Books in the Advances in Information Security series

This book offers the latest research results in security and privacy for Intelligent Edge Computing Systems. It presents state-of-the art content and provides an in-depth overview of the basic background in this related field. Practical areas in both security and risk analysis are addressed as well as connections directly linked to Edge Computing paradigms. This book also offers an excellent foundation on the fundamental concepts and principles of security, privacy and risk analysis in Edge Computation infrastructures. It guides the reader through the core ideas with relevant ease.Edge Computing has burst onto the computational scene offering key technologies for allowing more flexibility at the edge of networks. As Edge Computing has evolved as well as the need for more in-depth solutions in security, privacy and risk analysis at the edge. This book includes various case studies and applications on Edge Computing. It includes the Internet of Things related areas, such as smart cities, blockchain, mobile networks, federated learning, cryptography and cybersecurity.This book is one of the first reference books covering security and risk analysis in Edge Computing Systems. Researchers and advanced-level students studying or working in Edge Computing and related security fields will find this book useful as a reference. Decision makers, managers and professionals working within these fields will want to purchase this book as well.

This book offers the latest research results on blockchain technology and its application for cybersecurity in cyber-physical systems (CPS). It presents crucial issues in this field and provides a sample of recent advances and insights into the research progress. Practical use of blockchain technology is addressed as well as cybersecurity and cyber threat challenges and issues. This book also offers readers an excellent foundation on the fundamental concepts and principles of blockchain based cybersecurity for cyber-physical systems. It guides the reader through the core ideas with expert ease.Blockchain technology has infiltrated all areas of our lives, from manufacturing to healthcare and beyond. Cybersecurity is an industry that has been significantly affected by this technology, and maybe more so in the future. This book covers various case studies and applications of blockchain in various cyber-physical fields, such as smart cities, IoT, healthcare, manufacturing, onlinefraud, etc.This book is one of the first reference books covering the application of blockchain technology for cybersecurity in cyber-physical systems (CPS). Researchers working in the cybersecurity field and advanced-level students studying this field will find this book useful as a reference. Decision-makers, managers and professionals also working in this field will want to purchase this book.

In today¿s digital transformation environments, a rigorous cybersecurity approach to effective risk management ¿ including contingency planning, outlining immediate actions, preparing post-breach responses ¿ is central to defending organizations¿ interconnected computer systems, networks, and infrastructure resources from malicious cyber-attacks.Specifically, cybersecurity technologies, processes, and practices need to be generalized and applied to intrusion detection and prevention measures. This entails analyzing profiles of cyber-attackers and building cyber-attack models for behavior simulation that can effectively counter such attacks. This comprehensive volume aims to cover all essential aspects of cybersecurity in digital transformation and to provide a framework for considering the many objectives and requirements involved. In addition to introducing theoretical foundations, the work also offers practical techniques for defending against malicious cybercriminals.Topics and features:Explores cybersecurity¿s impact on the dynamics of interconnected, complex cyber- and physical systems, infrastructure resources, and networksProvides numerous examples of applications and best practicesConsiders methods that organizations can use to assess their cybersecurity awareness and/or strategyDescribes anomaly intrusion detection, a key tool in thwarting both malware and theft (whether by insiders or external parties) of corporate dataAddresses cyber-attacker profiles, cyber-attack models and simulation, cybersecurity ontology, access-control mechanisms, and policies for handling ransomware attacksDiscusses the NIST Cybersecurity Framework, MITRE Adversarial Tactics, Techniques and Common Knowledge, CIS Critical Security Controls, and the ISA/IEC 62442 Cybersecurity StandardGathering all the relevant information, this practical guide is eminently suitable as a self-study resource for engineers, scientists, computer scientists, and chief information officers. Further, with its many examples of best practices, it can serve as an excellent text for graduate-level courses and research into cybersecurity.Dietmar P. F. Möller, a retired full professor, is affiliated with the Institute for Mathematics at Clausthal University of Technology, Germany. He was an author of several other Springer titles, including Guide to Automotive Connectivity and Cybersecurity.

