第1页 / 共609页
第2页 / 共609页
第3页 / 共609页
第4页 / 共609页
第5页 / 共609页
第6页 / 共609页
第7页 / 共609页
第8页 / 共609页
Computer and Network Security Essentials 无水印原版pdf.pdf
Cover
Copyright
Preface
Contents
About the Editors
Part I Computer Security
1 Computer Security
1.1 Introduction
1.1.1 Confidentiality
1.1.2 Integrity
1.1.3 Availability
1.1.4 Vulnerabilities and Attacks
1.2 Historical Background
1.3 Computer Security Vulnerabilities and Threats
1.3.1 The Attacker (Intruder)
1.3.2 Physical Access
1.3.3 Social Engineering and Phishing
1.3.4 Attacker Software Tools
1.3.5 Botnets
1.3.6 Denial-of-Service Attack
1.3.7 Password Cracking
1.3.8 Malware
1.3.9 Software Piracy
1.4 Countermeasures
1.4.1 Authentication
1.4.2 Data and Operating System Backup
1.4.3 Firewalls and Intrusion Detection Systems
1.4.4 Antivirus and Protection Against Malware
1.4.5 General Purpose Operating System Security
1.4.5.1 NTFS Security
1.4.5.2 MAC OSX and Linux Security
1.4.5.3 Security Enhanced Linux (SE Linux)
1.4.6 Program Security and Secure Coding
1.4.7 CyberLaw and Computer Security Incidents
1.5 Summary and Future Trends
References
2 A Survey and Taxonomy of Classifiers of Intrusion Detection Systems
2.1 Introduction
2.2 Extracted Features
2.3 Pattern Analyzer
2.3.1 Learning Algorithms
2.3.1.1 Gradient Descent Algorithm
2.3.1.2 Baum–Welch Algorithm
2.3.1.3 Learning Statistical Properties
2.3.1.4 Genetic Network Programming (GNP)
2.3.1.5 Some Other Machine Learning Algorithms
2.3.2 Knowledge Representation
2.4 Decision Making Component (Detection Phase)
2.4.1 Neural Networks
2.4.2 Decision Tree
2.4.3 Fuzzy Logic
2.4.4 Genetic Network Programming
2.4.5 Support Vector Machine
2.4.6 Some Other Decision Making Approaches
2.5 Classifier's Decision
2.5.1 Threat
2.5.2 Anomaly
2.5.3 Normal
2.6 Conclusion and Open Issues
References
3 A Technology for Detection of Advanced Persistent Threat in Networks and Systems Using a Finite Angular State Velocity Machine and Vector Mathematics
3.1 Identification and Significance of the Problem or Opportunity
3.1.1 Introduction
3.1.2 Background and Significance
3.1.3 Problems and Opportunities
3.2 Concept
3.2.1 Technical Objectives
3.3 Implementation
3.3.1 Overview
3.3.2 Vector Mathematics Versus Other Methods
3.3.3 Vector Mathematics Background
3.3.4 Previous Work and Example Approach
3.3.5 Visualization Work: Spicule
3.3.5.1 Previous Work on Spicule Visualization Prototype
3.3.5.2 Mathematical Properties and Visual Algebra
3.3.6 False Positive, False Negative Mitigation, and Jitter Control in FAST-VM Model
3.3.6.1 Finite Angular State Transition-Velocity Machine
3.3.6.2 Fast-VM Operation
3.4 Application to Networks
3.4.1 State Variables
3.5 Conclusion
References
4 Information-Theoretically Secure Privacy Preserving Approaches for Collaborative Association Rule Mining
4.1 Introduction
4.2 Computational Security Versus Information-Theoretic Security
4.3 PPDFIM Across Horizontally Partitioned Databases
4.3.1 Information-Theoretically Secure Schemes for PPDFIM—Semi-Honest Model
4.3.2 Game-Theoretic Privacy Preserving Schemes for PPDFIM: Rational and Malicious Model
4.4 PPDFIM Across Vertically Partitioned Databases: Semi-Honest Model
4.5 Conclusion and Scope of Future Work
References
5 A Postmortem Forensic Analysis for a JavaScript Based Attack
5.1 An Overview of Web Browsers and Their Possible Attacks
5.1.1 Drive-by-Download Attack
5.1.2 Browser Forensics
5.2 Proposed System Description
5.3 Experiment and Findings
5.4 Conclusion and Future Work
References
Part II Network Security
6 Malleable Cryptosystems and Their Applications in Wireless Sensor Networks
6.1 Introduction
6.2 Impact of In-Network Processing
6.2.1 Privacy
6.2.2 Integrity
6.2.3 Freshness
6.3 Privacy Homomorphism
6.3.1 Privacy Homomorphism: Addition
6.3.2 Privacy Homomorphism: Multiplication
6.3.3 Privacy Homomorphism: Exclusive OR
6.4 Symmetric-Key Based Privacy Homomorphism
