|
Part A Fundamentals and Cryptography |
17 |
|
|
1 A Framework for System Security |
18 |
|
|
1.1 Introduction |
18 |
|
|
1.2 Applications |
28 |
|
|
1.3 Dynamic, Collaborative, and Future Secure Systems |
33 |
|
|
References |
34 |
|
|
The Author |
35 |
|
|
2 Public-Key Cryptography |
36 |
|
|
2.1 Overview |
36 |
|
|
2.2 Public-Key Encryption: Definitions |
38 |
|
|
2.3 Hybrid Encryption |
41 |
|
|
2.4 Examples of Public-Key Encryption Schemes |
42 |
|
|
2.5 Digital Signature Schemes: Definitions |
45 |
|
|
2.6 The Hash-and-Sign Paradigm |
46 |
|
|
2.7 RSA-Based Signature Schemes |
47 |
|
|
2.8 References and Further Reading |
48 |
|
|
References |
48 |
|
|
The Author |
49 |
|
|
3 Elliptic Curve Cryptography |
50 |
|
|
3.1 Motivation |
50 |
|
|
3.2 Definitions |
51 |
|
|
3.3 Implementation Issues |
54 |
|
|
3.4 ECC Protocols |
56 |
|
|
3.5 Pairing-Based Cryptography |
59 |
|
|
3.6 Properties of Pairings |
61 |
|
|
3.7 Implementations of Pairings |
63 |
|
|
3.8 Pairing-Friendly Curves |
69 |
|
|
3.9 Further Reading |
70 |
|
|
References |
70 |
|
|
The Author |
72 |
|
|
4 Cryptographic Hash Functions |
73 |
|
|
4.1 Notation and Definitions |
74 |
|
|
4.2 Iterated Hash Functions |
75 |
|
|
4.3 Compression Functions of Hash Functions |
76 |
|
|
4.4 Attacks on Hash Functions |
78 |
|
|
4.5 Other Hash Function Modes |
80 |
|
|
4.6 Indifferentiability Analysis of Hash Functions |
82 |
|
|
4.7 Applications |
83 |
|
|
4.8 Message Authentication Codes |
84 |
|
|
4.9 SHA-3 Hash Function Competition |
87 |
|
|
References |
87 |
|
|
The Authors |
93 |
|
|
5 Block Cipher Cryptanalysis |
94 |
|
|
5.1 Breaking Ciphers |
94 |
|
|
5.2 Differential Cryptanalysis |
98 |
|
|
5.3 Conclusions and Further Reading |
101 |
|
|
References |
102 |
|
|
The Author |
102 |
|
|
6 Chaos-Based Information Security |
103 |
|
|
6.1 Chaos Versus Cryptography |
104 |
|
|
6.2 Paradigms to Design Chaos-Based Cryptosystems |
105 |
|
|
6.3 Analog Chaos-Based Cryptosystems |
106 |
|
|
6.4 Digital Chaos-Based Cryptosystems |
109 |
|
|
6.5 Introduction to Chaos Theory |
112 |
|
|
6.6 Chaos-Based Stream Ciphers |
115 |
|
|
6.7 Chaos-Based Block Ciphers |
125 |
|
|
6.8 Conclusions and Further Reading |
135 |
|
|
References |
136 |
|
|
The Authors |
140 |
|
|
7 Bio-Cryptography |
141 |
|
|
7.1 Cryptography |
141 |
|
|
7.2 Overview of Biometrics |
150 |
|
|
7.3 Bio-Cryptography |
157 |
|
|
7.4 Conclusions |
166 |
|
|
References |
167 |
|
|
The Authors |
169 |
|
|
8 Quantum Cryptography |
170 |
|
|
8.1 Introduction |
170 |
|
|
8.2 Development of QKD |
171 |
|
|
8.3 Limitations for QKD |
175 |
|
|
8.4 QKD-Network Concepts |
176 |
|
|
8.5 Application of QKD |
179 |
|
|
8.6 Towards `Quantum-Standards' |
181 |
|
|
8.7 Aspects for Commercial Application |
182 |
|
|
8.8 Next Steps for Practical Application |
184 |
|
|
References |
185 |
|
|
The Author |
185 |
|
|
Part B Intrusion Detection and Access Control |
186 |
|
|
9 Intrusion Detection and Prevention Systems |
187 |
|
|
9.1 Fundamental Concepts |
187 |
|
|
9.2 Types of IDPS Technologies |
192 |
|
|
9.3 Using and Integrating Multiple IDPS Technologies |
