Computer security Books

Book SynopsisEthics: Ethical Principles for the Production of Offcial Statistics Using Machine Learning and Artificial Intelligence Techniques.- Identifying AI Challenges in Research Practices through Research Ethics Reviews.- Interpretability and the Measurement of Ethical Foundations in Artificial Intelligence.- The Mediating Effect of Job Crafting in the Relationship between Organizational Commitment and Organizational Citizenship Behavior and its Ethical Implications.- On the Current (Im)possibility of Achieving Public Value through the EU Digital Strategy: An Ethics Method to Seek a ”Collectual” Equilibrium.- Inclusive Governance of Artificial Intelligence: Towards an Ethical Framework for Neurodivergence.- How AI is Reshaping Creativity: DeepSeek vs ChatGPT Plus in LEGO® SERIOUS PLAY®.- Sovereignty, Surveillance, and the Cloud: Geopolitical and Ethical Issues of Global Cloud Computing. Society: The use of social media and artificial intelligence to radicalize young people in jihadist terrorism Using AI for Research and Educational Support: Enhancing the Design of Computer-Based Evaluations.- Towards a Gender-inclusive Tech Landscape in Portugal: Women4Digital’s Insights on Gender and Digital Transformation.- Integrating Ethics and Gender Equality in Artificial Intelligence Education: A Study of Higher Education in Portugal.- Gender and Emerging Digital Technologies in Education.- Impact of Gender Bias in the Output of AI Language models on Heavy Users. Education: Students’ Perception of the Integration of GenAI in Academic Paper Assignment Preparation.- Comparative Analysis of Instructor and AI Assessments: Objectivity, Biases, and Impact on Academic Grading.- AI Ethics in Higher Education: A Review of Ethical Challenges.- Just Hallucinations? The Problem of AI Literacy with a New Digital Divide.- Ethical Aspects of Distributed Extended Reality Training.- Corporate Financial Statement Analysis in Education 4.0.- Challenging AI as Critical Thinking.- AI Ethics in Higher Education Content Creation.- GenAI and Proportionality: European and Portuguese ethical-legal framework.- Rethinking Educational Assessment in the Age of Artificial Intelligence. Systems: Evaluating the Role of Chatbots in Higher Education Based on Students’ Experiences.- Parental Memory and Digital Traces of School Closures during the COVID-19 Pandemic : What Is Remembered, What Fades, and What Is Left Behind.- "There are so many" - Harms of Smart Homes.- Digital Identity and Control: How AI Replicas Challenge Performance Rights.- Through the Educators’ Lens: University Teachers’ Perceptions of AI Integration in Higher Education.- Ethical Issues in the Use of Generative AI Chatbots for Therapeutic Purposes.- A Case Against the Feasibility of AI Consciousness (AIC).- Some problems in the ethical impact assessment of emerging technologies and socio-technical visions: case CityVerse.- Security and Ethics in the Use of Computing Technologies and the Internet.- Social Risks of Brain Machine Interface Usage: Questionnaire Survey for People with and without Disabilities.- Symbolic Aspects of Online Privacy Protection Behaviour: From a Social Communication Perspective.- Operational Archives and the Right to Be Forgotten.- Smart Doorbells in a Surveillance Society.- User Engagement and Barriers in the Standardization Processes of Digital ID Architectures.- Systematic review on AI Ethics in privacy for V2X Communication.- Beyond Regulation and Moderation: A Forster-Inspired Framework for Machine Evolution.- The Epistemic Politics of Biometric Border Control.- Quizly: Transforming Quiz Experiences with Multi Modal Inputs for Differently Abled Users. Security: Comprehensive Approaches to Personal Data Protection Amid Evolving Cyber Threats.- Deepfake Manipulation and Ethical Dilemmas: A Comprehensive Risk Assessment.- Digital Agriculture Under Threat: Cybersecurity Challenges and Policy Gaps.- Cybersecurity 2030: The Synergy between Machine Learning and Generative AI.- Artificial Intelligence and Ethical Responsibility: The Impact of Algorithmic Decisions on Cybersecurity.- Cybersecurity Best Practices: A Comprehensive Guide.- Enhancing Health Information Access via ChatGPT and the E-Citizens Portal.

Read more less

Book SynopsisThe book, in addition to the cyber threats and technology, processes cyber security from many sides as a social phenomenon and how the implementation of the cyber security strategy is carried out.The book gives a profound idea of the most spoken phenomenon of this time. The book is suitable for a wide-ranging audience from graduate to professionals/practitioners and researchers. Relevant disciplines for the book are Telecommunications / Network security, Applied mathematics / Data analysis, Mobile systems / Security, Engineering / Security of critical infrastructure and Military science / Security.Trade Review“This wonderfully documented text explores the mechanics and methods of digital security and the steps necessary to ensure privacy. … For the professional who is mathematically literate, the book is a must-read. The reference sections that follow each chapter rival that of any PhD thesis ever written. It is magnificent in its scholarship.” (James Van Speybroeck, Computing Reviews, October, 2015)Table of ContentsPart I Cyber World Today.- 1 Phenomenon in the Cyber World.- 2 Cyber World as a Social System.- 3 Citizens in Cyber World – Despatches from the Virtual "Clinic".- 4 Powers and Fundamental Rights in Cyber Security.- Part II: Cyber Security Threats, Legality and Strategy.- 1 Coder, Hacker, Soldier, Spy.- 2 Cyber Warfare.- 3 Deception in the Cyber-World.- 4 Legal Framework of Cyber Security.- 5 Finnish Cyber Security Strategy and Implementation.- Part III Cyber Security Technology.- 1 Clustering-Based Protocol Classification via Dimensionality Reduction.- 2 Timing and Side Channel Attacks.- 3 Knowledge Discovery from Network Logs.- 4 Trusted Computing and DRM.- Part IV Cyber Security and Automation.-1 Cyber Security and Protection of ICS Systems: An Australian Example.- 2 Towards Dependable Automation.- 3 Specialized Honeypots for SCADA Systems.

Read more less

Book SynopsisTabletop exercises are a common way to test disaster recovery and business continuity plans, but they can also be some of the most dry and boring meetings any professional can attend. Following a set script with no variation can cause folks to lose interest and question the value of such exercises, even when they are required for compliance frameworks such as SOC2.What is a security professional to do? Simpleintroduce variability by adding dice!Gamification isn't a new idea, but applying some principles of gamification to a traditional tabletop exercise can breathe new life into a potentially monotonous activity. This book covers how to build a gamified tabletop exercise from the ground up, and provides example exercises you can build upon for your own needs. Not only will participation improve, but you will have reusable exercises to work with as each walk-through can produce different results, helping to cover multiple outcomes when testing your recovery capabilities. By providing examples and a methodical approach on how to build gamification into a traditional tabletop, the goal is to provide a new perspective on tabletop exercises that should be more engaging for all participants, and thus more beneficial for everyone involved. Avoid the monotony and start practicing with realistic consequences for decisions with dice rolls!What You Will LearnPlan, build, and execute tabletop exercises with participantsUnderstand and explaingamification benefits and how to add it to traditional tabletop exercisesUnderstandwhy and how to introduce such concepts to a traditional tabletop exerciseGet up to speed on the purpose of tabletop exercises as well as how to improve participation and retention of exercise participantsCompile tips and tricks to help when encountering unexpected issues during tabletop exercises, from unexpected decisions to difficult participantsKnow tools and techniques, such as using mind maps, tohelpplan and build gamified tabletop exercisesWho This Book Is ForGRC or security professionals who would are responsible for executing a tabletop exercise or otherwise tasked with annual testing of the company disaster recovery/business continuity plans. Even participants who are looking for alternatives to traditional happy path tabletops may be interested.

Read more less

Book SynopsisChapter 1: IAM, Securing Identities in the Digitalization Era.- Chapter 2: PAM, Protecting Privileged Accounts and Access Management.- Chapter 3: IAM and PAM risks, impacts, and challenges.- Chapter 4: IAM and PAM tools and frameworks.

Read more less

Book SynopsisChapter 1: Introduction.- Chapter 2: Legal requirements in ISO/IEC 42001:2023.- Chapter 3: Security.- Chapter 4: Privacy.- Chapter 5: Explainability and Transparency.- Chapter 6: Fairness.- Chapter 7: Conclusion.

Read more less

Book SynopsisCyber System.- Cyber-Physical Systems: A New Frontier.- Security.- Misleading Learners: Co-opting Your Spam Filter.- Survey of Machine Learning Methods for Database Security.- Identifying Threats Using Graph-based Anomaly Detection.- On the Performance of Online Learning Methods for Detecting Malicious Executables.- Efficient Mining and Detection of Sequential Intrusion Patterns for Network Intrusion Detection Systems.- A Non-Intrusive Approach to Enhance Legacy Embedded Control Systems with Cyber Protection Features.- Image Encryption and Chaotic Cellular Neural Network.- Privacy.- From Data Privacy to Location Privacy.- Privacy Preserving Nearest Neighbor Search.- Reliability.- High-Confidence Compositional Reliability Assessment of SOA-Based Systems Using Machine Learning Techniques.- Model, Properties, and Applications of Context-Aware Web Services.Trade ReviewFrom the reviews: "This is a useful book on machine learning for cyber security applications. It will be helpful to researchers and graduate students who are looking for an introduction to a specific topic in the field. All of the topics covered are well researched. The book consists of 12 chapters, grouped into four parts." (Imad H. Elhajj, ACM Computing Reviews, October, 2009)Table of ContentsCyber System.- Cyber-Physical Systems: A New Frontier.- Security.- Misleading Learners: Co-opting Your Spam Filter.- Survey of Machine Learning Methods for Database Security.- Identifying Threats Using Graph-based Anomaly Detection.- On the Performance of Online Learning Methods for Detecting Malicious Executables.- Efficient Mining and Detection of Sequential Intrusion Patterns for Network Intrusion Detection Systems.- A Non-Intrusive Approach to Enhance Legacy Embedded Control Systems with Cyber Protection Features.- Image Encryption and Chaotic Cellular Neural Network.- Privacy.- From Data Privacy to Location Privacy.- Privacy Preserving Nearest Neighbor Search.- Reliability.- High-Confidence Compositional Reliability Assessment of SOA-Based Systems Using Machine Learning Techniques.- Model, Properties, and Applications of Context-Aware Web Services.

Read more less

Book SynopsisThe inside story of the largest digital piracy sting to date.Trade Review"A super-charged, electrifying story. CRACK99 reads like a bestselling thriller!" -- Brad Thor, #1 New York Times bestselling author of Code of Conduct "A gripping and sobering account of the hemorrhage of high-end American computer programs into the Chinese internet black market...A riveting story." -- Dennis Blair, former director of national intelligence and co-chairman, Intellectual Property Commission "A rollicking true tale of high-level undercover cyber espionage in which Hall puts every bit of his extensive experience and investigative skills into catching a cyber-pirate. His stories of teaming with Homeland Security agents to double-cross a Chinese cyber criminal are, in a word, sensational." -- Retired FBI Special Agent Robert K. Wittman, author of Priceless: How I Went Undercover to Rescue the World's Stolen Treasures

Read more less

Book SynopsisThe inside story of the largest digital piracy sting to date.Trade Review"A crackling good tale, well-told in Hall's confiding, thoughtful, and humorous tone." -- Eloise Kinney - Booklist "A quirky tale of international pursuit through a legal labyrinth with unsettling implications regarding proliferation of ominous technologies." -- Kirkus Reviews "A super-charged, electrifying story. CRACK99 reads like a bestselling thriller!" -- Brad Thor, #1 New York Times bestselling author of Code of Conduct "A gripping and sobering account of the hemorrhage of high-end American computer programs into the Chinese internet black market...A riveting story." -- Dennis Blair, former director of national intelligence and co-chairman, Intellectual Property Commission "A rollicking true tale of high-level undercover cyber espionage in which Hall puts every bit of his extensive experience and investigative skills into catching a cyber-pirate. His stories of teaming with Homeland Security agents to double-cross a Chinese cyber criminal are, in a word, sensational." -- Retired FBI Special Agent Robert K. Wittman, author of Priceless: How I Went Undercover to Rescue the World's Stolen Treasures

Read more less

Book SynopsisThis book provides an understanding of governance and its relevance to information security. It gives readers a clear, step-by-step approach to developing a sound security strategy aligned with their business objectives in order to ensure a predictable level of functionality and assurance.Table of ContentsINTRODUCTION. CHAPTER 1: GOVERNANCE OVERVIEW. 1.1 What Is It? 1.2 Back to Basics. 1.3 Origins of Governance. 1.4 Governance Definition. 1.5 Information Security Governance. 1.6 Six Outcomes of Effective Security Governance. 1.7 Defining Information, Data, Knowledge. 1.8 Value of Information. CHAPTER 2: WHY GOVERNANCE? 2.1 Benefits of Good Governance. 2.1.1 Aligning Security with Business Objectives. 2.1.2 Providing the structure and framework to optimize allocations of limited resources. 2.1.3 Providing assurance that critical decisions are not based on faulty information. 2.1.4 Ensuring accountability for safeguarding critical assets. 2.1.5 Increasing trust of customers and stakeholders. 2.1.6 Increasing the company’s worth. 2.1.7 Reducing liability for information inaccuracy or lack of due care in protection. 2.1.8 Increasing predictability and reducing uncertainty of business operations. 2.2 A Management Problem. CHAPTER 3: LEGAL AND REGULATORY REQUIREMENTS. 3.1 Security Governance and Regulation. CHAPTER 4: ROLES & RESPONSIBILITIES. 4.1 The Board of Directors. 4.2 Executive Management. 4.3 Security Steering Committee. 4.4 The CISCO. CHAPTER: STRATEGIC METRICS. 5.1 Governance Objectives. 5.1.1 Strategic Direction. 5.1.2 Ensuring Objectives are Achieved. 5.1.3. Risks Managed Appropriately. 5.1.4 Verifying Resources are Used Responsibly. CHAPTER 6: INFORMATION SECURITY OUTCOMES. 6.1 Defining Outcomes. 6.1.1 Strategic alignment. 6.1.2 Risk Management. 6.1.3 Business process assurance / convergence. 6.1.4 Value delivery. 6.1.5 Resource management. 6.1.6 Performance measurement. CHAPTER 7: SECURITY GOVERNANCE OBJECTIVES. 7.1 Security Architecture. 7.1.1 Managing Complexity. 7.1.2 Providing a Framework & Road Map. 7.1.3 Simplicity & Clarity through Layering & Modularisation. 7.1.4 Business Focus beyond the Technical Domain. 7.1.5 Objectives of Information Security Architectures. 7.1.6 SABSA Framework for Security Service Management. 7.1.7 SABSA Development Process. 7.1.8 SABSA Lifecycle. 7.1.9 SABSA Attributes. 7.2 COBIT. 7.3 Capability Maturity Model. 7.4 ISO/IEC 27001/ 27002. 7.4.1 ISO 27001. 7.4.2 ISO 27002. 7.5 Other Approaches. 7.5.1 National Cybersecurity Task Force. CHAPTER 8: RISK MANAGEMENT OBJECTIVES. Risk Management Responsibilities. Managing Risk Appropriately. 8.1 Determining Risk Management Objectives. 8.1.1 Recovery Time Objectives. CHAPTER 9: CURRENT STATE. 9.1 Current State of Security. 9.2 Current State of Risk Management. 9.3 Gap Analysis - Unmitigated Risk. 9.3.1 SABSA. 9.3.2 CMM. CHAPTER 10: DEVELOPING A SECURITY STRATEGY. 10.1 Failures of Strategy. 10.2 Attributes of A Good Security Strategy. 10.3 Strategy Resources. 10.3.1 Utilizing Architecture for Strategy Development. 10.3.2 Using Cobit for Strategy Development. 10.3.3 Using CMM for Strategy Development. 10.4 STRATEGY CONSTRAINTS. 10.4.1 Contextual constraints. 10.4.2 Operational constraints. CHAPTER 11: SAMPLE STRATEGY DEVELOPMENT. 11.1 The Process. CHAPTER 12: IMPLEMENTING STRATEGY. Action Plan Intermediate Goals. Action Plan Metrics. Re-engineering. Inadequate Performance. 12.1 Elements Of Strategy. 12.1.1 Policy Development. Attributes of Good Policies. Sample Policy Development. Other Policies. 12.1.2 Standards. Attributes of Good Standards. Sample Standards. Classifications. Standard Statement. CHAPTER 13: SECURITY PROGRAM DEVELOPMENT METRICS. 13.1 Information Security Program Development Metrics. 13.2 Program Development Operational Metrics. CHAPTER 14: INFORMATION SECURITY MANAGEMENT METRICS. 14.1 Management Metrics. 14.2 Security Management Decision Support Metrics. 14.4 CISO Decisions. 14.2.1 Strategic alignment. 14.2.2 Risk Management. 14.2.3 Metrics for Risk Management. 14.2.4 Assurance Process Integration. 14.2.5 Value Delivery. 14.2.6 Resource Management. 14.2.7 Performance Measurement. 14.7 Information Security Operational Metrics. 14.3.1 IT and Information Security Management. 14.3.2 Compliance Metrics. CHAPTER 15: INCIDENT MANAGEMENT AND RESPONSE METRICS. 15.1 Incident Management Decision Support Metrics. Conclusion. Appendix A. SABSA Business Attributes & Metrics. Appendix B. Cultural Worldviews. Heirarchists. Egalitarians. Individualists. Fatalists.

