.3.7 Password Cracking
1.3.8 Malware
1.3.9 Software Piracy
1.4 Countermeasures
1.4.1 Authentication
1.4.2 Data and Operating System Backup
1.4.3 Firewalls and Intrusion Detection Systems
1.4.4 Antivirus and Protection Against Malware
1.4.5 General Purpose Operating System Security
1.4.5.1 NTFS Security
1.4.5.2 MAC OSX and Linux Security
1.4.5.3 Security Enhanced Linux (SE Linux)
1.4.6 Program Security and Secure Coding
1.4.7 CyberLaw and Computer Security Incidents
1.5 Summary and Future Trends
References
2 A Survey and Taxonomy of Classifiers of Intrusion Detection Systems
2.1 Introduction
2.2 Extracted Features
2.3 Pattern Analyzer
2.3.1 Learning Algorithms
2.3.1.1 Gradient Descent Algorithm
2.3.1.2 Baum–Welch Algorithm
2.3.1.3 Learning Statistical Properties
2.3.1.4 Genetic Network Programming (GNP)
2.3.1.5 Some Other Machine Learning Algorithms
2.3.2 Knowledge Representation
2.4 Decision Making Component (Detection Phase)
2.4.1 Neural Networks
2.4.2 Decision Tree
2.4.3 Fuzzy Logic
2.4.4 Genetic Network Programming
2.4.5 Support Vector Machine
2.4.6 Some Other Decision Making Approaches
2.5 Classifier's Decision
2.5.1 Threat
2.5.2 Anomaly
2.5.3 Normal
2.6 Conclusion and Open Issues
References
3 A Technology for Detection of Advanced Persistent Threat in Networks and Systems Using a Finite Angular State Velocity Machine and Vector Mathematics
3.1 Identification and Significance of the Problem or Opportunity
3.1.1 Introduction
3.1.2 Background and Significance
3.1.3 Problems and Opportunities
3.2 Concept
3.2.1 Technical Objectives
3.3 Implementation
3.3.1 Overview
3.3.2 Vector Mathematics Versus Other Methods
3.3.3 Vector Mathematics Background
3.3.4 Previous Work and Example Approach
3.3.5 Visualization Work: Spicule
3.3.5.1 Previous Work on Spicule Visualization Prototype
3.3.5.2 Mathematical Properties and Visual Algebra
3.3.6 False Positive, False Negative Mitigation, and Jitter Control in FAST-VM Model
3.3.6.1 Finite Angular State Transition-Velocity Machine
3.3.6.2 Fast-VM Operation
3.4 Application to Networks
3.4.1 State Variables
3.5 Conclusion
References
4 Information-Theoretically Secure Privacy Preserving Approaches for Collaborative Association Rule Mining
4.1 Introduction
4.2 Computational Security Versus Information-Theoretic Security
4.3 PPDFIM Across Horizontally Partitioned Databases
4.3.1 Information-Theoretically Secure Schemes for PPDFIM—Semi-Honest Model
4.3.2 Game-Theoretic Privacy Preserving Schemes for PPDFIM: Rational and Malicious Model
4.4 PPDFIM Across Vertically Partitioned Databases: Semi-Honest Model
4.5 Conclusion and Scope of Future Work
References
5 A Postmortem Forensic Analysis for a JavaScript Based Attack
5.1 An Overview of Web Browsers and Their Possible Attacks
5.1.1 Drive-by-Download Attack
5.1.2 Browser Forensics
5.2 Proposed System Description
5.3 Experiment and Findings
5.4 Conclusion and Future Work
References
Part II Network Security
6 Malleable Cryptosystems and Their Applications in Wireless Sensor Networks
6.1 Introduction
6.2 Impact of In-Network Processing
6.2.1 Privacy
6.2.2 Integrity
6.2.3 Freshness
