Index

Note: Page numbers followed by “f” and “t” refer to figures and tables, respectively.

A

Access control, 159f
cloud computing, security challenges, 392
leveraging semantic web technologies
DEMONS ontological access control model, 499–502
implementing RBAC, with ontologies, 494–495
online social networks (OSNs), 498–499
ontology-based context awareness, 496–497
overview of, 493–494
state-of-the-art ontological models, 502–503
user preferences, 497–498
XACML attribute model, 495–496
ontological rule, 497–498, 501f
privacy-aware, 493–494
semantic models, 503t
virtual infrastructure setup, 392
Access control lists (ACLs), 425–426
Access control ontology (ACO), 498–499
Acquisition program protection planning, 11f
A3 cross-site scripting, 483
Activity specification generation algorithm, 406f
Address resolution protocol (ARP), 118
Address-space layout randomization (ASLR) mechanism, 336, 338
Advanced encryption standard (AES), 142–143
AES-256-bit key, 595–597
algorithm, 600
Advanced persistent threats (APTs), 353, 426
Advanced security network metrics, 187–188
Bayesian method, 189
DARPA’98 IDS evaluation program, 188
description of experiments, 195–199
discriminators extraction process, 198
metrics extraction process, 198
mining/assessment process, 198–199
metrics definition, 193–195
behavioral metrics, 194–195
distributed metrics, 194
dynamic metrics, 194
localization metrics, 194
statistical metrics, 193
metrics extraction, 191–192
functions for, 192–193
principle of method, 189–191
results of experiments, 199–201
TCP packets, 188
Agent based artificial immune system (ABAIS), 446
Agent-based intrusion detection systems
IDS-NIDIA architecture, 155f
IDS-NIDIA, prototyping/extending, 165
keys lifetime, 167f
overview of, 153–154, 154–156
self-integrity, 156–165, 163–165
verification for, 164f
self-reliability, 156–165
of components, 161–163
of message exchange, 161
self-security, 156–165, 157–160, 166
authentication/authorization/secure message exchange, 158–159
key life cycle management, 159–160
tests, 165
XML specification/Web services, 166
Agile software development, 16
Aircrack-ng, cracking output of, 119f
Ajax application, 473
Al Qa’ida-influenced radicalization and terrorism, 561
Amazon Elastic Compute Cloud (EC2), 382
Amazon Web Services’ Elastic Compute Cloud, 512
Amazon web services (AWS) security, 382
Amplified spontaneous emission (ASE) noise, 177–178
erbium-doped fiber amplifiers (EDFA), 177–178
AND/OR hierarchies, 499
Android applications, 397, 397–398, 404–407
components, 397–398
intent-based vulnerabilities
experimentation, 413–415
implementation/experimentation methodology, 411–413
model definition/notations, 399–401
model generation, 404–407
overview of, 397–398
security testing methodology, 404–411
test case execution, definition, 410–411
test case selection, 407–410
vulnerability modeling, 402–404
work, comparison, 398–399
security testing, 398
URIs found, 402
Android applications security testing (APSET), 398, 411
Android configuration file, 404
Android documentation, 402
Android IPC mechanism, 399
Android malware, 427
Anomaly-based IDSes, 286
Anti-CSRF token, pinterest’s response, 322f
Anti-ML (AML) activities, 579
pillars, 579f
Apache, 511
Apache 2 HTTP server, 486
Apache Web Server, 196
App Center Web application, 319
AppendChild methods, 473
Apple App Store, 427
Apple Safari, 431
Application-level security threats, 387–388
Artificial intelligence, 446
ASCII text, 113
Associated press (AP) tweets, 281–282
Association of Chief Police Officers (ACPO), 561
Attack category, 462t
Attacker, 344
Attribute based access control (ABAC), 495
Australian/New Zealand Standard (AS/NZS 4360), 302
Authenticating broadcast, 269
Authentication, authorization, and accounting (AAA) features, 391
Authentication schema, 159f
Authorization service, 220
Autocorrelation peak (ACP), 175
Automated intrusion prevention system (AIPS), 188
honeypot systems, 188
Avalanche photo diode (APD), 143–144
AVI (attack+vulnerability→intrusion) model, 336–337
mapping memory errors, 338f
Awareness, of information security, 100

B

Bayesian method, 189
Bayesian networks, 457
Bayesian probability model, 456, 457, 463, 463f
BB84 protocol, 143–145
Beta Bot, 427
Big-data application, 76, 315, 315–316
IE repository, 81
information exchange/intended policy integration, 67f
information exchange scenario, 67f
Big-data Crash Repository application, 67
Binary knapsack problem, 306
Bit error rate (BER) measurement, 178–179
BlogSpot, 526–527
Bluetooth, 427
Bomb-making websites, 539
Boolean function, 402
Botnets, 354, 428–429
Bitcoin, 429
Carna, 429
DDoS attacks, 429
defenses, 428
phishing/spam, 429–430
WordPress, 429
Bring your own device (BYOD), 426
Browser attack, See Man-in-the-browser attack
Browser-side modifications, 323
Build-in not bolt-on security, 18
Buildroot configuration menu interface, 346f
Busybox-httpd application, 345
Byte for byte approach, 352

