Muutke küpsiste eelistusi

Dynamically Enabled Cyber Defense [Kõva köide]

(Sun Yat-sen Univ, China), (Peng Cheng Laboratory, China)
  • Formaat: Hardback, 388 pages
  • Ilmumisaeg: 16-Jun-2021
  • Kirjastus: World Scientific Publishing Co Pte Ltd
  • ISBN-10: 9811234337
  • ISBN-13: 9789811234330
Teised raamatud teemal:
Dynamically Enabled Cyber DefenseSuurem pilt
  • Formaat: Hardback, 388 pages
  • Ilmumisaeg: 16-Jun-2021
  • Kirjastus: World Scientific Publishing Co Pte Ltd
  • ISBN-10: 9811234337
  • ISBN-13: 9789811234330
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9789811234330.html
Märksõnad:

The book puts forward dynamically enabled cyber defense technology as a solution to the system homogenization problem. Based on the hierarchy of the protected information system entity, the book elaborates on current mainstream dynamic defense technologies from four aspects: the internal hardware platform, software service, information data and external network communication. It also ascertains their possible evolution routes, clarifies their relationship with existing security products, and makes macro analyses and discussions on security gain and overall system efficiency of these technologies. This book can be used as both a textbook for graduate courses related to electronic information as well as a reference for scientific researchers engaged in relevant research. It helps graduate students majoring in electronics and information sciences to gain an understanding in dynamically-enabled cyber defense. Scientists and engineers specialising in network security research should also find this book to be a useful guide on recent developments in network security.