6.3 Privacy Homomorphism
6.3.1 Privacy Homomorphism: Addition
6.3.2 Privacy Homomorphism: Multiplication
6.3.3 Privacy Homomorphism: Exclusive OR
6.4 Symmetric-Key Based Privacy Homomorphism
6.4.1 Domingo-Ferrer's Cryptosystem
6.4.2 CMT Cryptosystem
6.5 Asymmetric-Key Based Privacy Homomorphism
6.5.1 RSA Cryptosystem
6.5.2 Example
6.5.3 Goldwasser–Micali's Cryptosystem
6.5.4 Okamoto–Uchiyama's Cryptosystem
6.5.5 Elliptic Curve Based ElGamal's Cryptosystem
6.6 Conclusion
References
7 A Survey and Taxonomy on Data and Pre-processing Techniques of Intrusion Detection Systems
7.1 Introduction
7.2 Real World
7.3 Honeypots
7.4 Raw Input Data
7.4.1 Datasets
7.4.1.1 DARPA Dataset
7.4.1.2 KDD Dataset
7.4.1.3 ISCX Dataset
7.4.1.4 Custom Datasets
7.4.2 Data Components
7.4.2.1 Network Components
7.4.2.2 System Calls
7.4.2.3 User Profile
7.5 Pre-processing Phase
7.5.1 Specification Method
7.5.2 Signature Generation
7.5.3 Comparison of Pre-processing Approaches
7.6 Conclusion
References
8 Security Protocols for Networks and Internet: A Global Vision
8.1 Introduction
8.2 Authentication Protocols
8.2.1 Password Authentication Protocol (PAP)
8.2.2 Challenge Handshake Authentication Protocol (CHAP)
8.2.3 Kerberos Protocol
8.2.4 Practical Remarks
8.3 Secure Communication Protocols
8.3.1 Secure Sockets Layer (SSL)
8.3.2 IPSec
8.3.2.1 IKE
8.3.2.2 Authentication Header (AH)
8.3.2.3 Encapsulated Security Payload (ESP)
8.3.2.4 Practical Setting: Tunnel vs. Transport Modes
8.3.3 Practical Remarks
8.4 Secure Remote Communication Protocols
8.4.1 SSH Evolution
8.4.2 SSH Protocol Structure
8.4.3 Practical Remarks
8.5 Secure Wireless Communication Protocols
8.5.1 Wired Equivalent Privacy (WEP)
8.5.2 Wireless Protected Access (WPA and WPA2)
8.5.3 Practical Remarks
8.6 Conclusion
References
9 Differentiating Security from Privacy in Internet of Things: A Survey of Selected Threats and Controls
9.1 Introduction
9.1.1 Internet of Things
9.1.2 Definitions of Security and Privacy
9.1.3 Differentiating Security from Privacy
9.1.4 Chapter Contributions and Organization
9.2 IoT Reference Model
9.2.1 Perception Layer
9.2.2 Network Layer
9.2.3 Support Layer
9.2.4 Application Layer
9.3 Using IoT Reference Model for a Classification of Security Threats and Controls
9.3.1 Perception Layer Security
9.3.1.1 Security Threats in Perception Layer
9.3.1.2 Security Controls for Perception Layer
9.3.2 Network Layer Security
9.3.2.1 Security Threats in Network Layer
9.3.2.2 Security Controls for Network Layer
9.3.3 Support Layer Security
9.3.3.1 Security Threats in Support Layer
9.3.3.2 Security Controls for Support Layer
9.3.4 Application Layer Security
9.3.4.1 Security Threats in Application Layer
9.3.4.2 Security Controls for Application Layer
9.4 Using IoT Reference Model for a Classification of Privacy Threats and Controls
9.4.1 Perception Layer Privacy
9.4.1.1 Privacy Threats in Perception Layer
9.4.1.2 Privacy Controls for Perception Layer
9.4.2 Network Layer Privacy
9.4.2.1 Privacy Threats in Network Layer
9.4.2.2 Privacy Controls for Network Layer
9.4.3 Support Layer Privacy
9.4.3.1 Privacy Threats in Support Layer