6.4.1 Domingo-Ferrer's Cryptosystem
6.4.2 CMT Cryptosystem
6.5 Asymmetric-Key Based Privacy Homomorphism
6.5.1 RSA Cryptosystem
6.5.2 Example
6.5.3 Goldwasser–Micali's Cryptosystem
6.5.4 Okamoto–Uchiyama's Cryptosystem
6.5.5 Elliptic Curve Based ElGamal's Cryptosystem
6.6 Conclusion
References
7 A Survey and Taxonomy on Data and Pre-processing Techniques of Intrusion Detection Systems
7.1 Introduction
7.2 Real World
7.3 Honeypots
7.4 Raw Input Data
7.4.1 Datasets
7.4.1.1 DARPA Dataset
7.4.1.2 KDD Dataset
7.4.1.3 ISCX Dataset
7.4.1.4 Custom Datasets
7.4.2 Data Components
7.4.2.1 Network Components
7.4.2.2 System Calls
7.4.2.3 User Profile
7.5 Pre-processing Phase
7.5.1 Specification Method
7.5.2 Signature Generation
7.5.3 Comparison of Pre-processing Approaches
7.6 Conclusion
References
8 Security Protocols for Networks and Internet: A Global Vision
8.1 Introduction
8.2 Authentication Protocols
8.2.1 Password Authentication Protocol (PAP)
8.2.2 Challenge Handshake Authentication Protocol (CHAP)
8.2.3 Kerberos Protocol
8.2.4 Practical Remarks
8.3 Secure Communication Protocols
8.3.1 Secure Sockets Layer (SSL)
8.3.2 IPSec
8.3.2.1 IKE
8.3.2.2 Authentication Header (AH)
8.3.2.3 Encapsulated Security Payload (ESP)
8.3.2.4 Practical Setting: Tunnel vs. Transport Modes
8.3.3 Practical Remarks
8.4 Secure Remote Communication Protocols
8.4.1 SSH Evolution
8.4.2 SSH Protocol Structure
8.4.3 Practical Remarks
8.5 Secure Wireless Communication Protocols
8.5.1 Wired Equivalent Privacy (WEP)
8.5.2 Wireless Protected Access (WPA and WPA2)
8.5.3 Practical Remarks
8.6 Conclusion
References
9 Differentiating Security from Privacy in Internet of Things: A Survey of Selected Threats and Controls
9.1 Introduction
9.1.1 Internet of Things
9.1.2 Definitions of Security and Privacy
9.1.3 Differentiating Security from Privacy
9.1.4 Chapter Contributions and Organization
9.2 IoT Reference Model
9.2.1 Perception Layer
9.2.2 Network Layer
9.2.3 Support Layer
9.2.4 Application Layer
9.3 Using IoT Reference Model for a Classification of Security Threats and Controls
9.3.1 Perception Layer Security
9.3.1.1 Security Threats in Perception Layer
9.3.1.2 Security Controls for Perception Layer
9.3.2 Network Layer Security
9.3.2.1 Security Threats in Network Layer
9.3.2.2 Security Controls for Network Layer
9.3.3 Support Layer Security
9.3.3.1 Security Threats in Support Layer
9.3.3.2 Security Controls for Support Layer
9.3.4 Application Layer Security
9.3.4.1 Security Threats in Application Layer
9.3.4.2 Security Controls for Application Layer
9.4 Using IoT Reference Model for a Classification of Privacy Threats and Controls
9.4.1 Perception Layer Privacy
9.4.1.1 Privacy Threats in Perception Layer
9.4.1.2 Privacy Controls for Perception Layer
9.4.2 Network Layer Privacy
9.4.2.1 Privacy Threats in Network Layer
9.4.2.2 Privacy Controls for Network Layer
9.4.3 Support Layer Privacy
9.4.3.1 Privacy Threats in Support Layer
9.4.3.2 Privacy Controls for Support Layer
9.4.4 Application Layer Privacy
9.4.4.1 Privacy Threats in Application Layer
9.4.4.2 Privacy Controls for Application Layer
9.5 Concluding Remarks
9.5.1 Lessons Learned
9.5.2 Conclusions
References
10 Reliable Transmission Protocol for Underwater AcousticNetworks
10.1 Challenges of UANs
10.2 Micro-ANP Architecture
10.3 Overview of Reliable Transmission Mechanism
10.4 Reliable Transmission Protocol for UANs
10.4.1 RLT Code
10.4.2 RCHF: RLT Code-Based Handshake-Free Reliable Transmission Protocol
10.4.2.1 Reliable Transmission Mechanism
10.4.2.2 State-Based Handshake-Free Media Access Control
10.4.3 Simulation Result of RCHF
10.5 Conclusion
References
11 Using Sports Plays to Configure Honeypots Environments to form a Virtual Security Shield
11.1 Introduction
11.2 Honeypot Overview
11.2.1 Honeypots
11.2.2 Honeypots Benefits
11.3 American Football Overview
11.3.1 Offense Play Formations
11.3.1.1 The Screen Play