C

Call activity, 364t
Call data records (CDRs), 359–360, 361
Case-based reasoning (CBR), 585–586
C band, 179
CCTA risk analysis and management method (CRAMM), 302
CCTV monitoring, 253
CCTV operator, 254
CCTV technology, 253
CDX 2009 TCP dump files, 198
CDX 2009 vulnerable servers, 196t
Certified information systems security professional (CISSP), 10
Channel side information (CSI), 228
Chaos-based communications, 179, 180
Chat rooms, 539
Chrome browser
dailymotion test , screenshot, 325f
C-INCAMI conceptual framework, 42
C-INCAMI requirements, context, measurement, and evaluation components, 28f
Cisco firewall syntax, 509
Clauser-Horne-Shimony-Holt (CHSH) Bell inequality, 144
CLI-based tool, 287
C library, 341
Cloud computing, 382–383, 384
governance, risk, and compliance (GRC), 380
infrastructure security, 381–383
data confidentiality, 382
data integrity, 382
host level, 383
network-level mitigation, 381, 382–383
overview of, 379–383
provisioned access control infrastructure (DACI), 392
service level agreement (SLA), 381
service models, 382–383, 384–391
approaches, 391
IaaS application security, 390–391
PaaS application security, 389–390
PaaS host security, 384–385
SaaS application security, 388–389
SaaS host security, 384–385
SPI model, 384
topological similarities, 382f
virtual machine (VM), 380
virtual server security, 385–388, 386–387
application level, 387–388
Cloud security alliance (CSA), 391
Cloud service provider (CSP), 381
Cloud’s infrastructure, 380
Clusters
completion time, 293f
free memory for, 296f
heterogeneous/homogeneous, training speeds, 293f
CnC commands, 429
CnC servers, 427–428, 434
Code-division multiple access (CDMA), 174
Cognitive maps, 560
Coherent one-way system (COW), 145–146
Combined air operations center (CAOC), 15–16
Command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) systems, 15–16
Command line interface-(CLI) based tool, 290
Common vulnerabilities and exposures (CVE) identifier, 431
Communication Fraud Control Association (CFCA) reports, 359
Comparative fit index (CFI), 584–585
Component under test (CUT), 404
ioLTS, 404
test case generation, 405f
Computer emergency response team (CERT), 425
Confidentiality, 174
Confidentiality, integrity and availability (CIA), 35
Confirmatory factor analysis (CFA) techniques, 584
Connecticut Transportation Department and the Department of Public Safety to establish a Connecticut Crash Data Repository (CTCDR), 66
Content management systems (CMSs), 387
ContentProvider access, 397–398
ContentProvider methods, 402, 413, 413
Contextual-Information Need, Concept model, Attribute, Metric, and Indicator (C-INCAMI) framework, 27
Continuous variable QKD (CV-QKD) system, 145
Cookies management, 485f
Cooperative amplify-and-forward (CAF), 229–230
relay networks, overview of, 227–228
Cooperative amplify-and-forward (CAF) network
ergodic secrecy rate, 239f
relay network, 234–235
ergodic secrecy rate, 233f, 235f, 236f, 237f, 240f
Cooperative relay network, fading distributions, 227–228, 232t
C-operator, 42
Copyright infringement, 423–424
Cougaar-based intrusion detection system (CIDS), 154
Countermeasures
cryptographic protocols, using, 478
obfuscation, using, 478–479, 479
observations, 479
quantitative data about current risk, 311t
trust building, between software layers, 478
Counter-terrorism, 553
CPU architectures, 346–347
Crash repository application, 68
Critical program information and technology (CPI/T)
component-level critical analysis, 12–13
criticality levels, 12t
identification and protection, 11–12
Cross platform component object model (XPCOM), 471
Cross-site request forgery (CSRF), 316, 316–318, 317, 321–322
anti-CSRF mechanisms in web, 322–323
attacks, 319
Barth, C Jackson, and JC Mitchell, 320–321
browser-side modifications, 323
Dailymotion results, 328–330
defense, 316
detection algorithm
high level diagram of, 321f
EW Felten, 320
findings/observations, 323
LinkedIn profile stats, screenshot, 327f
LinkedIn results, 326
malicious exploit of website, 316
modified user’s comment tab, 330f
motivation, for work, 321–322
prevalence of, 319
protection, 322
R Shaikh, 321
server-side modifications, 323
in social media/networking sites, 324–330
test framework, description, 324
test pages, 325t
Web applications, 332–333
Web/URL scanning tools, 330–332
test pages, scores of, 330–332
Wikipedia results, 326–328
W Zeller, 320
YouTube results, 324–326
Cross-site scripting (XSS), 318, 387, 387, 431
attacks, 474
Cross-site tracing (XST), 483
Cryptographic hash functions, 113
Cryptographic protocols, 478
Cryptography, 111–112
key life cycle management, 159–160
Wentworth Institute of Technology (WIT), 111
CSV files, 199
intersector component, 198–199
Currency transaction report (CTR), 581
Customer due diligence (CDD), 580
Cyber-attacks, 432, 444–445, 522, 528
on community, 529–530, 531–532
methods, 529
by semantic networks, See Semantic networks, cyber attacks
Cybercrime-as-a-service (CaaS) economy, 434
Cyber-criminals, 434
Cyber-espionage, 426, 436–437
Cybersecurity, 423, 432
clipping method, 424
contributions, 424
lessons learned, 436–437
scope of, 423–424
dynamic environments, 426
network perimeter, 425
responding to cybersecurity incidents, 425–426
threat profiles, 426
state-of-the-art, 424
Cyber security education
firewall education
criteria for, 508, 511–514
emerging trends, 514
firewall exercises, evaluation of, 509–511
DETERlab, 510–511
FireSim, 509–510
RAVE lab, 510
firewalls, 507
overview of, 507–508
Cyber-security field, 455
Cyberspace security, 433
cyber-terrorism, 443–445
main system structure, 448f
overview of, 443
security auditing, intelligent agents, 446–450
security cyber-assistant system, 446–450
security paradigm shift, 445
Cyber-terrorism, 443–445, 444
Cyber-war
advanced persistent threats, 434–435
cyber-crime industry, underground, 433–434
governments, 435–436
hacktivism, 435
hysteria, 437

D

Dailymotion, 316, 328–330
POST request made, 329f
DARPA’98 IDS evaluation program, 188
Data breach, 432–433
cyber-attacks, 432
faulty containment, 432–433
trends, 433
unintentional data leakage, 432
whistleblowers, 432–433
Data confidentiality, 174–177
Data encryption standard (DES) algorithm, 112–113
Data fluctuation, 364
Data mining, 363
DDoS-as-a-Service (DDoSaaS), 434
Decryption, 112–113
Defense advanced research projects agency (DARPA), 145
DefEx, 112
DEMONS model, 499
ontological access control, 494
Dempster-Shafer theory, 265
Denial of service (DoS) attacks, 66, 286, 362, 435
Department of Defense (DoD)
acquisition management phases, 9f
acquisition program protection planning, 11f
DoD architecture framework (DoDAF), 20
National Institute of Standards and Technology (NIST), 14
risk assessments, 12–13, 13f
DETERlab exercise, 508, 510–511, 511, 511
Developers’ responses
questionnaire for design validation, 221t
dfs.blocksize, 292–293
D-H method, key exchange, 603f
Diffie-Hellman algorithm, 157–158, 158–159
key exchange, 115
Digital games, 88–89, 89
benefits of, 89
Digital spying, 522
DI-QKD protocol, 148–149
Discretionary access control (DAC), 493–494
Distributed denial of service (DDOS), 281–282, 425–426
Distributed file system (DFS), 282
Distribution centers (DC), 303–304
DLLs, 477
Document object model (DOM), 473
DoDI 5000.02 defense acquisition management system, 14
DoD Information Assurance Certification and Accreditation Process (DIACAP), 11–12
DoD Information Technology Security Certification and Accreditation Process (DITSCAP), 11–12
DOM inspector, 317f
Dorkbot malware, 427–428
Dynamic binary translation, 342–343
Dynamic metrics, 194
Dynamic programming algorithm, 304
Dynamic security association (DSA), 392

