Systems and Methodologies
PREMIER REFERENCE SOURCE
Junaid Ahmed Zubairi
State University of New York at Fredonia, USA
Athar Mahboob
National University of Sciences & Technology, Pakistan
State University of New York at Fredonia, USA
Athar Mahboob
National University of Sciences & Technology, Pakistan
 |
| Cyber Security Standards, Practices and Industrial |
We would like to take this opportunity to thank all the members of the Editorial Advisory Board and the Panel of Reviewers who painstakingly carried out the review and quality assurance processes. Without their contribution and full support we believe this book would not have been able to see the light of the day. We would also like to acknowledge and thank our respective families for their moral support during the entire period of editing of this book.
Finally, we would like to convey our thanks to the Michael Killian, the managing editor at IGI Global
for his timely and constructive reminders and guidelines throughout the whole process of handbook
production.
Junaid Ahmed Zubairi
State University of New York at Fredonia, USA
Athar Mahboob
National University of Sciences & Technology, Pakistan
About the Contributors
Junaid Ahmed Zubairi is currently a Professor at the Department of Computer and Information
Sciences in the State University of New York at Fredonia, USA. Dr. Zubairi received his BE (Electrical
Engineering) from NED University of Engineering, Pakistan and MS and Ph.D. (Computer Engineering)
from Syracuse University, USA. He worked in Sir Syed University Pakistan and Intl’ Islamic University
Malaysia before joining State University of New York at Fredonia. Dr. Zubairi is a recipient of many
awards including Malaysian Government IRPA award, National Science Foundation MACS grant, SUNY
Scholarly Incentive award, and SUNY individual development award. He has authored several chapters
and scholarly articles in books, international journals, and conference proceedings. His research interests
include information security, network traffic engineering, performance evaluation of networks, and
network applications in medicine.
Athar Mahboob is an Associate Professor at the National University of Sciences & Technology,
Pakistan. Dr. Athar Mahboob obtained a Ph.D. in Electrical Engineering from National University of
Sciences & Technology, Pakistan in 2005. Earlier, he had obtained BS and MS degrees in Electrical
Engineering both from Florida State University, USA (1988-1996). Dr. Athar Mahboob is a specialist in
implementing enterprise information services using Linux, information security and cryptology, computer
networks, and internetworking using TCP/IP protocols, digital systems design and computer architectures.
Dr. Athar Mahboob’s Ph.D. research was focused on “Efficient Hardware and Software Implementations
of Elliptic Curve Cryptography,” an area in which he has obtained several international publications.
Rania Abdelhameed received the B.Sc. degree (First Class (HONORS)) in Electronics Engineering
(Computer Engineering) from the Sudan University of Science and Technology (SUST), Khartoum,
Sudan, in 2001, and the Postgraduate Diploma in Information Technology (IT) (Advanced Networking
and Telecommunications) from the International Institute of Information Technology (I2IT), Pune, India,
in 2003, and the M.Sc. and PhD degree in Computer Systems Engineering from the University Putra
Malaysia (UPM), Kuala Lumpur, Malaysia, in 2005 and 2011, respectively. In May 2009, she earned the
IEEE Wireless Communication Professional (IEEE WCP) certificate of the Wireless Communication
Engineering Technology (WCET) Exam.
Nizar Al-Holou is a Professor and a Chair of Electrical and Computer Engineering Department at
the University of Detroit Mercy, Detroit, Michigan. His research interest is in the areas In-vehicle and
Intra-vehicle networking; Intelligent Transportation Systems (ITS); Distributed and parallel processing
systems with an emphasis on automotive applications; Digital and Embedded systems. He is a member
of IEEE Computer Society and Education society and the American Society for Engineering Education
(ASEE). Dr. Al-Holou is a Senior Member of IEEE since 1996. He has served as Chairman and Vice
Chair of the Computer Chapter for IEEE/SEM for over ten years. He received numerous awards for his
professional services such as IEEE/SEM Outstanding Chapter Involvement Award for 1998, The Most
Active Chapter award for 1994-95, IEEE-Computer Chapter Outstanding Chapter award for 1995-96 for
being the most active chapter worldwide, IEEE Outstanding Involvement Award 1998, IEEE-EIT 2000
Award, and FIE 98 Best Paper Award. Moreover, he was nominated for IEEE/SEM Millennium Medal
Awards, 1998, and the University of Detroit Mercy Distinguished Faculty Award, 2005. Also, he was
selected and published at Who’s Who In Midwest, 1994, Who’s Who among American Teachers, 1998
and Madison Who’s Who, 2010. He was the chair of ASEE/NCS conference. Dr. Al-Holou has received
over $1,000,000 of funding in the last five years and has published over one hundred refereed papers.
Dr. Al-Holou is an ABET program evaluator (PEV). He holds the Bachelor of Engineering Degree from
Damascus University, the Master of Science from Ohio State University, Columbus, OH, and a Ph.D.
Degree from the University of Dayton, all in Electrical Engineering.
Sellami Ali earned his B.Sc. from University of Mohamed Khider, Biskra, Algeria, in 1998. Next,
he earned his M.Sc. from International Islamic University Malaysia, 2006. Finally, he earned his PhD
from International Islamic University Malaysia, 2010. He has held some academic posts at Biskra’s
University (Algeria) and International Islamic University Malaysia.
