Emerging Trends in ICT Security

Acknowledgments

Review Board

About the Editors

List of Contributors

Preface

Part 1: Information and Systems Security

Theory/Reviews of the Field

Chapter 1. System Security Engineering for Information Systems

Information in this chapter

Introduction

System security engineering history

Established system security engineering methods, processes, and tools

Modern and emerging system security engineering methods, processes, and tools

Conclusion

Recommendations

Disclaimer

Acknowledgments

References

Further reading

Chapter 2. Metrics and Indicators as Key Organizational Assets for ICT Security Assessment

Information in this chapter

Introduction

GOCAME strategy overview

Security evaluation for a web system: A proof of concept

Related work

Conclusion and future work

References

Chapter 3. A Fresh Look at Semantic Natural Language Information Assurance and Security: NL IAS from Watermarking and Downgrading to Discovering Unintended Inferences and Situational Conceptual Defaults

Information in this chapter

Introduction

Early breakthrough in NL IAS

A sketch of ontological semantic technology

Mature semantic NL IAS

Summary

Acknowledgments

References

Methods

Chapter 4. An Approach to Facilitate Security Assurance for Information Sharing and Exchange in Big-Data Applications

Information in this chapter

Introduction

UML extensions for XML security

Extensions for policy modeling and integration

Integrating local security policies into a global security policy

Related work

Conclusion

References

Chapter 5. Gamification of Information Security Awareness Training

Information in this chapter

Introduction

Literature review

Gamification system

Conclusion and future plans

Acknowledgments

References

Chapter 6. A Conceptual Framework for Information Security Awareness, Assessment, and Training

Information in this chapter

Introduction

Background and literature

Human factors and information security

Information security learning continuum

Dimensions of information security awareness

A field study

Concluding remarks

References

Further Reading

Chapter 7. Security Projects for Systems and Networking Professionals

Information in this chapter

Introduction

Background

Cryptography

Wireless network security

Conclusion

References

Further Reading

Case Study

Chapter 8. Assessing the Role of Governments in Securing E-Business: The Case of Jordan

Information in this chapter

Introduction

Literature review

Security in Jordan’s E-business initiatives: An analysis

Conclusion and recommendations

References

Part 2: Network and Infrastructure Security

Theory Reviews of the Field

Chapter 9. A Survey of Quantum Key Distribution (QKD) Technologies

Information in this chapter

Cryptography

Quantum key distribution

Quantum key distribution systems

The future of QKD

A military QKD usage scenario

Conclusion

Disclaimer

Acknowledgments

References

Chapter 10. Advances in Self-Security of Agent-Based Intrusion Detection Systems

Information in this chapter

Introduction

Overview

Framework for self-security, self-reliability and self-integrity of agent-based IDSs

Prototyping and extending IDS-NIDIA

Tests

Related works

Conclusion

Acknowledgments

References

Further reading

Chapter 11. Secure Communication in Fiber-Optic Networks

Information in this chapter

Introduction

Confidentiality

Privacy and optical steganography

Availability

Summary

References

Methods

Chapter 12. Advanced Security Network Metrics

Information in this chapter

Introduction

Related work

Method description

Metrics definition

Description of experiments

Results of experiments

Conclusion

References

Chapter 13. Designing Trustworthy Software Systems Using the NFR Approach

Information in this chapter

Introduction

The NFR approach

The Phoenix system and trustworthiness deficit

Application of the NFR approach for designing a trustworthy Phoenix system

Validation and lessons learned

Summary

Acknowledgments

References

Chapter 14. Analyzing the Ergodic Secrecy Rates of Cooperative Amplify-and-Forward Relay Networks over Generalized Fading Channels

Information in this chapter

Introduction

Secure cooperative wireless communications

Computational results

Conclusion

Appendix

References

Chapter 15. Algebraic Approaches to a Network-Type Private Information Retrieval

Information in this chapter

Introduction

The data processing scheme and statement of the problem

Algorithmic description of the solution

Algebraic description of the solution

Conclusion

Summary

References

Chapter 16. Using Event Reasoning for Trajectory Tracking

Information in this chapter

Introduction

Example

Event model

Scenario adapts

Event functions and inference rules

Experiments

Summary

Acknowledgments

References

Chapter 17. Resource-Efficient Multi-Source Authentication Utilizing Split-Join One-Way Key Chain

Information in this chapter

Introduction

Related works

Methodology

Conclusion

Acknowledgments

References

Chapter 18. Real-time Network Intrusion Detection Using Hadoop-Based Bayesian Classifier

Information in this chapter

Introduction

Overview on Hadoop based technologies

Survey of Intrusion Detection Systems

Hadoop-based real-time Intrusion Detection: System architecture

Practical application scenario and system evaluation

Summary

References

Chapter 19. Optimum Countermeasure Portfolio Selection: A Knapsack Approach

Information in this chapter

Introduction

The Knapsack problem and a dynamic programming solution

Problem description

The proposed binary knapsack-based approach and its dynamic programming algorithm