E

e-Business security, 125–126
electronic transaction law (ETL)
overview of, 127–128
government role, 126–127
Jordan’s e-business initiatives, 129–134
discussion, 133–134
security, analyzing, 131–133
national e-commerce strategy
enablers of, 129t
overview of, 128–129
security, analyzing, 131–133
overview of, 125–126
e-Commerce strategy, 129t
Economic and Social Commission for Western Asia (ESCWA), 131
EDURange, 512
Einstein-Podolsky-Rosen (EPR) experiment, 144
Electronic Transaction Law (ETL), 127, 129–130, 129t
Email spam, 429–430
“Email This” tool, 320
Employed four-wave mixing (FWM), 175
Emulation-based processor diversification
attackers, types of, 353
challenges
challenges, 337–340
memory errors, 335, 337–338
networking server weaknesses, 339–340
protection mechanisms, 338–339
experimentation/results, 349–353
fault manifestation, 349–351
protection against attacks, 351–352
spatial/temporal cost, 352–353
exploit, software fault, 354
security approach, proposed, 340–344
creation of variants, 340–341
execution of variants, 342–343
memory error detection, 343
replacement strategy, stages, 343–344
web server, case studies, 344–349
building cross-compilers, 346
detecting crashes, 347–348
Qemu emulator, 346–347
variants, alternating, 348–349
ENCHELON system, 447
Encryption module layout, 600f
Encryption protects data transmission, 174
Environment topological information, 258–259
Ergodic secrecy rate
vs. relay location angle, 238f
Ethernet, 201
Eucalyptus, 390
Event functions and inference rules, 255
Event reasoning, for trajectory tracking, 261f
event cluster, 256
event definition, 255
event functions, 256, 259–261
event model, 255–257
event representation, 256
examples, 254–255
experiments, 262–263
inference rules, 257, 259–261
overview of, 253
scenario adapts, 257–259
assumptions, 259
Executes JavaScript on Web pages, 471
EXOR operation, 274
Extensible markup access control language (XACML)
attribute model, 494
policy, 68
policy language, 502
specification, 73
eXtensible Markup Language (XML), 591
detection module, 598–600
encryption module, 601–602
standard, 593–591, 593
experiments/results, 601–612
flexibility/expressiveness/usability of, 592–593
fuzzy classification phase, 595–597
characteristics of, 595–597
fuzzy methodology, 598–599
overview of, 591–592
performance evaluation, 612t
system model/design, 594–601

F

Facebook, 436, 526–527
application, 319
CSRF vulnerabilities, 322–323
Face recognition, 254, 257
Facial/color recognition, 258
Fade distribution, impact, 234f
Faraday mirror, 144
Federal Information Management Act (FISMA), 445
Federated identity management services (FIdM), 392
Fiber-based devices, 173–174
Fiber-optic networks, secure communication
availability
jamming/anti-jamming, 179
optical chaos-based communications, 179–180
data confidentiality, 174–177
optical encryption, 174–175
open systems interconnection (OSI) model, 173
optical CDMA, 175–176
optical encryption, schematic diagram, 175f
optical key distribution, 176–177
overview of, 173–174
privacy/optical steganography, 177–179
signal processing, 173–174
File-sharing category, 512
Financial action task force (FATF), 580
Financial criminal enforcement network (FinCEN), 581
Financial security
anti-money laundering efforts, 579–581
implementation of, 581
international cooperation, 580
currency demand approach, 582–583
electricity consumption approach, 583–584
modeling approach, 584–585
money laundering (ML), 577–578
data mining techniques, 585–587
estimation of, 581–585
national expenditure and income, 582
FINCEN AI system (FAIS), 585–586
FinFisher, 436
Fingerprints, 66
Firefox browser, 320–321, 328–330, 431, 472, 486–487
extensions, 320, 475
architecture of, 472f
built-in developer’s tool of, 324f
HTTP of, 475
Firewalls, 507–508, 508
configuration of, 513f
tutorial, 510
Fourier coefficients, 199–201
Fraud, 426–430
definitions of, 359
subscription, 362
superimposed, 362
Fraud management system (FMS), 360, 367
F-Secure, 424
Fully qualified domain name (FQDN), 428
Fuzzification phase, 594
input variables, 598f
Fuzzy classification
phases, 615
rate importance level, sample output of, 599f
sample XML message, 601f, 602f
Fuzzy cognitive maps (FCMs), 565–570, 572
cause variables, 565–568
development process, 571f
studies, 569t
Fuzzy logic (FL), 592

G

Galois field, 246, 247
Game
informational scenario, 93f
informational screen, 95f
introductory information, 94f
message received main screen, 94f
password awareness, 91–93
personal information, 91
phishing awareness, 93–94
rules of, 92f
typical scenario, 95f
Gameplay scenario, 92f
Gamification system, 86–87
applications of, 87
architecture, 89–90
information security awareness, 95
Gaussian channel, 229–230
Gaussian curves, 199
approximation, 199–201
Gecko engine, 471, 473
General web mining methods, 565t
Gill’s pathway model, 562, 562t
Global information grid architecture, 16f
Global Information Technology Report (GITR), 125
Global security policy schema set (GSPSS), 74, 80f
assumptions/equivalence finding, 74–76
for big-data application, 78
crash repository, 76, 79
creation of, 78–80
data ownerover requester, 78
example of, 80f
hierarchical approach, 78
integrated security rule sets, 77–78
safe and lazy approach, 77
XACML policies, 79
Goal-oriented context-aware measurement and evaluation (GOCAME), 26, 26
conceptual framework, 39
M&E process
high-level activities for, 31f
multi-criteria decision analysis, 40
strategy overview, 26–34
Goal-Question-Metric (GQM) approach, 42–43
Google, 436
Google Chrome, 431, 486
Google Docs, 388–389, 389
Google Play Store, 413, 427
Governance, risk, and compliance (GRC) console, 380
Government to business (G2B), 126–127
Government to consumer (G2C), 126–127
Gross national product (GNP), 582
GROUNDFloor, 259
Guess_password, 462