11.3.1.2 The Draw Play
11.3.1.3 The Counter Run Play
11.3.1.4 Double Reverse Flea Flicker Play
11.4 Honeypot Virtual Security Shield
11.4.1 Virtual Security Shield Example
11.5 Implementation and Experiment
11.5.1 Implementation
11.5.2 Experiment
11.5.3 Discussion
11.6 Related Work
11.7 Conclusion
References
Part III Cryptographic Technologies
12 Security Threats and Solutions for Two-Dimensional Barcodes: A Comparative Study
12.1 Introduction
12.2 Attack Scenarios for 2D Barcodes
12.3 Secure Systems Based on 2D Barcodes
12.4 Security Enhanced Barcodes and Readers
12.4.1 Security Enhanced Barcodes
12.4.2 Security Enhanced Barcode Readers
12.5 Summary and Comparison
12.6 Conclusion and Future Work
References
13 Searching Encrypted Data on the Cloud
13.1 Introduction
13.2 Problem Definition and Framework
13.3 Taxonomy of Searchable Encryption Techniques
13.4 Single-Keyword Search
13.4.1 Sequential Scan
13.4.2 Secure Indexes
13.4.3 Inverted Indexes
13.5 Multi-Keyword Search
13.6 Searchable Public-Key Encryption
13.7 Fuzzy Keyword Search
13.7.1 Error-Tolerant Searchable Encryption
13.7.2 Wildcard-Based Fuzzy Keyword Search
13.8 Conclusion
References
14 A Strong Single Sign-on User Authentication Scheme Using Mobile Token Without Verifier Table for Cloud Based Services
14.1 Introduction
14.1.1 Cryptography and Security
14.2 Authentication
14.2.1 User Authentication Mechanisms
14.2.1.1 Authentication Types
14.2.2 Authentication Challenges in Cloud
14.2.3 Authentication Attacks in Cloud
14.2.3.1 Guessing Attack
14.2.3.2 Malicious Insider Attack
14.2.3.3 Replay Attack
14.2.3.4 Stolen Verifier Attack
14.2.3.5 Impersonating Attack
14.2.3.6 Denial-of-Service Attack
14.2.3.7 Crypto-Token Lost Attack
14.3 Related Work
14.4 Proposed Scheme
14.4.1 Brokered Authentication Scheme
14.4.1.1 Proposed Brokered Authentication Architecture
14.4.1.2 A Strong Single Sign-on User Authentication Protocol Using Mobile Token for Cloud Based Services
14.5 Security Analysis of Proposed Protocol
14.6 Efficiency Analysis of Proposed Protocol
14.7 Formal Analysis Using Scyther Tool
14.8 Conclusion
References
15 Review of the Main Security Threats and Challenges in Free-Access Public Cloud Storage Servers
15.1 Introduction
15.2 Main Threats and Challenges in Cloud Storage
15.2.1 Challenge 1: Authentication
15.2.1.1 Solutions
15.2.1.2 Limitations
15.2.2 Challenge 2: Information Encryption
15.2.2.1 Solutions
15.2.2.2 Limitations
15.2.3 Challenge 3: Inappropriate Modifications of Assets
15.2.3.1 Solutions
15.2.3.2 Limitations
15.2.4 Challenge 4: Availability
15.2.4.1 Solutions
15.2.4.2 Limitations
15.2.5 Challenge 5: Data Location
15.2.5.1 Solutions
15.2.5.2 Limitations
15.2.6 Challenge 6: Data Deduplication
15.2.6.1 Solutions
15.2.6.2 Limitations
15.2.7 Challenge 7: Version Control of Encrypted Data
15.2.7.1 Solutions
15.2.7.2 Limitations
15.2.8 Challenge 8: Assured Deletion of Data
15.2.8.1 Solutions
15.2.8.2 Limitations
15.2.9 Challenge 9: API's Validation
15.2.9.1 Solutions
15.2.9.2 Limitations
15.2.10 Challenge 10: Usable Security Solutions
15.2.10.1 Solutions
15.2.10.2 Limitations
15.3 Conclusions
References
16 Secure Elliptic Curves in Cryptography
16.1 Introduction
16.2 Elliptic Curves
16.2.1 Definition
16.2.2 Elliptic Curves Over Finite Fields
16.2.2.1 Weierstrass Curves
16.2.2.2 Edwards Curves
16.2.2.3 Montgomery Curves
16.2.3 Transforming Formulas
16.3 Brainpool
16.3.1 Key Length
16.3.2 Seed Generation
16.3.3 Seed to Candidate Conversion
16.3.4 Validation of Parameters a and b
16.3.5 Cofactors
16.3.6 Factorizations
16.4 SafeCurves
16.4.1 Curve Parameters
16.4.2 ECDLP Security
16.4.3 ECC Security
16.4.4 Results
16.5 Conclusions
References
17 Mathematical Models for Malware Propagation in Wireless Sensor Networks: An Analysis
17.1 Introduction
17.2 Wireless Sensor Networks and Their Security
17.3 Mathematical Models for Malware Propagation in WSNs
