Information Security Handbook

Book description

This handbook provides a comprehensive collection of knowledge for emerging multidisciplinary research areas such as cybersecurity, IoT, Blockchain, Machine Learning, Data Science, and AI. This book brings together in one resource Information security across multiple domains.

Table of contents

  1. Cover
  2. Half Title
  3. Series Page
  4. Title Page
  5. Copyright Page
  6. Contents
  7. Preface
  8. Editor Biographies
  9. Contributors
  10. 1 SC-MCHMP: Score-Based Cluster Level Hybrid Multi-Channel MAC Protocol for Wireless Sensor Network
    1. 1.1 Introduction
    2. 1.2 Literature Survey
    3. 1.3 Proposed Work
      1. 1.3.1 Procedure of Routing Mechanism
        1. 1.3.1.1 1-Hop Discovery
        2. 1.3.1.2 Metric Calculation
        3. 1.3.1.3 Link Score Calculation
        4. 1.3.1.4 Source Selection
      2. 1.3.2 Csma/ca
      3. 1.3.3 TDMA
      4. 1.3.4 FDMA
    4. 1.4 Results and Discussion
    5. 1.5 Conclusion
    6. References
  11. 2 Software-Defined Networking (SDN) Security Concerns
    1. 2.1 Introduction
    2. 2.2 Potential Anomalies in SDN
      1. 2.2.1 Unauthorized Access
      2. 2.2.2 Malicious Application
      3. 2.2.3 Network Manipulation
      4. 2.2.4 Traffic Diversion
      5. 2.2.5 Denial of Service (DoS)
      6. 2.2.6 Configuration Issues
      7. 2.2.7 Data Leakage
    3. 2.3 Security Analyses and Research Challenges
      1. 2.3.1 SDN Security Analyses
      2. 2.3.2 Scenarios
        1. 2.3.2.1 Scenario 1
        2. 2.3.2.2 Scenario 2
        3. 2.3.2.3 Scenario 3
      3. 2.3.3 Research Challenges
    4. 2.4 Conclusion
    5. References
  12. 3 Clustering in Wireless Sensor Networks Using Adaptive Neuro-Fuzzy Inference Logic
    1. 3.1 Introduction
    2. 3.2 Related Work
    3. 3.3 Proposed Work
    4. 3.4 Simulation Results
    5. 3.5 Conclusion and Future Scope
    6. References
  13. 4 Security in Big Data
    1. 4.1 Big Data
      1. 4.1.1 Volume – The Size of Data
      2. 4.1.2 Variety – Different Forms of Data
      3. 4.1.3 Velocity – Speed of Data Generation
      4. 4.1.4 Value – Data's Worth
      5. 4.1.5 Veracity – Data Uncertainty
      6. 4.1.6 Variability – Data Inconsistency
      7. 4.1.7 Visualization – Data Representation
      8. 4.1.8 Volatility – How Long to Store Data
      9. 4.1.9 Validity – Data Use
    2. 4.2 Data Sources of Big Data
    3. 4.3 Architecture
      1. 4.3.1 Data Source
      2. 4.3.2 Ingestion
      3. 4.3.3 Storage Layer
      4. 4.3.4 Staging
      5. 4.3.5 Data Pipeline
      6. 4.3.6 Data and Workflow Management
      7. 4.3.7 Data Access
    4. 4.4 Big Data Challenges
    5. 4.5 Big Data Analytics Challenges in Big Data
    6. 4.6 Technical Challenges in Big Data
    7. 4.7 Characteristics-Oriented Challenges of Big Data
      1. 4.7.1 Data Volume
      2. 4.7.2 Data Velocity
      3. 4.7.3 Data Variety
      4. 4.7.4 Data Value
    8. 4.8 Privacy Challenges
    9. 4.9 Security Challenges
    10. 4.10 Current Security Challenges in Big Data
      1. 4.10.1 Big Data Security – A Definition
      2. 4.10.2 Case Studies of Security Breaches Depicting Their Impact on Organizations
    11. 4.11 Major Security Issues of Big Data
      1. 4.11.1 Distributed Frameworks Security
      2. 4.11.2 Nonrelational Data Stores Protection
      3. 4.11.3 Storage Security
      4. 4.11.4 Monitoring Real-Time Security
      5. 4.11.5 Privacy-Preserving Data Analytics and Mining
      6. 4.11.6 Granular Audit
      7. 4.11.7 End-Point Security
      8. 4.11.8 Data-Centric Security Based on Cryptography
    12. 4.12 Solutions to Security Challenges
      1. 4.12.1 Complete Data Supervision of Social Networks
      2. 4.12.2 Improvement in Legal Mechanism
      3. 4.12.3 Improvement to People Awareness of Data Quality
      4. 4.12.4 Put Security First
    13. 4.13 Conclusion
    14. References
  14. 5 Prevention of DOS/DDOS Attacks Through Expert Honey-Mesh Security Infrastructure
    1. 5.1 Introduction
      1. 5.1.1 Types of DDOS Attacks
        1. 5.1.1.1 Direct Flooding Attacks
        2. 5.1.1.2 Remote-Controlled Network Attacks