200 |
|
|
References |
201 |
|
|
The Authors |
202 |
|
|
10 Intrusion Detection Systems |
203 |
|
|
10.1 Intrusion Detection Implementation Approaches |
203 |
|
|
10.2 Intrusion Detection System Testing |
206 |
|
|
10.3 Intrusion Detection System Evaluation |
211 |
|
|
10.4 Summary |
213 |
|
|
References |
214 |
|
|
The Authors |
215 |
|
|
11 Intranet Security via Firewalls |
216 |
|
|
11.1 Policy Conflicts |
216 |
|
|
11.2 Challenges of Firewall Provisioning |
218 |
|
|
11.3 Background: Policy Conflict Detection |
219 |
|
|
11.4 Firewall Levels |
222 |
|
|
11.5 Firewall Dependence |
222 |
|
|
11.6 A New Architecture for Conflict-Free Provisioning |
222 |
|
|
11.7 Message Flow of the System |
225 |
|
|
11.8 Conclusion |
226 |
|
|
References |
227 |
|
|
The Authors |
227 |
|
|
12 Distributed Port Scan Detection |
229 |
|
|
12.1 Overview |
229 |
|
|
12.2 Background |
230 |
|
|
12.3 Motivation |
231 |
|
|
12.4 Approach |
233 |
|
|
12.5 Results |
238 |
|
|
12.6 Conclusion |
239 |
|
|
References |
241 |
|
|
The Authors |
242 |
|
|
13 Host-Based Anomaly Intrusion Detection |
243 |
|
|
13.1 Background Material |
244 |
|
|
13.2 Intrusion Detection System |
247 |
|
|
13.3 Related Work on HMM-Based Anomaly Intrusion Detection |
253 |
|
|
13.4 Emerging HIDS Architectures |
258 |
|
|
13.5 Conclusions |
262 |
|
|
References |
262 |
|
|
The Author |
263 |
|
|
14 Security in Relational Databases |
264 |
|
|
14.1 Relational Database Basics |
265 |
|
|
14.2 Classical Database Security |
267 |
|
|
14.3 Modern Database Security |
270 |
|
|
14.4 Database Auditing Practices |
276 |
|
|
14.5 Future Directions in Database Security |
277 |
|
|
14.6 Conclusion |
277 |
|
|
References |
278 |
|
|
The Author |
279 |
|
|
15 Anti-bot Strategies Based on Human Interactive Proofs |
280 |
|
|
15.1 Automated Tools |
280 |
|
|
15.2 Human Interactive Proof |
282 |
|
|
15.3 Text-Based HIPs |
283 |
|
|
15.4 Audio-Based HIPs |
285 |
|
|
15.5 Image-Based HIPs |
286 |
|
|
15.6 Usability and Accessibility |
295 |
|
|
15.7 Conclusion |
296 |
|
|
References |
296 |
|
|
The Authors |
298 |
|
|
16 Access and Usage Control in Grid Systems |
299 |
|
|
16.1 Background to the Grid |
299 |
|
|
16.2 Standard Globus Security Support |
300 |
|
|
16.3 Access Control for the Grid |
301 |
|
|
16.4 Usage Control Model |
306 |
|
|
16.5 Sandhu's Approach for Collaborative Computing Systems |
308 |
|
|
16.6 GridTrust Approach for Computational Services |
309 |
|
|
16.7 Conclusion |
311 |
|
|
References |
312 |
|
|
The Authors |
313 |
|
|
17 ECG-Based Authentication |
315 |
|
|
17.1 Background of ECG |
316 |
|
|
17.2 What Can ECG Based Biometrics Be Used for? |
319 |
|
|
17.3 Classification of ECG Based Biometric Techniques |
319 |
|
|
17.4 Comparison of Existing ECG Based Biometric Systems |
322 |
|
|
17.5 Implementation of an ECG Biometric |
324 |
|
|
17.6 Open Issues of ECG Based Biometrics Applications |
329 |
|
|
17.7 Security Issues for ECG Based Biometric |
333 |
|
|
17.8 Conclusions |
334 |
|
|
References |
335 |
|
|
The Authors |
336 |
|
|
Part C Networking |
338 |
|
|
18 Peer-to-Peer Botnets |
339 |
|