17.4 Network Propagation Models
17.4.1 Mathematical Background on Networks
17.4.2 Mathematical Models in Heterogeneous Networks
17.4.2.1 General Considerations
17.4.2.2 The SIS Model
17.4.2.3 The SIR Model
17.5 Conclusions
References
Part IV Biometrics and Forensics
18 Biometric Systems for User Authentication
18.1 Introduction
18.2 Basic Block Diagram of a Biometric System
18.3 Performance Metrics for Biometric Systems
18.4 Biometric Systems for User Identification
18.4.1 Fingerprint Recognition
18.4.2 Iris Recognition
18.4.3 Retinal Scans
18.5 Biometric Systems for User Verification
18.5.1 Face Recognition Systems
18.5.2 Speaker Recognition Systems
18.5.3 Hand Geometry-Based Biometric Systems
18.5.4 Signature Recognition Systems
18.6 Comparison of the Biometric Systems Based on Operating Parameters
18.7 Spoofing Attacks on Biometric Systems
18.7.1 Spoofing Fingerprints
18.7.2 Spoofing the Face
18.7.3 Spoofing the Voice
18.7.4 Transmitter Attacks
18.7.5 Replay Attacks
18.7.6 Template Attacks
18.7.7 Solution to Mitigate Spoofing Attacks
18.8 Multi-Biometric Systems
18.8.1 Levels of Fusion of Multi-biometric Systems Operating in Parallel Mode
18.9 Conclusions
References
19 Biometric Authentication and Data Security in Cloud Computing
19.1 Introduction
19.2 Preliminaries
19.2.1 Cloud Platform
19.2.2 Data Security
19.3 An Example of Cloud Platform
19.3.1 General Implementation of the Cloud System
19.3.2 Integration of Biometric Recognition with the Cloud Platform
19.3.2.1 Biometric Recognition
19.3.2.2 Performance of the Authentication System
19.3.2.3 Automation of the Biometric Access
19.3.3 Data security
19.3.3.1 Distributed Storage Systems
19.3.3.2 Architecture of the System
19.4 Conclusion
References
20 Approximate Search in Digital Forensics
20.1 Introduction
20.2 Bit-Parallel Search
20.2.1 Exact Bit-Parallel Search
20.2.2 Approximate Bit-Parallel Search
20.3 Introducing Constraints in Approximate Search
20.4 Conclusion
References
21 Privacy Preserving Internet Browsers: Forensic Analysisof Browzar
21.1 Introduction
21.2 Background
21.2.1 Forensic Analysis and Web Browser
21.2.2 Privacy Browsing
21.2.3 Browzar
21.3 Forensic Acquisition and Analysis of Browzar Privacy Browser
21.3.1 Adopted Approach
21.3.2 Experimental Environments
21.4 Experiments and Analysis
21.4.1 Change Monitoring
21.4.1.1 Browzar
21.4.1.2 Chrome and Firefox
21.4.2 Forensic Acquisition
21.4.2.1 Live Data Forensics
21.4.2.2 Post-Mortem Data Acquisition
21.4.3 Forensic Analysis
21.4.3.1 Browzar: Memory Analysis
21.4.3.2 Browzar: Post-Mortem Analysis
21.4.3.3 Google Chrome: Memory Analysis
21.4.3.4 Google Chrome: Post-Mortem Analysis
21.4.3.5 Mozilla Firefox: Memory Analysis
21.4.3.6 Mozilla Firefox: Post-Mortem Analysis
21.4.4 Discussion
21.5 Conclusions and Future Work
References
Part V Hardware Security
22 Experimental Digital Forensics of Subscriber Identification Module (SIM) Card
22.1 SIM Cards Overview
22.2 Development Environment
22.3 SIM Communication Protocols
22.3.1 Using APDU Command
22.3.2 Using AT Command
22.3.2.1 Command Structure
22.3.2.2 Response Format
22.3.3 AT vs APDU Commands
22.4 SIM File Identifier
22.5 Data Acquisition
22.5.1 Short Message Service (SMS) Forensics
22.6 SIM Card Forensic Methodology
22.7 SIM Card Forensics Proof-of-Concept
22.7.1 Case 1: Old/Fresh SIM Forensic
22.7.2 Case 2: Blank SIM Forensic
22.7.3 Case 3: PIN Key Enabled/Disabled Forensic
22.7.4 Case 4: Timeline and Event Reconstruction
22.7.5 Case 5: SIM/USIM Header Extraction
22.8 Findings and Conclusion
References
23 A Dynamic Area-Efficient Technique to Enhance ROPUFs Security Against Modeling Attacks
23.1 Introduction
23.2 Research Background
23.2.1 Basic and Configurable Silicon PUFs
23.2.2 Reconfigurable Silicon PUFs (rPUFs)
23.3 Implementations of the Proposed Technique on Real Hardware
23.4 Discussion of Experimental Results
23.4.1 The Normality of RO Sample Frequencies