        3. 5.1.1.3 Reflective Flooding Attacks
        4. 5.1.1.4 Protocol Violation Attacks
        5. 5.1.1.5 Fragmentation Attacks
        6. 5.1.1.6 Network Infrastructure Attacks
    2. 5.2 Working of DDOS Attacks
      1. 5.2.1 Using a Botnet “Botnet” to Launch a DDOS Attack
      2. 5.2.2 Prevention Measures of DDOS Attacks
      3. 5.2.3 Never Overestimate the Defenses of the Network
      4. 5.2.4 Create a Reference Model to Better Identify Active Attacks
      5. 5.2.5 Apply the Latest Patches of Suppliers
      6. 5.2.6 Secure the IoT Devices
      7. 5.2.7 Deploy a Solution for the Mitigation of DDOS Attacks Dedicated
      8. 5.2.8 Reduce the Attack Surface
      9. 5.2.9 Plan the Scaling
      10. 5.2.10 Implement Firewalls for Sophisticated Application Attacks
    3. 5.3 Methodology
      1. 5.3.1 Introduction to Expert Honey Mesh System
      2. 5.3.2 Creation of Honey Pots
      3. 5.3.3 Implementation of Honey Pot
    4. 5.4 Proposed System
      1. 5.4.1 Working of Proposed System
        1. 5.4.1.1 Detection and Prevention of DDOS Attack Via Our Proposed System
    5. 5.5 Experimental Result
      1. 5.5.1 Simulation
      2. 5.5.2 DDOS Attack Launched on Website
      3. 5.5.3 Increase in the Volume of Attacks and Distribution Over Time
      4. 5.5.4 Prevention of DDOS Attack Via Fuzzy Logic Mechanism
        1. 5.5.4.1 Fuzzy-Logic Rules
      5. 5.5.5 Implementation of Fuzzy-Logic Rules for Prevention of DDOS Attacks
      6. 5.5.6 Advantages and Future Enhancements
    6. 5.6 Conclusion
    7. References
  15. 6 Efficient Feature Grouping for IDS Using Clustering Algorithms in Detecting Known/Unknown Attacks
    1. 6.1 Introduction
    2. 6.2 Related Work
    3. 6.3 Design Methodology
    4. 6.4 Applications and Future Work
    5. 6.5 Conclusion
    6. References
  16. 7 PDF Malware Classifiers – A Survey, Future Directions, and Recommended Methodology
    1. 7.1 Introduction
    2. 7.2 X-Ray of PDF File
    3. 7.3 Reading of PDF Files
    4. 7.4 Steps Involved in Classifying PDF Files
      1. 7.4.1 Prior Procedure Before the Actual Parsing
      2. 7.4.2 Feature Extraction
      3. 7.4.3 Classifier
    5. 7.5 Modes of Classification
    6. 7.6 Static Classification of PDF Files
    7. 7.7 Static Classification Systems
      1. 7.7.1 PJScan
      2. 7.7.2 N-Gram
      3. 7.7.3 Slayer
      4. 7.7.4 N-Gram II
      5. 7.7.5 PDFrate v1
      6. 7.7.6 Hidost
      7. 7.7.7 Slayer NEO
      8. 7.7.8 PDFrate v2
    8. 7.8 Comparison Between the Different Static Classifiers
    9. 7.9 Dynamic Classification of PDF Files
    10. 7.10 Dynamic Classification Systems
      1. 7.10.1 PlatPal
      2. 7.10.2 MDScan
      3. 7.10.3 WepaWet
      4. 7.10.4 PDF Scrutinizer
      5. 7.10.5 Lux0R
    11. 7.11 Comparison Between Different Dynamic Classifiers
    12. 7.12 Novel Methodologies
    13. 7.13 Conclusions and Future Directions
    14. References
  17. 8 Key Authentication Schemes for Medical Cyber Physical System
    1. 8.1 Introduction
    2. 8.2 Security Objectives for Medical CPS
      1. 8.2.1 Mutual Authentication
      2. 8.2.2 Data Freshness
      3. 8.2.3 Forward Security
      4. 8.2.4 Data Authenticity
      5. 8.2.5 Data Integrity
      6. 8.2.6 Data Confidentiality
      7. 8.2.7 Unforgeability
      8. 8.2.8 Scalability
    3. 8.3 Security Challenges for Medical CPS
      1. 8.3.1 Resource Constraint (Gupta et al., 2019)
      2. 8.3.2 Denial of Service Attack (Alguliyev et al., 2018)
      3. 8.3.3 Impersonation Attack (Xu et al., 2019a,b)
      4. 8.3.4 Replay Attack (Kompara et al., 2019)
      5. 8.3.5 Eavesdropping Attack (Shen et al., 2018)
      6. 8.3.6 Compromised Nodes and Clone Attack (Xu et al., 2019a,b)
      7. 8.3.7 Anonymous and Unlinkable Sessions (Kompara et al., 2019)
      8. 8.3.8 Desynchronization/Jamming Attack (Liu & Chung, 2017)
    4. 8.4 Types of Key Authentication Schemes for Medical CPS
      1. 8.4.1 Physiological-Based Key Authentication Schemes
      2. 8.4.2 Cryptographic-Based Authentication Schemes
        1. 8.4.2.1 Pre-deployed Authentication Schemes