Read more less

Book SynopsisDiscover the process of e-discovery and put good practices in place. Electronic information involved in a lawsuit requires a completely different process for management and archiving than paper information.Table of ContentsIntroduction 1 Who Should Read This Book? 1 About This Book 2 What You’re Not to Read 2 Foolish Assumptions 2 How This Book Is Organized 3 Part I: Examining e-Discovery and ESI Essentials 3 Part II: Guidelines for e-Discovery and Professional Competence 3 Part III: Identifying, Preserving, and Collecting ESI 4 Part IV: Processing, Protecting, and Producing ESI 4 Part V: Getting Litigation Ready 4 Part VI: Strategizing for e-Discovery Success 5 Part VII: The Part of Tens 5 Glossary 5 Icons Used in This Book 5 Where to Go from Here 6 Part I: Examining e-Discovery and ESI Essentials 7 Chapter 1: Knowing Why e-Discovery Is a Burning Issue 9 Getting Thrust into the Biggest Change in the Litigation 10 New rules put electronic documents under a microscope 11 New rules and case law expand professional responsibilities 12 Distinguishing Electronic Documents from Paper Documents 14 ESI has more volume 15 ESI is more complex 15 ESI is more fragile 16 ESI is harder to delete 17 ESI is more software and hardware dependent 18 Viewing the Litigation Process from 1,000 Feet 18 Examining e-Discovery Processes 20 Creating and retaining electronic records 20 Identifying, preserving, and collecting data relevant to a legal matter 21 Processing and filtering to remove the excess 22 Reviewing and analyzing for privilege 22 Producing what’s required 23 Clawing back what sneaked out 23 Presenting at trial 24 Chapter 2: Taking a Close Look at Electronically Stored Information (ESI) 25 Spotting the ESI in the Game Plan 26 Viewing the Life of Electronic Information 27 Accounting for age 27 Tracking the rise and fall of an e-mail 29 Understanding Zubulake I 30 Taking the two-tier test 34 Preserving the Digital Landscape 36 Facing Sticker Shock: What ESI Costs 37 Estimating hard and hidden costs 39 Looking at the costs of being surprised by a request 40 Chapter 3: Building e-Discovery Best Practices into Your Company 43 Setting Up a Reasonable Defensive Strategy 44 Heeding judicial advice 45 Keeping ESI intact and in-reach 46 Braking for Litigation Holds 48 Insuring a stronghold 48 Getting others to buy-in 49 Holding on tight to your ESI 50 Putting Best Practices into Place 51 Forming Response Teams 54 Putting Project Management into Practice 55 Tackling the triple constraints 56 Managing the critical path 57 Maintaining Ethical Conduct and Credibility 57 Part II: Guidelines for e-Discovery and Professional Competence 59 Chapter 4: The Playbook: Federal Rules and Advisory Guidelines 61 Knowing the Rules You Must Play By 62 Deciphering the FRCP 63 FRCP 1 63 FRCP 16 63 FRCP 26 65 FRCP 33 and 34 66 Applying the Rules to Criminal Cases 66 F.R. Crim. P. Rule 41 71 F. R. Crim. P. Rule 16 71 F. R. Crim. P. Rule 17 and 17.1 71 Learning about Admissibility 71 Lessening the Need for Judicial Intervention by Cooperation 73 Limiting e-Discovery 74 Finding Out About Sanctions 75 Rulings on Metadata 77 Getting Guidance but Not Authority from Sedona Think Tanks 79 Collecting the Wisdom of the Chief Justices and National Law Conference 79 Minding the e-Discovery Reference Model 80 Following the Federal Rules Advisory Committee 81 Chapter 5: Judging Professional Competence and Conduct 83 Making Sure Your Attorney Gives a Diligent Effort 84 Looking at what constitutes a diligent effort 84 Searching for evidence 85 Producing ESI 86 Providing a certification 86 Avoiding Being Sanctioned 87 FRCP sanctions 87 Inherent power sanctions 89 Knowing the Risks Introduced by Legal Counsel 91 Acting bad: Attorney e-discovery misconduct 91 Relying on the American Bar Association and state rules of professional conduct 93 Learning from Those Who Gambled Their Cases and Lost 94 Policing e-Discovery in Criminal Cases 96 Part III: Identifying, Preserving, and Collecting ESI 99 Chapter 6: Identifying Potentially Relevant ESI 101 Calling an e-Discovery Team into Action 102 Clarifying the Scope of e-Discovery 104 Reducing the Burden with the Proportionality Principle 107 Proportionality of scale 107 Negotiating with proportionality 108 Mapping the Information Architecture 108 Creating a data map 108 Overlooking ESI 111 Describing data retention policies and procedures 112 Proving the reasonable accessibility of ESI sources 113 Taking Lessons from the Mythical Member 113 Chapter 7: Complying with ESI Preservation and a Litigation Hold 115 Distinguishing Duty to Preserve from Preservation 116 Following The Sedona Conference 116 The Sedona Conference WG1 guidelines 117 Seeing the rules in the WG1 decision tree 119 Recognizing a Litigation Hold Order and Obligation 119 Knowing what triggers a litigation hold 120 Knowing when to issue a litigation hold 120 Knowing when a hold delay makes you eligible for sanctions 122 Accounting for downsizing and departing employees 122 Throwing a Wrench into Digital Recycling 123 Suspending destructive processes 123 Where do you put a terabyte? 124 Implementing the Litigation Hold 125 Documenting that custodians are in compliance 127 Rounding up what needs to be collected 127 Judging whether a forensics-level preservation is needed 130 Chapter 8: Managing e-Discovery Conferences and Protocols 133 Complying with the Meet-and-Confer Session 133 Preparing for the Meet-and-Confer Session 136 Preservation of evidence 136 Form of production 137 Privileged or protected ESI 138 Any other issues regarding ESI 139 Agreeing on a Timetable 139 Selecting a Rule 30(b)(6) Witness 140 Finding Out You and the Opposing Party May Have Mutual Interests 141 Part IV: Processing, Protecting, and Producing ESI 143 Chapter 9: Processing, Filtering, and Reviewing ESI 145 Planning, Tagging, and Bagging 146 Taking a finely tuned approach 147 Finding exactly what you need 147 Stop and identify yourself 149 Two wrongs and a right 150 Learning through Trial and Error 151 Doing Early Case Assessment 152 Vetting vendors 153 Breaking Out the ESI 154 Crafting the Hunt 156 Deciding on filters 156 Keyword or phrase searching 157 Deduping 157 Concept searching 158 Heeding the Grimm roadmap 158 Sampling to Validate 159 Testing the validity of the search 159 Documenting sampling efforts 160 Doing the Review 161 Choosing a review platform 161 How to perform a review 163 Chapter 10: Protecting Privilege, Privacy, and Work Product 165 Facing the Rising Tide of Electronic Information 166 Respecting the Rules of the e-Discovery Game 166 Targeting relevant information 167 Seeing where relevance and privilege intersect 168 Managing e-discovery of confidential information 170 Listening to the Masters 172 Getting or Avoiding a Waiver 172 Asserting a claim 173 Preparing a privilege log 173 Responding to ESI disclosure 175 Applying FRE 502 to disclosure 175 Leveling the Playing Field through Agreement 177 Checking out the types of agreements 177 Shoring up your agreements by court order 178 Chapter 11: Producing and Releasing Responsive ESI 181 Producing Data Sets 182 Packing bytes 183 Staging production 184 Being alert to native production motions 185 Redacting prior to disclosure 187 Providing Detailed Documentation 190 Showing an Unbroken Chain of Custody 192 Keeping Metadata Intact 193 Part V: Getting Litigation Ready 199 Chapter 12: Dealing with Evidentiary Issues and Challenges 201 Looking at the Roles of the Judge and Jury 202 Qualifying an Expert 202 Getting Through the Five Hurdles of Admissibility 204 Admitting Relevant ESI 204 Authenticating ESI 205 Self-authenticating ESI 206 Following the chain of custody 206 Authenticating specific types of ESI 207 Analyzing the Hearsay Rule 208 Providing the Best Evidence 210 Probing the Value of the ESI 210 Chapter 13: Bringing In Special Forces: Computer Forensics 211 Powering Up Computer Forensics 212 Knowing when to hire an expert 212 Knowing what to expect from an expert 214 Judging an expert like judges do 214 Doing a Scientific Forensic Search 215 Testing, Sampling, and Refining Searches for ESI 216 Applying C-Forensics to e-Discovery 218 Following procedure 219 Preparing for an investigation 220 Acquiring and preserving the image 222 Authenticating with hash 223 Recovering deleted ESI 224 Analyzing to broaden or limit 225 Expressing in Boolean 226 Producing and documenting in detail 228 Reinforcing E-Discovery 229 Fighting against forensic fishing attempts 229 Fighting with forensics on your team 230 Defending In-Depth 231 Part VI: Strategizing for e-Discovery Success 233 Chapter 14: Managing and Archiving Business Records 235 Ratcheting Up IT’s Role in Prelitigation 236 Laying the cornerstone of ERM 236 Pitching your tent before the storm 237 Telling Documents and Business Records Apart 238 Designing a Defensible ERM Program 240 Designing by committee 240 Starting with the basics 240 Getting management on board with your ERM program 242 Crafting a risk-reducing policy 244 Punching up your e-mail policy 245 Building an ERM Program 246 Kicking the keep-it-all habit 248 Doing what you say you are 248 Getting an A+ in Compliance 249 Chapter 15: Viewing e-Discovery Law from the Bench 251 Examining Unsettled and Unsettling Issues 252 Applying a reasonableness standard 252 Forcing cooperation 253 Looking at what’s reasonably accessible 254 Determining who committed misconduct 254 Exploring the Role of the Judge 258 Actively participating 258 Scheduling conferences 259 Appointing experts 259 Determining the scope of costs 262 Chapter 16: e-Discovery for Large-Scale and Complex Litigation 263 Preparing for Complex Litigation 263 Ensuring quality control 265 Getting a project management process in place 266 Proving the merits of a case by using ESI 266 Educating the Court about Your ESI 267 Using summary judgment and other tools 268 Employing an identification system 268 Form of production 269 Creating document depositories 269 Avoiding Judicial Resolution 270 Determining the Scope of Accessibility 271 Doing a good-cause inquiry 272 Cost-shifting 273 Getting Help 274 Partnering with vendors or service providers 274 Selecting experts or consulting companies 274 Chapter 17: e-Discovery for Small Cases 277 Defining Small Cases that Can Benefit from e-Discovery 278 Theft of proprietary data and breaches of contract 278 Marital matters 278 Defamation and Internet defamation 279 Characterizing Small Matters 280 Keeping ESI out of evidence 280 Shared characteristics with large cases 281 Unique characteristics and dynamics 282 Proceeding in Small Cases 283 Curbing e-Discovery with Proportionality 286 Sleuthing Personal Correspondence and Files 286 Part VII: The Part of Tens 289 Chapter 18: Ten Most Important e-Discovery Rules 291 FRCP 26(b)(2)(B) Specific Limitations on ESI 291 FRCP 26(b)(5)(B) Protecting Trial-Preparation Materials and Clawback 292 FRCP 26(a)(1)(C) Time for Pretrial Disclosures; Objections 293 FRCP 26(f) Conference of the Parties; Planning for Discovery 294 FRCP 26(g) Signing Disclosures and Discovery Requests, Responses, and Objections 294 FRCP 30(b)(6) Designation of a Witness 295 FRCP 34(b) Form of Production 296 FRCP 37(e) Safe Harbor from Sanctions for Loss of ESI 297 Federal Rules of Evidence 502(b) Inadvertent Disclosure 298 Federal Rule of Evidence 901 Requirement of Authentication or Identification 298 Chapter 19: Ten Ways to Keep an Edge on Your e-Discovery Expertise 301 The Sedona Conference and Working Group Series 302 Discovery Resources 303 Law Technology News 303 Electronic Discovery Law 304 E-Discovery Team Blog 304 LexisNexis Applied Discovery Online Law Library 305 American Bar Association Journal 305 Legal Technology’s Electronic Data Discovery 306 Supreme Court of the United States 306 Cornell Law School Legal Information Institute and Wex 307 Chapter 20: Ten e-Discovery Cases with Really Good Lessons 309 Zubulake v. UBS Warburg, 2003–2005; Employment Discrimination 309 Qualcomm v. Broadcom, 2008; Patent Dispute 310 Victor Stanley, Inc. v. Creative Pipe, Inc., 2008; Copyright Infringement 311 Doe v. Norwalk Community College, 2007; the Safe Harbor of FRCP Rule 37(e) 312 United States v. O’keefe, 2008; Criminal Case Involving e-discovery 313 Lorraine v. Markel American Insurance Co., 2007; Insurance Dispute 314 Mancia v. Mayflower Textile Services Co., et al., 2008; the Duty of Cooperate and FRCP Rule 26(g) 315 Mikron Industries Inc. v. Hurd Windows & Doors Inc., 2008; Duty to Confer 316 Gross Construction Associates, Inc., v. American Mfrs. Mutual Ins Co., 2009; Keyword Searches 317 Gutman v. Klein, 2008; Termination Sanction and Spoliation 318 Glossary 321 Index 333

Read more less

Book SynopsisThe official, Guidance Software-approved book on the newest EnCE exam! The EnCE exam tests that computer forensic analysts and examiners have thoroughly mastered computer investigation methodologies, as well as the use of Guidance Software''s EnCase Forensic 7. The only official Guidance-endorsed study guide on the topic, this book prepares you for the exam with extensive coverage of all exam topics, real-world scenarios, hands-on exercises, up-to-date legal information, and sample evidence files, flashcards, and more. Guides readers through preparation for the newest EnCase Certified Examiner (EnCE) exam Prepares candidates for both Phase 1 and Phase 2 of the exam, as well as for practical use of the certification Covers identifying and searching hardware and files systems, handling evidence on the scene, and acquiring digital evidence using EnCase Forensic 7 Includes hands-on exercises, practice questions, and up-to-date legal informTable of ContentsIntroduction xxi Assessment Test xxvii Chapter 1 Computer Hardware 1 Computer Hardware Components 2 The Boot Process 14 Partitions 20 File Systems 25 Summary 27 Exam Essentials 27 Review Questions 28 Chapter 2 File Systems 33 FAT Basics 34 The Physical Layout of FAT 36 Viewing Directory Entries Using EnCase 52 The Function of FAT 58 NTFS Basics 73 CD File Systems 77 exFAT 79 Summary 83 Exam Essentials 84 Review Questions 85 Chapter 3 First Response 89 Planning and Preparation 90 The Physical Location 91 Personnel 91 Computer Systems 92 What to Take with You Before You Leave 94 Search Authority 97 Handling Evidence at the Scene 98 Securing the Scene 98 Recording and Photographing the Scene 99 Seizing Computer Evidence 99 Bagging and Tagging 110 Summary 113 Exam Essentials 113 Review Questions 115 Chapter 4 Acquiring Digital Evidence 119 Creating EnCase Forensic Boot Disks 121 Booting a Computer Using the EnCase Boot Disk 124 Seeing Invisible HPA and DCO Data 125 Other Reasons for Using a DOS Boot 126 Steps for Using a DOS Boot 126 Drive-to-Drive DOS Acquisition 128 Steps for Drive-to-Drive DOS Acquisition 128 Supplemental Information About Drive-to-Drive DOS Acquisition 132 Network Acquisitions 135 Reasons to Use Network Acquisitions 135 Understanding Network Cables 136 Preparing an EnCase Network Boot Disk 137 Preparing an EnCase Network Boot CD 138 Steps for Network Acquisition 138 FastBloc/Tableau Acquisitions 151 Available FastBloc Models 151 FastBloc 2 Features 152 Steps for Tableau (FastBloc) Acquisition 154 FastBloc SE Acquisitions 163 About FastBloc SE 163 Steps for FastBloc SE Acquisitions 164 LinEn Acquisitions 168 Mounting a File System as Read-Only 168 Updating a Linux Boot CD with the Latest Version of LinEn 169 Running LinEn 171 Steps for LinEn Acquisition 173 Enterprise and FIM Acquisitions 176 EnCase Portable 180 Helpful Hints 188 Summary 189 Exam Essentials 192 Review Questions 194 Chapter 5 EnCase Concepts 199 EnCase Evidence File Format 200 CRC, MD5, and SHA-1 201 Evidence File Components and Function 202 New Evidence File Format 206 Evidence File Verification 207 Hashing Disks and Volumes 215 EnCase Case Files 217 EnCase Backup Utility 220 EnCase Configuration Files 227 Evidence Cache Folder 231 Summary 233 Exam Essentials 235 Review Questions 236 Chapter 6 EnCase Environment 241 Home Screen 242 EnCase Layout 246 Creating a Case 249 Tree Pane Navigation 255 Table Pane Navigation 266 Table View 266 Gallery View 275 Timeline View 277 Disk View 280 View Pane Navigation 284 Text View 284 Hex View 287 Picture View 288 Report View 289 Doc View 289 Transcript View 290 File Extents View 291 Permissions View 291 Decode View 292 Field View 294 Lock Option 294 Dixon Box 294 Navigation Data (GPS) 295 Find Feature 297 Other Views and Tools 298 Conditions and Filters 298 EnScript 299 Text Styles 299 Adjusting Panes 300 Other Views 306 Global Views and Settings 306 EnCase Options 310 Summary 318 Exam Essentials 320 Review Questions 321 Chapter 7 Understanding, Searching For, and Bookmarking Data 325 Understanding Data 327 Binary Numbers 327 Hexadecimal 333 Characters 336 ASCII 337 Unicode 338 EnCase Evidence Processor 340 Searching for Data 352 Creating Keywords 353 GREP Keywords 364 Starting a Search 373 Viewing Search Hits and Bookmarking Your Findings 376 Bookmarking 377 Summary 426 Exam Essentials 428 Review Questions 430 Chapter 8 File Signature Analysis and Hash Analysis 435 File Signature Analysis 436 Understanding Application Binding 437 Creating a New File Signature 438 Conducting a File Signature Analysis 442 Hash Analysis 449 MD5 Hash 449 Hash Sets and Hash Libraries 449 Hash Analysis 462 Summary 466 Exam Essentials 468 Review Questions 469 Chapter 9 Windows Operating System Artifacts 473 Dates and Times 475 Time Zones 475 Windows 64-Bit Time Stamp 476 Adjusting for Time Zone Offsets 481 Recycle Bin 487 Details of Recycle Bin Operation 488 The INFO2 File 488 Determining the Owner of Files in the Recycle Bin 493 Files Restored or Deleted from the Recycle Bin 494 Using an EnCase Evidence Processor to Determine the Status of Recycle Bin Files 496 Recycle Bin Bypass 498 Windows Vista/Windows 7 Recycle Bin 500 Link Files 504 Changing the Properties of a Shortcut 504 Forensic Importance of Link Files 505 Using the Link File Parser 509 Windows Folders 511 Recent Folder 515 Desktop Folder 516 My Documents/Documents 518 Send To Folder 518 Temp Folder 519 Favorites Folder 520 Windows Vista Low Folders 521 Cookies Folder 523 History Folder 526 Temporary Internet Files 532 Swap File 535 Hibernation File 536 Print Spooling 537 Legacy Operating System Artifacts 543 Windows Volume Shadow Copy 544 Windows Event Logs 549 Kinds of Information Available in Event Logs 549 Determining Levels of Auditing 552 Windows Vista/7 Event Logs 554 Using the Windows Event Log Parser 555 For More Information 558 Summary 559 Exam Essentials 564 Review Questions 566 Chapter 10 Advanced EnCase 571 Locating and Mounting Partitions 573 Mounting Files 588 Registry 595 Registry History 595 Registry Organization and Terminology 596 Using EnCase to Mount and View the Registry 601 Registry Research Techniques 605 EnScript and Filters 608 Running EnScripts 609 Filters and Conditions 611 Email 614 Base64 Encoding 619 EnCase Decryption Suite 622 Virtual File System (VFS) 629 Restoration 633 Physical Disk Emulator (PDE) 636 Putting It All Together 641 Summary 645 Exam Essentials 648 Review Questions 649 Appendix A Answers to Review Questions 653 Chapter 1: Computer Hardware 654 Chapter 2: File Systems 655 Chapter 3: First Response 657 Chapter 4: Acquiring Digital Evidence 658 Chapter 5: EnCase Concepts 659 Chapter 6: EnCase Environment 661 Chapter 7: Understanding, Searching For, and Bookmarking Data 662 Chapter 8: File Signature Analysis and Hash Analysis 663 Chapter 9: Windows Operating System Artifacts 664 Chapter 10: Advanced EnCase 665 Appendix B Creating Paperless Reports 667 Exporting the Web Page Report 669 Creating Your Container Report 671 Bookmarks and Hyperlinks 675 Burning the Report to CD or DVD 678 Appendix C About the Additional Study Tools 681 Additional Study Tools 682 Sybex Test Engine 682 Electronic Flashcards 682 PDF of Glossary of Terms 682 Adobe Reader 682 Additional Author Files 683 System Requirements 683 Using the Study Tools 683 Troubleshooting 683 Customer Care 684 Index 685

Read more less

Book SynopsisThe United States has poured over a billion dollars into a network of interagency intelligence centers called fusion centers. These centers were ostensibly set up to prevent terrorism, but politicians, the press, and policy advocates have criticized them for failing on this account. So why do these security systems persist? Pacifying the Homeland travels inside the secret world of intelligence fusion, looks beyond the apparent failure of fusion centers, and reveals a broader shift away from mass incarceration and toward a more surveillance- and police-intensive system of social regulation. Provided with unprecedented access to domestic intelligence centers, Brendan McQuade uncovers how the institutionalization of intelligence fusion enables decarceration without fully addressing the underlying social problems at the root of mass incarceration. The result is a startling analysis that contributes to the debates on surveillance, mass incarceration, and policing and challenges readers to see surveillance, policing, mass incarceration, and the security state in an entirely new light.Trade Review"Through comprehensive research, McQuade offers a substantial contribution to studies in policing, surveillance, historical sociology, and social justice. . . . As the book makes clear, “mass supervision, an outgrowth and extension of mass incarceration, helps maintain the stark—and starkly racialized—inequalities that characterize the United States." Understanding intelligence fusion and mass supervision is necessary to challenge such conditions, an effort Pacifying the Homeland contributes to greatly." * Journal of Criminal Justice Education *"Pacifying the Homeland is part of a wave of much needed critical policing studies that at once echo an earlier era in the study of radical criminology, while also heralding the arrival of a new interventionist, unapologetic structural analysis of policing." * Punishment & Society *"This is a vitally important book." * Religious Studies Review *Table of ContentsAcknowledgments Prologue: Policing Camden’s crisis 1. Connecting the dots beyond counterterrorism and seeing past organizational failure 2. The rise and present demise of the workfare-carceral state 3. The institutionalization of intelligence fusion 4. Policing decarceration 5. Beyond cointelpro 6. Pacifying poverty Conclusion: The Camden model and the Chicago challenge Appendix: Research and the World of Official Secrets Notes Works Cited Index

Read more less

Book SynopsisThe security world is changing as the advent of modern Web 2.0 sites and rich Internet applications has given rise to a generation of hacking techniques. This book offers information on hacks that attempt to exploit technical flaws. It explains how to assess attacks against technologies in Internet applications and social networking sites.