23.4.2 Loop Parameters of ROPUF Model
23.4.3 Correlation Between d-ROPUF Structures and Their Performances
23.4.4 Quality Metrics of d-ROPUF Structures
23.5 Conclusions
References
24 Physical Unclonable Functions (PUFs) Design Technologies: Advantages and Trade Offs
24.1 Introduction
24.2 Theoretical Background
24.2.1 Fundamental Terms and Metrics
24.2.2 Categories
24.2.2.1 Non-Intrinsic and Intrinsic
24.2.2.2 Electronic and Non-Electronic
24.3 Designs of Silicon PUFs
24.3.1 Delay
24.3.1.1 Arbiter PUF
24.3.1.2 Ring Oscillator PUF
24.3.1.3 Modeling Attacks and Security
24.3.2 Memory
24.3.2.1 SRAM PUF
24.3.2.2 Bistable Ring (BR-PUF)
24.3.3 Mix Signal
24.3.3.1 MECCA PUF
24.3.3.2 SHIC PUF
24.4 Conclusions and Outlook
References
Part VI Security Applications
25 Generic Semantics Specification and Processing for Inter-System Information Flow Tracking
25.1 Introduction
25.2 Information Flow Model
25.2.1 Formal Model
25.3 Generic Primitives for Information Flow Semantics
25.3.1 Primitives for Updating the Storage Function
25.3.2 Primitives for Updating the Alias Function
25.3.3 Primitives for Updating the Naming Function
25.4 Inter-Layer and Inter-System Flows
25.4.1 Extended Information Flow Model
25.4.2 Selecting the Appropriate Scope Semantics for an Event
25.4.3 Scope Processing
25.5 Instantiation
25.5.1 Inter-System Information Flow Tracking
25.5.2 Client Side Policy Enforcement
25.6 Related Work
25.7 Conclusion
References
26 On Inferring and Characterizing Large-Scale Probing and DDoS Campaigns
26.1 Introduction
26.1.1 Background
26.1.2 Organization
26.2 Probing Campaigns
26.2.1 Inferring Probing Events
26.2.2 Inferring and Characterizing Probing Campaigns
26.3 DDoS Campaigns
26.3.1 Inferring DDoS Events
26.3.2 Inferring and Characterizing DDoS Campaigns
26.3.2.1 TCP SYN Flooding on Multiple HTTP Servers
26.4 Related Work
26.5 Concluding Remarks
26.5.1 Considerations and Research Gaps
References
27 Design of a Secure Framework for Session Mobilityas a Service in Cloud Computing Environment
27.1 Introduction
27.2 Secure Session Mobility as a Service (SMaaS) Framework
27.2.1 Network Model
27.2.2 Sequence of Steps
27.3 Qualitative Comparison of SMaaS with Related Work
27.3.1 SMaaS vs. Standard FTP
27.3.2 SMaaS vs. Parallel/Mirror Server Schemes
27.3.3 SMaaS vs. Peer-to-Peer File Sharing Schemes
27.3.4 SMaaS vs. Kerberos and Anycasting
27.3.5 Other Related Work
27.4 Simulation Plan
27.5 Conclusions
References
Part VII Security Management
28 Securing the Internet of Things: Best Practices for Deploying IoT Devices
28.1 Introduction
28.2 Background
28.3 Major IoT Security Incidents
28.3.1 Target Corporation's IoT Breach
28.3.2 The Mirai IoT Botnet
28.4 General Security Best Practices
28.5 IoT Challenges
28.5.1 Cyber-Physical Attacks
28.6 IoT Cyber Attack Proof of Concept
28.7 Best Practices for Deploying IoT Devices
28.8 Conclusion
References
29 Cognitive Computing and Multiscale Analysis for Cyber Security
29.1 Cyber-Threat Landscape
29.2 Cognitive Computing, Complexity, and Complexity Measures
29.3 Cyber-Threats and Need for Complexity Analysis
29.4 Inseparability Problem in Cyber Security Through Examples
29.5 Multiscale Analysis
29.5.1 Significance of Scale
29.5.2 Single Scale vs Multiscale
29.5.3 Multiscale Analysis Using Fractals
29.5.4 Multiscale Analysis Using Wavelets
29.6 Conclusion
References
30 A Comparative Study of Neural Network Training Algorithmsfor the Intelligent Security Monitoring of Industrial ControlSystems
30.1 Introduction
30.2 Facilities and Resources
30.3 Neural Networks
30.4 Neural Network Training Functions
30.4.1 Conjugate Gradient Method (trainscg)
30.4.2 Newton's Method and Other Variations (trainbf and trainlm)
30.4.3 Resilient Backpropagation Algorithm (trainrp)
30.4.4 Gradient Descent with Momentum (traingdm) and Gradient Descent with Momentum and Adaptive Learning Rate (traingdx)