9.4.3.2 Privacy Controls for Support Layer
9.4.4 Application Layer Privacy
9.4.4.1 Privacy Threats in Application Layer
9.4.4.2 Privacy Controls for Application Layer
9.5 Concluding Remarks
9.5.1 Lessons Learned
9.5.2 Conclusions
References
10 Reliable Transmission Protocol for Underwater AcousticNetworks
10.1 Challenges of UANs
10.2 Micro-ANP Architecture
10.3 Overview of Reliable Transmission Mechanism
10.4 Reliable Transmission Protocol for UANs
10.4.1 RLT Code
10.4.2 RCHF: RLT Code-Based Handshake-Free Reliable Transmission Protocol
10.4.2.1 Reliable Transmission Mechanism
10.4.2.2 State-Based Handshake-Free Media Access Control
10.4.3 Simulation Result of RCHF
10.5 Conclusion
References
11 Using Sports Plays to Configure Honeypots Environments to form a Virtual Security Shield
11.1 Introduction
11.2 Honeypot Overview
11.2.1 Honeypots
11.2.2 Honeypots Benefits
11.3 American Football Overview
11.3.1 Offense Play Formations
11.3.1.1 The Screen Play
11.3.1.2 The Draw Play
11.3.1.3 The Counter Run Play
11.3.1.4 Double Reverse Flea Flicker Play
11.4 Honeypot Virtual Security Shield
11.4.1 Virtual Security Shield Example
11.5 Implementation and Experiment
11.5.1 Implementation
11.5.2 Experiment
11.5.3 Discussion
11.6 Related Work
11.7 Conclusion
References
Part III Cryptographic Technologies
12 Security Threats and Solutions for Two-Dimensional Barcodes: A Comparative Study
12.1 Introduction
12.2 Attack Scenarios for 2D Barcodes
12.3 Secure Systems Based on 2D Barcodes
12.4 Security Enhanced Barcodes and Readers
12.4.1 Security Enhanced Barcodes
12.4.2 Security Enhanced Barcode Readers
12.5 Summary and Comparison
12.6 Conclusion and Future Work
References
13 Searching Encrypted Data on the Cloud
13.1 Introduction
13.2 Problem Definition and Framework
13.3 Taxonomy of Searchable Encryption Techniques
13.4 Single-Keyword Search
13.4.1 Sequential Scan
13.4.2 Secure Indexes
13.4.3 Inverted Indexes
13.5 Multi-Keyword Search
13.6 Searchable Public-Key Encryption
13.7 Fuzzy Keyword Search
13.7.1 Error-Tolerant Searchable Encryption
13.7.2 Wildcard-Based Fuzzy Keyword Search
13.8 Conclusion
References
14 A Strong Single Sign-on User Authentication Scheme Using Mobile Token Without Verifier Table for Cloud Based Services
14.1 Introduction
14.1.1 Cryptography and Security
14.2 Authentication
14.2.1 User Authentication Mechanisms
14.2.1.1 Authentication Types
14.2.2 Authentication Challenges in Cloud
14.2.3 Authentication Attacks in Cloud
14.2.3.1 Guessing Attack
14.2.3.2 Malicious Insider Attack
14.2.3.3 Replay Attack
14.2.3.4 Stolen Verifier Attack
14.2.3.5 Impersonating Attack
14.2.3.6 Denial-of-Service Attack
14.2.3.7 Crypto-Token Lost Attack
14.3 Related Work
14.4 Proposed Scheme
14.4.1 Brokered Authentication Scheme
14.4.1.1 Proposed Brokered Authentication Architecture
14.4.1.2 A Strong Single Sign-on User Authentication Protocol Using Mobile Token for Cloud Based Services
14.5 Security Analysis of Proposed Protocol
14.6 Efficiency Analysis of Proposed Protocol
14.7 Formal Analysis Using Scyther Tool
14.8 Conclusion
References
