Cantitate/Preț
Produs

Cyber Security and Digital Forensics: Advances in Cyber Security

Autor MM Ghonge
en Limba Engleză Hardback – 3 feb 2022

Din seria Advances in Cyber Security

Preț: 105443 lei

Preț vechi: 157198 lei
-33% Nou

Puncte Express: 1582

Preț estimativ în valută:
20182 21034$ 16800£

Carte indisponibilă temporar

Doresc să fiu notificat când acest titlu va fi disponibil:

Preluare comenzi: 021 569.72.76

Specificații

ISBN-13: 9781119795636
ISBN-10: 111979563X
Pagini: 432
Dimensiuni: 152 x 229 x 26 mm
Greutate: 0.72 kg
Editura: Wiley
Seria Advances in Cyber Security

Locul publicării:Hoboken, United States

Notă biografică

Mangesh M. Ghonge, PhD, is currently working at Sandip Institute of Technology and Research Center, Nashik, Maharashtra, India. He authored or co-authored more than 60 published articles in prestigious journals, book chapters, and conference papers. He is also the author or editor of ten books and has organized and chaired many national and international conferences. Sabyasachi Pramanik, PhD, is an assistant professor in the Department of Computer Science and Engineering, Haldia Institute of Technology, India. He earned his doctorate in computer science and engineering from the Sri Satya Sai University of Technology and Medical Sciences, Bhopal, India. He has many publications in various reputed international conferences, journals, and online book chapter contributions and is also serving as the editorial board member of many international journals. He is a reviewer of journal articles in numerous technical journals and has been a keynote speaker, session chair and technical program committee member in many international conferences. He has authored a book on wireless sensor networks and is currently editing six books for multiple publishers, including Scrivener Publishing. Ramchandra Mangrulkar, PhD, is an associate professor in the Department of Computer Engineering at SVKM's Dwarkadas J. Sanghvi College of Engineering, Mumbai, Maharashtra, India. He has published 48 papers and 12 book chapters and presented significant papers at technical conferences. He has also chaired many conferences as a session chair and conducted various workshops and is also a ICSI-CNSS Certified Network Security Specialist. He is an active member on boards of studies in various universities and institutes in India. Dac-Nhuong Le, PhD, is an associate professor and associate dean at Haiphong University, Vietnam. He earned his MSc and PhD in computer science from Vietnam National University, and he has over 20 years of teaching experience. He has over 50 publications in reputed international conferences, journals and online book chapter contributions and has chaired numerous international conferences. He has served on numerous editorial boards for scientific and technical journals and has authored or edited over 15 books by various publishers, including Scrivener Publishing.