        2. 8.4.2.2 Asymmetric Authentication Schemes
      3. 8.4.3 Hybrid Authentication Schemes
      4. 8.4.4 Channel-Based Authentication Schemes
    5. 8.5 Conclusion and Future Research Direction
    6. References
  18. 9 Ransomware Attack: Threats & Different Detection Technique
    1. 9.1 Introduction
    2. 9.2 Related Study
    3. 9.3 Materials & Methods
      1. 9.3.1 Algorithms Used for Ransomware/Malware Detection
    4. 9.4 Analysis
    5. 9.5 Practical Implication
    6. 9.6 Conclusion
    7. References
  19. 10 Security Management System (SMS)
    1. 10.1 Introduction
    2. 10.2 Application of Information Security in Corporations
      1. 10.2.1 Information Security Components: Confidentiality, Integrity, Availability (CIA)
        1. 10.2.1.1 Confidentiality
        2. 10.2.1.2 Integrity
        3. 10.2.1.3 Availability
    3. 10.3 Information Security Incidents [11]
    4. 10.4 Common Attacks on CIA Triad [12]
    5. 10.5 Information Security Management
    6. 10.6 Security Management System
    7. 10.7 Basis of Security Management System
      1. 10.7.1 Risk Management
      2. 10.7.2 Risk Assessment
      3. 10.7.3 Challenges for Risk Assessment
    8. 10.8 Some Other Essentials for SMS
    9. 10.9 Steps Involved in the Infrastructures of the SMS
    10. 10.10 System Development and Maintenance
    11. 10.11 Business Continuity Management
    12. 10.12 Security Management System Components
    13. 10.13 Security Management System Domains
      1. 10.13.1 ISO/IEC 27001
        1. 10.13.1.1 History of ISO/IEC 27001
        2. 10.13.1.2 PDCA Model
        3. 10.13.1.3 Changes in ISO/IEC 27001 in 2013 Version
    14. 10.14 Security Controls [35]
    15. 10.15 Certification
    16. 10.16 SMS (ISO/IEC 27001) Audits [23]
      1. 10.16.1 Benefits of ISO/IEC 27001
    17. 10.17 Security Management System Challenges
    18. 10.18 Conclusion
    19. References
  20. 11 Automatic Street Light Control Based on Pedestrian and Automobile Detection
    1. 11.1 Introduction
    2. 11.2 Background of the Invention
    3. 11.3 Literature Review
    4. 11.4 Circuit Diagram
      1. 11.4.1 Major Components Used
    5. 11.5 Architecture Diagram
    6. 11.6 Proposed Work
      1. 11.6.1 Instructions
    7. 11.7 Results and Discussion
      1. 11.7.1 Usage of Automatic Street Lights
      2. 11.7.2 Feasibility and Cost Effectiveness
      3. 11.7.3 Used in Versatile Areas
      4. 11.7.4 Large-Scale Manufacturing
      5. 11.7.5 Merging with AI and IoT
      6. 11.7.6 Stability and Emergency
      7. 11.7.7 Security Protocols
    8. 11.8 Conclusion & Future Works
    9. References
  21. 12 Cost-Oriented Electronic Voting System Using Hashing Function with Digital Persona
    1. 12.1 Introduction
    2. 12.2 Literature Review
    3. 12.3 Proposed Method
      1. 12.3.1 System Requirements
      2. 12.3.2 System Architecture
      3. 12.3.3 System Modules
      4. 12.3.4 System Modeling
    4. 12.4 Working Procedure
      1. 12.4.1 Election Participants
      2. 12.4.2 Election Process
      3. 12.4.3 Generate Results
    5. 12.5 Discussion and Findings
      1. 12.5.1 Outcome of Proposed Voting System
      2. 12.5.2 Existing Voting System of Pakistan with Proposed System
      3. 12.5.3 Optimization in Multiple Enhancement Factors in Proposed System
    6. 12.6 Conclusion
    7. 12.7 Future Work
    8. Reference
  22. 13 Blockchain-Based Supply Chain System Using Intelligent Chatbot with IoT-RFID
    1. 13.1 Introduction
    2. 13.2 Background
      1. 13.2.1 Ethereum
      2. 13.2.2 Hyperledger Fabric
    3. 13.3 Chatbot with Blockchain
      1. 13.3.1 IOT (Internet of Things)
      2. 13.3.2 RFID Chips
      3. 13.3.3 RFID with Blockchain
      4. 13.3.4 Modern Supply Chain
    4. 13.4 Problem Statement
    5. 13.5 Literature Review
    6. 13.6 Methodology
    7. 13.7 Conclusion
    8. References
  23. Index

Product information

  • Title: Information Security Handbook
  • Author(s): Noor Zaman Jhanjhi, Khalid Hussain, Mamoona Humayun, Azween Bin Abdullah, João R.S. Tavares
  • Release date: February 2022
  • Publisher(s): CRC Press
  • ISBN: 9781000540567