H

Hackers, 153
HackingTeam, 436
Hacktivism, 435, 436–437
Hacktivists, 426
Hadoop-based classifier, 298
Hadoop-based Naive Bayes, 294–297
algorithm, 294–297
classifier, 282
classification speed, 297f
training speed comparison of, 296f
Hadoop-based parameters, 293
Hadoop distributed file system (HDFS), 282, 283
Hadoop Master-Slave cluster architecture, 283f
Hadoop prefixes, 283
Health Insurance Portability and Accountability Act (HIPAA), 432
Hellinger distance, 363
Help the Heroes, T-shirt, 550
Heterogeneous cluster setup, 292f
HIDSes focus, 285
HiveQL, use, 289–290
HivQL, 284
Hop-by-hop authentication scheme, 269–270
Host sensor agents (HSA), 154–155
HStreaming’s StreamGen, 290
HTML5 code, 324–326
HTML documents, 471
parse, 471
HTTP bot, 427
HTTP cookies, 482
HTTPD variants, 346
HTTPD Web server, 344–345, 345, 349, 353, 487
Human factors
and information security, 102
Hyper text markup language (HTML), 481
Hyper text transfer protocol (HTTP), 481

I

IaaS clouds, 382–383
IaaS customers, 391
IBM, 88
ICCRTS05 Paper, 209–211
If-then rule, 600
The Impact of Information Richness on Information Security Awareness Training Effectiveness, 101
Improvised explosive devices (IED), 545
INCOSE SSE Working Group, 21
Information and communications technologies (ICT), 7
security assessment
context component, 27–29
designing fail-safe, 20
GOCAME conceptual framework, 27–29
GOCAME strategy, 26–34
implementations, 14
measurement and evaluation (M&E) projects, 25
measurement component, 29
non-functional requirements component, 27
security/risk assessment, 26
W5H rule, 29–34
system-of-systems (SoS) environment, 7
Information and communication technologies (ICTs), 99, 523
advancement and integration, 99
Information assurance (IA), 10, 11
Information exchange environment (IEE), 99, 99
Information model ontology (IMO), 499
Information retrieval agent structure, 450f
Information security, 423
awareness of, 100
field study, 105–108
and human factors, 102
Information security and assurance (ISA), 85
digital games, benefits of, 89
games, 88
adoption in multiple domains, 88–89
gamification, 86–87
game design, 90–91
software tools, 90
storyboards, 91–94
system architecture, 89–90
Gee’s principles, 86
literature review, 86–89
Information security awareness
dimensions of, 104–105
attitude, 105
knowledge, 105
games, 95
gamification system, 95
architecture, 89f
human factors, 100
metrics, 95
users, 100–101
Information security learning continuum, 102–104
awareness, 103
dimensions of, 104–105
education, 103–104
training, 103
Information security management systems (ISMS), 100
Information security retrieval and awareness (ISRA) model, 101
Information security user awareness, 107t
assessment, and education, 108f
evaluation of, 106t
strategy for, 104f
Input output symbolic transition systems (ioSTS), 398, 399
parallel composition of, 401–402
Instruction set randomization (ISR), 339
Integrated Automated Fingerprint Identification System (IAFIS), 65–66, 66
Integrated security rule sets, resolving conflicts, 77–78
Intelligent banking XML encryption, See eXtensible Markup Language (XML) encryption
Intel Xeon X3350 processor, 292
International monetary fund (IMF), 577
Internet, 540
Internet chat-rooms, 559
Internet engineering task force (IETF), 481–482
Internet explorer (IE), 323
Internet protocol (IP) address, 425, 525
Internet protocol(IP)-based service, 362–363
Internet protocol version 4 (IPv4) address space, 429
Internet relay chat (IRC) botnet, 431–432
Internet security, 446
Intrusion detection systems (IDSs), 153, 455
IDS-NIDIA architecture, 155f
resources, 155
intUnderflow() function, 351
Invisible war, 522
ioSTS suspension, 408
IP addresses
external, 195
internal, 195
IP-based networks, 359
IP datagram, 201
IP traffic classification, 189
ISCX dataset, 298
IT community, 380

J

Java
reflection, 404–405
reverse engineering, vulnerability, 163
Java run-time environment (JRE), 343
JavaScript, 473
JavaScript library, 286
JavaScript POST XMLHttpRequest, 328
JavaScript’s eval() function, 475
Java virtual machine (JVM), 292

K

Karen community, 520
Karen National Union (KNU), 521
Kaspersky, 424, 514
KDD ’99 intrusion detection dataset, 289–290
KDD training, 294
Kelihos botnet, 430
Kerberos protocol, 218
Knapsack problem, 302, 303–304
dynamic programming solution, 303–304
modeling, 312
overview of, 301–302
KnownSubjectAcquired events, 261

L

Laplace transform, 231
Layered service provider (LSP), 477
aggregation model, 37
Link discovery based on correlation analysis (LDCA), 586
LinkedIn, 316, 326
LinkedIn CSRF vulnerabilities, 322–323
Linux 2.6., 347
Linux capability, 347
Linux Debian Stable, 487
Linux systems, 426
Linux Ubuntu 13.04, 488
Lithium niobate (LiNbO3) material, 179
Lithium triborate (LBO) nonlinear crystal, 144
Load module, 462
Local security
into global security, integrating processes, 75f
Local security policy schema set (LSPSS), 73f, 74
aggregation model, 39
assumptions/equivalence finding, 74–76
integration process, 76–77
Logit function, 586
Low orbit ion cannon (LOIC), 435