Shakeel Ali is a CTO and co-founder of Cipher Storm Ltd, UK. His expertise in security industry
has put up marvelous benefits to various businesses and government institutions. He is also an active
and independent researcher who has been evangelizing security practices via articles, journals, and blogs
at Ethical-Hacker.net. Shakeel has assessed and measured the security of several business applications
and network infrastructures for global organizations. He also presented his security vision in a collective
interview conducted by President of OdinJobs (Careers section) which gave clear highlights on skills,
knowledge, and experience required to deal with today’s technical and managerial goals. Shakeel has
also coordinated in BugCon Conferences to present the best of breed cyber security threats and solutions,
and industry verticals. This joint venture has attracted many audiences from different sectors including
government, education, media, commercial, banking, and other respective institutions.
Ayesha Binte Ashfaq has an MS degree in Information Technology from the School of Electrical
Engineering and Computer Science (SEECS), National University of Sciences and Technology
(NUST). She is currently pursuing her PhD from SEECS, NUST, specializing in network security. Her
research interests include malware analysis, network security, network traffic monitoring and network
performance measurement, and modeling. In her research career, she has been able to publish in some
of the leading conferences and symposiums in security. She also worked as a consultant for the Silicon
Valley Company, WiChorus. Ayesha has won quite a few national awards including the NCR National
IT Excellence Award and the National Youth Award to mention a few.
Muhammad Naeem Ayyaz received his Bachelor’s degree in electrical engineering from the prestigious
University of Engineering and Technology, Lahore Pakistan, and M.Sc. and Ph.D. in electrical
engineering with emphasis on computer engineering from Syracuse University, New York, USA. His
research interests span diverse areas including embedded systems, bioinformatics, and computer networks.
His research has been published in various reputed journals. He has been part of faculty of electrical
engineering at the University of Engineering and Technology, Lahore for more than previous twenty
years where he holds the title of Professor and is also Chairman Department of Electrical Engineering.
Apart from this, he holds a consultant position at the Al-Khawarizmi Institute of Computer Science.
Babar Bhatti is the CEO and Co-founder of MutualMind, a platform for social media intelligence
and management. Babar has over 12 years of experience in managing and delivering enterprise and
Web applications. Babar holds dual Master’s from MIT in Technology and Policy and Civil and Environmental Engineering. Babar is a Certified Information Systems Security Professional (CISSP).
He is based in Dallas, Texas.
Muhammad Farooq-i-Azam received his B.Sc. in electrical engineering from the prestigious
University of Engineering and Technology Lahore (Taxila Campus), Pakistan and M.Sc. in computer
science from the University of the Punjab, Lahore, Pakistan. By serving at various engineering positions
in reputed organizations, he has accumulated hands-on experience in the development of digital systems.
He has also extensive work experience with computer networks and UNIX based systems, Solaris, VAX/
VMS machines and various distributions of Linux. He is part of a team of developers as project administrator of an open source project, IPGRAB, at sourceforge.net, which is a light-weight packet sniffer,
distributed with Debian Linux originally authored by Mike Borella. He is founder of an information
and computer security company ESecurity and has also been organizing an annual information security
event, CHASE, in Pakistan since 2006. Currently he is part of faculty at the Department of Electrical
Engineering, COMSATS Institute of Information Technology, Lahore, Pakistan.
Arif Ghafoor holds B.Sc, EE from UET, Pakistan and M.S., M.Phil, and PhD degrees, all in Electrical
Engineering from Columbia University, USA. He served in the Dept. of Electrical and Computer
Engineering, Syracuse University, New York prior to joining the School of Electrical and Computer
Engineering at Purdue University in 1991 where currently he is a Professor, and Director of Distributed
Multimedia Systems Laboratory. Dr. Ghafoor has been actively engaged in research areas related to
parallel and distributed computing, information security, and multimedia Information Systems. He has
published over 170 technical papers in leading journals and conferences. He has been consultant to GE,
the DoD, and the UNDP. He has served on the editorial boards and a guest editor of numerous journals
including ACM/Springer Multimedia Systems Journal, IEEE Transactions on Knowledge and Data Engineering, IEEE Journal on Selected Areas in Communication, and Journal of Parallel and Distributed
Databases. He has co-edited a book entitled “Multimedia Document Systems in Perspectives” (Kluwer
Publisher), and has co-authored a book entitled “Semantic Models for Multimedia Database Searching
and Browsing” (Kluwer Publisher). Dr. Ghafoor is an IEEE Fellow and has received the IEEE Computer
Society Technical Achievement Award (2000) in recognition to his contributions in the field of multimedia systems.
Morgan Henrie, PhD, PMP, is President of MH Consulting, Inc., a national and international Project
and Program Management consulting and training company. Dr. Henrie has advanced educational degrees
in system science and project management (Master of Science from The George Washington University
and a Doctorate in systems science and engineering management from Old Dominion University).
Dr. Henrie’s SCADA activities including leading American Petroleum Institute 2009 Pipeline SCADA
Security standard revision, consulting with crude oil transportation pipeline companies SCADA cyber
security programs consulting, resilient system research and publishing several articles. He is a member
of the Department of Energy Sector Control Systems Working Group where he assists in identifying
areas of critical energy sector infrastructure cyber security research, research peer reviews and a contributing
author. He was also a member of the Infrastructure for Information Infrastructure Protection
(I3P) advisory board representing the oil and gas sector.