|
18.1 Introduction |
339 |
|
|
18.2 Background on P2P Networks |
340 |
|
|
18.3 P2P Botnet Construction |
342 |
|
|
18.4 P2P Botnet C&C Mechanisms |
343 |
|
|
18.5 Measuring P2P Botnets |
346 |
|
|
18.6 Countermeasures |
348 |
|
|
18.7 Related Work |
351 |
|
|
18.8 Conclusion |
352 |
|
|
References |
352 |
|
|
The Authors |
354 |
|
|
19 Security of Service Networks |
355 |
|
|
19.1 An Infrastructure for the Service Oriented Enterprise |
356 |
|
|
19.2 Secure Messaging and Application Gateways |
358 |
|
|
19.3 Federated Identity Management Capability |
362 |
|
|
19.4 Service-level Access Management Capability |
365 |
|
|
19.5 Governance Framework |
368 |
|
|
19.6 Bringing It All Together |
371 |
|
|
19.7 Securing Business Operations in an SOA: Collaborative Engineering Example |
376 |
|
|
19.8 Conclusion |
382 |
|
|
References |
384 |
|
|
The Authors |
385 |
|
|
20 Network Traffic Analysis and SCADA Security |
387 |
|
|
20.1 Fundamentals of Network Traffic Monitoring and Analysis |
388 |
|
|
20.2 Methods for Collecting Traffic Measurements |
390 |
|
|
20.3 Analyzing Traffic Mixtures |
394 |
|
|
20.4 Case Study: AutoFocus |
399 |
|
|
20.5 How Can We Apply Network Traffic Monitoring Techniques for SCADA System Security? |
403 |
|
|
20.6 Conclusion |
405 |
|
|
References |
406 |
|
|
The Authors |
408 |
|
|
21 Mobile Ad Hoc Network Routing |
410 |
|
|
21.1 Chapter Overview |
410 |
|
|
21.2 One-Layer Reputation Systems for MANET Routing |
411 |
|
|
21.3 Two-Layer Reputation Systems (with Trust) |
415 |
|
|
21.4 Limitations of Reputation Systems in MANETs |
420 |
|
|
21.5 Conclusion and Future Directions |
422 |
|
|
References |
422 |
|
|
The Authors |
423 |
|
|
22 Security for Ad Hoc Networks |
424 |
|
|
22.1 Security Issues in Ad Hoc Networks |
424 |
|
|
22.2 Security Challenges in the Operational Layers of Ad Hoc Networks |
427 |
|
|
22.3 Description of the Advanced Security Approach |
428 |
|
|
22.4 Authentication: How to in an Advanced Security Approach |
430 |
|
|
22.5 Experimental Results |
431 |
|
|
22.6 Concluding Remarks |
433 |
|
|
References |
434 |
|
|
The Authors |
435 |
|
|
23 Phishing Attacks and Countermeasures |
436 |
|
|
23.1 Phishing Attacks: A Looming Problem |
436 |
|
|
23.2 The Phishing Ecosystem |
438 |
|
|
23.3 Phishing Techniques |
442 |
|
|
23.4 Countermeasures |
445 |
|
|
23.5 Summary and Conclusions |
450 |
|
|
References |
450 |
|
|
The Author |
451 |
|
|
Part D Optical Networking |
452 |
|
|
24 Chaos-Based Secure Optical Communications Using Semiconductor Lasers |
453 |
|
|
24.1 Basic Concepts in Chaos-Based Secure Communications |
454 |
|
|
24.2 Chaotic Laser Systems |
456 |
|
|
24.3 Optical Secure Communications Using Chaotic Lasers Diodes |
462 |
|
|
24.4 Advantages and Disadvantages of the Different Laser-Diode-Based Cryptosystems |
468 |
|
|
24.5 Perspectives in Optical Chaotic Communications |
476 |
|
|
References |
477 |
|
|
The Author |
480 |
|
|
25 Chaos Applications in Optical Communications |
481 |
|
|
25.1 Securing Communications by Cryptography |
482 |
|
|
25.2 Security in Optical Communications |
483 |
|
|
