Search

Browse Subject Areas

For Authors

Submit a Proposal

Cyber Security and Digital Forensics

Challenges and Future Trends
Edited by Mangesh M. Ghonge, Sabyasachi Pramanik, Ramchandra Mangrulkar, and Dac-Nhuong Le
Series: Advances in Cyber Security
Copyright: 2022   |   Status: Published
ISBN: 9781119795636  |  Hardcover  |  
388 pages
Price: $225 USD
Add To Cart

One Line Description
Written and edited by a team of world renowned experts in the field, this groundbreaking new volume covers key technical topics and gives readers a comprehensive understanding of the latest research findings in cyber security and digital forensics.

Audience
Practitioners, consultants, engineers, academics, and other professionals working in the areas of cyber analysis, cyber security, homeland security, national defense, the protection of national critical infrastructures, cyber-crime, cyber vulnerabilities, cyber-attacks related to network systems, cyber threat reduction planning, and those who provide leadership in cyber security management both in public and private sectors

Description
Current cyber threats are getting more complicated and advanced with the rapid evolution of adversarial techniques. Networked computing and portable electronic devices have broadened the role of digital forensics beyond traditional investigations into computer crime. The overall increase in the use of computers as a way of storing and retrieving high-security information requires appropriate security measures to protect the entire computing and communication scenario worldwide. Further, with the introduction of the internet and its underlying technology, facets of information security are becoming a primary concern to protect networks and cyber infrastructures from various threats.

This groundbreaking new volume, written and edited by a wide range of professionals in this area, covers broad technical and socio-economic perspectives for the utilization of information and communication technologies and the development of practical solutions in cyber security and digital forensics. Not just for the professional working in the field, but also for the student or academic on the university level, this is a must-have for any library.

Back to Top
Author / Editor Details
Mangesh M. Ghonge, PhD, is currently working at Sandip Institute of Technology and Research Center, Nashik, Maharashtra, India. He authored or co-authored more than 60 published articles in prestigious journals, book chapters, and conference papers. He is also the author or editor of ten books and has organized and chaired many national and international conferences.

Sabyasachi Pramanik, PhD, is an assistant professor in the Department of Computer Science and Engineering, Haldia Institute of Technology, India. He earned his doctorate in computer science and engineering from the Sri Satya Sai University of Technology and Medical Sciences, Bhopal, India. He has many publications in various reputed international conferences, journals, and online book chapter contributions and is also serving as the editorial board member of many international journals. He is a reviewer of journal articles in numerous technical journals and has been a keynote speaker, session chair and technical program committee member in many international conferences. He has authored a book on wireless sensor networks and is currently editing six books for multiple publishers, including Scrivener Publishing.

Ramchandra Mangrulkar, PhD, is an associate professor in the Department of Computer Engineering at SVKM’s Dwarkadas J. Sanghvi College of Engineering, Mumbai, Maharashtra, India. He has published 48 papers and 12 book chapters and presented significant papers at technical conferences. He has also chaired many conferences as a session chair and conducted various workshops and is also a ICSI-CNSS Certified Network Security Specialist. He is an active member on boards of studies in various universities and institutes in India.

Dac-Nhuong Le, PhD, is an associate professor and associate dean at Haiphong University, Vietnam. He earned his MSc and PhD in computer science from Vietnam National University, and he has over 20 years of teaching experience. He has over 50 publications in reputed international conferences, journals and online book chapter contributions and has chaired numerous international conferences. He has served on numerous editorial boards for scientific and technical journals and has authored or edited over 15 books by various publishers, including Scrivener Publishing.