15 Review of the Main Security Threats and Challenges in Free-Access Public Cloud Storage Servers
15.1 Introduction
15.2 Main Threats and Challenges in Cloud Storage
15.2.1 Challenge 1: Authentication
15.2.1.1 Solutions
15.2.1.2 Limitations
15.2.2 Challenge 2: Information Encryption
15.2.2.1 Solutions
15.2.2.2 Limitations
15.2.3 Challenge 3: Inappropriate Modifications of Assets
15.2.3.1 Solutions
15.2.3.2 Limitations
15.2.4 Challenge 4: Availability
15.2.4.1 Solutions
15.2.4.2 Limitations
15.2.5 Challenge 5: Data Location
15.2.5.1 Solutions
15.2.5.2 Limitations
15.2.6 Challenge 6: Data Deduplication
15.2.6.1 Solutions
15.2.6.2 Limitations
15.2.7 Challenge 7: Version Control of Encrypted Data
15.2.7.1 Solutions
15.2.7.2 Limitations
15.2.8 Challenge 8: Assured Deletion of Data
15.2.8.1 Solutions
15.2.8.2 Limitations
15.2.9 Challenge 9: API's Validation
15.2.9.1 Solutions
15.2.9.2 Limitations
15.2.10 Challenge 10: Usable Security Solutions
15.2.10.1 Solutions
15.2.10.2 Limitations
15.3 Conclusions
References
16 Secure Elliptic Curves in Cryptography
16.1 Introduction
16.2 Elliptic Curves
16.2.1 Definition
16.2.2 Elliptic Curves Over Finite Fields
16.2.2.1 Weierstrass Curves
16.2.2.2 Edwards Curves
16.2.2.3 Montgomery Curves
16.2.3 Transforming Formulas
16.3 Brainpool
16.3.1 Key Length
16.3.2 Seed Generation
16.3.3 Seed to Candidate Conversion
16.3.4 Validation of Parameters a and b
16.3.5 Cofactors
16.3.6 Factorizations
16.4 SafeCurves
16.4.1 Curve Parameters
16.4.2 ECDLP Security
16.4.3 ECC Security
16.4.4 Results
16.5 Conclusions
References
17 Mathematical Models for Malware Propagation in Wireless Sensor Networks: An Analysis
17.1 Introduction
17.2 Wireless Sensor Networks and Their Security
17.3 Mathematical Models for Malware Propagation in WSNs
17.4 Network Propagation Models
17.4.1 Mathematical Background on Networks
17.4.2 Mathematical Models in Heterogeneous Networks
17.4.2.1 General Considerations
17.4.2.2 The SIS Model
17.4.2.3 The SIR Model
17.5 Conclusions
References
Part IV Biometrics and Forensics
18 Biometric Systems for User Authentication
18.1 Introduction
18.2 Basic Block Diagram of a Biometric System
18.3 Performance Metrics for Biometric Systems
18.4 Biometric Systems for User Identification
18.4.1 Fingerprint Recognition
18.4.2 Iris Recognition
18.4.3 Retinal Scans
18.5 Biometric Systems for User Verification
18.5.1 Face Recognition Systems
18.5.2 Speaker Recognition Systems
18.5.3 Hand Geometry-Based Biometric Systems
18.5.4 Signature Recognition Systems
18.6 Comparison of the Biometric Systems Based on Operating Parameters
18.7 Spoofing Attacks on Biometric Systems
18.7.1 Spoofing Fingerprints
18.7.2 Spoofing the Face
18.7.3 Spoofing the Voice
18.7.4 Transmitter Attacks
18.7.5 Replay Attacks
18.7.6 Template Attacks
18.7.7 Solution to Mitigate Spoofing Attacks
18.8 Multi-Biometric Systems
18.8.1 Levels of Fusion of Multi-biometric Systems Operating in Parallel Mode
18.9 Conclusions
References
19 Biometric Authentication and Data Security in Cloud Computing
19.1 Introduction
19.2 Preliminaries
19.2.1 Cloud Platform
19.2.2 Data Security
19.3 An Example of Cloud Platform