25.3 Optical Chaos Generation |
487 |
|
|
25.4 Synchronization of Optical Chaos Generators |
493 |
|
|
25.5 Communication Systems Using Optical Chaos Generators |
499 |
|
|
25.6 Transmission Systems Using Chaos Generators |
501 |
|
|
25.7 Conclusions |
509 |
|
|
References |
509 |
|
|
The Authors |
512 |
|
|
Part E Wireless Networking |
513 |
|
|
26 Security in Wireless Sensor Networks |
514 |
|
|
26.1 Wireless Sensor Networks |
515 |
|
|
26.2 Security in WSNs |
516 |
|
|
26.3 Applications of WSNs |
516 |
|
|
26.4 Communication Architecture of WSNs |
519 |
|
|
26.5 Protocol Stack |
520 |
|
|
26.6 Challenges in WSNs |
521 |
|
|
26.7 Security Challenges in WSNs |
523 |
|
|
26.8 Attacks on WSNs |
528 |
|
|
26.9 Security in Mobile Sensor Networks |
534 |
|
|
26.10 Key Management in WSNs |
534 |
|
|
26.11 Key Management for Mobile Sensor Networks |
545 |
|
|
26.12 Conclusion |
546 |
|
|
References |
546 |
|
|
The Authors |
552 |
|
|
27 Secure Routing in Wireless Sensor Networks |
554 |
|
|
27.1 WSN Model |
555 |
|
|
27.2 Advantages of WSNs |
555 |
|
|
27.3 WSN Constraints |
556 |
|
|
27.4 Adversarial Model |
556 |
|
|
27.5 Security Goals in WSNs |
557 |
|
|
27.6 Routing Security Challenges in WSNs |
560 |
|
|
27.7 Nonsecure Routing Protocols |
560 |
|
|
27.8 Secure Routing Protocols in WSNs |
564 |
|
|
27.9 Conclusion |
574 |
|
|
References |
574 |
|
|
The Authors |
578 |
|
|
28 Security via Surveillance and Monitoring |
580 |
|
|
28.1 Motivation |
580 |
|
|
28.2 Duty-Cycling that Maintains Monitoring Coverage |
582 |
|
|
28.3 Task-Specific Design: Network Self-Monitoring |
587 |
|
|
28.4 Conclusion |
601 |
|
|
References |
601 |
|
|
The Author |
603 |
|
|
29 Security and Quality of Service in Wireless Networks |
604 |
|
|
29.1 Security in Wireless Networks |
605 |
|
|
29.2 Security over Wireless Communications and the Wireless Channel |
610 |
|
|
29.3 Interoperability Scenarios |
617 |
|
|
29.4 Conclusions |
628 |
|
|
References |
628 |
|
|
The Authors |
630 |
|
|
Part F Software |
632 |
|
|
30 Low-Level Software Security by Example |
633 |
|
|
30.1 Background |
633 |
|
|
30.2 A Selection of Low-Level Attacks on C Software |
635 |
|
|
30.3 Defenses that Preserve High-Level Language Properties |
645 |
|
|
30.4 Summary and Discussion |
655 |
|
|
References |
656 |
|
|
The Authors |
658 |
|
|
31 Software Reverse Engineering |
659 |
|
|
31.1 Why Learn About Software Reverse Engineering? |
660 |
|
|
31.2 Reverse Engineering in Software Development |
660 |
|
|
31.3 Reverse Engineering in Software Security |
662 |
|
|
31.4 Reversing and Patching Wintel Machine Code |
663 |
|
|
31.5 Reversing and Patching Java Bytecode |
668 |
|
|
31.6 Basic Antireversing Techniques |
673 |
|
|
31.7 Applying Antireversing Techniques to Wintel Machine Code |
674 |
|
|
31.8 Applying Antireversing Techniques to Java Bytecode |
686 |
|
|
31.9 Conclusion |
694 |
|
|
References |
694 |
|
|
The Authors |
696 |
|
|
32 Trusted Computing |
697 |
|
|
32.1 Trust and Trusted Computer Systems |
697 |
|
|
32.2 The TCG Trusted Platform Architecture |
700 |
|
|
32.3 The Trusted Platform Module |
703 |
|
|