Preface v
About the Authors xi
Chapter 1 Introduction
1(50)
1.1 Development and Crisis of Information Age
1(13)
1.1.1 Rapid Development of Informatization
1(2)
1.1.2 Fantastic Experience of Informatization
3(2)
1.1.3 Crisis Caused by Informatization
5(9)
1.2 Omnipotent Cyber Attacks
14(7)
1.2.1 Cyber Crime
14(3)
1.2.2 APT
17(4)
1.3 Unavoidable Security Vulnerabilities
21(13)
1.3.1 Endless 0-day Vulnerabilities
22(1)
1.3.2 Insecurity of Top Manufacturers' Products
23(5)
1.3.3 SDL Cannot Eradicate Vulnerabilities
28(2)
1.3.4 Passivity of Existing Defense Solutions
30(4)
1.4 Dynamically Enabled of Pre-Enemy Changes
34(17)
1.4.1 "Changing with Enemy Situations" in the Art of War
35(7)
1.4.2 Principle of Unpredictability
42(5)
1.4.3 Dynamically Enabled Cyber Defense Idea
47(2)
References
49(2)
Chapter 2 Overview of Dynamically Enabled Defense
51(40)
2.1 Overview of Dynamically Enabled Cyber Defense
52(6)
2.1.1 Basic Status of Cyber Defense
52(2)
2.1.2 Research Status of Dynamic Cyber Defense Technology
54(2)
2.1.3 Definition of Dynamically Enabled Cyber Defense
56(2)
2.2 Dynamically Enabled Defense Technology
58(13)
2.2.1 Dynamic Software Defense Technology
60(3)
2.2.2 Dynamic Network Defense Technology
63(3)
2.2.3 Dynamic Platform Defense Technology
66(2)
2.2.4 Dynamic Data Defense Technology
68(2)
2.2.5 Essence of Dynamically Enabled Defense Technology -- Temporal and Spatial Dynamization
70(1)
2.3 Dynamic Enablement and Cyber Kill Chain
71(5)
2.3.1 Dynamic Software Defense and Kill Chain
72(1)
2.3.2 Dynamic Network Defense and Kill Chain
73(1)
2.3.3 Dynamic Platform Defense and Kill Chain
74(1)
2.3.4 Dynamic Data Defense and Kill Chain
75(1)
2.4 Dynamic Enablement and Dynamic Attack Surfaces
76(10)
2.4.1 Attack Surfaces
76(2)
2.4.2 Attack Surface Measurement
78(3)
2.4.3 Dynamic Attack Surface
81(5)
2.5 Summary
86(5)
References
86(5)
Chapter 3 Dynamic Software Defense
91(66)
3.1 Introduction
91(2)
3.2 Address Space Layout Randomization
93(19)
3.2.1 Overview
93(2)
3.2.2 Buffer Overflow Attack
95(5)
3.2.3 Stack Space Layout Randomization
100(4)
3.2.4 Heap Space Layout Randomization
104(2)
3.2.5 Dynamic Link Library Address Space Randomization
106(4)
3.2.6 PEB/TEB Address Space Randomization
110(1)
3.2.7 Basic Effectiveness and Existing Deficiencies
111(1)
3.3 Instruction Set Randomization
112(13)
3.3.1 Overview
112(1)
3.3.2 Compiled Language ISR
113(5)
3.3.3 Interpreted Language ISR
118(7)
3.3.4 Basic Effectiveness and Existing Deficiencies
125(1)
3.4 In-Place Code Randomization
125(11)
3.4.1 Overview
125(1)
3.4.2 How ROP Works
126(6)
3.4.3 Atomic Instruction Substitution
132(2)
3.4.4 Internal Base Block Reordering
134(2)
3.4.5 Basic Effectiveness and Existing Deficiencies
136(1)
3.5 Software Polymorphism
136(7)
3.5.1 Overview
136(2)
3.5.2 Extensible Compiler for Multi-Phase Instrumentation
138(1)
3.5.3 Program Segmentation and Function Reordering
139(1)
3.5.4 Instruction Filling Randomization
140(2)
3.5.5 Register Randomization
142(1)
3.5.6 Inverse Stack
142(1)
3.5.7 Basic Effectiveness and Existing Deficiencies
142(1)
3.6 Multi-Variant Execution
143(7)
3.6.1 Overview
143(1)
3.6.2 Technology Principle
144(4)
3.6.3 Basic Effectiveness and Existing Deficiencies
148(2)
3.7 Summary
150(7)
References
152(5)
Chapter 4 Dynamic Network Defense
157(54)
4.1 Introduction
157(5)
4.2 Dynamic Network Address Translation Technology
162(14)
4.2.1 Overview
162(2)
4.2.2 Technical Principle of DyNAT
164(3)
4.2.3 Working Example of DyNAT
167(4)
4.2.4 IPv6 Address Translation Technology
171(3)
4.2.5 Basic Effectiveness and Existing Deficiencies
174(2)
4.3 Randomized Allocation of Network Address Space Technology Based on DHCP
176(8)
4.3.1 Overview
176(1)
4.3.2 Principle of Network Worm Propagation
177(1)
4.3.3 Abstract Model of Network Address Space Randomization
178(1)
4.3.4 System Principle and Deployment Implementation
179(3)
4.3.5 Basic Effectiveness and Existing Deficiencies
182(2)
4.4 Synchronization-Based End Information Hopping Protection Technology
184(12)
4.4.1 Overview
184(1)
4.4.2 Principle of DoS Attacks
185(1)
4.4.3 Technical Principle of End Information Hopping
186(4)
4.4.4 Core Technology of End Information Hopping
190(5)
4.4.5 Basic Effectiveness and Existing Deficiencies
195(1)
4.5 Overlay Network Protection Technology Against DDoS Attacks `
196(10)
4.5.1 Overview
196(1)
4.5.2 Overlay Network Architecture
197(1)
4.5.3 Principle of DDoS Attacks
198(2)
4.5.4 Technical Principle of DynaBone
200(4)
4.5.5 Security Policy of DynaBone
204(1)
4.5.6 Basic Effectiveness and Existing Deficiencies
205(1)
4.6 Summary
206(5)
References
209(2)
Chapter 5 Dynamic Platform Defense
211(56)
5.1 Introduction
211(2)
5.2 Platform Dynamization Based on Reconfigurable Computing
213(16)
5.2.1 Overview
214(1)
5.2.2 Technical Principles
215(13)
5.2.3 Basic Effectiveness and Existing Deficiencies
228(1)
5.3 Application Live Migration Based on Heterogeneous Platforms
229(14)
5.3.1 Overview
229(1)
5.3.2 Technical Principles
230(12)
5.3.3 Basic Effectiveness and Existing Deficiencies
242(1)
5.4 Dynamic Diversification of Web Services
243(7)
5.4.1 Overview
243(1)
5.4.2 Technical Principles
244(5)
5.4.3 Basic Effectiveness and Existing Deficiencies
249(1)
5.5 Platform Dynamization Based on Intrusion Tolerance
250(10)
5.5.1 Overview
250(1)
5.5.2 Technical Principles
251(9)
5.5.3 Basic Effectiveness and Existing Deficiencies
260(1)
5.6 Summary
260(7)
References
263(4)
Chapter 6 Dynamic Data Defense
267(34)
6.1 Essence of Dynamic Data Defense
268(2)
6.2 Data Randomization
270(6)
6.2.1 Overview
270(1)
6.2.2 Technical Principles
271(5)
6.2.3 Basic Effectiveness and Existing Deficiencies
276(1)
6.3 Data Diversification of N-Variant
276(8)
6.3.1 Overview
276(1)
6.3.2 Technical Principles
277(7)
6.3.3 Basic Effectiveness and Existing Deficiencies
284(1)
6.4 N-Copy Data Diversification for Fault Tolerance
284(6)
6.4.1 Overview
284(1)
6.4.2 Technical Principles
285(4)
6.4.3 Basic Effectiveness and Existing Deficiencies
289(1)
6.5 Data Diversification for Web Application Security
290(6)
6.5.1 Overview
290(1)
6.5.2 Technical Principles
291(4)
6.5.3 Basic Effectiveness and Existing Deficiencies
295(1)
6.6 Summary
296(5)
References
298(3)
Chapter 7 Dynamic Defense Effectiveness Evaluation Technology
301(64)
7.1 Introduction
301(4)
7.2 Overall Evaluation of Defense Effectiveness of Dynamic Enablement Technology
305(19)
7.2.1 Analytical Hierarchy Process
305(4)
7.2.2 Fuzzy Comprehensive Evaluation
309(2)
7.2.3 Markov Chain Evaluation
311(2)
7.2.4 Comprehensive Evaluation Example
313(11)
7.3 Defense Effectiveness Evaluation of Dynamic Enablement Technology Based on Vulnerability Analysis
324(16)
7.3.1 Vulnerability Evaluation Idea
324(1)
7.3.2 Vulnerability Analysis Methods
325(2)
7.3.3 Vulnerability Classification Methods
327(1)
7.3.4 Vulnerability Scoring Methods
327(13)
7.4 Effectiveness Evaluation of Moving Target Defense Based on Attack Surface Measurement
340(15)
7.4.1 Effectiveness Evaluation of Moving Target Defense Against Network Attack-Defense Game
340(2)
7.4.2 Attack Surface Measurement Methods Based on Stochastic Petri Network
342(5)
7.4.3 Attack Surface Measurement Method Based on Markov Chain
347(8)
7.5 Moving Target Defense and System Availability Evaluation
355(7)
7.5.1 Game Theory Method
357(3)
7.5.2 Impact on System Development, Deployment, Operation, and Maintenance
360(2)
7.6 Summary
362(3)
References 365(2)
Index 367