19.3.1 General Implementation of the Cloud System
19.3.2 Integration of Biometric Recognition with the Cloud Platform
19.3.2.1 Biometric Recognition
19.3.2.2 Performance of the Authentication System
19.3.2.3 Automation of the Biometric Access
19.3.3 Data security
19.3.3.1 Distributed Storage Systems
19.3.3.2 Architecture of the System
19.4 Conclusion
References
20 Approximate Search in Digital Forensics
20.1 Introduction
20.2 Bit-Parallel Search
20.2.1 Exact Bit-Parallel Search
20.2.2 Approximate Bit-Parallel Search
20.3 Introducing Constraints in Approximate Search
20.4 Conclusion
References
21 Privacy Preserving Internet Browsers: Forensic Analysisof Browzar
21.1 Introduction
21.2 Background
21.2.1 Forensic Analysis and Web Browser
21.2.2 Privacy Browsing
21.2.3 Browzar
21.3 Forensic Acquisition and Analysis of Browzar Privacy Browser
21.3.1 Adopted Approach
21.3.2 Experimental Environments
21.4 Experiments and Analysis
21.4.1 Change Monitoring
21.4.1.1 Browzar
21.4.1.2 Chrome and Firefox
21.4.2 Forensic Acquisition
21.4.2.1 Live Data Forensics
21.4.2.2 Post-Mortem Data Acquisition
21.4.3 Forensic Analysis
21.4.3.1 Browzar: Memory Analysis
21.4.3.2 Browzar: Post-Mortem Analysis
21.4.3.3 Google Chrome: Memory Analysis
21.4.3.4 Google Chrome: Post-Mortem Analysis
21.4.3.5 Mozilla Firefox: Memory Analysis
21.4.3.6 Mozilla Firefox: Post-Mortem Analysis
21.4.4 Discussion
21.5 Conclusions and Future Work
References
Part V Hardware Security
22 Experimental Digital Forensics of Subscriber Identification Module (SIM) Card
22.1 SIM Cards Overview
22.2 Development Environment
22.3 SIM Communication Protocols
22.3.1 Using APDU Command
22.3.2 Using AT Command
22.3.2.1 Command Structure
22.3.2.2 Response Format
22.3.3 AT vs APDU Commands
22.4 SIM File Identifier
22.5 Data Acquisition
22.5.1 Short Message Service (SMS) Forensics
22.6 SIM Card Forensic Methodology
22.7 SIM Card Forensics Proof-of-Concept
22.7.1 Case 1: Old/Fresh SIM Forensic
22.7.2 Case 2: Blank SIM Forensic
22.7.3 Case 3: PIN Key Enabled/Disabled Forensic
22.7.4 Case 4: Timeline and Event Reconstruction
22.7.5 Case 5: SIM/USIM Header Extraction
22.8 Findings and Conclusion
References
23 A Dynamic Area-Efficient Technique to Enhance ROPUFs Security Against Modeling Attacks
23.1 Introduction
23.2 Research Background
23.2.1 Basic and Configurable Silicon PUFs
23.2.2 Reconfigurable Silicon PUFs (rPUFs)
23.3 Implementations of the Proposed Technique on Real Hardware
23.4 Discussion of Experimental Results
23.4.1 The Normality of RO Sample Frequencies
23.4.2 Loop Parameters of ROPUF Model
23.4.3 Correlation Between d-ROPUF Structures and Their Performances
23.4.4 Quality Metrics of d-ROPUF Structures
23.5 Conclusions
References
24 Physical Unclonable Functions (PUFs) Design Technologies: Advantages and Trade Offs
24.1 Introduction
24.2 Theoretical Background
24.2.1 Fundamental Terms and Metrics
24.2.2 Categories
24.2.2.1 Non-Intrinsic and Intrinsic
24.2.2.2 Electronic and Non-Electronic
24.3 Designs of Silicon PUFs
24.3.1 Delay
24.3.1.1 Arbiter PUF
24.3.1.2 Ring Oscillator PUF
24.3.1.3 Modeling Attacks and Security
