Network security Books

Book SynopsisFocusing on the human factors involved with information security, this book explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system.Trade Review“…a fascinating read…” (ForTean Times, June 2004) "...a lot of interesting cautionary tales..." (New Scientist, January 2004)Table of ContentsForeword. Preface. Introduction. Part 1: Behind the Scenes. Chapter 1: Security's Weakest Link. Part 2: The Art of the Attacker. Chapter 2: When Innocuous Information Isn't. Chapter 3: The Direct Attack: Just Asking for It. Chapter 4: Building Trust. Chapter 5: "Let Me Help You". Chapter 6: "Can You Help Me?". Chapter 7: Phony Sites and Dangerous Attachments. Chapter 8: Using Sympathy, Guilt, and Intimidation. Chapter 9: The Reverse Sting. Part 3: Intruder Alert. Chapter 10: Entering the Premises. Chapter 11: Combining Technology and Social Engineering. Chapter 12: Attacks on the Entry-Level Employee. Chapter 13: Clever Cons. Chapter 14: Industrial Espionage. Part 4: Raising the Bar. Chapter 15: Information Security Awareness and Training. Chapter 16: Recommended Corporate Information Security Policies. Security at a Glance. Sources. Acknowledgments. Index.

Read more less

Book SynopsisTrade ReviewAn important new book…[It] attempts to do for blockchain what the likes of Lawrence Lessig and Tim Wu did for the Internet and cyberspace—explain how a new technology will upend the current legal and social order…A fine, deeply-researched book that can be expected to show up on law school syllabi for years to come…Blockchain and the Law is not just a theoretical guide. It’s also a moral one. -- Jeff John Roberts * Fortune *Blockchain and the Law perfectly links technical understanding with practical and legal implications. Blockchains will matter crucially; this book, beautifully and clearly written for a wide audience, powerfully demonstrates how. -- Lawrence Lessig, Harvard Law SchoolUseful to an educated readership…If you…don’t ‘get’ crypto, this is the book-length treatment for you. It sees merit and potential in crypto, without buying into any particular claim just for the sake of hype. -- Tyler Cowen * Marginal Revolution *De Filippi and Wright stress that because blockchain is essentially autonomous, it is inflexible, which leaves it vulnerable, once it has been set in motion, to the sort of unforeseen consequences that laws and regulations are best able to address. -- James Ryerson * New York Times Book Review *De Filippi and Wright offer neither a jeremiad nor a gospel; unlike the breathlessness that pervades much writing on blockchain technology, they stick to sensibleness and sobriety. -- Nathan Schneider * America *Explores the implications of the technology in its broadest sense, positioning it in context of the evolution of the internet, and the development of artificial intelligence and autonomous systems which are continually touching more areas of our daily lives…A fascinating and comprehensive read that poses many questions we should debate and settle before blockchain technology becomes ubiquitous. * Breaker *At long last—a deeply researched, thoughtful, and measured analysis of blockchain technology and the policies that could help us harvest its opportunities and avoid its pitfalls. Blockchain and the Law should be required reading for anyone serious about understanding this major emerging element of our technological ecosystem. -- Yochai Benkler, author of The Wealth of NetworksA well-written and comprehensive book that cuts through the blockchain hype. It not only highlights the powers and limitations of blockchain technology, but solidly grounds it in a larger social and legal context. -- Bruce Schneier, author of Data and GoliathIf you are looking to understand the intricacies of the relationship between the law and blockchain technology, then this book should be on your list…[It] makes it clear that regulators must redefine their approach because restrictive regulations will stifle the growth of the industry. -- Alexander Lielacher * BTCManager *

Read more less

Book SynopsisToday, companies find themselves targeted by sophisticated nation state cyber attackers armed with the resources to craft scarily effective campaigns. This book is a detailed guide to understanding the major players, the techniques they use, and the process of analysing their advanced attacks. Whether you're an individual researcher or part of a team within a Security Operations Center (SoC), you'll learn to approach, track, and attribute attacks to these advanced actors. Jon DiMaggio demonstrates some of the techniques he has employed to uncover crucial information about the 2021 Colonial Pipeline attacks, among others.Trade Review"Encompasses useful knowledge from the past and modern advanced threats seen today. Regardless of your expertise level, this book is an insightful read . . .”—Brittany Day, Director of Communications, Guardian Digital“For those looking for a guide to help them understand the new world of cyberwar, The Art of Cyberwarfare provides readers with a good overview of this expanding threat and what they can do to avoid being victims.”—Ben Rothke, Senior Information Security Manager, Tapad"An informative and explanatory guide for cybersecurity experts and an enlightening read for novices. DiMaggio effectively details both the history of cybercrime and how it is seen today."—Justice Levine, Communications Manager and Cloud Email Security Expert, Guardian Digital"This book deserves to find a place on the shelf of everyone whose role involves protecting networks."—Ian Barker, BetaNews"A cross between an IBM presentation . . . and a Tom Clancy novel!"—The Shepherdess, Amazon Reviewer

Read more less

Book SynopsisPublisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.This effective study guide provides 100% coverage of every topic on the challenging CCSK exam from the Cloud Security AllianceThis highly effective self-study guide covers all domains of the challenging Certificate of Cloud Security Knowledge v4 exam. Written by a cloud security trainer and consultant in collaboration with the Cloud Security Alliance, CCSK Certificate of Cloud Security Knowledge All-in-One Exam Guide offers clear explanations, real-world examples, and practice questions that match the content and format of those on the actual exam. To aid in retention, each chapter includes exam tips that highlight key information, a review that serves as a quick recap of salient points, and practice questions tTable of ContentsChapter 1: Cloud Computing Concepts and ArchitecturesChapter 2: Governance and Enterprise Risk ManagementChapter 3: Legal Issues, Contracts, and Electronic DiscoveryChapter 4: Compliance and Audit ManagementChapter 5: Information GovernanceChapter 6: Management Plan E and Business ContinuityChapter 7: Infrastructure SecurityChapter 8: Virtualization and ContainersChapter 9: Incident ResponseChapter 10: Application SecurityChapter 11: Data Security and EncryptionChapter 12: Identity, Entitlement, and Access ManagementChapter 13: Security as a ServiceChapter 14: Related TechnologiesChapter 15: ENISA Cloud Computing: Benefits, Risks and Recommendations for Information SecurityAppendix A: Cloud Security LexiconAppendix B: Cloud Security Standards and CertificationsAppendix C: Sample Cloud Policy

Read more less

Book SynopsisHow we can evade, protest, and sabotage today's pervasive digital surveillance by deploying more data, not less—and why we should.With Obfuscation, Finn Brunton and Helen Nissenbaum mean to start a revolution. They are calling us not to the barricades but to our computers, offering us ways to fight today's pervasive digital surveillance—the collection of our data by governments, corporations, advertisers, and hackers. To the toolkit of privacy protecting techniques and projects, they propose adding obfuscation: the deliberate use of ambiguous, confusing, or misleading information to interfere with surveillance and data collection projects. Brunton and Nissenbaum provide tools and a rationale for evasion, noncompliance, refusal, even sabotage—especially for average users, those of us not in a position to opt out or exert control over data about ourselves. Obfuscation will teach users to push back, software developers to keep their user data safe

Read more less

Book SynopsisUse this practical, step-by-step guide for developers and entrepreneurs to create and run your own cryptocurrency. Author Slava Gomzin has created two cryptocurrencies and describes in this book the technology and economics of cryptocurrencies as preparation for crypto trading, investing, and other business activities. A detailed overview of special topics includes security, privacy, and usability of crypto as a mainstream payment system.Part I, Understanding Crypto, explains the technology and economic, security, and usability aspects of crypto. This is an introduction to the world of cryptography, blockchain tech, and other elements of crypto such as security, privacy, and a detailed review of payment processing.Part II, Using Crypto, provides the practical knowledge you need to dive into the crypto business such as investment, trading, and even creating your own crypto project.Part III, Creating Your Own Crypto, teaches you how to launch your own crypto projeTable of ContentsForewordPrefaceIntroductionPart 1Chapter 1: How Cryptography WorksChapter 2: How Bitcoin WorksChapter 3: How Other Crypto WorksChapter 4: Cryptosecurity Chapter 5: Crypto PrivacyChapter 6: How Monero WorksChapter 7: Crypto PaymentsPart 2Chapter 8: How to Choose the WalletChapter 9: Getting Crypto for FreeChapter 10: How Crypto Exchanges WorkChapter 11: Crypto Investment and TradingPart 3Chapter 12: Creating a TokenChapter 13: How to Start the Crypto ProjectChapter 14: Running A Crypto ProjectConclusion

Read more less

Book SynopsisHal Abelson is Class of 1922 Professor of Computer Science and Engineering at MIT, and an IEEE Fellow. He has helped drive innovative educational technology initiatives such MIT OpenCourseWare, co-founded Creative Commons and Public Knowledge, and was founding director of the Free Software Foundation. Ken Ledeen, Chairman/CEO of Nevo Technologies, is a serial entrepreneur who has served on the boards of numerous technology companies. Harry Lewis, former Dean of Harvard College and of Harvard's School of Engineering and Applied Sciences, is Gordon McKay Research Professor of Computer Science at Harvard and Faculty Associate of the Berkman Klein Center for Internet and Society. He is author of Excellence Without a Soul: Does Liberal Education Have a Future? and editor of Ideas that Created the Future: Classic Papers of Computer Science. Wendy Seltzer is Counsel and Strategy Lead at the World Wide Web CTable of ContentsPreface xvii Chapter 1 Digital Explosion Why Is It Happening, and What Is at Stake? 1 The Explosion of Bits, and Everything Else 4 The Koans of Bits 7 Good and Ill, Promise and Peril 17 Endnotes 19 Chapter 2 Naked in the Sunlight Privacy Lost, Privacy Abandoned 21 1984 Is Here, and We Like It 21 Location, Location, Location 27 Big Brother, Abroad and in the United States 32 The Internet of Things 42 Endnotes 48 Chapter 3 Who Owns Your Privacy? The Commercialization of Personal Data 51 What Kind of Vegetable Are You? 51 Footprints and Fingerprints 57 Fair Information Practice Principles 64 Always On 70 Endnotes 71 Chapter 4 Gatekeepers Who's in Charge Here? 75 Who Controls the Flow of Bits? 75 The Open Internet? 76 Connecting the Dots: Designed for Sharing and Survival 79 The Internet Has No Gatekeepers? 85 Links Gatekeepers: Getting Connected 86 Search Gatekeepers: If You Can't Find It, Does It Exist? 94 Social Gatekeepers: Known by the Company You Keep 104 Endnotes 112 Chapter 5 Secret Bits How Codes Became Unbreakable 117 Going Dark 117 Historical Cryptography 122 Lessons for the Internet Age 131 Secrecy Changes Forever 135 Cryptography Unsettled 147 Endnotes 148 Chapter 6 Balance Toppled Who Owns the Bits? 153 Stealing Music 153 Automated Crimes, Automated Justice 155 The Peer-to-Peer Upheaval 160 No Commercial Skipping 167 Authorized Use Only 168 Forbidden Technology 172 Copyright Koyaanisqatsi: Life Out of Balance 177 The Limits of Property 183 Endnotes 187 Chapter 7 You Can't Say That on the Internet Guarding the Frontiers of Digital Expression 193 Child Sex Trafficking Goes Digital 193 Publisher or Distributor? 198 Protecting Good Samaritans—and a Few Bad Ones 205 Digital Protection, Digital Censorship, and Self-Censorship 215 What About Social Media? 219 Takedowns 221 Endnotes 222 Chapter 8 Bits in the Air Old Metaphors, New Technologies, and Free Speech 227 Censoring the Candidate 227 How Broadcasting Became Regulated 228 The Path to Spectrum Deregulation 241 The Most Beautiful Inventor in the World 245 What Does the Future Hold for Radio? 255 Endnotes 261 Chapter 9 The Next Frontier AI and the Bits World of the Future 265 Thrown Under a Jaywalking Bus 266 What's Intelligent About Artificial Intelligence? 267 Machine Learning: I'll Figure It Out 268 Algorithmic Decisions: I Thought Only People Could Do That 273 What's Next 277 Bits Lighting Up the World 282 A Few Bits in Conclusion 287 Endnotes 288 Index 293

Read more less

Book SynopsisJoseph Muniz is an architect and security researcher in the Cisco Security Sales and Engineering Organization. He is driven by making the world a safer place through education and adversary research. Joseph has extensive experience in designing security solutions and architectures as a trusted advisor for top Fortune 500 corporations and the U.S. government. Joseph is a researcher and industry thought leader. He speaks regularly at international conferences, writes for technical magazines, and is involved with developing training for various industry certifications. He invented the fictitious character of Emily Williams to create awareness around social engineering. Joseph runs The Security Blogger website, a popular resource for security and product implementation. He is the author and contributor of several publications including titles ranging from security best practices to exploitation tactics. When Joseph is not using technology, you can find himTable of ContentsPreface Chapter 1: Introducing Security Operations and the SOC Introducing the SOCFactors Leading to a Dysfunctional SOCCyberthreatsInvesting in SecurityThe Impact of a BreachEstablishing a Baseline The Impact of ChangeFundamental Security Capabilities Signature Detection Behavior Detection Anomaly Detection Best of Breed vs. Defense in DepthStandards, Guidelines, and Frameworks NIST Cybersecurity Framework ISO 3100:2018 FIRST Service Frameworks Applying FrameworksIndustry Threat Models The Cyber Kill Chain Model The Diamond Model MITRE ATT&CK Model Choosing a Threat ModelVulnerabilities and Risk Endless VulnerabilitiesBusiness ChallengesIn-House vs. Outsourcing Services Advantages Services Disadvantages Hybrid ServicesSOC ServicesSOC Maturity Models SOC Maturity Assessment SOC Program MaturitySOC Goals Assessment Defining Goals SOC Goals Ranking Threats Ranking SOC Goals Assessment SummarizedSOC Capabilities Assessment Capability Maps SOC Capabilities Gaps Analysis Capability Map Next StepsSOC Development MilestonesSummaryReferencesChapter 2: Developing a Security Operations Center Mission Statement and Scope Statement Developing Mission and Scope Statements SOC Scope StatementDeveloping a SOCSOC Procedures Designing ProceduresSecurity Tools Evaluating Vulnerabilities Preventive Technologies Detection Technologies Mobile Device Security ConcernsPlanning a SOC Capacity Planning Developing a Capacity PlanDesigning a SOC Facility Physical SOC vs. Virtual SOC SOC Location SOC Interior SOC Rooms SOC Computer Rooms SOC LayoutsNetwork Considerations Segmentation Logical Segmentation Choosing Segmentation Client/Server Segmentation Active Directory Segmentation Throughput Connectivity and RedundancyDisaster RecoverySecurity Considerations Policy and Compliance Network Access Control EncryptionInternal Security Tools Intrusion Detection and Prevention Network Flow and Capturing Packets Change Management Host SystemsGuidelines and Recommendations for Securing Your SOC Network Tool CollaborationSOC Tools Reporting and Dashboards Throughput and Storage Centralized Data ManagementSummaryReferencesChapter 3: SOC Services Fundamental SOC Services SOC ChallengesThe Three Pillars of Foundational SOC Support Services Pillar 1: Work Environment Pillar 2: People Pillar 3: Technology Evaluating the Three Pillars of Foundational SOC Support ServicesSOC Service Areas FIRST’s CSIRT Developing SOC Service Areas In-House Services vs. External Services Contracted vs. Employee Job RolesSOC Service Job Goals Resource PlanningService Maturity: If You Build It, They Will ComeSOC Service 1: Risk Management Four Responses to Risk Reducing Risk Addressing RiskSOC Service 2: Vulnerability Management Vulnerability Management Best Practice Vulnerability Scanning Tools Penetration TestingSOC Service 3: Compliance Meeting Compliance with AuditsSOC Service 4: Incident Management NIST Special Publication 800-61 Revision 2 Incident Response Planning Incident Impact PlaybooksSOC Service 5: Analysis Static Analysis Dynamic AnalysisSOC Service 6: Digital ForensicsSOC Service 7: Situational and Security Awareness User TrainingSOC Service 8: Research and DevelopmentSummaryReferencesChapter 4: People and Process Career vs. JobDeveloping Job Roles General Schedule Pay Scale IT Industry Job Roles Common IT Job RolesSOC Job Roles Security Analyst Penetration Tester Assessment Officer Incident Responder Systems Analyst Security Administrator Security Engineer Security Trainer Security Architect Cryptographer/Cryptologist Forensic Engineer Chief Information Security OfficerNICE Cybersecurity Workforce Framework Nice Framework ComponentsRole TiersSOC Services and Associated Job Roles Risk Management Service Vulnerability Management Service Incident Management Service Analysis Service Compliance Service Digital Forensics Service Situational and Security Awareness Service Research and Development ServiceSoft Skills Evaluating Soft Skills SOC Soft SkillsSecurity Clearance RequirementsPre-InterviewingInterviewing Interview Prompter Post InterviewOnboarding Employees Onboarding RequirementsManaging PeopleJob RetentionTraining Training MethodsCertificationsCompany CultureSummaryReferencesChapter 5: Centralizing Data Data in the SOC Strategic and Tactical Data Data Structure Data Types Data ContextData-Focused Assessment Data Assessment Example: Antivirus Threat Mapping Data Applying Data Assessments to SOC ServicesLogs Log Types Log FormatsSecurity Information and Event Management SIEM Data Processing Data Correlation Data Enrichment SIEM Solution Planning SIEM TuningTroubleshooting SIEM Logging SIEM Troubleshooting Part 1: Data Input SIEM Troubleshooting Part 2: Data Processing and Validation SIEM Troubleshooting Examples Additional SIEM FeaturesAPIs Leveraging APIs API Architectures API ExamplesBig Data Hadoop Big Data Threat FeedsMachine Learning Machine Learning in Cybersecurity Artificial Intelligence Machine Learning ModelsSummaryReferencesChapter 6: Reducing Risk and Exceeding ComplianceWhy Exceeding CompliancePolicies Policy Overview Policy Purpose Policy Scope Policy Statement Policy Compliance Related Standards, Policies, Guidelines, and Processes Definitions and Terms HistoryLaunching a New Policy Steps for Launching a New PolicyPolicy Enforcement Certification and AccreditationProcedures Procedure DocumentTabletop Exercise Tabletop Exercise Options Tabletop Exercise Execution Tabletop Exercise Format Tabletop Exercise Template ExampleStandards, Guidelines, and Frameworks NIST Cybersecurity Framework ISO/IEC 27005 CIS Controls ISACA COBIT 2019 FIRST CSIRT Services Framework Exceeding ComplianceAudits Audit Example Internal Audits External Auditors Audit ToolsAssessments Assessment Types Assessment Results Assessment Template Vulnerability Scanners Assessment Program WeaknessesPenetration Test NIST Special Publication 800-115 Additional NIST SP 800-115 Guidance Penetration Testing Types Penetration Testing PlanningIndustry Compliance Compliance RequirementsSummaryReferencesChapter 7: Threat Intelligence Threat Intelligence Overview Threat DataThreat Intelligence Categories Strategic Threat Intelligence Tactical Threat Intelligence Operational Threat Intelligence Technical Threat IntelligenceThreat Intelligence Context Threat ContextEvaluating Threat Intelligence Threat Intelligence Checklist Content Quality Testing Threat IntelligencePlanning a Threat Intelligence Project Data Expectations for Strategic Threat Intelligence Data Expectations for Tactical Threat Intelligence Data Expectations for Operational Threat Intelligence Data Expectations for Technical Threat IntelligenceCollecting and Processing Intelligence Processing Nontechnical Data Operational Data and Web Processing Technical Processing Technical Threat Intelligence Resources Actionable Intelligence Security Tools and Threat IntelligenceFeedbackSummaryReferencesChapter 8: Threat Hunting and Incident Response Security IncidentsIncident Response LifecyclePhase 1: Preparation Assigning Tasks with Playbooks Communication Third-Party Interaction Law Enforcement Law Enforcement Risk Ticketing Systems Other Incident Response Planning Templates Phase 1: Preparation SummaryPhase 2: Detection and Analysis Incident Detection Core Security Capabilities Threat Analysis Detecting Malware Behavior Infected Systems Analyzing Artifacts Identifying Artifact Types Packing Files Basic Static Analysis Advanced Static Analysis Dynamic Analysis Phase 2: Detection and Analysis SummaryPhase 3: Containment, Eradication, and Recovery Containment Responding to Malware Threat Hunting Techniques Eradicate RecoveryDigital Forensics Digital Forensic Process First Responder Chain of Custody Working with Evidence Duplicating Evidence Hashes Forensic Static Analysis Recovering Data Forensic Dynamic Analysis Digital Forensics Summary Phase 3: Containment, Eradication, and Recovery SummaryPhase 4: Post-Incident Activity Post-Incident Response Process Phase 4: Post-Incident Response SummaryIncident Response Guidelines FIRST Services FrameworksSummaryReferencesChapter 9: Vulnerability Management Vulnerability Management Phase 1: Asset Inventory Phase 2: Information Management Phase 3: Risk Assessment Phase 4: Vulnerability Assessment Phase 5: Report and Remediate Phase 6: Respond and RepeatMeasuring Vulnerabilities Common Vulnerabilities and Exposures Common Vulnerability Scoring System CVSS StandardsVulnerability Technology Vulnerability Scanners Currency and Coverage Tuning Vulnerability Scanners Exploitation Tools Asset Management and Compliance Tools Network Scanners and Network Access Control Threat Detection ToolsVulnerability Management Service Scanning Services Vulnerability Management Service Roles Vulnerability Evaluation ProceduresVulnerability Response Vulnerability Accuracy Responding to Vulnerabilities Cyber Insurance Patching Systems Residual Risk Remediation Approval Reporting ExceptionsVulnerability Management Process SummarizedSummaryReferencesChapter 10: Data Orchestration Introduction to Data Orchestration Comparing SIEM and SOAR The Rise of XDRSecurity Orchestration, Automation, and Response SOAR Example: PhantomEndpoint Detection and Response EDR Example: CrowdStrikePlaybooks Playbook Components Constructing Playbooks Incident Response Consortium Playbook Examples: Malware OutbreakAutomation Automating Playbooks Common Targets for Automation Automation Pitfalls Playbook WorkflowDevOps Programming Data Management Text-File Formats Common Data Formats Data ModelingDevOps Tools DevOps Targets Manual DevOps Automated DevOps DevOps Lab Using Ansible Ansible PlaybooksBlueprinting with Osquery Running OsqueryNetwork Programmability Learning NetDevOps APIs NetDevOps ExampleCloud Programmability Orchestration in the Cloud Amazon DevOps SaaS DevOpsSummaryReferencesChapter 11: Future of the SOC All Eyes on SD-WAN and SASE VoIP Adoption As Prologue to SD-WAN Adoption Introduction of SD-WAN Challenges with the Traditional WAN SD-WAN to the Rescue SASE Solves SD-WAN Problems SASE Defined Future of SASEIT Services Provided by the SOC IT Operations Defined Hacking IT Services IT Services Evolving Future of IT ServicesFuture of Training Training Challenges Training Today Case Study: Training I Use Today Free Training Gamifying Learning On-Demand and Personalized Learning Future of TrainingFull Automation with Machine Learning Machine Learning Machine Learning Hurdles Machine Learning Applied Training Machine Learning Future of Machine LearningFuture of Your SOC: Bringing It All Together Your Future Facilities and Capabilities Group Tags Your Future SOC Staff Audits, Assessments, and Penetration Testing Future Impact to Your Services Hunting for Tomorrow’s ThreatsSummaryReferences9780135619858 TOC 3/24/2021

Read more less

Book SynopsisPublisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.This self-study guide delivers complete coverage of every topic on the GIAC Certified Incident Handler examPrepare for the challenging GIAC Certified Incident Handler exam using the detailed information contained in this effective exam preparation guide. Written by a recognized cybersecurity expert and seasoned author, GCIH GIAC Certified Incident Handler All-in-One Exam Guide clearly explains all of the advanced security incident handling skills covered on the test. Detailed examples and chapter summaries throughout demonstrate real-world threats and aid in retention. You will get online access to 300 practice questions that match those on the live test in style, format, and tone. Designed to help you prepare for the exam, this resource also serves a

Read more less

Book SynopsisAvinash Naduvath is a renowned security architect in the Customer Experience (CX) Security Services division at Cisco Systems. As part of CX-Security, he has delivered multiple solutions to help secure customer networks. The range of services included incepting secure architectures, designs, technology advisories, best practice recommendations, and security assessments.   Prior to his current role in Cisco, Avinash was part of the technical services for security in Cisco-Bangalore and has helped troubleshoot and secure networks for multiple customers. He is a subject matter expert in next-generation firepower technology. Previous to this, Avinash was part of the professional services team in Cisco-Bangalore as a network consulting engineer.   Avinash has over 10 years of experience in the information security domain, having worked on multiple aspects of security such as secure engineering and secure architecture. He has a passio

Read more less

Book Synopsis

Read more less

Book SynopsisThe updated second edition of this practical guide shows network engineers how to use a range of technologies and tools, including Linux, Python, APIs, and Git, to automate systems through code. This edition also includes brand new topics such as network development environments, cloud and programming with Go.