30.5 Comparative Analysis of Neural Network Training Algorithms
30.5.1 Network Error Performance
30.5.1.1 Comparisons of Training Algorithms
30.5.1.2 Continuous vs Discrete
30.5.1.3 Without Water Temperature vs With Water Temperature
30.5.2 Success Rate
30.5.3 Run Time
30.5.4 Epochs
30.6 Comparative Analysis of Neural Network Training Algorithms
30.7 Conclusion and Future Work
References
31 Cloud Computing: Security Issues and Establishing Virtual Cloud Environment via Vagrant to Secure Cloud Hosts
31.1 Introduction to Cloud Computing
31.2 Cloud Computing
31.3 Cloud Computing Security Issues
31.4 Virtual Cloud Environment
31.4.1 Automation Tools
31.4.2 Setup and Configuration
31.5 Discussion
31.6 Conclusions
References
32 A Survey and Comparison of Performance Evaluation in Intrusion Detection Systems
32.1 Introduction
32.2 Standardized Datasets for Benchmarking IDSs
32.3 Metrics Used to Evaluate and Compare IDSs
32.4 Specification Method
32.5 Support Vector Machines
32.6 Machine Learning
32.7 Behaviour-Based Approaches
32.8 Mobile Agents
32.9 Genetic Network Programming
32.10 Fast Inductive Learning
32.11 Situational Awareness
32.12 Back Propagation
32.13 Fuzzy Logic
32.14 Comparisons of IDSs by Metrics Used
32.15 Conclusion
References
33 Accountability for Federated Clouds
33.1 Introduction
33.2 Cloud Environments
33.2.1 Accountability for Federated Clouds
33.3 Why Accountability Is Important for Federated Clouds?
33.4 CloudAcc Framework
33.4.1 Supporting Layer
33.4.2 Service Layer
33.5 CloudAcc Implementation in a Real Federated Cloud
33.5.1 CloudAcc Implementation Challenges
33.6 Final Considerations
References
34 A Cognitive and Concurrent Cyber Kill Chain Model
34.1 Stages of Cyber-Attack Kill Chain
34.1.1 Reconnaissance (R)
34.1.2 Weaponization (W)
34.1.3 Delivery (D)
34.1.3.1 User Interaction Required
34.1.3.2 No User Interaction Required
34.1.4 Exploitation (E)
34.1.4.1 Software Vulnerabilities
34.1.4.2 Network Vulnerabilities
34.1.4.3 Embedded/Firmware/Hardware Vulnerabilities
34.1.5 Installation (I)
34.1.6 Command and Control (CnC)
34.1.7 Actions on Objectives (A)
34.2 Critique of Cyber Kill Chain
34.3 Cognitive Cyber Security
34.4 Examples of the Proposed Cognitive Analytical Kill Chain
34.4.1 Example 1: Phishing Emails
34.4.2 Example 2: DNS Denial of Service (DoS) Attack
34.5 Conclusion
References
35 Defense Methods Against Social Engineering Attacks
35.1 Defense Against Social Engineering Attacks
35.1.1 Physical Security
35.1.2 Internal/Digital Security
35.1.3 Implementation of Efficient Security Policy and Procedures
35.1.4 Penetration Testing
35.1.5 User Training and Security Awareness
35.2 Analysis of Mitigation Strategies
35.2.1 The Most Potent Approach: Security Awareness
35.2.2 Case Studies
35.2.2.1 Company A
35.2.2.2 Company B
35.2.2.3 Company C
35.2.3 Review of Case Studies
35.2.4 Methods to Improve User Awareness
35.3 Chapter Summary
References
Editor Kevin�Daimi
Associate Editors Guillermo Francia
Levent Ertaul · Luis Hernandez Encinas
Eman El-Sheikh
Computer
and Network
Security
Essentials
Computer and Network Security Essentials
Kevin Daimi
Editor
Computer and Network
Security Essentials
123
Editor
Kevin Daimi
University of Detroit Mercy
Detroit, MI, USA
Associate Editors
Guillermo Francia
Jacksonville State University, USA
Luis Hernandez Encinas
Institute of Physical and Information
Technologies (ITEFI), Spain
Levent Ertaul
California State University East Bay
USA
Eman El-Sheikh
University of West Florida, USA
ISBN 978-3-319-58423-2
DOI 10.1007/978-3-319-58424-9
ISBN 978-3-319-58424-9 (eBook)
Library of Congress Control Number: 2017943957
© Springer International Publishing AG 2018
This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of