24.3.2 Memory
24.3.2.1 SRAM PUF
24.3.2.2 Bistable Ring (BR-PUF)
24.3.3 Mix Signal
24.3.3.1 MECCA PUF
24.3.3.2 SHIC PUF
24.4 Conclusions and Outlook
References
Part VI Security Applications
25 Generic Semantics Specification and Processing for Inter-System Information Flow Tracking
25.1 Introduction
25.2 Information Flow Model
25.2.1 Formal Model
25.3 Generic Primitives for Information Flow Semantics
25.3.1 Primitives for Updating the Storage Function
25.3.2 Primitives for Updating the Alias Function
25.3.3 Primitives for Updating the Naming Function
25.4 Inter-Layer and Inter-System Flows
25.4.1 Extended Information Flow Model
25.4.2 Selecting the Appropriate Scope Semantics for an Event
25.4.3 Scope Processing
25.5 Instantiation
25.5.1 Inter-System Information Flow Tracking
25.5.2 Client Side Policy Enforcement
25.6 Related Work
25.7 Conclusion
References
26 On Inferring and Characterizing Large-Scale Probing and DDoS Campaigns
26.1 Introduction
26.1.1 Background
26.1.2 Organization
26.2 Probing Campaigns
26.2.1 Inferring Probing Events
26.2.2 Inferring and Characterizing Probing Campaigns
26.3 DDoS Campaigns
26.3.1 Inferring DDoS Events
26.3.2 Inferring and Characterizing DDoS Campaigns
26.3.2.1 TCP SYN Flooding on Multiple HTTP Servers
26.4 Related Work
26.5 Concluding Remarks
26.5.1 Considerations and Research Gaps
References
27 Design of a Secure Framework for Session Mobilityas a Service in Cloud Computing Environment
27.1 Introduction
27.2 Secure Session Mobility as a Service (SMaaS) Framework
27.2.1 Network Model
27.2.2 Sequence of Steps
27.3 Qualitative Comparison of SMaaS with Related Work
27.3.1 SMaaS vs. Standard FTP
27.3.2 SMaaS vs. Parallel/Mirror Server Schemes
27.3.3 SMaaS vs. Peer-to-Peer File Sharing Schemes
27.3.4 SMaaS vs. Kerberos and Anycasting
27.3.5 Other Related Work
27.4 Simulation Plan
27.5 Conclusions
References
Part VII Security Management
28 Securing the Internet of Things: Best Practices for Deploying IoT Devices
28.1 Introduction
28.2 Background
28.3 Major IoT Security Incidents
28.3.1 Target Corporation's IoT Breach
28.3.2 The Mirai IoT Botnet
28.4 General Security Best Practices
28.5 IoT Challenges
28.5.1 Cyber-Physical Attacks
28.6 IoT Cyber Attack Proof of Concept
28.7 Best Practices for Deploying IoT Devices
28.8 Conclusion
References
29 Cognitive Computing and Multiscale Analysis for Cyber Security
29.1 Cyber-Threat Landscape
29.2 Cognitive Computing, Complexity, and Complexity Measures
29.3 Cyber-Threats and Need for Complexity Analysis
29.4 Inseparability Problem in Cyber Security Through Examples
29.5 Multiscale Analysis
29.5.1 Significance of Scale
29.5.2 Single Scale vs Multiscale
29.5.3 Multiscale Analysis Using Fractals
29.5.4 Multiscale Analysis Using Wavelets
29.6 Conclusion
References
30 A Comparative Study of Neural Network Training Algorithmsfor the Intelligent Security Monitoring of Industrial ControlSystems
30.1 Introduction
30.2 Facilities and Resources
30.3 Neural Networks
30.4 Neural Network Training Functions
30.4.1 Conjugate Gradient Method (trainscg)
30.4.2 Newton's Method and Other Variations (trainbf and trainlm)
