| Preface |
|
xiii | |
| Acknowledgment |
|
xvi | |
| Chapter 1 The Age of Ransomware: Understanding Ransomware and Its Countermeasures |
|
1 | (37) |
|
|
|
|
|
This chapter focuses on the world's most frightening cybersecurity threat known as ransomware. |
|
|
|
Experts popularly describe ransomware as scareware that makes data and resources on a victims' computers inaccessible and forces the victims to pay a ransom with bitcoins or through other means by frightening and intimidating them. |
|
|
|
Ransomware these days needs no introduction. |
|
|
|
The perpetrators behind ransomware have done more than enough damage to critical infrastructures and collected billions of dollars from victims across the world and are still collecting. |
|
|
|
As such, this research aims at uncovering the underlying mysteries behind the sudden growth and popularity of ransomware through the in-depth study of literature and efforts made by experts globally in understanding ransomware and how to fight and stop it. |
|
|
|
Moreover, the research seeks to bring together the collective professionals' views and recommendations on how to set up strategic defense in-depth for fighting against ransomware. |
|
|
| Chapter 2 A Review of Security Mechanisms for Multi-Agent Systems: Security Challenges in Multi-Agent Systems |
|
38 | (25) |
|
|
|
This chapter reviews current technologies used to build secure agents. |
|
|
|
A wide spectrum of mechanisms to provide security to agent-based systems is provided, giving an overview with the main agent-based systems and agent-oriented tools. |
|
|
|
An evaluation of security mechanisms is done that identifies security weaknesses. |
|
|
|
This review covers from the initial approaches to the more recent mechanisms. |
|
|
|
This analysis draws attention to the fact that these systems have traditionally neglected the need of a secure underlying infrastructure. |
|
|
| Chapter 3 Attack Detection in Cloud Networks Based on Artificial Intelligence Approaches |
|
63 | (22) |
|
|
|
|
|
|
|
|
|
Cloud computing that aims to provide convenient, on-demand, network access to shared software and hardware resources has security as the greatest challenge. |
|
|
|
Data security is the main security concern followed by intrusion detection and prevention in cloud infrastructure. |
|
|
|
In this chapter, general information about cloud computing and its security issues are discussed. |
|
|
|
In order to prevent or avoid many attacks, a number of machine learning algorithms approaches are proposed. |
|
|
|
However, these approaches do not provide efficient results for identifying unknown types of attacks. |
|
|
|
Deep learning enables to learning features that are more complex, and thanks to the collection of big data as a training data, deep learning achieves more successful results. |
|
|
|
Many deep learning algorithms are proposed for attack detection. |
|
|
|
Deep networks architecture is divided into two categories, and descriptions for each architecture and its related attack detection studies are discussed in the following section of chapter. |
|
|
| Chapter 4 Network Manipulation Using Network Scanning in SDN |
|
85 | (39) |
|
|
|
|
|
|
|
Network scanning commonly implies the use of the computer network to collect information about the target systems. |
|
|
|
This type of scanning is performed by hackers for attacking the target and also by the system administrators for assessment of security and maintaining the system. |
|
|
|
Network scanning mainly analyzes the UDP and TCP network services that are running on the target, the operating system that is used by the target, and the security systems that are placed between the user and targeted hosts. |
|
|
|
Network scanning includes both the network port scanning and vulnerability scanning. |
|
|
|
Network manipulation is an effort that is made by the user to modify the network or structure of a network and thus using online network tools to achieve the target. |
|
|
|
Software-defined networking is a term that comprises several network technologies with the aim of making it adapt the features of flexibility. |
|
|
|
Key terms for SDN implementation include separation of functionality, virtualization in the network, and configuring programmatically. |
|
|
|
This chapter explores network manipulation using network scanning in SDN. |
|
|
| Chapter 5 The Usage Analysis of Machine Learning Methods for Intrusion Detection in Software-Defined Networks |
|
124 | (22) |
|
|
|
This chapter focuses on the process of the machine learning with considering the architecture of software-defined networks (SDNs) and their security mechanisms. |
|
|
|
In general, machine learning has been studied widely in traditional network problems, but recently there have been a limited number of studies in the literature that connect SDN security and machine learning approaches. |
|
|
|
The main reason of this situation is that the structure of SDN has emerged newly and become different from the traditional networks. |
|
|
|
These structural variances are also summarized and compared in this chapter. |
|
|
|
After the main properties of the network architectures, several intrusion detection studies on SDN are introduced and analyzed according to their advantages and disadvantages. |
|
|
|
Upon this schedule, this chapter also aims to be the first organized guide that presents the referenced studies on the SDN security and artificial intelligence together. |
|
|
| Chapter 6 Toward Formal Verification of SDN Access-Control Misconfigurations |
|
146 | (16) |