Read more less

Book SynopsisRefer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and Jakarta EE Security third-party modules, such as Payara Yubikey & OIDC, and OmniFaces JWT-Auth.The book discusses Jakarta EE Security in relation to SE underpinnings and provides a detailed explanation of how client-cert authentication over HTTPS takes place, how certifications work,  and how LDAP-like names are mapped to caller/user names. General (web) security best practices are presented, such as not storing passwords in plaintext, using HTTPS, sanitizing inputs to DB queries, encoding output, and explanations of various (web) attacks and common vulnerabilities are included.Practical examples of securing applications discuss commoTable of Contents1: Security History 2: Jakarta EE Foundations 3: Jakarta Authentication 4: Jakarta Authorization 5: Jakarta Security 6: Java SE Underpinnings 7: EE Implementations 8: MicroProfile JWT Appendix A: Spring Security Appendix B: Apache Shiro Appendix C: Identity Management

Read more less

Book SynopsisNicholas DiCola is the principal director of the Cloud Security Customer Experience Engineering (CxE) team. CxE helps customers with deployments of Cloud Security products such as Azure Security Center, Azure Sentinel, Azure Network Security, Azure Information Protection, Microsoft Defender for Identities, and Microsoft Cloud Application Security. CxE is responsible for driving use of Cloud Security products and taking feedback from customers to improve the products. Nicholas has been with Microsoft since 2006 when he started in Microsoft Consulting Services. He has a Master of Business Administration with a concentration in information systems and various industry certifications such as CISSP and CEH. You can follow Nicholas on Twitter at @mastersecjedi. Anthony Roman is the senior PM manager leading the Azure network security Get-To- Production team within Cloud Security CxE. The team works with customers and network security engineering toTable of Contents Chapter 1 Introduction to Azure Network Security Chapter 2 Secure Azure Network architectures Chapter 3 Controlling traffic with Azure Firewall Chapter 4 Traffic Inspection in Azure Networks Chapter 5 Secure application delivery with Azure Web Application Firewall Chapter 6 Mitigating DDoS attacks Chapter 7 Enabling Network Security log collection Chapter 8 Security monitoring with Azure Sentinel, Security Center, and Network Watcher Chapter 9 Combining Azure resources for a wholistic network security strategy

Read more less

Book SynopsisMichael Gregg (CISSP, SSCP, CISA, MCSE, MCT, CTT+, A+, N+, Security+, CCNA, CASP, CISA, CISM, CEH, CHFI, and GSEC) directs the cybersecurity operations for a multinational organization that operates facilities worldwide. As the CISO, Michael is responsible for securing the organization's assets on a global scale. Michael is responsible for developing cost-effective and innovative technology solutions for security issues and for evaluating emerging technologies. He has more than 20 years of experience in the IT field and holds two associate's degrees, a bachelor's degree, and a master's degree. In addition to coauthoring the first, second, and third editions of Security Administrator Street Smarts, Michael has written or coauthored more than 20 other books. Michael has testified before a U.S. congressional committee, has been quoted in newspapers such as the New York Times, and was featured on various television and radio shows, includ

Read more less

Book SynopsisCindy Green-Ortiz is a Cisco senior security architect, cybersecurity strategist, architect, and entrepreneur. She works in the Customer Experience, Global Enterprise Segment for Cisco. She holds the CISSP, CISM, CSSLP, CRISC, PMP, and CSM Certifications, along with two degreesa BS-CIS Magna Cum Laude and AS-CIS with Honors. She has been with Cisco for 6+ years. Cindy has been in the cybersecurity field for 40 years, where she has held D-CIO, D-CISO, and Corporate Security Architecture Leadership roles, founding two technology businesses as CEO. Cindy is a Cisco Chairman's Club winner (Club Cisco). She is an active blogger for Cisco and has published whitepapers for Cisco and the US Department of Homeland Security. She has spoken to many groups, including PMI International Information Systems & Technology Symposium-Cybersecurity Keynote; Cisco SecCon, and Cisco Live. Cindy is President Emeritus and serves now as the treasurer of Charlotte InfraGard and cofounder of Table of ContentsForeword Introduction Part I: Concepts 1. Overview of Zero Trust (ZT): It's a Journey 2. Cisco Zero Trust: Security Capability Requirements 3. Zero Trust Reference Architecture and Enclave Design 4. Security Capability Use Cases 5. Segmentation Part II: Implementation 6. Segmentation Methods: Pros and Cons 7. Segmentation Foundational Functions and Applications (CMDB, App Inv, VLAN, Host Naming) 8. Map Functions to Segments / Implement Solutions 9. Test and Monitor ZT Segmentation and Solutions (LLD / SVS) - Phased Conclusion (Journey) Afterword Bibliography Acknowledgements

Read more less

Book Synopsis

Read more less

Book SynopsisCyber System.- Cyber-Physical Systems: A New Frontier.- Security.- Misleading Learners: Co-opting Your Spam Filter.- Survey of Machine Learning Methods for Database Security.- Identifying Threats Using Graph-based Anomaly Detection.- On the Performance of Online Learning Methods for Detecting Malicious Executables.- Efficient Mining and Detection of Sequential Intrusion Patterns for Network Intrusion Detection Systems.- A Non-Intrusive Approach to Enhance Legacy Embedded Control Systems with Cyber Protection Features.- Image Encryption and Chaotic Cellular Neural Network.- Privacy.- From Data Privacy to Location Privacy.- Privacy Preserving Nearest Neighbor Search.- Reliability.- High-Confidence Compositional Reliability Assessment of SOA-Based Systems Using Machine Learning Techniques.- Model, Properties, and Applications of Context-Aware Web Services.Trade ReviewFrom the reviews: "This is a useful book on machine learning for cyber security applications. It will be helpful to researchers and graduate students who are looking for an introduction to a specific topic in the field. All of the topics covered are well researched. The book consists of 12 chapters, grouped into four parts." (Imad H. Elhajj, ACM Computing Reviews, October, 2009)Table of ContentsCyber System.- Cyber-Physical Systems: A New Frontier.- Security.- Misleading Learners: Co-opting Your Spam Filter.- Survey of Machine Learning Methods for Database Security.- Identifying Threats Using Graph-based Anomaly Detection.- On the Performance of Online Learning Methods for Detecting Malicious Executables.- Efficient Mining and Detection of Sequential Intrusion Patterns for Network Intrusion Detection Systems.- A Non-Intrusive Approach to Enhance Legacy Embedded Control Systems with Cyber Protection Features.- Image Encryption and Chaotic Cellular Neural Network.- Privacy.- From Data Privacy to Location Privacy.- Privacy Preserving Nearest Neighbor Search.- Reliability.- High-Confidence Compositional Reliability Assessment of SOA-Based Systems Using Machine Learning Techniques.- Model, Properties, and Applications of Context-Aware Web Services.

Read more less

Book SynopsisA best-selling author and renowned security expert reveals the rise and risks of a new goliath: our massively networked, world-sized web.Trade Review"Schneier skilfully guides readers through serious attacks that have happened already — and moves on to those he believes are just over the horizon... This book is convincing, but not comforting." -- Financial Times"Schneier’s book is sober, lucid and often wise in diagnosing how the security challenges posed by the expanding Internet came about, and in proposing what should (but probably won’t) be done about them." -- Nature"... excellent work..." -- The Catholic Herald

Read more less

Book SynopsisThis advanced book is a comprehensive guide to security issues in wireless ad hoc and sensor networks. The book is organized into two main sections. The first, gives an introduction to the fundamentals and key issues related to wireless ad hoc networking, with an emphasis on security related issues.Table of ContentsAbout the Authors. Preface. Acknowledgements. List of Acronyms. Part One Wireless Ad Hoc, Sensor and Mesh Networking. 1 Introduction. 1.1 Information Security. 1.2 Scope of the Book. 1.3 Structure of the Book. 1.4 Electronic Resources for the Book. 1.5 Review Questions. 2 Wireless Ad Hoc, Sensor and Mesh Networks. 2.1 Ad Hoc Networks and Applications. 2.2 Sensor and Actuator Networks. 2.3 Mesh Networks. 2.4 Tactical Communications and Networks. 2.5 Factors Influencing the Design of Wireless Ad Hoc, Sensor and Mesh Networks. .6 Review Questions. 3 The Wireless Medium. 3.1 Wireless Channel Fundamentals and Security. 3.2 Advanced Radio Technologies. 3.3 Review Questions. 4 Medium Access and Error Control. 4.1 Medium Access Control. 4.2 Error Control. 4.3 Wireless Metropolitan Area Networks. 4.4 Wireless Local Area Networks. 4.5 Wireless Personal Area Networks. 4.6 Review Questions. 5 Routing. 5.1 Internet Protocol and Mobile IP. 5.2 Routing in Wireless Ad Hoc Networks. 5.3 Routing in Wireless Sensor and Actuator Networks. 5.4 Review Questions. 6 Reliability, Flow and Congestion Control. 6.1 Reliability. 6.2 Flow and Congestion Control. 6.3 Review Questions. 7 Other Challenges and Security Aspects. 7.1 Localization and Positioning. 7.2 Time Synchronization. 7.3 Addressing. 7.4 Data Aggregation and Fusion. 7.5 Data Querying. 7.6 Coverage. 7.7 Mobility Management. 7.8 Cross-layer Design. 7.9 Review Questions. Part Two Security in Wireless Ad Hoc, Sensor and Mesh Networking. 8 Security Attacks in Ad Hoc, Sensor and Mesh Networks. 8.1 Security Attacks. 8.2 Attackers. 8.3 Security Goals. 8.4 Review Questions. 9 Cryptography. 9.1 Symmetric Encryption. 9.2 Asymmetric Encryption. 9.3 Hash Functions and Message Authentication Code. 9.4 Cascading Hashing. 9.5 Review Questions. 10 Challenges and Solutions: Basic Issues. 10.1 Bootstrapping Security in Ad Hoc Networks. 10.2 Bootstrapping Security in Sensor Networks. 10.3 Key Distribution, Exchange and Management. 10.4 Authentication Issues. 10.5 Integrity. 10.6 Review Questions. 11 Challenges and Solutions: Protection. 11.1 Privacy and Anonymity. 11.2 Intrusion Detection. 11.3 Defense Against Traffic Analysis. 11.4 Access Control and Secure Human–Computer Interaction. 11.5 Software-Based Anti-Tamper Techniques. 11.6 Tamper Resilience: Hardware Protection. 11.7 Availability and Plausibility. 11.8 Review Questions. 12 Secure Routing. 12.1 Defense Against Security Attacks in Ad Hoc Routing. 12.2 Secure Ad Hoc Routing Protocols. 12.3 Further Reading. 12.4 Review Questions. 13 Specific Challenges and Solutions. 13.1 SPINS: Security Protocols for Sensor Networks. 13.2 Quarantine Region Scheme for Spam Attacks. 13.3 Secure Charging and Rewarding Scheme. 13.4 Secure Node Localization. 13.5 Secure Time Synchronization. 13.6 Secure Event and Event Boundary Detection. 13.7 Review Questions. 14 Information Operations and Electronic Warfare. 14.1 Electronic Support. 14.2 Electronic Attack. 14.3 Electronic Protection. 14.4 Review Questions. 15 Standards. 15.1 X.800 and RFC 2828. 15.2 Wired Equivalent Privacy (WEP). 15.3 Wi-Fi Protected Access (WPA). References. Index.

Read more less

Book SynopsisAs networks around the world have become more and more connected, an understanding of network security has become an integral part of a network administrator's job. People who design, implement, and manage networks on a day-to-day basis must understand the threats that exist and how to mitigate them to protect a company's assets.Table of Contents1 Network Security Principles 1 Introduction 2 1.1 Importance of Computer and Network Security 2 1.2 Underlying Computer and Network Security Concepts 6 1.3 Threats and Countermeasures 11 1.4 Policies and Standards 20 2 Network and Server Security 30 Introduction 31 2.1 Network Protocols Review 31 2.2 Best Practices for Network Security 45 2.3 Securing Servers 49 2.4 Border Security 57 3 Cryptography 74 Introduction 75 3.1 Cryptography Overview 75 3.2 Symmetric Encryption 83 3.3 Asymmetric Encryption 90 3.4 Hashes 93 3.5 Achieving CIA 97 3.6 Public Key Infrastructure (PKI) 99 4 Authentication 118 Introduction 119 4.1 Authentication Overview 119 4.2 Authentication Credentials 125 4.3 Authentication Protocols 131 4.4 Best Practices for Secure Authentication 136 5 Authentication and Access Control 149 Introduction 150 5.1 Access Control Models 150 5.2 Implementing Access Control on Windows Computers 154 5.3 Implementing Access Control on Unix Computers 174 6 Securing Network Transmission 188 Introduction 189 6.1 Analyzing Security Requirements for Network Traffic 189 6.2 Defining Network Perimeters 195 6.3 Data Transmission Protection Protocols 201 7 Remote Access and Wireless Security 221 7.1 Dial-Up Networking 222 7.2 Virtual Private Networks 230 7.3 RADIUS and TACACS 235 7.4 Wireless Networks 239 8 Server Roles and Security 262 Introduction 263 8.1 Server Roles and Baselines 263 8.2 Securing Network Infrastructure Servers 274 8.3 Securing Domain Controllers 289 8.4 Securing File and Print Servers 292 8.5 Securing Application Servers 298 9 Protecting Against Malware 310 9.1 Viruses and Other Malware 311 9.2 Protecting the Workstation 315 9.3 Web Browser Security 323 9.4 Email Security 336 10 Ongoing Security Management 356 Introduction 357 10.1 Managing Updates 357 10.2 Auditing and Logging 366 10.3 Secure Remote Administration 371 11 Disaster Recovery and Fault Tolerance 395 Introduction 396 11.1 Planning for the Worst 396 11.2 Creating a Backup Strategy 407 11.3 Designing for Fault Tolerance 415 12 Intrusion Detection and Forensics 433 Introduction 434 12.1 Intrusion Detection 434 12.2 Honeypots 439 12.3 Forensics 444 Glossary 462 Index 507

Read more less

Book SynopsisA guide to planning and performing a physical penetration test on your computer's security. It guides you through the entire process from gathering intelligence, getting inside, dealing with threats, staying hidden (often in plain sight), and getting access to networks and data.Table of ContentsPreface xi Acknowledgements xv Foreword xvii 1 The Basics of Physical Penetration Testing 1 What Do Penetration Testers Do? 2 Security Testing in the Real World 2 Legal and Procedural Issues 4 Know the Enemy 8 Engaging a Penetration Testing Team 9 Summary 10 2 Planning Your Physical Penetration Tests 11 Building the Operating Team 12 Project Planning and Workflow 15 Codes, Call Signs and Communication 26 Summary 28 3 Executing Tests 29 Common Paradigms for Conducting Tests 30 Conducting Site Exploration 31 Example Tactical Approaches 34 Mechanisms of Physical Security 36 Summary 50 4 An Introduction to Social Engineering Techniques 51 Introduction to Guerilla Psychology 53 Tactical Approaches to Social Engineering 61 Summary 66 5 Lock Picking 67 Lock Picking as a Hobby 68 Introduction to Lock Picking 72 Advanced Techniques 80 Attacking Other Mechanisms 82 Summary 86 6 Information Gathering 89 Dumpster Diving 90 Shoulder Surfing 99 Collecting Photographic Intelligence 102 Finding Information From Public Sources and the Internet 107 Electronic Surveillance 115 Covert Surveillance 117 Summary 119 7 Hacking Wireless Equipment 121 Wireless Networking Concepts 122 Introduction to Wireless Cryptography 125 Cracking Encryption 131 Attacking a Wireless Client 144 Mounting a Bluetooth Attack 150 Summary 153 8 Gathering the Right Equipment 155 The ‘‘Get of Jail Free’’ Card 155 Photography and Surveillance Equipment 157 Computer Equipment 159 Wireless Equipment 160 Global Positioning Systems 165 Lock Picking Tools 167 Forensics Equipment 169 Communications Equipment 170 Scanners 171 Summary 175 9 Tales from the Front Line 177 SCADA Raiders 177 Night Vision 187 Unauthorized Access 197 Summary 204 10 Introducing Security Policy Concepts 207 Physical Security 208 Protectively Marked or Classified GDI Material 213 Protective Markings in the Corporate World 216 Communications Security 218 Staff Background Checks 221 Data Destruction 223 Data Encryption 224 Outsourcing Risks 225 Incident Response Policies 226 Summary 228 11 Counter Intelligence 229 Understanding the Sources of Information Exposure 230 Social Engineering Attacks 235 Protecting Against Electronic Monitoring 239 Securing Refuse 240 Protecting Against Tailgating and Shoulder Surfing 241 Performing Penetration Testing 242 Baseline Physical Security 245 Summary 247 Appendix A: UK Law 249 Computer Misuse Act 249 Human Rights Act 251 Regulation of Investigatory Powers Act 252 Data Protection Act 253 Appendix B: US Law 255 Computer Fraud and Abuse Act 255 Electronic Communications Privacy Act 256 SOX and HIPAA 257 Appendix C: EU Law 261 European Network and Information Security Agency 261 Data Protection Directive 263 Appendix D: Security Clearances 265 Clearance Procedures in the United Kingdom 266 Levels of Clearance in the United Kingdom 266 Levels of Clearance in the United States 268 Appendix E: Security Accreditations 271 Certified Information Systems Security Professional 271 Communication–Electronics Security Group CHECK 272 Global Information Assurance Certification 274 INFOSEC Assessment and Evaluation 275 Index 277

Read more less

Book SynopsisWithin the set of many identifier-locator separation designs for the Internet, HIP has progressed further than anything else we have so far. It is time to see what HIP can do in larger scale in the real world. In order to make that happen, the world needs a HIP book, and now we have it. - Jari Arkko, Internet Area Director, IETF One of the challenges facing the current Internet architecture is the incorporation of mobile and multi-homed terminals (hosts), and an overall lack of protection against Denial-of-Service attacks and identity spoofing. The Host Identity Protocol (HIP) is being developed by the Internet Engineering Task Force (IETF) as an integrated solution to these problems. The book presents a well-structured, readable and compact overview of the core protocol with relevant extensions to the Internet architecture and infrastructure. The covered topics include the Bound End-to-End Tunnel Mode for IPsec, Overlay Routable Cryptographic Hash Identifiers, extensTrade Review"I recommend this book to all software writers and engineers who are working in the context of mobile IP, IPv6, and the future internet. Graduate and advanced undergraduate students who are interested in discovering a practical and challenging application of identity management models and cryptographic protocols will also benefit from this book." (Computing Reviews, May 5, 2009)Table of ContentsAbout the Author. Foreword. (Jari Arkko) Foreword. (David Hutchison) Preface. Acknowledgments. Abbreviations. Part I Introduction. Chapter 1: Overview. 1.1 Identifierâ??locatorsplit. 1.2 HIPin the Internetarchitecture. 1.3 BriefhistoryofHIP. 1.4 Organization of the book. Chapter 2: Introduction to network security. 2.1 Goalsof cryptographicprotocols. 2.2 Basics andterminology. 2.3 Attacktypes. 2.4 Defensemechanisms. 2.5 Securityprotocols. 2.6 Weakauthenticationtechniques. 2.7 SecureDNS. Part II The Host Identity Protocol. Chapter 3: Architectural overview. 3.1 Internet namespaces. 3.2 Methods of identifying a host. 3.3 OverlayRoutableCryptographicHashIdentifiers. Chapter 4: Baseprotocol. 4.1 Base exchange. 4.2 OtherHIPcontrolpackets. 4.3 IPsec encapsulation. Chapter 5: Main extensions. 5.1 Mobility and multihoming. 5.2 Rendezvous server. 5.3 DNSextensions. 5.4 Registrationprotocol. Chapter 6: Advanced extensions. 6.1 Opportunistic mode. 6.2 Piggybacking transport headers to base exchange. 6.3 HIPservicediscovery. 6.4 Simultaneous multiaccess. 6.5 DisseminatingHITswitha presenceservice. 6.6 Multicast. Chapter 7: Performance measurements. 7.1 HIPonNokia InternetTablet. 7.2 Experimental results. 7.3 Summary. Chapter 8: Lightweight HIP. 8.1 Security functionality of HIP. 8.2 HIPhigh-levelgoals. 8.3 LHIPdesign. 8.4 LHIPperformance. 8.5 Discussion. Part III Infrastructure Support. Chapter 9: Middlebox traversal. 9.1 Requirements for traversinglegacymiddleboxes. 9.2 LegacyNATtraversal. 9.3 Requirements forHIP-awaremiddleboxes. 9.4 HIP-awarefirewall. Chapter 10: Name resolution. 10.1 Problemstatementofnaming. 10.2 DistributedHashTables. 10.3 HIPinterface toOpenDHT. 10.4 Overviewofoverlaynetworks. 10.5 Host Identity Indirection Infrastructure. 10.5.1 Separatingcontrol,data, andnaming. 10.5.2 Thedata plane. 10.5.3 Thecontrolplane. 10.5.4 Discussionof theHi3design. Chapter 11: Micromobility. 11.1 Local rendezvousservers. 11.2 Secure micromobility. 11.3 Network mobility. Chapter 12: Communication privacy. 12.1 SPINAT. 12.2 BLIND. 12.3 Anonymousidentifiers. Part IV Applications. Chapter 13: Possible HIP applications. 13.1 VirtualPrivateNetworking. 13.2 P2PInternetSharingArchitecture. 13.3 InteroperatingIPv4andIPv6. 13.4 SecureMobileArchitecture. 13.5 Liveapplicationmigration. 13.6 NetworkoperatorviewpointonHIP. Chapter 14: Application interface. 14.1 UsinglegacyapplicationswithHIP. 14.2 API fornativeHIPapplications. Chapter 15: Integrating HIP with other protocols. 15.1 GeneralizedHIP. 15.2 The use of Session Initiation Protocol. 15.3 EncapsulatingHIPdatausingSRTP. 15.4 ReplacingHIPbase exchangewithIKEv2. 15.5 MobileIPandHIP. 15.6 HIPproxyfor legacyhosts. Installing and using HIP. Bibliography. Index.

Read more less

Book SynopsisThe essential guide to e-business security for managers and IT professionals Securing E-Business Systems provides business managers and executives with an overview of the components of an effective e-business infrastructure, the areas of greatest risk, and best practices safeguards.Trade Review"...to be recommended as a as an IT security handbook..." (Information Age, August 2002) "...covers the full gamut of security threats..." (Infoconomy, 5 September 2002) “…a timely and valuable introduction to the fourth generation of cellular networks…(Infoconomy, 1 August 2002)Table of ContentsPreface. Chapter 1 Electronic Business Systems Security. Introduction. How Is E-Business Security Defined? Can E-Business Security Be Explained More Simply? Is E-Business Security Really Such a Big Deal? Is E-Business Security More Important Than Other Information Technology Initiatives? How Does an Organization Get Started? Instead of Playing "Catch-Up," What Should an Organization Be Doing to Design E-Business Systems That Are Secure in the First Place? Chapter 2 E-Business Systems and Infrastructure Support Issues. Introduction. E-Business Defined. A Short History of E-Business Innovations. The Need for Secure E-Business Systems. Software: The Vulnerable Underbelly of Computing. The Interoperability Challenge and E-Business Success. E-Business Security: An Exercise in Trade-Offs. Few Systems Are Designed to Be Secure. Conclusion. Chapter 3 Security Weaknesses in E-Business Infrastructure and "Best Practices" Security. Introduction. Fundamental Technical Security Threats. The Guiding Principles of Protection. "Best Practice" Prevention, Detection, and Countermeasures and Recovery Techniques. x Chapter 4 Managing E-Business Systems and Security. Introduction. Part One: Misconceptions and Questionable Assumptions. Part Two: Managing E-Business Systems as a Corporate Asset. Part Three: E-Business Security Program Management. Chapter 5 A "Just-in-Time" Strategy for Securing the E-Business System: The Role for Security Monitoring and Incident Response. The Current State of E-Business Security. Standard Requirements of an E-Business Security Strategy. A New Security Strategy. The Crucial Role of Security Monitoring and Incident Response to the Securing of E-Business Systems. The Current State of Intrusion Detection Systems (IDS). Defining a Cost-Effective Security Monitoring and Incident Response Capability. Alternatives to Building "Your Own" Security Monitoring and Incident Response Capability. Summary. Chapter 6 Designing and Delivering Secured E-Business Application Systems. Introduction. Past Development Realities. Contemporary Development Realities. Developing Secured E-Business Systems. Using the SDR Framework. Choosing a Systems Development Methodology That Is Compatible with the SDR Framework. Participants in the Identification of Security and Integrity Controls. Importance of Automated Tools. A Cautionary Word About New Technologies. Summary and Conclusions. Chapter 7 Justifying E-Business Security and the Security Management Program. Introduction. The "Quantifiable" Argument. Emerging "Nonquantifiable" Arguments. Benefits Justifications Must Cover Security Program Administration. Conclusion. Chapter 8 Computers, Software, Security, and Issues of Liability. Evolving Theories of Responsibility. Likely Scenarios. How Might a Liability Case Unfold? Questions to Be Asked to Ensure That Reasonable Care Has Been Taken in Developing a Secure E-Business System. Chapter 9 The National Critical Infrastructure Protection (CIP) Initiative. The Problem of Dependency. Critical Infrastructure Protection (CIP) Purpose, Directives, Organizations, and Relationships. Frequently Asked Questions About the IT-ISAC. Critical Information Infrastructure Protection Issues that Need Resolution. Appendix A: Y2K Lessons Learned and Their Importance for E-Business Security. Appendix B: Systems Development Review Framework for E-Business Development Projects. Appendix C: A Corporate Plan of Action for Securing E-Business Systems (Sample). Appendix D: E-Business Risk Management Review Model Instructions for Use. Appendix E: Resources Guide. Index.

Read more less

Book SynopsisNow more than ever auditors must be aware of what is occurring with computer security. According to a 1999 Computer Security Institute (CSI)/FBI survey there has been a dramatic increase in the number of respondents reporting serious computer incidents to law enforcement. Losses due to security breaches have passed the $100 billion mark.Table of ContentsSecurity Management. Physical Security. IBM AS/400 Architecture and Applications. AS/400 Audit Objectives and Procedures. Windows NT Server: Security Features. Unix. Networks. Disaster Recovery Planning. Index.