Wen-Chen Hu received a BE, an ME, an MS, and a PhD, all in Computer Science, from Tamkang
University, Taiwan, the National Central University, Taiwan, the University of Iowa, and the University
of Florida, in 1984, 1986, 1993, and 1998, respectively. He is currently an Associate Professor in the
Department of Computer Science of the University of North Dakota. He is the Editor-in-Chief of the
International Journal of Handheld Computing Research (IJHCR), and has served as editor and editorial
advisory/review board members for over 20 international journals/books and chaired more than 10 tracks/
sessions and program committees for international conferences. Dr. Hu has been teaching more than
10 years at the US universities and advising more than 50 graduate students. He has published over 90
articles in refereed journals, conference proceedings, books, and encyclopedias, edited five books and
proceedings, and solely authored a book. His current research interests include handheld computing,
electronic and mobile commerce systems, Web technologies, and databases.
Naima Kaabouch received a B.S. and an M.S. from the University of Paris 11 and a PhD from the
University of Paris 6, France. She is currently an Assistant Professor and the Graduate Director in the
Department of Electrical Engineering at the University of North Dakota. Her research interests include
signal/image processing, bioinformatics, robotics, embedded systems, and digital communications.
Adil Khan specializes in the field of image processing, pattern recognition, and digital signal processing
in which he has obtained several publications. He obtained his BS in Avionics and MS in Computer
Engineering from College of Aeronautical Engineering, NUST and Center for Advanced Studies in
Engineering (CASE), Pakistan respectively. Adil Khan is currently a PhD student at National University
of Sciences and Technology, Pakistan in the field of Information Security and Cryptology.
Syed Ali Khayam has a PhD degree in Electrical Engineering from Michigan State University. Since
February 2007, he has been serving as an Assistant Professor at the School of Electrical Engineering
& Computer Science (SEECS), National University of Science and Technology (NUST), Pakistan.
His research interests include analysis and modeling of statistical phenomena in computer networks,
network security, cross-layer design for wireless networks, and real-time multimedia communications.
Dr. Khayam has over 50 publications in some of the most prestigious conferences and journals in his
areas of interest. He has received research awards from Nokia Research, Korean Research Foundation,
and Pakistan National ICT R&D Fund. He currently has 4 patents pending at USPTO, some of which
were indigenously drafted and filed by him. He serves on the Technical Program Committees (TPCs)
of many conferences (including RAID, IEEE ICC, and IEEE Globecom) in his areas of expertise. He
also works as a consultant for technology companies in the Silicon Valley. Dr. Khayam has won many
national and international awards. Among these awards, he is most proud of the nation-wide award for
the “Best University Teacher of the Year 2009” given to him by the Higher Education Commission (HEC) of Pakistan.
Ashfaq Ahmad Malik is a PhD scholar at PN Engg College, National University of Sciences and
Technology, Karachi, Pakistan. His area of research is “Design of C4I systems using COTS and Open
Source Software”. He got commission in Pakistan Navy in July 1992. He graduated as BE(Electrical)
from PN Engg College/NEDUET, Karachi in 1994. He qualified Weapon Engg Application Course
(WEAC) from PN Engg College, Karachi in 1997. He did ME (Computer Systems) from NED University
of Engg and Technology, Karachi, Pakistan in 2003. Ashfaq Ahmad Malik has almost 18-20 years of
experience of working with respect to maintenance and operation of different weapons, sensors, communication systems, fire control systems, command & control systems, et cetera onboard different PN ships of US/UK/French/Chinese origin.
Syed Misbahuddin received BE in Electronics from Dawood College of Engineering & Technology,
Karachi Pakistan in 1983, MS in Electrical and Computer Engineering from King Fahd University of
Petroleum and Minerals, Dhahran, Saudi Arabia in 1988 and Doctor of Engineering in Electrical and
Computer Engineering from the University of Detroit Mercy, Detroit, MI, USA in 1998. He started his
career as an Assistant Professor in Computer Systems department, NED University of Engineering and
Technology, Karachi, Pakistan in 1988. He remained at NED University until 1992. From 2000 to 2010,
Syed Misbahuddin was serving as faculty member in King Fahd University of Petroleum and Minerals
and University of Hail, Saudi Arabia. He also has served North American Auto and Financial industry
as IT consultant. Misbahuddin has contributed more than twenty research publications in international
journals and conference proceedings. He has co-authored three chapter books and one Internet draft.
His research interests are in embedded systems, parallel and distributed computing, and data reduction
algorithms. Presently, Syed Misbahuddin is a Professor in Computer Engineering department, Sir Syed
University of Engineering and Technology, Karachi, Pakistan.
S. Hossein Mousavinezhad received his Ph.D. in Electrical Engineering from Michigan State University,
East Lansing, Michigan. He is currently a Professor and the Chair of the Department of Electrical
Engineering Computer Science (EECS), Idaho State University, Pocatello, Idaho. His research interests
include digital signal processing, bioelectromagnetics, and communication systems. Dr. Mousavinezhad
is a recipient of the Institute of Electrical and Electronics Engineers (IEEE) Third Millennium Medal.
He received American Society for Engineering Education (ASEE) Electrical and Computer Engineering
Division’s Meritorious Service Award in June 2007. Professor Mousavinezhad is a program evaluator
for the Accreditation Board for Engineering and Technology (ABET).
Alfredo Pironti is a post-doctoral researcher in formal methods for security protocols and securityaware
applications at Politecnico di Torino. His main research interests are on formal methods applied
to security protocols and security-aware applications. In particular, he focused on sound automatic
implementation generation of security protocols from formally verified specification, and on black-box
monitoring of legacy security protocols implementations. He is a member of the research group led by
Prof. Riccardo Sisto. Moreover, he is participating in the CryptoForma initiative, aimed at bridging the
gap between formal and computational models of cryprography. Alfredo Pironti received his PhD in
2010, and his M.S. in computer engineering in 2006, both at Politecnico di Torino.