This book introduces recent research results for cyber deception, a promising field for proactive cyber defense. The beauty and challenge of cyber deception is that it is an interdisciplinary research field requiring study from techniques and strategies to human aspects. This book covers a wide variety of cyber deception research, including game theory, artificial intelligence, cognitive science, and deception-related technology. Specifically, this book addresses three core elements regarding cyber deception: Understanding human¿s cognitive behaviors in decoyed network scenarios Developing effective deceptive strategies based on human¿s behaviorsDesigning deceptive techniques that supports the enforcement of deceptive strategiesThe research introduced in this book identifies the scientific challenges, highlights the complexity and inspires the future research of cyber deception.Researchers working in cybersecurity and advanced-level computer science students focused on cybersecurity will find this book useful as a reference. This book also targets professionals working in cybersecurity.Chapter 'Using Amnesia to Detect Credential Database Breaches' and Chapter 'Deceiving ML-Based Friend-or-Foe Identification for Executables' are available open access under a Creative Commons Attribution 4.0 International License via link.springer.com.

This contributed volume tells the story of the establishment of a cybersecurity awareness framework for organizations, and how it was piloted in two public sector municipal contexts. It presents a clear picture of cybersecurity issues in municipalities and proposes a socio-technical solution for creating cybersecurity awareness, how to build the solution and what the impact is on the municipal contexts. The 9 chapters for this book also provide information regarding the design, the deployment and the evaluation of the technology.This book builds on the success of the European Horizon 2020 research and innovation project CS-AWARE. The research proposes the first cybersecurity situational awareness solution for local public administrations  based on an analysis of the context, provides automatic incident detection and visualization, and enables information exchange with relevant national and EU level authorities involved in legislation and network security.Cybersecurity is one of the most challenging security problems for commercial companies, NGOs, governmental institutions as well as individuals. Reaching beyond the technology focused boundaries of classical information technology (IT) security, cybersecurity includes organizational and behavioral aspects of IT systems and that needs to comply to legal and regulatory framework for cybersecurity. While large corporations might have the resources to follow those developments and bring their IT infrastructure and services in line with the requirements, the burden for smaller organizations like local public administrations will be substantial and the required resources might not be available. New and innovative solutions that would help local public administration to ease the burden of being in line with cybersecurity requirements are needed.This book targets researchers working in cybersecurity, computer scientists, social scientists and advanced level students studying computer science and other related disciplines. Cybersecurity professionals as well as professionals working in local government contexts, including policy makers, communication experts and system administrators will also benefit from this book. 

This book explores new and novel applications of machine learning, deep learning, and artificial intelligence that are related to major challenges in the field of cybersecurity. The provided research goes beyond simply applying AI techniques to datasets and instead delves into deeper issues that arise at the interface between deep learning and cybersecurity.This book also provides insight into the difficult "e;how"e; and "e;why"e; questions that arise in AI within the security domain. For example, this book includes chapters covering "e;explainable AI"e;, "e;adversarial learning"e;, "e;resilient AI"e;, and a wide variety of related topics. It's not limited to any specific cybersecurity subtopics and the chapters touch upon a wide range of cybersecurity domains, ranging from malware to biometrics and more.Researchers and advanced level students working and studying in the fields of cybersecurity (equivalently, information security) or artificial intelligence (including deep learning, machine learning, big data, and related fields) will want to purchase this book as a reference. Practitioners working within these fields will also be interested in purchasing this book.

This book addresses automated software fingerprinting in binary code, especially for cybersecurity applications.