Back to Top

Table of Contents
Preface
1. A Comprehensive Study of Security Issues and Research Challenges in Different Layers of Service-Oriented IoT Architecture
Ankur O. Bang, Udai Pratap Rao and Amit A. Bhusari
1.1 Introduction and Related Work
1.2 IoT: Evolution, Applications and Security Requirements
1.2.1 IoT and Its Evolution
1.2.2 Different Applications of IoT
1.2.3 Different Things in IoT
1.2.4 Security Requirements in IoT
1.3 Service-Oriented IoT Architecture and IoT Protocol Stack
1.3.1 Service-Oriented IoT Architecture
1.3.2 IoT Protocol Stack
1.3.2.1 Application Layer Protocols
1.3.2.2 Transport Layer Protocols
1.3.2.3 Network Layer Protocols
1.3.2.4 Link Layer and Physical Layer Protocols
1.4 Anatomy of Attacks on Service-Oriented IoT Architecture
1.4.1 Attacks on Software Service
1.4.1.1 Operating System–Level Attacks
1.4.1.2 Application-Level Attacks
1.4.1.3 Firmware-Level Attacks
1.4.2 Attacks on Devices
1.4.3 Attacks on Communication Protocols
1.4.3.1 Attacks on Application Layer Protocols
1.4.3.2 Attacks on Transport Layer Protocols
1.4.3.3 Attacks on Network Layer Protocols
1.4.3.4 Attacks on Link and Physical Layer Protocols
1.5 Major Security Issues in Service-Oriented IoT Architecture
1.5.1 Application – Interface Layer
1.5.2 Service Layer
1.5.3 Network Layer
1.5.4 Sensing Layer
1.6 Conclusion
References
2. Quantum and Post-Quantum Cryptography
Om Pal, Manoj Jain, B.K. Murthy and Vinay Thakur
2.1 Introduction
2.2 Security of Modern Cryptographic Systems
2.2.1 Classical and Quantum Factoring of A Large Number
2.2.2 Classical and Quantum Search of An Item
2.3 Quantum Key Distribution
2.3.1 BB84 Protocol
2.3.1.1 Proposed Key Verification Phase for BB84
2.3.2 E91 Protocol
2.3.3 Practical Challenges of Quantum Key Distribution
2.3.4 Multi-Party Quantum Key Agreement Protocol
2.4 Post-Quantum Digital Signature
2.4.1 Signatures based on Lattice Techniques
2.4.2 Signatures based on Multivariate Quadratic Techniques
2.4.3 Hash-Based Signature Techniques
2.5 Conclusion and Future Directions
References
3. Artificial Neural Network Applications in Analysis of Forensic Science
K.R. Padma and K.R. Don
3.1 Introduction
3.2 Digital Forensic Analysis Knowledge
3.3 Answer Set Programming in Digital Investigations
3.4 Data Science Processing with Artificial Intelligence Models
3.5 Pattern Recognition Techniques
3.6 ANN Applications
3.7 Knowledge on Stages of Digital Forensic Analysis
3.8 Deep Learning and Modelling
3.9 Conclusion
References
4. A Comprehensive Survey of Fully Homomorphic Encryption from Its Theory to Applications
Rashmi Salavi, Dr. M. M. Math and Dr. U. P. Kulkarni
4.1 Introduction
4.2 Homomorphic Encryption Techniques
4.2.1 Partial Homomorphic Encryption Schemes
4.2.2 Fully Homomorphic Encryption Schemes
4.3 Homomorphic Encryption Libraries
4.4 Computations on Encrypted Data
4.5 Applications of Homomorphic Encryption
4.6 Conclusion
References
5. Understanding Robotics through Synthetic Psychology
Garima Saini and Dr. Shabnam
5.1 Introduction
5.2 Physical Capabilities of Robots