Computational example and comparison

Conclusion

References

Chapter 20. CSRF and Big Data: Rethinking Cross-Site Request Forgery in Light of Big Data

Information in this chapter

Introduction

SOP and CSRF

Motivation and related work

Defenses against CSRF: Server and browser Sides

Experiment results: CSRF in social media and networking sites

Analysis of test framework with popular Web/URL scanning tools

Conclusions and future work

References

Chapter 21. Security through Emulation-Based Processor Diversification

Information in this chapter

Introduction

Background and challenges

Proposed security approach

A case study: Web server

Experimentation and results

Discussion

Conclusions and future work

Acknowledgments

References

Chapter 22. On the Use of Unsupervised Techniques for Fraud Detection in VoIP Networks

Information in this chapter

Introduction

Background

Signature-based fraud detection

Experiments

Conclusion

References

Part 3: Mobile and Cloud Computing

Reviews of the Field

Chapter 23. Emerging Security Challenges in Cloud Computing, from Infrastructure-Based Security to Proposed Provisioned Cloud Infrastructure

Information in this chapter

Introduction

Background

Infrastructure security

Cloud service models

Provisioned access control infrastructure (DACI)

Conclusion

References

Methods

Chapter 24. Detection of Intent-Based Vulnerabilities in Android Applications

Information in this chapter

Introduction

Comparison to related work

Model definition and notations

Vulnerability modeling

Security testing methodology

Implementation and experimentation

Conclusion

Acknowledgments

References

Part 4: Cyber Crime and Cyber Terrorism

Theory

Chapter 25. A Quick Perspective on the Current State in Cybersecurity

Information in this chapter

Introduction

The scope of cybersecurity

Contributions

Understanding the scope of cybersecurity

Malware, the infectious disease, and phishing, the fraud

Vulnerabilities: The long exploitable holes

Data breach: A faulty containment

Cyber-war, the latest war front

Lessons learned

References

Chapter 26. A Paradigm Shift in Cyberspace Security

Information in this chapter

Introduction

Cyber-terrorism

A security paradigm shift in cyberspace

Intelligent agents in security auditing

Summary

References

Methods

Chapter 27. Counter Cyber Attacks By Semantic Networks

Information in this chapter

Introduction

Related work

Methodology

Experiments

Conclusion and future work

Acknowledgments

References

Chapter 28. Man-in-the-Browser Attacks in Modern Web Browsers

Information in this chapter

Introduction

Browser architecture

Man-in-the-browser attacks on different layers

Countermeasures

Conclusion

References

Chapter 29. Improving Security in Web Sessions: Special Management of Cookies

Information in this chapter

Introduction

Related work

Proposed mechanism for web session management

Implementation and experiments

Conclusion and further work

References

Chapter 30. Leveraging Semantic Web Technologies for Access Control

Information in this chapter

Introduction

Implementing RBAC with ontologies

Semantically extending the XACML attribute model

Ontology-based context awareness

Ontological specification of user preferences

Semantic access control in online social networks

DEMONS ontological access control model

Discussion

Acknowledgments

References

Chapter 31. Cyber Security Education: The Merits of Firewall Exercises

Information in this chapter

Introduction

Criteria for firewall education

Evaluation of firewall exercises

Satisfying the criteria

Emerging trends in firewall education

Conclusion

Acknowledgments

References

Case Study

Chapter 32. Surveillance without Borders: The Case of Karen Refugees in Sheffield

Information in this chapter

Introduction

Background

Methodological issues

Analyzing discourse

The hacking incident

“We are Watching You”: Analysis of discourse messages posted

Conclusion

Appendix

References

Further Reading

Part 5: Focus Topics: From Online Radicalisation to Online Financial Crime

Theory

Chapter 33. A Framework for the Investigation and Modeling of Online Radicalization and the Identification of Radicalized Individuals

Information in this chapter

Introduction

Systematic consideration of influencing factors: The radicalization-factor model

Identification of radicalized individuals: Behavioral indicators

Application of the framework

References

Chapter 34. Preventing Terrorism Together: A Framework to Provide Social Media Anti-Radicalization Training for Credible Community Voices

Information in this chapter

Introduction

Online radicalization

Collaboration in counter-terrorism

Credible voices

Conclusion

References

Methods

Chapter 35. Investigating Radicalized Individual Profiles through Fuzzy Cognitive Maps

Information in this chapter

Introduction

The radicalization process: How can it happen?

Investigating radical online profiles: A short overview of existing methods

Fuzzy cognitive mapping of factors for self-radicalization as an alternative approach

Conclusion

References

Chapter 36. Financial Security against Money Laundering: A Survey

Information in this chapter

Money laundering

Anti-money laundering efforts

Estimating the extent of ML

Data mining techniques for ML detection

Conclusion

References

Chapter 37. Intelligent Banking XML Encryption Using Effective Fuzzy Logic

Information in this chapter

Introduction

Literature review

System model and design

Experiments and results

Summary

References

Further Reading

Index