M

Mac backdoor malware, 435
Mach-Zehnder interferometer (MZI), 143
Mac systems, 426
MAKE contribution, 207
Malware, 426, 426–430, 434
Malware trends, 427–428
Mamdani fuzzy inference system, 597f
Managerial actions toward information security (MATI security), 101
Mandatory access control (MAC), 493–494
Manifest, 404
Man-in-the-browser attack
ajax transmission mechanism, 474
browser architecture, 471–472
cross-site scripting (XSS) attacks, 474
data flow, 470f
on different layers, 472–477
DOM tree, 473
example attacks, 474–475
javascript functionality, 473–474
Necko’s components, 475–476
network APIs, 476–477, 476f
networking library, 475–476
NSPR, 476
overview of, 469–471
scripts, 473–475
system-level API, 475–476
Trojans, 471
web page DOM, 473–475
MapReduce jobs, 292–293, 294–297
high-level depiction of, 284f
Massively multiplayer online roleplaying games (MMORPGs), 88
Master boot record (MBR) wiping, 427
Master role index (MRI), 70, 70, 71f
MATLAB software, 569–570
Maximum posterior (MAP) hypothesis, 287–288
McAfee, 427
McCauley, 12 mechanisms, 563t
μ-Denial-of-service (μ-DOS), 348
Measurement device independent QKD (MDI-QKD), 149
MediaWiki-API-Error, 328
Memory errors, 335–336
Message authentication code (MAC), 269, 269
Message delivery, reliability of, 161
Message-oriented middleware (MOM), 154, 155–156
messages stored, representation of, 168f
Metrics
distribution, 193t
extraction
assessment, process, 197f
extractor, 198
inverse matrix, 250
list, 200f
repository, 41
template, 36
MGF-based method, 242
analytical framework, 236
expressions, 231
Michelson interferometer, 144
Microsoft Security Essentials, 514
MIMIC model, 584
Mission assurance categories (MAC), 18t
MMUCC standard, 67
Mobile malware, 427
ModSecurity, 320–321
Moment generating function-(MGF), 230–231
Money laundering (ML), 577–578
broad steps, 579f
data mining techniques, 585–587
estimation of, 581–585
Moskalenko’s, 12 mechanisms, 563t
Mozilla Firefox Web browser, See Firefox browser
Mozilla’s cross-platform component model, 471
μTESLA technique, 271f
MultiBanker botnet, 428
Multi-Objective Tabu Search (MOTS), 302
Multiple-access interference (MAI), 175
Multi-process architectures, 339
for server architectures, 340f
Multi-process server, 348
Multi-threaded architectures, 339
MySQL, 511

N

Naive Bayes algorithm, 287, 294–297
Naive Bayes class (NBC), 287
Naive Bayes classifier, 288
Nakagami-m channels, 233–234
Nakagami-m fading, 239–240, 240
Nakagami-m index, 236–237
National e-Commerce strategy (NCS), 126, 132–133, 133
National Institute of Science and Technology (NIST), 102–103
National vulnerability database (NVD), 431
Native POSIX Threading (NPTL), 346
Necko system level API (NSPR), 476
Network address translation (NAT), 429
Network APIs
HStreaming API, 284
man-in-the-browser attack, 476f
Network-based intrusion detection system, 285
Network connection events, 462t
Networking professionals, security projects
cryptography, 112–117
asymmetric encryption, assignment, 116–117
demonstrations, 117
hash functions, assignment in, 113
and network security course, 111–112
steganography technique, 113–115
symmetric encryption, assignment in, 112–113
overview of, 111–112
wireless network security
802.11 WEP key cracking experiment, 118–119
802.11 wireless security, 118
Network interface card (NIC), 285
Network intrusion detection system (NIDS), 167–168
Network intrusions, 287f
Network metrics
behavioral, 187
quality of, 187
Network security, 111
course, 111–112
Wentworth Institute of Technology (WIT), 111
Network sensor agents (NSA), 154–155
Network-type private information retrieval, algebraic approaches
algebraic description
encoding matrices, 249–250
GF(2m), cyclotomic classes of, 249
two-hypotheses testing problem, 250
algorithmic description
data processing, 248–249
encoding, 247–248
l-th server, 248
polynomial representation, 247
user-receiver uses, 248
data processing scheme
parameters/complexities, constraints, 246–247
problem solving, 246–247
overview of, 245–246
Neuro-fuzzy systems, 565
New York Police Department (NYPD), 561
Next-generation firewall techniques, 514
Next generation networks (NGN), 362–363
NFR approach, 204
aspects of, 222
partial ontology of, 206f
SIG, evaluation/analysis task, 217f
softgoal interdependency graph, 210f
NFR softgoals, 205
Nmap, 287
Non-disclosure agreement (NDA), 384–385
Non-executable bit (NX), 339
Non-fading channel, See Gaussian channel
Non-Hadoop-based Naive Bayes algorithms
training speed comparison of, 296f
Non-Hadoop-based Naive Bayes classifier, 294
Norton, 449
Notation, 305t
NX technique, 340
NYPD four-stage radicalization process, 561t

O

offByOne() function, 350–351
OLAP cube technology, 587
Online radicalization
approach to tackle, 546
behavioral indicators, 543–545, 544–545
combinations, 544–545
behavioral intensity, 545
causal mechanisms, 546
challenge of tackling, 551
extremism, 543–544
framework, application, 545–546
investigation and modeling of, 539–541
prevention of, 540
radicalization-factor model (RFM), 543f
radicalizationfactor model, influencing factors, 541–542
interlinked factors, 542
security challenge, 540–541
single behavioral indicators, 544
threat, 551–553
Online radicalized profiles, 566t
Online self-radicalization, 570t
signed concept map of, 571f
Online social networks (OSNs), 498
On-off-keying (OOK), 177
Ontological access control rule, 501f
Ontology administration point (OAP), 495
Ontology-based context awareness, 494
Ontology-based social network access control (OSNAC) model, 498–499
Open source vulnerability database (OSVDB), 431
OpenSSH, 511
Open systems interconnection (OSI) model, 173
Open web application security project (OWASP), 391, 482
Opera, 486–487
Operation Red October, 435
Optical chaos communication, schematic diagram, 180f
Optical encryption, 174–175, 175
Optical exclusive OR (XOR) logic operation, 175
Optical key distribution, 173–174
Optical steganography, 177
schematic diagram, 178f
Optimal power and rate adaptation (OPRA) policy, 242
Optimal security countermeasure selection
binary knapsack-based approach
dynamic programming algorithm, 306–309
computational example and comparison, 309–312
overview of, 301–302
problem description, 304–306