5.2.1 Artificial Intelligence and Neuro Linguistic Programming (NLP)
5.2.2 Social Skill Development and Activity Engagement
5.2.3 Autism Spectrum Disorders
5.2.4 Age-Related Cognitive Decline and Dementia
5.2.5 Improving Psychosocial Outcomes through Robotics
5.2.6 Clients with Disabilities and Robotics
5.2.7 Ethical Concerns and Robotics
5.3 Traditional Psychology, Neuroscience and Future Robotics
5.4 Synthetic Psychology and Robotics: A Vision of the Future
5.5 Synthetic Psychology: The Foresight
5.6 Synthetic Psychology and Mathematical Optimization
5.7 Synthetic Psychology and Medical Diagnosis
5.7.1 Virtual Assistance and Robotics
5.7.2 Drug Discovery and Robotics
5.8 Conclusion
References
6. An Insight into Digital Forensics: History, Frameworks, Types and Tools
G Maria Jones and S Godfrey Winster
6.1 Overview
6.2 Digital Forensics
6.2.1 Why Do We Need Forensics Process?
6.2.2 Forensics Process Principles
6.3 Digital Forensics History
6.3.1 1985 to 1995
6.3.2 1995 to 2005
6.3.3 2005 to 2015
6.4 Evolutionary Cycle of Digital Forensics
6.4.1 Ad Hoc
6.4.2 Structured Phase
6.4.3 Enterprise Phase
6.5 Stages of Digital Forensics Process
6.5.1 Stage 1 - 1995 to 2003
6.5.2 Stage II - 2004 to 2007
6.5.3 Stage III- 2007 to 2014
6.6 Types of Digital Forensics
6.6.1 Cloud Forensics
6.6.2 Mobile Forensics
6.6.3 IoT Forensics
6.6.4 Computer Forensics
6.6.5 Network Forensics
6.6.6 Database Forensics
6.7 Evidence Collection and Analysis
6.8 Digital Forensics Tools
6.8.1 X-Ways Forensics
6.8.2 SANS Investigative Forensics Toolkit – SIFT
6.8.3 EnCase
6.8.4 The Sleuth Kit/ Autopsy
6.8.5 Oxygen Forensic Suite
6.8.6 Xplico
6.8.7 Computer Online Forensic Evidence Extractor (COFEE)
6.8.8 Cellebrite UFED
6.8.9 OSForeniscs
6.8.10 Computer-Aided Investigative Environment (CAINE)
6.9 Summary
References
7. Digital Forensics as a Service: Analysis for Forensic Knowledge
Soumi Banerjee, Anita Patil, Dipti Jadhav and Gautam Borkar
7.1 Introduction
7.2 Objective
7.3 Types of Digital Forensics
7.3.1 Network Forensics
7.3.2 Computer Forensics
7.3.3 Data Forensics
7.3.4 Mobile Forensics
7.3.5 Big Data Forensics
7.3.6 IOT Forensics
7.3.7 Cloud Forensics
7.4 Conclusion
References
8. 4S Framework: A Practical CPS Design Security Assessment & Benchmarking Framework
Neel A. Patel, Dhairya A. Parekh, Yash A. Shah and Ramchandra Mangrulkar1
8.1 Introduction
8.2 Literature Review
8.3 Medical Cyber Physical System (MCPS)
8.3.1 Difference between CPS and MCPS
8.3.2 MCPS Concerns, Potential Threats, Security
8.4 CPSSEC vs. Cyber Security
8.5 Proposed Framework
8.5.1 4S Definitions
8.5.2 4S Framework-Based CPSSEC Assessment Process
8.5.3 4S Framework-Based CPSSEC Assessment Score Breakdown & Formula
8.6 Assessment Hypothetical MCPS Using 4S Assessment
8.6.1 System Description
8.6.2 Use Case Diagram for the Above CPS
8.6.3 Iteration 1 of 4S Assessment
8.6.4 Iteration 2 of 4S Assessment
8.7 Conclusion
8.8 Future Scope
References
9. Ensuring Secure Data Sharing in IoT Domains Using Blockchain
Tawseef Ahmed Teli, Rameez Yousuf and Dawood Ashraf Khan
9.1 IoT and Blockchain