|
|
|
Software-defined networking (SDN) allows centralizing and simplifying network management control. |
|
|
|
It brings a significant flexibility and visibility to networking, but at the same time creates new security challenges. |
|
|
|
The promise of SDN is the ability to allow networks to keep pace with the speed of change. |
|
|
|
It allows frequent modifications to the network configuration. |
|
|
|
However, these changes may introduce misconfigurations by writing inconsistent rules for single flow table or within a multiple open flow switches that need multiple FlowTables to be maintained at the same time. |
|
|
|
Misconfigurations can arise also between firewalls and FlowTables in OpenFlow-based networks. |
|
|
|
Problems arising from these misconfigurations are common and have dramatic consequences for networks operations. |
|
|
|
To avoid such scenarios, mechanisms to prevent these anomalies and inconsistencies are of paramount importance. |
|
|
|
To address these challenges, the authors present a new method that allows the automatic identification of inter and inter Flowtables anomalies. |
|
|
|
They also use the Firewall to bring out real misconfigurations. |
|
|
| Chapter 7 A Review of Dynamic Verification of Security and Dependability Properties |
|
162 | (26) |
|
|
|
|
|
|
|
This chapter reviews the notions of security and dependability properties from the perspective of software engineering, providing the reader with a technical background on dynamic verification and runtime monitoring techniques. |
|
|
|
The chapter covers the technical background on security and dependability properties with system verification through dynamic verification or monitoring. |
|
|
|
The authors initially provide a short overview of the security and dependability properties themselves. |
|
|
|
Once definitions of security and dependability properties are introduced, they present a critical analysis of current research on dynamic verification by presenting general purpose and security oriented dynamic verification approaches. |
|
|
| Chapter 8 A Formal Ticket-Based Authentication Scheme for VANETs |
|
188 | (33) |
|
|
|
|
|
|
|
|
|
Vehicular ad hoc networks (VANETs) enable vehicles to exchange safety-related messages in order to raise drivers' awareness about surrounding traffic and roads conditions. |
|
|
|
Nevertheless, since these messages have a crucial effect on people's lives and as we cannot disregard the probability of attackers intending to subvert the proper operation of these networks, stringent security support should be applied on these messages before they can be relied on. |
|
|
|
Authenticating these messages before considering them is one of the key security requirements since it enables the receiver to make sure of the received message's integrity and the genuineness of its originator. |
|
|
|
This chapter presents a conditional privacy-preserving authentication scheme for VANETs. |
|
|
| Chapter 9 Toward a Security Scheme for an Intelligent Transport System |
|
221 | |
|
|
|
|
|
|
|
Vehicular ad-hoc networks (VANETs) allow communication among vehicles using some fixed equipment on roads called roads side units. |
|
|
|
Vehicular communications are used for sharing different kinds of information between vehicles and RSUs in order to improve road safety and provide travelers comfort using exchanged messages. |
|
|
|
However, falsified or modified messages can be transmitted that affect the performance of the whole network and cause bad situations in roads. |
|
|
|
To mitigate this problem, trust management can be used in VANET and can be distributive for ensuring safe and secure communication between vehicles. |
|
|
|
Trust is a security concept that has attracted the interest of many researchers and used to build confident relations among vehicles. |
|
|
|
Hence, the authors propose a secured clustering mechanism for messages exchange in VANET in order to organize vehicles into clusters based on vehicles velocity, then CH computes the credibility of message using the reputation of vehicles and the miner controls the vehicle's behavior for verifying the correctness of the message. |
|
|
| Chapter 10 Security Policies a Formal Environment for a Test Cases Generation |
|
217 | (48) |
|
|
|
|
|
Specifying a security policy (SP) is a challenging task in the development of secure communication systems since it is the bedrock of any security strategy. |
|
|
|
Paradoxically, this specification is error prone and can lead to an inadequate SP regarding the security needs. |
|
|
|
Therefore, it seems necessary to define an environment allowing one to "trust" the implemented SP. |
|
|
|
A testing task aims verifying whether an implementation is conforming to its specification. |
|
|
|
Test is generally achieved by generating and executing test cases. |
|
|
|
Some automated testing tools can be used from which model checkers. |
|
|
|
In fact, given a system modeling and a test objective, the model checker can generate a counterexample from which test cases can be deduced. |
|
|
|
The main proposition of this chapter is then a formal environment for SP test cases generation based on a system modeling, a SP specification (test purpose), and the use of a model checker. |
|
|
|
Once generated, these test cases must be improved in order to quantify their effectiveness to detect SP flaws. |
|
|
|
This is made through the generation of mutants. |
|
|
| Compilation of References |
|
265 | (22) |
| About the Contributors |
|
287 | (5) |
| Index |
|
292 | |
Lisainfo e-raamatute kohta