32.4 Overview of the TCG Trusted Infrastructure Architecture |
714 |
|
|
32.5 Conclusions |
715 |
|
|
References |
715 |
|
|
The Authors |
717 |
|
|
33 Security via Trusted Communications |
718 |
|
|
33.1 Definitions and Literature Background |
719 |
|
|
33.2 Autonomic Trust Management Based on Trusted Computing Platform |
726 |
|
|
33.3 Autonomic Trust Management Based on an Adaptive Trust Control Model |
732 |
|
|
33.4 A Comprehensive Solution for Autonomic Trust Management |
737 |
|
|
33.5 Further Discussion |
742 |
|
|
33.6 Conclusions |
742 |
|
|
References |
743 |
|
|
The Author |
745 |
|
|
34 Viruses and Malware |
746 |
|
|
34.1 Computer Infections or Malware |
747 |
|
|
34.2 Antiviral Defense: Fighting Against Viruses |
759 |
|
|
34.3 Conclusion |
767 |
|
|
References |
767 |
|
|
The Author |
768 |
|
|
35 Designing a Secure Programming Language |
769 |
|
|
35.1 Code Injection |
769 |
|
|
35.2 Buffer Overflow Attacks |
773 |
|
|
35.3 Client-Side Programming: Playing in the Sandbox |
775 |
|
|
35.4 Metaobject Protocols and Aspect-Oriented Programming |
778 |
|
|
35.5 Conclusion |
781 |
|
|
References |
781 |
|
|
The Author |
783 |
|
|
Part G Forensics and Legal Issues |
784 |
|
|
36 Fundamentals of Digital Forensic Evidence |
785 |
|
|
36.1 Introduction and Overview |
786 |
|
|
36.2 Identification |
787 |
|
|
36.3 Collection |
788 |
|
|
36.4 Transportation |
788 |
|
|
36.5 Storage |
789 |
|
|
36.6 Analysis, Interpretation, and Attribution |
789 |
|
|
36.7 Reconstruction |
790 |
|
|
36.8 Presentation |
791 |
|
|
36.9 Destruction |
791 |
|
|
36.10 Make or Miss Faults |
795 |
|
|
36.11 Accidental or Intentional Faults |
795 |
|
|
36.12 False Positives and Negatives |
796 |
|
|
36.13 Pre-Legal Records Retention and Disposition |
796 |
|
|
36.14 First Filing |
798 |
|
|
36.15 Notice |
798 |
|
|
36.16 Preservation Orders |
798 |
|
|
36.17 Disclosures and Productions |
798 |
|
|
36.18 Depositions |
799 |
|
|
36.19 Motions, Sanctions, and Admissibility |
800 |
|
|
36.20 Pre-Trial |
800 |
|
|
36.21 Testimony |
801 |
|
|
36.22 Case Closed |
801 |
|
|
36.23 Duties |
802 |
|
|
36.24 Honesty, Integrity, and Due Care |
802 |
|
|
36.25 Competence |
802 |
|
|
36.26 Retention and Disposition |
803 |
|
|
36.27 Other Resources |
803 |
|
|
References |
803 |
|
|
The Author |
804 |
|
|
37 Multimedia Forensics for Detecting Forgeries |
805 |
|
|
37.1 Some Examples of Multimedia Forgeries |
806 |
|
|
37.2 Functionalities of Multimedia Forensics |
808 |
|
|
37.3 General Schemes for Forgery Detection |
810 |
|
|
37.4 Forensic Methods for Forgery Detection |
811 |
|
|
37.5 Unresolved Issues |
821 |
|
|
37.6 Conclusions |
822 |
|
|
References |
822 |
|
|
The Authors |
824 |
|
|
38 Technological and Legal Aspects of CIS |
825 |
|
|
38.1 Technological Aspects |
826 |
|
|
38.2 Secure Wireless Systems |
832 |
|
|
38.3 Legal Aspects of Secure Information Networks |
834 |
|
|
38.4 An Emergency Telemedicine System/Olympic Games Application/CBRN Threats |
840 |
|
|
38.5 Technology Convergence and Contribution |
844 |
|
|
References |
844 |
|
|
The Author |
846 |
|
|
Index |
847 |
|