This book provides the state-of-the-art development on security and privacy for fog/edge computing, together with their system architectural support and applications. This book is organized into five parts with a total of 15 chapters. Each area corresponds to an important snapshot. The first part of this book presents an overview of fog/edge computing, focusing on its relationship with cloud technology and the future with the use of 5G communication. Several applications of edge computing are discussed. The second part of this book considers several security issues in fog/edge computing, including the secure storage and search services, collaborative intrusion detection method on IoT-fog computing, and the feasibility of deploying Byzantine agreement protocols in untrusted environments. The third part of this book studies the privacy issues in fog/edge computing. It first investigates the unique privacy challenges in fog/edge computing, and then discusses a privacy-preservingframework for the edge-based video analysis, a popular machine learning application on fog/edge. This book also covers the security architectural design of fog/edge computing, including a comprehensive overview of vulnerabilities in fog/edge computing within multiple architectural levels, the security and intelligent management, the implementation of network-function-virtualization-enabled multicasting in part four. It explains how to use the blockchain to realize security services. The last part of this book surveys applications of fog/edge computing, including the fog/edge computing in Industrial IoT, edge-based augmented reality, data streaming in fog/edge computing, and the blockchain-based application for edge-IoT. This book is designed for academics, researchers and government officials, working in the field of fog/edge computing and cloud computing. Practitioners, and business organizations (e.g., executives, system designers, and marketing professionals), who conduct teaching, research, decision making, and designing fog/edge technology will also benefit from this book The content of this book will be particularly useful for advanced-level students studying computer science, computer technology, and information systems, but also applies to students in business, education, and economics, who would benefit from the information, models, and case studies therein.

This book provides the state-of-the-art development on security and privacy for fog/edge computing, together with their system architectural support and applications. This book is organized into five parts with a total of 15 chapters. Each area corresponds to an important snapshot. The first part of this book presents an overview of fog/edge computing, focusing on its relationship with cloud technology and the future with the use of 5G communication. Several applications of edge computing are discussed. The second part of this book considers several security issues in fog/edge computing, including the secure storage and search services, collaborative intrusion detection method on IoT-fog computing, and the feasibility of deploying Byzantine agreement protocols in untrusted environments. The third part of this book studies the privacy issues in fog/edge computing. It first investigates the unique privacy challenges in fog/edge computing, and then discusses a privacy-preservingframework for the edge-based video analysis, a popular machine learning application on fog/edge. This book also covers the security architectural design of fog/edge computing, including a comprehensive overview of vulnerabilities in fog/edge computing within multiple architectural levels, the security and intelligent management, the implementation of network-function-virtualization-enabled multicasting in part four. It explains how to use the blockchain to realize security services. The last part of this book surveys applications of fog/edge computing, including the fog/edge computing in Industrial IoT, edge-based augmented reality, data streaming in fog/edge computing, and the blockchain-based application for edge-IoT. This book is designed for academics, researchers and government officials, working in the field of fog/edge computing and cloud computing. Practitioners, and business organizations (e.g., executives, system designers, and marketing professionals), who conduct teaching, research, decision making, and designing fog/edge technology will also benefit from this book The content of this book will be particularly useful for advanced-level students studying computer science, computer technology, and information systems, but also applies to students in business, education, and economics, who would benefit from the information, models, and case studies therein.

This book provides a comprehensive overview of the key concerns as well as research challenges in designing secure and resilient Industrial Control Systems (ICS). It will discuss today's state of the art security architectures and couple it with near and long term research needs that compare to the baseline. It will also establish all discussions to generic reference architecture for ICS that reflects and protects high consequence scenarios.Significant strides have been made in making industrial control systems secure. However, increasing connectivity of ICS systems with commodity IT devices and significant human interaction of ICS systems during its operation regularly introduces newer threats to these systems resulting in ICS security defenses always playing catch-up. There is an emerging consensus that it is very important for ICS missions to survive cyber-attacks as well as failures and continue to maintain a certain level and quality of service. Suchresilient ICS design requires one to be proactive in understanding and reasoning about evolving threats to ICS components, their potential effects on the ICS mission¿s survivability goals, and identify ways to design secure resilient ICS systems.This book targets primarily educators and researchers working in the area of ICS and Supervisory Control And Data Acquisition (SCADA) systems security and resiliency. Practitioners responsible for security deployment, management and governance in ICS and SCADA systems would also find this book useful. Graduate students will find this book to be a good starting point for research in this area and a reference source.

This book provides a comprehensive review of the most up to date research related to cloud security auditing and discusses auditing the cloud infrastructure from the structural point of view, while focusing on virtualization-related security properties and consistency between multiple control layers.