P

PaaS vendors, 389–390
Packet-switched networks, 359
Packet tuple, symbols, 190t, 191t, 192f
Pair-Wise Jaccard similarity scores, 460t
Pairwise technique, 408
Palo Alto’s educational modules, 512
Password awareness game, 91–93
Paths’ fading distributions, 235t
Payment card industry data security standard (PCIDSS), 381
PC revolution hackers, 434
Peer-to-peer (P2P) botnets, 428
Performance level of the stored cross-site scripting immunity (P_SXSS) elementary indicator, 36–37, 38–39
Performance tuning configurations, 294f
Perl, 463
Phishing, 426–430, 434
Phoenix system, 204, 208
architectural models for, 219f
confidentiality, lack of, 209
initial architectural models for, 212f
use-case scenarios, 208f
validation and lessons, 219–222
Php Web applications, 487
PlayStation Network (PSN), 281–282
Policy integration approaches, 82
Policy model ontology (PMO), 499, 500f
Policy semantic point (PSP), 496
Policy slice diagram (PSD), 70–72, 71f
security rules set (SRSet) of, 77
POST requests, 322–323
Post-traumatic stress disorder (PTSD), 522
Privacy-aware access control, 493–494
Privacy preference manager (PPM), 497–498
Probability density function (PDF), 228
Program protection planning process, 12t
Pseudo code
matrix, 307f
proposed binary knapsack algorithm, 308f
Public key infrastructure (PKI), 128, 159
Public switched telephone network (PSTN), 360
Pyramid model, prevention, 561t

Q

Quantum key distribution (QKD) technologies, 142–143, 176
BB84 protocol, 143
B92 protocol, 143–144
continuous variable, 145
cryptography, 141
DARPA network, 145
first entanglement-based system, 144
future of, 146–149
device independent QKD (DI-QKD), 148–149
free-space, 147–148
measurement device independent QKD (MDI-QKD), 149
quantum memory, 147
quantum repeaters, 147
genesis of, 142
military QKD usage scenario, 149
photon loss, 145
plug and play, 144
SECOQC network, 145–146
Swissquantum network, 146
Tokyo network, 146
Quantum memory, 147
Quantum repeater, 147

R

Radicalization-factor model (RFM), 542, 542, 543f
practical value, 546
Radical online profiles, investigation, 564
fuzzy cognitive mapping, 565–570
application of, 569–570
methodological background, 565–568
general web mining methods, 565t
Gill’s pathway model, 562
important models, 560–564
New York Police Department (NYPD), 561
overview of, 559–560
political radicalization, 562
prevent pyramid, 561
radicalization, psychological model, 563–564
self-radicalization, 559
staircase to terrorism, 562–563
Taarnby’s eight-stage recruitment process, 560
TerrorismMarc sageman’s, four-stage process, 560
Wiktorowicz’s al-Muhajiroun model, 562
Raleigh fading, 231
Random domain name generator (RDNG), 428
Rational unified process (RUP), 16
RAVE lab firewall exercises, 510
Real-time network intrusion detection
Naive Bayes algorithm, 287–288
Bayes rule, 287–288
Naive Bayes classifier, 288–289, 288
practical application scenario, 290–298
experimental evaluation, 290–297
practical application, 297–298
system architecture, 289–290
system design, technologies
anomaly-based intrusion detection system, 286
Apache Hadoop, 282–283
Apache Hive, 284
common attack types, 286
D3, Javascript-based visualization API, 286
Ganglia, cluster monitor, 287
Hadoop distributed file system (HDFS), 283
host intrusion detection system, 285
HStreaming API, 284
intrusion detection systems, 285–289
MapReduce programming model, 283
misuse-based intrusion detection system, 286
network intrusion detection system, 285
using hadoop-based Bayesian classifier, 281–282
Refresh Data button, 290
Relation based access control model (RelBAC), 498
Remote administration tools (RATs), 428
Remote procedure call (RPC), 155–156
Resource-efficient multi-source authentication
methodology
assumptions, 270
delayed key disclosure, 276–277
notations, basic scheme, 274–275
packet format, 275–276
protocol, overview of, 271–274
semi-encrypted key pre-distribution, 276
SOKC generation, 275
overview of, 267–268
resource requirements, 277
security mechanisms, 268–269
SOKC scheme, 268
wireless sensor network (WSN), 267
Return oriented programming (ROP) sequence, 351, 351
Return-to-zero (NRZ), 177
Risk evaluation activity, 40
Rivest, Shamir, and Adleman (RSA) algorithm, 141
Role-based access control (RBAC), 65–66, 67, 493–494
security, 68
Rootkit, 463
Root mean square error of approximation (RMSEA), 584–585
Ruby scripts, 512
Rule-enforced semantic network, 460–461