Victor Pomponiu is a Ph.D. student and member of the Security and Network group at the Computer
Science Department, Università degli Studi di Torino, Italy, since January 2009. He received his
B.Sc. and M.Sc. in Computer Science from the Polytechnic University of Bucharest in 2006 and 2008,
specializing in communication systems. His areas of research include multimedia security (image/
video/audio encryption, watermarking, digital fingerprinting, authentication, forensics, digital rights
management), communication and network security (intrusion detection, malware, and bots detection), and ad-hoc networks.
Davide Pozza graduated in Computer Engineering in 2002, and received a PhD degree in Computer
Engineering in 2006, both from Politecnico di Torino, Torino, Italy. He is currently a post doctoral researcher
at the Department of Computer Engineering at that institution. His current research interests
include: processes, methodologies, and techniques that address software security, reliability, and safety,
static analysis techniques to detect software vulnerabilities, formal methods for modelling and analyzing
network vulnerability and cryptographic protocols, and automatic code generation of cryptographic
protocols by starting from their formal specifications. He teaches courses on network and distributed
programming, and on secure software engineering.
He also provides consultancies in the area of reliable and secure software.
Rashid A. Saeed received his BSc in Electronics Engineering from Sudan University of Science and
Technology (SUST), and PhD in Communication Engineering, UPM. He served as senior researcher
in MIMOS Berhad and then in Telekom Malaysia R&D where he awarded the “platinum badge” for
outstanding research achievement Award. Since 2010 he is Assistant Professor in electrical engineering,
UIA Malaysia. He published over 70 research papers/tutorials/talks/book chapters on UWB, cognitive
radio, and radio resources management. He is also successfully awarded 2 U.S patents and other 8 filed.
Rashid is a certified WiMAX engineer (RF and core network). He is also Six Sigma™, certified Black
Belt based on DMAIC++ from Motorola University. He is a senior member of IEEE, IEM Malaysia,
and Sigma Xi. He is one of the contributors of IEEE-WCET wireless certification in its earlier stages.
Riccardo Sisto received the M.Sc. degree in electronic engineering in 1987, and the Ph.D degree in
computer engineering in 1992, both from Politecnico di Torino, Torino, Italy. Since 1991 he has been
working at Politecnico di Torino, in the Computer Engineering Department, first as a researcher, then as
an Associate Professor and, since 2004, as a Full Professor of computer engineering. Since the beginning
of his scientific activity, his main research interests have been in the area of formal methods applied to
software engineering, communication protocol engineering, distributed systems, and computer security.
On this and related topics he has authored or co-authored more than 70 scientific papers. Dr. Sisto has
been a member of the Association for Computing Machinery (ACM) since 1999.
Hung-Jen Yang received a BS in Industrial Education from the National Kaohsiung Normal University,
an MS in Industrial Technology from the University of North Dakota, and a PhD in Industrial
Education and Technology from the Iowa State University in 1984, 1989, and 1991, respectively. He is
currently a Professor in the Department of Industrial Technology Education and the director of the Center
for Instructional and Learning Technology at the National Kaohsiung Normal University, Taiwan. His
research interests include computer networks, automation, and technology education.
Preface
The field of cyber security has assumed utmost importance in today’s information age. Cyber security
encompasses both information and network security. Information security covers the understanding of
security requirements, classification of threats, attacks, and information protection systems and methodologies.
Encryption is a key enabling technology for data and information security. Network security,
on the other hand, includes both security protocols as well as systems, which create a security perimeter
around networks for intrusion detection and avoidance. Network security protocols combine encryption
and several related mechanisms, like hashing and digital signatures, along with procedures for key and
session management, which allow for parties to establish secure communication links over otherwise
insecure communication networks and exchange private information such as personal and financial data.
As part of proactive information security, Security Information Management (SIM) systems are set
up by those tasked with managing information security in their respective organizations. These systems
consolidate and analyze the information system usage logs in near real-time for alerting and in off-line
mode for demonstrating system security and compliance to standards and regulations.
At this time realtime audio, video, and instant messaging systems are used ubiquitously over integrated and converged public communication networks. Their security requirements include protection against eavesdropping and end to end authentication. To this end security protocols such as Secure Real Time Protocol (SRTP) for streaming media security have been developed by the Internet Engineering Task Force (IETF). Cyber security of industrial manufacturing and utility industries, such as power, water, and gas, has assumed national defense status. Most industries, including power generation and manufacturing, use PLC’s (programmable logic controllers) that are connected to computers for remote control. SCADA and industrial systems security includes protection of SCADA control units or industrial equipment in production, power generation & distribution, fabrication, refining, public and private infrastructure institutions, and large communication systems. The area of industrial and infrastructure security is very important and various governments have mandated the compliance by all institutions and services to many security regulations.
This book aims to provide a comprehensive reference in cyber security covering all important topics
including encryption, authentication, integrity, security infrastructure, and protocols. It covers areas that
pertain to digital information encryption techniques, secure networking protocols, security management
systems, and industrial and SCADA security standards. We believe that it would not only serve
as a reference for existing technologies, it would also become a reference for innovation in this field. It
would serve a broad audience including researchers and practitioners in cyber and industrial security,
e-commerce and web security experts, academicians, students, and working professionals in utilities,
manufacturing, municipal services, government, defense, and networking companies.