Cuprins

Preface xvii Acknowledgment xxvii 1 A Comprehensive Study of Security Issues and Research Challenges in Different Layers of Service-Oriented IoT Architecture 1 Ankur O. Bang, Udai Pratap Rao and Amit A. Bhusari 1.1 Introduction and Related Work 2 1.2 IoT: Evolution, Applications and Security Requirements 4 1.2.1 IoT and Its Evolution 5 1.2.2 Different Applications of IoT 5 1.2.3 Different Things in IoT 7 1.2.4 Security Requirements in IoT 8 1.3 Service-Oriented IoT Architecture and IoT Protocol Stack 10 1.3.1 Service-Oriented IoT Architecture 10 1.3.2 IoT Protocol Stack 11 1.3.2.1 Application Layer Protocols 12 1.3.2.2 Transport Layer Protocols 13 1.3.2.3 Network Layer Protocols 15 1.3.2.4 Link Layer and Physical Layer Protocols 16 1.4 Anatomy of Attacks on Service-Oriented IoT Architecture 24 1.4.1 Attacks on Software Service 24 1.4.1.1 Operating System-Level Attacks 24 1.4.1.2 Application-Level Attacks 25 1.4.1.3 Firmware-Level Attacks 25 1.4.2 Attacks on Devices 26 1.4.3 Attacks on Communication Protocols 26 1.4.3.1 Attacks on Application Layer Protocols 26 1.4.3.2 Attacks on Transport Layer Protocols 28 1.4.3.3 Attacks on Network Layer Protocols 28 1.4.3.4 Attacks on Link and Physical Layer Protocols 30 1.5 Major Security Issues in Service-Oriented IoT Architecture 31 1.5.1 Application - Interface Layer 32 1.5.2 Service Layer 33 1.5.3 Network Layer 33 1.5.4 Sensing Layer 34 1.6 Conclusion 35 References 36 2 Quantum and Post-Quantum Cryptography 45 Om Pal, Manoj Jain, B.K. Murthy and Vinay Thakur 2.1 Introduction 46 2.2 Security of Modern Cryptographic Systems 46 2.2.1 Classical and Quantum Factoring of A Large Number 47 2.2.2 Classical and Quantum Search of An Item 49 2.3 Quantum Key Distribution 49 2.3.1 BB84 Protocol 50 2.3.1.1 Proposed Key Verification Phase for BB84 51 2.3.2 E91 Protocol 51 2.3.3 Practical Challenges of Quantum Key Distribution 52 2.3.4 Multi-Party Quantum Key Agreement Protocol 53 2.4 Post-Quantum Digital Signature 53 2.4.1 Signatures Based on Lattice Techniques 54 2.4.2 Signatures Based on Multivariate Quadratic Techniques 55 2.4.3 Hash-Based Signature Techniques 55 2.5 Conclusion and Future Directions 55 References 56 3 Artificial Neural Network Applications in Analysis of Forensic Science 59 K.R. Padma and K.R. Don 3.1 Introduction 60 3.2 Digital Forensic Analysis Knowledge 61 3.3 Answer Set Programming in Digital Investigations 61 3.4 Data Science Processing with Artificial Intelligence Models 63 3.5 Pattern Recognition Techniques 63 3.6 ANN Applications 65 3.7 Knowledge on Stages of Digital Forensic Analysis 65 3.8 Deep Learning and Modelling 67 3.9 Conclusion 68 References 69 4 A Comprehensive Survey of Fully Homomorphic Encryption from Its Theory to Applications 73 Rashmi Salavi, Dr. M. M. Math and Dr. U. P. Kulkarni 4.1 Introduction 73 4.2 Homomorphic Encryption Techniques 76 4.2.1 Partial Homomorphic Encryption Schemes 77 4.2.2 Fully Homomorphic Encryption Schemes 78 4.3 Homomorphic Encryption Libraries 79 4.4 Computations on Encrypted Data 83 4.5 Applications of Homomorphic Encryption 85 4.6 Conclusion 86 References 87 5 Understanding Robotics through Synthetic Psychology 91 Garima Saini and Dr. Shabnam 5.1 Introduction 91 5.2 Physical Capabilities of Robots 92 5.2.1 Artificial Intelligence and Neuro Linguistic Programming (NLP) 93 5.2.2 