the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,
broadcasting, reproduction on microfilms or in any other physical way, and transmission or information
storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology
now known or hereafter developed.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication
does not imply, even in the absence of a specific statement, that such names are exempt from the relevant
protective laws and regulations and therefore free for general use.
The publisher, the authors and the editors are safe to assume that the advice and information in this book
are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or
the editors give a warranty, express or implied, with respect to the material contained herein or for any
errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional
claims in published maps and institutional affiliations.
Printed on acid-free paper
This Springer imprint is published by Springer Nature
The registered company is Springer International Publishing AG
The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland
Preface
The constantly increasing trend of cyber-attacks and global terrorism makes it vital
for any organization to protect and secure its network and computing infrastructure.
With the continuous progress the Internet is facing, companies need to keep up
by creating and implementing various software products and by utilizing advanced
network and system equipment that need to be protected against various attacks.
Data stored in our computers can also be subject to unauthorized access. Attackers
can modify our data, steal our critical information including personal information,
read and alter our e-mail messages, change program code, and possibly mess with
our photos including using them for wicked purposes. Intruders can also employ
our computers to attack other computers, websites, and networks without our
knowledge. By enforcing security of networks and other computing infrastructure,
the possibility of losing important data, privacy intrusion, and identity theft can
be countermeasured. Many professionals working in computer technology consider
security as an afterthought. They only take it seriously when a security problem
occurs. It is imperative that society should start accepting security as the new norm.
Computer and Network Security Essentials will introduce the readers to the
topics that they need to be aware of to be able to protect their IT resources
and communicate with security specialists in their own language when there is a
security problem. It introduces IT security to the public at large to improve their
security knowledge and perception. The book covers a wide range of security
topics including computer security, network security, cryptographic technologies,
biometrics and forensics, hardware security, security applications, and security
management. It introduces the concepts, techniques, methods, approaches, and
trends needed by security specialists to improve their security skills and capabilities.
Further, it provides a glimpse of future directions where security techniques,
policies, applications, and theories are headed. The book is a rich collection of
carefully selected and reviewed manuscripts written by diverse security experts in
the listed fields and edited by prominent security researchers.
University of Detroit Mercy, USA
Kevin Daimi
v
Acknowledgments
We would like to thank the following faculty and researchers for the generous time
and effort they invested in reviewing the chapters of this book. We would also like to
thank Mary James, Zoe Kennedy, Brinda Megasyamalan, Brian Halm, and Sasireka
Kuppan at Springer for their kindness, courtesy, and professionalism.