Read more less

Book SynopsisAuthor Gaurav Raje shows cloud solution architects and software developers with AWS experience how to build highly secure systems on AWS without increasing overhead.

Read more less

Book Synopsis

Read more less

Book SynopsisWindows security concepts and technologies for IT beginners IT security can be a complex topic, especially for those new to the field of IT.Table of ContentsIntroduction. Chapter 1 Understanding Core Security Principles. Chapter 2 Understanding Malware and Social Engineering. Chapter 3 Understanding User Authentication. Chapter 4 Securing Access with Permissions. Chapter 5 Using Audit Policies and Network Auditing. Chapter 6 Protecting Clients and Servers. Chapter 7 Protecting a Network. Chapter 8 Understanding Wireless Security. Chapter 9 Understanding Physical Security. Chapter 10 Enforcing Confidentiality with Encryption. Chapter 11 Understanding Certificates and a PKI. Chapter 12 Understanding Internet Explorer Security. Appendix A Answers to Review Questions. Appendix B Microsoft's Certification Program. Index.

Read more less

Book SynopsisDefending your web applications against hackers and attackers The top-selling book Web Application Hacker''s Handbook showed how attackers and hackers identify and attack vulnerable live web applications. This new Web Application Defender''s Cookbook is the perfect counterpoint to that book: it shows you how to defend. Authored by a highly credentialed defensive security expert, this new book details defensive security methods and can be used as courseware for training network security personnel, web server administrators, and security consultants. Each recipe shows you a way to detect and defend against malicious behavior and provides working code examples for the ModSecurity web application firewall module. Topics include identifying vulnerabilities, setting hacker traps, defending different access points, enforcing application flows, and much more. Provides practical tactics for detecting web attacks and malicious behavior anTrade ReviewFor those that want to ensure their web sites are as secure as possible, their developers should certainly implement the delicious recipes in Web Application Defender's Cookbook. (RSA Conference, Jan 2013)Table of ContentsForeword xix Introduction xxiii I Preparing the Battle Space 1 1 Application Fortification 7 Recipe 1-1: Real-time Application Profiling 7 Recipe 1-2: Preventing Data Manipulation with Cryptographic Hash Tokens 15 Recipe 1-3: Installing the OWASP ModSecurity Core Rule Set (CRS) 19 Recipe 1-4: Integrating Intrusion Detection System Signatures 33 Recipe 1-5: Using Bayesian Attack Payload Detection 38 Recipe 1-6: Enable Full HTTP Audit Logging 48 Recipe 1-7: Logging Only Relevant Transactions 52 Recipe 1-8: Ignoring Requests for Static Content 53 Recipe 1-9: Obscuring Sensitive Data in Logs 54 Recipe 1-10: Sending Alerts to a Central Log Host Using Syslog 58 Recipe 1-11: Using the ModSecurity AuditConsole 60 2 Vulnerability Identification and Remediation 67 Recipe 2-1: Passive Vulnerability Identification 70 Recipe 2-2: Active Vulnerability Identification 79 Recipe 2-3: Manual Scan Result Conversion 88 Recipe 2-4: Automated Scan Result Conversion 92 Recipe 2-5: Real-time Resource Assessments and Virtual Patching 99 3 Poisoned Pawns (Hacker Traps) 115 Recipe 3-1: Adding Honeypot Ports 116 Recipe 3-2: Adding Fake robots.txt Disallow Entries 118 Recipe 3-3: Adding Fake HTML Comments 123 Recipe 3-4: Adding Fake Hidden Form Fields 128 Recipe 3-5: Adding Fake Cookies 131 II Asymmetric Warfare 137 4 Reputation and Third-Party Correlation 139 Recipe 4-1: Analyzing the Client’s Geographic Location Data 141 Recipe 4-2: Identifying Suspicious Open Proxy Usage?@147 Recipe 4-3: Utilizing Real-time Blacklist Lookups (RBL) 150 Recipe 4-4: Running Your Own RBL 157 Recipe 4-5: Detecting Malicious Links 160 5 Request Data Analysis 171 Recipe 5-1: Request Body Access 172 Recipe 5-2: Identifying Malformed Request Bodies 178 Recipe 5-3: Normalizing Unicode 182 Recipe 5-4: Identifying Use of Multiple Encodings 186 Recipe 5-5: Identifying Encoding Anomalies 189 Recipe 5-6: Detecting Request Method Anomalies 193 Recipe 5-7: Detecting Invalid URI Data 197 Recipe 5-8: Detecting Request Header Anomalies 200 Recipe 5-9: Detecting Additional Parameters 209 Recipe 5-10: Detecting Missing Parameters 212 Recipe 5-11: Detecting Duplicate Parameter Names 214 Recipe 5-12: Detecting Parameter Payload Size Anomalies 216 Recipe 5-13: Detecting Parameter Character Class Anomalies 219 6 Response Data Analysis 223 Recipe 6-1: Detecting Response Header Anomalies 224 Recipe 6-2: Detecting Response Header Information Leakages 234 Recipe 6-3: Response Body Access 238 Recipe 6-4: Detecting Page Title Changes 240 Recipe 6-5: Detecting Page Size Deviations 243 Recipe 6-6: Detecting Dynamic Content Changes 246 Recipe 6-7: Detecting Source Code Leakages 249 Recipe 6-8: Detecting Technical Data Leakages 253 Recipe 6-9: Detecting Abnormal Response Time Intervals 256 Recipe 6-10: Detecting Sensitive User Data Leakages 259 Recipe 6-11: Detecting Trojan, Backdoor, and Webshell Access Attempts 262 7 Defending Authentication 265 Recipe 7-1: Detecting the Submission of Common/Default Usernames 266 Recipe 7-2: Detecting the Submission of Multiple Usernames 269 Recipe 7-3: Detecting Failed Authentication Attempts 272 Recipe 7-4: Detecting a High Rate of Authentication Attempts 274 Recipe 7-5: Normalizing Authentication Failure Details 280 Recipe 7-6: Enforcing Password Complexity 283 Recipe 7-7: Correlating Usernames with SessionIDs 286 8 Defending Session State 291 Recipe 8-1: Detecting Invalid Cookies 291 Recipe 8-2: Detecting Cookie Tampering 297 Recipe 8-3: Enforcing Session Timeouts 302 Recipe 8-4: Detecting Client Source Location Changes During Session Lifetime 307 Recipe 8-5: Detecting Browser Fingerprint Changes During Sessions 314 9 Preventing Application Attacks 323 Recipe 9-1: Blocking Non-ASCII Characters 323 Recipe 9-2: Preventing Path-Traversal Attacks 327 Recipe 9-3: Preventing Forceful Browsing Attacks 330 Recipe 9-4: Preventing SQL Injection Attacks 332 Recipe 9-5: Preventing Remote File Inclusion (RFI) Attacks 336 Recipe 9-6: Preventing OS Commanding Attacks 340 Recipe 9-7: Preventing HTTP Request Smuggling Attacks 342 Recipe 9-8: Preventing HTTP Response Splitting Attacks 345 Recipe 9-9: Preventing XML Attacks 347 10 Preventing Client Attacks 353 Recipe 10-1: Implementing Content Security Policy (CSP) 353 Recipe 10-2: Preventing Cross-Site Scripting (XSS) Attacks 362 Recipe 10-3: Preventing Cross-Site Request Forgery (CSRF) Attacks 371 Recipe 10-4: Preventing UI Redressing (Clickjacking) Attacks 377 Recipe 10-5: Detecting Banking Trojan (Man-in-the-Browser) Attacks 381 11 Defending File Uploads 387 Recipe 11-1: Detecting Large File Sizes 387 Recipe 11-2: Detecting a Large Number of Files 389 Recipe 11-3: Inspecting File Attachments for Malware 390 12 Enforcing Access Rate and Application Flows 395 Recipe 12-1: Detecting High Application Access Rates 395 Recipe 12-2: Detecting Request/Response Delay Attacks 405 Recipe 12-3: Identifying Inter-Request Time Delay Anomalies 411 Recipe 12-4: Identifying Request Flow Anomalies 413 Recipe 12-5: Identifying a Significant Increase in Resource Usage 414 III Tactical Response 419 13 Passive Response Actions 421 Recipe 13-1: Tracking Anomaly Scores 421 Recipe 13-2: Trap and Trace Audit Logging 427 Recipe 13-3: Issuing E-mail Alerts 428 Recipe 13-4: Data Sharing with Request Header Tagging 436 14 Active Response Actions 441 Recipe 14-1: Using Redirection to Error Pages 442 Recipe 14-2: Dropping Connections 445 Recipe 14-3: Blocking the Client Source Address 447 Recipe 14-4: Restricting Geolocation Access Through Defense Condition (DefCon) Level Changes 452 Recipe 14-5: Forcing Transaction Delays 455 Recipe 14-6: Spoofing Successful Attacks 462 Recipe 14-7: Proxying Traffic to Honeypots 468 Recipe 14-8: Forcing an Application Logout 471 Recipe 14-9: Temporarily Locking Account Access 476 15 Intrusive Response Actions 479 Recipe 15-1: JavaScript Cookie Testing 479 Recipe 15-2: Validating Users with CAPTCHA Testing 481 Recipe 15-3: Hooking Malicious Clients with BeEF 485 Index 495

Read more less

Book SynopsisEstablishes the foundations of Cloud computing, building a diverse understanding of the technologies behind Cloud computing. This book begins with an introduction to Cloud computing, presenting fundamental concepts such as analysing Cloud definitions, Cloud evolution, Cloud services, Cloud deployment types, and highlights the main challenges.Table of ContentsPreface ixReferences xii1 Introduction 11.1 Overview 11.2 Cloud definition 21.3 Cloud evolution 31.4 Cloud services 51.5 Cloud deployment types 61.6 Main challenges of Clouds 71.7 Summary 101.8 Exercises 10References 11Part One Cloud management 132 Cloud structure 152.1 Introduction 152.2 Infrastructure components 152.3 Cloud Layers 172.4 Cloud relations 232.5 Cloud dynamics 272.6 Data types 272.7 Summary 302.8 Exercises 30References 303 Fundamentals of Cloud management 313.1 Introduction 313.2 Clouds management services 323.3 Virtual control center 373.4 Prerequisite input-data for the management services 373.5 Management of user requirements 403.6 Summary 463.7 Exercises 47References 474 Cloud properties 494.1 Introduction 494.2 Adaptability property 504.3 Resilience property 514.4 Scalability property 524.5 Availability property 534.6 Reliability property 534.7 Security and privacy property 544.8 Business model 554.9 Summary 564.10 Exercises 57References 575 Automated management services 595.1 Introduction 595.2 Virtual layer self-managed services 605.3 Virtual services interdependency 655.4 Application layer self-managed services 675.5 Application services interdependency 705.6 Security and privacy by design 715.7 Multi-tier application deployment in the Cloud 735.8 Main challenges and requirements 795.9 Summary 825.10 Exercises 82References 83Part Two Clouds security fundamentals 856 Background 876.1 Topics flow 876.2 Trusted Computing 896.3 Summary 97References 977 Challenges for establishing trust in Clouds 997.1 Introduction 997.2 Effects of Cloud dynamism on trust relationships 1007.3 Challenges 1037.4 Summary 1057.5 Exercises 105References 1058 Establishing trust in Clouds 1078.1 Introduction 1078.2 Organization requirements 1078.3 Framework requirements 1088.4 Device properties 1118.5 Framework architecture 1128.6 Required software agents 1168.7 Framework workflow 1198.8 Discussion and analysis 1258.9 Summary 1268.10 Exercises 127References 1279 Clouds chains of trust 1299.1 Introduction 1299.2 Software agents revision 1309.3 Roots of and chains of trust definition 1309.4 Intra-layer chains of trust 1329.5 Trust across layers 1409.6 Summary 1439.7 Exercises 143References 14310 Provenance in Clouds 14510.1 Introduction 14510.2 Motivating scenarios 14810.3 Log records management and requirements 15010.4 Framework domain architecture 15510.5 Framework software agents 15710.6 Framework workflow 16010.7 Threat analysis 17110.8 Discussion and future directions 17310.9 Exercises 175References 17511 Insiders 17711.1 Introduction 17711.2 Insiders definition 17811.3 Conceptual models 18211.4 Summary 18511.5 Exercises 185References 186Part Three Practical examples 18712 Real life examples 18912.1 Open Stack 18912.2 Amazon web services 19512.3 Component architecture 19712.4 Prototype 20312.5 Summary 209Reference 20913 Case study 21113.1 Scenario 21113.2 Home healthcare architecture in the Cloud 21213.3 Insiders analysis for home healthcare 21213.4 Cloud threats 220References 226

Read more less

Book SynopsisThis book provides an overview of vehicular networks, fromtraffic engineering to human factors. The book addresses theunique design requirements for security and privacy preservationfor vehicular communications to increase road safety.Table of ContentsList of Figures xi List of Tables xv Acronyms xvii Preface xix 1 INTRODUCTION 1 1.1 Background 1 1.2 DSRC AND VANET 2 1.2.1 DSRC 2 1.2.2 VANET 3 1.2.3 Characteristics of VANET 6 1.3 Security and Privacy Threats 7 1.4 Security and Privacy Requirements 8 1.5 Challenges and Prospects 9 1.5.1 Conditional Privacy Preservation in VANETs 9 1.5.2 Authentication with Efficient Revocation in VANETs 10 1.6 Standardization and Related Activities 11 1.7 Security Primitives 13 1.8 Outline of the Book 17 References 17 2 GSIS: GROUP SIGNATURE AND ID-BASED SIGNATURE-BASED SECURE AND PRIVACY-PRESERVING PROTOCOL 21 2.1 Introduction 21 2.2 Preliminaries and Background 23 2.2.1 Group Signature 23 2.2.2 Bilinear Pairing and ID-Based Cryptography 23 2.2.3 Threat Model 23 2.2.4 Desired Requirements 24 2.3 Proposed Secure and Privacy-Preserving Protocol 25 2.3.1 Problem Formulation 25 2.3.2 System Setup 27 2.3.3 Security Protocol between OBUs 29 2.3.4 Security Protocol between RSUs and OBUs 38 2.4 Performance Evaluation 41 2.4.1 Impact of Traffic Load 43 2.4.2 Impact of Cryptographic Signature Verification Delay 43 2.4.3 Membership Revocation and Tracing Efficiency 45 2.5 Concluding Remarks 47 References 47 3 ECPP: EFFICIENT CONDITIONAL PRIVACY PRESERVATION PROTOCOL 51 3.1 Introduction 51 3.2 System Model and Problem Formulation 52 3.2.1 System Model 52 3.2.2 Design Objectives 54 3.3 Proposed ECPP Protocol 55 3.3.1 System Initialization 55 3.3.2 OBU Short-Time Anonymous Key Generation 56 3.3.3 OBU Safety Message Sending 62 3.3.4 OBU Fast Tracking Algorithm 63 3.4 Analysis on Conditional Privacy Preservation 64 3.5 Performance Analysis 66 3.5.1 OBU Storage Overhead 66 3.5.2 OBU Computation Overhead on Verification 66 3.5.3 TA Computation Complexity on OBU Tracking 68 3.6 Concluding Remarks 69 References 69 4 PSEUDONYM-CHANGING STRATEGY FOR LOCATION PRIVACY 71 4.1 Introduction 71 4.2 Problem Definition 73 4.2.1 Network Model 73 4.2.2 Threat Model 74 4.2.3 Location Privacy Requirements 75 4.3 Proposed PCS Strategy for Location Privacy 75 4.3.1 KPSD Model for PCS Strategy 75 4.3.2 Anonymity Set Analysis for Achieved Location Privacy 79 4.3.3 Feasibility Analysis of PCS Strategy 85 4.4 Performance Evaluation 86 4.5 Concluding Remarks 89 References 89 5 RSU-AIDED MESSAGE AUTHENTICATION 91 5.1 Introduction 91 5.2 System Model and Preliminaries 93 5.2.1 System Model 93 5.2.2 Assumption 93 5.2.3 Problem Statement 94 5.2.4 Security Objectives 95 5.3 Proposed RSU-Aided Message Authentication Scheme 96 5.3.1 Overview 96 5.3.2 Mutual Authentication and Key Agreement between RSUs and Vehicles 96 5.3.3 Hash Aggregation 98 5.3.4 Verification 99 5.3.5 Privacy Enhancement 100 5.4 Performance Evaluation 101 5.4.1 Message Loss Ratio 102 5.4.2 Message Delay 102 5.4.3 Communication Overhead 104 5.5 Security Analysis 105 5.6 Concluding Remarks 106 References 107 6 TESLA-BASED BROADCAST AUTHENTICATION 109 6.1 Introduction 109 6.2 Timed Efficient and Secure Vehicular Communication Scheme 110 6.2.1 Preliminaries 110 6.2.2 System Formulation 112 6.2.3 Proposed TSVC Scheme 113 6.2.4 Enhanced TSVC with Nonrepudiation 118 6.2.5 Discussion 123 6.3 Security Analysis 129 6.4 Performance Evaluation 129 6.4.1 Impact of Vehicle Moving Speed 131 6.4.2 Impact of Vehicle Density 132 6.5 Concluding Remarks 134 References 134 7 DISTRIBUTED COOPERATIVE MESSAGE AUTHENTICATION 137 7.1 Introduction 137 7.2 Problem Formulation 138 7.2.1 Network Model 138 7.2.2 Security Model 139 7.3 Basic Cooperative Authentication Scheme 140 7.4 Secure Cooperative Authentication Scheme 141 7.4.1 Evidence and Token for Fairness 142 7.4.2 Authentication Proof 145 7.4.3 Flows of Proposed Scheme 146 7.5 Security Analysis 147 7.5.1 Linkability Attack 147 7.5.2 Free-Riding Attack without Authentication Efforts 147 7.5.3 Free-Riding Attack with Fake Authentication Efforts 148 7.6 Performance Evaluation 148 7.6.1 Simulation Settings 148 7.6.2 Simulation Results 149 7.7 Concluding Remarks 150 References 151 8 CONTEXT-AWARE COOPERATIVE AUTHENTICATION 153 8.1 Introduction 153 8.2 Message Trustworthiness in VANETs 156 8.3 System Model and Design Goal 159 8.3.1 Network Model 159 8.3.2 Attack Model 159 8.3.3 Design Goals 160 8.4 Preliminaries 160 8.4.1 Pairing Technique 160 8.4.2 Aggregate Signature and Batch Verification 160 8.5 Proposed AEMAT Scheme 161 8.5.1 System Setup 161 8.5.2 Registration 162 8.5.3 SER Generation and Broadcasting 162 8.5.4 SER Opportunistic Forwarding 162 8.5.5 SER Aggregated Authentication 163 8.5.6 SER Aggregated Trustworthiness 165 8.6 Security Discussion 168 8.6.1 Collusion Attacks 168 8.6.2 Privacy Protection of Witnesses 168 8.7 Performance Evaluation 169 8.7.1 Transmission Cost 169 8.7.2 Computational Cost 169 8.8 Concluding Remarks 170 References 170 9 FAST HANDOVER AUTHENTICATION BASED ON MOBILITY PREDICTION 173 9.1 Introduction 173 9.2 Vehicular Network Architecture 175 9.3 Proposed Fast Handover Authentication Scheme Based on Mobility Prediction 176 9.3.1 Multilayer Perceptron Classifier 176 9.3.2 Proposed Authentication Scheme 178 9.4 Security Analysis 183 9.4.1 Replay Attack 183 9.4.2 Forward Secrecy 183 9.5 Performance Evaluation 184 9.6 Concluding Remarks 185 References 186 Index 187