Read more less

Book SynopsisThis book addresses the problems and brings solutions to the security issues of ad-hoc networks. Topics included are threat attacks and vulnerabilities, basic cryptography mechanisms, authentication, secure routing, firewalls, security policy management, and future developments. .Trade Review"…a first-class textbook on security in ad hoc networks." (Computing Reviews.com, May 17, 2007)Table of ContentsPreface. Foreword. Acknowledgments. 1 Introduction. 1.1 Definition of Wireless Ad Hoc Networks. 1.2 Applications of Wireless Ad Hoc Networks. 1.3 Threats, Attacks, and Vulnerabilities. 1.3.1 Threats. 1.3.2 Vulnerabilities in Ad Hoc Networks. 1.3.3 Attacks. 1.4 Overview of the Book. 2 Basic Security Concepts. 2.1 Introduction. 2.2 Basic Concepts. 2.2.1 Attributes. 2.2.2 Cryptographic Primitives. 2.3 Modes of Operation. 2.4 Miscellaneous Properties. 2.4.1 One-Way Property of Hash Chains. 2.4.2 TESLA. 2.5 Summary. 3 Key Management. 3.1 Introduction. 3.2 Traditional Solution. 3.3 Solutions for Ad Hoc Networks. 3.3.1 Asymmetric Key-Based Approach. 3.3.2 Symmetric Key-Based Approach. 3.4 Summary. 4 Secure Routing. 4.1 Introduction. 4.1.1 Distance-Vector and Link-State Routing. 4.1.2 Proactive vs Reactive Routing. 4.2 Ad Hoc On-Demand Distance Vector. 4.2.1 Secure AODV. 4.2.2 Authenticated Routing for Ad Hoc Networks (ARAN). 4.2.3 Security-Aware Ad Hoc Routing. 4.3 Dynamic Source Routing Protocol. 4.3.1 Secure Routing Protocol. 4.3.2 Ariadne. 4.3.3 EndairA: A Provably Secure Routing Protocol. 4.4 Destination-Sequenced Distance-Vector Routing Protocol. 4.4.1 Secure Efficient Distance Vector Routing (SEAD). 4.4.2 SuperSEAD. 4.4.3 S-DSDV. 4.5 Optimized Link-State Routing Protocol. 4.5.1 Secure Extension to OLSR. 4.5.2 Secure Link-State Routing Protocol. 4.6 Anonymous Routing Protocols. 4.6.1 ANODR. 4.6.2 MASK. 4.7 Generic Attacks Against Routing. 4.7.1 Wormhole Attacks. 4.7.2 Rushing Attacks. 4.7.3 Sybil Attacks. 4.8 Summary. 5 Intrusion Detection Systems. 5.1 Introduction. 5.1.1 Traditional IDS Systems. 5.2 Unique IDS Challenges in MANET. 5.3 Threat Model. 5.4 Architecture for Intrusion Detection in MANET. 5.4.1 Noncollaborative Intrusion Detection System. 5.4.2 Cooperative Intrusion Detection. 5.4.3 Key Novel Concepts for Cooperative Intrusion Detection in MANET. 5.5 Evidence Collection. 5.5.1 Local Evidence. 5.5.2 Promiscuous Monitoring. 5.5.3 Evidence made Available by Other Nodes. 5.6 Detection of Specific Attacks. 5.6.1 Detection of Packet Dropping Attacks. 5.6.2 Detection of Attacks Against Routing Protocols. 5.7 Summary. 6 Policy Management. 6.1 Introduction. 6.2 Policy-Based Network Management. 6.2.1 Overview. 6.2.2 Architecture. 6.2.3 Policy Languages. 6.2.4 Distributed Policy Management Architecture. 6.2.5 IETF and DMTF Standardization Activities. 6.3 Application of Policy Management to Security Management. 6.3.1 Role-Based Access Control (RBAC). 6.3.2 Trust Management and the KeyNote System. 6.3.3 Firewall Management. 6.3.4 Policy Enforcement in a Wireless Ad Hoc Network. 6.4 Summary. 7 Secure Localization. 7.1 Introduction. 7.2 Localization. 7.2.1 Ranging. 7.2.2 Computation. 7.2.3 Attacks. 7.3 Secure Localization. 7.3.1 Distance Bounding Techniques. 7.3.2 Verifiable Multilateration. 7.3.3 Directional Antennae-Based Schemes. 7.3.4 Transmission Range Variation-Based Schemes. 7.3.5 Hybrid Schemes. 7.3.6 Malicious Beacons. 7.4 Summary. 8 Conclusions and Future Research. 8.1 Vehicular Networks. 8.1.1 Differences with MANET. 8.1.2 Open Problems and Solutions. 8.2 Summary. Acronyms. References. Index.

Read more less

Book SynopsisPhishing and Counter-Measures discusses how and why phishing is a threat, and presents effective countermeasures. Educating readers on how phishing attacks have been mounting over the years, how to detect and prevent current as well as future attacks, this text focuses on corporations who supply the resources used by attackers.Trade Review"…I highly recommend this as a must-read book in the collection of phishing literature." (Computing Reviews.com, September 13, 2007) "…may be used as a textbook or a comprehensive reference for individuals involved with Internet security…" (CHOICE, July 2007)Table of ContentsPreface. Acknowledgements. 1. Introduction to Phishing. 1.1 What is Phishing? 1.2 A Brief History of Phishing. 1.3 The Costs to Society of Phishing. 1.4 A Typical Phishing Attack. 1.4.1 Phishing Example: America’s Credit Unions. 1.4.2 Phishing Example: PayPal. 1.4.3 Making The Lure Convincing. 1.4.4 Setting The Hook. 1.4.5 Making The Hook Convincing. 1.4.6 The Catch. 1.4.7 Take-Down and Related Technologies. 1.5 Evolution of Phishing. 1.6 Case Study: Phishing on Froogle. 1.7 Protecting Users from Phishing. References. 2. Phishing Attacks: Information Flow and Chokepoints. 2.1 Types of Phishing Attacks. 2.1.1 Deceptive Phishing. 2.1.2 Malware-Based Phishing. 2.1.3 DNS-Based Phishing (“Pharming”). 2.1.4 Content-Injection Phishing. 2.1.5 Man-in-the-Middle Phishing. 2.1.6 Search Engine Phishing. 2.2 Technology, Chokepoints and Countermeasures. 2.2.1 Step 0: Preventing a Phishing Attack Before it Begins. 2.2.2 Step 1: Preventing Delivery of Phishing Payload. 2.2.3 Step 2: Preventing or Disrupting a User Action. 2.2.4 Steps 2 and 4: Prevent Navigation and Data Compromise. 2.2.5 Step 3: Preventing Transmission of the Prompt. 2.2.6 Step 4: Preventing Transmission of Confidential Information. 2.2.7 Steps 4 and 6: Preventing Data Entry and Rendering it Useless. 2.2.8 Step 5: Tracing Transmission of Compromised Credentials. 2.2.9 Step 6: Interfering with the Use of Compromised Information. 2.2.10 Step 7: Interfering with the Financial Benefit. References. 3. Spoofing and Countermeasures. 3.1 Email Spoofing. 3.1.1 Filtering. 3.1.2 Whitelisting and Greylisting. 3.1.3 Anti-spam Proposals. 3.1.4 User Education. 3.2 IP Spoofing. 3.2.1 IP Traceback. 3.2.2 IP Spoofing Prevention. 3.2.3 Intradomain Spoofing. 3.3 Homograph Attacks Using Unicode. 3.3.1 Homograph Attacks. 3.3.2 Similar Unicode String Generation. 3.3.3 Methodology of Homograph Attack Detection. 3.4 Simulated Browser Attack. 3.4.1 Using the Illusion. 3.4.2 Web Spoofing. 3.4.3 SSL and Webspoofing. 3.4.4 Ensnaring the User. 3.4.5 SpoofGuard Versus the Simulated Browser Attack. 3.5 Case Study: Warning the User About Active Web Spoofing. References. 4. Pharming and Client Side Attacks. 4.1 Malware. 4.1.1 Viruses and Worms. 4.1.2 Spyware. 4.1.3 Adware. 4.1.4 Browser Hijackers. 4.1.5 Keyloggers. 4.1.6 Trojan Horses. 4.1.7 Rootkits. 4.1.8 Session Hijackers. 4.2 Malware Defense Strategies. 4.2.1 Defense Against Worms and Viruses . 4.2.2 Defense Against Spyware and Keyloggers. 4.2.3 Defending Against Rootkits. 4.3 Pharming. 4.3.1 Overview of DNS. 4.3.2 Role of DNS in Pharming. 4.3.3 Defending Against Pharming. 4.4 Case Study: Pharming with Appliances. 4.4.1 A Different Phishing Strategy. 4.4.2 The Spoof: A Home Pharming Appliance. 4.4.3 Sustainability of Distribution in the Online Marketplace. 4.4.4 Countermeasures. 4.5 Case Study: Race-Pharming. 4.5.1 Technical Description. 4.5.2 Detection and Countermeasures. 4.5.3 Contrast with DNS Pharming. References. 5. Status Quo Security Tools. 5.1 An overview of Anti-Spam Techniques. 5.2 Public Key Cryptography and its Infrastructure. 5.2.1 Public key Encryption. 5.2.2 Digital Signatures. 5.2.3 Certificates & Certificate Authorities. 5.2.4 Certificates. 5.3 SSL Without a PKI. 5.3.1 Modes of Authentication. 5.3.2 The Handshaking Protocol. 5.3.3 SSL in the Browser. 5.4 Honeypots. 5.4.1 Advantages and Disadvantages. 5.4.2 Technical Details. 5.4.3 Honeypots and the Security Process. 5.4.4 Email Honeypots. 5.4.5 Phishing Tools and Tactics. References. 6. Adding Context to Phishing Attacks: Spear Phishing. 6.1 Overview of Context Aware Phishing. 6.2 Modeling Phishing Attacks. 6.2.1 Stages of Context Aware Attacks. 6.2.2 Identity Linking. 6.2.3 Analysing the General Case. 6.2.4 Analysis of One Example Attack. 6.2.5 Defenses Against our Example Attacks. 6.3 Case Study: Automated Trawling for Public Private Data. 6.3.1 Mother’s Maiden Name: Plan of Attack. 6.3.2 Availability of Vital Information. 6.3.3 Heuristics for MMN Discovery. 6.3.4 Experimental Design. 6.3.5 Assessing the Damage. 6.3.6 Time and Space Heustics. 6.3.7 MMN Compromise in Suffixed Children. 6.3.8 Other Ways to Derive Mother’s Maiden Names. 6.4 Case Study: Using Your Social Network Against You. 6.4.1 Motivations of a Social Phishing Attack Experiment. 6.4.2 Design Considerations. 6.4.3 Data Mining. 6.4.4 Performing the Attack. 6.4.5 Results. 6.4.6 Reactions Expressed in Experiment Blog. 6.5 Case Study: Browser Recon Attacks. 6.5.1 Who Cares Where I’ve Been? 6.5.2 Mining Your History. 6.5.3 CSS To Mine History. 6.5.4 Bookmarks. 6.5.5 Various Uses For Browser-Recon. 6.5.6 Protecting Against Browser Recon Attacks. 6.6 Case Study: Using the Autofill feature in Phishing. 6.7 Case Study: Acoustic Keyboard Emanations. 6.7.1 Previous Attacks of Acoustic Emanations. 6.7.2 Description of Attack. 6.7.3 Technical Details. 6.7.4 Experiments. References. 7. Human-Centered Design Considerations. 7.1 Introduction: The Human Context of Phishing and Online Security. 7.1.1 Human Behavior. 7.1.2 Browser and Security Protocol Issues in the Human Context. 7.1.3 Overview of the HCI and Security Literature. 7.2 Understanding and Designing for Users. 7.2.1 Understanding Users and Security. 7.2.2 Designing Usable Secure Systems. 7.3 Mis-Education. 7.3.1 How Does Learning Occur? 7.3.2 The Lessons. 7.3.3 Learning to Be Phished. 7.3.4 Solution Framework. References. 8. Passwords. 8.1 Traditional Passwords. 8.1.1 Cleartext Passwords. 8.1.2 Password recycling. 8.1.3 Hashed Passwords. 8.1.4 Brute force attacks. 8.1.5 Dictionary Attacks. 8.1.6 Time-Memory Tradeoffs. 8.1.7 Salted Passwords. 8.1.8 Eavesdropping. 8.1.9 One-Time Passwords. 8.1.10 Alternatives to Passwords. 8.2 Case Study: Phishing in Germany. 8.2.1 Comparison of Procedures. 8.2.2 Recent Changes and New Challenges. 8.3 Security Questions as Password Reset Mechanisms. 8.3.1 Knowledge Based Authentication. 8.3.2 Security Properties of Life Questions. 8.3.3 Protocols Using Life Questions. 8.3.4 Example Systems. 8.4 One-Time Password Tokens. 8.4.1 OTPs as a Phishing Countermeasure. 8.4.2 Advanced Concepts. References. 9. Mutual Authentication and Trusted Pathways. 9.1 The Need for Reliable Mutual Authentication. 9.1.1 Distinctions Between The Physical and Virtual World. 9.1.2 The State of Current Mutual Authentication. 9.2 Password Authenticated Key Exchange. 9.2.1 A Comparison Between PAKE and SSL. 9.2.2 An Example PAKE Protocol: SPEKE. 9.2.3 Other PAKE Protocols and Some Augmented Variations. 9.2.4 Doppelganger Attacks on PAKE. 9.3 Delayed Password Disclosure. 9.3.1 DPD Security Guarantees. 9.3.2 A DPD Protocol. 9.4 Trusted Path: How To Find Trust in an Unscrupulous World. 9.4.1 Trust on the World Wide Web. 9.4.2 Trust Model: Extended Conventional Model. 9.4.3 Trust Model: Xenophobia. 9.4.4 Trust Model: Untrusted Local Computer. 9.4.5 Trust Model: Untrusted Recipient. 9.4.6 Usability Considerations. 9.5 Dynamic Security Skins. 9.5.1 Security Properties. 9.5.2 Why Phishing Works. 9.5.3 Dynamic Security Skins. 9.5.4 User Interaction. 9.5.5 Security Analysis. 9.6 Browser Enhancements for Preventing Phishing. 9.6.1 Goals for Anti-phishing Techniques. 9.6.2 Google Safe Browsing. 9.6.3 Phoolproof Phishing Prevention. 9.6.4 Final Design of the Two-Factor Authentication System. References. 10. Biometrics and Authentication. 10.1 Biometrics. 10.1.1 Fundamentals of Biometric Authentication. 10.1.2 Biometrics and Cryptography. 10.1.3 Biometrics and Phishing. 10.1.4 Phishing Biometric Characteristics. 10.2 Hardware Tokens for Authentication and Authorization. 10.3 Trusted Computing Platforms and Secure Operating Systems. 10.3.1 Protecting Against Information Harvesting. 10.3.2 Protecting Against Information Snooping. 10.3.3 Protecting Against Redirection. 10.4 Secure Dongles and PDAs. 10.4.1 The Promise and Problems of PKI. 10.4.2 Smart Cards and USB Dongles to Mitigate Risk. 10.4.3 PorKI Design and Use. 10.4.4 PorKI Evaluation. 10.4.5 New Applications and Directions. 10.5 Cookies for Authentication. 10.5.1 Cache-Cookie Memory Management. 10.5.2 Cache-Cookie Memory. 10.5.3 C-Memory. 10.5.4 TIF-Based Cache Cookies. 10.5.5 Schemes for User Identification and Authentication. 10.5.6 Identifier Trees. 10.5.7 Rolling-Pseudonym Scheme. 10.5.8 Denial-of-Service Attacks. 10.5.9 Secret Cache Cookies. 10.5.10 Audit Mechanisms. 10.5.11 Proprietary Identifier-Trees. 10.5.12 Implementation. 10.6 Lightweight Email Signatures. 10.6.1 Cryptographic and System Preliminaries. 10.6.2 Lightweight Email Signatures. 10.6.3 Technology Adoption. 10.6.4 Vulnerabilities. 10.6.5 Experimental Results. References. 11. Making Takedown Difficult. 11.1 Detection and Takedown. 11.1.1 Avoiding Distributed Phishing Attacks—Overview. 11.1.2 Collection of Candidate Phishing Emails. 11.1.3 Classification of Phishing Emails. References. 12. Protecting Browser State. 12.1 Client-Side Protection of Browser State. 12.1.1 Same-Origin Principle. 12.1.2 Protecting Cache. 12.1.3 Protecting Visited Links. 12.2 Server-Side Protection of Browser State. 12.2.1 Goals. 12.2.2 A Server-Side Solution. 12.2.3 Pseudonyms. 12.2.4 Translation Policies. 12.2.5 Special Cases. 12.2.6 Security Argument. 12.2.7 Implementation Details. 12.2.8 Pseudonyms and Translation. 12.2.9 General Considerations. References. 13. Browser Toolbars. 13.1 Browser-Based Anti-Phishing Tools. 13.1.1 Information-Oriented Tools. 13.1.2 Database-Oriented Tools. 13.1.3 Domain-Oriented Tools. 13.2 Do Browser Toolbars Actually Prevent Phishing? 13.2.1 Study Design. 13.2.2 Results and Discussion. References. 14. Social Networks. 14.1 The Role of Trust Online. 14.2 Existing Solutions for Securing Trust Online. 14.2.1 Reputation Systems and Social Networks. 14.2.2 Third Party Certifications. 14.2.3 First Party Assertions. 14.2.4 Existing Solutions for Securing Trust Online. 14.3 Case Study: “Net Trust”. 14.3.1 Identity. 14.3.2 The Buddy List. 14.3.3 The Security Policy. 14.3.4 The Rating System. 14.3.5 The Reputation System. 14.3.6 Privacy Considerations and Anonymity Models. 14.3.7 Usability Study Results. 14.4 The Risk of Social Networks. References. 15. Microsoft’s Anti-Phishing Technologies and Tactics. 15.1 Cutting The Bait: SmartScreen Detection of Email Spam and Scams. 15.2 Cutting The Hook: Dynamic Protection Within the Web Browser. 15.3 Prescriptive Guidance and Education for Users. 15.4 Ongoing Collaboration, Education and Innovation. References. 16. Using S/MIME. 16.1 Secure Electronic Mail: A Brief History. 16.1.1 The Key Certification Problem. 16.1.2 Sending Secure Email: Usability Concerns. 16.1.3 The Need to Redirect Focus. 16.2 Amazon.com’s Experience with S/MIME. 16.2.1 Survey Methodology. 16.2.2 Awareness of Cryptographic Capabilities. 16.2.3 Segmenting the Respondents. 16.2.4 Appropriate Uses of Signing and Sealing. 16.3 Signatures Without Sealing. 16.3.1 Evaluating the Usability Impact of S/MIME-Signed Messages. 16.3.2 Problems from the Field. 16.4 Conclusions and Recommendations. 16.4.1 Promote Incremental Deployment. 16.4.2 Extending Security from the Walled Garden. 16.4.3 S/MIME for Webmail. 16.4.4 Improving the S/MIME Client. References. 17. Experimental evaluation of attacks and countermeasures. 17.1 Behavioral Studies. 17.1.1 Targets of Behavioral Studies. 17.1.2 Techniques of Behavioral Studies for Security. 17.1.3 Strategic and Tactical Studies. 17.2 Case Study: Attacking eBay Users with Queries. 17.2.1 User-to-User Phishing on eBay. 17.2.2 eBay Phishing Scenarios. 17.2.3 Experiment Design. 17.2.4 Methodology. 17.3 Case Study: Signed Applets. 17.3.1 Trusting Applets. 17.3.2 Exploiting Applets’ Abilities. 17.3.3 Understanding the Potential Impact. 17.4 Case Study: Ethically Studying Man in the Middle. 17.4.1 Man-in-the-Middle and Phishing. 17.4.2 Experiment: Design Goals and Theme. 17.4.3 Experiment: Man-in-the-Middle Technique Implementation. 17.4.4 Experiment: Participant Preparation. 17.4.5 Experiment: Phishing Delivery Method. 17.4.6 Experiment: Debriefing. 17.4.7 Preliminary Findings. 17.5 Legal Considerations in Phishing Research. 17.5.1 Specific Federal and State Laws. 17.5.2 Contract Law - Business Terms of Use. 17.5.3 Potential Tort Liability. 17.5.4 The Scope of Risk. 17.6 Case Study: Designing and Conducting Phishing Experiments. 17.6.1 Ethics and Regulation. 17.6.2 Phishing experiments—Three Case Studies. 17.6.3 Making it Look Like Phishing. 17.6.4 Subject Reactions. 17.6.5 The Issue of Timeliness. References. 18. Liability for Phishing. 18.1 Impersonation. 18.1.1 Anti-SPAM. 18.1.2 Trademark. 18.1.3 Copyright. 18.2 Obtaining Personal Information. 18.2.1 Fraudulent Access. 18.2.2 Identity Theft. 18.2.3 Wire Fraud. 18.2.4 Pretexting. 18.2.5 Unfair Trade Practice. 18.2.6 Phishing-Specific Legislation. 18.2.7 Theft. 18.3 Exploiting Personal Information. 18.3.1 Fraud. 18.3.2 Identity Theft. 18.3.3 Illegal Computer Access. 18.3.4 Trespass to Chattels. References. 19. The Future. Index. About the Editors.

Read more less

Book SynopsisKevin Mitnick, the world's most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In The Art of Intrusion, Mitnick offers hair-raising stories of real-life computer break-ins, and shows how the victims could have prevented them.Table of ContentsChapter 1 Hacking the Casinos for a Million Bucks 1 Chapter 2 When Terrorists Come Calling 23 Chapter 3 The Texas Prison Hack 49 Chapter 4 Cops and Robbers 69 Chapter 5 The Robin Hood Hacker 91 Chapter 6 The Wisdom and Folly of Penetration Testing 115 Chapter 7 Of Course Your Bank Is Secure — Right? 139 Chapter 8 Your Intellectual Property Isn’t Safe 153 Chapter 9 On the Continent 195 Chapter 10 Social Engineers — How They Work and How to Stop Them 221 Chapter 11 Short Takes 247 Index 261

Read more less

Book SynopsisStrategies for Protecting National Critical Infrastructure Assets eases the research burden, develops investigative protocols, and pulls together data into a comprehensive and practical guide, to help the serious reader understand advanced concepts and techniques of risk assessment with an emphasis on meeting the security needs of the critical national infrastructure. The text is divided into five major sections, which are further broken down by individual chapters, each addressing one element of risk assessment as well as focusing attention on applying the risk assessment methodology to a particular industry. This book establishes a new and acceptable approach for conducting risk assessments in a high-risk world. Helps the reader to understand advanced concepts and techniques of risk assessment Provides a quick, reliable, and practical briefcase reference to use in the office as well as on the road Introduces the elements of the risk assessment proceTable of ContentsPart 1 Understanding the Environment 1 Part 2 Understanding Security Assessments 45 Part 3 Tailoring the S3E Security Methodology to Specific Critical Infrastructure Sectors 219 General Glossary 525 Index 589

Read more less

Book SynopsisToday's uber viruses, worms, and trojans may seem more damaging than ever, but the attacking malware and malicious hackers are using the same tricks they always have. With this book, Microsoft MVP Roger Grimes exposes the real threat to Windows computers and offers practical guidance to secure those systems.Table of ContentsAcknowledgments. Introduction. Part I: The Basics in Depth. Chapter 1: Windows Attacks. Chapter 2: Conventional and Unconventional Defenses. Chapter 3: NTFS Permissions 101. Part II: OS Hardening. Chapter 4: Preventing Password Crackers. Chapter 5: Protecting High-Risk Files. Chapter 6: Protecting High-Risk Registry Entries. Chapter 7: Tightening Services. Chapter 8: Using IPSec. Part III: Application Security. Chapter 9: Stopping Unauthorized Execution. Chapter 10: Securing Internet Explorer. Chapter 11: Protecting E-mail. Chapter 12: IIS Security. Chapter 13: Using Encrypting File System. Part IV: Automating Security. Chapter 14: Group Policy Explained. Chapter 15: Designing a Secure Active Directory Infrastructure. Book Summary. Index.

Read more less

Book SynopsisCybercrime is on the rise . . . Make sure your company doesn’t make the next grim headline.

Read more less

Book SynopsisThis practical guide introduces you to Falco, the open source standard for continuous risk and threat detection across Kubernetes, containers, and the cloud. Falco creator Loris Degioanni and core maintainer Leonardo Grasso bring you up to speed on cloud native threat detection basics and show you how to get Falco up and running.

Read more less

Book SynopsisIn this practical book, authors Ev Kontsevoy, Sakshyam Shah, and Peter Conrad break this topic down into manageable pieces. You'll discover how different parts of the approach fit together in a way that enables engineering teams to build more secure applications without slowing down productivity.

Read more less

Book SynopsisIn this revised and updated second edition, author Andrew Hoffman examines dozens of related topics, from the latest types of attacks and mitigations to threat modeling, the secure software development lifecycle (SSDL/SDLC), and more.