Nashwa AbdelBaki, Nile University, Egypt
Hanaa Ahmed, University of Technology, Iraq
Ahmed Ali Ahmed Al-Gburi, Western Michigan University, USA
Abduljaleel Mohamad Mageed Al-Hasnawi, Western Michigan University, USA
Rita Michelle Barrios, University of Detroit Mercy, USA
Pascal Birnstill, Fraunhofer IOSB, Germany
Aisha Bushager, University of Bahrain, Bahrain
Ángel Martín del Rey, University of Salamanca, Spain
Alberto Peinado Domínguez, Universidad de Málaga, Spain
Xiujuan Du, Qinghai Normal University, China
Luis Hernandez Encinas, Spanish National Research Council (CSIC), Spain
Patricia Takako Endo, University of Pernambuco, Brazil
Jason Ernst, Left™, Canada
Levent Ertaul, California State University, East Bay, USA
Ken Ferens, University of Manitoba, Canada
José María De Fuentes, Universidad Carlos III de Madrid, Spain
Alejandro Sánchez Gómez, Universidad Autónoma de Madrid, Spain
Arturo Ribagorda Grupo, Universidad Carlos III de Madrid, Spain
David Arroyo Guardeño, Universidad Autónoma de Madrid, Spain
Hisham Hallal, Fahad Bin Sultan University, Saudi Arabia
Tarfa Hamed, University of Guelph, Canada
Zubair Ahmad Khattak, ISACA, USA
Irene Kopaliani, Georgian Technical University, Georgia
Stefan C. Kremer, University of Guelph, Canada
Gregory Laidlaw, University of Detroit Mercy, USA
Arash Habibi Lashkari, University of New Brunswick, Canada
vii
viii
Acknowledgments
Leszek T. Lilien, Western Michigan University, USA
Lorena González Manzano, Universidad Carlos III de Madrid, Spain
Victor Gayoso Martínez, Spanish National Research Council (CSIC), Spain
Natarajan Meghanathan, Jackson State University, USA
Agustín Martín Muñoz, Spanish National Research Council (CSIC), Spain
Mais W. Nijim, Texas A&M University–Kingsville, USA
Kennedy Okokpujie, Covenant University, Nigeria
Saibal Pal, Defense R&D Organization, India
Ioannis Papakonstantinou, University of Patras, Greece
Keyur Parmar, Indian Institute of Information Technology, INDIA
Bryson R. Payne, University of North Georgia, USA
Slobodan Petrovic, Norwegian University of Science and Technology (NTNU),
Norway
Thiago Gomes Rodrigues, GPRT, Brazil
Gokay Saldamli, San Jose State University, USA
Jibran Saleem, Manchester Metropolitan University, UK
Narasimha Shashidhar, Sam Houston State University, USA
Sana Siddiqui, University of Manitoba, Canada
Nicolas Sklavos, University of Patras, Greece
Polyxeni Spanaki, University of Patras, Greece
Tyrone Toland, University of South Carolina Upstate, USA
Jesús Díaz Vico, BEEVA, Spain
Contents
Part I Computer Security
1
2
3
4
5
Computer Security .........................................................
Jeffrey L. Duffany
A Survey and Taxonomy of Classifiers of Intrusion Detection
Systems ......................................................................
Tarfa Hamed, Jason B. Ernst, and Stefan C. Kremer
A Technology for Detection of Advanced Persistent Threat
in Networks and Systems Using a Finite Angular State Velocity
Machine and Vector Mathematics ........................................
Gregory Vert, Ann Leslie Claesson-Vert, Jesse Roberts,
and Erica Bott
Information-Theoretically Secure Privacy Preserving
Approaches for Collaborative Association Rule Mining ...............
Nirali R. Nanavati and Devesh C. Jinwala
A Postmortem Forensic Analysis for a JavaScript Based Attack .....
Sally Mosaad, Nashwa Abdelbaki, and Ahmed F. Shosha
3
21
41
65
79
Part II Network Security
6 Malleable Cryptosystems and Their Applications in Wireless
Sensor Networks ............................................................
Keyur Parmar and Devesh C. Jinwala
97
7
8
A Survey and Taxonomy on Data and Pre-processing
Techniques of Intrusion Detection Systems .............................. 113
Tarfa Hamed, Jason B. Ernst, and Stefan C. Kremer
Security Protocols for Networks and Internet: A Global Vision ...... 135
José María de Fuentes, Luis Hernandez-Encinas,
and Arturo Ribagorda
ix
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