Read more less

Book SynopsisMaster Wireshark to solve real-world security problems If you don't already use Wireshark for a wide range of information security tasks, you will after this book. Mature and powerful, Wireshark is commonly used to find root cause of challenging network issues. This book extends that power to information security professionals, complete with a downloadable, virtual lab environment. Wireshark for Security Professionals covers both offensive and defensive concepts that can be applied to essentially any InfoSec role. Whether into network security, malware analysis, intrusion detection, or penetration testing, this book demonstrates Wireshark through relevant and useful examples. Master Wireshark through both lab scenarios and exercises. Early in the book, a virtual lab environment is provided for the purpose of getting hands-on experience with Wireshark. Wireshark is combined with two popular platforms: Kali, the security-focused Linux distribution, aTable of ContentsIntroduction xiii Chapter 1 Introducing Wireshark 1 What Is Wireshark? 2 A Best Time to Use Wireshark? 2 Avoiding Being Overwhelmed 3 The Wireshark User Interface 3 Packet List Pane 5 Packet Details Pane 6 Packet Bytes Pane 8 Filters 9 Capture Filters 9 Display Filters 13 Summary 17 Exercises 18 Chapter 2 Setting Up the Lab 19 Kali Linux 20 Virtualization 22 Basic Terminology and Concepts 23 Benefits of Virtualization 23 Virtual Box 24 Installing VirtualBox 24 Installing the VirtualBox Extension Pack 31 Creating a Kali Linux Virtual Machine 33 Installing Kali Linux 40 The W4SP Lab 46 Requirements 46 A Few Words about Docker 47 What Is GitHub? 48 Creating the Lab User 49 Installing the W4SP Lab on the Kali Virtual Machine 50 Setting Up the W4SP Lab 53 The Lab Network 54 Summary 55 Exercises 56 Chapter 3 The Fundamentals 57 Networking 58 OSI Layers 58 Networking between Virtual Machines 61 Security 63 The Security Triad 63 Intrusion Detection and Prevention Systems 63 False Positives and False Negatives 64 Malware 64 Spoofing and Poisoning 66 Packet and Protocol Analysis 66 A Protocol Analysis Story 67 Ports and Protocols 71 Summary 73 Exercises 74 Chapter 4 Capturing Packets 75 Sniffing 76 Promiscuous Mode 76 Starting the First Capture 78 TShark 82 Dealing with the Network 86 Local Machine 87 Sniffing Localhost 88 Sniffing on Virtual Machine Interfaces 92 Sniffing with Hubs 96 SPAN Ports 98 Network Taps 101 Transparent Linux Bridges 103 Wireless Networks 105 Loading and Saving Capture Files 108 File Formats 108 Ring Buffers and Multiple Files 111 Recent Capture Files 116 Dissectors 118 W4SP Lab: Managing Nonstandard HTTP Traffic 118 Filtering SMB Filenames 120 Packet Colorization 123 Viewing Someone Else’s Captures 126 Summary 127 Exercises 128 Chapter 5 Diagnosing Attacks 129 Attack Type: Man-in-the-Middle 130 Why MitM Attacks Are Effective 130 How MitM Attacks Get Done: ARP 131 W4SP Lab: Performing an ARP MitM Attack 133 W4SP Lab: Performing a DNS MitM Attack 141 How to Prevent MitM Attacks 147 Attack Type: Denial of Service 148 Why DoS Attacks Are Effective 149 How DoS Attacks Get Done 150 How to Prevent DoS Attacks 155 Attack Type: Advanced Persistent Threat 156 Why APT Attacks Are Effective 156 How APT Attacks Get Done 157 Example APT Traffic in Wireshark 157 How to Prevent APT Attacks 161 Summary 162 Exercises 162 Chapter 6 Offensive Wireshark 163 Attack Methodology 163 Reconnaissance Using Wireshark 165 Evading IPS/IDS 168 Session Splicing and Fragmentation 168 Playing to the Host, Not the IDS 169 Covering Tracks and Placing Backdoors 169 Exploitation 170 Setting Up the W4SP Lab with Metasploitable 171 Launching Metasploit Console 171 VSFTP Exploit 172 Debugging with Wireshark 173 Shell in Wireshark 175 TCP Stream Showing a Bind Shell 176 TCP Stream Showing a Reverse Shell 183 Starting ELK 188 Remote Capture over SSH 190 Summary 191 Exercises 192 Chapter 7 Decrypting TLS, Capturing USB, Keyloggers, and Network Graphing 193 Decrypting SSL/TLS 193 Decrypting SSL/TLS Using Private Keys 195 Decrypting SSL/TLS Using Session Keys 199 USB and Wireshark 202 Capturing USB Traffic on Linux 203 Capturing USB Traffic on Windows 206 TShark Keylogger 208 Graphing the Network 212 Lua with Graphviz Library 213 Summary 218 Exercises 219 Chapter 8 Scripting with Lua 221 Why Lua? 222 Scripting Basics 223 Variables 225 Functions and Blocks 226 Loops 228 Conditionals 230 Setup 230 Checking for Lua Support 231 Lua Initialization 232 Windows Setup 233 Linux Setup 233 Tools 234 Hello World with TShark 236 Counting Packets Script 237 ARP Cache Script 241 Creating Dissectors for Wireshark 244 Dissector Types 245 Why a Dissector Is Needed 245 Experiment 253 Extending Wireshark 255 Packet Direction Script 255 Marking Suspicious Script 257 Snooping SMB File Transfers 260 Summary 262 Index 265

Read more less

Book SynopsisIncorporate offense and defense for a more effective network security strategy Network Attacks and Exploitation provides a clear, comprehensive roadmap for developing a complete offensive and defensive strategy to engage in or thwart hacking and computer espionage. Written by an expert in both government and corporate vulnerability and security operations, this guide helps you understand the principles of the space and look beyond the individual technologies of the moment to develop durable comprehensive solutions. Numerous real-world examples illustrate the offensive and defensive concepts at work, including Conficker, Stuxnet, the Target compromise, and more. You will find clear guidance toward strategy, tools, and implementation, with practical advice on blocking systematic computer espionage and the theft of information from governments, companies, and individuals. Assaults and manipulation of computer networks are rampant around the world. One of the biggeTable of ContentsIntroduction xvii Chapter 1 Computer Network Exploitation 1 Operations 4 Operational Objectives 5 Strategic Collection 6 Directed Collection 7 Non-Kinetic Computer Network Attack (CNA) 7 Strategic Access 9 Positional Access 9 CNE Revisited 11 A Framework for Computer Network Exploitation 11 First Principles 12 Principles 12 Themes 14 Summary 15 Chapter 2 The Attacker 17 Principle of Humanity 17 Life Cycle of an Operation 18 Stage 1: Targeting 19 Stage 2: Initial Access 22 Stage 3: Persistence 24 Stage 4: Expansion 25 Stage 5: Exfiltration 26 Stage 6: Detection 26 Principle of Access 27 Inbound Access 27 Outbound Access 29 Bidirectional Access 35 No Outside Access 35 Access Summary 36 Principle of Economy 37 Time 37 Targeting Capabilities 37 Exploitation Expertise 38 Networking Expertise 38 Software Development Expertise 39 Operational Expertise 40 Operational Analysis Expertise 40 Technical Resources 41 Economy Summary 41 Attacker Structure 41 Summary 43 Chapter 3 The Defender 45 Principle of Humanity 45 Humanity and Network Layout 46 Humanity and Security Policy 47 Principle of Access 48 The Defensive Life Cycle 49 Principle of Economy 51 The Helpful Defender 53 Summary 54 Chapter 4 Asymmetries 55 False Asymmetries 56 Advantage Attacker 59 Motivation 60 Initiative 61 Focus 62 Effect of Failure 62 Knowledge of Technology 64 Analysis of Opponent 64 Tailored Software 65 Rate of Change 66 Advantage Defender 67 Network Awareness 68 Network Posture 68 Advantage Indeterminate 69 Time 69 Efficiency 70 Summary 71 Chapter 5 Attacker Frictions 73 Mistakes 74 Complexity 74 Flawed Attack Tools 75 Upgrades and Updates 77 Other Attackers 78 The Security Community 80 Bad Luck 81 Summary 81 Chapter 6 Defender Frictions 83 Mistakes 83 Flawed Software 84 Inertia 86 The Security Community 87 Complexity 89 Users 91 Bad Luck 92 Summary 92 Chapter 7 Offensive Strategy 93 Principle 1: Knowledge 95 Measuring Knowledge 96 Principle 2: Awareness 97 Measuring Awareness 98 Principle 3: Innovation 98 Measuring Innovation 99 Defensive Innovation 100 Principle 4: Precaution 101 Measuring Precaution 103 Principle 5: Operational Security 105 Minimizing Exposure 106 Minimizing Recognition 107 Controlling Reaction 108 Measuring Operational Security 109 Principle 6: Program Security 110 Attacker Liabilities 110 Program Security Costs 112 Measuring Program Security 120 Crafting an Offensive Strategy 121 Modular Frameworks 124 A Note on Tactical Decisions 126 Summary 127 Chapter 8 Defensive Strategy 129 Failed Tactics 130 Antivirus and Signature-Based Detection 130 Password Policies 132 User Training 134 Crafting a Defensive Strategy 135 Cloud-Based Security 143 Summary 145 Chapter 9 Offensive Case Studies 147 Stuxnet 148 Access 148 Economy 149 Humanity 149 Knowledge 149 Awareness 149 Precaution 150 Innovation 151 Operational Security 151 Program Security 153 Stuxnet Summary 154 Flame 154 Gauss 157 Dragonfly 159 Red October 160 APT 1 162 Axiom 164 Summary 165 Epilogue 167 Appendix Attack Tools 169 Antivirus Defeats 169 Audio/Webcam Recording 170 Backdoor 170 Bootkit 171 Collection Tools 171 Exploits 171 Fuzzer 172 Hardware-based Trojan 172 Implant 173 Keystroke Logger 173 Network Capture 173 Network Survey 173 Network Tunnel 174 Password Dumpers and Crackers 174 Packer 175 Persistence Mechanism 175 Polymorphic Code Generator 177 Rootkit 178 Screen Scraper 178 System Survey 178 Vulnerability Scanner 178 References 179 Bibliography 189 Index 193

Read more less

Book SynopsisThis book describes the current and most probable future wireless security solutions. The focus is on the technical discussion of existing systems and new trends like Internet of Things (IoT).Table of ContentsAbout the Author xii Preface xiii Acknowledgements xv Abbreviations xvi 1 Introduction 1 1.1 Introduction 1 1.2 Wireless Security 2 1.2.1 Background and Advances 2 1.2.2 Statistics 2 1.2.3 Wireless Threats 4 1.2.4 M2M Environment 9 1.3 Standardization 10 1.3.1 The Open Mobile Alliance (OMA) 10 1.3.2 The International Organization for Standardization (ISO) 12 1.3.3 The International Telecommunications Union (ITU) 14 1.3.4 The European Telecommunications Standards Institute (ETSI) 14 1.3.5 The Institute of Electrical and Electronics Engineers (IEEE) 15 1.3.6 The Internet Engineering Task Force (IETF) 16 1.3.7 The 3rd Generation Partnership Project (3GPP) 16 1.3.8 The 3rd Generation Partnership Project 2 (3GPP2) 25 1.3.9 The GlobalPlatform 25 1.3.10 The SIMalliance 26 1.3.11 The Smartcard Alliance 27 1.3.12 The GSM Association (GSMA) 27 1.3.13 The National Institute of Standards and Technology (NIST) 28 1.3.14 The National Highway Transportation and Safety Administration (NHTSA) 28 1.3.15 Other Standardization and Industry Forums 28 1.3.16 The EMV Company (EMVCo) 29 1.3.17 The Personal Computer/Smartcard (PC/SC) 29 1.3.18 The Health Insurance Portability and Accountability Act (HIPAA) 29 1.3.19 The Common Criteria (CC) 29 1.3.20 The Evaluation Assurance Level (EAL) 30 1.3.21 The Federal Information Processing Standards (FIPS) 31 1.3.22 Biometric Standards 31 1.3.23 Other Related Entities 32 1.4 Wireless Security Principles 32 1.4.1 General 32 1.4.2 Regulation 33 1.4.3 Security Architectures 33 1.4.4 Algorithms and Security Principles 33 1.5 Focus and Contents of the Book 36 References 38 2 Security of Wireless Systems 42 2.1 Overview 42 2.1.1 Overall Security Considerations in the Mobile Environment 42 2.1.2 Developing Security Threats 43 2.1.3 RF Interferences and Safety 45 2.2 Effects of Broadband Mobile Data 46 2.2.1 Background 46 2.2.2 The Role of Networks 47 2.2.3 The Role of Apps 50 2.2.4 UE Application Development 52 2.2.5 Developers 55 2.2.6 The Role of the SIM/UICC 56 2.2.7 Challenges of Legislation 57 2.2.8 Updating Standards 58 2.2.9 3GPP System Evolution 58 2.3 GSM 59 2.3.1 The SIM 60 2.3.2 Authentication and Authorization 62 2.3.3 Encryption of the Radio Interface 63 2.3.4 Encryption of IMSI 65 2.3.5 Other GSM Security Aspects 65 2.4 UMTS/HSPA 66 2.4.1 Principles of 3G Security 66 2.4.2 Key Utilization 68 2.4.3 3G Security Procedures 69 2.5 Long Term Evolution 71 2.5.1 Protection and Security Principles 71 2.5.2 X.509 Certificates and Public Key Infrastructure (PKI) 71 2.5.3 IPsec and Internet Key Exchange (IKE) for LTE Transport Security 72 2.5.4 Traffic Filtering 73 2.5.5 LTE Radio Interface Security 74 2.5.6 Authentication and Authorization 78 2.5.7 LTE/SAE Service Security – Case Examples 79 2.5.8 Multimedia Broadcast and Multicast Service (MBMS) and enhanced MBMS (eMBMS) 83 2.6 Security Aspects of Other Networks 91 2.6.1 CDMA (IS‐95) 91 2.6.2 CDMA2000 93 2.6.3 Broadcast Systems 94 2.6.4 Satellite Systems 94 2.6.5 Terrestrial Trunked Radio (TETRA) 95 2.6.6 Wireless Local Area Network (WLAN) 96 2.7 Interoperability 102 2.7.1 Simultaneous Support for LTE/SAE and 2G/3G 102 2.7.2 VoLTE 105 2.7.3 CS Fallback 105 2.7.4 Inter‐operator Security Aspects 106 2.7.5 Wi‐Fi Networks and Offload 106 2.7.6 Femtocell Architecture 108 References 109 3 Internet of Things 112 3.1 Overview 112 3.2 Foundation 113 3.2.1 Definitions 113 3.2.2 Security Considerations of IoT 115 3.2.3 The Role of IoT 115 3.2.4 IoT Environment 117 3.2.5 IoT Market 120 3.2.6 Connectivity 121 3.2.7 Regulation 122 3.2.8 Security Risks 123 3.2.9 Cloud 128 3.2.10 Cellular Connectivity 129 3.2.11 WLAN 133 3.2.12 Low‐Range Systems 133 3.3 Development of IoT 140 3.3.1 GSMA Connected Living 140 3.3.2 The GlobalPlatform 141 3.3.3 Other Industry Forums 141 3.4 Technical Description of IoT 142 3.4.1 General 142 3.4.2 Secure Communication Channels and Interfaces 143 3.4.3 Provisioning and Key Derivation 144 3.4.4 Use Cases 144 References 148 4 Smartcards and Secure Elements 150 4.1 Overview 150 4.2 Role of Smartcards and SEs 151 4.3 Contact Cards 153 4.3.1 ISO/IEC 7816‐1 154 4.3.2 ISO/IEC 7816‐2 155 4.3.3 ISO/IEC 7816‐3 155 4.3.4 ISO/IEC 7816‐4 157 4.3.5 ISO/IEC 7816‐5 157 4.3.6 ISO/IEC 7816‐6 157 4.3.7 ISO/IEC 7816‐7 157 4.3.8 ISO/IEC 7816‐8 157 4.3.9 ISO/IEC 7816‐9 158 4.3.10 ISO/IEC 7816‐10 158 4.3.11 ISO/IEC 7816‐11 158 4.3.12 ISO/IEC 7816‐12 158 4.3.13 ISO/IEC 7816‐13 158 4.3.14 ISO/IEC 7816‐15 158 4.4 The SIM/UICC 159 4.4.1 Terminology 159 4.4.2 Principle 159 4.4.3 Key Standards 160 4.4.4 Form Factors 161 4.5 Contents of the SIM 164 4.5.1 UICC Building Blocks 164 4.5.2 The SIM Application Toolkit (SAT) 167 4.5.3 Contents of the UICC 168 4.6 Embedded SEs 168 4.6.1 Principle 168 4.6.2 M2M Subscription Management 169 4.6.3 Personalization 172 4.6.4 M2M SIM Types 173 4.7 Other Card Types 174 4.7.1 Access Cards 174 4.7.2 External SD Cards 175 4.8 Contactless Cards 175 4.8.1 ISO/IEC Standards 175 4.8.2 NFC 176 4.9 Electromechanical Characteristics of Smartcards 178 4.9.1 HW Blocks 178 4.9.2 Memory 178 4.9.3 Environmental Classes 179 4.10 Smartcard SW 181 4.10.1 File Structure 181 4.10.2 Card Commands 183 4.10.3 Java Card 184 4.11 UICC Communications 184 4.11.1 Card Communications 184 4.11.2 Remote File Management 185 References 186 5 Wireless Payment and Access Systems 188 5.1 Overview 188 5.2 Wireless Connectivity as a Base for Payment and Access 188 5.2.1 Barcodes 189 5.2.2 RFID 191 5.2.3 NFC 192 5.2.4 Secure Element 196 5.2.5 Tokenization 198 5.3 E‐commerce 200 5.3.1 EMV 200 5.3.2 Google Wallet 200 5.3.3 Visa 201 5.3.4 American Express 201 5.3.5 Square 201 5.3.6 Other Bank Initiatives 201 5.3.7 Apple Pay 201 5.3.8 Samsung Pay 202 5.3.9 MCX 202 5.3.10 Comparison of Wallet Solutions 202 5.4 Transport 203 5.4.1 MiFare 204 5.4.2 CiPurse 204 5.4.3 Calypso 204 5.4.4 FeliCa 205 5.5 Other Secure Systems 205 5.5.1 Mobile ID 205 5.5.2 Personal Identity Verification 205 5.5.3 Access Systems 206 References 206 6 Wireless Security Platforms and Functionality 208 6.1 Overview 208 6.2 Forming the Base 208 6.2.1 Secure Service Platforms 209 6.2.2 SEs 209 6.3 Remote Subscription Management 210 6.3.1 SIM as a Basis for OTA 210 6.3.2 TSM 212 6.3.3 TEE 213 6.3.4 HCE and the Cloud 216 6.3.5 Comparison 219 6.4 Tokenization 219 6.4.1 PAN Protection 219 6.4.2 HCE and Tokenization 221 6.5 Other Solutions 221 6.5.1 Identity Solutions 221 6.5.2 Multi‐operator Environment 222 References 222 7 Mobile Subscription Management 223 7.1 Overview 223 7.2 Subscription Management 223 7.2.1 Development 223 7.2.2 Benefits and Challenges of Subscription Management 225 7.3 OTA Platforms 226 7.3.1 General 226 7.3.2 Provisioning Procedure 227 7.3.3 SMS‐based SIM OTA 227 7.3.4 HTTPS‐based SIM OTA 230 7.3.5 Commercial Examples of SIM OTA Solutions 231 7.4 Evolved Subscription Management 232 7.4.1 GlobalPlatform 233 7.4.2 SIMalliance 233 7.4.3 OMA 233 7.4.4 GSMA 235 References 240 8 Security Risks in the Wireless Environment 242 8.1 Overview 242 8.2 Wireless Attack Types 243 8.2.1 Cyber‐attacks 243 8.2.2 Radio Jammers and RF Attacks 244 8.2.3 Attacks against SEs 245 8.2.4 IP Breaches 245 8.2.5 UICC Module 246 8.3 Security Flaws on Mobile Networks 247 8.3.1 Potential Security Weaknesses of GSM 247 8.3.2 Potential Security Weaknesses of 3G 254 8.4 Protection Methods 254 8.4.1 LTE Security 254 8.4.2 Network Attack Types in LTE/SAE 255 8.4.3 Preparation for the Attacks 256 8.5 Errors in Equipment Manufacturing 259 8.5.1 Equipment Ordering 259 8.5.2 Early Testing 260 8.6 Self‐Organizing Network Techniques for Test and Measurement 264 8.6.1 Principle 264 8.6.2 Self‐configuration 265 8.6.3 Self‐optimizing 266 8.6.4 Self‐healing 266 8.6.5 Technical Issues and Impact on Network Planning 266 8.6.6 Effects on Network Installation, Commissioning and Optimization 267 8.6.7 SON and Security 268 References 268 9 Monitoring and Protection Techniques 270 9.1 Overview 270 9.2 Personal Devices 271 9.2.1 Wi‐Fi Connectivity 271 9.2.2 Firewalls 271 9.3 IP Core Protection Techniques 272 9.3.1 General Principles 272 9.3.2 LTE Packet Core Protection 272 9.3.3 Protection against Roaming Threats 275 9.4 HW Fault and Performance Monitoring 276 9.4.1 Network Monitoring 277 9.4.2 Protection against DoS/DDoS 277 9.4.3 Memory Wearing 277 9.5 Security Analysis 278 9.5.1 Post‐processing 278 9.5.2 Real‐time Security Analysis 278 9.6 Virus Protection 279 9.7 Legal Interception 281 9.8 Personal Safety and Privacy 283 9.8.1 CMAS 283 9.8.2 Location Privacy 285 9.8.3 Bio‐effects 286 References 287 10 Future of Wireless Solutions and Security 288 10.1 Overview 288 10.2 IoT as a Driving Force 288 10.3 Evolution of 4G 289 10.4 Development of Devices 291 10.4.1 Security Aspects of Smartcards 291 10.4.2 Mobile Device Considerations 291 10.4.3 IoT Device Considerations 292 10.4.4 Sensor Networks and Big Data 293 10.5 5G Mobile Communications 294 10.5.1 Standardization 294 10.5.2 Concept 295 10.5.3 Industry and Investigation Initiatives 297 10.5.4 Role of 5G in IoT 297 References 297 Index 299