This book provides a comprehensive overview of the key concerns as well as research challenges in designing secure and resilient Industrial Control Systems (ICS). It will discuss today's state of the art security architectures and couple it with near and long term research needs that compare to the baseline. It will also establish all discussions to generic reference architecture for ICS that reflects and protects high consequence scenarios.Significant strides have been made in making industrial control systems secure. However, increasing connectivity of ICS systems with commodity IT devices and significant human interaction of ICS systems during its operation regularly introduces newer threats to these systems resulting in ICS security defenses always playing catch-up. There is an emerging consensus that it is very important for ICS missions to survive cyber-attacks as well as failures and continue to maintain a certain level and quality of service. Such resilient ICS design requires one to be proactive in understanding and reasoning about evolving threats to ICS components, their potential effects on the ICS mission's survivability goals, and identify ways to design secure resilient ICS systems.This book targets primarily educators and researchers working in the area of ICS and Supervisory Control And Data Acquisition (SCADA) systems security and resiliency. Practitioners responsible for security deployment, management and governance in ICS and SCADA systems would also find this book useful. Graduate students will find this book to be a good starting point for research in this area and a reference source.

This book offers a novel approach to data privacy by unifying side-channel attacks within a general conceptual framework. Next, the book explores privacy-preserving traffic padding in Web applications, first via a model to quantify privacy and cost and then by introducing randomness to provide background knowledge-resistant privacy guarantee.

The second section covers the formal verification of the security and resiliency of smart grid control systems by using a formal model to analyze attack evasions on state estimation, a core control module of the supervisory control system in smart grids.

It examines the necessity of a comprehensive, active cyber denial scheme. The authors explain the organizational implications of integrating D&D with a legacy cyber strategy, and discuss trade-offs, maturity models, and lifecycle management.

This book examines the context, motivation and current status of biometric systems based on the palmprint, with a specific focus on touchless and less-constrained systems.

Conveys general principals of passive (physiological traits such as fingerprint, iris, face) and active (learned and trained behavior such as voice, handwriting and gait) biometric recognition techniques to the reader. This work discusses aspects such as sensor characteristic dependency, and the generation of cryptographic keys from handwriting.

Intended for advanced level students in computer science and mathematics, this key text, now in a brand new edition, provides a survey of recent progress in primality testing and integer factorization, with implications for factoring based public key cryptography.

Chapter 1- Blockchain in Cybersecurity Realm: An Overview.- Chapter 2- Capability-based Non-Fungible Tokens Approach for a Decentralized AAA Framework in IoT.- Chapter 3 - IoT Security, Privacy and Trust in Home-Sharing Economy via Blockchain.- Chapter 4 - Scrybe: A 2nd-Generation Blockchain Technology with Lightweight Mining for Secure Provenance and Related Applications.- Chapter 5 - Blockchain for Efficient Public Key Infrastructure and Fault-Tolerant Distributed Consensus.- Chapter 6 - Secure blockchain-based traffic load balancing using edge computing and reinforcement learning.- Chapter 7- Blockchain Applications in Power Systems: A Bibliometric Analysis.- Chapter 8 - A Systematic Literature Review of Integration of Blockchain and Artificial Intelligence.- Chapter 9 - The Future of Blockchain Technology in Healthcare Internet of Things Security.- Chapter 10 - Secure Healthcare Framework using Blockchain and Public Key Cryptography.- Chapter 11 - Public Blockchains Scalability: An Examination of Sharding and Segregated Witness.- Chapter 12 - Immutable and Secure IP Address Protection using Blockchain.- Chapter 13- On the Application of Financial Security Standards in Blockchain Platforms.- Chapter 14 - Blockchain-based Certification for Education, Employment, and Skill with Incentive Mechanism.