Read more less

Book Synopsis

Read more less

Book SynopsisThe highly successful security book returns with a new edition, completely updated Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users.Table of ContentsIntroduction xxiii Chapter 1 Web Application (In)security 1 The Evolution of Web Applications 2 Common Web Application Functions 4 Benefits of Web Applications 5 Web Application Security 6 “This Site Is Secure” 7 The Core Security Problem: Users Can Submit Arbitrary Input 9 Key Problem Factors 10 The New Security Perimeter 12 The Future of Web Application Security 14 Summary 15 Chapter 2 Core Defense Mechanisms 17 Handling User Access 18 Authentication 18 Session Management 19 Access Control 20 Handling User Input 21 Varieties of Input 21 Approaches to Input Handling 23 Boundary Validation 25 Multistep Validation and Canonicalization 28 Handling Attackers 30 Handling Errors 30 Maintaining Audit Logs 31 Alerting Administrators 33 Reacting to Attacks 34 Managing the Application 35 Summary 36 Questions 36 Chapter 3 Web Application Technologies 39 The HTTP Protocol 39 HTTP Requests 40 HTTP Responses 41 HTTP Methods 42 URLs 44 Rest 44 HTTP Headers 45 Cookies 47 Status Codes 48 Https 49 HTTP Proxies 49 HTTP Authentication 50 Web Functionality 51 Server-Side Functionality 51 Client-Side Functionality 57 State and Sessions 66 Encoding Schemes 66 URL Encoding 67 Unicode Encoding 67 HTML Encoding 68 Base64 Encoding 69 Hex Encoding 69 Remoting and Serialization Frameworks 70 Next Steps 70 Questions 71 Chapter 4 Mapping the Application 73 Enumerating Content and Functionality 74 Web Spidering 74 User-Directed Spidering 77 Discovering Hidden Content 80 Application Pages Versus Functional Paths 93 Discovering Hidden Parameters 96 Analyzing the Application 97 Identifying Entry Points for User Input 98 Identifying Server-Side Technologies 101 Identifying Server-Side Functionality 107 Mapping the Attack Surface 111 Summary 114 Questions 114 Chapter 5 Bypassing Client-Side Controls 117 Transmitting Data Via the Client 118 Hidden Form Fields 118 HTTP Cookies 121 URL Parameters 121 The Referer Header 122 Opaque Data 123 The ASP.NET ViewState 124 Capturing User Data: HTML Forms 127 Length Limits 128 Script-Based Validation 129 Disabled Elements 131 Capturing User Data: Browser Extensions 133 Common Browser Extension Technologies 134 Approaches to Browser Extensions 135 Intercepting Traffic from Browser Extensions 135 Decompiling Browser Extensions 139 Attaching a Debugger 151 Native Client Components 153 Handling Client-Side Data Securely 154 Transmitting Data Via the Client 154 Validating Client-Generated Data 155 Logging and Alerting 156 Summary 156 Questions 157 Chapter 6 Attacking Authentication 159 Authentication Technologies 160 Design Flaws in Authentication Mechanisms 161 Bad Passwords 161 Brute-Forcible Login 162 Verbose Failure Messages 166 Vulnerable Transmission of Credentials 169 Password Change Functionality 171 Forgotten Password Functionality 173 “Remember Me” Functionality 176 User Impersonation Functionality 178 Incomplete Validation of Credentials 180 Nonunique Usernames 181 Predictable Usernames 182 Predictable Initial Passwords 183 Insecure Distribution of Credentials 184 Implementation Flaws in Authentication 185 Fail-Open Login Mechanisms 185 Defects in Multistage Login Mechanisms 186 Insecure Storage of Credentials 190 Securing Authentication 191 Use Strong Credentials 192 Handle Credentials Secretively 192 Validate Credentials Properly 193 Prevent Information Leakage 195 Prevent Brute-Force Attacks 196 Prevent Misuse of the Password Change Function 199 Prevent Misuse of the Account Recovery Function 199 Log, Monitor, and Notify 201 Summary 201 Questions 202 Chapter 7 Attacking Session Management 205 The Need for State 206 Alternatives to Sessions 208 Weaknesses in Token Generation 210 Meaningful Tokens 210 Predictable Tokens 213 Encrypted Tokens 223 Weaknesses in Session Token Handling 233 Disclosure of Tokens on the Network 234 Disclosure of Tokens in Logs 237 Vulnerable Mapping of Tokens to Sessions 240 Vulnerable Session Termination 241 Client Exposure to Token Hijacking 243 Liberal Cookie Scope 244 Securing Session Management 248 Generate Strong Tokens 248 Protect Tokens Throughout Their Life Cycle 250 Log, Monitor, and Alert 253 Summary 254 Questions 255 Chapter 8 Attacking Access Controls 257 Common Vulnerabilities 258 Completely Unprotected Functionality 259 Identifier-Based Functions 261 Multistage Functions 262 Static Files 263 Platform Misconfiguration 264 Insecure Access Control Methods 265 Attacking Access Controls 266 Testing with Different User Accounts 267 Testing Multistage Processes 271 Testing with Limited Access 273 Testing Direct Access to Methods 276 Testing Controls Over Static Resources 277 Testing Restrictions on HTTP Methods 278 Securing Access Controls 278 A Multilayered Privilege Model 280 Summary 284 Questions 284 Chapter 9 Attacking Data Stores 287 Injecting into Interpreted Contexts 288 Bypassing a Login 288 Injecting into SQL 291 Exploiting a Basic Vulnerability 292 Injecting into Different Statement Types 294 Finding SQL Injection Bugs 298 Fingerprinting the Database 303 The UNION Operator 304 Extracting Useful Data 308 Extracting Data with UNION 308 Bypassing Filters 311 Second-Order SQL Injection 313 Advanced Exploitation 314 Beyond SQL Injection: Escalating the Database Attack 325 Using SQL Exploitation Tools 328 SQL Syntax and Error Reference 332 Preventing SQL Injection 338 Injecting into NoSQL 342 Injecting into MongoDB 343 Injecting into XPath 344 Subverting Application Logic 345 Informed XPath Injection 346 Blind XPath Injection 347 Finding XPath Injection Flaws 348 Preventing XPath Injection 349 Injecting into LDAP 349 Exploiting LDAP Injection 351 Finding LDAP Injection Flaws 353 Preventing LDAP Injection 354 Summary 354 Questions 354 Chapter 10 Attacking Back-End Components 357 Injecting OS Commands 358 Example 1: Injecting Via Perl 358 Example 2: Injecting Via ASP 360 Injecting Through Dynamic Execution 362 Finding OS Command Injection Flaws 363 Finding Dynamic Execution Vulnerabilities 366 Preventing OS Command Injection 367 Preventing Script Injection Vulnerabilities 368 Manipulating File Paths 368 Path Traversal Vulnerabilities 368 File Inclusion Vulnerabilities 381 Injecting into XML Interpreters 383 Injecting XML External Entities 384 Injecting into SOAP Services 386 Finding and Exploiting SOAP Injection 389 Preventing SOAP Injection 390 Injecting into Back-end HTTP Requests 390 Server-side HTTP Redirection 390 HTTP Parameter Injection 393 Injecting into Mail Services 397 E-mail Header Manipulation 398 SMTP Command Injection 399 Finding SMTP Injection Flaws 400 Preventing SMTP Injection 402 Summary 402 Questions 403 Chapter 11 Attacking Application Logic 405 The Nature of Logic Flaws 406 Real-World Logic Flaws 406 Example 1: Asking the Oracle 407 Example 2: Fooling a Password Change Function 409 Example 3: Proceeding to Checkout 410 Example 4: Rolling Your Own Insurance 412 Example 5: Breaking the Bank 414 Example 6: Beating a Business Limit 416 Example 7: Cheating on Bulk Discounts 418 Example 8: Escaping from Escaping 419 Example 9: Invalidating Input Validation 420 Example 10: Abusing a Search Function 422 Example 11: Snarfing Debug Messages 424 Example 12: Racing Against the Login 426 Avoiding Logic Flaws 428 Summary 429 Questions 430 Chapter 12 Attacking Users: Cross-Site Scripting 431 Varieties of XSS 433 Reflected XSS Vulnerabilities 434 Stored XSS Vulnerabilities 438 DOM-Based XSS Vulnerabilities 440 XSS Attacks in Action 442 Real-World XSS Attacks 442 Payloads for XSS Attacks 443 Delivery Mechanisms for XSS Attacks 447 Finding and Exploiting XSS Vulnerabilities 451 Finding and Exploiting Reflected XSS Vulnerabilities 452 Finding and Exploiting Stored XSS Vulnerabilities 481 Finding and Exploiting DOM-Based XSS Vulnerabilities 487 Preventing XSS Attacks 492 Preventing Reflected and Stored XSS 492 Preventing DOM-Based XSS 496 Summary 498 Questions 498 Chapter 13 Attacking Users: Other Techniques 501 Inducing User Actions 501 Request Forgery 502 UI Redress 511 Capturing Data Cross-Domain 515 Capturing Data by Injecting HTML 516 Capturing Data by Injecting CSS 517 JavaScript Hijacking 519 The Same-Origin Policy Revisited 524 The Same-Origin Policy and Browser Extensions 525 The Same-Origin Policy and HTML 5 528 Crossing Domains with Proxy Service Applications 529 Other Client-Side Injection Attacks 531 HTTP Header Injection 531 Cookie Injection 536 Open Redirection Vulnerabilities 540 Client-Side SQL Injection 547 Client-Side HTTP Parameter Pollution 548 Local Privacy Attacks 550 Persistent Cookies 550 Cached Web Content 551 Browsing History 552 Autocomplete 552 Flash Local Shared Objects 553 Silverlight Isolated Storage 553 Internet Explorer userData 554 HTML5 Local Storage Mechanisms 554 Preventing Local Privacy Attacks 554 Attacking ActiveX Controls 555 Finding ActiveX Vulnerabilities 556 Preventing ActiveX Vulnerabilities 558 Attacking the Browser 559 Logging Keystrokes 560 Stealing Browser History and Search Queries 560 Enumerating Currently Used Applications 560 Port Scanning 561 Attacking Other Network Hosts 561 Exploiting Non-HTTP Services 562 Exploiting Browser Bugs 563 DNS Rebinding 563 Browser Exploitation Frameworks 564 Man-in-the-Middle Attacks 566 Summary 568 Questions 568 Chapter 14 Automating Customized Attacks 571 Uses for Customized Automation 572 Enumerating Valid Identifiers 573 The Basic Approach 574 Detecting Hits 574 Scripting the Attack 576 JAttack 577 Harvesting Useful Data 583 Fuzzing for Common Vulnerabilities 586 Putting It All Together: Burp Intruder 590 Barriers to Automation 602 Session-Handling Mechanisms 602 CAPTCHA Controls 610 Summary 613 Questions 613 Chapter 15 Exploiting Information Disclosure 615 Exploiting Error Messages 615 Script Error Messages 616 Stack Traces 617 Informative Debug Messages 618 Server and Database Messages 619 Using Public Information 623 Engineering Informative Error Messages 624 Gathering Published Information 625 Using Inference 626 Preventing Information Leakage 627 Use Generic Error Messages 628 Protect Sensitive Information 628 Minimize Client-Side Information Leakage 629 Summary 629 Questions 630 Chapter 16 Attacking Native Compiled Applications 633 Buffer Overflow Vulnerabilities 634 Stack Overflows 634 Heap Overflows 635 “Off-by-One” Vulnerabilities 636 Detecting Buffer Overflow Vulnerabilities 639 Integer Vulnerabilities 640 Integer Overflows 640 Signedness Errors 641 Detecting Integer Vulnerabilities 642 Format String Vulnerabilities 643 Detecting Format String Vulnerabilities 644 Summary 645 Questions 645 Chapter 17 Attacking Application Architecture 647 Tiered Architectures 647 Attacking Tiered Architectures 648 Securing Tiered Architectures 654 Shared Hosting and Application Service Providers 656 Virtual Hosting 657 Shared Application Services 657 Attacking Shared Environments 658 Securing Shared Environments 665 Summary 667 Questions 667 Chapter 18 Attacking the Application Server 669 Vulnerable Server Configuration 670 Default Credentials 670 Default Content 671 Directory Listings 677 WebDAV Methods 679 The Application Server as a Proxy 682 Misconfigured Virtual Hosting 683 Securing Web Server Configuration 684 Vulnerable Server Software 684 Application Framework Flaws 685 Memory Management Vulnerabilities 687 Encoding and Canonicalization 689 Finding Web Server Flaws 694 Securing Web Server Software 695 Web Application Firewalls 697 Summary 699 Questions 699 Chapter 19 Finding Vulnerabilities in Source Code 701 Approaches to Code Review 702 Black-Box Versus White-Box Testing 702 Code Review Methodology 703 Signatures of Common Vulnerabilities 704 Cross-Site Scripting 704 SQL Injection 705 Path Traversal 706 Arbitrary Redirection 707 OS Command Injection 708 Backdoor Passwords 708 Native Software Bugs 709 Source Code Comments 710 The Java Platform 711 Identifying User-Supplied Data 711 Session Interaction 712 Potentially Dangerous APIs 713 Configuring the Java Environment 716 ASP.NET 718 Identifying User-Supplied Data 718 Session Interaction 719 Potentially Dangerous APIs 720 Configuring the ASP.NET Environment 723 PHP 724 Identifying User-Supplied Data 724 Session Interaction 727 Potentially Dangerous APIs 727 Configuring the PHP Environment 732 Perl 735 Identifying User-Supplied Data 735 Session Interaction 736 Potentially Dangerous APIs 736 Configuring the Perl Environment 739 JavaScript 740 Database Code Components 741 SQL Injection 741 Calls to Dangerous Functions 742 Tools for Code Browsing 743 Summary 744 Questions 744 Chapter 20 A Web Application Hacker’s Toolkit 747 Web Browsers 748 Internet Explorer 748 Firefox 749 Chrome 750 Integrated Testing Suites 751 How the Tools Work 751 Testing Work Flow 769 Alternatives to the Intercepting Proxy 771 Standalone Vulnerability Scanners 773 Vulnerabilities Detected by Scanners 774 Inherent Limitations of Scanners 776 Technical Challenges Faced by Scanners 778 Current Products 781 Using a Vulnerability Scanner 783 Other Tools 785 Wikto/Nikto 785 Firebug 785 Hydra 785 Custom Scripts 786 Summary 789 Chapter 21 A Web Application Hacker’s Methodology 791 General Guidelines 793 1 Map the Application’s Content 795 2 Analyze the Application 798 3 Test Client-Side Controls 800 4 Test the Authentication Mechanism 805 5 Test the Session Management Mechanism 814 6 Test Access Controls 821 7 Test for Input-Based Vulnerabilities 824 8 Test for Function-Specific Input Vulnerabilities 836 9 Test for Logic Flaws 842 10 Test for Shared Hosting Vulnerabilities 845 11 Test for Application Server Vulnerabilities 846 12 Miscellaneous Checks 849 13 Follow Up Any Information Leakage 852 Index 853

Read more less

Book SynopsisThis book covers public-key cryptography, describing in depth all major public-key cryptosystems in current use, including ElGamal, RSA, Elliptic Curve, and digital signature schemes. It explains the underlying mathematics needed to build these schemes, and examines the most common techniques used in attacking them.Trade Review“This is a book of great pedagogical value. . . The book is a bright exposition of the mathematical methods most used in public key cryptography, and it is very motivating due to its numerous computational examples and rigorous treatment.” (Zentralblatt MATH, 1 August 2013) “The book is suitable as a university text for years three and above, and I recommend that every computer scientist read it. I would be inclined to describe this book as offering “what every computer scientist should know about public key cryptography.” (Computing Reviews, 9 September 2013)Table of ContentsPreface xii 0 Introduction 1 0.1 The Meaning of the Word Cryptography 2 0.2 Symmetric Key Cryptography 2 0.3 Public Key (Asymmetric) Cryptography 5 0.4 Key Establishment 8 0.5 Cryptography — more than just Hiding Secrets 9 0.6 Standards 10 0.7 Attacks 11 1 Congruence Equations 13 1.1 Congruence Arithmetic 13 1.1.1 Computer Examples 17 1.1.2 Problems 18 1.2 The Euclidean Algorithm — Finding Inverses 19 1.2.1 Computer Examples 26 1.2.2 Problems 27 1.3 Discrete Logarithms and Diffie-Hellman Key Exchange 27 1.3.1 Computer Examples 34 1.3.2 Problems 35 1.4 Attacking the Discrete Logarithm 37 1.4.1 Computer Examples 45 1.4.2 Problems 46 2 The ElGamal Scheme 49 2.1 Primitive Roots 49 2.1.1 Computer Examples 55 2.1.2 Problems 55 2.2 The ElGamal Scheme 56 2.2.1 Computer Examples 58 2.2.2 Problems 60 2.3 Security of the ElGamal Scheme 62 2.3.1 Computer Examples 64 2.3.2 Problems 64 3 The RSA Scheme 67 3.1 Euler's Theorem 67 3.1.1 Computer Examples 71 3.1.2 Problems 71 3.2 The RSA Algorithm 71 3.2.1 Computer Examples 76 3.2.2 Problems 78 3.3 RSA Security 79 3.3.1 Computer Examples 85 3.3.2 Problems 87 3.4 Implementing RSA 88 3.4.1 Computer Examples 90 3.4.2 Problems 91 4 Elliptic Curve Cryptography 93 4.1 Elliptic Curves and Elliptic Curve Groups 93 4.1.1 Computer Examples 102 4.1.2 Problems 103 4.2 Elliptic Curve Cryptography 104 4.2.1 Computer Examples 109 4.2.2 Problems 112 4.3 The Elliptic Curve Factoring Scheme 113 4.3.1 Computer Examples 115 4.3.2 Problems 116 5 Digital Signatures 117 5.1 Hash Functions 117 5.1.1 Computer Examples 129 5.1.2 Problems 130 5.2 Digital Signature Schemes 132 5.2.1 Computer Examples 139 5.2.2 Problems 141 5.3 Attacks on Digital Signatures 142 5.3.1 Computer Examples 150 5.3.2 Problems 152 6 Primality Testing 155 6.1 Fermat's Approach and Wilson's Theorem 156 6.1.1 Computer Examples 157 6.1.2 Problems 158 6.2 The Miller-Selfridge-Rabin Primality Test 158 6.2.1 Computer Examples 164 6.2.2 Problems 164 6.3 True Primality Tests 165 6.3.1 Computer Examples 168 6.4 Mersenne Primes and the Lucas-Lehmer Test 169 6.4.1 Computer Examples 171 6.4.2 Problems 171 6.5 Primes is in P 171 6.5.1 Computer Examples 175 6.5.2 Problems 176 7 Factoring Methods 179 7.1 Fermat Again 180 7.1.1 Computer Examples 183 7.1.2 Problems 185 7.2 The Quadratic Sieve 185 7.2.1 Computer Examples 187 7.2.2 Problems 189 7.3 Pollard's p - 1 and rho Methods 189 7.3.1 Computer Examples 193 7.3.2 Problems194 7.4 Continued Fractions and Factoring194 7.4.1 Computer Examples 200 7.4.2 Problems 203 Appendix: Solutions to Problems 207 References 231 Index 236 Notation 239

Read more less

Book SynopsisPractical guide that can be used by executives to make well-informed decisions on cybersecurity issues to better protect their business Emphasizes, in a direct and uncomplicated way, how executives can identify, understand, assess, and mitigate risks associated with cybersecurity issues Covers ''What to Do When You Get Hacked?'' including Business Continuity and Disaster Recovery planning, Public Relations, Legal and Regulatory issues, and Notifications and Disclosures Provides steps for integrating cybersecurity into Strategy; Policy and Guidelines; Change Management and Personnel Management Identifies cybersecurity best practices that executives can and should use both in the office and at home to protect their vital information Table of ContentsForeword xiii Preface xvii Acknowledgments xxiii 1.0 Introduction 1 1.1 Defining Cybersecurity 1 1.2 Cybersecurity is a Business Imperative 2 1.3 Cybersecurity is an Executive-Level Concern 4 1.4 Questions to Ask 4 1.5 Views of Others 7 1.6 Cybersecurity is a Full-Time Activity 7 2.0 Why Be Concerned? 9 2.1 A Classic Hack 9 2.2 Who Wants Your Fortune? 12 2.3 Nation-State Threats 13 2.3.1 China 13 2.3.2 Don’t Think that China is the Only One 17 2.4 Cybercrime is Big Business 20 2.4.1 Mercenary Hackers 20 2.4.2 Hacktivists 25 2.4.3 The Insider Threat 26 2.4.4 Substandard Products and Services 29 2.5 Summary 36 3.0 Managing Risk 37 3.1 Who Owns Risk in Your Business? 37 3.2 What are Your Risks? 38 3.2.1 Threats to Your Intellectual Property and Trade Secrets 38 3.2.2 Technical Risks 42 3.2.3 Human Risks 47 3.3 Calculating Your Risk 54 3.3.1 Quantitative Risk Assessment 55 3.3.2 Qualitative Risk Assessment 63 3.3.3 Risk Decisions 71 3.4 Communicating Risk 77 3.4.1 Communicating Risk Internally 78 3.4.2 Regulatory Communications 79 3.4.3 Communicating with Shareholders 86 3.5 Organizing for Success 89 3.5.1 Risk Management Committee 89 3.5.2 Chief Risk Officers 90 3.6 Summary 91 4.0 Build Your Strategy 95 4.1 How Much “Cybersecurity” Do I Need? 95 4.2 The Mechanics of Building Your Strategy 97 4.2.1 Where are We Now? 99 4.2.2 What do We have to Work with? 103 4.2.3 Where do We Want to be? 104 4.2.4 How do We Get There? 107 4.2.5 Goals and Objectives 108 4.3 Avoiding Strategy Failure 111 4.3.1 Poor Plans, Poor Execution 111 4.3.2 Lack of Communication 113 4.3.3 Resistance to Change 114 4.3.4 Lack of Leadership and Oversight 117 4.4 Ways to Incorporate Cybersecurity into Your Strategy 118 4.4.1 Identify the Information Critical to Your Business 119 4.4.2 Make Cybersecurity Part of Your Culture 119 4.4.3 Consider Cybersecurity Impacts in Your Decisions 119 4.4.4 Measure Your Progress 120 4.5 Plan For Success 121 4.6 Summary 123 5.0 Plan For Success 125 5.1 Turning Vision into Reality 125 5.1.1 Planning for Excellence 127 5.1.2 A Plan of Action 128 5.1.3 Doing Things 131 5.2 Policies Complement Plans 140 5.2.1 Great Cybersecurity Policies for Everyone 140 5.2.2 Be Clear about Your Policies and Who Owns Them 188 5.3 Procedures Implement Plans 190 5.4 Exercise Your Plans 191 5.5 Legal Compliance Concerns 193 5.6 Auditing 195 5.7 Summary 196 6.0 Change Management 199 6.1 Why Managing Change is Important 199 6.2 When to Change? 201 6.3 What is Impacted by Change? 205 6.4 Change Management and Internal Controls 209 6.5 Change Management as a Process 214 6.5.1 The Touhill Change Management Process 215 6.5.2 Following the Process 216 6.5.3 Have a Plan B, Plan C, and maybe a Plan D 220 6.6 Best Practices in Change Management 220 6.7 Summary 224 7.0 Personnel Management 227 7.1 Finding the Right Fit 227 7.2 Creating the Team 229 7.2.1 Picking the Right Leaders 230 7.2.2 Your Cybersecurity Leaders 233 7.3 Establishing Performance Standards 237 7.4 Organizational Considerations 240 7.5 Training for Success 242 7.5.1 Information Every Employee Ought to Know 242 7.5.2 Special Training for Executives 246 7.6 Special Considerations for Critical Infrastructure Protection 249 7.7 Summary 258 8.0 Performance Measures 261 8.1 Why Measure? 261 8.2 What to Measure? 267 8.2.1 Business Drivers 267 8.2.2 Types of Metrics 271 8.3 Metrics and the C-Suite 272 8.3.1 Considerations for the C-Suite 273 8.3.2 Questions about Cybersecurity Executives Should Ask 275 8.4 The Executive Cybersecurity Dashboard 277 8.4.1 How Vulnerable Are We? 277 8.4.2 How Effective Are Our Systems and Processes? 282 8.4.3 Do We Have the Right People, Are They Properly Trained, and Are They Following Proper Procedures? 286 8.4.4 Am I Spending the Right Amount on Security? 287 8.4.5 How Do We Compare to Others? 288 8.4.6 Creating Your Executive Cybersecurity Dashboard 289 8.5 Summary 291 9.0 What To Do When You Get Hacked 293 9.1 Hackers Already Have You Under Surveillance 293 9.2 Things to do Before it’s Too Late: Preparing for the Hack 295 9.2.1 Back Up Your Information 296 9.2.2 Baseline and Define What is Normal 296 9.2.3 Protect Yourself with Insurance 297 9.2.4 Create Your Disaster Recovery and Business Continuity Plan 298 9.3 What to do When Bad Things Happen: Implementing Your Plan 299 9.3.1 Item 1: Don’t Panic 300 9.3.2 Item 2: Make Sure You’ve Been Hacked 301 9.3.3 Item 3: Gain Control 302 9.3.4 Item 4: Reset All Passwords 303 9.3.5 Item 5: Verify and Lock Down All Your External Links 304 9.3.6 Item 6: Update and Scan 305 9.3.7 Item 7: Assess the Damage 305 9.3.8 Item 8: Make Appropriate Notifications 307 9.3.9 Item 9: Find Out Why It Happened and Who Did It 309 9.3.10 Item 10: Adjust Your Defenses 310 9.4 Foot Stompers 310 9.4.1 The Importance of Public Relations 310 9.4.2 Working with Law Enforcement 315 9.4.3 Addressing Liability 317 9.4.4 Legal Issues to Keep an Eye On 318 9.5 Fool Me Once… 319 9.6 Summary 320 10.0 Boardroom Interactions 323 Appendix A: Policies 347 Appendix B: General Rules for Email Etiquette: Sample Training Handout 357 Glossary 361 Select Bibliography 371 Index 373