Read more less

Book SynopsisAn advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS).Table of ContentsPreface xiii Acknowledgments xvii 1 INTRODUCTION 1 Why Attack DNS? 1 Network Disruption 2 DNS as a Backdoor 2 DNS Basic Operation 3 Basic DNS Data Sources and Flows 4 DNS Trust Model 5 DNS Administrator Scope 6 Security Context and Overview 7 Cybersecurity Framework Overview 7 Framework Implementation 9 What’s Next 15 2 INTRODUCTION TO THE DOMAIN NAME SYSTEM (DNS) 17 DNS Overview – Domains and Resolution 17 Domain Hierarchy 18 Name Resolution 18 Zones and Domains 23 Dissemination of Zone Information 25 Additional Zones 26 Resolver Configuration 27 Summary 29 3 DNS PROTOCOL AND MESSAGES 31 DNS Message Format 31 Encoding of Domain Names 31 Name Compression 32 Internationalized Domain Names 34 DNS Message Format 35 DNS Update Messages 43 The DNS Resolution Process Revisited 48 DNS Resolution Privacy Extension 55 Summary 56 4 DNS VULNERABILITIES 57 Introduction 57 DNS Data Security 57 DNS Information Trust Model 59 DNS Information Sources 60 DNS Risks 61 DNS Infrastructure Risks and Attacks 62 DNS Service Availability 62 Hardware/OS Attacks 63 DNS Service Denial 63 Pseudorandom Subdomain Attacks 67 Cache Poisoning Style Attacks 67 Authoritative Poisoning 71 Resolver Redirection Attacks 73 Broader Attacks that Leverage DNS 74 Network Reconnaissance 75 DNS Rebinding Attack 77 Reflector Style Attacks 78 Data Exfiltration 79 Advanced Persistent Threats 81 Summary 83 5 DNS TRUST SECTORS 85 Introduction 85 Cybersecurity Framework Items 87 Identify 87 Protect 87 Detect 88 DNS Trust Sectors 88 External DNS Trust Sector 91 Basic Server Configuration 93 DNS Hosting of External Zones 97 External DNS Diversity 97 Extranet DNS Trust Sector 98 Recursive DNS Trust Sector 99 Tiered Caching Servers 100 Basic Server Configuration 101 Internal Authoritative DNS Servers 103 Basic Server Configuration 105 Additional DNS Deployment Variants 108 Internal Delegation DNS Master/Slave Servers 109 Multi-Tiered Authoritative Configurations 109 Hybrid Authoritative/Caching DNS Servers 111 Stealth Slave DNS Servers 111 Internal Root Servers 111 Deploying DNS Servers with Anycast Addresses 113 Other Deployment Considerations 118 High Availability 118 Multiple Vendors 118 Sizing and Scalability 118 Load Balancers 119 Lab Deployment 119 Putting It All Together 119 6 SECURITY FOUNDATION 121 Introduction 121 Hardware/Asset Related Framework Items 122 Identify: Asset Management 122 Identify: Business Environment 123 Identify: Risk Assessment 124 Protect: Access Control 126 Protect: Data Security 127 Protect: Information Protection 129 Protect: Maintenance 130 Detect: Anomalies and Events 131 Detect: Security Continuous Monitoring 131 Respond: Analysis 132 Respond: Mitigation 132 Recover: Recovery Planning 133 Recover: Improvements 133 DNS Server Hardware Controls 134 DNS Server Hardening 134 Additional DNS Server Controls 136 Summary 137 7 SERVICE DENIAL ATTACKS 139 Introduction 139 Denial of Service Attacks 139 Pseudorandom Subdomain Attacks 141 Reflector Style Attacks 143 Detecting Service Denial Attacks 144 Denial of Service Protection 145 DoS/DDoS Mitigation 145 Bogus Queries Mitigation 147 PRSD Attack Mitigation 148 Reflector Mitigation 148 Summary 151 8 CACHE POISONING DEFENSES 153 Introduction 153 Attack Forms 154 Packet Interception or Spoofing 154 ID Guessing or Query Prediction 155 Name Chaining 155 The Kaminsky DNS Vulnerability 156 Cache Poisoning Detection 159 Cache Poisoning Defense Mechanisms 160 UDP Port Randomization 160 Query Name Case Randomization 161 DNS Security Extensions 161 Last Mile Protection 167 9 SECURING AUTHORITATIVE DNS DATA 169 Introduction 169 Attack Forms 170 Resolution Data at Rest 170 Domain Registries 170 DNS Hosting Providers 171 DNS Data in Motion 172 Attack Detection 172 Authoritative Data 172 Domain Registry 173 Domain Hosting 173 Falsified Resolution 173 Defense Mechanisms 174 Defending DNS Data at Rest 174 Defending Resolution Data in Motion with DNSSEC 176 Summary 186 10 ATTACKER EXPLOITATION OF DNS 187 Introduction 187 Network Reconnaissance 187 Data Exfiltration 188 Detecting Nefarious use of DNS 189 Detecting Network Reconnaissance 189 DNS Tunneling Detection 190 Mitigation of Illicit DNS Use 193 Network Reconnaissance Mitigation 193 Mitigation of DNS Tunneling 193 11 MALWARE AND APTS 195 Introduction 195 Malware Proliferation Techniques 196 Phishing 196 Spear Phishing 196 Downloads 196 File Sharing 197 Email Attachments 197 Watering Hole Attack 197 Replication 197 Implantation 197 Malware Examples 198 Malware Use of DNS 198 DNS Fluxing 198 Dynamic Domain Generation 202 Detecting Malware 202 Detecting Malware Using DNS Data 203 Mitigating Malware Using DNS 206 Malware Extrication 206 DNS Firewall 207 Summary 210 12 DNS SECURITY STRATEGY 213 Major DNS Threats and Mitigation Approaches 214 Common Controls 214 Disaster Defense 214 Defenses Against Human Error 220 DNS Role-Specific Defenses 220 Stub Resolvers 220 Forwarder DNS Servers 221 Recursive Servers 221 Authoritative Servers 222 Broader Security Strategy 222 Identify Function 223 Protect Function 224 Detect Function 225 Respond Function 226 Recover Function 227 13 DNS APPLICATIONS TO IMPROVE NETWORK SECURITY 229 Safer Web Browsing 230 DNS-Based Authentication of Named Entities (DANE) 230 Email Security 232 Email and DNS 233 DNS Block Listing 237 Sender Policy Framework (SPF) 238 Domain Keys Identified Mail (DKIM) 242 Domain-Based Message Authentication, Reporting, and Conformance (DMARC) 245 Securing Automated Information Exchanges 246 Dynamic DNS Update Uniqueness Validation 246 Storing Security-Related Information 247 Other Security Oriented DNS Resource Record Types 247 Summary 251 14 DNS SECURITY EVOLUTION 253 Appendix A: Cybersecurity Framework Core DNS Example 257 Appendix B: DNS Resource Record Types 285 Bibliography 291 Index 299

Read more less

Book SynopsisIntroduces readers to the field of cyber modeling and simulation and examines current developments in the US and internationally This book provides an overview of cyber modeling and simulation (M&S) developments. Using scenarios, courses of action (COAs), and current M&S and simulation environments, the author presents the overall information assurance process, incorporating the people, policies, processes, and technologies currently available in the field. The author ties up the various threads that currently compose cyber M&S into a coherent view of what is measurable, simulative, and usable in order to evaluate systems for assured operation. An Introduction to Cyber Modeling and Simulation provides the reader with examples of tools and technologies currently available for performing cyber modeling and simulation. It examines how decision-making processes may benefit from M&S in cyber defense. It also examines example emulators, simulators and their potential combination. The bookTable of Contents1 Brief Review of Cyber Incidents 1 1.1 Cyber’s Emergence as an Issue 3 1.2 Estonia and Georgia – Militarization of Cyber 4 1.3 Conclusions 6 2 Cyber Security – An Introduction to Assessment and Maturity Frameworks 9 2.1 Assessment Frameworks 9 2.2 NIST 800 Risk Framework 9 2.2.1 Maturity Models 12 2.2.2 Use Cases/Scenarios 13 2.3 Cyber Insurance Approaches 14 2.3.1 An Introduction to Loss Estimate and Rate Evaluation for Cyber 17 2.4 Conclusions 17 2.5 Future Work 18 2.6 Questions 18 3 Introduction to Cyber Modeling and Simulation (M&S) 19 3.1 One Approach to the Science of Cyber Security 19 3.2 Cyber Mission System Development Framework 21 3.3 Cyber Risk Bow‐Tie: Likelihood to Consequence Model 21 3.4 Semantic Network Model of Cyberattack 22 3.5 Taxonomy of Cyber M&S 24 3.6 Cyber Security as a Linear System – Model Example 25 3.7 Conclusions 26 3.8 Questions 27 4 Technical and Operational Scenarios 29 4.1 Scenario Development 30 4.1.1 Technical Scenarios and Critical Security Controls (CSCs) 31 4.1.2 ARMOUR Operational Scenarios (Canada) 32 4.2 Cyber System Description for M&S 34 4.2.1 State Diagram Models/Scenarios of Cyberattacks 34 4.2.2 McCumber Model 35 4.2.3 Military Activity and Cyber Effects (MACE) Taxonomy 36 4.2.4 Cyber Operational Architecture Training System (COATS) Scenarios 37 4.3 Modeling and Simulation Hierarchy – Strategic Decision Making and Procurement Risk Evaluation 39 4.4 Conclusions 42 4.5 Questions 43 5 Cyber Standards for Modeling and Simulation 45 5.1 Cyber Modeling and Simulation Standards Background 46 5.2 An Introduction to Cyber Standards for Modeling and Simulation 47 5.2.1 MITRE’s (MITRE) Cyber Threat Information Standards 47 5.2.2 Cyber Operational Architecture Training System 49 5.2.3 Levels of Conceptual Interoperability 50 5.3 Standards Overview – Cyber vs. Simulation 51 5.3.1 Simulation Interoperability Standards Organization (SISO) Standards 52 5.3.2 Cyber Standards 54 5.4 Conclusions 56 5.5 Questions 57 6 Cyber Course of Action (COA) Strategies 59 6.1 Cyber Course of Action (COA) Background 59 6.1.1 Effects‐Based Cyber‐COA Optimization Technology and Experiments (EBCOTE) Project 59 6.1.2 Crown Jewels Analysis 60 6.1.3 Cyber Mission Impact Assessment (CMIA) Tool 61 6.1.4 Analyzing Mission Impacts of Cyber Actions 63 6.2 Cyber Defense Measurables – Decision Support System (DSS) Evaluation Criteria 64 6.2.1 Visual Analytics 65 6.2.2 Managing Cyber Events 67 6.2.3 DSS COA and VV&A 68 6.3 Cyber Situational Awareness (SA) 68 6.3.1 Active and Passive Situational Awareness for Cyber 69 6.3.2 Cyber System Monitoring and Example Approaches 69 6.4 Cyber COAs and Decision Types 70 6.5 Conclusions 71 6.6 Further Considerations 72 6.7 Questions 72 7 Cyber Computer‐Assisted Exercise (CAX) and Situational Awareness (SA) via Cyber M&S 75 7.1 Training Type and Current Cyber Capabilities 77 7.2 Situational Awareness (SA) Background and Measures 78 7.3 Operational Cyber Domain and Training Considerations 79 7.4 Cyber Combined Arms Exercise (CAX) Environment Architecture 81 7.4.1 CAX Environment Architecture with Cyber Layer 82 7.4.2 Cyber Injections into Traditional CAX – Leveraging Constructive Simulation 84 7.4.3 Cyber CAX – Individual and Group Training 85 7.5 Conclusions 86 7.6 Future Work 87 7.7 Questions 87 8 Cyber Model‐Based Evaluation Background 89 8.1 Emulators,Simulators, and Verification/Validation for Cyber System Description 89 8.2 Modeling Background 90 8.2.1 Cyber Simulators 91 8.2.2 Cyber Emulators 93 8.2.3 Emulator/Simulator Combinations for Cyber Systems 94 8.2.4 Verification, Validation, and Accreditation (VV&A) 96 8.3 Conclusions 99 8.4 Questions 100 9 Cyber Modeling and Simulation and System Risk Analysis 101 9.1 Background on Cyber System Risk Analysis 101 9.2 Introduction to using Modeling and Simulation for System Risk Analysis with Cyber Effects 104 9.3 General Business Enterprise Description Model 105 9.3.1 Translate Data to Knowledge 107 9.3.2 Understand the Enterprise 114 9.3.3 Sampling and Cyber Attack Rate Estimation 114 9.3.4 Finding Unknown Knowns – Success in Finding Improvised Explosive Device Example 116 9.4 Cyber Exploit Estimation 116 9.4.1 Enterprise Failure Estimation due to Cyber Effects 118 9.5 Countermeasures and Work Package Construction 120 9.6 Conclusions and Future Work 122 9.7 Questions 124 10 Cyber Modeling & Simulation (M&S) for Test and Evaluation (T&E) 125 10.1 Background 125 10.2 Cyber Range Interoperability Standards (CRIS) 126 10.3 Cyber Range Event Process and Logical Range 127 10.4 Live,Virtual, and Constructive (LVC) for Cyber 130 10.4.1 Role of LVC in Capability Development 132 10.4.2 Use of LVC Simulations in Cyber Range Events 133 10.5 Applying the Logical Range Construct to System under Test (SUT) Interaction 134 10.6 Conclusions 135 10.7 Questions 136 11 Developing Model‐Based Cyber Modeling and Simulation Frameworks 137 11.1 Background 137 11.2 Model‐ Based Systems Engineering (MBSE) and System of Systems Description (Data Centric) 137 11.3 Knowledge‐ Based Systems Engineering (KBSE) for Cyber Simulation 138 11.3.1 DHS and SysML Modeling for Buildings (CEPHEID VARIABLE) 139 11.3.2 The Cyber Security Modeling Language (CySeMoL) 140 11.3.3 Cyber Attack Modeling and Impact Assessment Component (CAMIAC) 140 11.4 Architecture‐ Based Cyber System Optimization Framework 141 11.5 Conclusions 141 11.6 Questions 142 12 Appendix: Cyber M&S Supporting Data, Tools, and Techniques 143 12.1 Cyber Modeling Considerations 143 12.1.1 Factors to Consider for Cyber Modeling 143 12.1.2 Lessons Learned from Physical Security 144 12.1.3 Cyber Threat Data Providers 146 12.1.4 Critical Security Controls (CSCs) 147 12.1.5 Situational Awareness Measures 147 12.2 Cyber Training Systems 148 12.2.1 Scalable Network Defense Trainer (NDT) 153 12.2.2 SELEX ES NetComm Simulation Environment (NCSE) 153 12.2.3 Example Cyber Tool Companies 154 12.3 Cyber‐ Related Patents and Applications 154 12.4 Conclusions 160 Bibliography 161 Index 175