9.1.1 Public
9.1.1.1 Proof of Work (PoW)
9.1.1.2 Proof of Stake (PoS)
9.1.1.3 Delegated Proof of Stake (DPoS)
9.1.2 Private
9.1.3 Consortium or Federated
9.2 IoT Application Domains and Challenges in Data Sharing
9.3 Why Blockchain?
9.4 IoT Data Sharing Security Mechanism On Blockchain
9.4.1 Double-Chain Mode Based On Blockchain Technology
9.4.2 Blockchain Structure Based On Time Stamp
9.5 Conclusion
References
10. A Review of Face Analysis Techniques for Conventional and Forensic Applications
Chethana H.T. and Trisiladevi C. Nagavi
10.1 Introduction
10.2 Face Recognition
10.2.1 Literature Review on Face Recognition
10.2.2 Challenges in Face Recognition
10.2.3 Applications of Face Recognition
10.3 Forensic Face Recognition
10.3.1 Literature Review on Face Recognition for Forensics
10.3.2 Challenges of Face Recognition in Forensics
10.3.3 Possible Datasets Used for Forensic Face Recognition
10.3.4 Fundamental Factors for Improving Forensics Science
10.3.5 Future Perspectives
10.4 Conclusion
References
11. Roadmap of Digital Forensics Investigation Process with Discovery of Tools
Anita Patil, Soumi Banerjee, Dipti Jadhav and Gautam Borkar
11.1 Introduction
11.2 Phases of Digital Forensics Process
11.2.1 Phase I - Identification
11.2.2 Phase II - Acquisition and Collection
11.2.3 Phase III - Analysis and Examination
11.2.4 Phase IV - Reporting
11.3 Analysis of Challenges and Need of Digital Forensics
11.3.1 Digital Forensics Process has following Challenges
11.3.2 Needs of Digital Forensics Investigation
11.3.3 Other Common Attacks Used to Commit the Crime
11.4 Appropriateness of Forensics Tool
11.4.1 Level of Skill
11.4.2 Outputs
11.4.3 Region of Emphasis
11.4.4 Support for Additional Hardware
11.5 Phase-Wise Digital Forensics Techniques
11.5.1 Identification
11.5.2 Acquisition
11.5.3 Analysis
11.5.3.1 Data Carving
11.5.3.2 Different Curving Techniques
11.5.3.3 Volatile Data Forensic Toolkit Used to Collect and Analyze the Data from Device
11.5.4 Report Writing
11.6 Pros and Cons of Digital Forensics Investigation Process
11.6.1 Advantages of Digital Forensics
11.6.2 Disadvantages of Digital Forensics
11.7 Conclusion
References
12. Utilizing Machine Learning and Deep Learning in Cybersecurity: An Innovative Approach
Dushyant Kaushik, Muskan Garg, Annu, Ankur Gupta and Sabyasachi Pramanik
12.1 Introduction
12.1.1 Protections of Cybersecurity
12.1.2 Machine Learning
12.1.3 Deep Learning
12.1.4 Machine Learning and Deep Learning: Similarities and Differences
12.2 Proposed Method
12.2.1 The Dataset Overview
12.2.2 Data Analysis and Model for Classification
12.3 Experimental Studies and Outcomes Analysis
12.3.1 Metrics on Performance Assessment
12.3.2 Result and Outcomes
12.3.2.1 Issue 1: Classify the Various Categories of Feedback Related to the Malevolent Code Provided
12.3.2.2 Issue 2: Recognition of the Various Categories of Feedback Related to the Malware Presented
12.3.2.3 Issue 3: According to the Malicious Code, Distinguishing Various Forms
of Malware
12.3.2.4 Issue 4: Detection of Various Malware Styles Based on Different Responses