Social Skill Development and Activity Engagement 93 5.2.3 Autism Spectrum Disorders 93 5.2.4 Age-Related Cognitive Decline and Dementia 94 5.2.5 Improving Psychosocial Outcomes through Robotics 94 5.2.6 Clients with Disabilities and Robotics 94 5.2.7 Ethical Concerns and Robotics 95 5.3 Traditional Psychology, Neuroscience and Future Robotics 95 5.4 Synthetic Psychology and Robotics: A Vision of the Future 97 5.5 Synthetic Psychology: The Foresight 98 5.6 Synthetic Psychology and Mathematical Optimization 99 5.7 Synthetic Psychology and Medical Diagnosis 99 5.7.1 Virtual Assistance and Robotics 100 5.7.2 Drug Discovery and Robotics 100 5.8 Conclusion 101 References 101 6 An Insight into Digital Forensics: History, Frameworks, Types and Tools 105 G Maria Jones and S Godfrey Winster 6.1 Overview 105 6.2 Digital Forensics 107 6.2.1 Why Do We Need Forensics Process? 107 6.2.2 Forensics Process Principles 108 6.3 Digital Forensics History 108 6.3.1 1985 to 1995 108 6.3.2 1995 to 2005 109 6.3.3 2005 to 2015 110 6.4 Evolutionary Cycle of Digital Forensics 111 6.4.1 Ad Hoc 111 6.4.2 Structured Phase 111 6.4.3 Enterprise Phase 112 6.5 Stages of Digital Forensics Process 112 6.5.1 Stage 1 - 1995 to 2003 112 6.5.2 Stage II - 2004 to 2007 113 6.5.3 Stage III - 2007 to 2014 114 6.6 Types of Digital Forensics 115 6.6.1 Cloud Forensics 116 6.6.2 Mobile Forensics 116 6.6.3 IoT Forensics 116 6.6.4 Computer Forensics 117 6.6.5 Network Forensics 117 6.6.6 Database Forensics 118 6.7 Evidence Collection and Analysis 118 6.8 Digital Forensics Tools 119 6.8.1 X-Ways Forensics 119 6.8.2 SANS Investigative Forensics Toolkit - SIFT 119 6.8.3 EnCase 119 6.8.4 The Sleuth Kit/Autopsy 122 6.8.5 Oxygen Forensic Suite 122 6.8.6 Xplico 122 6.8.7 Computer Online Forensic Evidence Extractor (COFEE) 122 6.8.8 Cellebrite UFED 122 6.8.9 OSForeniscs 123 6.8.10 Computer-Aided Investigative Environment (CAINE) 123 6.9 Summary 123 References 123 7 Digital Forensics as a Service: Analysis for Forensic Knowledge 127 Soumi Banerjee, Anita Patil, Dipti Jadhav and Gautam Borkar 7.1 Introduction 127 7.2 Objective 128 7.3 Types of Digital Forensics 129 7.3.1 Network Forensics 129 7.3.2 Computer Forensics 142 7.3.3 Data Forensics 147 7.3.4 Mobile Forensics 149 7.3.5 Big Data Forensics 154 7.3.6 IoT Forensics 155 7.3.7 Cloud Forensics 157 7.4 Conclusion 161 References 161 8 4S Framework: A Practical CPS Design Security Assessment & Benchmarking Framework 163 Neel A. Patel, Dhairya A. Parekh, Yash A. Shah and Ramchandra Mangrulkar 8.1 Introduction 164 8.2 Literature Review 166 8.3 Medical Cyber Physical System (MCPS) 170 8.3.1 Difference between CPS and MCPS 171 8.3.2 MCPS Concerns, Potential Threats, Security 171 8.4 CPSSEC vs. Cyber Security 172 8.5 Proposed Framework 173 8.5.1 4S Definitions 174 8.5.2 4S Framework-Based CPSSEC Assessment Process 175 8.5.3 4S Framework-Based CPSSEC Assessment Score Breakdown & Formula 181 8.6 Assessment of Hypothetical MCPS Using 4S Framework 187 8.6.1 System Description 187 8.6.2 Use Case Diagram for the Above CPS 188 8.6.3 Iteration 1 of 4S Assessment 189 8.6.4 Iteration 2 of 4S Assessment 195 8.7 Conclusion 200 8.8 Future Scope 201 References 201 9 Ensuring Secure Data Sharing in IoT Domains Using Blockchain 205 Tawseef Ahmed Teli, Rameez Yousuf and Dawood Ashraf Khan 9.1 IoT and Blockchain 205 9.1.1 Public 208 9.1.1.1 Proof of Work (PoW) 209 9.1.1.2 Proof of Stake (PoS) 209 9.1.1.3 Delegated Proof of Stake (DPoS) 210 9.1.2 Private 210 9.1.3 Consortium or Federated 210 9.2 IoT Application Domains and Challenges in Data Sharing 211 9.3 Why Blockchain? 