This book provides readers with up-to-date research of emerging cyber threats and defensive mechanisms, which are timely and essential. It covers cyber threat intelligence concepts against a range of threat actors and threat tools (i.e. ransomware) in cutting-edge technologies, i.e., Internet of Things (IoT), Cloud computing and mobile devices. This book also provides the technical information on cyber-threat detection methods required for the researcher and digital forensics experts, in order to build intelligent automated systems to fight against advanced cybercrimes.The ever increasing number of cyber-attacks requires the cyber security and forensic specialists to detect, analyze and defend against the cyber threats in almost real-time, and with such a large number of attacks is not possible without deeply perusing the attack features and taking corresponding intelligent defensive actions - this in essence defines cyber threat intelligence notion. However, such intelligence would not be possible without the aid of artificial intelligence, machine learning and advanced data mining techniques to collect, analyze, and interpret cyber-attack campaigns which is covered in this book. This book will focus on cutting-edge research from both academia and industry, with a particular emphasis on providing wider knowledge of the field, novelty of approaches, combination of tools and so forth to perceive reason, learn and act on a wide range of data collected from different cyber security and forensics solutions. This book introduces the notion of cyber threat intelligence and analytics and presents different attempts in utilizing machine learning and data mining techniques to create threat feeds for a range of consumers. Moreover, this book sheds light on existing and emerging trends in the field which could pave the way for future works. The inter-disciplinary nature of this book, makes it suitable for a wide range of audiences with backgrounds in artificial intelligence, cyber security, forensics, big data and data mining, distributed systems and computer networks. This would include industry professionals, advanced-level students and researchers that work within these related fields.

This book is centered on Smart grids and micro-grids, as a cost-effective method of ensuring fair and equitable access to power in urban areas.

This book provides a comprehensive overview of the fundamental security of Industrial Control Systems (ICSs), including Supervisory Control and Data Acquisition (SCADA) systems and touching on cyber-physical systems in general.

This book explores the future of cyber technologies and cyber operations which will influence advances in social media, cyber security, cyber physical systems, ethics, law, media, economics, infrastructure, military operations and other elements of societal interaction in the upcoming decades.

It presents the subject in a logical, consistent, continuous discourse, covering key topics such as formation of cyber situational awareness, visualization and human factors, automated learning and inference, use of ontologies and metrics, predicting and assessing impact of cyber attacks, and achieving resilience of cyber and physical mission.

This book discusses and summarizes current research issues, identifies challenges, and outlines future directions for proactive and dynamic network defense.

This book provides readers with up-to-date research of emerging cyber threats and defensive mechanisms, which are timely and essential. It covers cyber threat intelligence concepts against a range of threat actors and threat tools (i.e. ransomware) in cutting-edge technologies, i.e., Internet of Things (IoT), Cloud computing and mobile devices. This book also provides the technical information on cyber-threat detection methods required for the researcher and digital forensics experts, in order to build intelligent automated systems to fight against advanced cybercrimes.The ever increasing number of cyber-attacks requires the cyber security and forensic specialists to detect, analyze and defend against the cyber threats in almost real-time, and with such a large number of attacks is not possible without deeply perusing the attack features and taking corresponding intelligent defensive actions ¿ this in essence defines cyber threat intelligence notion. However, such intelligence would not be possible without the aid of artificial intelligence, machine learning and advanced data mining techniques to collect, analyze, and interpret cyber-attack campaigns which is covered in this book. This book will focus on cutting-edge research from both academia and industry, with a particular emphasis on providing wider knowledge of the field, novelty of approaches, combination of tools and so forth to perceive reason, learn and act on a wide range of data collected from different cyber security and forensics solutions. This book introduces the notion of cyber threat intelligence and analytics and presents different attempts in utilizing machine learning and data mining techniques to create threat feeds for a range of consumers. Moreover, this book sheds light on existing and emerging trends in the field which could pave the way for future works. The inter-disciplinary nature of this book, makes it suitable for a wide range of audiences with backgrounds in artificial intelligence, cyber security, forensics, big data and data mining, distributed systems and computer networks. This would include industry professionals, advanced-level students and researchers that work within these related fields.

This book features a wide spectrum of the latest computer science research relating to cyber warfare, including military and policy dimensions. Cyber Warfare: Building the Scientific Foundation targets researchers and practitioners working in cyber security, especially government employees or contractors.