12.3.3 Discussion
12.4 Conclusions and Future Scope
References
13. Applications of Machine Learning Techniques in the Realm of Cybersecurity
Koushal Kumar and Bhagwati Prasad Pande
13.1 Introduction
13.2 A Brief Literature Review
13.3 Machine Learning and Cybersecurity: Various Issues
13.3.1 Effectiveness of ML Technology in Cybersecurity Systems
13.3.2 Machine Learning Problems and Challenges in Cybersecurity
13.3.2.1 Lack of Appropriate Datasets
13.3.2.2 Reduction in False Positives and False Negatives
13.2.2.3 Adversarial Machine Learning
13.3.2.4 Lack of Feature Engineering Techniques
13.3.2.5 Context-Awareness in Cybersecurity
13.3.3 Is Machine Learning Enough to Stop Cybercrime?
13.4 ML Datasets and Algorithms Used in Cybersecurity
13.4.1 Study of Available ML-Driven Datasets Available for Cybersecurity
13.4.1.1 KDD Cup 1999 Dataset (DARPA1998)
13.4.1.2 NSL-KDD Dataset
13.4.1.3 ECML-PKDD 2007 Discovery Challenge Dataset
13.4.1.4 Malicious URL’s Detection Dataset
13.4.1.5 ISOT (Information Security and Object Technology) Botnet Dataset
13.4.1.6 CTU-13 Dataset
13.4.1.7 MAWILab Anomaly Detection Dataset
13.4.1.8 ADFA-LD and ADFA-WD Datasets
13.4.2 Applications ML Algorithms in Cybersecurity Affairs
13.4.2.1 Clustering
13.4.2.2 Support Vector Machine (SVM)
13.4.2.3 Nearest Neighbor (NN)
13.4.2.4 Decision Tree
13.4.2.5 Dimensionality Reduction
13.5 Applications of Machine Learning in the Realm of Cybersecurity
13.5.1 Facebook Monitors and Identifies Cybersecurity Threats with ML
13.5.2 Microsoft Employs ML for Security
13.5.3 Applications of ML by Google
13.6 Conclusions
References
14. Security Improvement Technique for Distributed Control System (DCS) and Supervisory Control-Data Acquisition (SCADA) Using Blockchain at Dark Web Platform
Anand Singh Rajawat, Romil Rawat and Kanishk Barhanpurkar
14.1 Introduction
14.2 Significance of Security Improvement in DCS and SCADA
14.3 Related Work
14.4 Proposed Methodology
14.4.1 Algorithms Used for Implementation
14.4.2 Components of a Blockchain
14.4.3 MERKLE Tree
14.4.4 The Technique of Stack and Work Proof
14.4.5 Smart Contracts
14.5 Result Analysis
14.6 Conclusion
References
15. Recent Techniques for Exploitation and Protection of Common Malicious Inputs to Online Applications
Dr. Tun Myat Aung and Ni Ni Hla
15.1 Introduction
15.2 SQL Injection
15.2.1 Introduction
15.2.2 Exploitation Techniques
15.2.2.1 In-Band SQL Injection
15.2.2.2 Inferential SQL Injection
15.2.2.3 Out-of-Band SQL Injection
15.2.3 Causes of Vulnerability
15.2.4 Protection Techniques
15.2.4.1 Input Validation
15.2.4.2 Data Sanitization
15.2.4.3 Use of Prepared Statements
15.2.4.4 Limitation of Database Permission
15.2.4.5 Using Encryption
15.3 Cross Site Scripting
15.3.1 Introduction
15.3.2 Exploitation Techniques
15.3.2.1 Reflected Cross Site Scripting
15.3.2.2 Stored Cross Site Scripting
15.3.2.3 DOM-based Cross Site Scripting
15.3.3 Causes of Vulnerability
15.3.4 Protection Techniques
15.3.4.1 Data Validation
15.3.4.2 Data Sanitization
15.3.4.3 Escaping on Output