Wireless technologies are bringing significant changes to data networking and telecommunication
services, making integrated networks a reality. By removing the wires, personal networks, local area
networks, mobile radio networks and cellular systems, offer an entirely distributed mobile computing and
communications environment. Due to their unique features such as shared medium, limited resources,
and dynamic topology, wireless ad hoc networks are vulnerable to a variety of potential attacks. However, the common security measures employed for wired networks are not enough to protect the nodes of the networks against complex attacks. Therefore, a new line of defense, called intrusion detection, has been added. In the first chapter the main wireless technologies are introduced along with their characteristics. Then, a description of the attacks that can be mounted on these networks is given. A separate section reviews and compares the most recent intrusion detection techniques for wireless ad hoc networks. Finally, based on the current state of the art, the conclusions and major challenges are discussed. Handheld devices like smartphones must include rigorous and convenient handheld data protection in case the devices are lost or stolen. The second chapter proposes a set of novel approaches to protecting handheld data by using mobile usage pattern matching, which compares the current handheld usage pattern to the stored usage patterns. If they are drastically different, a security action such as requiring a password entry is activated. Various algorithms of pattern matching may be used. Two of them discussed in the chapter are (i) approximate usage string matching and (ii) usage finite automata. The first method uses approximate string matching to check device usage and the second method converts the usage tree into a deterministic finite automaton (DFA). Experimental results show this method is effective and convenient for handheld data protection, but the accuracy may need to be improved. An important part of ISO/IEC 27002 cyber security standard is the conservation of confidentiality that falls under its computer facility protection part which insures that the computer and its stored information can only be accessed by the authorized users. Securing mobile devices and mobile data to ensure the confidentiality, integrity, and availability of both data and security applications requires
special consideration to be paid to the typical mobile environment in which a mobile computing device
would be utilized. Protecting mobile devices includes multiple security technologies such as the right
identification of its particular user, data encryption, physical locking devices, monitoring and tracking
software, and alarms. Chapter 3 reviews security-specific hardware and software applied to mobile computing and presents its advantages and drawbacks. Then it considers the concept of usability constraints in context of mobile computing security and introduces the seamless security method for identity proof of a particular user or device.
Social media is transforming the way we find, create, and share information during the course of
our personal life and work. The rapid growth of social media and the ubiquitous sharing and access of
information through various digital channels has created new vulnerabilities and cyber threats. Chapter
4 provides an overview of the security and privacy implications of social networks and communities. It
examines and raises awareness about cyber security threats from social media, to describe the state of
technology to mitigate security risks introduced by social networks, to shed light on standards for identity
and information sharing or lack thereof, and to present new research and development. The chapter will
serve as a reference to students, researchers, practitioners, and consultants in the area of social media,
cyber security, and Information and Communication Technologies (ICT).
The Internet, originally designed in a spirit of trust, uses protocols and frameworks that are not inherently
secure. This basic weakness is greatly compounded by the interconnected nature of the Internet,
which, together with the revolution in the software industry, has provided a medium for large-scale
exploitation, for example, in the form of botnets. Despite considerable recent efforts, Internet-based
attacks, particularly via botnets, are still ubiquitous and have caused great damage on both national and
international levels. Chapter 5 provides a brief overview of the botnet phenomena and its pernicious
aspects. Current governmental and corporate efforts to mitigate the threat are also described, together
with the bottlenecks limiting their effectiveness in various countries. The chapter concludes with a description of lines of investigation that could counter the botnet phenomenon.
Due to the rapidly evolving nature of network attacks, a considerable paradigm shift has taken
place with focus now on Network-based Anomaly Detection Systems (NADSs) that can detect zeroday
attacks. At this time, it is important to evaluate existing anomaly detectors to determine and learn
from their strengths and weaknesses. Chapter 6 aims to evaluate the performance of eight prominent
network-based anomaly detectors under malicious portscan attacks. These NADSs are evaluated on three criteria: accuracy (ROC curves), scalability (with respect to varying normal and attack traffic rates, and deployment points), and detection delay. Based on experiments, promising guidelines are identified to improve the accuracy and scalability of existing and future anomaly detectors. It is shown that the proposed guidelines provide considerable and consistent accuracy improvements for all evaluated NADSs. Quantum cryptography holds the promise of unbreakable encryption systems and is based in using photons. In chapter 7 the author presents a method to estimate parameters of the decoy state protocol based on one decoy state protocol for both BB84 and SARG04. This method can give different lower bound of the fraction of single-photon counts, the fraction of two-photon counts, the upper bound QBER of singlephoton pulses, the upper bound QBER of two-photon pulses, and the lower bound of key generation rate for both BB84 and SARG04. The effects of statistical fluctuations on some parameters of our QKD system have been presented. We have also performed the optimization on the choice of intensities and percentages of signal state and decoy states which give out the maximum distance and the optimization of the key generation rate. The numerical simulation has shown that the fiber based QKD and free space QKD systems using the proposed method for BB84 are able to achieve both a higher secret key rate and greater secure distance than that of SARG04. Also, it is shown that bidirectional ground to satellite and inter-satellite communications are possible with this protocol. The experiment of decoy state QKD has been demonstrated using ID-3000 commercial QKD system based on a standard ‘Plug & Play’ set-up.
One decoy state QKD has been implemented for both BB84 and SARG04 over different transmission
distance of standard telecom fiber. Designing and implementing security protocols are known to be error-prone tasks. Recent research progress in the field of formal methods applied to security protocols has enabled the use of these techniques in practice. The authors’ objective in chapter 8 is to give a circumstantial account of the state-of-the-art reached in this field, showing how formal methods can help in improving quality of security protocols.