Read more less

Book SynopsisWritten by a team of experts at the forefront of the cyber-physical systems (CPS) revolution, this book provides an in-depth look at security and privacy, two of the most critical challenges facing both the CPS research and development community and ICT professionals. It explores, in depth, the key technical, social, and legal issues at stake, and it provides readers with the information they need to advance research and development in this exciting area. Cyber-physical systems (CPS) are engineered systems that are built from, and depend upon the seamless integration of computational algorithms and physical components. Advances in CPS will enable capability, adaptability, scalability, resiliency, safety, security, and usability far in excess of what today's simple embedded systems can provide. Just as the Internet revolutionized the way we interact with information, CPS technology has already begun to transform the way people interact with engineered systems. In the years aheTable of ContentsList of Contributors xvii Foreword xxiii Preface xxv Acknowledgments xxix 1 Overview of Security and Privacy in Cyber-Physical Systems 1Glenn A. Fink, ThomasW. Edgar, Theora R. Rice, Douglas G. MacDonald and Cary E. Crawford 1.1 Introduction 1 1.2 Defining Security and Privacy 1 1.2.1 Cybersecurity and Privacy 2 1.2.2 Physical Security and Privacy 3 1.3 Defining Cyber-Physical Systems 4 1.3.1 Infrastructural CPSs 5 1.3.1.1 Example: Electric Power 5 1.3.2 Personal CPSs 5 1.3.2.1 Example: Smart Appliances 6 1.3.3 Security and Privacy in CPSs 6 1.4 Examples of Security and Privacy in Action 7 1.4.1 Security in Cyber-Physical Systems 7 1.4.1.1 Protecting Critical Infrastructure from Blended Threat 8 1.4.1.2 Cyber-Physical Terrorism 8 1.4.1.3 Smart Car Hacking 9 1.4.1.4 Port Attack 10 1.4.2 Privacy in Cyber-Physical Systems 11 1.4.2.1 Wearables 11 1.4.2.2 Appliances 12 1.4.2.3 Motivating Sharing 12 1.4.3 Blending Information and Physical Security and Privacy 12 1.5 Approaches to Secure Cyber-Physical Systems 14 1.5.1 Least Privilege 14 1.5.2 Need-to-Know 15 1.5.3 Segmentation 15 1.5.4 Defensive Dimensionality 16 1.5.4.1 Defense-in-Depth 16 1.5.4.2 Defense-in-Breadth 16 1.5.5 User-Configurable Data Collection/Logging 17 1.5.6 Pattern Obfuscation 17 1.5.7 End-to-End Security 17 1.5.8 Tamper Detection/Security 18 1.6 Ongoing Security and Privacy Challenges for CPSs 18 1.6.1 Complexity of Privacy Regulations 18 1.6.2 Managing and Incorporating Legacy Systems 19 1.6.3 Distributed Identity and Authentication Management 20 1.6.4 Modeling Distributed CPSs 20 1.7 Conclusion 21 References 21 2 Network Security and Privacy for Cyber-Physical Systems 25Martin Henze, Jens Hiller, René Hummen, Roman Matzutt, KlausWehrle andJan H. Ziegeldorf 2.1 Introduction 25 2.2 Security and Privacy Issues in CPSs 26 2.2.1 CPS Reference Model 27 2.2.1.1 Device Level 27 2.2.1.2 Control/Enterprise Level 27 2.2.1.3 Cloud Level 28 2.2.2 CPS Evolution 28 2.2.3 Security and PrivacyThreats in CPSs 30 2.3 Local Network Security for CPSs 31 2.3.1 Secure Device Bootstrapping 32 2.3.1.1 Initial Key Exchange 33 2.3.1.2 Device Life Cycle 33 2.3.2 Secure Local Communication 34 2.3.2.1 Physical Layer 34 2.3.2.2 Medium Access 34 2.3.2.3 Network Layer 35 2.3.2.4 Secure Local Forwarding for Internet-Connected CPSs 35 2.4 Internet-Wide Secure Communication 36 2.4.1 Security Challenges for Internet-Connected CPS 37 2.4.2 Tailoring End-to-End Security to CPS 38 2.4.3 Handling Resource Heterogeneity 39 2.4.3.1 Reasonable Retransmission Mechanisms 39 2.4.3.2 Denial-of-Service Protection 40 2.5 Security and Privacy for Cloud-Interconnected CPSs 41 2.5.1 Securely Storing CPS Data in the Cloud 42 2.5.1.1 Protection of CPS Data 43 2.5.1.2 Access Control 43 2.5.2 Securely Processing CPS Data in the Cloud 44 2.5.3 Privacy for Cloud-Based CPSs 45 2.6 Summary 46 2.7 Conclusion and Outlook 47 Acknowledgments 48 References 48 3 Tutorial on Information Theoretic Metrics Quantifying Privacy in Cyber-Physical Systems 57Guido Dartmann, Mehmet Ö. Demir, Hendrik Laux, Volker Lücken, Naim Bajcinca, Gunes K. Kurt, Gerd Ascheid andMartina Ziefle 3.1 Social Perspective and Motivation 57 3.1.1 Motivation 59 3.1.2 Scenario 60 3.2 Information Theoretic Privacy Measures 62 3.2.1 Information Theoretic Foundations 62 3.2.2 Surprise and Specific Information 63 3.3 Privacy Models and Protection 64 3.3.1 k-Anonymity 65 3.4 Smart City Scenario: System Perspective 67 3.4.1 Attack without Anonymization 68 3.4.2 Attack with Anonymization of the ZIP 70 3.4.3 Attack with Anonymization of the Bluetooth ID 71 3.5 Conclusion and Outlook 71 Appendix A Derivation of the Mutual Information Based on the KLD 72 Appendix B Derivation of the Mutual Information In Terms of Entropy 73 Appendix C Derivation of the Mutual Information Conditioned onx 73 Appendix D Proof of Corollary 3.1 74 References 74 4 Cyber-Physical Systems and National Security Concerns 77Jeff Kosseff 4.1 Introduction 77 4.2 National Security Concerns Arising from Cyber-Physical Systems 79 4.2.1 Stuxnet 80 4.2.2 German Steel Mill 81 4.2.3 Future Attacks 82 4.3 National Security Implications of Attacks on Cyber-Physical Systems 82 4.3.1 Was the Cyber-Attack a “Use of Force” That Violates International Law? 83 4.3.2 If the AttackWas a Use of Force,Was That Force Attributable to a State? 86 4.3.3 Did the Use of Force Constitute an “Armed Attack” That Entitles the Target to Self-Defense? 87 4.3.4 If theUse of ForceWas an ArmedAttack, What Types of Self-Defense Are Justified? 88 4.4 Conclusion 89 References 90 5 Legal Considerations of Cyber-Physical Systems and the Internet of Things 93Alan C. Rither and Christopher M. Hoxie 5.1 Introduction 93 5.2 Privacy and Technology in Recent History 94 5.3 The Current State of Privacy Law 96 5.3.1 Privacy 98 5.3.2 Legal Background 98 5.3.3 Safety 99 5.3.4 Regulatory 100 5.3.4.1 Executive Branch Agencies 101 5.3.4.2 The Federal Trade Commission 101 5.3.4.3 The Federal Communications Commission 105 5.3.4.4 National Highway and Traffic Safety Administration 106 5.3.4.5 Food and Drug Administration 108 5.3.4.6 Federal Aviation Administration 109 5.4 Meeting Future Challenges 111 References 113 6 Key Management in CPSs 117YongWang and Jason Nikolai 6.1 Introduction 117 6.2 Key Management Security Goals and Threat Model 117 6.2.1 CPS Architecture 118 6.2.2 Threats and Attacks 119 6.2.3 Security Goals 120 6.3 CPS Key Management Design Principles 121 6.3.1 Heterogeneity 122 6.3.2 Real-Time Availability 122 6.3.3 Resilience to Attacks 123 6.3.4 Interoperability 123 6.3.5 Survivability 123 6.4 CPS Key Management 124 6.4.1 Dynamic versus Static 124 6.4.2 Public Key versus Symmetric Key 125 6.4.2.1 Public Key Cryptography 125 6.4.2.2 Symmetric Key Cryptography 127 6.4.3 Centralized versus Distributed 128 6.4.4 Deterministic versus Probabilistic 129 6.4.5 Standard versus Proprietary 130 6.4.6 Key Distribution versus Key Revocation 131 6.4.7 Key Management for SCADA Systems 131 6.5 CPS Key Management Challenges and Open Research Issues 132 6.6 Summary 133 References 133 7 Secure Registration and Remote Attestation of IoT Devices Joining the Cloud: The Stack4Things Case of Study 137Antonio Celesti,Maria Fazio, Francesco Longo, Giovanni Merlino and Antonio Puliafito 7.1 Introduction 137 7.2 Background 138 7.2.1 Cloud Integration with IoT 139 7.2.2 Security and Privacy in Cloud and IoT 139 7.2.3 Technologies 140 7.2.3.1 Hardware 140 7.2.3.2 Web Connectivity 141 7.2.3.3 Cloud 141 7.3 Reference Scenario and Motivation 142 7.4 Stack4Things Architecture 143 7.4.1 Board Side 144 7.4.2 Cloud-Side – Control and Actuation 145 7.4.3 Cloud-Side – Sensing Data Collection 146 7.5 Capabilities for Making IoT Devices Secure Over the Cloud 147 7.5.1 Trusted Computing 147 7.5.2 Security Keys, Cryptographic Algorithms, and Hidden IDs 148 7.5.3 Arduino YUN Security Extensions 149 7.6 Adding Security Capabilities to Stack4Things 149 7.6.1 Board-Side Security Extension 149 7.6.2 Cloud-Side Security Extension 150 7.6.3 Security Services in Stack4Things 150 7.6.3.1 Secure Registration of IoT Devices Joining the Cloud 151 7.6.3.2 Remote Attestation of IoT Devices 152 7.7 Conclusion 152 References 153 8 Context Awareness for Adaptive Access Control Management in IoT Environments 157Paolo Bellavista and Rebecca Montanari 8.1 Introduction 157 8.2 Security Challenges in IoT Environments 158 8.2.1 Heterogeneity and Resource Constraints 158 8.2.2 IoT Size and Dynamicity 160 8.3 Surveying Access Control Models and Solutions for IoT 160 8.3.1 Novel Access Control Requirements 160 8.3.2 Access Control Models for the IoT 162 8.3.3 State-of-the-Art Access Control Solutions 164 8.4 Access Control Adaptation:Motivations and Design Guidelines 165 8.4.1 Semantic Context-Aware Policies for Access Control Adaptation 166 8.4.2 Adaptation Enforcement Issues 167 8.5 Our Adaptive Context-Aware Access Control Solution for Smart 8.5.1 The Proteus Model 168 8.5.2 Adapting the General Proteus Model for the IoT 170 8.5.2.1 The Proteus Architecture for the IoT 172 8.5.2.2 Implementation and Deployment Issues 173 8.6 Open Technical Challenges and Concluding Remarks 174 References 176 9 Data Privacy Issues in Distributed Security Monitoring Systems 179Jeffery A. Mauth and DavidW. Archer 9.1 Information Security in Distributed Data Collection Systems 179 9.2 Technical Approaches for Assuring Information Security 181 9.2.1 Trading Security for Cost 182 9.2.2 Confidentiality: Keeping Data Private 182 9.2.3 Integrity: Preventing Data Tampering and Repudiation 186 9.2.4 Minimality: Reducing Data Attack Surfaces 188 9.2.5 Anonymity: Separating Owner from Data 188 9.2.6 Authentication: Verifying User Privileges for Access to Data 189 9.3 Approaches for Building Trust in Data Collection Systems 190 9.3.1 Transparency 190 9.3.2 Data Ownership and Usage Policies 191 9.3.3 Data Security Controls 191 9.3.4 Data Retention and Destruction Policies 192 9.3.5 Managing Data-loss Liability 192 9.3.6 Privacy Policies and Consent 192 9.4 Conclusion 193 References 193 10 Privacy Protection for Cloud-Based Robotic Networks 195Hajoon Ko, Sye L. Keoh and Jiong Jin 10.1 Introduction 195 10.2 Cloud Robot Network: Use Case, Challenges, and Security Requirements 197 10.2.1 Use Case 197 10.2.2 SecurityThreats and Challenges 199 10.2.3 Security Requirements 200 10.3 Establishment of Cloud Robot Networks 200 10.3.1 Cloud Robot Network as a Community 200 10.3.2 A Policy-Based Establishment of Cloud Robot Networks 201 10.3.3 Doctrine: A Community Specification 201 10.3.3.1 Attribute Types and User-Attribute Assignment (UAA) Policies 203 10.3.3.2 Authorization and Obligation Policies 203 10.3.3.3 Constraints Specification 205 10.3.3.4 Trusted Key Specification 206 10.3.3.5 Preferences Specification 206 10.3.3.6 Authentication in Cloud Robot Community 207 10.3.3.7 Service Access Control 207 10.4 Communication Security 207 10.4.1 Attribute-Based Encryption (ABE) 207 10.4.2 Preliminaries 208 10.4.3 Ciphertext-Policy Attribute-Based Encryption (CP-ABE) Scheme 208 10.4.4 Revocation Based on Shamir’s Secret Sharing 209 10.4.5 Cloud Robot Community’s CP-ABE Key Revocation 209 10.4.6 Integration of CP-ABE and Robot Community Architecture 210 10.5 Security Management of Cloud Robot Networks 212 10.5.1 Bootstrapping (Establishing) a Cloud Robot Community 212 10.5.2 Joining the Community 214 10.5.3 Leaving a Community 215 10.5.4 Service Access Control 216 10.6 RelatedWork 217 10.7 Conclusion 219 References 220 11 Toward Network Coding for Cyber-Physical Systems: Security Challenges and Applications 223Pouya Ostovari and JieWu 11.1 Introduction 223 11.2 Background on Network Coding and Its Applications 225 11.2.1 Background and Preliminaries 225 11.2.2 Network Coding Applications 226 11.2.2.1 Throughput/Capacity Enhancement 226 11.2.2.2 Robustness Enhancement 227 11.2.2.3 Protocol Simplification 228 11.2.2.4 Network Tomography 228 11.2.2.5 Security 229 11.2.3 Network Coding Classification 229 11.2.3.1 Stateless Network Coding Protocols 229 11.2.3.2 State-Aware Network Coding Protocols 229 11.3 Security Challenges 230 11.3.1 Byzantine Attack 230 11.3.2 Pollution Attack 230 11.3.3 Traffic Analysis 230 11.3.4 Eavesdropping Attack 231 11.3.5 Classification of the Attacks 232 11.3.5.1 Passive versus Active 232 11.3.5.2 External versus Internal 232 11.3.5.3 Effect of Network Coding 232 11.4 Secure Network Coding 233 11.4.1 Defense against Byzantine and Pollution Attack 233 11.4.2 Defense against Traffic Analysis 234 11.5 Applications of Network Coding in Providing Security 234 11.5.1 Eavesdropping Attack 234 11.5.1.1 Secure Data Transmission 234 11.5.1.2 Secure Data Storage 236 11.5.2 Secret Key Exchange 237 11.6 Conclusion 238 Acknowledgment 239 References 239 12 Lightweight Crypto and Security 243Lo’ai A. Tawalbeh and Hala Tawalbeh 12.1 Introduction 243 12.1.1 Cyber-Physical Systems CPSs 243 12.1.2 Security and Privacy 243 12.1.3 Lightweight Cryptography (LWC) 243 12.1.4 Chapter Organization 244 12.2 Cyber-Physical Systems 244 12.3 Security and Privacy in Cyber-Physical Systems 245 12.4 Lightweight Cryptography Implementations for Security and Privacy in CPSs 247 12.4.1 Introduction 247 12.4.2 Why Is Lightweight Cryptography Important? 249 12.4.3 Lightweight Symmetric and Asymmetric Ciphers Implementations 250 12.4.3.1 Hardware Implementations of Symmetric Ciphers 251 12.4.3.2 Software Implementations of Symmetric Ciphers 253 12.4.3.3 Hardware Implementations of Asymmetric Ciphers 254 12.4.3.4 Software Implementations of Asymmetric Ciphers 255 12.4.3.5 Secure Hash Algorithms (SHA) 256 12.5 Opportunities and Challenges 257 12.6 Conclusion 258 Acknowledgments 259 References 259 13 Cyber-Physical Vulnerabilities ofWireless Sensor Networks in Smart Cities 263Md. Mahmud Hasan and Hussein T. Mouftah 13.1 Introduction 263 13.1.1 The Smart City Concept and Components 263 13.2 WSN Applications in Smart Cities 265 13.2.1 Smart Home 265 13.2.2 Smart Grid Applications 267 13.2.2.1 Substation Monitoring 267 13.2.3 Intelligent Transport System Applications 268 13.2.3.1 Roadside Unit 268 13.2.3.2 Vehicular Sensor Network 269 13.2.3.3 Intelligent Sensor Network 269 13.2.4 Real-Time Monitoring and Safety Alert 270 13.3 Cyber-Physical Vulnerabilities 270 13.3.1 Possible Attacks 271 13.3.2 Impacts on Smart City Lives 272 13.3.2.1 Service Interruption 272 13.3.2.2 Damage to Property 273 13.3.2.3 Damage to Life 273 13.3.2.4 Privacy Infiltration 274 13.4 Solution Approaches 274 13.4.1 Cryptography 274 13.4.2 Intrusion Detection System 276 13.4.3 Watchdog System 277 13.4.4 GameTheoretic Deployment 277 13.4.5 Managed Security 277 13.4.6 Physical Security Measures 278 13.5 Conclusion 278 Acknowledgment 278 References 279 14 Detecting Data Integrity Attacks in Smart Grid 281Linqiang Ge,Wei Yu, Paul Moulema, Guobin Xu, David Griffith and Nada Golmie 14.1 Introduction 281 14.2 Literature Review 283 14.3 Network andThreat Models 285 14.3.1 Network Model 285 14.3.2 Threat Model 286 14.4 Our Approach 287 14.4.1 Overview 287 14.4.2 Detection Schemes 289 14.4.2.1 Statistical Anomaly-Based Detection 289 14.4.2.2 Machine Learning-Based Detection 290 14.4.2.3 Sequential Hypothesis Testing-Based Detection 291 14.5 Performance Evaluation 292 14.5.1 Evaluation Setup 292 14.5.2 Evaluation Results 294 14.6 Extension 297 14.7 Conclusion 298 References 298 15 Data Security and Privacy in Cyber-Physical Systems for Healthcare 305Aida Cauševic, Hossein Fotouhi and Kristina Lundqvist 15.1 Introduction 305 15.2 Medical Cyber-Physical Systems 306 15.2.1 Communication withinWBANs 307 15.2.1.1 Network Topology 307 15.2.1.2 Interference inWBANs 308 15.2.1.3 Challenges with LPWNs inWBANs 308 15.2.1.4 Feedback Control inWBANs 308 15.2.1.5 Radio Technologies 309 15.2.2 ExistingWBAN-Based Health Monitoring Systems 310 15.3 Data Security and Privacy Issues and Challenges inWBANs 312 15.3.1 Data Security and PrivacyThreats and Attacks 314 15.4 Existing Security and Privacy Solutions inWBAN 314 15.4.1 Academic Contributions 315 15.4.1.1 Biometric Solutions 315 15.4.1.2 Cryptographic Solutions 316 15.4.1.3 Solutions on ImplantableMedical Devices 318 15.4.2 Existing Commercial Solutions 319 15.5 Conclusion 320 References 320 16 Cyber Security of Smart Buildings 327SteffenWendzel, Jernej Tonejc, Jaspreet Kaur and Alexandra Kobekova 16.1 What Is a Smart Building? 327 16.1.1 Definition of the Term 327 16.1.2 The Design and the Relevant Components of a Smart Building 328 16.1.3 Historical Development of Building Automation Systems 330 16.1.4 The Role of Smart Buildings in Smart Cities 330 16.1.5 Known Cases of Attacks on Smart Buildings 331 16.2 Communication Protocols for Smart Buildings 332 16.2.1 KNX/EIB 333 16.2.2 BACnet 335 16.2.3 ZigBee 336 16.2.4 EnOcean 338 16.2.5 Other Protocols 339 16.2.6 Interoperability and Interconnectivity 339 16.3 Attacks 340 16.3.1 How Can Buildings Be Attacked? 340 16.3.2 Implications for the Privacy of Inhabitants and Users 340 16.3.3 Reasons for Insecure Buildings 341 16.4 Solutions to Protect Smart Buildings 342 16.4.1 Raising Security Awareness and Developing Security Know-How 342 16.4.2 Physical Access Control 343 16.4.3 Hardening Automation Systems 343 16.4.3.1 Secure Coding 343 16.4.3.2 Operating System Hardening 343 16.4.3.3 Patching 344 16.4.4 Network-Level Protection 344 16.4.4.1 Firewalls 345 16.4.4.2 Monitoring and Intrusion Detection Systems 345 16.4.4.3 Separation of Networks 345 16.4.5 Responsibility Matrix 345 16.5 Recent Trends in Smart Building Security Research 346 16.5.1 Visualization 346 16.5.2 Network Security 346 16.5.2.1 Traffic Normalization 346 16.5.2.2 Anomaly Detection 346 16.5.2.3 Novel Fuzzing Approaches 347 16.6 Conclusion and Outlook 347 References 348 17 The Internet of Postal Things: Making the Postal Infrastructure Smarter 353Paola Piscioneri, Jessica Raines and Jean Philippe Ducasse 17.1 Introduction 353 17.2 Scoping the Internet of PostalThings 354 17.2.1 The Rationale for an Internet of PostalThings 354 17.2.1.1 A Vast Infrastructure 354 17.2.1.2 Trust as a Critical Brand Attribute 355 17.2.1.3 Operational Experience in Data Collection and Analytics 356 17.2.1.4 Customer Demand for Information 356 17.2.2 Adjusting to a New Business Environment 356 17.2.2.1 Shifting from Unconnected to “Smart” Products and Services 357 17.2.2.2 Shifting from Competing on Price to Competing on Overall Value 357 17.2.2.3 Shifting from Industries to Ecosystems 357 17.2.2.4 Shifting fromWorkforce Replacement to Human-Centered Automation 357 17.3 Identifying Internet of Postal Things Applications 358 17.3.1 Transportation and Logistics 358 17.3.1.1 Predictive Maintenance 359 17.3.1.2 Fuel Management 359 17.3.1.3 Usage-Based Insurance 360 17.3.1.4 Driverless Vehicles 360 17.3.1.5 Load Optimization 360 17.3.1.6 Real-Time Dynamic Routing 360 17.3.1.7 Collaborative Last Mile Logistics 361 17.3.2 Enhanced Mail and Parcel Services: The Connected Mailbox 361 17.3.2.1 Concept and Benefits 362 17.3.2.2 The Smart Mailbox as a Potential Source of New Revenue 363 17.3.3 The Internet ofThings in Postal Buildings 364 17.3.3.1 Optimizing Energy Costs 364 17.3.3.2 The Smarter Post Office 365 17.3.4 Neighborhood Services 365 17.3.4.1 Smart Cities Need Local Partners 365 17.3.4.2 Carriers as Neighborhood Logistics Managers 366 17.3.5 Summarizing the Dollar Value of IoPT Applications 367 17.4 The Future of IoPT 367 17.4.1 IoPT Development Stages 367 17.4.2 Implementation Challenges 368 17.4.3 Building a Successful Platform Strategy 371 17.5 Conclusion 371 References 372 18 Security and Privacy Issues in the Internet of Cows 375Amber Adams-Progar, Glenn A. Fink, ElyWalker and Don Llewellyn 18.1 Precision Livestock Farming 375 18.1.1 Impact on Humans 376 18.1.1.1 Labor andWorkforce Effects 377 18.1.1.2 Food Quality and Provenance 377 18.1.1.3 Transparency and Remote Management 378 18.1.2 Impact on Animals 379 18.1.2.1 Estrus Monitoring 379 18.1.2.2 Rumen Health 380 18.1.2.3 Other Bovine Health Conditions 381 18.1.3 Impact on the Environment 382 18.1.4 Future Directions for IoT Solutions 383 18.2 Security and Privacy of IoT in Agriculture 384 18.2.1 Cyber-Physical System Vulnerabilities 385 18.2.2 Threat Models 386 18.2.2.1 Threat: Misuse of Video Data 386 18.2.2.2 Threat: Misuse of Research Data 387 18.2.2.3 Threat: Misuse of Provenance Data 387 18.2.2.4 Threat: Data Leakage via Leased Equipment and Software 388 18.2.2.5 Threat: Political Action and Terrorism 389 18.2.3 Recommendations for IoT Security and Privacy in Agriculture 390 18.2.3.1 Data Confidentiality 391 18.2.3.2 Data Integrity 393 18.2.3.3 System Availability 393 18.2.3.4 System Safety 393 18.3 Conclusion 395 References 395 19 Admission Control-Based Load Protection in the Smart Grid 399Paul Moulema, SriharshaMallapuram,Wei Yu, David Griffith, Nada Golmie and David Su 19.1 Introduction 399 19.2 RelatedWork 401 19.3 Our Approach 402 19.3.1 Load Admission Control 403 19.3.2 Load Shedding Techniques 404 19.3.2.1 Load-Size-Based Shedding – Smallest Load First: 405 19.3.2.2 Load-Size-Based Shedding – Largest Load First: 406 19.3.2.3 Priority-Based Load Shedding: 407 19.3.2.4 Fair Priority-Based Load Shedding: 408 19.3.3 Simulation Scenarios 410 19.4 Performance Evaluation 411 19.4.1 Scenario 1: Normal Operation 411 19.4.2 Scenario 2: Brutal Admission Control 413 19.4.3 Scenario 3: Load-Size-Based Admission Control 413 19.4.4 Scenario 4: Priority-Based Admission Control 416 19.4.5 Scenario 5: Fair Priority-Based Admission Control 417 19.5 Conclusion 419 References 419 Editor Biographies 423 Index 427