15.3.4.4 Use of Content Security Policy
15.4 Cross Site Request Forgery
15.4.1 Introduction
15.4.2 Exploitation Techniques
15.4.2.1 HTTP Request with GET Method
15.4.2.2 HTTP Request with POST Method
15.4.3 Causes of Vulnerability
15.4.3.1 Session Cookie Handling Mechanism
15.4.3.2 HTML Tag
15.4.3.3 Browser’s View Source Option
15.4.3.4 GET and POST Method
15.4.4 Protection Techniques 351
15.4.4.1 Checking HTTP Referer
15.4.4.2 Using Custom Header
15.4.4.3 Using Anti-CSRF Tokens
15.4.4.4 Using a Random Value for each Form Field
15.4.4.5 Limiting the Lifetime of Authentication Cookies
15.5 Command Injection
15.5.1 Introduction
15.5.2 Exploitation Techniques
15.5.3 Causes of Vulnerability
15.5.4 Protection Techniques 15.6 File Inclusion
15.6 File Inclusion
15.6.1 Introduction
15.6.2 Exploitation Techniques
15.6.2.1 Remote File Inclusion
15.6.2.2 Local File Inclusion
15.6.3 Causes of Vulnerability
15.6.4 Protection Techniques
15.7 Conclusion
References
16. Ransomware: Threats, Identification and Prevention
Sweta Thakur, Sangita Chaudhari and Bharti Joshi
16.1 Introduction
16.2 Types of Ransomwares
16.2.1 Locker Ransomware
16.2.1.1 Reveton Ransomware
16.2.1.2 Locky Ransomware
16.2.1.3 CTB Locker Ransomware
16.2.1.4 TorrentLocker Ransomware
16.2.2 Crypto Ransomware
16.2.2.1 PC Cyborg Ransomware
16.2.2.2 OneHalf Ransomware
16.2.2.3 GPCode Ransomware
16.2.2.4 CryptoLocker Ransomware
16.2.2.5 CryptoDefense Ransomware
16.2.2.6 CryptoWall Ransomware
16.2.2.7 TeslaCrypt Ransomware
16.2.2.8 Cerber Ransomware
16.2.2.9 Jigsaw Ransomware
16.2.2.10 Bad Rabbit Ransomware
16.2.2.11 WannaCry Ransomware
16.2.2.12 Petya Ransomware
16.2.2.13 Gandcrab Ransomware
16.2.2.14 Rapid Ransomware
16.2.2.15 Ryuk Ransomware
16.2.2.16 Lockergoga Ransomware
16.2.2.17 PewCrypt Ransomware
16.2.2.18 Dhrama/Crysis Ransomware
16.2.2.19 Phobos Ransomware
16.2.2.20 Malito Ransomware
16.2.2.21 LockBit Ransomware
16.2.2.22 GoldenEye Ransomware
16.2.2.23 REvil or Sodinokibi Ransomware
16.2.2.24 Nemty Ransomware
16.2.2.25 Nephilim Ransomware
16.2.2.26 Maze Ransomware
16.2.2.27 Sekhmet Ransomware
16.2.3 MAC Ransomware
16.2.3.1 KeRanger Ransomware
16.2.3.2 Go Pher Ransomware
16.3.2.3 FBI Ransom Ransomware
16.3.2.4 File Coder
16.3.2.5 Patcher
16.3.2.6 ThiefQuest Ransomware
16.3.2.7 Keydnap Ransomware
16.3.2.8 Bird Miner Ransomware
16.3 Ransomware Life Cycle
16.4 Detection Strategies
16.4.1 UNEVIL
16.4.2 Detecting File Lockers
16.4.3 Detecting Screen Lockers
16.4.4 Connection-Monitor and Connection-Breaker Approach
16.4.5 Ransomware Detection by Mining API Call Usage
16.4.6 A New Static-Based Framework for Ransomware Detection
16.4.7 White List-Based Ransomware Real-time Detection Prevention (WRDP)
16.5 Analysis of Ransomware
16.5.1 Static Analysis
16.5.2 Dynamic Analysis
16.6 Prevention Strategies
16.6.1 Access Control
16.6.2 Recovery After Infection
16.6.3 Trapping Attacker
16.7 Ransomware Traits Analysis
16.8 Research Directions
16.9 Conclusion
References
Index

Back to Top



Description
Author/Editor Details
Table of Contents
Bookmark this page