Since automation is a key factor for the acceptability of these techniques in the engineering practice, the
chapter focuses on automated techniques and illustrates in particular how high-level protocol models
in the Dolev-Yao style can be automatically analyzed and how it is possible to automatically enforce
formal correspondence between an abstract high-level model and an implementation.
Not long ago, it was thought that only software applications and general purpose digital systems i.e.
computers were prone to various types of attacks against their security. The underlying hardware, hardware implementations of these software applications, embedded systems, and hardware devices were considered to be secure and out of reach of these attacks. However, during previous few years, it has been demonstrated that novel attacks against the hardware and embedded systems can also be mounted.
Not only viruses, but worms and Trojan horses have been developed for them, and they have also been
demonstrated to be effective. Whereas a lot of research has already been done in the area of security
of general purpose computers and software applications, hardware and embedded systems security is
a relatively new and emerging area of research. Chapter 9 provides details of various types of existing
attacks against hardware devices and embedded systems, analyzes existing design methodologies for
their vulnerability to new types of attacks, and along the way describes solutions and countermeasures
against them for the design and development of secure systems.
A Supervisory Control and Data Acquisition (SCADA) system is composed of number of remote
terminal units (RTUs) for collecting field data. These RTUs send the data back to a master station, via a
communication network. The master station displays the acquired data and allows the operator to perform remote control tasks. An RTU is a microprocessor based standalone data acquisition control unit. As the RTUs work in harsh environment, the processor inside the RTU is susceptible to random faults. If the processor fails, the equipment or process being monitored by it will become inaccessible. Chapter 10 proposes a fault tolerant scheme to untangle the RTU’s failure issue. According to the scheme, every RTU will have at least two processing elements. In case of either processor’s failure, the surviving processor will take over the tasks of the failed processor to perform its tasks. With this approach, an RTU remain functional despite the failure of the processor inside the RTU. Reliability and availability modeling of the proposed fault tolerant scheme have been presented. Moreover, cyber security for SCADA system and recommendations for the mitigation of these issues have been discussed.
The world’s critical infrastructure includes entities such as the water, waste water, electrical utilities,
and the oil and gas industry. In many cases, these rely on pipelines that are controlled by supervisory
control and data acquisition (SCADA) systems. SCADA systems have evolved to highly networked,
common platform systems. This evolutionary process creates expanding and changing cyber security
risks. The need to address this risk profile is mandated from the highest government level. Chapter 11
discusses the various processes, standards, and industry based best practices that are directed towards
minimizing these risks. C4ISR stands for Command, Control, Communications, Computers, Intelligence, Surveillance & Reconnaissance. C4ISR systems are primarily used by organizations in the defense sector. However, they are also increasingly being used by civil sector organizations such as railways, airports, and oil and gas exploration departments. The C4ISR system is a system of systems and it can also be termed as network of networks and works on similar principles as the Internet. Hence it is vulnerable to similar attacks called cyber attacks and warrants appropriate security measures to save it from these attacks or to recover if the attack succeeds. All of the measures put in place to achieve this are called cyber security of C4ISR systems. Chapter 12 gives an overview of C4ISR systems focusing on the perspective of cyber security warranting information assurance.
A rapidly changing face of Internet threat landscape has posed remarkable challenges for security
professionals to thwart their IT infrastructure by applying advanced defensive techniques, policies, and
procedures. Today, nearly 80% of total applications are web-based and externally accessible depending
on the organization policies. In many cases, number of security issues discovered not only depends on the system configuration but also the application space. Rationalizing security functions into the application is a common practice but assessing their level of resiliency requires structured and systematic approach to test the application against all possible threats before and after deployment. The application security assessment process and tools presented in Chapter 13 are mainly focused and mapped with industry standards and compliance including PCI-DSS, ISO27001, GLBA, FISMA, SOX, and HIPAA, in order to assist the regulatory requirements. Additionally, to retain a defensive architecture, web application firewalls have been discussed and a map between well-established application security standards (WASC, SANS, OWASP) is prepared to represent a broad view of threat classification.
With a wide variety of current topics in Cyber Security treated in this handbook we hope it proves to
be a suitable reference to the topics which are covered in various chapters. We hope you have as much
pleasure and intellectual fulfillment in reading these chapters as we have had in editing and managing
their evolution from original single page chapter proposals to final camera ready drafts that constitute
the handbook that you hold.
Junaid Ahmed Zubairi
State University of New York at Fredonia, USA
Athar Mahboob
National University of Sciences & Technology, Pakistan
Screenshot
Purchase Now !