214 9.4 IoT Data Sharing Security Mechanism On Blockchain 216 9.4.1 Double-Chain Mode Based On Blockchain Technology 216 9.4.2 Blockchain Structure Based On Time Stamp 217 9.5 Conclusion 219 References 219 10 A Review of Face Analysis Techniques for Conventional and Forensic Applications 223 Chethana H.T. and Trisiladevi C. Nagavi 10.1 Introduction 224 10.2 Face Recognition 225 10.2.1 Literature Review on Face Recognition 226 10.2.2 Challenges in Face Recognition 228 10.2.3 Applications of Face Recognition 229 10.3 Forensic Face Recognition 229 10.3.1 Literature Review on Face Recognition for Forensics 231 10.3.2 Challenges of Face Recognition in Forensics 233 10.3.3 Possible Datasets Used for Forensic Face Recognition 235 10.3.4 Fundamental Factors for Improving Forensics Science 235 10.3.5 Future Perspectives 237 10.4 Conclusion 238 References 238 11 Roadmap of Digital Forensics Investigation Process with Discovery of Tools 241 Anita Patil, Soumi Banerjee, Dipti Jadhav and Gautam Borkar 11.1 Introduction 242 11.2 Phases of Digital Forensics Process 244 11.2.1 Phase I - Identification 244 11.2.2 Phase II - Acquisition and Collection 245 11.2.3 Phase III - Analysis and Examination 245 11.2.4 Phase IV - Reporting 245 11.3 Analysis of Challenges and Need of Digital Forensics 246 11.3.1 Digital Forensics Process has following Challenges 246 11.3.2 Needs of Digital Forensics Investigation 247 11.3.3 Other Common Attacks Used to Commit the Crime 248 11.4 Appropriateness of Forensics Tool 248 11.4.1 Level of Skill 248 11.4.2 Outputs 252 11.4.3 Region of Emphasis 252 11.4.4 Support for Additional Hardware 252 11.5 Phase-Wise Digital Forensics Techniques 253 11.5.1 Identification 253 11.5.2 Acquisition 254 11.5.3 Analysis 256 11.5.3.1 Data Carving 257 11.5.3.2 Different Curving Techniques 259 11.5.3.3 Volatile Data Forensic Toolkit Used to Collect and Analyze the Data from Device 260 11.5.4 Report Writing 265 11.6 Pros and Cons of Digital Forensics Investigation Process 266 11.6.1 Advantages of Digital Forensics 266 11.6.2 Disadvantages of Digital Forensics 266 11.7 Conclusion 267 References 267 12 Utilizing Machine Learning and Deep Learning in Cybesecurity: An Innovative Approach 271 Dushyant Kaushik, Muskan Garg, Annu, Ankur Gupta and Sabyasachi Pramanik 12.1 Introduction 271 12.1.1 Protections of Cybersecurity 272 12.1.2 Machine Learning 274 12.1.3 Deep Learning 276 12.1.4 Machine Learning and Deep Learning: Similarities and Differences 278 12.2 Proposed Method 281 12.2.1 The Dataset Overview 282 12.2.2 Data Analysis and Model for Classification 283 12.3 Experimental Studies and Outcomes Analysis 283 12.3.1 Metrics on Performance Assessment 284 12.3.2 Result and Outcomes 285 12.3.2.1 Issue 1: Classify the Various Categories of Feedback Related to the Malevolent Code Provided 285 12.3.2.2 Issue 2: Recognition of the Various Categories of Feedback Related to the Malware Presented 286 12.3.2.3 Issue 3: According to the Malicious Code, Distinguishing Various Forms of Malware 287 12.3.2.4 Issue 4: Detection of Various Malware Styles Based on