Read more less

Book SynopsisReceive comprehensive instruction on the fundamentals of wireless security from three leading international voices in the field Security in Wireless Communication Networksdelivers a thorough grounding in wireless communication security. The distinguished authors pay particular attention to wireless specific issues, like authentication protocols for various wireless communication networks,encryption algorithms and integrity schemes on radio channels, lessons learned from designing secure wireless systems and standardization for security in wireless systems. The book addresses how engineers, administrators, and others involved in the design and maintenance of wireless networks can achieve security while retaining the broadcast natureof the system, with all of its inherent harshness and interference. Readers will learn: A comprehensive introduction to the background of wireless communication network security, including a broad overview of wireless communication networks, security serviTable of ContentsPreface xvii Acknowledgments xxiii About the Companion Website xxv Part I Introduction and Mathematics Background 1 1 Introduction 3 1.1 General Computer Communication Network Architecture 3 1.1.1 Wired Communication Network Infrastructure 3 1.1.2 Wireless Communication Network Infrastructure 4 1.2 Different Types of Wireless Communication Systems 5 1.2.1 Classification of Wireless Communication Systems 5 1.2.1.1 Based on Coverage 5 1.2.1.2 Based on Topology 6 1.2.1.3 Based on Mobility 6 1.2.2 Wireless Personal Area Networks 7 1.2.3 Wireless Local Area Networks 7 1.2.4 Wireless Wide Area Networks 7 1.3 Network Security and Wireless Security 9 1.3.1 Network Security 9 1.3.2 Security Threats in Wireless Networks 10 1.4 Summary 11 2 Basic Network Security Concepts 13 2.1 Security Attacks 13 2.1.1 Passive Attacks 13 2.1.1.1 Eavesdropping 13 2.1.1.2 Traffic Analysis 14 2.1.2 Active Attacks 15 2.2 Security Services 16 2.2.1 Access Control 17 2.2.2 Authentication 17 2.2.3 Confidentiality 18 2.2.4 Integrity 18 2.2.5 Non-repudiation 19 2.2.6 Availability 19 2.3 Security Mechanisms 21 2.3.1 Encipherment 21 2.3.2 Authentication 21 2.3.3 Access Control 22 2.3.4 Digital Signature 22 2.3.5 Data Integrity 23 2.3.6 Traffic Padding and Routing Control 23 2.3.7 Notarization 24 2.4 Other Security Concepts 24 2.4.1 Levels of Impact 24 2.4.2 Cryptographic Protocols 25 2.5 Summary 25 3 Mathematical Background 27 3.1 Basic Concepts in Modern Algebra and Number Theory 27 3.1.1 Group 27 3.1.1.1 Abelian Group 28 3.1.1.2 Cyclic Group 28 3.1.2 Ring 29 3.1.3 Field 29 3.2 Prime Numbers, Modular Arithmetic, and Divisors 30 3.2.1 Prime Numbers 30 3.2.2 Modular Arithmetic 30 3.2.3 Divisors and GCD 31 3.2.4 Multiplicative Inverse 33 3.3 Finite Field and Galois Field 34 3.4 Polynomial Arithmetic 35 3.4.1 Ordinary Polynomial Arithmetic 35 3.4.2 Polynomial Arithmetic in Finite Fields 36 3.4.3 Modular Polynomial Arithmetic 37 3.4.4 Computational Considerations 39 3.4.5 Generating a Finite Field with a Generator 40 3.5 Fermat’s Little Theorem, Euler’s Totient Function, and Euler’s Theorem 41 3.5.1 Fermat’s Little Theorem 41 3.5.2 Euler Totient Function 𝜙(n) 42 3.5.3 Euler’s Theorem 43 3.6 Primality Testing 44 3.7 Chinese Remainder Theorem 46 3.8 Discrete Logarithm 48 3.9 Summary 49 Part II Cryptographic Systems 51 4 Cryptographic Techniques 53 4.1 Symmetric Encryption 53 4.2 Classical Cryptographic Schemes 53 4.2.1 Classical Substitution Ciphers 54 4.2.1.1 Caesar Cipher 54 4.2.1.2 Monoalphabetic Cipher 55 4.2.1.3 Playfair Cipher 57 4.2.1.4 Polyalphabetic Cipher 58 4.2.1.5 Autokey Cipher 59 4.2.1.6 One-Time Pad 60 4.2.2 Classical Transposition Ciphers 60 4.2.2.1 Rail Fence Cipher 60 4.2.2.2 Row Transposition Cipher 60 4.2.2.3 Product Cipher 61 4.2.3 More Advanced Classical Ciphers 61 4.2.3.1 Rotor Machines 61 4.2.3.2 Steganography 61 4.3 Stream Cipher 62 4.3.1 Rivest Cipher 4 62 4.4 Modern Block Ciphers 63 4.4.1 Overview of Modern Block Ciphers 63 4.4.2 Feistel Block Cipher 64 4.4.2.1 Ideal Block Cipher 64 4.4.2.2 Feistel Cipher Structure 65 4.4.3 Block Cipher Design 67 4.5 Data Encryption Standards (DES) 67 4.5.1 Overview of DES 67 4.5.2 Initial Permutation (IP) 68 4.5.3 DES Round Function 69 4.5.3.1 DES S-Boxes 71 4.5.3.2 DES Permutation Function 72 4.5.4 DES Key Schedule 72 4.5.5 DES Security 74 4.5.6 Multiple Encryption and DES 75 4.6 Summary 76 5 More on Cryptographic Techniques 77 5.1 Advanced Encryption Standards 77 5.1.1 The AES Cipher: Rijndael 77 5.1.2 AES Data Structure 77 5.1.3 Details in Each Round 79 5.1.3.1 Substitute Bytes 79 5.1.3.2 Shift Rows 81 5.1.3.3 Mix Columns 81 5.1.3.4 Add Round Key 82 5.1.3.5 AES Key Expansion 82 5.1.3.6 AES Decryption 84 5.1.3.7 AES Implementation Aspects 84 5.2 Block Cipher Modes of Operation 85 5.2.1 Electronic Codebook (ECB) Mode 85 5.2.2 Cipher Block Chaining (CBC) Mode 86 5.2.3 Cipher Feedback (CFB) Mode 87 5.2.4 Output Feedback (OFB) Mode 88 5.2.5 The Counter (CTR) Mode 89 5.2.6 Last Block in Different Modes 90 5.2.7 XTS-AES Mode 90 5.3 Public Key Infrastructure 92 5.3.1 Basics of Public Key Cryptography 92 5.3.2 Public-Key Applications 94 5.3.3 Security of Public Key Schemes 94 5.4 The RSA Algorithm 95 5.4.1 RSA Key Setup 95 5.4.2 RSA Encryption and Decryption 96 5.4.3 RSA Security Analysis 96 5.4.3.1 Factoring Problem 97 5.4.3.2 Timing attacks 97 5.4.3.3 Chosen Ciphertext Attacks 97 5.5 Diffie–Hellman (D–H) Key Exchange 97 5.5.1 Finite-Field Diffie–Hellman 97 5.5.2 Elliptic-Curve Diffie–Hellman 98 5.5.3 Diffie–Hellman Key Exchange Vulnerability 98 5.6 Summary 99 6 Message Authentication, Digital Signature, and Key Management 101 6.1 Message Authentication 101 6.1.1 Message Authentication Functions 101 6.1.2 Message Authentication Code 102 6.1.3 Hash Functions 103 6.1.4 Size of MAC and Hash Value 104 6.2 MAC and Hash Algorithms 105 6.2.1 Data Authentication Algorithm 105 6.2.2 A Basic Hash Function Structure 106 6.2.3 Secure Hash Algorithm (SHA) 106 6.2.4 SHA-512 107 6.2.4.1 SHA-512 Compression Function 108 6.2.4.2 SHA-512 Round Function 109 6.2.5 Whirlpool 111 6.2.6 Other MAC Functions 112 6.2.6.1 Keyed Hash Functions as MACs 112 6.2.6.2 Cipher-Based MAC 113 6.3 Digital Signature and Authentication 114 6.3.1 Digital Signature Properties 115 6.3.2 Digital Signature Standard and Algorithm 116 6.3.3 The Elliptic Curve Digital Signature Algorithm 117 6.3.3.1 ECDSA Domain Parameters 117 6.3.3.2 ECDSA Private/Public Keys 118 6.3.3.3 ECDSA Digital Signature Generation 119 6.3.3.4 ECDSA Digital Signature Verification 120 6.3.4 Authentication Protocols 120 6.4 Key Management 122 6.4.1 Key Distribution with Symmetric Key Encryptions 122 6.4.2 Symmetric Key Distribution Using Public Key Cryptosystems 123 6.4.3 Distribution of Public Keys 124 6.4.4 Public Key Infrastructure 126 6.4.5 X.509 Authentication Service 126 6.5 Summary 128 Part III Security for Wireless Local Area Networks 129 7 WLAN Security 131 7.1 Introduction to WLAN 131 7.1.1 Wi-Fi Operating Modes 131 7.1.2 Challenges in WLAN Security 132 7.1.3 Tricks that Fail to Protect WLAN 133 7.2 Evolution of WLAN Security 133 7.3 Wired Equivalent Privacy 135 7.3.1 WEP Access Control 135 7.3.2 WEP Integrity and Confidentiality 136 7.3.3 WEP Key Management 136 7.3.4 WEP Security Problems 137 7.3.4.1 Problems in WEP Access Control 138 7.3.4.2 Problems in WEP Integrity 138 7.3.4.3 Problems in WEP Confidentiality 138 7.3.4.4 Problems in WEP Key Management 139 7.3.5 Possible WEP Security Enhancement 140 7.4 IEEE 802.1X Authentication Model 140 7.4.1 An Overview of IEEE 802.1X 140 7.4.2 Protocols in IEEE 802.1X 141 7.4.3 Mapping the IEEE 802.1X model to WLAN 143 7.5 IEEE 802.11i Standard 143 7.5.1 Overview of IEEE 802.11i 143 7.5.2 IEEE 802.11i Access Control 143 7.5.3 IEEE 802.1i Key Management 145 7.5.4 IEEE 802.11i Integrity and Confidentiality 147 7.5.4.1 TKIP Mode 147 7.5.4.2 AES-CCMP Mode 148 7.5.5 Function Michael 148 7.5.6 Weakness in 802.11i 150 7.6 Wi-Fi Protected Access 3 and Opportunistic Wireless Encryption 150 7.6.1 WPA3-Personal 150 7.6.2 WPA3-Enterprise 150 7.6.3 Opportunistic Wireless Encryption 151 7.7 Summary 152 8 Bluetooth Security 153 8.1 Introduction to Bluetooth 153 8.1.1 Overview of Bluetooth Technology 153 8.1.2 Bluetooth Vulnerabilities and Threats 154 8.1.2.1 Bluesnarfing 155 8.1.2.2 Bluejacking 155 8.1.2.3 Bluebugging 155 8.1.2.4 Car Whisperer 155 8.1.2.5 Fuzzing Attacks 155 8.1.3 Bluetooth Security Services and Security Modes 156 8.1.3.1 Bluetooth Security Services 156 8.1.3.2 Bluetooth Security Modes 156 8.2 Link Key Generation 157 8.2.1 Link Key Generation for Security Modes 2 and 3 157 8.2.2 Link Key Generation for Security Mode 4 158 8.2.3 Association Model in Mode 4 159 8.2.3.1 Numeric comparison 159 8.2.3.2 Out-of-Band (OOB) 160 8.2.3.3 Passkey entry 162 8.3 Authentication, Confidentiality, and Trust and Service Levels 163 8.3.1 Authentication 163 8.3.2 Confidentiality 164 8.3.3 Trust and Security Service Levels 165 8.4 Cryptographic Functions for Security Modes 1, 2, and 3 166 8.4.1 SAFER+ 166 8.4.1.1 Overview of the SAFER+ Structure 166 8.4.1.2 SAFER+ Round Function 166 8.4.1.3 SAFER+ Key Schedule for 128-Bit Key 168 8.4.2 Function E1(⋅) 168 8.4.3 Function E21(⋅) 170 8.4.4 Function E22(⋅) 170 8.4.5 Function E3(⋅) 171 8.4.6 Function E0(⋅) 171 8.5 Cryptographic Functions in Security Mode 4 (SSP) 173 8.5.1 Function P192(⋅) 173 8.5.2 Function f1(⋅) 174 8.5.3 Function g(⋅) 174 8.5.3.1 Function f2(⋅) 174 8.5.3.2 Function f3(⋅) 174 8.6 Summary 174 9 Zigbee Security 177 9.1 Introduction to Zigbee 177 9.1.1 Overview of Zigbee 177 9.1.2 Security Threats Against Zigbee 178 9.2 IEEE 802.15.4 Security Features 179 9.2.1 Security Levels 179 9.2.2 IEEE 802.15.4 Frame Structure 180 9.3 Zigbee Upper Layer Security 182 9.3.1 Zigbee Security Models 182 9.3.2 Security Keys in Zigbee 183 9.3.3 Zigbee Network Layer Security 184 9.3.4 Zigbee Application Support Layer Security 184 9.3.5 Other Security Features in Zigbee 185 9.4 Security-Related MAC PIB Attributes 187 9.5 Mechanisms Used in Zigbee Security 188 9.5.1 AES-CTR 188 9.5.2 AES-CBC-MAC 189 9.5.3 Overview of the AES-CCM 189 9.5.4 Nonces Applied to the Security Mechanisms 189 9.5.5 Matyas–Meyer–Oseas Hash Function 190 9.6 Summary 191 10 RFID Security 193 10.1 Introduction to RFID 193 10.1.1 Overview of RFID Subsystems 193 10.1.2 Types of RFID Tags 193 10.1.3 RFID Transactions 194 10.1.4 RFID Frequency Bands 194 10.2 Security Attacks, Risks, and Objectives of RFID Systems 195 10.2.1 Security Attacks to RFID Systems 195 10.2.2 RFID Privacy Risks 195 10.2.3 Security Objectives 196 10.3 Mitigation Strategies and Countermeasures for RFID Security Risks 196 10.3.1 Cryptographic Strategies 196 10.3.1.1 Encryption 196 10.3.1.2 One-Way Hash Locks 196 10.3.1.3 EPC Tag PINs 197 10.3.2 Anti-Collision Algorithms 197 10.3.2.1 Tree-Walking 197 10.3.2.2 The Selective Blocker Tag 197 10.3.3 Other Mitigation Strategies 198 10.3.3.1 Physical Shielding Sleeve (The Faraday Cage) 198 10.3.3.2 Secure Reader Protocol 1.0 198 10.4 RFID Security Mechanisms 199 10.4.1 Hash Locks 199 10.4.1.1 Default Hash Locking 199 10.4.1.2 Randomized Hash Locking 200 10.4.2 HB Protocol and the Enhancement 200 10.4.2.1 HB Protocol 200 10.4.2.2 HB+ Protocol 202 10.4.2.3 HB++ Protocol 203 10.5 Summary 205 Part IV Security for Wireless Wide Area Networks 207 11 GSM Security 209 11.1 GSM System Architecture 209 11.1.1 Mobile Station 209 11.1.2 Base Station Subsystem 210 11.1.3 Network Subsystem 211 11.2 GSM Network Access Security Features 212 11.2.1 GSM Entity Authentication 212 11.2.2 GSM Confidentiality 214 11.2.3 GSM Anonymity 215 11.2.4 Detection of Stolen/Compromised Equipment in GSM 215 11.3 GSM Security Algorithms 215 11.3.1 Algorithm A3 216 11.3.2 Algorithm A8 216 11.3.3 Algorithm COMP128 216 11.3.4 Algorithm A5 220 11.3.4.1 A5∕1 220 11.3.4.2 Algorithm A5∕2 223 11.4 Attacks Against GSM Security 225 11.4.1 Attacks Against GSM Authenticity 225 11.4.1.1 Attacks Against GSM Confidentiality 226 11.4.2 Other Attacks against GSM Security 227 11.5 Possible GSM Security Improvements 227 11.5.1 Improvement over Authenticity and Anonymity 227 11.5.2 Improvement over Confidentiality 228 11.5.3 Improvement of the Signaling Network 228 11.6 Summary 228 12 UMTS Security 229 12.1 UMTS System Architecture 229 12.1.1 User Equipment 229 12.1.2 UTRAN 230 12.1.3 Core Network 231 12.2 UMTS Security Features 231 12.3 UMTS Network Access Security 232 12.3.1 Authentication and Key Agreement 232 12.3.1.1 The AKA Mechanism 232 12.3.1.2 Authentication Vector Generation 234 12.3.1.3 AKA on the UE Side 236 12.3.2 Confidentiality 237 12.3.3 Data Integrity 238 12.3.4 User Identity Confidentiality 239 12.4 Algorithms in Access Security 240 12.4.1 Encryption Algorithm f8 240 12.4.1.1 Integrity Algorithm f9 241 12.4.2 Description of KASUMI 242 12.4.2.1 An Overview of KASUMI Algorithm 242 12.4.2.2 Round Function Fi(⋅) 244 12.4.2.3 Function FL 244 12.4.2.4 Function FO 244 12.4.2.5 Function FI 245 12.4.2.6 S-boxes S7 and S9 245 12.4.2.7 Key Schedule 247 12.4.3 Implementation and Operational Considerations 248 12.5 Other UMTS Security Features 249 12.5.1 Mobile Equipment Identification 249 12.5.2 Location Services 249 12.5.3 User-to-USIM Authentication 249 12.6 Summary 250 13 LTE Security 251 13.1 LTE System Architecture 251 13.2 LTE Security Architecture 253 13.3 LTE Security 255 13.3.1 LTE Key Hierarchy 255 13.3.2 LTE Authentication and Key Agreement 257 13.3.3 Signaling Protection 258 13.3.3.1 Protection of Radio-Specific Signaling 259 13.3.3.2 Protection of User-Plane Traffic 259 13.3.4 Overview of Confidentiality and Integrity Algorithms 259 13.3.4.1 Confidentiality Mechanism 259 13.3.4.2 Integrity Mechanism 260 13.3.5 Non-3GPP Access 261 13.4 Handover Between eNBs 261 13.4.1 Overview 261 13.4.2 Key Handling in Handover 262 13.4.2.1 Initialization 262 13.4.2.2 Intra-eNB Key Handling 264 13.4.2.3 Intra-MME Key Handling 265 13.4.2.4 Inter-MME Key Handling 266 13.5 Security Algorithms 268 13.5.1 128-EEA2 268 13.5.2 128-EIA2 269 13.5.3 EEA3 270 13.5.4 EIA3 271 13.6 Security for Interworking Between LTE and Legacy Systems 273 13.6.1 Between LTE and UMTS 273 13.6.1.1 Idle Mode Mobility from E-UTRAN to UTRAN 273 13.6.1.2 Idle Mode Mobility from UTRAN to E-UTRAN 274 13.6.1.3 Handover Mode from E-UTRAN to UTRAN 275 13.6.1.4 Handover Mode from UTRAN to E-UTRAN 276 13.6.2 Between E-UTRAN and GERAN 277 13.6.2.1 Idle Mode 277 13.6.2.2 Handover Mode 277 13.7 Summary 278 Part V Security for Next Generation Wireless Networks 279 14 Security in 5G Wireless Networks 281 14.1 Introduction to 5GWireless Network Systems 281 14.1.1 The Advancement of 5G 281 14.1.2 5GWireless Network Systems 282 14.2 5G Security Requirements and Major Drives 283 14.2.1 Security Requirements for 5GWireless Networks 283 14.2.2 Major Drives for 5GWireless Security 284 14.2.2.1 Supreme Built-in-Security 284 14.2.2.2 Flexible Security Mechanisms 285 14.2.2.3 Automation 285 14.2.3 Attacks in 5G Wireless Networks 286 14.2.3.1 Eavesdropping and Traffic Analysis 286 14.2.3.2 Jamming 286 14.2.3.3 DoS and DDoS 287 14.2.3.4 Man-In-The-Middle (MITM) 287 14.3 A 5G Wireless Security Architecture 287 14.3.1 New Elements in 5G Wireless Security Architecture 287 14.3.2 A 5G Wireless Security Architecture 288 14.3.2.1 Network Access Security (I) 288 14.3.2.2 Network Domain Security (II) 289 14.3.2.3 User Domain Security (III) 289 14.3.2.4 Application Domain Security (IV) 289 14.4 5GWireless Security Services 289 14.4.1 Cryptography in 5G 289 14.4.2 Identity Management 290 14.4.3 Authentication in 5G 291 14.4.3.1 Flexible Authentication 291 14.4.3.2 Authentication Through Legacy Cellular System 291 14.4.3.3 SDN Based Authentication in 5G 293 14.4.3.4 Authentication of D2D in 5G 294 14.4.3.5 Authentication of RFID in 5G 294 14.4.4 Data Confidentiality in 5G 295 14.4.4.1 Power Control 295 14.4.4.2 Artificial Noise and Signal Processing 297 14.4.5 Handover Procedure and Signaling Load Analysis 297 14.4.6 Availability in 5G 297 14.4.7 Location and Identity Anonymity in 5G 300 14.5 5G Key Management 300 14.5.1 3GPP 5G Key Architecture 300 14.5.2 Key Management in 5G Handover 301 14.5.3 Key Management for D2D Users 302 14.6 Security for New Communication Techniques in 5G 303 14.6.1 Heterogeneous Network and Massive MIMO in 5G 303 14.6.2 Device-to-Device Communications in 5G 304 14.6.3 Software-Defined Network in 5G 306 14.6.4 Internet-of-Things in 5G 308 14.7 Challenges and Future Directions for 5G Wireless Security 308 14.7.1 New Trust Models 308 14.7.2 New Security Attack Models 308 14.7.3 Privacy Protection 309 14.7.4 Flexibility and Efficiency 309 14.7.5 Unified Security Management 309 14.8 Summary 310 15 Security in V2X Communications 311 15.1 Introduction to V2X Communications 311 15.1.1 Generic System Architecture of V2X Communications 311 15.1.2 Dedicated Short Range Communications 312 15.1.3 Cellular Based V2X Communications 313 15.2 Security Requirements and Possible Attacks in V2X Communications 314 15.2.1 Security Requirements 314 15.2.2 Attacks in V2X Communications 315 15.2.3 Basic Solutions 316 15.3 IEEEWAVE Security Services for Applications and Management Messages 316 15.3.1 Overview of the WAVE Protocol Stack and Security Services 316 15.3.2 Secure Data Service and Security Service Management Entity 318 15.3.3 CRL Verification Entity and P2P Certificate Distribution Entity 319 15.4 Security in Cellular Based V2X Communications 320 15.4.1 LTE-V2X Communication Security 320 15.4.2 5G-V2X Communication Security 322 15.5 Cryptography and Privacy Preservation in V2X Communications 323 15.5.1 Identity Based Schemes 323 15.5.2 Group Signature Based Schemes 325 15.5.3 Batch Verification Schemes 326 15.5.4 Reputation and Trust Based Schemes 327 15.5.5 Identity Anonymity Preservation 328 15.5.6 Location Anonymity Preservation 328 15.6 Challenges and Future Research Directions 329 15.6.1 Highly Efficient Authentication Schemes 329 15.6.2 Efficient Revocation Mechanisms 330 15.6.3 Advancing OBU and TPD Technologies 330 15.6.4 Advancing Cryptography and Privacy Preservation Schemes 330 15.6.5 Advancing Solutions to HetNet, SDN, and NFV 330 15.6.6 Advancing Artificial Intelligence in V2X Communication Security 330 15.7 Summary 331 References 333 Index 345