Just with Paypal
Just with Paypal
Product details
Price
|
|
|---|---|
File Size
| 16,281 KB |
Pages
|
337 p |
File Type
|
PDF format |
ISBN
| 978-1-60960-852-1 |
Copyright
| 2012 by IGI Global |
Table of Contents
Foreword
Preface
Acknowledgment
Section 1
Mobile and Wireless Security
Chapter 1 Securing Wireless Ad Hoc Networks: State of the Art and Challenges
Victor Pomponiu, University of Torino, Italy
Chapter 2 Smartphone Data Protection Using Mobile Usage Pattern Matching
Wen-Chen Hu, University of North Dakota, USA
Naima Kaabouch, University of North Dakota, USA
S. Hossein Mousavinezhad, Idaho State University, USA
Hung-Jen Yang, National Kaohsiung Normal University, Taiwan
Chapter 3 Conservation of Mobile Data and Usability Constraints
Rania Mokhtar, University Putra Malaysia (UPM), Malaysia
Rashid Saeed, International Islamic University Malaysia (IIUM), Malaysia
Section 2
Social Media, Botnets and Intrusion Detection
Chapter 4 Cyber Security and Privacy in the Age of Social Networks
Babar Bhatti, MutualMind, Inc., USA
Chapter 5 Botnets and Cyber Security: Battling Online Threats
Ahmed Mansour Manasrah, National Advanced IPv6 Center, Malaysia
Omar Amer Abouabdalla, National Advanced IPv6 Center, Malaysia
Moein Mayeh, National Advanced IPv6 Center, Malaysia
Nur Nadiyah Suppiah, National Advanced IPv6 Center, Malaysia
Chapter 6 Evaluation of Contemporary Anomaly Detection Systems (ADSs)
Ayesha Binte Ashfaq, National University of Sciences & Technology (NUST), Pakistan
Syed Ali Khayam, National University of Sciences & Technology (NUST), Pakistan
Section 3
Formal Methods and Quantum Computing
Chapter 7 Practical Quantum Key Distribution
Sellami Ali, International Islamic University Malaysia (IIUM), Malaysia
Chapter 8 Automated Formal Methods for Security Protocol Engineering
Alfredo Pironti, Politecnico di Torino, Italy
Davide Pozza, Politecnico di Torino, Italy
Riccardo Sisto, Politecnico di Torino, Italy
Section 4
Embedded Systems and SCADA Security
Chapter 9 Fault Tolerant Remote Terminal Units (RTUs) in SCADA Systems
Syed Misbahuddin, Sir Syed University of Engineering and Technology, Pakistan
Nizar Al-Holou, University of Detroit Mercy, USA
Chapter 10 Embedded Systems Security
Muhammad Farooq-i-Azam, COMSATS Institute of Information Technology, Pakistan
Muhammad Naeem Ayyaz, University of Engineering and Technology, Pakistan
Section 5
Industrial and Applications Security
Chapter 11 Cyber Security in Liquid Petroleum Pipelines
Morgan Henrie, MH Consulting, Inc., USA
Chapter 12 Application of Cyber Security in Emerging C4ISR Systems and Related Technologies
Athar Mahboob, National University of Sciences & Technology, Pakistan
Adil Khan, National University of Sciences & Technology, Pakistan
Junaid Zubairi, State University of New York at Fredonia, USA
Chapter 13 Practical Web Application Security Audit Following Industry Standards and Compliance
Shakeel Ali, Cipher Storm Ltd., UK
Compilation of References
About the Contributors
Index
Detailed Table of Contents
Foreword................xii
Preface............xiii
Acknowledgment...............xviii
Section 1 Mobile and Wireless Security
Chapter 1
Securing Wireless Ad Hoc Networks: State of the Art and Challenges..1
Victor Pomponiu, University of Torino, Italy
In this chapter, first authors introduce the main wireless technologies along with their characteristics.
Then, a description of the attacks that can be mounted on these networks is given. A separate section
will review and compare the most recent intrusion detection techniques for wireless ad hoc networks.
Finally, based on the current state of the art, the conclusions, and major challenges are discussed.
Chapter 2
Smartphone Data Protection Using Mobile Usage Pattern Matching... 23
Wen-Chen Hu, University of North Dakota, USA
Naima Kaabouch, University of North Dakota, USA
S. Hossein Mousavinezhad, Idaho State University, USA
Hung-Jen Yang, National Kaohsiung Normal University, Taiwan
This research proposes a set of novel approaches to protecting handheld data by using mobile usage
pattern matching, which compares the current handheld usage pattern to the stored usage patterns. If
they are drastic different, a security action such as requiring a password entry is activated. Various
algorithms of pattern matching can be used in this research. Two of them are discussed in this chapter.
Chapter 3
Conservation of Mobile Data and Usability Constraints..... 40
Rania Mokhtar, University Putra Malaysia (UPM), Malaysia
Rashid Saeed, International Islamic University Malaysia (IIUM), Malaysia
The goal of this chapter is to examine and raise awareness about cyber security threats from social media, to describe the state of technology to mitigate security risks introduced by social networks, to shed light on standards for identity and information sharing or lack thereof, and to present new research and development. The chapter will serve as a reference to students, researchers, practitioners, and consultants in the area of social media, cyber security, and Information and Communication technologies (ICT).
Section 2 Social Media, Botnets and Intrusion Detection
Chapter 4
Cyber Security and Privacy in the Age of Social Networks. 57
Babar Bhatti, MutualMind, Inc., USA
The goal of this chapter is to examine and raise awareness about cyber security threats from social media, to describe the state of technology to mitigate security risks introduced by social networks, to shed light on standards for identity and information sharing or lack thereof, and to present new research and development. The chapter will serve as a reference to students, researchers, practitioners, and consultants in the area of social media, cyber security, and Information and Communication technologies (ICT).
Chapter 5
Botnets and Cyber Security: Battling Online Threats.. 75
Ahmed Mansour Manasrah, National Advanced IPv6 Center, Malaysia
Omar Amer Abouabdalla, National Advanced IPv6 Center, Malaysia
Moein Mayeh, National Advanced IPv6 Center, Malaysia
Nur Nadiyah Suppiah, National Advanced IPv6 Center, Malaysia
This chapter provides a brief overview of the botnet phenomena and its pernicious aspects. Current governmental and corporate efforts to mitigate the threat are also described, together with the bottlenecks limiting their effectiveness in various countries. The chapter concludes with a description of lines of investigation that could counter the botnet phenomenon.