Read more less

Book SynopsisMACHINE LEARNING TECHNIQUES AND ANALYTICS FOR CLOUD SECURITY This book covers new methods, surveys, case studies, and policy with almost all machine learning techniques and analytics for cloud security solutions The aim of Machine Learning Techniques and Analytics for Cloud Security is to integrate machine learning approaches to meet various analytical issues in cloud security. Cloud security with ML has long-standing challenges that require methodological and theoretical handling. The conventional cryptography approach is less applied in resource-constrained devices. To solve these issues, the machine learning approach may be effectively used in providing security to the vast growing cloud environment. Machine learning algorithms can also be used to meet various cloud security issues, such as effective intrusion detection systems, zero-knowledge authentication systems, measures for passive attacks, protocols design, privacy system designs, applications, and many more. The book also coTable of ContentsContents Preface Part I: Conceptual Aspects on Cloud and Applications of Machine Learning 1 1 Hybrid Cloud: A New Paradigm in Cloud Computing 3 Moumita Deb and Abantika Choudhury 1.1 Introduction 3 1.2 Hybrid Cloud 5 1.2.1 Architecture 6 1.2.2 Why Hybrid Cloud is Required? 6 1.2.3 Business and Hybrid Cloud 7 1.2.4 Things to Remember When Deploying Hybrid Cloud 8 1.3 Comparison Among Different Hybrid Cloud Providers 9 1.3.1 Cloud Storage and Backup Benefits 11 1.3.2 Pros and Cons of Different Service Providers 11 1.3.2.1 AWS Outpost 12 1.3.2.2 Microsoft Azure Stack 12 1.3.2.3 Google Cloud Anthos 12 1.3.3 Review on Storage of the Providers 13 1.3.3.1 AWS Outpost Storage 13 1.3.3.2 Google Cloud Anthos Storage 13 1.3.4 Pricing 15 1.4 Hybrid Cloud in Education 15 1.5 Significance of Hybrid Cloud Post-Pandemic 15 1.6 Security in Hybrid Cloud 16 1.6.1 Role of Human Error in Cloud Security 18 1.6.2 Handling Security Challenges 18 1.7 Use of AI in Hybrid Cloud 19 1.8 Future Research Direction 21 1.9 Conclusion 22 References 22 xix v 2 Recognition of Differentially Expressed Glycan Structure of H1N1 Virus Using Unsupervised Learning Framework 25 Shillpi Mishrra 2.1 Introduction 25 2.2 Proposed Methodology 27 2.3 Result 28 2.3.1 Description of Datasets 29 2.3.2 Analysis of Result 29 2.3.3 Validation of Results 31 2.3.3.1 T-Test (Statistical Validation) 31 2.3.3.2 Statistical Validation 33 2.3.4 Glycan Cloud 37 2.4 Conclusions and Future Work 38 References 39 3 Selection of Certain Cancer Mediating Genes Using a Hybrid Model Logistic Regression Supported by Principal Component Analysis (PC-LR) 41 Subir Hazra, Alia Nikhat Khurshid and Akriti 3.1 Introduction 41 3.2 Related Methods 44 3.3 Methodology 46 3.3.1 Description 47 3.3.2 Flowchart 49 3.3.3 Algorithm 49 3.3.4 Interpretation of the Algorithm 50 3.3.5 Illustration 50 3.4 Result 51 3.4.1 Description of the Dataset 51 3.4.2 Result Analysis 51 3.4.3 Result Set Validation 52 3.5 Application in Cloud Domain 56 3.6 Conclusion 58 References 59 Part II: Cloud Security Systems Using Machine Learning Techniques 61 4 Cost-Effective Voice-Controlled Real-Time Smart Informative Interface Design With Google Assistance Technology 63 Soumen Santra, Partha Mukherjee and Arpan Deyasi 4.1 Introduction 64 4.2 Home Automation System 65 4.2.1 Sensors 65 4.2.2 Protocols 66 4.2.3 Technologies 66 4.2.4 Advantages 67 4.2.5 Disadvantages 67 4.3 Literature Review 67 4.4 Role of Sensors and Microcontrollers in Smart Home Design 68 4.5 Motivation of the Project 70 4.6 Smart Informative and Command Accepting Interface 70 4.7 Data Flow Diagram 71 4.8 Components of Informative Interface 72 4.9 Results 73 4.9.1 Circuit Design 73 4.9.2 LDR Data 76 4.9.3 API Data 76 4.10 Conclusion 78 4.11 Future Scope 78 References 78 5 Symmetric Key and Artificial Neural Network With Mealy Machine: A Neoteric Model of Cryptosystem for Cloud Security 81 Anirban Bhowmik, Sunil Karforma and Joydeep Dey 5.1 Introduction 81 5.2 Literature Review 85 5.3 The Problem 86 5.4 Objectives and Contributions 86 5.5 Methodology 87 5.6 Results and Discussions 91 5.6.1 Statistical Analysis 93 5.6.2 Randomness Test of Key 94 5.6.3 Key Sensitivity Analysis 95 5.6.4 Security Analysis 96 5.6.5 Dataset Used on ANN 96 5.6.6 Comparisons 98 5.7 Conclusions 99 References 99 6 An Efficient Intrusion Detection System on Various Datasets Using Machine Learning Techniques 103 Debraj Chatterjee 6.1 Introduction 103 6.2 Motivation and Justification of the Proposed Work 104 6.3 Terminology Related to IDS 105 6.3.1 Network 105 6.3.2 Network Traffic 105 6.3.3 Intrusion 106 6.3.4 Intrusion Detection System 106 6.3.4.1 Various Types of IDS 108 6.3.4.2 Working Methodology of IDS 108 6.3.4.3 Characteristics of IDS 109 6.3.4.4 Advantages of IDS 110 6.3.4.5 Disadvantages of IDS 111 6.3.5 Intrusion Prevention System (IPS) 111 6.3.5.1 Network-Based Intrusion Prevention System (NIPS) 111 6.3.5.2 Wireless Intrusion Prevention System (WIPS) 112 6.3.5.3 Network Behavior Analysis (NBA) 112 6.3.5.4 Host-Based Intrusion Prevention System (HIPS) 112 6.3.6 Comparison of IPS With IDS/Relation Between IDS and IPS 112 6.3.7 Different Methods of Evasion in Networks 113 6.4 Intrusion Attacks on Cloud Environment 114 6.5 Comparative Studies 116 6.6 Proposed Methodology 121 6.7 Result 122 6.8 Conclusion and Future Scope 125 References 126 7 You Are Known by Your Mood: A Text-Based Sentiment Analysis for Cloud Security 129 Abhijit Roy and Parthajit Roy 7.1 Introduction 129 7.2 Literature Review 131 7.3 Essential Prerequisites 133 7.3.1 Security Aspects 133 7.3.2 Machine Learning Tools 135 7.3.2.1 Naïve Bayes Classifier 135 7.3.2.2 Artificial Neural Network 136 7.4 Proposed Model 136 7.5 Experimental Setup 138 7.6 Results and Discussions 139 7.7 Application in Cloud Security 142 7.7.1 Ask an Intelligent Security Question 142 7.7.2 Homomorphic Data Storage 142 7.7.3 Information Diffusion 144 7.8 Conclusion and Future Scope 144 References 145 8 The State-of-the-Art in Zero-Knowledge Authentication Proof for Cloud 149 Priyanka Ghosh 8.1 Introduction 149 8.2 Attacks and Countermeasures 153 8.2.1 Malware and Ransomware Breaches 154 8.2.2 Prevention of Distributing Denial of Service 154 8.2.3 Threat Detection 154 8.3 Zero-Knowledge Proof 154 8.4 Machine Learning for Cloud Computing 156 8.4.1 Types of Learning Algorithms 156 8.4.1.1 Supervised Learning 156 8.4.1.2 Supervised Learning Approach 156 8.4.1.3 Unsupervised Learning 157 8.4.2 Application on Machine Learning for Cloud Computing 157 8.4.2.1 Image Recognition 157 8.4.2.2 Speech Recognition 157 8.4.2.3 Medical Diagnosis 158 8.4.2.4 Learning Associations 158 8.4.2.5 Classification 158 8.4.2.6 Prediction 158 8.4.2.7 Extraction 158 8.4.2.8 Regression 158 8.4.2.9 Financial Services 159 8.5 Zero-Knowledge Proof: Details 159 8.5.1 Comparative Study 159 8.5.1.1 Fiat-Shamir ZKP Protocol 159 8.5.2 Diffie-Hellman Key Exchange Algorithm 161 8.5.2.1 Discrete Logarithm Attack 161 8.5.2.2 Man-in-the-Middle Attack 162 8.5.3 ZKP Version 1 162 8.5.4 ZKP Version 2 162 8.5.5 Analysis 164 8.5.6 Cloud Security Architecture 166 8.5.7 Existing Cloud Computing Architectures 167 8.5.8 Issues With Current Clouds 167 8.6 Conclusion 168 References 169 9 A Robust Approach for Effective Spam Detection Using Supervised Learning Techniques 171 Amartya Chakraborty, Suvendu Chattaraj, Sangita Karmakar and Shillpi Mishrra 9.1 Introduction 171 9.2 Literature Review 173 9.3 Motivation 174 9.4 System Overview 175 9.5 Data Description 176 9.6 Data Processing 176 9.7 Feature Extraction 178 9.8 Learning Techniques Used 179 9.8.1 Support Vector Machine 179 9.8.2 k-Nearest Neighbors 180 9.8.3 Decision Tree 180 9.8.4 Convolutional Neural Network 180 9.9 Experimental Setup 182 9.10 Evaluation Metrics 183 9.11 Experimental Results 185 9.11.1 Observations in Comparison With State-of-the-Art 187 9.12 Application in Cloud Architecture 188 9.13 Conclusion 189 References 190 10 An Intelligent System for Securing Network From Intrusion Detection and Prevention of Phishing Attack Using Machine Learning Approaches 193 Sumit Banik, Sagar Banik and Anupam Mukherjee 10.1 Introduction 193 10.1.1 Types of Phishing 195 10.1.1.1 Spear Phishing 195 10.1.1.2 Whaling 195 10.1.1.3 Catphishing and Catfishing 195 10.1.1.4 Clone Phishing 196 10.1.1.5 Voice Phishing 196 10.1.2 Techniques of Phishing 196 10.1.2.1 Link Manipulation 196 10.1.2.2 Filter Evasion 196 10.1.2.3 Website Forgery 196 10.1.2.4 Covert Redirect 197 10.2 Literature Review 197 10.3 Materials and Methods 199 10.3.1 Dataset and Attributes 199 10.3.2 Proposed Methodology 199 10.3.2.1 Logistic Regression 202 10.3.2.2 Naïve Bayes 202 10.3.2.3 Support Vector Machine 203 10.3.2.4 Voting Classification 203 10.4 Result Analysis 204 10.4.1 Analysis of Different Parameters for ML Models 204 10.4.2 Predictive Outcome Analysis in Phishing URLs Dataset 205 10.4.3 Analysis of Performance Metrics 206 10.4.4 Statistical Analysis of Results 210 ‌0.4.4. 1 ANOVA: Two-Factor Without Replication 210 10.4.4.2 ANOVA: Single Factor 210 10.5 Conclusion 210 References 211 Part III: Cloud Security Analysis Using Machine Learning Techniques 213 11 Cloud Security Using Honeypot Network and Blockchain: A Review 215 Smarta Sangui * and Swarup Kr Ghosh 11.1 Introduction 215 11.2 Cloud Computing Overview 216 11.2.1 Types of Cloud Computing Services 216 11.2.1.1 Software as a Service 216 11.2.1.2 Infrastructure as a Service 218 11.2.1.3 Platform as a Service 218 11.2.2 Deployment Models of Cloud Computing 218 11.2.2.1 Public Cloud 218 11.2.2.2 Private Cloud 218 11.2.2.3 Community Cloud 219 11.2.2.4 Hybrid Cloud 219 11.2.3 Security Concerns in Cloud Computing 219 11.2.3.1 Data Breaches 219 11.2.3.2 Insufficient Change Control and Misconfiguration 219 11.2.3.3 Lack of Strategy and Security Architecture 220 11.2.3.4 Insufficient Identity, Credential, Access, and Key Management 220 11.2.3.5 Account Hijacking 220 11.2.3.6 Insider Threat 220 11.2.3.7 Insecure Interfaces and APIs 220 11.2.3.8 Weak Control Plane 221 11.3 Honeypot System 221 11.3.1 VM (Virtual Machine) as Honeypot in the Cloud 221 11.3.2 Attack Sensing and Analyzing Framework 222 11.3.3 A Fuzzy Technique Against Fingerprinting Attacks 223 11.3.4 Detecting and Classifying Malicious Access 224 11.3.5 A Bayesian Defense Model for Deceptive Attack 224 11.3.6 Strategic Game Model for DDoS Attacks in Smart Grid 226 11.4 Blockchain 227 11.4.1 Blockchain-Based Encrypted Cloud Storage 228 11.4.2 Cloud-Assisted EHR Sharing via Consortium Blockchain 229 11.4.3 Blockchain-Secured Cloud Storage 230 11.4.4 Blockchain and Edge Computing–Based Security Architecture 230 11.4.5 Data Provenance Architecture in Cloud Ecosystem Using Blockchain 231 11.6 Comparative Analysis 233 11.7 Conclusion 233 References 234 12 Machine Learning–Based Security in Cloud Database—A Survey 239 Utsav Vora, Jayleena Mahato, Hrishav Dasgupta, Anand Kumar and Swarup Kr Ghosh 12.1 Introduction 239 12.2 Security Threats and Attacks 241 12.3 Dataset Description 244 12.3.1 NSL-KDD Dataset 244 12.3.2 UNSW-NB15 Dataset 244 12.4 Machine Learning for Cloud Security 245 12.4.1 Supervised Learning Techniques 245 12.4.1.1 Support Vector Machine 245 12.4.1.2 Artificial Neural Network 247 12.4.1.3 Deep Learning 249 12.4.1.4 Random Forest 250 12.4.2 Unsupervised Learning Techniques 251 12.4.2.1 K-Means Clustering 252 12.4.2.2 Fuzzy C-Means Clustering 253 12.4.2.3 Expectation-Maximization Clustering 253 12.4.2.4 Cuckoo Search With Particle Swarm Optimization (PSO) 254 12.4.3 Hybrid Learning Techniques 256 12.4.3.1 HIDCC: Hybrid Intrusion Detection Approach in Cloud Computing 256 12.4.3.2 Clustering-Based Hybrid Model in Deep Learning Framework 257 12.4.3.3 K-Nearest Neighbor–Based Fuzzy C-Means Mechanism 258 12.4.3.4 K-Means Clustering Using Support Vector Machine 260 12.4.3.5 K-Nearest Neighbor–Based Artificial Neural Network Mechanism 260 12.4.3.6 Artificial Neural Network Fused With Support Vector Machine 261 12.4.3.7 Particle Swarm Optimization–Based Probabilistic Neural Network 261 12.5 Comparative Analysis 262 12.6 Conclusion 264 References 267 13 Machine Learning Adversarial Attacks: A Survey Beyond 271 Chandni Magoo and Puneet Garg 13.1 Introduction 271 13.2 Adversarial Learning 272 13.2.1 Concept 272 13.3 Taxonomy of Adversarial Attacks 273 13.3.1 Attacks Based on Knowledge 273 13.3.1.1 Black Box Attack (Transferable Attack) 273 13.3.1.2 White Box Attack 274 13.3.2 Attacks Based on Goals 275 13.3.2.1 Target Attacks 275 13.3.2.2 Non-Target Attacks 275 13.3.3 Attacks Based on Strategies 275 13.3.3.1 Poisoning Attacks 275 13.3.3.2 Evasion Attacks 276 13.3.4 Textual-Based Attacks (NLP) 276 13.3.4.1 Character Level Attacks 276 13.3.4.2 Word-Level Attacks 276 13.3.4.3 Sentence-Level Attacks 276 13.4 Review of Adversarial Attack Methods 276 13.4.1 L-bfgs 277 13.4.2 Feedforward Derivation Attack (Jacobian Attack) 277 13.4.3 Fast Gradient Sign Method 278 13.4.4 Methods of Different Text-Based Adversarial Attacks 278 13.4.5 Adversarial Attacks Methods Based on Language Models 284 13.4.6 Adversarial Attacks on Recommender Systems 284 13.4.6.1 Random Attack 284 13.4.6.2 Average Attack 286 13.4.6.3 Bandwagon Attack 286 13.4.6.4 Reverse Bandwagon Attack 286 13.5 Adversarial Attacks on Cloud-Based Platforms 287 13.6 Conclusion 288 References 288 14 Protocols for Cloud Security 293 Weijing You and Bo Chen 14.1 Introduction 293 14.2 System and Adversarial Model 295 14.2.1 System Model 295 14.2.2 Adversarial Model 295 14.3 Protocols for Data Protection in Secure Cloud Computing 296 14.3.1 Homomorphic Encryption 297 14.3.2 Searchable Encryption 298 14.3.3 Attribute-Based Encryption 299 14.3.4 Secure Multi-Party Computation 300 14.4 Protocols for Data Protection in Secure Cloud Storage 301 14.4.1 Proofs of Encryption 301 14.4.2 Secure Message-Locked Encryption 303 14.4.3 Proofs of Storage 303 14.4.4 Proofs of Ownership 305 14.4.5 Proofs of Reliability 306 14.5 Protocols for Secure Cloud Systems 309 14.6 Protocols for Cloud Security in the Future 309 14.7 Conclusion 310 References 311 Part IV: Case Studies Focused on Cloud Security 313 15 A Study on Google Cloud Platform (GCP) and Its Security 315 Agniswar Roy, Abhik Banerjee and Navneet Bhardwaj 15.1 Introduction 315 15.1.1 Google Cloud Platform Current Market Holding 316 15.1.1.1 The Forrester Wave 317 15.1.1.2 Gartner Magic Quadrant 317 15.1.2 Google Cloud Platform Work Distribution 317 15.1.2.1 SaaS 318 15.1.2.2 PaaS 318 15.1.2.3 IaaS 318 15.1.2.4 On-Premise 318 15.2 Google Cloud Platform’s Security Features Basic Overview 318 15.2.1 Physical Premises Security 319 15.2.2 Hardware Security 319 15.2.3 Inter-Service Security 319 15.2.4 Data Security 320 15.2.5 Internet Security 320 15.2.6 In-Software Security 320 15.2.7 End User Access Security 321 15.3 Google Cloud Platform’s Architecture 321 15.3.1 Geographic Zone 321 15.3.2 Resource Management 322 15.3.2.1 Iam 322 15.3.2.2 Roles 323 15.3.2.3 Billing 323 15.4 Key Security Features 324 15.4.1 Iap 324 15.4.2 Compliance 325 15.4.3 Policy Analyzer 326 15.4.4 Security Command Center 326 15.4.4.1 Standard Tier 326 15.4.4.2 Premium Tier 326 15.4.5 Data Loss Protection 329 15.4.6 Key Management 329 15.4.7 Secret Manager 330 15.4.8 Monitoring 330 15.5 Key Application Features 330 15.5.1 Stackdriver (Currently Operations) 330 15.5.1.1 Profiler 330 15.5.1.2 Cloud Debugger 330 15.5.1.3 Trace 331 15.5.2 Network 331 15.5.3 Virtual Machine Specifications 332 15.5.4 Preemptible VMs 332 15.6 Computation in Google Cloud Platform 332 15.6.1 Compute Engine 332 15.6.2 App Engine 333 15.6.3 Container Engine 333 15.6.4 Cloud Functions 333 15.7 Storage in Google Cloud Platform 333 15.8 Network in Google Cloud Platform 334 15.9 Data in Google Cloud Platform 334 15.10 Machine Learning in Google Cloud Platform 335 15.11 Conclusion 335 References 337 16 Case Study of Azure and Azure Security Practices 339 Navneet Bhardwaj, Abhik Banerjee and Agniswar Roy 16.1 Introduction 339 16.1.1 Azure Current Market Holding 340 16.1.2 The Forrester Wave 340 16.1.3 Gartner Magic Quadrant 340 16.2 Microsoft Azure—The Security Infrastructure 341 16.2.1 Azure Security Features and Tools 341 16.2.2 Network Security 342 16.3 Data Encryption 342 16.3.1 Data Encryption at Rest 342 16.3.2 Data Encryption at Transit 342 16.3.3 Asset and Inventory Management 343 16.3.4 Azure Marketplace 343 16.4 Azure Cloud Security Architecture 344 16.4.1 Working 344 16.4.2 Design Principles 344 16.4.2.1 Alignment of Security Policies 344 16.4.2.2 Building a Comprehensive Strategy 345 16.4.2.3 Simplicity Driven 345 16.4.2.4 Leveraging Native Controls 345 16.4.2.5 Identification-Based Authentication 345 16.4.2.6 Accountability 345 16.4.2.7 Embracing Automation 345 16.4.2.8 Stress on Information Protection 345 16.4.2.9 Continuous Evaluation 346 16.4.2.10 Skilled Workforce 346 16.5 Azure Architecture 346 16.5.1 Components 346 16.5.1.1 Azure Api Gateway 346 16.5.1.2 Azure Functions 346 16.5.2 Services 347 16.5.2.1 Azure Virtual Machine 347 16.5.2.2 Blob Storage 347 16.5.2.3 Azure Virtual Network 348 16.5.2.4 Content Delivery Network 348 16.5.2.5 Azure SQL Database 349 16.6 Features of Azure 350 16.6.1 Key Features 350 16.6.1.1 Data Resiliency 350 16.6.1.2 Data Security 350 16.6.1.3 BCDR Integration 350 16.6.1.4 Storage Management 351 16.6.1.5 Single Pane View 351 16.7 Common Azure Security Features 351 16.7.1 Security Center 351 16.7.2 Key Vault 351 16.7.3 Azure Active Directory 352 16.7.3.1 Application Management 352 16.7.3.2 Conditional Access 352 16.7.3.3 Device Identity Management 352 ​16.7.3. 4 Identity Protection 353 16.7.3.5 Azure Sentinel 353 16.7.3.6 Privileged Identity Management 354 16.7.3.7 Multifactor Authentication 354 16.7.3.8 Single Sign On 354 16.8 Conclusion 355 References 355 17 Nutanix Hybrid Cloud From Security Perspective 357 Abhik Banerjee, Agniswar Roy, Amar Kalvikatte and Navneet Bhardwaj 17.1 Introduction 357 17.2 Growth of Nutanix 358 17.2.1 Gartner Magic Quadrant 358 17.2.2 The Forrester Wave 358 17.2.3 Consumer Acquisition 359 17.2.4 Revenue 359 17.3 Introductory Concepts 361 17.3.1 Plane Concepts 361 17.3.1.1 Control Plane 361 17.3.1.2 Data Plane 361 17.3.2 Security Technical Implementation Guides 362 17.3.3 SaltStack and SCMA 362 17.4 Nutanix Hybrid Cloud 362 17.4.1 Prism 362 17.4.1.1 Prism Element 363 17.4.1.2 Prism Central 364 17.4.2 Acropolis 365 17.4.2.1 Distributed Storage Fabric 365 17.4.2.2 Ahv 367 17.5 Reinforcing AHV and Controller VM 367 17.6 Disaster Management and Recovery 368 17.6.1 Protection Domains and Consistent Groups 368 17.6.2 Nutanix DSF Replication of OpLog 369 17.6.3 DSF Snapshots and VmQueisced Snapshot Service 370 17.6.4 Nutanix Cerebro 370 17.7 Security and Policy Management on Nutanix Hybrid Cloud 371 17.7.1 Authentication on Nutanix 372 17.7.2 Nutanix Data Encryption 372 17.7.3 Security Policy Management 373 17.7.3.1 Enforcing a Policy 374 17.7.3.2 Priority of a Policy 374 17.7.3.3 Automated Enforcement 374 17.8 Network Security and Log Management 374 17.8.1 Segmented and Unsegmented Network 375 17.9 Conclusion 376 References 376 Part V: Policy Aspects 379 18 A Data Science Approach Based on User Interactions to Generate Access Control Policies for Large Collections of Documents 381 Jedidiah Yanez-Sierra, Arturo Diaz-Perez and Victor Sosa-Sosa 18.1 Introduction 381 18.2 Related Work 383 18.3 Network Science Theory 384 18.4 Approach to Spread Policies Using Networks Science 387 18.4.1 Finding the Most Relevant Spreaders 388 18.4.1.1 Weighting Users 389 18.4.1.2 Selecting the Top � Spreaders 390 18.4.2 Assign and Spread the Access Control Policies 390 18.4.2.1 Access Control Policies 391 18.4.2.2 Horizontal Spreading 391 18.4.2.3 Vertical Spreading (Bottom-Up) 392 18.4.2.4 Policies Refinement 395 18.4.3 Structural Complexity Analysis of CP-ABE Policies 395 18.4.3.1 Assessing the WSC for ABE Policies 396 18.4.3.2 Assessing the Policies Generated in the Spreading Process 397 18.4.4 Effectiveness Analysis 398 18.4.4.1 Evaluation Metrics 399 18.4.4.2 Adjusting the Interaction Graph to Assess Policy Effectiveness 400 18.4.4.3 Method to Complement the User Interactions (Synthetic Edges Generation) 400 18.4.5 Measuring Policy Effectiveness in the User Interaction Graph 403 18.4.5.1 Simple Node-Based Strategy 403 18.4.5.2 Weighted Node-Based Strategy 404 18.5 Evaluation 405 18.5.1 Dataset Description 405 18.5.2 Results of the Complexity Evaluation 406 18.5.3 Effectiveness Results From the Real Edges 407 18.5.4 Effectiveness Results Using Real and Synthetic Edges 408 18.5.4.1 Results of the Effectiveness Metrics for the Enhanced G + Graph 410 18.6 Conclusions 413 References 414 19 AI, ML, & Robotics in iSchools: An Academic Analysis for an Intelligent Societal Systems 417 P. K. Paul 19.1 Introduction 417 19.2 Objective 419 19.3 Methodology 420 19.3.1 iSchools, Technologies, and Artificial Intelligence, ML, and Robotics 420 19.4 Artificial Intelligence, ML, and Robotics: An Overview 427 19.5 Artificial Intelligence, ML, and Robotics as an Academic Program: A Case on iSchools—North American Region 428 19.6 Suggestions 431 19.7 Motivation and Future Works 435 19.8 Conclusion 435 References 436 Index 439