Different Responses 287 12.3.3 Discussion 288 12.4 Conclusions and Future Scope 289 References 292 13 Applications of Machine Learning Techniques in the Realm of Cybersecurity 295 Koushal Kumar and Bhagwati Prasad Pande 13.1 Introduction 296 13.2 A Brief Literature Review 298 13.3 Machine Learning and Cybersecurity: Various Issues 300 13.3.1 Effectiveness of ML Technology in Cybersecurity Systems 300 13.3.2 Machine Learning Problems and Challenges in Cybersecurity 302 13.3.2.1 Lack of Appropriate Datasets 302 13.3.2.2 Reduction in False Positives and False Negatives 302 13.3.2.3 Adversarial Machine Learning 302 13.3.2.4 Lack of Feature Engineering Techniques 303 13.3.2.5 Context-Awareness in Cybersecurity 303 13.3.3 Is Machine Learning Enough to Stop Cybercrime? 304 13.4 ML Datasets and Algorithms Used in Cybersecurity 304 13.4.1 Study of Available ML-Driven Datasets Available for Cybersecurity 304 13.4.1.1 KDD Cup 1999 Dataset (DARPA1998) 305 13.4.1.2 NSL-KDD Dataset 305 13.4.1.3 ECML-PKDD 2007 Discovery Challenge Dataset 305 13.4.1.4 Malicious URL's Detection Dataset 306 13.4.1.5 ISOT (Information Security and Object Technology) Botnet Dataset 306 13.4.1.6 CTU-13 Dataset 306 13.4.1.7 MAWILab Anomaly Detection Dataset 307 13.4.1.8 ADFA-LD and ADFA-WD Datasets 307 13.4.2 Applications ML Algorithms in Cybersecurity Affairs 307 13.4.2.1 Clustering 309 13.4.2.2 Support Vector Machine (SVM) 309 13.4.2.3 Nearest Neighbor (NN) 309 13.4.2.4 Decision Tree 309 13.4.2.5 Dimensionality Reduction 310 13.5 Applications of Machine Learning in the Realm of Cybersecurity 310 13.5.1 Facebook Monitors and Identifies Cybersecurity Threats with ML 310 13.5.2 Microsoft Employs ML for Security 311 13.5.3 Applications of ML by Google 312 13.6 Conclusions 313 References 313 14 Security Improvement Technique for Distributed Control System (DCS) and Supervisory Control-Data Acquisition (SCADA) Using Blockchain at Dark Web Platform 317 Anand Singh Rajawat, Romil Rawat and Kanishk Barhanpurkar 14.1 Introduction 318 14.2 Significance of Security Improvement in DCS and SCADA 322 14.3 Related Work 323 14.4 Proposed Methodology 324 14.4.1 Algorithms Used for Implementation 327 14.4.2 Components of a Blockchain 327 14.4.3 MERKLE Tree 328 14.4.4 The Technique of Stack and Work Proof 328 14.4.5 Smart Contracts 329 14.5 Result Analysis 329 14.6 Conclusion 330 References 331 15 Recent Techniques for Exploitation and Protection of Common Malicious Inputs to Online Applications 335 Dr. Tun Myat Aung and Ni Ni Hla 15.1 Introduction 335 15.2 SQL Injection 336 15.2.1 Introduction 336 15.2.2 Exploitation Techniques 337 15.2.2.1 In-Band SQL Injection 337 15.2.2.2 Inferential SQL Injection 338 15.2.2.3 Out-of-Band SQL Injection 340 15.2.3 Causes of Vulnerability 340 15.2.4 Protection Techniques 341 15.2.4.1 Input Validation 341 15.2.4.2 Data Sanitization 341 15.2.4.3 Use of Prepared Statements 342 15.2.4.4 Limitation of Database Permission 343 15.2.4.5 Using Encryption 343 15.3 Cross Site Scripting 344 15.3.1 Introduction 344 15.3.2 Exploitation Techniques 344 15.3.2.1 Reflected Cross Site Scripting 345 15.3.2.2 Stored Cross Site Scripting 345 15.3.2.3 DOM-Based Cross Site Scripting 346 15.3.3 Causes of Vulnerability 346 15.3.4 Protection Techniques 347 15.3.4.1 Data Validation 347 15.3.4.2 Data Sanitization 347 15.3.4.3 Escaping