Read more less

Book SynopsisThe first comprehensive guide to the design and implementation of security in 5G wireless networks and devices Security models for 3G and 4G networks based on Universal SIM cards worked very well. But they are not fully applicable to the unique security requirements of 5G networks. 5G will face additional challenges due to increased user privacy concerns, new trust and service models and requirements to support IoT and mission-critical applications. While multiple books already exist on 5G, this is the first to focus exclusively on security for the emerging 5G ecosystem. 5G networks are not only expected to be faster, but provide a backbone for many new services, such as IoT and the Industrial Internet. Those services will provide connectivity for everything from autonomous cars and UAVs to remote health monitoring through body-attached sensors, smart logistics through item tracking to remote diagnostics and preventive maintenance of equipment. Most services will be integrated with Table of ContentsThe Editors xvii About the Contributors xxi Foreword xxxiii Preface xxxv Acknowledgements xli Part I 5G Security Overview 1 1 Evolution of Cellular Systems 3Shahriar Shahabuddin, Sadiqur Rahaman, Faisal Rehman, Ijaz Ahmad, and Zaheer Khan 1.1 Introduction 3 1.2 Early Development 4 1.3 First Generation Cellular Systems 6 1.3.1 Advanced Mobile Phone Service 7 1.3.2 Security in 1G 7 1.4 Second Generation Cellular Systems 8 1.4.1 Global System for Mobile Communications 8 1.4.2 GSM Network Architecture 9 1.4.3 Code Division Multiple Access 10 1.4.4 Security in 2G 10 1.4.5 Security in GSM 11 1.4.5.1 IMSI 11 1.4.5.2 Ki 12 1.4.5.3 A3 Algorithm 12 1.4.5.4 A8 Algorithm 13 1.4.5.5 COMP128 14 1.4.5.6 A5 Algorithm 14 1.4.6 Security in IS]95 14 1.5 Third Generation Cellular Systems 15 1.5.1 CDMA 2000 15 1.5.2 UMTS WCDMA 15 1.5.3 UMTS Network Architecture 16 1.5.4 HSPA 17 1.5.5 Security in 3G 17 1.5.6 Security in CDMA2000 17 1.5.7 Security in UMTS 18 1.6 Cellular Systems beyond 3G 20 1.6.1 HSPA+ 20 1.6.2 Mobile WiMAX 20 1.6.3 LTE 21 1.6.3.1 Orthogonal Frequency Division Multiplexing (OFDM) 21 1.6.3.2 SC]FDE and SC]FDMA 21 1.6.3.3 Multi]antenna Technique 21 1.6.4 LTE Network Architecture 21 1.7 Fourth Generation Cellular Systems 22 1.7.1 Key Technologies of 4G 23 1.7.1.1 Enhanced MINO 23 1.7.1.2 Cooperative Multipoint Transmission and Reception for LTE]Advanced 23 1.7.1.3 Spectrum and Bandwidth Management 24 1.7.1.4 Carrier Aggregation 24 1.7.1.5 Relays 24 1.7.2 Network Architecture 24 1.7.3 Beyond 3G and 4G Cellular Systems Security 25 1.7.4 LTE Security Model 26 1.7.5 Security in WiMAX 26 1.8 Conclusion 27 References 28 2 5G Mobile Networks: Requirements, Enabling Technologies, and Research Activities 31Van]Giang Nguyen, Anna Brunstrom, Karl]Johan Grinnemo, and Javid Taheri 2.1 Introduction 31 2.1.1 What is 5G? 31 2.1.1.1 From a System Architecture Perspective 32 2.1.1.2 From the Spectrum Perspective 32 2.1.1.3 From a User and Customer Perspective 32 2.1.2 Typical Use Cases 32 2.2 5G Requirements 33 2.2.1 High Data Rate and Ultra Low Latency 34 2.2.2 Massive Connectivity and Seamless Mobility 35 2.2.3 Reliability and High Availability 35 2.2.4 Flexibility and Programmability 36 2.2.5 Energy, Cost and Spectrum Efficiency 36 2.2.6 Security and Privacy 36 2.3 5G Enabling Technologies 37 2.3.1 5G Radio Access Network 38 2.3.1.1 mmWave Communication 38 2.3.1.2 Massive MIMO 38 2.3.1.3 Ultra]Dense Small Cells 39 2.3.1.4 M2M and D2D Communications 40 2.3.1.5 Cloud]based Radio Access Network 42 2.3.1.6 Mobile Edge and Fog Computing 42 2.3.2 5G Mobile Core Network 44 2.3.2.1 Software Defined Networking 44 2.3.2.2 Network Function Virtualization 44 2.3.2.3 Cloud Computing 46 2.3.3 G End]to]End System 46 2.3.3.1 Network Slicing 46 2.3.3.2 Management and Orchestration 47 2.4 5G Standardization Activities 48 2.4.1 ITU Activities 48 2.4.1.1 ITU]R 49 2.4.1.2 ITU]T 49 2.4.2 3GPP Activities 49 2.4.2.1 Pre]5G Phase 49 2.4.2.2 5G Phase I 50 2.4.2.3 5G Phase II 50 2.4.3 ETSI Activities 50 2.4.4 IEEE Activities 51 2.4.5 IETF Activities 52 2.5 5G Research Communities 52 2.5.1 European 5G Related Activities 52 2.5.1.1 5G Research in EU FP7 52 2.5.1.2 5G Research in EU H2020 52 2.5.1.3 5G Research in Celtic]Plus 53 2.5.2 Asian 5G Related Activities 53 2.5.2.1 South Korea: 5G Forum 53 2.5.2.2 Japan: 5GMF Forum 54 2.5.2.3 China: IMT]2020 5G Promotion Group 54 2.5.3 American 5G Related Activities 54 2.6 Conclusion 55 2.7 Acknowledgement 55 References 55 3 Mobile Networks Security Landscape 59Ahmed Bux Abro 3.1 Introduction 59 3.2 Mobile Networks Security Landscape 59 3.2.1 Security Threats and Protection for 1G 61 3.2.2 Security Threats and Protection for 2G 61 3.2.3 Security Threats and Protection for 3G 63 3.2.4 Security Threats and Protection for 4G 63 3.2.4.1 LTE UE (User Equipment) Domain Security 64 3.2.4.2 LTE (Remote Access Network) Domain Security 65 3.2.4.3 LTE Core Network Domain Security 65 3.2.4.4 Security Threat Analysis for 4G 65 3.2.5 Security Threats and Protection for 5G 66 3.2.5.1 Next Generation Threat Landscape for 5G 68 3.2.5.2 IoT Threat Landscape 68 3.2.5.3 5G Evolved Security Model 68 3.2.5.4 5G Security Threat Analysis 69 3.3 Mobile Security Lifecycle Functions 70 3.3.1 Secure Device Management 71 3.3.2 Mobile OS and App Patch Management 71 3.3.3 Security Threat Analysis and Assessment 71 3.3.4 Security Monitoring 72 3.4 Conclusion 73 References 73 4 Design Principles for 5G Security 75Ijaz Ahmad, Madhusanka Liyanage, Shahriar Shahabuddin, Mika Ylianttila, and Andrei Gurtov 4.1 Introduction 75 4.2 Overviews of Security Recommendations and Challenges 76 4.2.1 Security Recommendations by ITU]T 77 4.2.2 Security Threats and Recommendations by NGMN 78 4.2.3 Other Security Challenges 79 4.2.3.1 Security Challenges in the Access Network 79 4.2.3.2 DoS Attacks 79 4.2.3.3 Security Challenges in the Control Layer or Core Network 80 4.3 Novel Technologies for 5G Security 81 4.3.1 5G Security Leveraging NFV 82 4.3.2 Network Security Leveraging SDN 83 4.3.3 Security Challenges in SDN 84 4.3.3.1 Application Layer 84 4.3.3.2 Controller Layer 85 4.3.3.3 Infrastructure Layer 86 4.3.4 Security Solutions for SDN 86 4.3.4.1 Application Plane Security 86 4.3.4.2 Control Plane Security 87 4.3.4.3 Data Plane Security Solutions 87 4.4 Security in SDN]based Mobile Networks 88 4.4.1 Data Link Security 88 4.4.2 Control Channels Security 89 4.4.3 Traffic Monitoring 91 4.4.4 Access Control 91 4.4.5 Network Resilience 91 4.4.6 Security Systems and Firewalls 92 4.4.7 Network Security Automation 92 4.5 Conclusions and Future Directions 94 4.6 Acknowledgement 95 References 95 5 Cyber Security Business Models in 5G 99Julius Francis Gomes, Marika Iivari, Petri Ahokangas, Lauri Isotalo, Bengt Sahlin, and Jan Melén 5.1 Introduction 99 5.2 The Context of Cyber Security Businesses 100 5.2.1 Types of Cyber Threat 101 5.2.2 The Cost of Cyber]Attacks 102 5.3 The Business Model Approach 103 5.3.1 The 4C Typology of the ICT Business Model 104 5.3.2 Business Models in the Context of Cyber Preparedness 105 5.4 The Business Case of Cyber Security in the Era of 5G 106 5.4.1 The Users and Issues of Cyber Security in 5G 108 5.4.2 Scenarios for 5G Security Provisioning 109 5.4.3 Delivering Cyber Security in 5G 110 5.5 Business Model Options in 5G Cyber Security 112 5.6 Acknowledgment 114 References 114 Part II 5G Network Security 117 6 Physical Layer Security 119Simone Soderi, Lorenzo Mucchi, Matti Hämäläinen, Alessandro Piva, and Jari Iinatti 6.1 Introduction 119 6.1.1 Physical Layer Security in 5G Networks 120 6.1.2 Related Work 121 6.1.3 Motivation 121 6.2 WBPLSec System Model 123 6.2.1 Transmitter 124 6.2.2 Jamming Receiver 126 6.2.3 Secrecy Metrics 126 6.2.4 Secrecy Capacity of WBPLSec 128 6.2.5 Secrecy Capacity of iJAM 129 6.3 Outage Probability of Secrecy Capacity of a Jamming Receiver 131 6.3.1 Simulation Scenario for Secrecy Capacity 134 6.4 WBPLSec Applied to 5G networks 136 6.5 Conclusions 138 References 139 7 5G]WLAN Security 143Satish Anamalamudi, Abdur Rashid Sangi, Mohammed Alkatheiri, Fahad T. Bin Muhaya, and Chang Liu 7.1 Chapter Overview 143 7.2 Introduction to WiFi]5G Networks Interoperability 143 7.2.1 WiFi (Wireless Local Area Network) 143 7.2.2 Interoperability of WiFi with 5G Networks 144 7.2.3 WiFi Security 144 7.3 Overview of Network Architecture for WiFi]5G Networks Interoperability 146 7.3.1 MAC Layer 147 7.3.2 Network Layer 147 7.3.3 Transport Layer 148 7.3.4 Application Layer 149 7.4 5G]WiFi Security Challenges 150 7.4.1 Security Challenges with Respect to a Large Number of Device Connectivity 151 7.4.2 Security Challenges in 5G Networks and WiFi 151 7.5 Security Consideration for Architectural Design of WiFi]5G Networks 156 7.5.1 User and Device Identity Confidentiality 156 7.5.2 Integrity 156 7.5.3 Mutual Authentication and Key Management 157 7.6 LiFi Networks 158 7.7 Introduction to LiFi]5G Networks Interoperability 159 7.8 5G]LiFi Security Challenges 160 7.8.1 Security Challenges with Respect to a Large Number of Device Connectivity 160 7.8.2 Security Challenges in 5G Networks and LiFi 160 7.9 Security Consideration for Architectural Design of LiFi]5G Networks 160 7.10 Conclusion and Future Work 161 References 161 8 Safety of 5G Network Physical Infrastructures 165Rui Travanca and João André 8.1 Introduction 165 8.2 Historical Development 168 8.2.1 Typology 168 8.2.2 Codes 170 8.2.3 Outlook 170 8.3 Structural Design Philosophy 171 8.3.1 Basis 171 8.3.2 Actions 174 8.3.3 Structural Analysis 179 8.3.4 Steel Design Verifications 180 8.3.4.1 Ultimate Limit States 180 8.3.4.2 Serviceability Limit States 181 8.4 Survey of Problems 181 8.4.1 General 181 8.4.2 Design Failures 182 8.4.3 Maintenance Failures 183 8.4.4 Vandalism or Terrorism Failures 186 8.5 Opportunities and Recommendations 188 8.6 Acknowledgement 190 References 191 9 Customer Edge Switching: A Security Framework for 5G 195Hammad Kabir, Raimo Kantola, and Jesus Llorente Santos 9.1 Introduction 195 9.2 State]of]the]art in Mobile Networks Security 197 9.2.1 Mobile Network Challenges and Principles of Security Framework 200 9.2.2 Trust Domains and Trust Processing 202 9.3 CES Security Framework 203 9.3.1 DNS to Initiate Communication 205 9.3.2 CETP Policy]based Communication 206 9.3.3 Policy Architecture 208 9.3.4 CES Security Mechanisms 209 9.3.5 Realm Gateway 210 9.3.6 RGW Security Mechanisms 211 9.3.6.1 Name Server Classification and Allocation Model 212 9.3.6.2 Preventing DNS Abuse 212 9.3.6.3 Bot]Detection Algorithm 213 9.3.6.4 TCP]Splice 213 9.4 Evaluation of CES Security 213 9.4.1 Evaluating the CETP Policy]based Communication 214 9.4.1.1 Security Testing 216 9.4.1.2 Outcomes of the Security Testing 216 9.4.2 Evaluation of RGW Security 217 9.5 Deployment in 5G Networks 222 9.5.1 Use Case 1: Mobile Broadband 224 9.5.1.1 Deployment and Operations 224 9.5.1.2 Security Benefits 224 9.5.1.3 Scalability 225 9.5.1.4 Reliability 225 9.5.2 Use Case 2: Corporate Gateway 225 9.5.2.1 Deployment and Operations 225 9.5.2.2 Security Benefits 226 9.5.2.3 Scalability 226 9.5.2.4 Reliability 226 9.5.3 Use Case 3: National CERT Centric Trust Domain 226 9.5.3.1 Deployment and Operations 226 9.5.3.2 Security Benefits 227 9.5.3.3 Scalability 227 9.5.3.4 Reliability 227 9.5.4 Use Case 4: Industrial Internet for Road Traffic and Transport 227 9.5.4.1 Deployment and Operations 227 9.5.4.2 Security Benefits 228 9.5.4.3 Scalability 228 9.5.4.4 Reliability 228 9.6 Conclusion 228 References 230 10 Software Defined Security Monitoring in 5G Networks 231Madhusanka Liyanage, Ijaz Ahmad, Jude Okwuibe, Edgardo Montes de Oca, Mai Hoang Long, Oscar Lopez Perez, and Mikel Uriarte Itzazelaia 10.1 Introduction 231 10.2 Existing Monitoring Techniques 232 10.3 Limitations on Current Monitoring Techniques 233 10.4 Use of Monitoring in 5G 234 10.5 Software]Defined Monitoring Architecture 235 10.6 Expected Advantages of Software Defined Monitoring 238 10.7 Expected Challenges in Software Defined Monitoring 240 10.8 Conclusion 242 References 243 Part III 5G Device and User Security 245 11 IoT Security 247Mehrnoosh Monshizadeh, and Vikramajeet Khatri 11.1 Introduction 247 11.2 Related Work 248 11.3 Literature Overview and Research Motivation 249 11.3.1 IoT Devices, Services and Attacks on Them 250 11.3.2 Research Motivation 253 11.4 Distributed Security Platform 254 11.4.1 Robot Data Classification 254 11.4.2 Robot Attack Classification 255 11.4.3 Robot Security Platform 256 11.4.3.1 Robot Section 257 11.4.3.2 Mobile Network Section 257 11.5 Mobile Cloud Robot Security Scenarios 259 11.5.1 Robot with SIMcard 259 11.5.2 SIMless Robot 260 11.5.3 Robot Attack 263 11.5.4 Robot Communication 263 11.6 Conclusion 263 References 265 12 User Privacy, Identity and Trust 267Tanesh Kumar, Madhusanka Liyanage, Ijaz Ahmad, An Braeken, and Mika Ylianttila 12.1 Introduction 267 12.2 Background 268 12.3 User Privacy 269 12.3.1 Data Privacy 269 12.3.2 Location Privacy 271 12.3.3 Identity Privacy 272 12.4 Identity Management 273 12.5 Trust Models 274 12.6 Discussion 277 12.7 Conclusion 278 References 279 13 5G Positioning: Security and Privacy Aspects 281Elena Simona Lohan, Anette Alén]Savikko, Liang Chen, Kimmo Järvinen, Helena Leppäkoski, Heidi Kuusniemi, and Päivi Korpisaari 13.1 Introduction 281 13.2 Outdoor versus Indoor Positioning Technologies 283 13.3 Passive versus Active Positioning 283 13.4 Brief Overview of 5G Positioning Mechanisms 285 13.5 Survey of Security Threats and Privacy Issues in 5G Positioning 291 13.5.1 Security Threats in 5G Positioning 291 13.5.1.1 Security Threats Affecting Several or All Players 291 13.5.1.2 Security Threats Affecting LISP 292 13.5.1.3 Security Threats Affecting LBSP 293 13.5.1.4 Security Threats Affecting the 5G User Device or LIC 293 13.6 Main Privacy Concerns 294 13.7 Passive versus Active Positioning Concepts 295 13.8 Physical] Layer Based Security Enhancements Mechanisms for Positioning in 5G 296 13.8.1 Reliability Monitoring and Outlier Detection Mechanisms 296 13.8.2 Detection, Location and Estimation of Interference Signals 297 13.8.3 Backup Systems 298 13.9 Enhancing Trustworthiness 299 13.10 Cryptographic Techniques for Security and Privacy of Positioning 299 13.10.1 Cryptographic Authentication in Positioning 300 13.10.2 Cryptographic Distance]Bounding 301 13.10.3 Cryptographic Techniques for Privacy]Preserving Location]based Services 303 13.11 Legislation on User Location Privacy in 5G 304 13.11.1 EU Policy and Legal Framework 304 13.11.2 Legal Aspects Related to the Processing of Location Data 306 13.11.3 Privacy Protection by Design and Default 306 13.11.4 Security Protection 307 13.11.5 A Closer Look at the e]Privacy Directive 307 13.11.6 Summary of EU Legal Instruments 308 13.11.7 International Issues 308 13.11.8 Challenges and Future Scenarios in Legal Frameworks and Policy 309 13.12 Landscape of the European and International Projects related to Secure Positioning 311 References 312 Part IV 5G Cloud and Virtual Network Security 321 14 Mobile Virtual Network Operators (MVNO) Security 323Mehrnoosh Monshizadeh and Vikramajeet Khatri 14.1 Introduction 323 14.2 Related Work 324 14.3 Cloudification of the Network Operators 325 14.4 MVNO Security 326 14.4.1 Data Security in TaaS 327 14.4.2 Hypervisor and VM Security in TaaS 328 14.4.2.1 SDN Security in TaaS 329 14.4.2.2 NFV Security in TaaS 331 14.4.2.3 OPNFV Security 332 14.4.3 Application Security in TaaS 333 14.4.4 Summary 334 14.4.5 MVNO Security Benchmark 335 14.5 TaaS Deployment Security 338 14.5.1 IaaS 338 14.5.2 PaaS 340 14.5.3 SaaS 340 14.6 Future Directions 340 14.7 Conclusion 341 References 342 15 NFV and NFV]based Security Services 347Wenjing Chu 15.1 Introduction 347 15.2 5G, NFV and Security 347 15.3 A Brief Introduction to NFV 348 15.4 NFV, SDN, and a Telco Cloud 351 15.5 Common NFV Drivers 353 15.5.1 Technology Curve 353 15.5.2 Opportunity Cost and Competitive Landscape 353 15.5.3 Horizontal Network Slicing 354 15.5.4 Multi]Tenancy 354 15.5.5 Rapid Service Delivery 354 15.5.6 XaaS Models 354 15.5.7 One Cloud 355 15.6 NFV Security: Challenges and Opportunities 355 15.6.1 VNF Security Lifecycle and Trust 355 15.6.2 VNF Security in Operation 358 15.6.3 Multi]Tenancy and XaaS 359 15.6.4 OPNFV and Openstack: Open Source Projects for NFV 360 15.7 NFV]based Security Services 364 15.7.1 NFV]based Network Security 365 15.7.1.1 Virtual Security Appliances 365 15.7.1.2 Distributed Network Security Services 366 15.7.1.3 Network Security as a Service 366 15.7.2 Policy]based Security Services 366 15.7.2.1 Group]based Policy 367 15.7.2.2 Openstack Congress 368 15.7.3 Machine Learning for NFV]based Security Services 369 15.8 Conclusions 370 References 370 16 Cloud and MEC Security 373Jude Okwuibe, Madhusanka Liyanage, Ijaz Ahmed, and Mika Ylianttila 16.1 Introduction 373 16.2 Cloud Computing in 5G Networks 374 16.2.1 Overview and History of Cloud Computing 375 16.2.2 Cloud Computing Architecture 376 16.2.3 Cloud Deployment Models 377 16.2.4 Cloud Service Models 378 16.2.5 5G Cloud Computing Architecture 379 16.2.6 Use Cases/Scenarios of Cloud Computing in 5G 380 16.3 MEC in 5G Networks 381 16.3.1 Overview of MEC Computing 381 16.3.2 MEC in 5G 383 16.3.3 Use Cases of MEC Computing in 5G 384 16.4 Security Challenges in 5G Cloud 385 16.4.1 Virtualization Security 385 16.4.2 Cyber]Physical System (CPS) Security 386 16.4.3 Secure and Private Data Computation 386 16.4.4 Cloud Intrusion 387 16.4.5 Access Control 387 16.5 Security Challenges in 5G MEC 388 16.5.1 Denial of Service (DoS) Attack 389 16.5.2 Man]in]the]Middle (MitM) 389 16.5.3 Inconsistent Security Policies 389 16.5.4 VM Manipulation 390 16.5.5 Privacy Leakage 390 16.6 Security Architectures for 5G Cloud and MEC 391 16.6.1 Centralized Security Architectures 391 16.6.2 SDN]based Cloud Security Systems 392 16.7 5GMEC, Cloud Security Research and Standardizations 392 16.8 Conclusions 394 References 394 17 Regulatory Impact on 5G Security and Privacy 399Jukka Salo and Madhusanka Liyanage 17.1 Introduction 399 17.2 Regulatory Objectives for Security and Privacy 401 17.2.1 Generic Objectives 401 17.3 Legal Framework for Security and Privacy 402 17.3.1 General Framework 402 17.3.2 Legal Framework for Security and Privacy in Cloud Computing 403 17.3.3 Legal Framework for Security and Privacy in Software Defined Networking and Network Function Virtualization 405 17.4 Security and Privacy Issues in New 5G Technologies 405 17.4.1 Security and Privacy Issues in Cloud Computing 405 17.4.2 Security and Privacy Issues in Network Functions Virtualization 407 17.4.3 Security and Privacy Issues in Software Defined Networking (SDN) 409 17.4.4 Summary of Security and Privacy Issues in the Context of Technologies under Study (Clouds, NFV, SDN) 410 17.5 Relevance Assessment of Security and Privacy Issues for Regulation 411 17.6 Analysis of Potential Regulatory Approaches 412 17.7 Summary of Issues and Impact of New Technologies on Security and Privacy Regulation 413 References 417 Index

Read more less

Book SynopsisCisco has announced big changes to its certification program. As of February 24, 2020, all current certifications will be retired, and Cisco will begin offering new certification programs. The good news is if you're working toward any current CCNA certification, keep going. You have until February 24, 2020 to complete your current CCNA. If you already have CCENT/ICND1 certification and would like to earn CCNA, you have until February 23, 2020 to complete your CCNA certification in the current program. Likewise, if you're thinking of completing the current CCENT/ICND1, ICND2, or CCNA Routing and Switching certification, you can still complete them between now and February 23, 2020. Lay the foundation for a successful career in network security CCNA Security Study Guide offers comprehensive review for Exam 210-260. Packed with concise explanations of core security concepts, this book is designed to help you sucTable of ContentsIntroduction xxi Assessment Test xxxi Chapter 1 Understanding Security Fundamentals 1 Goals of Security 2 Confidentiality 2 Integrity 3 Availability 3 Guiding Principles 3 Common Security Terms 6 Risk Management Process 7 Network Topologies 15 CAN 15 WAN 16 Data Center 16 SOHO 17 Virtual 17 Common Network Security Zones 17 DMZ 17 Intranet and Extranet 18 Public and Private 18 VLAN 18 Summary 19 Exam Essentials 19 Review Questions 20 Chapter 2 Understanding Security Threats 25 Common Network Attacks 26 Motivations 26 Classifying Attack Vectors 27 Spoofing 28 Password Attacks 29 Reconnaissance Attacks 30 Buffer Overflow 34 DoS 34 DDoS 36 Man-in-the-Middle Attack 37 ARP Poisoning 37 Social Engineering 38 Phishing/Pharming 38 Prevention 38 Malware 39 Data Loss and Exfiltration 39 Summary 40 Exam Essentials 40 Review Questions 42 Chapter 3 Understanding Cryptography 45 Symmetric and Asymmetric Encryption 46 Ciphers 46 Algorithms 48 Hashing Algorithms 53 MD5 54 SHA-1 54 SHA-2 54 HMAC 55 Digital Signatures 55 Key Exchange 57 Application: SSH 57 Public Key Infrastructure 57 Public and Private Keys 58 Certificates 60 Certificate Authorities 61 PKI Standards 63 PKI Topologies 64 Certificates in the ASA 65 Cryptanalysis 67 Summary 68 Exam Essentials 68 Review Questions 69 Chapter 4 Securing the Routing Process 73 Securing Router Access 74 Configuring SSH Access 74 Configuring Privilege Levels in IOS 76 Configuring IOS Role-Based CLI 77 Implementing Cisco IOS Resilient Configuration 79 Implementing OSPF Routing Update Authentication 80 Implementing OSPF Routing Update Authentication 80 Implementing EIGRP Routing Update Authentication 82 Securing the Control Plane 82 Control Plane Policing 83 Summary 84 Exam Essentials 85 Review Questions 86 Chapter 5 Understanding Layer 2 Attacks 91 Understanding STP Attacks 92 Understanding ARP Attacks 93 Understanding MAC Attacks 95 Understanding CAM Overflows 96 Understanding CDP/LLDP Reconnaissance 97 Understanding VLAN Hopping 98 Switch Spoofing 98 Double Tagging 99 Understanding DHCP Spoofing 99 Summary 101 Exam Essentials 101 Review Questions 102 Chapter 6 Preventing Layer 2 Attacks 107 Configuring DHCP Snooping 108 Configuring Dynamic ARP Inspection 110 Configuring Port Security 112 Configuring STP Security Features 114 BPDU Guard 114 Root Guard 115 Loop Guard 115 Disabling DTP 116 Verifying Mitigations 116 DHCP Snooping 116 DAI 117 Port Security 118 STP Features 118 DTP 120 Summary 120 Exam Essentials 121 Review Questions 122 Chapter 7 VLAN Security 127 Native VLANs 128 Mitigation 128 PVLANs 128 PVLAN Edge 131 PVLAN Proxy Attack 132 ACLs on Switches 133 Port ACLs 133 VLAN ACLs 133 Summary 134 Exam Essentials 134 Review Questions 136 Chapter 8 Securing Management Traffic 141 In-Band and Out-of-Band Management 142 AUX Port 142 VTY Ports 143 HTTPS Connection 144 SNMP 144 Console Port 145 Securing Network Management 146 SSH 146 HTTPS 146 ACLs 146 Banner Messages 147 Securing Access through SNMP v3 149 Securing NTP 150 Using SCP for File Transfer 151 Summary 151 Exam Essentials 152 Review Questions 153 Chapter 9 Understanding 802.1x and AAA 157 802.1x Components 158 RADIUS and TACACS+ Technologies 159 Configuring Administrative Access with TACACS+ 160 Local AAA Authentication and Accounting 160 SSH Using AAA 161 Understanding Authentication and Authorization Using ACS and ISE 161 Understanding the Integration of Active Directory with AAA 162 TACACS+ on IOS 162 Verify Router Connectivity to TACACS+ 164 Summary 164 Exam Essentials 165 Review Questions 166 Chapter 10 Securing a BYOD Initiative 171 The BYOD Architecture Framework 172 Cisco ISE 172 Cisco TrustSec 174 The Function of Mobile Device Management 177 Integration with ISE Authorization Policies 177 Summary 178 Exam Essentials 179 Review Questions 180 Chapter 11 Understanding VPNs 185 Understanding IPsec 186 Security Services 186 Protocols 189 Delivery Modes 192 IPsec with IPV6 194 Understanding Advanced VPN Concepts 195 Hairpinning 195 Split Tunneling 196 Always-on VPN 197 NAT Traversal 198 Summary 199 Exam Essentials 199 Review Questions 200 Chapter 12 Configuring VPNs 203 Configuring Remote Access VPNs 204 Basic Clientless SSL VPN Using ASDM 204 Verify a Clientless Connection 207 Basic AnyConnect SSL VPN Using ASDM 207 Verify an AnyConnect Connection 209 Endpoint Posture Assessment 209 Configuring Site-to-Site VPNs 209 Implement an IPsec Site-to-Site VPN with Preshared Key Authentication 209 Verify an IPsec Site-to-Site VPN 212 Summary 212 Exam Essentials 213 Review Questions 214 Chapter 13 Understanding Firewalls 219 Understanding Firewall Technologies 220 Packet Filtering 220 Proxy Firewalls 220 Application Firewall 221 Personal Firewall 221 Stateful vs. Stateless Firewalls 222 Operations 222 State Table 223 Summary 224 Exam Essentials 224 Review Questions 225 Chapter 14 Configuring NAT and Zone-Based Firewalls 229 Implementing NAT on ASA 9.x 230 Static 231 Dynamic 232 PAT 233 Policy NAT 233 Verifying NAT Operations 235 Configuring Zone-Based Firewalls 236 Class Maps 237 Default Policies 237 Configuring Zone-to-Zone Access 239 Summary 240 Exam Essentials 240 Review Questions 241 Chapter 15 Configuring the Firewall on an ASA 245 Understanding Firewall Services 246 Understanding Modes of Deployment 247 Routed Firewall 247 Transparent Firewall 247 Understanding Methods of Implementing High Availability 247 Active/Standby Failover 248 Active/Active Failover 248 Clustering 249 Understanding Security Contexts 249 Configuring ASA Management Access 250 Initial Configuration 250 Configuring Cisco ASA Interface Security Levels 251 Security Levels 251 Configuring Security Access Policies 253 Interface Access Rules 253 Object Groups 254 Configuring Default Cisco Modular Policy Framework (MPF) 256 Summary 257 Exam Essentials 257 Review Questions 259 Chapter 16 Intrusion Prevention 263 IPS Terminology 264 Threat 264 Risk 264 Vulnerability 265 Exploit 265 Zero-Day Threat 265 Actions 265 Network-Based IPS vs. Host-Based IPS 266 Host-Based IPS 266 Network-Based IPS 266 Promiscuous Mode 266 Detection Methods 267 Evasion Techniques 267 Packet Fragmentation 267 Injection Attacks 270 Alternate String Expressions 271 Introducing Cisco FireSIGHT 271 Capabilities 271 Protections 272 Understanding Modes of Deployment 273 Inline 275 Positioning of the IPS within the Network 275 Outside 275 DMZ 276 Inside 277 Understanding False Positives, False Negatives, True Positives, and True Negatives 277 Summary 278 Exam Essentials 278 Review Questions 280 Chapter 17 Content and Endpoint Security 285 Mitigating Email Threats 286 Spam Filtering 286 Context-Based Filtering 287 Anti-malware Filtering 287 DLP 287 Blacklisting 288 Email Encryption 288 Cisco Email Security Appliance 288 Putting the Pieces Together 290 Mitigating Web-Based Threats 292 Understanding Web Proxies 292 Cisco Web Security Appliance 293 Mitigating Endpoint Threats 294 Cisco Identity Services Engine (ISE) 294 Antivirus/Anti-malware 294 Personal Firewall 294 Hardware/Software Encryption of Local Data 294 HIPS 295 Summary 295 Exam Essentials 295 Review Questions 296 Appendix Answers to Review Questions 301 Chapter 1: Understanding Security Fundamentals 302 Chapter 2: Understanding Security Threats 304 Chapter 3: Understanding Cryptography 305 Chapter 4: Securing the Routing Process 307 Chapter 5: Understanding Layer 2 Attacks 309 Chapter 6: Preventing Layer 2 Attacks 311 Chapter 7: VLAN Security 312 Chapter 8: Securing Management Traffic 314 Chapter 9: Understanding 802.1x and AAA 316 Chapter 10: Securing a BYOD Initiative 317 Chapter 11: Understanding VPNs 319 Chapter 12: Configuring VPNs 321 Chapter 13: Understanding Firewalls 322 Chapter 14: Configuring NAT and Zone-Based Firewalls 324 Chapter 15: Configuring the Firewall on an ASA 325 Chapter 16: Intrusion Prevention 327 Chapter 17: Content and Endpoint Security 328 Index 331