Read more less

Book SynopsisTHE WILEY 5G REF Explore cutting-edge subjects in 5G privacy and security In The Wiley 5G REF: Security, a team of distinguished researchers delivers an insightful collection of articles selected from the online-only The Wiley 5G Reference. The editors introduce the security landscape of 5G, including the significant security and privacy risks associated with 5G networks. They also discuss different security solutions for various segments of the 5G network, like the radio, edge, access, and core networks. The book explores the security threats associated with key network softwarization technologies, like SDN, NFV, NS, and MEC, as well as those that come with new 5G and IoT services. There is also a detailed discussion on the privacy of 5G networks. The included articles are written by leading international experts in security and privacy for telecommunication networks. They offer learning opportunities for everyone from graduate-level students toTable of ContentsForeword List of Contributors 1. 5G Mobile Networks Security Landscape and Major Risks 2. SDMN Security 3. 5G Security – Complex Challenges 4. Physical-Layer Security for 5G and Beyond 5. Security for Handover and D2D Communication in 5G HetNets 6. Authentication and Access Control for 5G 7. 5G-Core Network Security 8. MEC and Cloud Security 9. Security in Network Slicing 10. VNF Placement and Sharing in NFV-Based Cellular Networks 11. Security Monitoring and Management in 5G 12. Security for Vertical Industries 13. Introduction to IoT Security 14. Privacy in the 5G World: The GDPR in a Datafied Society 15. Structural Safety Assessment of 5G Network Infrastructures Index

Read more less

Book SynopsisAI AND MACHINE LEARNING FOR NETWORK AND SECURITY MANAGEMENT Extensive Resource for Understanding Key Tasks of Network and Security Management AI and Machine Learning for Network and Security Management covers a range of key topics of network automation for network and security management, including resource allocation and scheduling, network planning and routing, encrypted traffic classification, anomaly detection, and security operations. In addition, the authors introduce their large-scale intelligent network management and operation system and elaborate on how the aforementioned areas can be integrated into this system, plus how the network service can benefit. Sample ideas covered in this thought-provoking work include: How cognitive means, e.g., knowledge transfer, can help with network and security management How different advanced AI and machine learning techniques can be useful and helpful to facilitate network automation <Table of ContentsAuthor Biographies xiii Preface xv Acknowledgments xvii Acronyms xix 1 Introduction 1 1.1 Introduction 1 1.2 Organization of the Book 3 1.3 Conclusion 6 References 6 2 When Network and Security Management Meets AI and Machine Learning 9 2.1 Introduction 9 2.2 Architecture of Machine Learning-Empowered Network and Security Management 10 2.3 Supervised Learning 12 2.3.1 Classification 12 2.3.2 Regression 15 2.4 Semisupervised and Unsupervised Learning 15 2.4.1 Clustering 17 2.4.2 Dimension Reduction 17 2.4.3 Semisupervised Learning 18 2.5 Reinforcement Learning 18 2.5.1 Policy-Based 21 2.5.2 Value-Based 22 2.6 Industry Products on Network and Security Management 24 2.6.1 Network Management 24 2.6.1.1 Cisco DNA Center 24 2.6.1.2 Sophie 25 2.6.1.3 Juniper EX4400 Switch 25 2.6.1.4 Juniper SRX Series Services Gateway 25 2.6.1.5 H3C SeerAnalyzer 26 2.6.2 Security Management 27 2.6.2.1 SIEM, IBM QRadar Advisor with Watson 27 2.6.2.2 FortiSandbox 27 2.6.2.3 FortiSIEM 28 2.6.2.4 FortiEDR 28 2.6.2.5 FortiClient 29 2.6.2.6 H3C SecCenter CSAP 29 2.7 Standards on Network and Security Management 29 2.7.1 Network Management 29 2.7.1.1 Cognitive Network Management 30 2.7.1.2 End-to-End 5G and Beyond 30 2.7.1.3 Software-Defined Radio Access Network 32 2.7.1.4 Architectural Framework for ML in Future Networks 32 2.7.2 Security Management 33 2.7.2.1 Securing AI 33 2.8 Projects on Network and Security Management 34 2.8.1 Poseidon 34 2.8.2 NetworkML 35 2.8.3 Credential-Digger 36 2.8.4 Adversarial Robustness Toolbox 37 2.9 Proof-of-Concepts on Network and Security Management 38 2.9.1 Classification 38 2.9.1.1 Phishing URL Classification 38 2.9.1.2 Intrusion Detection 39 2.9.2 Active Learning 39 2.9.3 Concept Drift Detection 40 2.10 Conclusion 41 References 42 3 Learning Network Intents for Autonomous Network Management 49 3.1 Introduction 49 3.2 Motivation 52 3.3 The Hierarchical Representation and Learning Framework for Intention Symbols Inference 53 3.3.1 Symbolic Semantic Learning (SSL) 53 3.3.1.1 Connectivity Intention 55 3.3.1.2 Deadlock Free Intention 56 3.3.1.3 Performance Intention 57 3.3.1.4 Discussion 57 3.3.2 Symbolic Structure Inferring (SSI) 57 3.4 Experiments 59 3.4.1 Datasets 59 3.4.2 Experiments on Symbolic Semantic Learning 60 3.4.3 Experiments on Symbolic Structure Inferring 62 3.4.4 Experiments on Symbolic Structure Transferring 64 3.5 Conclusion 66 References 66 4 Virtual Network Embedding via Hierarchical Reinforcement Learning 69 4.1 Introduction 69 4.2 Motivation 70 4.3 Preliminaries and Notations 72 4.3.1 Virtual Network Embedding 72 4.3.1.1 Substrate Network and Virtual Network 72 4.3.1.2 The VNE Problem 72 4.3.1.3 Evaluation Metrics 73 4.3.2 Reinforcement Learning 74 4.3.3 Hierarchical Reinforcement Learning 75 4.4 The Framework of VNE-HRL 75 4.4.1 Overview 75 4.4.2 The High-level Agent 77 4.4.2.1 State Encoder for HEA 77 4.4.2.2 Estimated Long-term Cumulative Reward 78 4.4.2.3 Short-term High-level Reward 78 4.4.3 The Low-level Agent 78 4.4.3.1 State Encoder for LEA 79 4.4.3.2 Estimated Long-term Cumulative Reward 79 4.4.3.3 Short-term Low-level Reward 80 4.4.4 The Training Method 80 4.5 Case Study 80 4.5.1 Experiment Setup 80 4.5.2 Comparison Methods 81 4.5.3 Evaluation Results 81 4.5.3.1 Performance Over Time 81 4.5.3.2 Performance of Various VNRs with Diverse Resource Requirements 82 4.6 Related Work 84 4.6.1 Traditional Methods 84 4.6.2 ML-based Algorithms 84 4.7 Conclusion 85 References 85 5 Concept Drift Detection for Network Traffic Classification 91 5.1 Related Concepts of Machine Learning in Data Stream Processing 91 5.1.1 Assumptions and Limitations 91 5.1.1.1 Availability of Learning Examples 91 5.1.1.2 Availability of the Model 92 5.1.1.3 Concept to be Learned 92 5.1.2 Concept Drift and Its Solution 92 5.2 Using an Active Approach to Solve Concept Drift in the Intrusion Detection Field 94 5.2.1 Application Background 94 5.2.2 System Workflow 95 5.3 Concept Drift Detector Based on CVAE 96 5.3.1 CVAE-based Drift Indicator 96 5.3.2 Drift Analyzer 97 5.3.3 The Performance of CVAE-based Concept Drift Detector 98 5.3.3.1 Comparison Drift Detectors 99 5.3.3.2 Experiment Settings 99 5.4 Deployment and Experiment in Real Networks 101 5.4.1 Data Collection and Feature Extraction 101 5.4.2 Data Analysis and Parameter Setting 103 5.4.3 Result Analysis 103 5.5 Future Research Challenges and Open Issues 105 5.5.1 Adaptive Threshold m 105 5.5.2 Computational Cost of Drift Detectors 105 5.5.3 Active Learning 105 5.6 Conclusion 105 References 106 6 Online Encrypted Traffic Classification Based on Lightweight Neural Networks 109 6.1 Introduction 109 6.2 Motivation 109 6.3 Preliminaries 110 6.3.1 Problem Definition 110 6.3.2 Packet Interaction 111 6.4 The Proposed Lightweight Model 111 6.4.1 Preprocessing 112 6.4.2 Feature Extraction 112 6.4.2.1 Embedding 112 6.4.2.2 Attention Encoder 113 6.4.2.3 Fully Connected Layer 115 6.5 Case Study 115 6.5.1 Evaluation Metrics 115 6.5.2 Baselines 116 6.5.3 Datasets 117 6.5.4 Evaluation on Datasets 118 6.5.4.1 Evaluation on Dataset A 118 6.5.4.2 Evaluation on Dataset B 120 6.6 Related Work 121 6.6.1 Encrypted Traffic Classification 122 6.6.2 Packet-Based Methods 122 6.6.3 Flow-Based Methods 122 6.6.3.1 Traditional Machine Learning-Based Methods 123 6.6.3.2 Deep Learning-Based Methods 124 6.7 Conclusion 124 References 125 7 Context-Aware Learning for Robust Anomaly Detection 129 7.1 Introduction 129 7.2 Pronouns 133 7.3 The Proposed Method – AllRobust 135 7.3.1 Problem Statement 135 7.3.2 Log Parsing 135 7.3.3 Log Vectorization 138 7.3.4 Anomaly Detection 142 7.3.4.1 Implementation of SSL 143 7.4 Experiments 145 7.4.1 Datasets 145 7.4.1.1 HDFS Dataset 145 7.4.1.2 BGL Dataset 146 7.4.1.3 Thunderbird Dataset 146 7.4.2 Model Evaluation Indicators 147 7.4.3 Supervised Deep Learning-based Log Anomaly Detection on Imbalanced Log Data 148 7.4.3.1 Data Preprocessing 148 7.4.3.2 Hyperparameters and Environmental Settings 149 7.4.3.3 Training on Multiclass Imbalanced Log Data 149 7.4.3.4 Training on Binary Imbalanced Log Data 150 7.4.4 Semisupervised Deep Learning-based Log Anomaly Detection on Imbalanced Log Data 152 7.4.4.1 The Methods of Enhancing Log Data 152 7.4.4.2 Anomaly Detection with a Single Log 153 7.4.4.3 Anomaly Detection with a Log-based Sequence 156 7.5 Discussion 157 7.6 Conclusion 158 References 159 8 Anomaly Classification with Unknown, Imbalanced and Few Labeled Log Data 165 8.1 Introduction 165 8.2 Examples 167 8.2.1 The Feature Extraction of Log Analysis 167 8.2.1.1 Statistical Feature Extraction 168 8.2.1.2 Semantic Feature Extraction 170 8.2.2 Few-Shot Problem 170 8.3 Methodology 172 8.3.1 Data Preprocessing 172 8.3.1.1 Log Parsing 172 8.3.1.2 Log Enhancement 173 8.3.1.3 Log Vectorization 174 8.3.2 The Architecture of OpenLog 174 8.3.2.1 Encoder Module 174 8.3.2.2 Prototypical Module 177 8.3.2.3 Relation Module 178 8.3.3 Training Procedure 179 8.3.4 Objective Function 180 8.4 Experimental Results and Analysis 180 8.4.1 Experimental Design 181 8.4.1.1 Baseline 181 8.4.1.2 Evaluation Metrics 181 8.4.2 Datasets 183 8.4.2.1 Data Processing 184 8.4.3 Experiments on the Unknown Class Data 185 8.4.4 Experiments on the Imbalanced Data 188 8.4.5 Experiments on the Few-shot Data 188 8.5 Discussion 190 8.6 Conclusion 191 References 192 9 Zero Trust Networks 199 9.1 Introduction to Zero-Trust Networks 199 9.1.1 Background 199 9.1.2 Zero-Trust Networks 200 9.2 Zero-Trust Network Solutions 201 9.2.1 Zero-Trust Networks Based on Access Proxy 201 9.2.2 Zero Trust Networks Based on SDP 203 9.2.3 Zero-Trust Networks Based on Micro-Segmentation 204 9.3 Machine Learning Powered Zero Trust Networks 206 9.3.1 Information Fusion 208 9.3.2 Decision Making 210 9.4 Conclusion 212 References 212 10 Intelligent Network Management and Operation Systems 215 10.1 Introduction 215 10.2 Traditional Operation and Maintenance Systems 215 10.2.1 Development of Operation and Maintenance Systems 215 10.2.1.1 Manual Operation and Maintenance 216 10.2.1.2 Tool-Based Operation and Maintenance 216 10.2.1.3 Platform Operation and Maintenance 217 10.2.1.4 DevOps 217 10.2.1.5 AIOps 218 10.2.2 Open-Source Operation and Maintenance Systems 218 10.2.2.1 Nagios 219 10.2.2.2 Zabbix 221 10.2.2.3 Prometheus 223 10.2.3 Summary 224 10.3 Security Operation and Maintenance 225 10.3.1 Introduction 225 10.3.2 Open-Source Security Tools 226 10.3.2.1 Access Control 226 10.3.2.2 Security Audit and Intrusion Detection 227 10.3.2.3 Penetration Testing 227 10.3.2.4 Vulnerability Scanning 231 10.3.2.5 CI/CD Security 234 10.3.2.6 Deception 234 10.3.2.7 Data Security 234 10.3.3 Summary 237 10.4 AIOps 238 10.4.1 Introduction 238 10.4.2 Open-Source AIOps and Algorithms 239 10.4.2.1 Research Progress of Anomaly Detection 239 10.4.2.2 Metis 242 10.4.2.3 UAVStack 244 10.4.2.4 Skyline 244 10.4.3 Summary 247 10.5 Machine Learning-Based Network Security Monitoring and Management Systems 248 10.5.1 Architecture 248 10.5.2 Physical Facility Layer 248 10.5.3 Virtual Resource Layer 249 10.5.4 Orchestrate Layer 250 10.5.5 Policy Layer 250 10.5.6 Semantic Description Layer 251 10.5.7 Application Layer 251 10.5.8 Center for Intelligent Analytics of Big Data 251 10.5.9 Programmable Measurement and Auditing 252 10.5.10 Overall Process 252 10.5.11 Summary 253 10.6 Conclusion 253 References 254 11 Conclusions, and Research Challenges and Open Issues 257 11.1 Conclusions 257 11.2 Research Challenges and Open Issues 258 11.2.1 Autonomous Networks 258 11.2.2 Reinforcement Learning Powered Solutions 259 11.2.3 Traffic Classification 259 11.2.4 Anomaly Detection 260 11.2.5 Zero-Trust Networks 261 References 262 Index 263

Read more less

Book SynopsisDr Jessica Barker is an award-winning global leader in cyber security and a popular keynote speaker. She is co-founder and co-CEO of Cygenta, where she influences cyber security awareness, behaviour and culture in organizations around the world. Jessica Barker has been named one of the top 20 most influential women in cyber security in the UK and is the Chair of ClubCISO. She is based in London, UK.Trade Review"Whether you're an aspiring professional planning a career in cybersecurity or a board member needing to secure your organization, this book offers a goldmine of insights. Its accessible language and actionable advice make it a valuable resource for anyone." -- Mikko Hypponen, technology speaker and authorTable of Contents Chapter - 00: Introduction; Section - ONE: Why Cyber Security?; Chapter - 01: What cyber security is; Chapter - 02: Why it is important; Section - TWO: The technical side of cyber security; Chapter - 03: Technical vulnerabilities Section - THREE: The human side of cyber security; Chapter - 04: Why people are so important in cyber security; Chapter - 05: Social engineering; Chapter - 06: Attacks that utilize social engineering; Section - FOUR: The physical side of cyber security; Chapter - 07: Why physical space matters in cyber security; Chapter - 08: Attacks on the individual; Chapter - 09: Attacks on organizations; Chapter - 10: Nation state cyber security - Geopolitics; Section - FIVE: The future of cyber security and what it means for your career; Chapter - 11: Cyber security in different industries; Chapter - 12: Cyber security at the board level; Chapter - 13: The variety of cyber security careers; Chapter - 14: Pursuing a cyber security career