S

SaaS administration tool, 389
SaaS platforms, 385
SA-Austrian Institute of Technology (AIT), 145–146
Same Origin Policy (SOP), 316, 316–317, 316–318
Satisfiability modulo theories (SMT), 412–413
secure channel, creation, 167f
Secure communication based on quantum cryptography (SECOQC), 145–146, 146
Secure cooperative wireless communications
computational results, 231–240
cooperative amplify-and-forward relay networks, ergodic secrecy rates, 230–231
dissimilar mean signal strengths, effects of, 237–238
eavesdroppers, effects of, 240
fade distributions, effects of, 233–235
Gaussian channel, 229–230
multiple cooperating relays, effects of, 239–240
SNR, MGF approximation, 233
transmit power allocation, effects of
distinct transmission phases, 236–237
Secure file transfer protocol (SFTP), 158
Secure socket layer (SSL), 158–159, 482–483
Secure Sockets Layer - v 2 (SSLv2), 165
Security
assurances, 65–66
big-data application, 67f
awareness
public, 125
indicator values, 38t
requirements tree specification for, 30t
Security controls, 425
Security cyber-assistant system, 446–450
Security information and event management (SIEM) process, 425
Security officer interface agent, 448f
Security operations center (SOC), 425
Security rules schema, 72f
Security testing methodology, 398
SEF, statistical en-route filtering mechanism, 269
Selection[], algorithm operations on, 310f
Self-integrity, 156–165, 156f, 163–165
verification for, 164f
Self-reliability, 156–165, 156f
of components, 161–163, 162f
of message exchange, 161
Self-security, 156–165, 156f, 157–160, 166
authentication/authorization/secure message exchange, 158–159
key life cycle management, 159–160
Semantic based access control (SBAC) model, 496, 503t
Semantic network, 456–457, 461t, 463t
F-measure graphs, 465f
Semantic networks, cyber attacks, 456, 456–457, 459–460
attack correlation, 456
Bayesian probability model, 457
construction, 458f
experimental data, 461–462
experiment process, 462–463
experiment results, 465–466
overview of, 455–456
performance measures, 463–465
rule enforced semantic network, 460–461
similarity-based semantic network, 457–460
Semantic Web technologies, 495–496, 502
Semi-encrypted key pre-distribution, 273f
Sensor/communication nodes, 228
Sentinels, 587
Separation and binding of duty (SoD), 493–494
Session initiation protocol (SIP), 360
user’s domain, proxy responsibility, 360
Shadow economy, 582
Shamoon malware, 427
Sheffield, 523
Sheffield Hallam University staff, 524–525
Short message service (SMS) messages, 427
Signals leading, to core dump, 347t
Signal-to-noise ratio (SNR), 175
end-to-end, 228
Signature-based fraud detection, 364–367
activities per day, 364
data fluctuation, dealing, 364–365
feature of, 364
long-term/short-term signatures, comparison, 365
signature initialization, 365–366
signature update, 366–367
Signature-based technique, 363
Similarity based semantic network, 459
Similarity coefficient, 459
Single Unix specification (SIS), 345
SIP basic operation, 361f
Skype, 436, 514
file transfers, 514
Small to medium-size businesses (SMBs), 383
Smartphones, BYOD paradigm, 427
Smartphone, system prototype overview, 345f
Snort, 285, 297, 298
Social and media sites, 315
Social media anti-radicalization training for credible voices (SMART-CV), 549–551, 553–554
Social network, 541–542
Social networking systems ontology (SNO), 498–499
Softgoal interdependency graph (SIG), 204, 205–206
contributions list, 214t
NFR approach, evaluation/analysis task, 217f
Software development life cycle (SDLC), 387–388
Software diversification, 336–337
Software faults, 350t
Software risk management (SRM), 39, 39
Spam, 434
Spam and open relay blocking system (SORBS), 425
Specification example, 407f
SPI model, 384
Split-join one-way key chain (SOKC), 267
generation, 272f
key disclosure fields, 276
multi-source authentication capabilities, 268
scheme, 268
Spread stealth pulses
temporal phase modulation, schematic diagram, 178f
SQL injections, 318, 402, 408
SQLite databases, 397–398
Stack-smashing protection (SSP), 338–339
Statistician actor, 501
Steganography techniques, 113–115
Stego image, 115f
Stego steganography demonstration
graphical interface of, 114f
Stored cross-site scripting immunity (XSS), 32t, 35, 36t, 41, 42
Storyboards
password awareness game, 91–93
phishing awareness game, 93–94
Stowaway, 398–399
Strengths, weaknesses, opportunities, and threats (SWOT) analysis, 128–129
Structured query language injection (SQLi), 431
Stuxnet worm, 435–436
Subject reacquisition (SR), 256
Support vector machines (SVM) algorithms, 286
Surveillance
analyzing discourse, 524
community, impact, 529–530
cyber-attacks, 520
exact motivation, 528–529
hacking incident, 524–527
Karen community, 520
analysis of, 527–530
engagement with, 521–522
significance of, 521
methodological issues
access to community, 523
ethnography, 523–524
methods used, 529
overview of, 519–520
shared trauma, 522
Suspicious activity report (SAR), 581
SXMS
encryption phase, 615
fuzzy classification phase, 617
vs. W3C model, 611f, 612f, 613f, 613f, 615f, 615f, 616f, 616f
vs. XML, 610f
XML messages, 603–605, 615
Symantec, 424
System architecture, 291f
System controller agents (SCA), 155
System design
components, 594f
System monitoring agents (SMA), 154–155
System security engineering
revitalization of, 10
System security engineering (SSE), 8
cost-benefit decision, 8–9
disclaimer, 22
methods, processes, and tools (MPT), 8, 10–14
acquisition program protection planning, 11–13, 11f, 12t
agile and self-organizing system, 20–21
basic research, 21
complex systems, discovery/understanding of, 15–17
criticality levels, 12t
critical reviews, 14, 15f
early design considerations, 19
formalized security requirements, 18
global information grid architecture, 16f
information assurance, 14
leveraging system architectures, 20
metrics and evaluation, 21
mission assurance, 17, 18t
patterns of, 20
plan for failure, 19–20
program protection, 14
recommendations, 22
risk assessment methodology, 13f
requirement areas, 19t
US DoD, 8
System security engineering-capability maturity model (SSE-CMM), 9–10
System security engineering process, 8–10
Systems engineering (SE), 8
critical reviews, 14, 15f
System sentinel agent (SSA), 163
System update agents (SUA), 155