Read more less

Book SynopsisAn up-to-date guide to an overview of authentication in the Internet of Things (IoT) The Internet of things (IoT) is the network of the countless physical devices that have the possibility to connect and exchange data. Among the various security requirements, authentication to the IoT is the first step to prevent the impact of attackers. IoT Security offers an important guide into the development of the many authentication mechanisms that provide IoT authentication at various levels such as user level, device level and network level. The book covers a wide range of topics including an overview of IoT and addresses in detail the security challenges at every layer by considering both the technologies and the architecture used. The authorsnoted experts on the topicprovide solutions for remediation of compromised security, as well as methods for risk mitigation, and offer suggestions for prevention and improvement. In addition, IoT Security offers a variety of illustrative use cases. This Table of ContentsAbout the Editors xiii List of Contributors xvii Preface xxiii Acknowledgments xxix Part I IoT Overview 1 1 Introduction to IoT 3Anshuman Kalla, Pawani Prombage, and Madhusanka Liyanage 1.1 Introduction 4 1.1.1 Evolution of IoT 4 1.2 IoT Architecture and Taxonomy 5 1.3 Standardization Efforts 7 1.4 IoT Applications 10 1.4.1 Smart Home 11 1.4.2 Smart City 13 1.4.3 Smart Energy 14 1.4.4 Healthcare 15 1.4.5 IoT Automotive 16 1.4.6 Gaming, AR and VR 16 1.4.7 Retail 17 1.4.8 Wearable 18 1.4.9 Smart Agriculture 18 1.4.10 Industrial Internet 19 1.4.11 Tactile Internet 19 1.4.12 Conclusion 20 Acknowledgement 20 References 20 2 Introduction to IoT Security 27Anca D. Jurcut, Pasika Ranaweera, and Lina Xu 2.1 Introduction 27 2.2 Attacks and Countermeasures 29 2.2.1 Perception Layer 30 2.2.2 Network Layer 33 2.2.3 Application Layer 34 2.3 Authentication and Authorization 41 2.3.1 Authentication 42 2.3.2 Authorization 42 2.3.3 Authentication at IoT Layers 43 2.4 Other Security Features and Related Issues 48 2.4.1 The Simplified Layer Structure 48 2.4.2 The Idea of Middleware 49 2.4.3 Cross-Layer Security Problem 50 2.4.4 Privacy 50 2.4.5 Risk Mitigation 51 2.5 Discussion 52 2.6 Future Research Directions 54 2.6.1 Blockchain 54 2.6.2 5G 55 2.6.3 Fog and Edge Computing 56 2.6.4 Quantum Security, AI, and Predictive Data Analytics 57 2.6.5 Network Slicing 57 2.7 Conclusions 58 References 59 Part II IoT Network and Communication Authentication 65 3 Symmetric Key-Based Authentication with an Application to Wireless Sensor Networks 67An Braeken 3.1 Introduction 67 3.2 Related Work 69 3.3 System Model and Assumptions 70 3.3.1 Design Goals 70 3.3.2 Setting 70 3.3.3 Notations 71 3.3.4 Attack Model 71 3.4 Scheme in Normal Mode 72 3.4.1 Installation Phase 72 3.4.2 Group Node Key 73 3.4.3 Individual Cluster Key 73 3.4.4 Pairwise Key Derivation 74 3.4.5 Multicast Key 76 3.4.6 Group Cluster Key 76 3.5 Authentication 77 3.5.1 Authentication by CN 77 3.5.2 Authenticated Broadcast by the CH 77 3.5.3 Authenticated Broadcast by the BS 78 3.6 Scheme in Change Mode 78 3.6.1 Capture of CN 78 3.6.2 Capture of CH 79 3.6.3 Changes for Honest Nodes 79 3.7 Security Analysis 80 3.7.1 Resistance Against Impersonation Attack 80 3.7.2 Resistance Against Node Capture 81 3.7.3 Resistance Against Replay Attacks 81 3.8 Efficiency 81 3.8.1 Number of Communication Phases 81 3.8.2 Storage Requirements 82 3.8.3 Packet Fragmentation 82 3.9 Conclusions 83 Acknowledgement 83 References 83 4 Public Key Based Protocols – EC Crypto 85Pawani Porambage, An Braeken, and Corinna Schmitt 4.1 Introduction to ECC 85 4.1.1 Notations 86 4.1.2 ECC for Authentication and Key Management 87 4.2 ECC Based Implicit Certificates 88 4.2.1 Authentication and Key Management Using ECC Implicit Certificates 88 4.3 ECC-Based Signcryption 91 4.3.1 Security Features 93 4.3.2 Scheme 93 4.4 ECC-Based Group Communication 95 4.4.1 Background and Assumptions 95 4.4.2 Scheme 96 4.5 Implementation Aspects 97 4.6 Discussion 98 References 98 5 Lattice-Based Cryptography and Internet of Things 101Veronika Kuchta and Gaurav Sharma 5.1 Introduction 101 5.1.1 Organization 102 5.2 Lattice-Based Cryptography 102 5.2.1 Notations 102 5.2.2 Preliminaries 103 5.2.3 Computational Problems 104 5.2.4 State-of-the-Art 105 5.3 Lattice-Based Primitives 106 5.3.1 One-Way and Collision-Resistant Hash Functions 106 5.3.2 Passively Secure Encryption 106 5.3.3 Actively Secure Encryption 107 5.3.4 Trapdoor Functions 107 5.3.5 Gadget Trapdoor 108 5.3.6 Digital Signatures without Trapdoors 108 5.3.7 Pseudorandom Functions (PRF) 109 5.3.8 Homomorphic Encryption 110 5.3.9 Identity-Based Encryption (IBE) 111 5.3.10 Attribute-Based Encryption 112 5.4 Lattice-Based Cryptography for IoT 113 5.5 Conclusion 115 References 115 Part III IoT User Level Authentication 119 6 Efficient and Anonymous Mutual Authentication Protocol in Multi-Access Edge Computing (MEC) Environments 121Pardeep Kumar and Madhusanka Liyanage 6.1 Introduction 121 6.2 Related Work 123 6.3 Network Model and Adversary Model 124 6.3.1 Network Model 124 6.3.2 Adversary Model 125 6.4 Proposed Scheme 125 6.4.1 System Setup for the Edge Nodes Registration at the Registration Center 125 6.4.2 User Registration Phase 126 6.4.3 Login and User Authentication Phase 126 6.4.4 Password Update Phase 127 6.5 Security and Performance Evaluation 127 6.5.1 Informal Security Analysis 127 6.5.2 Performance Analysis 129 6.6 Conclusion 130 References 130 7 Biometric-Based Robust Access Control Model for Industrial Internet of Things Applications 133Pardeep Kumar and Gurjot Singh Gaba 7.1 Introduction 133 7.2 Related Work 134 7.3 Network Model, Threat Model and Security Requirements 136 7.3.1 Network Model 136 7.3.2 Threat Model 136 7.3.3 Security Goals 136 7.4 Proposed Access Control Model in IIoT 136 7.4.1 System Setup 137 7.4.2 Authentication and Key Establishment 138 7.5 Security and Performance Evaluations 139 7.5.1 Informal Security Analysis 139 7.5.2 Performance Analysis 140 7.6 Conclusions 141 References 142 8 Gadget Free Authentication 143Madhusanka Liyanage, An Braeken, and Mika Ylianttila 8.1 Introduction to Gadget-Free World 143 8.2 Introduction to Biometrics 146 8.3 Gadget-Free Authentication 148 8.4 Preliminary Aspects 149 8.4.1 Security Requirements 149 8.4.2 Setting 149 8.4.3 Notations 150 8.5 The System 150 8.5.1 Registration Phase 151 8.5.2 Installation Phase 151 8.5.3 Request Phase 151 8.5.4 Answer Phase 152 8.5.5 Update Phase 153 8.6 Security Analysis 153 8.6.1 Accountability 153 8.6.2 Replay Attacks 153 8.6.3 Insider Attacks 153 8.6.4 HW/SW Attacks 154 8.6.5 Identity Privacy 154 8.7 Performance Analysis 154 8.7.1 Timing for Cryptographic/Computational Operation 155 8.7.2 Communication Cost 155 8.8 Conclusions 156 Acknowledgement 156 References 156 9 WebMaDa 2.1 – A Web-Based Framework for Handling User Requests Automatically and Addressing Data Control in Parallel 159Corinna Schmitt, Dominik Bünzli, and Burkhard Stiller 9.1 Introduction 159 9.2 IoT-Related Concerns 160 9.3 Design Decisions 162 9.4 WebMaDa’s History 163 9.5 WebMaDa 2.1 166 9.5.1 Email Notifications 166 9.5.2 Data Control Support 171 9.6 Implementation 173 9.6.1 Mailing Functionality 173 9.6.2 Logging Functionality 175 9.6.3 Filtering Functionality 176 9.7 Proof of Operability 176 9.7.1 Automated Request Handling 177 9.7.2 Filtering Functionality Using Logging Solution 182 9.8 Summary and Conclusions 182 References 183 Part IV IoT Device Level Authentication 185 10 PUF-Based Authentication and Key Exchange for Internet of Things 187An Braeken 10.1 Introduction 187 10.2 Related Work 189 10.2.1 Key Agreement from IoT Device to Server 189 10.2.2 Key Agreement between Two IoT Devices 190 10.3 Preliminaries 191 10.3.1 System Architecture 191 10.3.2 Assumptions 192 10.3.3 Attack Model 192 10.3.4 Cryptographic Operations 193 10.4 Proposed System 194 10.4.1 Registration Phase 195 10.4.2 Security Association Phase 195 10.4.3 Authentication and Key Agreement Phase 195 10.5 Security Evaluation 197 10.6 Performance 199 10.6.1 Computational Cost 199 10.6.2 Communication Cost 200 10.7 Conclusions 201 References 202 11 Hardware-Based Encryption via Generalized Synchronization of Complex Networks 205Lars Keuninckx and Guy Van der Sande 11.1 Introduction 205 11.2 System Scheme: Synchronization without Correlation 208 11.2.1 The Delay-Filter-Permute Block 211 11.2.2 Steady-State Dynamics of the DFP 214 11.2.3 DFP-Bitstream Generation 214 11.2.4 Sensitivity to Changes in the Permutation Table 215 11.3 The Chaotic Followers 217 11.3.1 The Permute-Filter Block 217 11.3.2 Brute Force Attack 219 11.3.3 PF-Bitstream Generation 219 11.4 The Complete System 220 11.4.1 Image Encryption Example 220 11.4.2 Usage for Authentication 221 11.5 Conclusions and Outlook 222 Acknowledgements 223 Author Contributions Statement 223 Additional Information 223 References 223 Part V IoT Use Cases and Implementations 225 12 IoT Use Cases and Implementations: Healthcare 227Mehrnoosh Monshizadeh, Vikramajeet Khatri, Oskari Koskimies, and Mauri Honkanen 12.1 Introduction 227 12.2 Remote Patient Monitoring Architecture 228 12.3 Security Related to eHealth 229 12.3.1 IoT Authentication 231 12.4 Remote Patient Monitoring Security 234 12.4.1 Mobile Application Security 234 12.4.2 Communication Security 235 12.4.3 Data Integrity 235 12.4.4 Cloud Security 235 12.4.5 Audit Logs 236 12.4.6 Intrusion Detection Module 236 12.4.7 Authentication Architecture 240 12.4.8 Attacks on Remote Patient Monitoring Platform 242 12.5 Conclusion 242 References 244 13 Secure and Efficient Privacy-preserving Scheme in Connected Smart Grid Networks 247An Braeken and Pardeep Kumar 13.1 Introduction 247 13.1.1 Related Work 249 13.1.2 Our Contributions 250 13.1.3 Structure of Chapter 251 13.2 Preliminaries 251 13.2.1 System Model 251 13.2.2 Security Requirements 251 13.2.3 Cryptographic Operations and Notations 252 13.3 Proposed Scheme 253 13.3.1 Initialisation Phase 253 13.3.2 Smart Meter Registration Phase 253 13.3.3 Secure Communication Between Smart Meter and Aggregator 254 13.4 Security Analysis 255 13.4.1 Formal Proof 255 13.4.2 Informal Discussion 258 13.5 Performance Analysis 260 13.5.1 Computation Costs 260 13.5.2 Communication Costs 261 13.6 Conclusions 262 References 262 14 Blockchain-Based Cyber Physical Trust Systems 265Arnold Beckmann, Alex Milne, Jean-Jose Razafindrakoto, Pardeep Kumar, Michael Breach, and Norbert Preining 14.1 Introduction 265 14.2 Related Work 268 14.3 Overview of Use-Cases and Security Goals 269 14.3.1 Use-Cases 269 14.3.2 Security Goals 270 14.4 Proposed Approach 270 14.5 Evaluation Results 272 14.5.1 Security Features 272 14.5.2 Testbed Results 273 14.6 Conclusion 276 References 276 Index 279

Read more less

Book SynopsisA practical handbook to cybersecurity for both tech and non-tech professionals As reports of major data breaches fill the headlines, it has become impossible for any business, large or small, to ignore the importance of cybersecurity. Most books on the subject, however, are either too specialized for the non-technical professional or too general for positions in the IT trenches. Thanks to author Nadean Tanner's wide array of experience from teaching at a University to working for the Department of Defense, the Cybersecurity Blue Team Toolkit strikes the perfect balance of substantive and accessible, making it equally useful to those in IT or management positions across a variety of industries. This handy guide takes a simple and strategic look at best practices and tools available to both cybersecurity management and hands-on professionals, whether they be new to the field or looking to expand their expertise. Tanner gives comprehensive coverage to such crucial topics as security asTable of ContentsForeword xxi Introduction xxiii Chapter 1 Fundamental Networking and Security Tools 1 Ping 1 IPConfig 4 NSLookup 7 Tracert 9 NetStat 10 PuTTY 14 Chapter 2 Troubleshooting Microsoft Windows 17 RELI 18 PSR 19 PathPing 21 MTR 23 Sysinternals 24 The Legendary God Mode 28 Chapter 3 Nmap—The Network Mapper 31 Network Mapping 32 Port Scanning 34 Services Running 36 Operating Systems 38 Zenmap 39 Chapter 4 Vulnerability Management 43 Managing Vulnerabilities 43 OpenVAS 46 Nexpose Community 50 Chapter 5 Monitoring with OSSEC 57 Log-Based Intrusion Detection Systems 57 Agents 61 Adding an Agent 63 Extracting the Key for an Agent 64 Removing an Agent 64 Log Analysis 65 Chapter 6 Protecting Wireless Communication 67 802.11 67 inSSIDer 70 Wireless Network Watcher 71 Hamachi 72 Tor 78 Chapter 7 Wireshark 83 Wireshark 83 OSI Model 86 Capture 89 Filters and Colors 92 Inspection 93 Chapter 8 Access Management 97 AAA 98 Least Privilege 99 Single Sign-On 101 JumpCloud 103 Chapter 9 Managing Logs 109 Windows Event Viewer 110 Windows PowerShell 112 BareTail 116 Syslog 117 SolarWinds Kiwi 120 Chapter 10 Metasploit 125 Reconnaissance 127 Installation 128 Gaining Access 135 Metasploitable2 139 Vulnerable Web Services 144 Meterpreter 146 Chapter 11 Web Application Security 147 Web Development 148 Information Gathering 151 DNS 153 Defense in Depth 155 Burp Suite 156 Chapter 12 Patch and Configuration Management 165 Patch Management 166 Configuration Management 173 Clonezilla Live 179 Chapter 13 Securing OSI Layer 8 187 Human Nature 188 Human Attacks 192 Education 193 The Social Engineer Toolkit 195 Chapter 14 Kali Linux 205 Virtualization 206 Optimizing Kali Linux 219 Using Kali Linux Tools 221 Maltego 222 Recon-ng 223 Sparta 225 MacChanger 225 Nikto 226 Kismet 227 WiFite 228 John the Ripper 229 Hashcat 230 Chapter 15 CISv7 Controls and Best Practices 235 CIS Basic Controls—The Top Six 236 Inventory and Control of Hardware Assets 236 Inventory and Control of Software Assets 238 Continuous Vulnerability Management 239 Controlled Use of Administrative Privileges 240 Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers 241 Maintenance, Monitoring, and Analysis of Audit Logs 246 In Conclusion 248 Index 249

Read more less

Book SynopsisTable of ContentsIntroduction xix Chapter 1 Threats, Attacks, and Vulnerabilities 1 Chapter 2 Architecture and Design 45 Chapter 3 Implementation 81 Chapter 4 Operations and Incident Response 129 Chapter 5 Governance, Risk, and Compliance 159 Appendix Answers and Explanations 185 Index 299

Read more less

Book SynopsisPrepare for the MCA Azure Security Engineer certification exam faster and smarter with help from Sybex In the MCA Microsoft Certified Associate Azure Security Engineer Study Guide: Exam AZ-500, cybersecurity veteran Shimon Brathwaite walks you through every step you need to take to prepare for the MCA Azure Security Engineer certification exam and a career in Azure cybersecurity. You'll find coverage of every domain competency tested by the exam, including identity management and access, platform protection implementation, security operations management, and data and application security. You'll learn to maintain the security posture of an Azure environment, implement threat protection, and respond to security incident escalations. Readers will also find: Efficient and accurate coverage of every topic necessary to succeed on the MCA Azure Security Engineer examRobust discussions of all the skills you need to hit the ground running at your firstor nextAzure cybersecurity jobComplementary access to online study tools, including hundreds of bonus practice exam questions, electronic flashcards, and a searchable glossaryThe MCA Azure Security Engineer AZ-500 exam is a challenging barrier to certification. But you can prepare confidently and quickly with this latest expert resource from Sybex. It's ideal for anyone preparing for the AZ-500 exam or seeking to step into their next role as an Azure security engineer.Table of ContentsIntroduction xix Assessment Test xxv Chapter 1 Introduction to Microsoft Azure 1 What Is Microsoft Azure? 3 Cloud Environment Security Objectives 4 Confidentiality 4 Integrity 4 Availability 5 Nonrepudiation 5 Common Security Issues 5 Principle of Least Privilege 5 Zero- Trust Model 6 Defense in Depth 6 Avoid Security through Obscurity 9 The AAAs of Access Management 9 Encryption 10 End- to- End Encryption 11 Symmetric Key Encryption 11 Asymmetric Key Encryption 11 Network Segmentation 13 Basic Network Configuration 13 Unsegmented Network Example 14 Internal and External Compliance 15 Cybersecurity Considerations for the Cloud Environment 16 Configuration Management 17 Unauthorized Access 17 Insecure Interfaces/APIs 17 Hijacking of Accounts 17 Compliance 18 Lack of Visibility 18 Accurate Logging 18 Cloud Storage 18 Vendor Contracts 19 Link Sharing 19 Major Cybersecurity Threats 19 DDoS 19 Social Engineering 20 Password Attacks 21 Malware 21 Summary 24 Exam Essentials 24 Review Questions 26 Chapter 2 Managing Identity and Access in Microsoft Azure 29 Identity and Access Management 31 Identifying Individuals in a System 31 Identifying and Assigning Roles in a System and to an Individual 32 Assigning Access Levels to Individuals or Groups 33 Adding, Removing, and Updating Individuals and Their Roles in a System 33 Protecting a System’s Sensitive Data and Securing the System 33 Enforcing Accountability 34 IAM in the Microsoft Azure Platform 34 Creating and Managing Azure AD Identities 34 Managing Azure AD Groups 37 Managing Azure Users 39 Adding Users to Your Azure AD 39 Managing External Identities Using Azure AD 40 Managing Secure Access Using Azure Active Directory 42 Implementing Conditional Access Policies, Including MFA 44 Implementing Azure AD Identity Protection 45 Enabling the Policies 47 Implement Passwordless Authentication 50 Configuring an Access Review 52 Managing Application Access 57 Integrating Single Sign- On and Identity Providers for Authentication 57 Creating an App Registration 58 Configuring App Registration Permission Scopes 58 Managing App Registration Permission Consent 59 Managing API Permission to Azure Subscriptions 60 Configuring an Authentication Method for a Service Principal 61 Managing Access Control 62 Interpret Role and Resource Permissions 62 Configuring Azure Role Permissions for Management Groups, Subscriptions, Resource Groups, and Resources 63 Assigning Built- In Azure AD Roles 64 Creating and Assigning Custom Roles, Including Azure Roles and Azure AD Roles 65 Summary 66 Exam Essentials 67 Review Questions 70 Chapter 3 Implementing Platform Protections 73 Implementing Advanced Network Security 75 Securing Connectivity of Hybrid Networks 75 Securing Connectivity of Virtual Networks 77 Creating and Configuring Azure Firewalls 78 Azure Firewall Premium 79 Creating and Configuring Azure Firewall Manager 82 Creating and Configuring Azure Application Gateway 82 Creating and Configuring Azure Front Door 87 Creating and Configuring a Web Application Firewall 91 Configuring Network Isolation for Web Apps and Azure Functions 93 Implementing Azure Service Endpoints 94 Implementing Azure Private Endpoints, Including Integrating with Other Services 97 Implementing Azure Private Link 98 Implementing Azure DDoS Protection 101 Configuring Enhanced Security for Compute 102 Configuring Azure Endpoint Protection for VMs 102 Enabling Update Management in Azure Portal 104 Configuring Security for Container Services 108 Managing Access to the Azure Container Registry 109 Configuring Security for Serverless Compute 109 Microsoft Recommendations 111 Configuring Security for an Azure App Service 112 Exam Essentials 118 Review Questions 122 Chapter 4 Managing Security Operations 125 Configure Centralized Policy Management 126 Configure a Custom Security Policy 126 Create Custom Security Policies 127 Creating a Policy Initiative 128 Configuring Security Settings and Auditing by Using Azure Policy 129 Configuring and Managing Threat Protection 130 Configuring Microsoft Defender for Cloud for Servers (Not Including Microsoft Defender for Endpoint) 131 Configuring Microsoft Defender for SQL 134 Using the Microsoft Threat Modeling Tool 139 Azure Monitor 147 Visualizations in Azure Monitor 148 Configuring and Managing Security Monitoring Solutions 149 Creating and Customizing Alert Rules by Using Azure Monitor 149 Configuring Diagnostic Logging and Retention Using Azure Monitor 157 Monitoring Security Logs Using Azure Monitor 159 Microsoft Sentinel 167 Configuring Connectors in Microsoft Sentinel 170 Evaluating Alerts and Incidents in Microsoft Sentinel 175 Summary 176 Exam Essentials 177 Review Questions 179 Chapter 5 Securing Data and Applications 183 Configuring Security for Storage in Azure 184 Storage Account Access Keys 185 Configuring Access Control for Storage Accounts 185 Configuring Storage Account Access Keys 189 Configuring Azure AD Authentication for Azure Storage and Azure Files 191 Configuring Delegated Access for Storage Accounts 202 Configuring Security for Databases 220 Summary 254 Exam Essentials 255 Review Questions 257 Appendix A An Azure Security Tools Overview 261 Chapter 2, “Managing Identity and Access on Microsoft Azure” 262 Azure Active Directory (AD) 262 Microsoft Authenticator App 265 Azure API Management 265 Chapter 3, “Implementing Platform Protections” 266 Azure Firewall 266 Azure Firewall Manager 267 Azure Application Gateway 269 Azure Front Door 273 Web Application Firewall 273 Azure Service Endpoints 274 Azure Private Links 274 Azure DDoS Protection 275 Microsoft Defender for Cloud 276 Azure Container Registry 277 Azure App Service 278 Chapter 4, “Managing Security Operations” 279 Azure Policy 279 Microsoft Threat Modeling Tool 281 Microsoft Sentinel 287 How Does Microsoft Sentinel Work? 289 Automation 290 Chapter 5, “Securing Data and Applications” 290 Azure Key Vault 299 Appendix B Answers to Review Questions 301 Chapter 1: Introduction to Microsoft Azure 302 Chapter 2: Managing Identity and Access in Microsoft Azure 303 Chapter 3: Implementing Platform Protections 304 Chapter 4: Managing Security Operations 305 Chapter 5: Securing Data and Applications 306 Index 309

Read more less

Book SynopsisCybercrime affects over 1 million people worldwide a day, and cyber attacks on public institutions and businesses are increasing. This book interrogates the European Union's evolving cybersecurity policies and strategy and argues that while progress is being made, much remains to be done to ensure a secure and resilient cyberspace in the future.Trade Review“The book is well written and clear in its content and purposes. It is well suited for both academics and practitioners, including political and military personnel, presenting a clear overview of the development of the EU’s cybersecurity framework. … it makes a useful contribution to the academic debate on the global role of the EU as a security actor, as well as on the idea of a ‘civilian response’ to cyber threats.” (Simona Autolitano, The International Spectator, Vol. 52 (1), 2017)Table of Contents1. Introduction 2. Conceptualising Security as Resilience in Cyberspace 3. Cybersecurity in the Global Ecosystem 4. National Cybersecurity Approaches in the European Union: The Case of the UK 5. The European Union and Cybercrime 6. Network and Information Security and Cyber Defence in the European Union 7. Transatlantic Cooperation in Cybersecurity: Converging on Security as Resilience? 8. Conclusions: Towards Effective Security as Resilience in the European Union?

Read more less