Read more less

Book SynopsisChristopher J Hodson is Chief Security Officer for Cyberhaven where he oversees all facets of security to protect Cyberhaven customers and employees, including cloud and application security, security operations, and risk management. In addition, Chris serves as a board advisor at the workforce development platform, Cybrary, and is a fellow of the Chartered Institute of Information Security. He has previously held CISO positions with Contentful, Zscaler, and Tanium. He is a guest lecturer at Royal Holloway, University of London where he also holds a master's degree in computer and information systems security.Trade Review"This is an excellent book. Christopher Hodson writes as he speaks, with passion and clear understanding of a profession of which he has extensive experience and loves. Cyber Risk Management is extremely well researched and provides the reader with a simple-to-follow, guided journey through the cyber issues we face and the approaches we should be taking to cope with them. Hodson's pragmatic style demystifies complex issues making this a great read for both experienced security professionals and non-professionals alike. This is required reading for anyone who wants to intelligently manage cyber risk, whether a CISO, CFO or CEO!" * Amanda Finch, CEO, Chartered Institute of Security Professionals *"In the fast-paced world of cybersecurity, Cyber Risk Management is a guiding light. This book combines expertise with a friendly touch, making it easy for readers to tackle security challenges, no matter their technical background. Christopher Hodson has a knack for unravelling cybersecurity jargon and presenting complex ideas in a way that anyone can understand. He effortlessly blends theory with practical examples, ensuring readers not only grasp the basics but also gain insights into real-world scenarios. Throughout the book, Hodson expertly covers the essentials of cybersecurity risk management, offering a solid framework for prioritizing threats, spotting vulnerabilities, and implementing effective controls. His conversational tone and patient approach make this book a valuable resource for both seasoned practitioners and newcomers." * Dana Wolf, CEO and Co-Founder, YeshID *"Everyone in the cybersecurity universe is experiencing a pace of change and complexity which is simply unprecedented. Christopher Hodson has captured our universe as it is today. He covers the meteoric rise of LLMs and changes in social appetite to technology, with the keen insight, deep expertise and humour that we expect from him. He gives us a reason to feel optimistic about these changes. Whilst so much is changing, the importance of understanding cybersecurity remains paramount and constant." * Phil Owen MBE, VP/Chief Security Officer, Telus Health *"Cyber Risk Management serves as both a valuable playbook for security leaders building out their programs, and a much-needed reference for their key business and technical partners across the organization. Christopher Hodson reinforces and enriches each topic by drawing upon a diverse set of examples from emerging technologies, geopolitical and regulatory forces, historical events, and noteworthy incidents." * Ryan Kazanciyan, CISO, Wiz *Table of Contents Section - PART ONE: Contextualizing cybersecurity risk; Chapter - 01: Why now? The only constant is change; Chapter - 02: Technologies and security challenges; Chapter - 03: Data breaches; Section - PART TWO: Cybersecurity programme management; Chapter - 04: What are cybersecurity and cybercrime?; Chapter - 05: Establishing a cybersecurity programme; Section - PART THREE: Actors, events and vulnerabilities; Chapter - 06: Threat actors; Chapter - 07: Threat events; Chapter - 08: Vulnerabilities; Chapter - 09: Controls; Section - PART FOUR: Conclusion: the cybersecurity risk equation explained; Chapter - 10: Cyber risk management: a conclusion;

Read more less

Book SynopsisJessica Barker is the co-founder and co-CEO of Cygenta, a leading consultancy which advices businesses such as Mastercard, Microsoft and Cisco on their cybersecurity and cyber risk. She is also a prominent thought leader on the topics of cybersecurity and cybercrime and was named as the 'Cyber Citizen of the Year 2022' by the National Cyber Awards. She is the author of Confident Cyber Security (also published by Kogan Page). She is based in Las Vegas.

Read more less

Book SynopsisKeith Martin is a Professor of Information Security at Royal Holloway, University of London, UK, and director of the EPSRC Centre for Doctoral Training in Cyber Security for the Everyday. Jassim Happa is a Senior Lecturer in Information Security at Royal Holloway, University of London, UK.Konstantinos Mersinas is a Senior Lecturer in Information Security at Royal Holloway, University of London, UK. Guido Schmitz is an Assistant Professor in Computer Science and Cyber Security at Lancaster University, UK.

Read more less

Book SynopsisThe book describes data-driven approach to optimal monitoring and alerting in distributed computer systems. It interprets monitoring as a continuous process aimed at extraction of meaning from system's data. The resulting wisdom drives effective maintenance and fast recovery - the bread and butter of web operations.

Read more less

Book SynopsisThe design of cryptographic systems must be based on firm foundations, whereas ad hoc approaches and heuristics are a very dangerous way to go. These foundations were developed in works -authored by Shafi Goldwasser and/or Silvio Micali. This book celebrates these works, and reproduces some of them.Table of Contents Preface Acknowledgments Photo and Text Credits PART I BIOGRAPHIES, INTERVIEWS, AND AWARD LECTURES A Story Behind Every Problem: A Brief Biography of Shafi Goldwasser One Obsession at a Time: A Brief Biography of Silvio Micali An Interview with Shafi Goldwasser An Interview with Silvio Micali The Cryptographic Lens: Shafi Goldwasser's Turing Lecture Proofs, According to Silvio: Silvio Micali's Turing Lecture PART II ORIGINAL PAPERS Probabilistic Encryption The Knowledge Complexity of Interactive Proof Systems How to Generate Cryptographically Strong Sequences of Pseudorandom Bits How to Construct Random Functions A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks Proofs that Yield Nothing but Their Validity or All Languages in NP Have Zero-Knowledge Proof Systems How to Play Any Mental Game: A Completeness Theorem for Protocols with Honest Majority Non-Interactive Zero-Knowledge (NIZK) Proof Systems Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation Multi-Prover Interactive Proofs: How to Remove Intractability Assumptions PART III PERSPECTIVES On the Foundations of Cryptography On the Impact of Cryptography on Complexity Theory On Some Noncryptographic Works of Goldwasser and Micali Fundamentals of Fully Homomorphic Encryption Interactive Proofs for Lattice Problems Following a Tangent of Proofs A Tutorial on Concurrent Zero-Knowledge Doubly Efficient Interactive Proofs Computational Entropy A Survey of Leakage-Resilient Cryptography Editor and Author Biographies

Read more less

Book SynopsisThe design of cryptographic systems must be based on firm foundations, whereas ad hoc approaches and heuristics are a very dangerous way to go. These foundations were developed in works -authored by Shafi Goldwasser and/or Silvio Micali. This book celebrates these works, and reproduces some of them.Table of Contents Preface Acknowledgments Photo and Text Credits PART I BIOGRAPHIES, INTERVIEWS, AND AWARD LECTURES A Story Behind Every Problem: A Brief Biography of Shafi Goldwasser One Obsession at a Time: A Brief Biography of Silvio Micali An Interview with Shafi Goldwasser An Interview with Silvio Micali The Cryptographic Lens: Shafi Goldwasser's Turing Lecture Proofs, According to Silvio: Silvio Micali's Turing Lecture PART II ORIGINAL PAPERS Probabilistic Encryption The Knowledge Complexity of Interactive Proof Systems How to Generate Cryptographically Strong Sequences of Pseudorandom Bits How to Construct Random Functions A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks Proofs that Yield Nothing but Their Validity or All Languages in NP Have Zero-Knowledge Proof Systems How to Play Any Mental Game: A Completeness Theorem for Protocols with Honest Majority Non-Interactive Zero-Knowledge (NIZK) Proof Systems Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation Multi-Prover Interactive Proofs: How to Remove Intractability Assumptions PART III PERSPECTIVES On the Foundations of Cryptography On the Impact of Cryptography on Complexity Theory On Some Noncryptographic Works of Goldwasser and Micali Fundamentals of Fully Homomorphic Encryption Interactive Proofs for Lattice Problems Following a Tangent of Proofs A Tutorial on Concurrent Zero-Knowledge Doubly Efficient Interactive Proofs Computational Entropy A Survey of Leakage-Resilient Cryptography Editor and Author Biographies

Read more less

Book SynopsisWhile other books have documented the development of public key cryptograpy, this is the first to provide a comprehensive insiders’ perspective on the full impacts of public key cryptography, including six original chapters by nine distiguished scholars.

Read more less

Book SynopsisWhile other books have documented the development of public key cryptograpy, this is the first to provide a comprehensive insiders’ perspective on the full impacts of public key cryptography, including six original chapters by nine distiguished scholars.

Read more less

Book SynopsisUse this hands-on, introductory guide to understand and implement digital forensics to investigate computer crime using Windows, the most widely used operating system. This book provides you with the necessary skills to identify an intruder''s footprints and to gather the necessary digital evidence in a forensically sound manner to prosecute in a court of law.Directed toward users with no experience in the digital forensics field, this book provides guidelines and best practices when conducting investigations as well as teaching you how to use a variety of tools to investigate computer crime. You will be prepared to handle problems such as law violations, industrial espionage, and use of company resources for private use.Digital Forensics Basics is written as a series of tutorials with each task demonstrating how to use a specific computer forensics tool or technique. Practical information is provided and users can read a task and then implement it diTable of Contents

Read more less

Book SynopsisTable of Contents

Read more less

Book SynopsisUse the guidance in this comprehensive field guide to gain the support of your top executives for aligning a rational cybersecurity plan with your business. You will learn how to improve working relationships with stakeholders in complex digital businesses, IT, and development environments. You will know how to prioritize your security program, and motivate and retain your team.Misalignment between security and your business can start at the top at the C-suite or happen at the line of business, IT, development, or user level. It has a corrosive effect on any security project it touches. But it does not have to be like this. Author Dan Blum presents valuable lessons learned from interviews with over 70 security and business leaders. You will discover how to successfully solve issues related to: risk management, operational security, privacy protection, hybrid cloud management, security culture and user awareness, and communication challenges.This oTable of ContentsIntroduction Explain the book’s focus, audience, organization, and contents. Chapter 1: Rationalize Cybersecurity for your Business Landscape Describes the six cybersecurity priority focus areas. Chapter 2: Identify and Empower Security-Related Roles Explains how the people in the business each contribute to the secure operation of the business and its digital systems. Chapter 3: Establish a Control Baseline Combs through control frameworks such as ISO 27001 and the NIST Cybersecurity Framework to select controls providing a minimum viable program (MVP) for many businesses. It also details how to align people, process, and technology for these controls; how to scale the implementation for different types of businesses; and how to sure share responsibility for delivering the controls with third parties. Chapter 4: Simplify and Rationalize IT and Security Argues that security leaders have a stake in developing an effective IT strategy, what that strategy might look like, and how security leaders – who don’t own IT - can still engage IT functions to help develop and deliver on the strategy. Chapter 5: Manage Risk in the Language of Business Clarifies why risk management literally must be the brains of the security program. It must analyze, monitor, and communicate what potential losses or circumstances constitute the business’s top risk scenarios. An effective tiered risk analysis process can efficiently address the myriad secondary risk issues that arise through processes and prioritize controls or other risk treatments. Chapter 6: Create a Strong Security Culture Brings the cultural subtext that can make or break a cybersecurity environment into the foreground. It analyzes the components of security culture and provides guidance on how to devise a security culture improvement process and measure its effectiveness. User awareness, training, and appropriate day to day engagement with the business can all play a part in forging a constructive security culture. Chapter 7: Put the Right Governance Model in Place Contrasts basic security governance structures that businesses can use, and provides guidance on how to select one and make it work. It describes core elements of the security program such as steering committees and security policy life cycle management. It also offers guidance on where the CISO should report in an organization. Chapter 8: Control Access with Minimal Drag on the Business Explains why access is the critical balance beam for the business, compliance mandates, and the security program. It addresses the need for information classification, data protection, and identity and access management (IAM) controls to implement access restrictions as required to reduce risk or attain regulatory compliance but do so in a way that enables appropriate digital relationships and data sharing with internal and external users. Chapter 9: Institute Resilience, Detection, and Response Guides readers on how to formulate contingency plans and strategies for detection, response, and recovery which together comprise cyber-resilience. Chapter 10: Putting the Pieces Together Summarizes guidance given throughout the book in the “keys” for aligning with the business. It reiterates guidance on how to scale security programs and the way they align to the business based on business size, complexity, and other factors.

Read more less

Book SynopsisPart I: Overview.- Chapter 1: Introduction.- Chapter 2: What Is Zero Trust?.- Chapter 3: Zero Trust Architectures.- Chapter 4: Zero Trust in Practice.- Part II: Zero Trust and Enterprise Architecture Components.- Chapter 5: Identity and Access Management.- Chapter 6: Network Infrastructure.- Chapter 7: Network Access Control.- Chapter 8: Intrusion Detection and Prevention Systems.- Chapter 9: Virtual Private Networks.- Chapter 10: Next-Generation Firewalls.- Chapter 11: Security Operations.- Chapter 12: Privileged Access Management.- Chapter 13: Data Protection.- Chapter 14: Infrastructure and Platform as a Service.- Chapter 15: Software as a Service.- Chapter 16: IoT Devices and Things.- Part III: Putting It All Together.- Chapter 17: A Zero Trust Policy Model.- Chapter 18: Zero Trust Scenarios.- Chapter 19: Making Zero Trust Successful.- Chapter 20: Conclusion.- Chapter 21: Afterword.- Appendix A: Further Reading.-Table of Contents

Read more less

Book SynopsisThis book is your complete guide to Snowflake security, covering account security, authentication, data access control, logging and monitoring, and more. It will help you make sure that you are using the security controls in a right way, are on top of access control, and making the most of the security features in Snowflake. Snowflake is the fastest growing cloud data warehouse in the world, and having the right methodology to protect the data is important both to data engineers and security teams. It allows for faster data enablement for organizations, as well as reducing security risks, meeting compliance requirements, and solving data privacy challenges. There are currently tens of thousands of people who are either data engineers/data ops in Snowflake-using organizations, or security people in such organizations. This book provides guidance when you want to apply certain capabilities, such as data masking, row-level security, column-level security, tackling rolehierarchy, buildTable of ContentsChapter 1. Introduction to Snowflake What’s happening to data Where Snowflake fits in Building your first Snowflake Data Warehouse Chapter 2. Account Security Security Best Practices for Snowflake Private Link Connection Chapter 3. Authentication Authentication in Snowflake overview Setting Up MFA Setting Up OAuth Setting Up SSO Connecting through a 3rd party SSO Connecting through a custom OAuth Authentication Service Network Access Control Managing Roles Through SCIM Chapter 4. Data Access Control Introduction to Data Access Controls Snowflake Security Model Designing roles architecture Custom Data Access Control Column Based Access Control Using Abstraction Using Dynamic Masking Row Based Access Control Using Abstraction Using Row Based Policies Custom Access Control Chapter 5. Logging & Monitoring Introduction Snowflake Metadata Account Usage vs Information Schema Main Views for Security Limitations SnowAlert Building a Custom Security Dashboard Setting Things Up Dashboard Incident Response Chapter 6. Epilogue Recap What’s Coming Up

Read more less

Book SynopsisImplement cloud security with Azure security tools, configurations and policies that address the needs of businesses and governments alike. This book introduces you to the most important security solutions available in Azure and provides you with step-by-step guidance to effectively set up security and deploy an application on top of Azure platform services, as well as on top of Azure infrastructure.Author Pushpa Herath begins by teaching you the fundamentals of Azure security. An easy to follow exploration of management groups, subscriptions, management locks and Azure policies further elaborate the concepts underlying Azure cloud security. Next, you will learn about Azure Active Directory (AAD) and the utilization of AAD in application and infrastructure security. Essential aspects of maintaining secure application keys and certificates are further explained in the context of Azure Key Vault. New application security implementations such as Azure configuratTable of ContentsChapter 1: Understanding the Importance of Data/Application Security Chapter Goal: Give general overview on importance of data security No of pages: 5 Sub -Topics 1. Introduction to security 2. Introduction to Azure security fundamentals Chapter 2: Overview of Basic Azure Security Components Chapter Goal: Introduction to various security components in Azure and how to utilize them. No of pages: 15 Sub - Topics 1. Introduction to Azure Management groups and subscriptions 2. Azure Management locks 3. Introduction to Azure policies Chapter 3: Introduction to Azure Active Directory Chapter Goal: Lessons to provide hand-on guidance on user access control of the organization using Azure Active Directory. No of pages : 30 Sub - Topics: 1. Adding users and groups to the AD 2. Manage External Identities 3. Enable two factor authentications 4. Roles and Administrative units in Azure AD 5. Managing Enterprise applications 6. Introduction to AD devices 7. Azure AD app registration 8. Adding custom domains Chapter 4: Working with Azure Key vault Chapter Goal: Step by step guidance to setting up and using azure key vault to achieve several security requirements in the organization. No of pages: 15 Sub - Topics: 1. Setting up Key vault 2. Key vault access control 3. Using KV to save Keys 4. Using KV to secure Secrets 5. Using KV to keep certificates 6. Key vault access policies 7. KV networking and security Chapter 5: Ensure Azure Application security Chapter Goal: Step by step guidance to setting up various security components which helps to secure application hosted in Azure No of pages: 40 Sub - Topics: 1. Keep configurations in central location using Azure Configuration 2. Authentication and authorization in Azure App Service 3. How to secure application with web application firewall in Azure 4. Application Security groups Chapter 6: Ensure Data Security with Azure Storages Chapter Goal: Overview on how data storage security works in Azure No of pages: 30 Sub - Topics: 1. Setting up azure storage 2. Azure storage encryption 3. Azure defender for azure storage Chapter 7: Ensure Security using Azure Virtual Networks Chapter Goal: Step by step guide on how to setup virtual networks to enhance the security of the data and infrastructure. No of pages: 40 Sub - Topics: 1. Network security groups 2. Azure VPN gateways 3. Azure Load balancer 4. Azure Subnets Chapter 8: Working with Azure Application Gateway Chapter Goal: Hands on lessons on implementing Azure Application gateway to enhance the security of the data Sub - Topics: 1. Setting up Azure Application gateway 2. Secure Web App using App gateway 3. Secure Virtual Machine using App gateway Chapter 9: Securing data with Azure Firewall Chapter Goal: Step by step guidance to setting up azure firewall and configure it to secure data No of pages: 40 Sub - Topics: 1. Setting up Azure Firewall 2. Setting up policies 3. Setting up rules Chapter 10: Creating App Service Environment to enhance security Chapter Goal: Step by step guidance to setting up App service environment and using it to secure applications No of pages: 50 Sub - Topics: 1. Setting up Azure Application service environment 2. Deploy applications to app service environment Chapter 11: Secure Infrastructures in Azure Chapter Goal: Explains different security features available with few of the azure resources No of pages: 30 Sub - Topics: 1. Secure Azure Virtual machine using Bastian 2. Secure Azure Virtual machine using encrypted firewall rules 3. Azure SQL server security components

Read more less

Book SynopsisIn introducing the National Security Commission on AI''s final report, Eric Schmidt, former Google CEO, and Robert Work, former Deputy Secretary of Defense, wrote: The human talent deficit is the government''s most conspicuous AI deficit and the single greatest inhibitor to buying, building, and fielding AI-enabled technologies for national security purposes. Drawing upon three decades of leading hundreds of advanced analytics and AI programs and projects in government and industry, Chris Whitlock and Frank Strickland address in this book the primary variable in the talent deficit, i.e., large numbers of qualified AI leaders.The book quickly moves from a case for action to leadership principles and practices for effectively integrating AI into programs and driving results in AI projects. The chapters convey 37 axioms - enduring truths for developing and deploying AI - and over 100 leader practices set among 50 cases and examples, 40 of which focus on AI iTable of ContentsForewordIntroduction Chapter 1. The Three Imperatives to Develop AI Leaders Chapter 2. How Leaders Should Think and Talk About AI Chapter 3. Leading the Program Chapter 4. Government Programming and Budgeting for AI Leaders Chapter 5. Leading the Project Chapter 6. Data Science for AI Leaders Chapter 7. Leading the People Chapter 8. Leading the Technology Endnotes About AI Leaders

Read more less