on Output 347 15.3.4.4 Use of Content Security Policy 348 15.4 Cross Site Request Forgery 349 15.4.1 Introduction 349 15.4.2 Exploitation Techniques 349 15.4.2.1 HTTP Request with GET Method 349 15.4.2.2 HTTP Request with POST Method 350 15.4.3 Causes of Vulnerability 350 15.4.3.1 Session Cookie Handling Mechanism 350 15.4.3.2 HTML Tag 351 15.4.3.3 Browser's View Source Option 351 15.4.3.4 GET and POST Method 351 15.4.4 Protection Techniques 351 15.4.4.1 Checking HTTP Referer 351 15.4.4.2 Using Custom Header 352 15.4.4.3 Using Anti-CSRF Tokens 352 15.4.4.4 Using a Random Value for each Form Field 352 15.4.4.5 Limiting the Lifetime of Authentication Cookies 353 15.5 Command Injection 353 15.5.1 Introduction 353 15.5.2 Exploitation Techniques 354 15.5.3 Causes of Vulnerability 354 15.5.4 Protection Techniques 355 15.6 File Inclusion 355 15.6.1 Introduction 355 15.6.2 Exploitation Techniques 355 15.6.2.1 Remote File Inclusion 355 15.6.2.2 Local File Inclusion 356 15.6.3 Causes of Vulnerability 357 15.6.4 Protection Techniques 357 15.7 Conclusion 358 References 358 16 Ransomware: Threats, Identification and Prevention 361 Sweta Thakur, Sangita Chaudhari and Bharti Joshi 16.1 Introduction 361 16.2 Types of Ransomwares 364 16.2.1 Locker Ransomware 364 16.2.1.1 Reveton Ransomware 365 16.2.1.2 Locky Ransomware 366 16.2.1.3 CTB Locker Ransomware 366 16.2.1.4 TorrentLocker Ransomware 366 16.2.2 Crypto Ransomware 367 16.2.2.1 PC Cyborg Ransomware 367 16.2.2.2 OneHalf Ransomware 367 16.2.2.3 GPCode Ransomware 367 16.2.2.4 CryptoLocker Ransomware 368 16.2.2.5 CryptoDefense Ransomware 368 16.2.2.6 CryptoWall Ransomware 368 16.2.2.7 TeslaCrypt Ransomware 368 16.2.2.8 Cerber Ransomware 368 16.2.2.9 Jigsaw Ransomware 369 16.2.2.10 Bad Rabbit Ransomware 369 16.2.2.11 WannaCry Ransomware 369 16.2.2.12 Petya Ransomware 369 16.2.2.13 Gandcrab Ransomware 369 16.2.2.14 Rapid Ransomware 370 16.2.2.15 Ryuk Ransomware 370 16.2.2.16 Lockergoga Ransomware 370 16.2.2.17 PewCrypt Ransomware 370 16.2.2.18 Dhrama/Crysis Ransomware 370 16.2.2.19 Phobos Ransomware 371 16.2.2.20 Malito Ransomware 371 16.2.2.21 LockBit Ransomware 371 16.2.2.22 GoldenEye Ransomware 371 16.2.2.23 REvil or Sodinokibi Ransomware 371 16.2.2.24 Nemty Ransomware 371 16.2.2.25 Nephilim Ransomware 372 16.2.2.26 Maze Ransomware 372 16.2.2.27 Sekhmet Ransomware 372 16.2.3 MAC Ransomware 372 16.2.3.1 KeRanger Ransomware 373 16.2.3.2 Go Pher Ransomware 373 16.2.3.3 FBI Ransom Ransomware 373 16.2.3.4 File Coder 373 16.2.3.5 Patcher 373 16.2.3.6 ThiefQuest Ransomware 374 16.2.3.7 Keydnap Ransomware 374 16.2.3.8 Bird Miner Ransomware 374 16.3 Ransomware Life Cycle 374 16.4 Detection Strategies 376 16.4.1 Unevil 376 16.4.2 Detecting File Lockers 376 16.4.3 Detecting Screen Lockers 377 16.4.4 Connection-Monitor and Connection-Breaker Approach 377 16.4.5 Ransomware Detection by Mining API Call Usage 377 16.4.6 A New Static-Based Framework for Ransomware Detection 377 16.4.7 White List-Based Ransomware Real-Time Detection Prevention (WRDP) 378 16.5 Analysis of Ransomware 378 16.5.1 Static Analysis 379 16.5.2 Dynamic Analysis 379 16.6 Prevention Strategies 380 16.6.1 Access Control 380 16.6.2 Recovery After Infection 380 16.6.3 Trapping Attacker 380 16.7 Ransomware Traits Analysis 380 16.8 Research Directions 384 16.9 Conclusion 384 References 384 Index 389