T

Tatmadaw, 529
TCL programming language, 511
Telecommunication, 359–360
Temporal semantic based access control (TSBAC) model, 496
Terrorism, prevention, 549–551
counter-terrorism, collaboration, 553–554
credible voices, 554
online radicalization, 551–553
overview, 549–551
Terrorism, staircase, 563t
Testbed architecture, 367f
Test case example, 410f
Test case execution, 412f
Test case generation, 409f
Test-driven development (TDD), 16
The New York Times website, 320
Threats detection, visualization of, 291f
TPR, for dynamic information, 264t
Transmission control protocol (TCP), 165
connections, 193, 485
dump files, 196
HTTP/UDP-based URLs, 284
packets, 188, 189
sessions, 487
UDP-based URL, 290
Transport layer security – v 1 (TLSv1), 165
Transport level security, 477
Trojan alters, 469–470
Trusted repeater system, 146
Trust service integration kit (TSIK), 165
Trustworthiness, definition of, 222f
Trustworthiness satisficing
architectural modifications, 218t
Trustworthy software systems, 203–205
evaluation/analysis, 213–219
goal criticalities, development, 213
goal tradeoffs, development, 213
NFR approach, 205–208
overview of, 203–205
phoenix system, 208–209
rationale, development, 213
trustworthiness deficit, 208–209
trustworthy phoenix system, NFR approach, 209–219
goals of, 209–211
sub-tasks, 211–213
validation/lessons learned, 219–222
Tshark, 290
ttwttrHubFrame, 317
Twitter, 281–282

U

Unified modeling language (UML)
extensions, 68
for XML security, 68–70
security policy schema set (SPSS), 72–73
Uniform resource locators (URLs), 429–430
scanner scores, 331t
Unique set size (USS) memory, 352
UNIX file permissions, 510
U2R attack, 286
User information security awareness, 105–106
User interface agent structure, 449f
User-mode emulation, 343
User-receiver, 248
User’s browser state, 328

V

Variant generation, 341f
Variant replacements policy, 344f
Video analytics, 262, 262f, 263f
Video sensor observations, 257
Virtual access control infrastructure setup, 392
Virtual BattleSpace 2, training system, 88
Virtual infrastructure (VI), 392
Virtual infrastructure operator (VIO), 392
Virtualization
platform approach, 342f
user-mode approach, 342f
Virtual private network (VPN), 145
VMware hypervisors, 385
VoIP networks, fraud detection, 359, 360
alarm distribution, to call type, 370f
call data records (CDRs), 359–360, 361
classification, 367–368
Communication Fraud Control Association (CFCA) reports, 359
experiments, 367–371
call center behavior, 367–368
data analysis, 367–368
effectiveness, 370–371
known fraudulent cases, 367
performance, 370–371
signature-based technique testing, 368–370
fraud management system (FMS), 360
multi-level perceptron (MLP), 371
neural network self organizing map (NN-SOM) technique, 369–370, 371, 371t
next generation networks (NGN), 362–363
overview of, 359–360
recent activities, 366t
signature-based technique, 363, 364–367, 368
signature testing results, 370t
taxonomy, 361–362
telecommunication, 359–360
VoIP provider, 367–368
VSkimmer, steals credit card information, 427
VUL/FAIL message, 412
Amazon web services (AWS) security, 382
applications, percentage of, 415f
browser architecture, 471
CDX 2009 vulnerable servers, 196t
CSRF attacks, 319
integer, 337–338
ioSTS suspension, 402, 404
management of, 431
methods, processes, and tools (MPT), 8
noteworthy vulnerable software, 431–432
off-by-one, 337
pattern example, 403f
web vulnerabilities, 390
zero-day, 431
Vulnerable persistent-data variables (VPDv), 32t, 35–36, 37–38

W

Waveband conversion, 179
Wavelength-hopping time-spreading (WHTS), 175
optical CDMA, schematic diagram, 176f
Web access control (WAC) ontology, 497–498
Web applications, 390, 481–482, 484, 488–489
attacks, 319
recoding/fixing, 482–483
security actions/arrangements, 483–484
server, 485f, 486
test, 487t
Web-based administration user interface tool, 388–389
Web-based GUI tool, 287
Web browsers, 316–317
WebKit, 320–321
Web ontology language (OWL), 493–494
Web server
filter/module, 484–485
spatial and temporal overhead, 353t
Web sessions, security
cookies, 482
experimental environment, 487–488
implementation/experiments, 486–489
management, 482, 482–483
mechanism for, 484–486
non-default configuration, 486–487
overview of, 481–482
results/application-specific details, 488–489
secure sockets layer (SSL), 482–483
Web applications security actions/arrangements, 483–484
Web system, security evaluation, 34–42
GOCAME process, 42
GQM+ strategies, 42–43
indicator values, 38t
information need, 34
M&E, implementing, 37–39
metrics/indicators for, 41–42
specifications, 35–37
risk, 39–40
security characteristic specification, 35
security vulnerability issues, 39–40
stored cross-site scripting immunity, 36t
target entity, 34
W5H rule, 42
WEKA 3.6, 288–289
Wentworth Institute of Technology (WIT), 111
WEP key-cracking program, 118
West Point network border, 196
Wheezy, 487
Whistleblowers, 432–433
Why, what, who, when, where, and how (W5H), 25–26, 34
GOCAME’s conceptual framework, 27, 29–34, 35
Wiesner’s quantum multiplexing, 143–146
Wi-Fi protected access (WPA)
authentication frame
Wireshark screenshot of, 119f
pre-shared key (PSK) mode, 118
WikiLeaks, 432–433
Wikipedia, 316, 326–328, 329f
Wiktorowicz’s al-Muhajiroun model, 562, 562t
Windows filtering platform (WFP), 477
Windows network APIs, 476f
Windows systems, 426
Windows Vista, 477
WinHTTP, 477
WinInet, 477
Wired equivalent privacy (WEP), 118
Wireless ad hoc networks, 267
Wire-tap channel, 227–228
Woodruff-Yekhanin scheme, 245–246
World Wide Web, 526
World wide web consortium (W3C)
recommendation, 594
XML encryption, 602–603
Wyner wire-tap channel, 232
with single cooperative amplify-and-forward relay, 229f

X

XKMS Serve, 155, 158, 160f, 165
configuration keys, 158
model for registering public keys, 157f
with timestamp solution, 161f
XML access control (XAC), 593
XMLHttpRequest, 474, 474
XML injections, 402
XML key management specification, See XKMS
XML message, 604f
classification of, 606f
XML role slice diagram (XRSD), 69f, 70
XML schema, 67
XML schema class diagram (XSCD), 68–70, 69f
master role index (MRI), 70
XML security
UML extensions, 68–70
XML-signature, 165
XSWRL ontology-based alert correlation approach, 456

Y

YAML files, 512
York search, 317

Z

Zero-day buffer overflow attacks, 188
Zombies, 354
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.145.100.40