30.4.3 Resilient Backpropagation Algorithm (trainrp)
30.4.4 Gradient Descent with Momentum (traingdm) and Gradient Descent with Momentum and Adaptive Learning Rate (traingdx)
30.5 Comparative Analysis of Neural Network Training Algorithms
30.5.1 Network Error Performance
30.5.1.1 Comparisons of Training Algorithms
30.5.1.2 Continuous vs Discrete
30.5.1.3 Without Water Temperature vs With Water Temperature
30.5.2 Success Rate
30.5.3 Run Time
30.5.4 Epochs
30.6 Comparative Analysis of Neural Network Training Algorithms
30.7 Conclusion and Future Work
References
31 Cloud Computing: Security Issues and Establishing Virtual Cloud Environment via Vagrant to Secure Cloud Hosts
31.1 Introduction to Cloud Computing
31.2 Cloud Computing
31.3 Cloud Computing Security Issues
31.4 Virtual Cloud Environment
31.4.1 Automation Tools
31.4.2 Setup and Configuration
31.5 Discussion
31.6 Conclusions
References
32 A Survey and Comparison of Performance Evaluation in Intrusion Detection Systems
32.1 Introduction
32.2 Standardized Datasets for Benchmarking IDSs
32.3 Metrics Used to Evaluate and Compare IDSs
32.4 Specification Method
32.5 Support Vector Machines
32.6 Machine Learning
32.7 Behaviour-Based Approaches
32.8 Mobile Agents
32.9 Genetic Network Programming
32.10 Fast Inductive Learning
32.11 Situational Awareness
32.12 Back Propagation
32.13 Fuzzy Logic
32.14 Comparisons of IDSs by Metrics Used
32.15 Conclusion
References
33 Accountability for Federated Clouds
33.1 Introduction
33.2 Cloud Environments
33.2.1 Accountability for Federated Clouds
33.3 Why Accountability Is Important for Federated Clouds?
33.4 CloudAcc Framework
33.4.1 Supporting Layer
33.4.2 Service Layer
33.5 CloudAcc Implementation in a Real Federated Cloud
33.5.1 CloudAcc Implementation Challenges
33.6 Final Considerations
References
34 A Cognitive and Concurrent Cyber Kill Chain Model
34.1 Stages of Cyber-Attack Kill Chain
34.1.1 Reconnaissance (R)
34.1.2 Weaponization (W)
34.1.3 Delivery (D)
34.1.3.1 User Interaction Required
34.1.3.2 No User Interaction Required
34.1.4 Exploitation (E)
34.1.4.1 Software Vulnerabilities
34.1.4.2 Network Vulnerabilities
34.1.4.3 Embedded/Firmware/Hardware Vulnerabilities
34.1.5 Installation (I)
34.1.6 Command and Control (CnC)
34.1.7 Actions on Objectives (A)
34.2 Critique of Cyber Kill Chain
34.3 Cognitive Cyber Security
34.4 Examples of the Proposed Cognitive Analytical Kill Chain
34.4.1 Example 1: Phishing Emails
34.4.2 Example 2: DNS Denial of Service (DoS) Attack
34.5 Conclusion
References
35 Defense Methods Against Social Engineering Attacks
35.1 Defense Against Social Engineering Attacks
35.1.1 Physical Security
35.1.2 Internal/Digital Security
35.1.3 Implementation of Efficient Security Policy and Procedures
35.1.4 Penetration Testing
35.1.5 User Training and Security Awareness
35.2 Analysis of Mitigation Strategies
35.2.1 The Most Potent Approach: Security Awareness
35.2.2 Case Studies
35.2.2.1 Company A
35.2.2.2 Company B
35.2.2.3 Company C
35.2.3 Review of Case Studies
35.2.4 Methods to Improve User Awareness
35.3 Chapter Summary
References