Chapter 6
Evaluation of Contemporary Anomaly Detection Systems (ADSs)... 90
Ayesha Binte Ashfaq, National University of Sciences & Technology (NUST), Pakistan
Syed Ali Khayam, National University of Sciences & Technology (NUST), Pakistan
Due to the rapidly evolving nature of network attacks, a considerable paradigm shift has taken place
with focus now on Network-based Anomaly Detection Systems (NADSs) that can detect zero-day attacks. At this time, it is important to evaluate existing anomaly detectors to determine and learn from
their strengths and weaknesses. Thus, the authors aim to evaluate the performance of eight prominent
network-based anomaly detectors under malicious portscan attacks.
Section 3 Formal Methods and Quantum Computing
Chapter 7
Practical Quantum Key Distribution... 114
Sellami Ali, International Islamic University Malaysia (IIUM), Malaysia
The central objective of this chapter is to study and implement practical systems for quantum cryptography using decoy state protocol. In particular we seek to improve dramatically both the security and the performance of practical QKD system (in terms of substantially higher key generation rate and longer distance).
Chapter 8
Automated Formal Methods for Security Protocol Engineering..138
Alfredo Pironti, Politecnico di Torino, Italy
Davide Pozza, Politecnico di Torino, Italy
Riccardo Sisto, Politecnico di Torino, Italy
The objective of this chapter is to give a circumstantial account of the state-of-the-art reached in this
field, showing how formal methods can help in improving quality. Since automation is a key factor
for the acceptability of these techniques in the engineering practice, the chapter focuses on automated
techniques and illustrates in particular how high-level protocol models in the Dolev-Yao style can be
automatically analyzed and how it is possible to automatically enforce formal correspondence between
an abstract high-level model and an implementation.
Section 4 Embedded Systems and SCADA Security
Chapter 9
Fault Tolerant Remote Terminal Units (RTUs) in SCADA Systems.168
Syed Misbahuddin, Sir Syed University of Engineering and Technology, Pakistan
Nizar Al-Holou, University of Detroit Mercy, USA
This chapter proposes a fault tolerant scheme to untangle the RTU’s failure issue. According to the
scheme, every RTU will have at least two processing elements. In case of either processor’s failure, the
surviving processor will take over the tasks of the failed processor to perform its tasks. With this approach, an RTU can remain functional despite the failure of the processor inside the RTU.
Chapter 10
Embedded Systems Security.... 179
Muhammad Farooq-i-Azam, COMSATS Institute of Information Technology, Pakistan
Muhammad Naeem Ayyaz, University of Engineering and Technology, Pakistan
Whereas a lot of research has already been done in the area of security of general purpose computers and software applications, hardware and embedded systems security is a relatively new and emerging area of research. This chapter provides details of various types of existing attacks against hardware devices and embedded systems, analyzes existing design methodologies for their vulnerability to new types of attacks, and along the way describes solutions and countermeasures against them for the design and development of secure systems.
Section 5 Industrial and Applications Security
Chapter 11
Cyber Security in Liquid Petroleum Pipelines...... 200
Morgan Henrie, MH Consulting, Inc., USA
The world’s critical infrastructure includes entities such as the water, waste water, electrical utilities,
and the oil and gas industry. In many cases, these rely on pipelines that are controlled by supervisory
control and data acquisition (SCADA) systems. SCADA systems have evolved to highly networked,
common platform systems. This evolutionary process creates expanding and changing cyber security
risks. The need to address this risk profile is mandated from the highest government level. This chapter
discusses the various processes, standards, and industry based best practices that are directed towards
minimizing these risks.
Chapter 12 Application of Cyber Security in Emerging C4ISR Systems and Related Technologies..223
Ashfaq Ahmad Malik, National University of Sciences & Technology, Pakistan
Athar Mahboob, National University of Sciences & Technology, Pakistan
Adil Khan, National University of Sciences & Technology, Pakistan
Junaid Zubairi, State University of New York at Fredonia, USA
The C4ISR system is a system of systems and it can also be termed as network of networks and works
on similar principles as the Internet. Hence it is vulnerable to similar attacks called cyber attacks and
warrants appropriate security measures to save it from these attacks or to recover if the attack succeeds. All of the measures put in place to achieve this are called cyber security of C4ISR systems. This chapter gives an overview of C4ISR systems focusing on the perspective of cyber security warranting information assurance.
Chapter 13 Practical Web Application Security Audit Following Industry Standards and Compliance...259
Shakeel Ali, Cipher Storm Ltd., UK
Today, nearly 80% of total applications are web-based and externally accessible depending on the organization policies. In many cases, number of security issues discovered not only depends on the system configuration but also the application space. Rationalizing security functions into the application is a common practice but assessing their level of resiliency requires structured and systematic approach to
test the application against all possible threats before and after deployment. The application security
assessment process and tools presented here are mainly focused and mapped with industry standards
and compliance including PCI-DSS, ISO27001, GLBA, FISMA, SOX, and HIPAA, in order to assist the regulatory requirements.
Compilation of References...... 280
About the Contributors.......... 303
Index.............. 310
●▬▬▬▬▬❂❂❂▬▬▬▬▬●
●▬▬❂❂▬▬●
●▬❂▬●
●❂●
═════● ●═════
